Merge pull request #99 from chef-cookbooks/vj/update-to-inspec-1.0

update to work with inspec 1.0 json format
chef-boneyard · Sep 26, 2016 · 1046897 · 1046897
2 parents dc0c262 + d06ba30
commit 1046897
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 268 deletions.
diff --git a/attributes/default.rb b/attributes/default.rb
@@ -47,7 +47,7 @@
 default['audit']['fail_if_any_audits_failed'] = false
 
 # inspec gem version to install(e.g. '0.22.1') or 'latest'
-default['audit']['inspec_version'] = '0.34.1'
+default['audit']['inspec_version'] = '1.0.0'
 
 # by default run audit every time
 default['audit']['interval']['enabled'] = false

diff --git a/libraries/collector_classes.rb b/libraries/collector_classes.rb
@@ -17,16 +17,6 @@ def initialize(entity_uuid, run_id, blob)
       @blob = blob
     end
 
-    # Transforms this hash:
-    # {'a1'=>{'a2'=>'a3'},'b1'=>{'b2'=>'b3'}}
-    # in this array:
-    # [{'id'=>'a1','a2'=>'a3'},{'id'=>'b1','b2'=>'b3'}]
-    def hash_to_array(hash)
-      return unless hash.is_a?(Hash)
-      hash.each { |k, v| v['id'] = k }
-      hash.values
-    end
-
     # A control can have multiple tests. Returns 'passed' unless any
     # of the results has a status different than 'passed'
     def control_status(results)
@@ -119,23 +109,16 @@ def enriched_report
       inspec_version = 'unknown'
       # strip the report to leave only the profiles
       final_report['profiles'] = @blob[:reports].map do |_name, content|
-        next unless content.is_a?(Hash) &&
-                    content['profiles'].is_a?(Hash) &&
-                    content['profiles'].values.is_a?(Array)
+        next unless content.is_a?(Hash)
         inspec_version = content['version']
-        total_duration += content['summary']['duration'] if content['summary'].is_a?(Hash)
-        content['profiles'].values.first
+        total_duration += content['statistics']['duration']
+        # reports generated by this cookbook have only one profile
+        content['profiles'][0] if content['profiles'].is_a?(Array)
       end
 
       # remove nil profiles if any
       final_report['profiles'].select! { |p| p }
 
-      # using hash_to_array to remove non-static keys
-      final_report['profiles'].each do |profile|
-        profile['controls'] = hash_to_array(profile['controls'])
-        profile['groups'] = hash_to_array(profile['groups'])
-      end
-
       # add some additional fields to ease report parsing
       final_report['event_type'] = 'inspec'
       final_report['event_action'] = 'exec'
@@ -158,6 +141,7 @@ def send_report
         return false
       end
       json_report = enriched_report
+
       unless json_report
         Chef::Log.warn 'Something went wrong, enriched_report can\'t be nil'
         return false

diff --git a/libraries/report.rb b/libraries/report.rb
@@ -24,15 +24,22 @@ class ComplianceReport < Chef::Resource
       action :execute do
         converge_by "report compliance profiles' results" do
           reports, ownermap = compound_report(profiles)
-
           blob = node_info
           blob[:reports] = reports
-          total_failed = 0
-          blob[:reports].each do |k, _|
-            Chef::Log.info "Summary for #{k} #{blob[:reports][k]['summary'].to_json}" if quiet
-            total_failed += blob[:reports][k]['summary']['failure_count'].to_i
-          end
           blob[:profiles] = ownermap
+          total_failed = reports.map do |_name, report|
+            report['profiles'].map do |profile|
+              profile['controls'].map do |control|
+                if control['results']
+                  control['results'].map do |result|
+                    result['status'] != 'passed' ? 1 : 0
+                  end
+                else
+                  0
+                end
+              end
+            end
+          end.flatten.reduce(:+)
 
           # resolve owner
           o = return_or_guess_owner