-
Notifications
You must be signed in to change notification settings - Fork 683
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
inspec-compliance + Compliance 1.0 #576
Conversation
We need to ensure that it also works with older versions. This extension does not work with versions pre-1.0 |
# logs into the server, retrieves a token and stores it locally | ||
def self.login(server, username, password, insecure) | ||
# saves the api token supplied by the user | ||
def self.api_token(server, refresh_token, verify, user, insecure) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should still be able to input username and password
@@ -8,7 +8,8 @@ This extensions offers the following features: | |||
|
|||
To use the CLI, this InSpec add-on adds the following commands: | |||
|
|||
* `$ inspec compliance login user password` - authentication against Chef Compliance | |||
* `$ inspec compliance api_token server --token TOKEN --user USER` - save the Chef Compliance API token for user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this plugin should offer two methods
- handle the complete oauth flow to retrieve a token. that allows the plugin to get a refresh token as well (requires us to setup a specific client/application for inspec)
- take an api token as input
At this point of time, this PR misses a couple of things:
|
I add additions to this PRs to address this |
Thanks @chris-rock for the additions! 👍 Note that when https://github.com/chef/chef-compliance/pull/767 is merged, we should probably (re)introduce another variant. |
This change includes the necessary adaptations for having inspec's compliance plugin work with compliance 1.0.