From 4203c02836b82b1c3c8f4b6b0aff6a587dec1c16 Mon Sep 17 00:00:00 2001 From: Clinton Wolfe Date: Thu, 24 Jan 2019 23:12:26 -0500 Subject: [PATCH 1/3] Crude implementation to watch for plugin disable options Signed-off-by: Clinton Wolfe --- lib/inspec/cli.rb | 6 ++++-- lib/inspec/plugin/v2/loader.rb | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/inspec/cli.rb b/lib/inspec/cli.rb index 81efc0e1f8..43adbfc6ef 100644 --- a/lib/inspec/cli.rb +++ b/lib/inspec/cli.rb @@ -378,8 +378,10 @@ def run_command(opts) end end - # Load v2 plugins - v2_loader = Inspec::Plugin::V2::Loader.new + # Load v2 plugins. Manually check for plugin disablement. + omit_core = ARGV.delete('--disable-core-plugins') + omit_user = ARGV.delete('--disable-user-plugins') + v2_loader = Inspec::Plugin::V2::Loader.new(omit_core_plugins: omit_core, omit_user_plugins: omit_user) v2_loader.load_all v2_loader.exit_on_load_error v2_loader.activate_mentioned_cli_plugins diff --git a/lib/inspec/plugin/v2/loader.rb b/lib/inspec/plugin/v2/loader.rb index f25171c2e6..334727c7b8 100644 --- a/lib/inspec/plugin/v2/loader.rb +++ b/lib/inspec/plugin/v2/loader.rb @@ -14,8 +14,10 @@ class Loader def initialize(options = {}) @options = options @registry = Inspec::Plugin::V2::Registry.instance - @conf_file = Inspec::Plugin::V2::ConfigFile.new - read_conf_file_into_registry + unless options[:omit_user_plugins] + @conf_file = Inspec::Plugin::V2::ConfigFile.new + read_conf_file_into_registry + end # Old-style (v0, v1) co-distributed plugins were called 'bundles' # and were located in lib/bundles From 36ce34be98da82b0163bb9e7e20c92bb464144c0 Mon Sep 17 00:00:00 2001 From: Clinton Wolfe Date: Thu, 24 Jan 2019 23:24:07 -0500 Subject: [PATCH 2/3] Passing functional tests for using plugin disable options Signed-off-by: Clinton Wolfe --- test/functional/plugins_test.rb | 40 +++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/test/functional/plugins_test.rb b/test/functional/plugins_test.rb index aaf6b2ced0..e8a5876038 100644 --- a/test/functional/plugins_test.rb +++ b/test/functional/plugins_test.rb @@ -24,6 +24,32 @@ end end +#=========================================================================================# +# Disabling Plugins +#=========================================================================================# +describe 'when disabling plugins' do + include FunctionalHelper + + describe 'when disabling the core plugins' do + it 'should not be able to use core-provided commands' do + run_result = run_inspec_process('--disable-core-plugins habitat') + run_result.stderr.must_include 'Could not find command "habitat".' + # One might think that this should be code 2 (plugin error) + # But because the core plugins are not loaded, 'habitat' is not + # a known command, which makes it a usage error, code 1. + run_result.exit_status.must_equal 1 + end + end + + describe 'when disabling the user plugins' do + it 'should not be able to use user commands' do + run_result = run_inspec_process('--disable-user-plugins meaningoflife answer', env: { INSPEC_CONFIG_DIR: File.join(config_dir_path, 'meaning_by_path') }) + run_result.stderr.must_include 'Could not find command "meaningoflife"' + run_result.exit_status.must_equal 1 + end + end +end + #=========================================================================================# # CliCommand plugin type #=========================================================================================# @@ -62,6 +88,20 @@ #=========================================================================================# # See lib/plugins/inspec-plugin-manager-cli/test +#=========================================================================================# +# Plugin Disable Messaging +#=========================================================================================# +describe 'disable plugin usage message integration' do + include FunctionalHelper + + it "mentions the --disable-{user,core}-plugins options" do + outcome = inspec('help') + ['--disable-user-plugins', '--disable-core-plugins'].each do |option| + outcome.stdout.must_include(option) + end + end +end + #=========================================================================================# # DSL Plugin Support #=========================================================================================# From 5d2934cc5ab12f97c0e30ae120d09b6b1d67f0e8 Mon Sep 17 00:00:00 2001 From: Clinton Wolfe Date: Thu, 24 Jan 2019 23:34:05 -0500 Subject: [PATCH 3/3] Passing help message functional tests for disabling plugins Signed-off-by: Clinton Wolfe --- lib/inspec/cli.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/inspec/cli.rb b/lib/inspec/cli.rb index 43adbfc6ef..805284f033 100644 --- a/lib/inspec/cli.rb +++ b/lib/inspec/cli.rb @@ -32,6 +32,12 @@ class Inspec::InspecCLI < Inspec::BaseCLI class_option :interactive, type: :boolean, desc: 'Allow or disable user interaction' + class_option :disable_core_plugins, type: :string, banner: '', # Actually a boolean, but this suppresses the creation of a --no-disable... + desc: 'Disable loading all plugins that are shipped in the lib/plugins directory of InSpec. Useful in development.' + + class_option :disable_user_plugins, type: :string, banner: '', + desc: 'Disable loading all plugins that the user installed.' + desc 'json PATH', 'read all tests in PATH and generate a JSON summary' option :output, aliases: :o, type: :string, desc: 'Save the created profile to a path'