Skip to content

Could chef-zero please support fetching inspec profiles? #291

New issue
New issue
Open
Open
Could chef-zero please support fetching inspec profiles?#291
@MarkGibbons

Description

@MarkGibbons
MarkGibbons
opened on Mar 15, 2019

I would like to be able to test using the audit cookbook while fetching profiles from the chef server, as in this example. The assumption is made we are simulating a chef-server integrated with chef-automate running under test kitchen.

default['audit']['reporter'] = 'chef-server-automate'
default['audit']['fetcher'] = 'chef-server'
default['audit']['profiles'].push(
  {
    'name': 'ssh',
    'compliance': 'base/ssh'
  }
)

I would like to be able to store the profiles on disk and have chef-zero supply them when requested. Data_bags and how they can be put on disk by specifying the ```ruby
default['audit']['reporter'] = 'chef-server-automate'
default['audit']['fetcher'] = 'chef-server'
default['audit']['profiles'].push(
{
'name': 'ssh',
'compliance': 'base/ssh'
}
)


## Software Version
Tested on ubuntu 16.0.4, chef-zero 14.0.11

## Replication Case
In a recipe:  include_recipe 'audit::default'
In the attributes: 

default[:audit][:reporter] = 'chef-server-automate'
default[:audit][:fetcher] = 'chef-server'
default[:audit][:profiles] = [
  {
    name: 'jvm-spec',
    compliance: "scott.babcock/jvm-spec",
  },
]

## Stacktrace

[2019-03-15T04:01:34+00:00] ERROR: Object does not exist on remote server.
[2019-03-15T04:01:34+00:00] ERROR: Received HTTP error 404
[2019-03-15T04:01:34+00:00] ERROR: Report handler Chef::Handler::AuditReport raised #<RuntimeError: Unable to find requested profile on path: 'chefzero://localhost:1/compliance/organizations/localhost:1/owners/scott.babcock/compliance/jvm-spec/tar' on the Automate system.>
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:102:in download_archive_to_temp' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:152:in temp_archive_path'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:132:in sha256' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb:29:in sha256'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:117:in cache_key' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/cached_fetcher.rb:32:in cache_key'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/cached_fetcher.rb:39:in fetch' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/profile.rb:73:in for_fetcher'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/profile.rb:80:in for_target' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/runner.rb:204:in add_target'
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in block in call' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in each'
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in call' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:81:in report'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:257:in run_report_unsafe' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:99:in run_report_safely'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:123:in block in run_report_handlers' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:121:in each'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:121:in run_report_handlers' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:133:in block in class:Handler'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:445:in block in run_completed_successfully' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:444:in each'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:444:in run_completed_successfully' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:301:in run'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:303:in run_with_graceful_exit_option' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:279:in block in run_chef_client'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/local_mode.rb:44:in with_server_connectivity' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:261:in run_chef_client'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application/client.rb:444:in run_application' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:66:in run'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application/solo.rb:224:in run' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/bin/chef-solo:24:in <top (required)>'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/bin/chef-solo:74:in load' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/bin/chef-solo:74:in

'
- Chef::Handler::AuditReport

## Possible Solution

Data bags and how they can be stored on disk and referenced using the data_bags_path model is the general technique I would look for in a solution.  It looks like like these endpoints would need to be implemented (from the chef-server fetcher in the audit cookbook).


    organizations/#{chef_server_org}/owners/#{o}/compliance/#{p}/version/#{version}/tar
    organizations/#{chef_server_org}/owners/#{o}/compliance/#{p}/tar

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions