Could chef-zero please support fetching inspec profiles? #291

MarkGibbons · 2019-03-15T04:14:50Z

I would like to be able to test using the audit cookbook while fetching profiles from the chef server, as in this example. The assumption is made we are simulating a chef-server integrated with chef-automate running under test kitchen.

default['audit']['reporter'] = 'chef-server-automate'
default['audit']['fetcher'] = 'chef-server'
default['audit']['profiles'].push(
  {
    'name': 'ssh',
    'compliance': 'base/ssh'
  }
)

I would like to be able to store the profiles on disk and have chef-zero supply them when requested. Data_bags and how they can be put on disk by specifying the ```ruby
default['audit']['reporter'] = 'chef-server-automate'
default['audit']['fetcher'] = 'chef-server'
default['audit']['profiles'].push(
{
'name': 'ssh',
'compliance': 'base/ssh'
}
)


## Software Version
Tested on ubuntu 16.0.4, chef-zero 14.0.11

## Replication Case
In a recipe:  include_recipe 'audit::default'
In the attributes: 

default[:audit][:reporter] = 'chef-server-automate'
default[:audit][:fetcher] = 'chef-server'
default[:audit][:profiles] = [
  {
    name: 'jvm-spec',
    compliance: "scott.babcock/jvm-spec",
  },
]

## Stacktrace

[2019-03-15T04:01:34+00:00] ERROR: Object does not exist on remote server.
[2019-03-15T04:01:34+00:00] ERROR: Received HTTP error 404
[2019-03-15T04:01:34+00:00] ERROR: Report handler Chef::Handler::AuditReport raised #<RuntimeError: Unable to find requested profile on path: 'chefzero://localhost:1/compliance/organizations/localhost:1/owners/scott.babcock/compliance/jvm-spec/tar' on the Automate system.>
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:102:in download_archive_to_temp' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:152:in temp_archive_path'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:132:in sha256' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb:29:in sha256'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/fetchers/url.rb:117:in cache_key' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/cached_fetcher.rb:32:in cache_key'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/cached_fetcher.rb:39:in fetch' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/profile.rb:73:in for_fetcher'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/profile.rb:80:in for_target' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/inspec-core-3.7.1/lib/inspec/runner.rb:204:in add_target'
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in block in call' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in each'
[2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:170:in call' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:81:in report'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:257:in run_report_unsafe' [2019-03-15T04:01:34+00:00] ERROR: /tmp/kitchen/cache/cookbooks/audit/files/default/handler/audit_report.rb:99:in run_report_safely'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:123:in block in run_report_handlers' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:121:in each'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:121:in run_report_handlers' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/handler.rb:133:in block in class:Handler'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:445:in block in run_completed_successfully' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:444:in each'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:444:in run_completed_successfully' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/client.rb:301:in run'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:303:in run_with_graceful_exit_option' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:279:in block in run_chef_client'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/local_mode.rb:44:in with_server_connectivity' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:261:in run_chef_client'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application/client.rb:444:in run_application' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application.rb:66:in run'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/lib/chef/application/solo.rb:224:in run' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.11.21/bin/chef-solo:24:in <top (required)>'
[2019-03-15T04:01:34+00:00] ERROR: /opt/chef/bin/chef-solo:74:in load' [2019-03-15T04:01:34+00:00] ERROR: /opt/chef/bin/chef-solo:74:in

'
- Chef::Handler::AuditReport

## Possible Solution

Data bags and how they can be stored on disk and referenced using the data_bags_path model is the general technique I would look for in a solution.  It looks like like these endpoints would need to be implemented (from the chef-server fetcher in the audit cookbook).

    organizations/#{chef_server_org}/owners/#{o}/compliance/#{p}/version/#{version}/tar
    organizations/#{chef_server_org}/owners/#{o}/compliance/#{p}/tar

The text was updated successfully, but these errors were encountered:

MarkGibbons changed the title ~~Could chef-zero please support getting inspec profiles~~ Could chef-zero please support fetching inspec profiles? Mar 15, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Could chef-zero please support fetching inspec profiles? #291

Could chef-zero please support fetching inspec profiles? #291

MarkGibbons commented Mar 15, 2019

Could chef-zero please support fetching inspec profiles? #291

Could chef-zero please support fetching inspec profiles? #291

Comments

MarkGibbons commented Mar 15, 2019