Merge pull request #10733 from chef/fix-broken-chef-automate-server-reporter

Signed-off-by: Tim Smith <tsmith@chef.io>
author: Tim Smith <tsmith@chef.io> 2020-12-11 13:10:50 -0800
committer: GitHub <noreply@github.com> 2020-12-11 13:10:50 -0800
commit: 94fcdd4616d00cead931ac289b46240653f4148a (patch)
tree: 66b59a608c0b7b27f3c3fe262ef25a900b6404cb
parent: 8778e809a7b9ac876dac1f1a6c8d1c46257d5e25 (diff)
parent: 380a173a92aa80f6fbd2466b31d8ec4cefb06b1d (diff)
download: chef-94fcdd4616d00cead931ac289b46240653f4148a.tar.gz
3 files changed, 71 insertions, 31 deletions
diff --git a/lib/chef/compliance/reporter/chef_server_automate.rb b/lib/chef/compliance/reporter/chef_server_automate.rb
index be59a4cf69..f0eba27816 100644
--- a/lib/chef/compliance/reporter/chef_server_automate.rb
+++ b/lib/chef/compliance/reporter/chef_server_automate.rb
@@ -7,6 +7,8 @@ class Chef
       # Used to send inspec reports to Chef Automate server via Chef Server
       #
       class ChefServerAutomate < Chef::Compliance::Reporter::Automate
+        attr_reader :url
+
         def initialize(opts)
           @entity_uuid           = opts[:entity_uuid]
           @run_id                = opts[:run_id]
diff --git a/lib/chef/compliance/runner.rb b/lib/chef/compliance/runner.rb
index 677349df3e..8948d9c895 100644
--- a/lib/chef/compliance/runner.rb
+++ b/lib/chef/compliance/runner.rb
@@ -178,6 +178,8 @@ class Chef
 
       # extracts relevant node data
       def node_info
+        chef_server_uri = URI(Chef::Config[:chef_server_url])
+
         runlist_roles = node.run_list.select { |item| item.type == :role }.map(&:name)
         runlist_recipes = node.run_list.select { |item| item.type == :recipe }.map(&:name)
         {
@@ -199,52 +201,61 @@ class Chef
         }
       end
 
-      def send_report(reporter, report)
-        logger.info "Reporting to #{reporter}"
+      def send_report(reporter_type, report)
+        logger.info "Reporting to #{reporter_type}"
+
+        reporter = reporter(reporter_type)
 
-        insecure = node["audit"]["insecure"]
-        run_time_limit = node["audit"]["run_time_limit"]
-        control_results_limit = node["audit"]["control_results_limit"]
+        reporter.send_report(report) if reporter
+      end
 
-        case reporter
+      def reporter(reporter_type)
+        case reporter_type
         when "chef-automate"
           opts = {
+            control_results_limit: node["audit"]["control_results_limit"],
             entity_uuid: node["chef_guid"],
-            run_id: run_id,
+            insecure: node["audit"]["insecure"],
             node_info: node_info,
-            insecure: insecure,
-            run_time_limit: run_time_limit,
-            control_results_limit: control_results_limit,
+            run_id: run_id,
+            run_time_limit: node["audit"]["run_time_limit"],
           }
-          Chef::Compliance::Reporter::Automate.new(opts).send_report(report)
+          Chef::Compliance::Reporter::Automate.new(opts)
         when "chef-server-automate"
-          chef_url = node["audit"]["server"] || base_chef_server_url
-          chef_org = Chef::Config[:chef_server_url].split("/").last
-          if chef_url
-            url = construct_url(chef_url, File.join("organizations", chef_org, "data-collector"))
-            opts = {
-              entity_uuid: node["chef_guid"],
-              run_id: run_id,
-              node_info: node_info,
-              insecure: insecure,
-              url: url,
-              run_time_limit: run_time_limit,
-              control_results_limit: control_results_limit,
-            }
-            Chef::Compliance::Reporter::ChefServer.new(opts).send_report(report)
-          else
-            logger.warn "Unable to determine #{ChefUtils::Dist::Server::PRODUCT} url required by #{Inspec::Dist::PRODUCT_NAME} report collector '#{reporter}'. Skipping..."
-          end
+          opts = {
+            control_results_limit: node["audit"]["control_results_limit"],
+            entity_uuid: node["chef_guid"],
+            insecure: node["audit"]["insecure"],
+            node_info: node_info,
+            run_id: run_id,
+            run_time_limit: node["audit"]["run_time_limit"],
+            url: chef_server_automate_url,
+          }
+          Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
         when "json-file"
           path = node["audit"]["json_file"]["location"]
           logger.info "Writing compliance report to #{path}"
-          Chef::Compliance::Reporter::JsonFile.new(file: path).send_report(report)
+          Chef::Compliance::Reporter::JsonFile.new(file: path)
         when "audit-enforcer"
-          Chef::Compliance::Reporter::ComplianceEnforcer.new.send_report(report)
+          Chef::Compliance::Reporter::ComplianceEnforcer.new
         else
-          logger.warn "#{reporter} is not a supported #{Inspec::Dist::PRODUCT_NAME} report collector"
+          raise "'#{reporter_type}' is not a supported reporter for Compliance Phase."
         end
       end
+
+      def chef_server_automate_url
+        url = if node["audit"]["server"]
+                URI(node["audit"]["server"])
+              else
+                URI(Chef::Config[:chef_server_url]).tap do |u|
+                  u.path = ""
+                end
+              end
+
+        org = Chef::Config[:chef_server_url].split("/").last
+        url.path = File.join(url.path, "organizations/#{org}/data-collector")
+        url
+      end
     end
   end
 end
diff --git a/spec/unit/compliance/runner_spec.rb b/spec/unit/compliance/runner_spec.rb
index 68c8a9553b..f9f3d61dd2 100644
--- a/spec/unit/compliance/runner_spec.rb
+++ b/spec/unit/compliance/runner_spec.rb
@@ -110,4 +110,31 @@ describe Chef::Compliance::Runner do
       runner.warn_for_deprecated_config_values!
     end
   end
+
+  describe "#reporter" do
+    context "chef-server-automate reporter" do
+      it "uses the correct URL when 'server' attribute is set" do
+        Chef::Config[:chef_server_url] = "https://chef_config_url.example.com/my_org"
+        node.normal["audit"]["server"] = "https://server_attribute_url.example.com/application/sub_application"
+
+        reporter = runner.reporter("chef-server-automate")
+
+        expect(reporter).to be_kind_of(Chef::Compliance::Reporter::ChefServerAutomate)
+        expect(reporter.url).to eq(URI("https://server_attribute_url.example.com/application/sub_application/organizations/my_org/data-collector"))
+      end
+
+      it "falls back to chef_server_url for URL when 'server' attribute is not set" do
+        Chef::Config[:chef_server_url] = "https://chef_config_url.example.com/my_org"
+
+        reporter = runner.reporter("chef-server-automate")
+
+        expect(reporter).to be_kind_of(Chef::Compliance::Reporter::ChefServerAutomate)
+        expect(reporter.url).to eq(URI("https://chef_config_url.example.com/organizations/my_org/data-collector"))
+      end
+    end
+
+    it "fails with unexpected reporter value" do
+      expect { runner.reporter("tacos") }.to raise_error(/'tacos' is not a supported reporter for Compliance Phase/)
+    end
+  end
 end
author	Tim Smith <tsmith@chef.io>	2020-12-11 13:10:50 -0800
committer	GitHub <noreply@github.com>	2020-12-11 13:10:50 -0800
commit	94fcdd4616d00cead931ac289b46240653f4148a (patch)
tree	66b59a608c0b7b27f3c3fe262ef25a900b6404cb
parent	8778e809a7b9ac876dac1f1a6c8d1c46257d5e25 (diff)
parent	380a173a92aa80f6fbd2466b31d8ec4cefb06b1d (diff)
download	chef-94fcdd4616d00cead931ac289b46240653f4148a.tar.gz