diff options
author | Pete Higgins <pete@peterhiggins.org> | 2020-11-13 16:46:45 -0800 |
---|---|---|
committer | Pete Higgins <pete@peterhiggins.org> | 2020-12-01 16:12:04 -0800 |
commit | eed12b53bded91aeee33de9f9a76b992d2fd9808 (patch) | |
tree | d556aa322ae95dea775f4aecf059f2ff7af46c7f | |
parent | 5cbf53934e3773827a6115e7d2b7ba8a303c221d (diff) | |
download | chef-eed12b53bded91aeee33de9f9a76b992d2fd9808.tar.gz |
Fix waiver code.
Signed-off-by: Pete Higgins <pete@peterhiggins.org>
-rw-r--r-- | lib/chef/audit/runner.rb | 11 | ||||
-rw-r--r-- | spec/unit/audit/runner_spec.rb | 41 |
2 files changed, 37 insertions, 15 deletions
diff --git a/lib/chef/audit/runner.rb b/lib/chef/audit/runner.rb index 2aa5b1bd71..af6eeb82c4 100644 --- a/lib/chef/audit/runner.rb +++ b/lib/chef/audit/runner.rb @@ -61,12 +61,13 @@ class Chef end def inspec_opts - # TODO: this code needs to not call return waivers = Array(audit_attributes["waiver_file"]).select do |file| - return true if File.exist?(file) - - logger.error "The specified InSpec waiver file #{file} is missing, skipping it..." - false + if File.exist?(file) + true + else + logger.error "The specified InSpec waiver file #{file} is missing, skipping it..." + false + end end { diff --git a/spec/unit/audit/runner_spec.rb b/spec/unit/audit/runner_spec.rb index fadfceb3c0..91db3dda91 100644 --- a/spec/unit/audit/runner_spec.rb +++ b/spec/unit/audit/runner_spec.rb @@ -9,19 +9,20 @@ describe Chef::Audit::Runner do end end - describe "#enabled?" do - let(:cookbook_collection) { Chef::CookbookCollection.new } - let(:event_dispatcher) { Chef::EventDispatch::Dispatcher.new } - let(:node) { Chef::Node.new(logger: double(:logger).as_null_object) } - let(:run_context) { Chef::RunContext.new(node, cookbook_collection, event_dispatcher) } - let(:run_status) do - Chef::RunStatus.new(node, event_dispatcher).tap do |rs| - rs.run_context = run_context - end + let(:cookbook_collection) { Chef::CookbookCollection.new } + let(:event_dispatcher) { Chef::EventDispatch::Dispatcher.new } + let(:logger) { double(:logger).as_null_object } + let(:node) { Chef::Node.new(logger: logger) } + let(:run_context) { Chef::RunContext.new(node, cookbook_collection, event_dispatcher) } + let(:run_status) do + Chef::RunStatus.new(node, event_dispatcher).tap do |rs| + rs.run_context = run_context end + end - let(:runner) { test_class.new(run_status) } + let(:runner) { test_class.new(run_status) } + describe "#enabled?" do it "is true if the node attributes have audit profiles and the audit cookbook is not present" do node.default["audit"] = {} node.default["audit"]["profiles"] = {} @@ -60,4 +61,24 @@ describe Chef::Audit::Runner do expect(runner).not_to be_enabled end end + + describe "#inspec_opts" do + it "accepts a string as a waiver file" do + node.default["audit"] = {} + node.default["audit"][:waiver_file] = __FILE__ + + expect(logger).not_to receive(:error) + + expect(runner.inspec_opts[:waiver_file]).to eq([__FILE__]) + end + + it "filters out non-existant waiver files" do + node.default["audit"] = {} + node.default["audit"][:waiver_file] = [__FILE__, "some_other_file"] + + expect(logger).to receive(:error).with(/some_other_file is missing/) + + expect(runner.inspec_opts[:waiver_file]).to eq([__FILE__]) + end + end end |