summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/chef/compliance/reporter/json_file.rb2
-rw-r--r--lib/chef/compliance/runner.rb21
2 files changed, 14 insertions, 9 deletions
diff --git a/lib/chef/compliance/reporter/json_file.rb b/lib/chef/compliance/reporter/json_file.rb
index 4d074242ca..ecd2e77b55 100644
--- a/lib/chef/compliance/reporter/json_file.rb
+++ b/lib/chef/compliance/reporter/json_file.rb
@@ -16,7 +16,7 @@ class Chef
def validate_config!
if @path.nil? || @path.class != String || @path.empty?
- raise "CMPL007: json_file reporter: node['audit']['json_file']['location'] must contain a file path"
+ raise "CMPL009: json_file reporter: node['audit']['json_file']['location'] must contain a file path"
end
end
end
diff --git a/lib/chef/compliance/runner.rb b/lib/chef/compliance/runner.rb
index 16cdf780ed..68b40ce35b 100644
--- a/lib/chef/compliance/runner.rb
+++ b/lib/chef/compliance/runner.rb
@@ -63,7 +63,10 @@ class Chef
end
def run_failed(_exception, _run_status)
- return unless enabled?
+ # If the run has failed because our own validation of compliance
+ # phase configuration has failed, we don't want to submit a report
+ # because we're still not configured correctly.
+ return unless enabled? && @validation_passed
logger.info("#{self.class}##{__method__}: enabling Compliance Phase")
@@ -219,7 +222,7 @@ class Chef
end
def reporter(reporter_type)
- case reporter_type.downcase
+ case reporter_type
when "chef-automate"
require_relative "reporter/automate"
opts = {
@@ -245,7 +248,7 @@ class Chef
Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
when "json-file"
require_relative "reporter/json_file"
- path = node["audit"]["json_file"]["location"]
+ path = node.dig("audit", "json_file", "location")
logger.info "Writing compliance report to #{path}"
Chef::Compliance::Reporter::JsonFile.new(file: path)
when "audit-enforcer"
@@ -279,10 +282,11 @@ class Chef
return unless enabled?
@reporters = {}
- Array(node["audit"]["reporter"]).each do |reporter_type|
- type = reporter_type.downcase
+ # Note that the docs don't say you can use an array, but our implementation
+ # supports it.
+ Array(node["audit"]["reporter"]).each do |type|
unless SUPPORTED_REPORTERS.include? type
- raise "CMPL003: '#{reporter_type}' found in node['audit']['reporter'] is not a supported reporter for Compliance Phase. Supported reporters are: #{SUPPORTED_REPORTERS.join(",")}. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#reporters"
+ raise "CMPL003: '#{type}' found in node['audit']['reporter'] is not a supported reporter for Compliance Phase. Supported reporters are: #{SUPPORTED_REPORTERS.join(", ")}. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#reporters"
end
@reporters[type] = reporter(type)
@@ -290,10 +294,11 @@ class Chef
end
unless (fetcher = node["audit"]["fetcher"]).nil?
- unless SUPPORTED_FETCHERS.include? fetcher.downcase
- raise "CMPL002: Unrecognized Compliance Phase fetcher (node['audit']['fetcher'] is #{fetcher}. Supported fetchers are: or #{SUPPORTED_FETCHERS.join(",")}, or nil. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#fetchers"
+ unless SUPPORTED_FETCHERS.include? fetcher
+ raise "CMPL002: Unrecognized Compliance Phase fetcher (node['audit']['fetcher'] = #{fetcher}). Supported fetchers are: #{SUPPORTED_FETCHERS.join(", ")}, or nil. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#fetchers"
end
end
+ @validation_passed = true
end
end
end