1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
#
# Auther:: Tyler Ball (<tball@getchef.com>)
#
# Copyright:: Copyright (c) 2014 Opscode, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'chef/event_dispatch/base'
require 'chef/audit/control_group_data'
class Chef
class Audit
class AuditReporter < EventDispatch::Base
attr_reader :rest_client, :audit_data, :ordered_control_groups
private :rest_client, :audit_data, :ordered_control_groups
PROTOCOL_VERSION = '0.1.0'
def initialize(rest_client)
if Chef::Config[:audit_mode] == false
@audit_enabled = false
else
@audit_enabled = true
end
@rest_client = rest_client
# Ruby 1.9.3 and above "enumerate their values in the order that the corresponding keys were inserted."
@ordered_control_groups = Hash.new
end
def audit_phase_start(run_status)
Chef::Log.debug("Audit Reporter starting")
@audit_data = AuditData.new(run_status.node.name, run_status.run_id)
end
def audit_phase_complete
Chef::Log.debug("Audit Reporter completed successfully without errors")
ordered_control_groups.each do |name, control_group|
audit_data.add_control_group(control_group)
end
post_auditing_data
end
# If the audit phase failed, its because there was some kind of error in the framework
# that runs tests - normal errors are interpreted as EXAMPLE failures and captured.
def audit_phase_failed(error)
# The stacktrace information has already been logged elsewhere
Chef::Log.error("Audit Reporter failed - sending error to server with available example information")
ordered_control_groups.each do |name, control_group|
audit_data.add_control_group(control_group)
end
post_auditing_data(error)
end
def control_group_started(name)
if ordered_control_groups.has_key?(name)
raise AuditControlGroupDuplicate.new(name)
end
ordered_control_groups.store(name, ControlGroupData.new(name))
end
def control_example_success(control_group_name, example_data)
control_group = ordered_control_groups[control_group_name]
control_group.example_success(example_data)
end
def control_example_failure(control_group_name, example_data, error)
control_group = ordered_control_groups[control_group_name]
control_group.example_failure(example_data, error.message)
end
def auditing_enabled?
@audit_enabled
end
private
def post_auditing_data(error = nil)
if auditing_enabled?
audit_history_url = "controls"
Chef::Log.info("Sending audit report (run-id: #{audit_data.run_id})")
run_data = audit_data.to_hash
if error
run_data[:error] = "#{error.class.to_s}: #{error.message}\n#{error.backtrace.join("\n")}"
end
Chef::Log.debug run_data.inspect
compressed_data = encode_gzip(Chef::JSONCompat.to_json(run_data))
Chef::Log.debug("Sending compressed audit data...")
# Since we're posting compressed data we can not directly call post_rest which expects JSON
audit_url = rest_client.create_url(audit_history_url)
begin
puts Chef::JSONCompat.to_json_pretty(run_data)
rest_client.raw_http_request(:POST, audit_url, headers({'Content-Encoding' => 'gzip'}), compressed_data)
rescue StandardError => e
if e.respond_to? :response
error_file = "failed-audit-data.json"
Chef::FileCache.store(error_file, Chef::JSONCompat.to_json_pretty(run_data), 0640)
Chef::Log.error("Failed to post audit report to server (HTTP #{e.response.code}), saving to #{Chef::FileCache.load(error_file, false)}")
else
Chef::Log.error("Failed to post audit report to server (#{e})")
end
end
else
Chef::Log.debug("Server doesn't support audit report, skipping.")
end
end
def headers(additional_headers = {})
options = {'X-Ops-Audit-Report-Protocol-Version' => PROTOCOL_VERSION}
options.merge(additional_headers)
end
def encode_gzip(data)
"".tap do |out|
Zlib::GzipWriter.wrap(StringIO.new(out)){|gz| gz << data }
end
end
end
end
end
|