Class: Inspec::Metadata

Inherits:

Object

• Object
• Inspec::Metadata

Defined in:

lib/inspec/metadata.rb

Overview

The Metadata class represents a profile’s metadata. This includes the metadata stored in the profile’s metadata.rb file, as well as inferred metadata like if this profile supports the current runtime and the intended target. This class does NOT represent the runtime state of a profile during execution. See lib/inspec/profile.rb for the runtime representation of a profile.

A Metadata object may be created and finalized with invalid data. This allows the check CLI command to analyse the issues. Use valid? to determine if the metadata is coherent.

Instance Attribute Summary

• #content ⇒ Object

  Returns the value of attribute content.

• #params ⇒ Object

  Returns the value of attribute params.

• #ref ⇒ Object readonly

  Returns the value of attribute ref.

Class Method Summary

• .finalize(metadata, profile_id, options, logger = nil) ⇒ Object
• .finalize_name(metadata, profile_id, original_target) ⇒ Object
• .finalize_supports(supports, logger) ⇒ Object
• .finalize_supports_elem(elem, logger) ⇒ Object
• .from_file(path, profile_id, logger = nil) ⇒ Object
• .from_ref(ref, content, profile_id, logger = nil) ⇒ Object
• .from_ruby(ref, content, profile_id, logger = nil) ⇒ Object
• .from_yaml(ref, content, profile_id, logger = nil) ⇒ Object
• .symbolize_keys(obj) ⇒ Object

Instance Method Summary

• #dependencies ⇒ Object
• #gem_dependencies ⇒ Object
• #initialize(ref, logger = nil) ⇒ Metadata constructor

  A new instance of Metadata.

• #inspec_requirement ⇒ Object
• #method_missing(sth, *args) ⇒ Object
• #supports(sth, version = nil) ⇒ Object
• #supports_platform?(backend) ⇒ Boolean
• #supports_runtime? ⇒ Boolean
• #unsupported ⇒ Object
• #valid ⇒ Object

  return all warn and errors.

• #valid? ⇒ Boolean

  returns true or false.

• #valid_license?(value) ⇒ Boolean
• #valid_version?(value) ⇒ Boolean

Constructor Details

#initialize(ref, logger = nil) ⇒ Metadata

Returns a new instance of Metadata.

# File 'lib/inspec/metadata.rb', line 26

def initialize(ref, logger = nil)
  @ref = ref
  @logger = logger || Logger.new(nil)
  @content = ""
  @params = {}
  @missing_methods = []
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(sth, *args) ⇒ Object

# File 'lib/inspec/metadata.rb', line 170

def method_missing(sth, *args)
  @logger.warn "#{ref} doesn't support: #{sth} #{args}"
  @missing_methods.push(sth)
end

Instance Attribute Details

#content ⇒ Object

Returns the value of attribute content.

# File 'lib/inspec/metadata.rb', line 25

def content
  @content
end

#params ⇒ Object

Returns the value of attribute params.

# File 'lib/inspec/metadata.rb', line 25

def params
  @params
end

#ref ⇒ Object (readonly)

Returns the value of attribute ref.

# File 'lib/inspec/metadata.rb', line 24

def ref
  @ref
end

Class Method Details

.finalize(metadata, profile_id, options, logger = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 243

def self.finalize(metadata, profile_id, options, logger = nil)
  return nil if metadata.nil?

  param = metadata.params || {}
  options ||= {}
  param["version"] = param["version"].to_s unless param["version"].nil?
  metadata.params = symbolize_keys(param)
  metadata.params[:supports] = finalize_supports(metadata.params[:supports], logger)
  finalize_name(metadata, profile_id, options[:target])

  metadata
end

.finalize_name(metadata, profile_id, original_target) ⇒ Object

# File 'lib/inspec/metadata.rb', line 221

def self.finalize_name(metadata, profile_id, original_target)
  # profile_id always overwrites whatever already exists as the name
  unless profile_id.to_s.empty?
    metadata.params[:name] = profile_id.to_s
    return
  end

  # don't overwrite an existing name
  return unless metadata.params[:name].nil?

  # if there's a title, there is no need to set a name too
  return unless metadata.params[:title].nil?

  # create a new name based on the original target if it exists
  # Crudely slug the target to not contain slashes, to avoid breaking
  # unit tests that look for warning sequences
  return if original_target.to_s.empty?

  metadata.params[:title] = "tests from #{original_target}"
  metadata.params[:name] = metadata.params[:title].gsub(%r{[\/\\]}, ".")
end

.finalize_supports(supports, logger) ⇒ Object

# File 'lib/inspec/metadata.rb', line 213

def self.finalize_supports(supports, logger)
  case x = supports
  when Hash   then [finalize_supports_elem(x, logger)]
  when Array  then x.map { |e| finalize_supports_elem(e, logger) }.compact
  when nil    then []
  end
end

.finalize_supports_elem(elem, logger) ⇒ Object

# File 'lib/inspec/metadata.rb', line 190

def self.finalize_supports_elem(elem, logger)
  case x = elem
  when Hash
    x[:release] = x[:release].to_s if x[:release]
    x
  when Array
    logger.warn(
      "Failed to read supports entry that is an array. Please use "\
      "the `supports: {os-family: xyz}` syntax."
    )
    nil
  when nil then nil
  else
    Inspec.deprecate(
      :supports_syntax,
      "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
        "supports:\n  - os-family: #{x}\n\n"
    )

    { :'os-family' => x } # rubocop:disable Style/HashSyntax
  end
end

.from_file(path, profile_id, logger = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 286

def self.from_file(path, profile_id, logger = nil)
  unless File.file?(path)
    logger ||= Logger.new(nil)
    logger.error "Can't find metadata file #{path}"
    return nil
  end

  from_ref(File.basename(path), File.read(path), profile_id, logger)
end

.from_ref(ref, content, profile_id, logger = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 271

def self.from_ref(ref, content, profile_id, logger = nil)
  # NOTE there doesn't have to exist an actual file, it may come from an
  # archive (i.e., content)
  case File.basename(ref)
  when "inspec.yml"
    from_yaml(ref, content, profile_id, logger)
  when "metadata.rb"
    from_ruby(ref, content, profile_id, logger)
  else
    logger ||= Logger.new(nil)
    logger.error "Don't know how to handle metadata in #{ref}"
    nil
  end
end

.from_ruby(ref, content, profile_id, logger = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 264

def self.from_ruby(ref, content, profile_id, logger = nil)
  res = Metadata.new(ref, logger)
  res.instance_eval(content, ref, 1)
  res.content = content
  finalize(res, profile_id, {}, logger)
end

.from_yaml(ref, content, profile_id, logger = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 256

def self.from_yaml(ref, content, profile_id, logger = nil)
  require "erb" unless defined?(Erb)
  res = Metadata.new(ref, logger)
  res.params = YAML.load(ERB.new(content).result)
  res.content = content
  finalize(res, profile_id, {}, logger)
end

.symbolize_keys(obj) ⇒ Object

# File 'lib/inspec/metadata.rb', line 179

def self.symbolize_keys(obj)
  return obj.map { |i| symbolize_keys(i) } if obj.is_a?(Array)
  return obj unless obj.is_a?(Hash)

  obj.each_with_object({}) do |(k, v), h|
    v = symbolize_keys(v) if v.is_a?(Hash)
    v = symbolize_keys(v) if v.is_a?(Array)
    h[k.to_sym] = v
  end
end

Instance Method Details

#dependencies ⇒ Object

# File 'lib/inspec/metadata.rb', line 53

def dependencies
  params[:depends] || []
end

#gem_dependencies ⇒ Object

# File 'lib/inspec/metadata.rb', line 57

def gem_dependencies
  params[:gem_dependencies] || []
end

#inspec_requirement ⇒ Object

# File 'lib/inspec/metadata.rb', line 67

def inspec_requirement
  # using Gem::Requirement here to allow nil values which
  # translate to [">= 0"]
  Gem::Requirement.create(params[:inspec_version])
end

#supports(sth, version = nil) ⇒ Object

# File 'lib/inspec/metadata.rb', line 61

def supports(sth, version = nil)
  # Ignore supports with metadata.rb. This file is legacy and the way it
  # it handles `supports` deprecated. A deprecation warning will be printed
  # already.
end

#supports_platform?(backend) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/inspec/metadata.rb', line 78

def supports_platform?(backend)
  require "inspec/resources/platform" # break circularity in load
  backend.platform.supported?(params[:supports])
end

#supports_runtime? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/inspec/metadata.rb', line 73

def supports_runtime?
  running = Gem::Version.new(Inspec::VERSION)
  inspec_requirement.satisfied_by?(running)
end

#unsupported ⇒ Object

# File 'lib/inspec/metadata.rb', line 175

def unsupported
  @missing_methods
end

#valid ⇒ Object

return all warn and errors

# File 'lib/inspec/metadata.rb', line 84

def valid # rubocop:disable Metrics/AbcSize
  errors = []
  warnings = []

  %w{name version}.each do |field|
    next unless params[field.to_sym].nil?

    errors.push("Missing profile #{field} in #{ref}")
  end

  if %r{[\/\\]} =~ params[:name]
    errors.push("The profile name (#{params[:name]}) contains a slash" \
                  " which is not permitted. Please remove all slashes from `inspec.yml`.")
  end

  # if version is set, ensure it is correct
  if !params[:version].nil? && !valid_version?(params[:version])
    errors.push("Version needs to be in SemVer format")
  end

  if params[:entitlement_id] && params[:entitlement_id].strip.empty?
    errors.push("Entitlement ID should not be blank.")
  end

  unless supports_runtime?
    warnings.push("The current inspec version #{Inspec::VERSION} cannot satisfy profile inspec_version constraint #{params[:inspec_version]}")
  end

  %w{title summary maintainer copyright license}.each do |field|
    next unless params[field.to_sym].nil?

    warnings.push("Missing profile #{field} in #{ref}")
  end

  # if license is set, ensure it is in SPDX format or marked as proprietary
  if !params[:license].nil? && !valid_license?(params[:license])
    warnings.push("License '#{params[:license]}' needs to be in SPDX format or marked as 'Proprietary'. See https://spdx.org/licenses/.")
  end

  # If gem_dependencies is set, it must be an array of hashes with keys name and optional version
  unless params[:gem_dependencies].nil?
    list = params[:gem_dependencies]
    if list.is_a?(Array) && list.all? { |e| e.is_a? Hash }
      list.each do |entry|
        errors.push("gem_dependencies entries must all have a 'name' field") unless entry.key?(:name)
        if entry[:version]
          orig = entry[:version]
          begin
            # Split on commas as we may have a complex dep
            orig.split(",").map { |c| Gem::Requirement.parse(c) }
          rescue Gem::Requirement::BadRequirementError
            errors.push "Unparseable gem dependency '#{orig}' for #{entry[:name]}"
          rescue Inspec::GemDependencyInstallError => e
            errors.push e.message
          end
        end
        extra = (entry.keys - %i{name version})
        unless extra.empty?
          warnings.push "Unknown gem_dependencies key(s) #{extra.join(",")} seen for entry '#{entry[:name]}'"
        end
      end
    else
      errors.push("gem_dependencies must be a List of Hashes")
    end
  end

  [errors, warnings]
end

#valid? ⇒ Boolean

returns true or false

Returns:

• (Boolean)

# File 'lib/inspec/metadata.rb', line 154

def valid?
  errors, _warnings = valid
  errors.empty? && unsupported.empty?
end

#valid_license?(value) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/inspec/metadata.rb', line 166

def valid_license?(value)
  value =~ /^Proprietary[,;]?\b/ || Spdx.valid_license?(value)
end

#valid_version?(value) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/inspec/metadata.rb', line 159

def valid_version?(value)
  Semverse::Version.new(value)
  true
rescue Semverse::InvalidVersionFormat
  false
end