inspec · clintoncwolfe · Mar 10, 2022 · Mar 3, 2022 · Mar 3, 2022 · Mar 10, 2022
@@ -73,6 +73,7 @@ def stop(notification)
         name: platform(:name),
         release: platform(:release),
         target: backend_target,
+        target_id: platform(:uuid),
       }
     end
 
@@ -228,12 +229,13 @@ def format_expectation_message(example)
     def platform(field)
       return nil if @backend.nil?
 
-      begin
-        @backend.platform[field]
-      rescue Train::Error => e
-        Inspec::Log.warn(e.message)
-        nil
-      end
+      @backend.platform[field]
+    rescue Train::PlatformUuidDetectionFailed
+      Inspec::Log.warn("Could not find platform target_id.")
+      nil
+    rescue Train::Error => e
+      Inspec::Log.warn(e.message)
+      nil
     end
 
     def backend_target

@@ -21,7 +21,7 @@ def enriched_report
       final_report[:type] = "inspec_report"
 
       final_report[:end_time] = Time.now.utc.strftime("%FT%TZ")
-      final_report[:node_uuid] = @config["node_uuid"] || @config["target_id"]
+      final_report[:node_uuid] = report[:platform][:target_id] || @config["node_uuid"] || @config["target_id"]
       raise Inspec::ReporterError, "Cannot find a UUID for your node. Please specify one via json-config." if final_report[:node_uuid].nil?
 
       final_report[:report_uuid] = @config["report_uuid"] || uuid_from_string(final_report[:end_time] + final_report[:node_uuid])

@@ -29,7 +29,7 @@ def platform
       {
         name:      run_data[:platform][:name],
         release:   run_data[:platform][:release],
-        target_id: @config["target_id"],
+        target_id: run_data[:platform][:target_id] || @config["target_id"],
       }.reject { |_k, v| v.nil? }
     end
 

@@ -160,6 +160,10 @@ def inspec_with_env(commandline, env = {})
     inspec(commandline, assemble_env_prefix(env))
   end
 
+  def inspec_os_uuid
+    CMD.os.uuid
+  end
+
   # This version allows additional options.
   # @param String command_line Invocation, without the word 'inspec'
   # @param Hash opts Additonal options, see below

@@ -5,6 +5,7 @@
 describe "inspec exec with json formatter" do
   include FunctionalHelper
   let(:schema) { Inspec::Schema.json("exec-json") }
+  let(:platform_uuid) { inspec_os_uuid }
 
   parallelize_me!
 
@@ -45,10 +46,12 @@
     assert_exit_code 0, out
   end
 
-  it "can execute a profile and validate the json schema with target_id" do
+  it "can execute a profile and validate the json schema and override the tagret id with platform uuid" do
+    skip_windows!
     out = inspec("exec " + complete_profile + " --reporter json --no-create-lockfile --target-id 1d3e399f-4d71-4863-ac54-84d437fbc444")
     data = JSON.parse(out.stdout)
-    _(data["platform"]["target_id"]).must_equal "1d3e399f-4d71-4863-ac54-84d437fbc444"
+    _(data["platform"]["target_id"]).wont_equal "1d3e399f-4d71-4863-ac54-84d437fbc444"
+    _(data["platform"]["target_id"]).must_equal platform_uuid
     sout = inspec("schema exec-json")
     schema = JSONSchemer.schema(sout.stdout)
     _(schema.validate(data).to_a).must_equal []

@@ -45,15 +45,6 @@ def stderr
     _(stdout).must_include "0 failures"
   end
 
-  it "cleanly fails if mixing incompatible resource and transports" do
-    # TODO: It should be possible to test this more directly.
-    inspec "exec -t aws:// #{profile_path}/incompatible_resource_for_transport.rb"
-
-    _(stderr).must_be_empty
-    _(stdout).must_include "Unsupported resource/backend combination: file / aws. Exiting."
-    assert_exit_code 100, out
-  end
-
   it "can execute the profile" do
     inspec("exec " + complete_profile + " --no-create-lockfile")
 
@@ -993,22 +984,27 @@ def stderr
   describe "when specifying a config file" do
     let(:run_result) { run_inspec_process("exec " + File.join(profile_path, "simple-metadata") + " " + cli_args, json: true, env: env) }
     let(:seen_target_id) { @json["platform"]["target_id"] }
+    let(:platform_uuid) { inspec_os_uuid }
     let(:stderr) { run_result.stderr }
     let(:env) { {} }
 
-    describe "when using the legacy --json-config option" do
+    describe "when using the legacy --json-config" do
       let(:cli_args) { "--json-config " + File.join(config_dir_path, "json-config", "good.json") }
-      it "should see the custom target ID value" do
+      it "should override the custom target ID value with platform uuid" do
+        skip_windows!
         _(stderr).must_be_empty # TODO: one day deprecate the --json-config option
-        _(seen_target_id).must_equal "from-config-file"
+        _(seen_target_id).wont_equal "from-config-file"
+        _(seen_target_id).must_equal platform_uuid
       end
     end
 
     describe "when using the --config option to read from a custom file" do
       let(:cli_args) { "--config " + File.join(config_dir_path, "json-config", "good.json") }
-      it "should see the custom target ID value" do
+      it "should override the custom target ID value with platform uuid" do
+        skip_windows!
         _(stderr).must_be_empty
-        _(seen_target_id).must_equal "from-config-file"
+        _(seen_target_id).wont_equal "from-config-file"
+        _(seen_target_id).must_equal platform_uuid
       end
     end
 
@@ -1018,14 +1014,16 @@ def stderr
         let(:cli_args) { "--config -" }
         let(:opts) { { prefix: "cat " + json_path + " | ", json: true, env: env } }
         let(:njopts) { opts.merge(json: false) }
+        let(:platform_uuid) { inspec_os_uuid }
 
         # DO NOT use the `let`-defined run_result through here
         # If you do, it will execute twice, and cause STDIN to read empty on the second time
-        it "exec should see the custom target ID value" do
+        it "exec should override the the custom target ID value if platform uuid is present." do
           result = run_inspec_process( "exec " + File.join(profile_path, "simple-metadata") + " " + cli_args + " ", opts )
 
           _(result.stderr).must_be_empty
-          _(@json["platform"]["target_id"]).must_equal "from-config-file"
+          _(@json["platform"]["target_id"]).wont_equal "from-config-file"
+          _(@json["platform"]["target_id"]).must_equal platform_uuid
         end
 
         it "detect should exit 0" do
@@ -1050,10 +1048,12 @@ def stderr
       # Should read from File.join(config_dir_path, 'fakehome-2', '.inspec', 'config.json')
       let(:env) { { "HOME" => File.join(config_dir_path, "fakehome-2") } }
       let(:cli_args) { "" }
-      it "should see the homedir target ID value" do
+      let(:platform_uuid) { inspec_os_uuid }
+      it "should override override the homedir target ID value with platform uuid" do
+        skip_windows!
         _(stderr).must_be_empty
-
-        _(seen_target_id).must_equal "from-fakehome-config-file"
+        _(seen_target_id).wont_equal "from-fakehome-config-file"
+        _(seen_target_id).must_equal platform_uuid
       end
     end
 
@@ -1094,7 +1094,7 @@ def stderr
   describe "when specifying the execution target" do
     let(:local_plat) do
       json = run_inspec_process("detect --format json", {}).stdout
-      JSON.parse(json).slice("name", "release")
+      JSON.parse(json).slice("name", "release").merge({ "target_id" => inspec_os_uuid })
     end
     let(:run_result) { run_inspec_process("exec " + File.join(profile_path, "simple-metadata") + " " + cli_args, json: true) }
     let(:seen_platform) { run_result; @json["platform"].select { |k, v| %w{name release target_id}.include? k } }
@@ -1103,13 +1103,15 @@ def stderr
     describe "when neither target nor backend is specified" do
       let(:cli_args) { "" }
       it "should connect to the local platform" do
+        skip_windows!
         _(seen_platform).must_equal local_plat
       end
     end
 
     describe "when local:// is specified" do
       let(:cli_args) { " -t local:// " }
       it "should connect to the local platform" do
+        skip_windows!
         _(seen_platform).must_equal local_plat
       end
     end
@@ -1172,9 +1174,10 @@ def stderr
       let(:cloud_profile) { cloud_path + "test-aws" }
       # Use log level FATAL to absorb WARNs from deprecataions and ERRORs from not having credentials set.
       # An actual stacktrace then will appear as sole stderr output
-      let(:args) { "-t aws://fakecreds --log-level fatal " }
-      it "should fail to connect to aws due to lack of creds but not stacktrace" do
-        _(run_result.stderr).must_be_empty
+      let(:args) { "-t aws://" }
+      it "should fail to connect to aws due to lack of creds and stacktrace" do
+        skip unless ENV["AWS_REGION"]
+        _(run_result.stderr).must_include"unable to sign request without credentials set"
       end
     end