Skip to content

Commit

Permalink
Merge pull request #300 from inspec/update_additional_resources
Browse files Browse the repository at this point in the history 
Enable users to define api versions for the additional property API calls
  • Loading branch information
@rmoles
rmoles authored Sep 23, 2020
2 parents 494eab2 + f1cf765 commit 51888f5
Show file tree
Hide file tree
Showing 24 changed files with 149 additions and 111 deletions.
2 changes: 1 addition & 1 deletion docs/resources/azure_generic_resource.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ The following parameters can be passed for targeting a specific Azure resource.
| resource_provider | Azure resource provider of the resource to be tested. `Microsoft.Compute/virtualMachines` |
| resource_path | Relative path to the resource if it is defined on another resource. Resource path of a subnet in a virtual network would be: `{virtualNetworkName}/subnets`. |
| resource_id | Unique id of Azure resource to be tested. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{vmName}` |
| resource_uri | Azure REST API URI of the resource to be tested. This parameter should be used when a resource does not reside in a resource group. It requires `add_subscription_id` and `name` parameters to be provided together. `/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/` |
| resource_uri | Azure REST API URI of the resource to be tested. This parameter should be used when a resource does not reside in a resource group. It requires `add_subscription_id` and `name` parameters to be provided together. `/providers/Microsoft.Authorization/policyDefinitions/` |
| add_subscription_id | Indicates whether the `resource_uri` contains the subscription id. `true` or `false` |
| tag_name<superscript>*</superscript> | Tag name defined on the Azure resource. `name` |
| tag_value | Tag value of the tag defined with the `tag_name`. `external_linux` |
Expand Down
2 changes: 1 addition & 1 deletion docs/resources/azure_generic_resources.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ All of them are optional.
| resource_provider | Azure resource provider of the resources to be tested. | `Microsoft.Compute/virtualMachines` |
| tag_name<superscript>*</superscript> | Tag name defined on the Azure resources. | `name` |
| tag_value | Tag value of the tag defined with the `tag_name`. | `external_linux` |
| resource_uri | Azure REST API URI of the resources to be tested. This parameter should be used when resources do not reside in resource groups. It requires `add_subscription_id` parameter to be provided together. `/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/` |
| resource_uri | Azure REST API URI of the resources to be tested. This parameter should be used when resources do not reside in resource groups. It requires `add_subscription_id` parameter to be provided together. `/providers/Microsoft.Authorization/policyDefinitions/` |
| add_subscription_id | Indicates whether the `resource_uri` contains the subscription id. `true` or `false` |

<superscript>*</superscript> When resources are filtered by a tag name and value, the tags for each resource are not returned in the results.
Expand Down
13 changes: 7 additions & 6 deletions docs/resources/azure_key_vault.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,12 +40,13 @@ end
```
## Parameters

| Name | Description |
|--------------------------------|----------------------------------------------------------------------------------|
| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
| name | Name of the Azure resource to test. `MyVault` |
| vault_name | Name of the Azure resource to test (for backward compatibility). `MyVault` |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.KeyVault/vaults/{vaultName}` |
| Name | Description |
|---------------------------------|----------------------------------------------------------------------------------|
| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
| name | Name of the Azure resource to test. `MyVault` |
| vault_name | Name of the Azure resource to test (for backward compatibility). `MyVault` |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.KeyVault/vaults/{vaultName}` |
| diagnostic_settings_api_version | The endpoint api version for the `diagnostic_settings` property. `2017-05-01-preview` will be used for backward compatibility unless provided. |

Either one of the parameter sets can be provided for a valid query:
- `resource_id`
Expand Down
1 change: 1 addition & 0 deletions docs/resources/azure_mariadb_server.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ end
| name | Name of the MariaDB server to test. `MyServer` |
| server_name | Alias for the `name` parameter. |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.DBforMariaDB/servers/{serverName}` |
| firewall_rules_api_version | The endpoint api version for the `firewall_rules` property. The latest version will be used unless provided. |

Either one of the parameter sets can be provided for a valid query:
- `resource_id`
Expand Down
1 change: 1 addition & 0 deletions docs/resources/azure_mysql_server.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ end
| name | Name of the MySql server to test. `MyServer` |
| server_name | Name of the MySql server to test. `MyServer`. This is for backward compatibility, use `name` instead. |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.DBforMySQL/servers/{serverName}` |
| firewall_rules_api_version | The endpoint api version for the `firewall_rules` property. The latest version will be used unless provided. |

Either one of the parameter sets can be provided for a valid query:
- `resource_id`
Expand Down
17 changes: 11 additions & 6 deletions docs/resources/azure_sql_server.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,17 @@ end
```
## Parameters

| Name | Description |
|--------------------------------|-----------------------------------------------------------------------------------|
| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
| name | Name of the SQL server to test. `MyServer` |
| server_name | Alias for the `name` parameter. |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}` |
| Name | Description |
|---------------------------------------|-----------------------------------------------------------------------------------|
| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
| name | Name of the SQL server to test. `MyServer` |
| server_name | Alias for the `name` parameter. |
| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}` |
| firewall_rules_api_version | The endpoint api version for the `firewall_rules` property. The latest version will be used unless provided. |
| auditing_settings_api_version | The endpoint api version for the `auditing_settings` property. The latest version will be used unless provided. |
| threat_detection_settings_api_version | The endpoint api version for the `threat_detection_settings` property. The latest version will be used unless provided. |
| administrators_api_version | The endpoint api version for the `administrators` property. The latest version will be used unless provided. |
| encryption_protector_api_version | The endpoint api version for the `encryption_protector` property. The latest version will be used unless provided. |

Either one of the parameter sets can be provided for a valid query:
- `resource_id`
Expand Down
10 changes: 4 additions & 6 deletions libraries/azure_backend.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -417,6 +417,9 @@ def specific_resource_constraint(resource_provider, opts)
if opts.key?(:resource_provider)
raise ArgumentError, "#{@__resource_name__}: The `resource_provider` parameter is not allowed."\
" `#{resource_provider}` is predefined for this resource."
elsif opts.keys.any? { |key| %i(allowed_parameters required_parameters).include?(key) }
raise ArgumentError, "#{@__resource_name__}: The following parameters are not allowed: "\
'["allowed_parameters", "required_parameters"].'
end
else
raise ArgumentError, "#{@__resource_name__}: Parameters must be provided in an Hash object."
Expand Down Expand Up @@ -462,11 +465,6 @@ def validate_parameters(allow: [], required: nil, require_any_of: nil)
Helpers.validate_parameters(resource_name: @__resource_name__,
allow: allow, required: required,
require_any_of: require_any_of, opts: opts)
if opts.key?(:resource_id) && \
opts.keys.any? { |key| %i(resource_group resource_provider name tag_name tag_value).include?(key) }
raise ArgumentError, 'If `resource_id` is provided, the following parameters should not be provided.'\
' ["resource_group", "resource_provider", "name", "tag_name", "tag_value"]'
end
true
end

Expand Down Expand Up @@ -690,7 +688,7 @@ def respond_to_missing?(*several_variants)
end

def to_s
"Property is missing! The following properties are available: #{item.keys.map(&:to_s)}"
"#{type}/#{name} has the following properties: #{item.keys.map(&:to_s)}."
end
end

Expand Down
2 changes: 1 addition & 1 deletion libraries/azure_event_hub_authorization_rule.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ def initialize(opts = {})
# Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
opts[:required_parameters] = %i(namespace_name event_hub_endpoint)
opts[:resource_path] = [opts[:namespace_name], 'eventhubs', opts[:event_hub_endpoint], 'authorizationRules'].join('/')
opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
opts[:resource_identifiers] = %i(authorization_rule)

# static_resource parameter must be true for setting the resource_provider in the backend.
Expand Down
2 changes: 1 addition & 1 deletion libraries/azure_event_hub_event_hub.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ def initialize(opts = {})
# Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
opts[:required_parameters] = %i(namespace_name)
opts[:resource_path] = [opts[:namespace_name], 'eventhubs'].join('/')
opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
opts[:resource_identifiers] = %i(event_hub_name)

# static_resource parameter must be true for setting the resource_provider in the backend.
Expand Down
Loading

0 comments on commit 51888f5

Please sign in to comment.