search

inspec / inspec

InSpec: Auditing and Testing Framework
http://inspec.io
Other
2.83k stars 683 forks source link

easier method for walking directories #1370

Open jeremymv2 opened 7 years ago

jeremymv2 commented 7 years ago

Description

As a secops person, I want have an easy to use pattern for enumerating directory children, so that it works as expected both locally and when executing remotely.

From internal conversation: Since InSpec can be executed on a remote target, any Dir.foreach will not work as expected, since this reads files from the workstation not from the remote target. Since this is a common issue, we should make it easier to iterate over directories.

Proposals:

control 'test-the-directoies' do
  directory('/private/tmp').directories do |d|
    describe directory(d) do
      its('mode') { should cmp '0755' }
    end
  end
  directory('/private/tmp').files do |d|
    describe file(d) do
      its('mode') { should cmp '0755' }
    end
  end
end

Also, we could have directory('/private/tmp').children to enumerate all files and directories and then use

directory.children.each do |filename|
  file(filename).isFile?
end
smford22 commented 7 years ago

A big 👍 for this as well.

chris-rock commented 7 years ago

Thanks @jeremymv2 I tend to go with:

directory.children.each do |filename|
  file(filename).isFile?
end
smford22 commented 7 years ago

@chris-rock would .children be used for both files and directories?

ronykr commented 7 years ago

This is awesome. One request is that wildcards be allowed in specifying directory paths. This works in ruby, but seems to not work via the file / directory resources.

For example, this line from the proposal

directory('/private/tmp').files do |d|

should also work like this:

directory('/private/*/important_files').files do |d|

So that Inspec finds all important_files in that are inside a directory in /private

Would also be nice if the file resource allowed wildcards in the path - should I open a separate issue for that?

chris-rock commented 7 years ago

So far, we can use the find command:

`command('find . -type f -maxdepth 1').stdout.split("\n").map(&:strip).find_all { |x| !x.empty? }` is returning an array of files
OMSKremer commented 6 years ago

Need it also for Windows. Any plans?

jpsheffield commented 5 years ago

So far, we can use the find command:

`command('find . -type f -maxdepth 1').stdout.split("\n").map(&:strip).find_all(|x| !x.empty?)

Works for me but doesn't fail if the directory to walk doesn't exist or user cannot access it. I put in a second directory test to catch this but would be great if the directory walk enhancement caught the scenario.

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. We value your input and contribution. Please leave a comment if this issue still affects you.

KrisShannon commented 4 years ago

This really needs a solution of some kind in the core.

Workarounds like the command("find ...") are not general enough.

It probably needs work in the train library

clintoncwolfe commented 3 years ago

Refs #709, likely duplicate

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. We value your input and contribution. Please leave a comment if this issue still affects you.