Validate Hiera values

* Add methods for retrieving profile names and confines
* Compile data the way that compliance_markup does and validate the
  results
* Handle a few error cases

Fixes simp#14

Author: silug

Gemfile

@@ -12,3 +12,9 @@ group :tests do
   gem 'rubocop-rspec', '~> 2.13'
   gem 'rubocop-rake', '~> 0.6.0'
 end
+
+group :development do
+  gem 'pry', '~> 0.14.1'
+  gem 'pry-byebug', '~> 3.10'
+  gem 'rdoc', '~> 6.4'
+end

lib/scelint.rb

@@ -32,13 +32,16 @@ def initialize(paths = ['.'])
           ].each do |dir|
             ['yaml', 'json'].each do |type|
               Dir.glob("#{path}/#{dir}/**/*.#{type}").each do |file|
-                @data[file] = parse(file)
+                this_file = parse(file)
+                next if this_file.nil?
+                @data[file] = this_file
                 merged_data = merged_data.deep_merge!(@data[file])
               end
             end
           end
         elsif File.exist?(path)
-          @data[path] = parse(path)
+          this_file = parse(path)
+          @data[path] = this_file unless this_file.nil?
         else
           raise "Can't find path '#{path}'"
         end
@@ -52,6 +55,8 @@ def initialize(paths = ['.'])
         lint(file, data)
       end
 
+      validate
+
       @data # rubocop:disable Lint/Void
     end
 
@@ -65,7 +70,7 @@ def parse(file)
                'json'
              else
                @errors << "#{file}: Failed to determine file type"
-               nil
+               return nil
              end
       begin
         return YAML.safe_load(File.read(file)) if type == 'yaml'
@@ -74,7 +79,7 @@ def parse(file)
         @errors << "#{file}: Failed to parse file: #{e.message}"
       end
 
-      {}
+      nil
     end
 
     def files
@@ -252,7 +257,6 @@ def check_remediation(file, check, remediation_section)
 
       if remediation_section.is_a?(Hash)
         remediation_section.each do |section, value|
-          # require 'pry-byebug'; binding.pry if section == 'disabled'
           case section
           when 'scan-false-positive', 'disabled'
             value.each do |reason|
@@ -368,6 +372,36 @@ def check_checks(file, data)
       end
     end
 
+    def profiles
+      return nil unless @data.key?('merged data')
+      return nil unless @data['merged data']['profiles'].is_a?(Hash)
+      return @data['merged data']['profiles'].keys
+    end
+
+    def confines
+      retval = {}
+
+      @data.each do |key, value|
+        next if key == 'merged data'
+        next unless value.is_a?(Hash)
+
+        ['profiles', 'ce', 'checks'].each do |type|
+          next unless value.key?(type)
+          next unless value[type].is_a?(Hash)
+
+          value[type].each do |_k, v|
+            next unless v.is_a?(Hash)
+            retval = retval.merge(v['confine']) if v.key?('confine')
+          end
+        end
+      end
+
+      retval
+    end
+
+    def validate
+    end
+
     def lint(file, data)
       check_version(file, data)
       check_keys(file, data)
@@ -376,6 +410,8 @@ def lint(file, data)
       check_ce(file, data['ce']) if data['ce']
       check_checks(file, data['checks']) if data['checks']
       check_controls(file, data['controls']) if data['controls']
+    rescue => e
+      @errors << "#{file}: #{e.message} (not a hash?)"
     end
   end
 end