inspec-core 3.0.61 → 3.0.64
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +27 -20
- data/Gemfile +0 -5
- data/README.md +2 -3
- data/lib/inspec/version.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +39 -41
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 51b87fd12aaccae196f61c1fe4066fd1b207b9f68139f510a92bf4a5c8ae700b
|
4
|
+
data.tar.gz: 6450a4e5b0e50e14988a6fccfa00fb220ebb179e7d532839d87fcf1e772cfcb3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0e00c26b123e61c4104f57ae4ef87c6909ea8070a325b9ebb5c29c9e2969d9ea46ebae07938f6004b1056e5582bcc985e9c8ce0caa0057721910155b01f48bac
|
7
|
+
data.tar.gz: cd7ab8068c6f18ff97f0d3b798bee1da0bad4bc268fff6a994cb5a607ec73cbf0ee92c025ae12d92d24dbb47b452f24027a03f2c39ced82a427feb32b1fa1578
|
data/CHANGELOG.md
CHANGED
@@ -1,34 +1,42 @@
|
|
1
1
|
# Change Log
|
2
2
|
<!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
|
3
|
-
<!-- latest_release 3.0.
|
4
|
-
## [v3.0.
|
3
|
+
<!-- latest_release 3.0.64 -->
|
4
|
+
## [v3.0.64](https://github.com/inspec/inspec/tree/v3.0.64) (2018-12-06)
|
5
5
|
|
6
|
-
####
|
7
|
-
-
|
6
|
+
#### Enhancements
|
7
|
+
- Update Habitat plugin [#3646](https://github.com/inspec/inspec/pull/3646) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
8
8
|
<!-- latest_release -->
|
9
9
|
|
10
|
-
<!-- release_rollup since=3.0.
|
11
|
-
### Changes since 3.0.
|
10
|
+
<!-- release_rollup since=3.0.61 -->
|
11
|
+
### Changes since 3.0.61 release
|
12
12
|
|
13
|
-
####
|
14
|
-
-
|
13
|
+
#### Enhancements
|
14
|
+
- Update Habitat plugin [#3646](https://github.com/inspec/inspec/pull/3646) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 3.0.64 -->
|
15
|
+
- Remove Habitat package run time dependencies from Habitat plan [#3645](https://github.com/inspec/inspec/pull/3645) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 3.0.63 -->
|
16
|
+
- Further slim the files we ship in the gem artifact [#3647](https://github.com/inspec/inspec/pull/3647) ([tas50](https://github.com/tas50)) <!-- 3.0.62 -->
|
17
|
+
<!-- release_rollup -->
|
15
18
|
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
+
<!-- latest_stable_release -->
|
20
|
+
## [v3.0.61](https://github.com/inspec/inspec/tree/v3.0.61) (2018-11-29)
|
21
|
+
|
22
|
+
#### New Features
|
23
|
+
- Plugin Type: DSLs [#3557](https://github.com/inspec/inspec/pull/3557) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
19
24
|
|
20
25
|
#### Enhancements
|
21
|
-
- filesystem: improve Windows support [#3606](https://github.com/inspec/inspec/pull/3606) ([mhackethal](https://github.com/mhackethal))
|
26
|
+
- filesystem: improve Windows support [#3606](https://github.com/inspec/inspec/pull/3606) ([mhackethal](https://github.com/mhackethal))
|
22
27
|
|
23
|
-
####
|
24
|
-
-
|
25
|
-
-
|
26
|
-
- Revert setting RSpec expectation syntax to 'should' mode [#3620](https://github.com/inspec/inspec/pull/3620) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 3.0.55 -->
|
27
|
-
- Improvements to the functional helper run_inspec_process [#3603](https://github.com/inspec/inspec/pull/3603) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 3.0.54 -->
|
28
|
-
- Create a class to handle the plugins.json file [#3575](https://github.com/inspec/inspec/pull/3575) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 3.0.53 -->
|
29
|
-
<!-- release_rollup -->
|
28
|
+
#### Bug Fixes
|
29
|
+
- www: remove jquery sticky on the sidebar [#3623](https://github.com/inspec/inspec/pull/3623) ([arlimus](https://github.com/arlimus))
|
30
|
+
- package: fix package detection on windows [#3607](https://github.com/inspec/inspec/pull/3607) ([mhackethal](https://github.com/mhackethal))
|
30
31
|
|
32
|
+
#### Merged Pull Requests
|
33
|
+
- Create a class to handle the plugins.json file [#3575](https://github.com/inspec/inspec/pull/3575) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
34
|
+
- Improvements to the functional helper run_inspec_process [#3603](https://github.com/inspec/inspec/pull/3603) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
35
|
+
- Revert setting RSpec expectation syntax to 'should' mode [#3620](https://github.com/inspec/inspec/pull/3620) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
36
|
+
- lc/add-aws-platform-template [#3622](https://github.com/inspec/inspec/pull/3622) ([Caprowni](https://github.com/Caprowni))
|
37
|
+
- Add SQLcl to Oracledb_session Doc [#3632](https://github.com/inspec/inspec/pull/3632) ([ibsavage](https://github.com/ibsavage))
|
31
38
|
<!-- latest_stable_release -->
|
39
|
+
|
32
40
|
## [v3.0.52](https://github.com/inspec/inspec/tree/v3.0.52) (2018-11-15)
|
33
41
|
|
34
42
|
#### Enhancements
|
@@ -40,7 +48,6 @@
|
|
40
48
|
|
41
49
|
#### Merged Pull Requests
|
42
50
|
- Load the compliance plugin when the fetcher is needed [#3609](https://github.com/inspec/inspec/pull/3609) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
43
|
-
<!-- latest_stable_release -->
|
44
51
|
|
45
52
|
## [v3.0.46](https://github.com/inspec/inspec/tree/v3.0.46) (2018-11-08)
|
46
53
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -140,8 +140,7 @@ Currently, this method of installation only supports Linux. See the [Habitat sit
|
|
140
140
|
Download the `hab` binary from the [Habitat](https://www.habitat.sh/docs/get-habitat/) site.
|
141
141
|
|
142
142
|
```bash
|
143
|
-
hab pkg install chef/inspec
|
144
|
-
export PATH="$(hab pkg path core/ruby)/bin:$(hab pkg path chef/inspec)/bin:$PATH"
|
143
|
+
hab pkg install chef/inspec --binlink
|
145
144
|
|
146
145
|
inspec
|
147
146
|
```
|
@@ -452,4 +451,4 @@ Unless required by applicable law or agreed to in writing, software
|
|
452
451
|
distributed under the License is distributed on an "AS IS" BASIS,
|
453
452
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
454
453
|
See the License for the specific language governing permissions and
|
455
|
-
limitations under the License.
|
454
|
+
limitations under the License.
|
data/lib/inspec/version.rb
CHANGED
@@ -51,7 +51,6 @@ module InspecPlugins
|
|
51
51
|
create_habitat_directories(work_dir)
|
52
52
|
create_plan(work_dir)
|
53
53
|
create_run_hook(work_dir)
|
54
|
-
create_settings_file(work_dir)
|
55
54
|
create_default_config(work_dir)
|
56
55
|
|
57
56
|
# returns the path to the .hart file in the work directory
|
@@ -96,7 +95,6 @@ module InspecPlugins
|
|
96
95
|
create_habitat_directories(path)
|
97
96
|
create_plan(path)
|
98
97
|
create_run_hook(path)
|
99
|
-
create_settings_file(path)
|
100
98
|
create_default_config(path)
|
101
99
|
end
|
102
100
|
|
@@ -173,7 +171,6 @@ module InspecPlugins
|
|
173
171
|
def create_habitat_directories(parent_directory)
|
174
172
|
[
|
175
173
|
File.join(parent_directory, 'habitat'),
|
176
|
-
File.join(parent_directory, 'habitat', 'config'),
|
177
174
|
File.join(parent_directory, 'habitat', 'hooks'),
|
178
175
|
].each do |dir|
|
179
176
|
Dir.mkdir(dir) unless Dir.exist?(dir)
|
@@ -207,12 +204,6 @@ module InspecPlugins
|
|
207
204
|
File.write(run_hook_file, run_hook_contents)
|
208
205
|
end
|
209
206
|
|
210
|
-
def create_settings_file(directory)
|
211
|
-
settings_file = File.join(directory, 'habitat', 'config', 'settings.sh')
|
212
|
-
@log.info("Generating a settings file at #{settings_file}...")
|
213
|
-
File.write(settings_file, "SLEEP_TIME={{cfg.sleep_time}}\n")
|
214
|
-
end
|
215
|
-
|
216
207
|
def create_default_config(directory)
|
217
208
|
default_toml = File.join(directory, 'habitat', 'default.toml')
|
218
209
|
@log.info("Generating Habitat's default.toml configuration...")
|
@@ -319,30 +310,37 @@ module InspecPlugins
|
|
319
310
|
pkg_name=#{package_name}
|
320
311
|
pkg_version=#{profile.version}
|
321
312
|
pkg_origin=#{habitat_origin}
|
322
|
-
pkg_deps=(chef/inspec
|
323
|
-
pkg_svc_user=root
|
313
|
+
pkg_deps=(chef/inspec)
|
324
314
|
EOL
|
325
315
|
|
326
316
|
plan += "pkg_license='#{profile.metadata.params[:license]}'\n\n" if profile.metadata.params[:license]
|
327
317
|
|
328
318
|
plan += <<~EOL
|
319
|
+
do_setup_environment() {
|
320
|
+
ARCHIVE_PATH="$HAB_CACHE_SRC_PATH/$pkg_dirname/$pkg_name-$pkg_version.tar.gz"
|
321
|
+
}
|
329
322
|
|
330
323
|
do_build() {
|
331
|
-
|
332
|
-
|
324
|
+
if [ ! -f $PLAN_CONTEXT/../inspec.yml ]; then
|
325
|
+
exit_with 'Cannot find inspec.yml. Please build from profile root.' 1
|
326
|
+
fi
|
333
327
|
|
334
|
-
|
335
|
-
local
|
336
|
-
|
337
|
-
|
338
|
-
|
328
|
+
local profile_files=($(ls $PLAN_CONTEXT/../ -I habitat -I results))
|
329
|
+
local profile_location="$HAB_CACHE_SRC_PATH/$pkg_dirname/build"
|
330
|
+
mkdir -p $profile_location
|
331
|
+
|
332
|
+
build_line "Copying profile files to $profile_location"
|
333
|
+
cp -R ${profile_files[@]} $profile_location
|
339
334
|
|
340
|
-
|
341
|
-
|
342
|
-
|
335
|
+
build_line "Archiving $ARCHIVE_PATH"
|
336
|
+
inspec archive "$HAB_CACHE_SRC_PATH/$pkg_dirname/build" \
|
337
|
+
-o $ARCHIVE_PATH \
|
338
|
+
--overwrite
|
339
|
+
}
|
343
340
|
|
344
|
-
|
345
|
-
|
341
|
+
do_install() {
|
342
|
+
mkdir -p $pkg_prefix/profiles
|
343
|
+
cp $ARCHIVE_PATH $pkg_prefix/profiles
|
346
344
|
}
|
347
345
|
EOL
|
348
346
|
|
@@ -351,41 +349,41 @@ module InspecPlugins
|
|
351
349
|
|
352
350
|
def run_hook_contents
|
353
351
|
<<~EOL
|
354
|
-
|
352
|
+
#!{{pkgPathFor "core/bash"}}/bin/bash
|
355
353
|
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
# avoid doing that for now.
|
354
|
+
# Redirect stderr to stdout
|
355
|
+
# This will be captured by Habitat and viewable via `journalctl`
|
356
|
+
# NOTE: We might want log to "{{pkg.svc_path}}/logs" and handle rotation
|
360
357
|
exec 2>&1
|
361
358
|
|
362
359
|
# InSpec will try to create a .cache directory in the user's home directory
|
363
360
|
# so this needs to be someplace writeable by the hab user
|
364
361
|
export HOME={{pkg.svc_var_path}}
|
365
362
|
|
366
|
-
PROFILE_IDENT="{{pkg.origin}}/{{pkg.name}}"
|
367
363
|
RESULTS_DIR="{{pkg.svc_var_path}}/inspec_results"
|
368
364
|
RESULTS_FILE="${RESULTS_DIR}/{{pkg.name}}.json"
|
369
365
|
|
370
|
-
# Create a directory for
|
371
|
-
mkdir -p
|
366
|
+
# Create a directory for InSpec reporter output
|
367
|
+
mkdir -p $(dirname $RESULTS_FILE)
|
372
368
|
|
373
369
|
while true; do
|
374
|
-
echo "Executing InSpec for
|
375
|
-
inspec exec {{pkg.path}}/
|
370
|
+
echo "Executing InSpec for {{pkg.ident}}"
|
371
|
+
inspec exec "{{pkg.path}}/profiles/*" --reporter=json > ${RESULTS_FILE}
|
376
372
|
|
377
|
-
|
373
|
+
EXIT_STATUS=$?
|
374
|
+
if [ $EXIT_STATUS -eq 0 ]; then
|
378
375
|
echo "InSpec run completed successfully."
|
376
|
+
elif [ $EXIT_STATUS -eq 100 ]; then
|
377
|
+
echo "InSpec run completed successfully, with at least 1 failed test"
|
378
|
+
elif [ $EXIT_STATUS -eq 101 ]; then
|
379
|
+
echo "InSpec run completed successfully, with skipped tests and no failures"
|
379
380
|
else
|
380
|
-
echo "InSpec run did not complete successfully.
|
381
|
-
echo "control failures were detected. Check the InSpec results here for details:"
|
382
|
-
echo ${RESULTS_FILE}
|
383
|
-
echo "Otherwise, troubleshoot any errors shown above."
|
381
|
+
echo "InSpec run did not complete successfully. Exited with status: $?"
|
384
382
|
fi
|
383
|
+
echo "Results located here: ${RESULTS_FILE}"
|
385
384
|
|
386
|
-
|
387
|
-
|
388
|
-
sleep ${SLEEP_TIME}
|
385
|
+
echo "Sleeping for {{cfg.sleep_time}} seconds"
|
386
|
+
sleep {{cfg.sleep_time}}
|
389
387
|
done
|
390
388
|
EOL
|
391
389
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.
|
4
|
+
version: 3.0.64
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-
|
11
|
+
date: 2018-12-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train-core
|