inspec-core 4.18.100 → 4.18.104

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 699f8109813626e556c8f56fe2324ac80e444b62265808cbe37619d3ae5a46b2
4
- data.tar.gz: 45f7ade4fe0020e8bec0f7f21bd9819807df1ed48666e65e7ab994e24fe97cb5
3
+ metadata.gz: 5866bdaba80db3f77d6a3a31af54fcdc6584cb0315093975a90e2a67616b95bd
4
+ data.tar.gz: a7a84ee7bba5072fc042ea7bd9af8692808e3cc4ae328d182c9af05dd495affd
5
5
  SHA512:
6
- metadata.gz: b85550dd9d166506cbcda16e776db29edff56cf2f174c91dee528498d6224232dcd8c5d8b11ec8a56252cf40c03ed43205de56d802ea36f6ad8a03740c368826
7
- data.tar.gz: a5b46d86ecf6762dd6f2643e67a0dc3274a36c71da4acd81950211ba19ac5f388f7eff2c7b860b65f168299df96d76727a083a0e8d9c50fa1184fb39a221c0a3
6
+ metadata.gz: 438487cd4e20e19f95c767d5627b246f8db486b9686df766ec1cc17883b93aeffad42e86f7bcdc513ecb6b39fa85c2a1f8d4344f1675b8c3768877204abef000
7
+ data.tar.gz: 32e554b6063e10342aa64d1f5697cc39b1c1b69f6e8b2af19367595b61fe5ef4c6f0c37d121db9195291430a62782bb52bb643c5275e07bda2f2a52054f8b8e5
@@ -3,6 +3,7 @@
3
3
  require "singleton"
4
4
  require "forwardable"
5
5
  require "fileutils"
6
+ require "uri"
6
7
 
7
8
  # Gem extensions for doing unusual things - not loaded by Gem default
8
9
  require "rubygems/package"
@@ -56,6 +57,7 @@ module Inspec::Plugin::V2
56
57
  # @option opts [String] :gem_file Path to a local gem file to install from
57
58
  # @option opts [String] :path Path to a file to be used as the entry point for a path-based plugin
58
59
  # @option opts [String] :version Version constraint for remote gem installs
60
+ # @option opts [String] :source Alternate URL to use instead of rubygems.org
59
61
  def install(plugin_name, opts = {})
60
62
  # TODO: - check plugins.json for validity before trying anything that needs to modify it.
61
63
  validate_installation_opts(plugin_name, opts)
@@ -127,6 +129,11 @@ module Inspec::Plugin::V2
127
129
  validate_search_opts(plugin_query, opts)
128
130
 
129
131
  fetcher = Gem::SpecFetcher.fetcher
132
+ if opts[:source]
133
+ source_list = Gem::SourceList.from([opts[:source]])
134
+ fetcher = Gem::SpecFetcher.new(source_list)
135
+ end
136
+
130
137
  matched_tuples = []
131
138
  if opts[:exact]
132
139
  matched_tuples = fetcher.detect(opts[:scope]) { |tuple| tuple.name == plugin_query }
@@ -284,8 +291,22 @@ module Inspec::Plugin::V2
284
291
 
285
292
  def install_from_remote_gems(requested_plugin_name, opts)
286
293
  plugin_dependency = Gem::Dependency.new(requested_plugin_name, opts[:version] || "> 0")
287
- # BestSet is rubygems.org API + indexing
288
- install_gem_to_plugins_dir(plugin_dependency, [Gem::Resolver::BestSet.new], opts[:update_mode])
294
+
295
+ # BestSet is rubygems.org API + indexing, APISet is for custom sources
296
+ sources = if opts[:source]
297
+ Gem::Resolver::APISet.new(URI.join(opts[:source] + "/api/v1/dependencies"))
298
+ else
299
+ Gem::Resolver::BestSet.new
300
+ end
301
+
302
+ begin
303
+ install_gem_to_plugins_dir(plugin_dependency, [sources], opts[:update_mode])
304
+ rescue Gem::RemoteFetcher::FetchError => gem_ex
305
+ # TODO: Give a hint if the host was not resolvable or a 404 occured
306
+ ex = Inspec::Plugin::V2::InstallError.new(gem_ex.message)
307
+ ex.plugin_name = requested_plugin_name
308
+ raise ex
309
+ end
289
310
  end
290
311
 
291
312
  def install_gem_to_plugins_dir(new_plugin_dependency, # rubocop: disable Metrics/AbcSize
@@ -104,6 +104,8 @@ module Inspec::Resources
104
104
  os = inspec.os
105
105
  platform = os[:name]
106
106
 
107
+ return WindowsSrv.new(inspec) if os.windows?
108
+
107
109
  # Ubuntu
108
110
  # @see: https://wiki.ubuntu.com/SystemdForUpstartUsers
109
111
  # Ubuntu 15.04 : Systemd
@@ -154,8 +156,6 @@ module Inspec::Resources
154
156
  SysV.new(inspec, service_ctl)
155
157
  when "mac_os_x"
156
158
  LaunchCtl.new(inspec, service_ctl)
157
- when "windows"
158
- WindowsSrv.new(inspec)
159
159
  when "freebsd"
160
160
  BSDInit.new(inspec, service_ctl)
161
161
  when "arch"
@@ -1,9 +1,11 @@
1
1
  require "hashie/mash"
2
+ require "inspec/resources/powershell"
2
3
 
3
4
  module Inspec::Resources
4
5
  class Virtualization < Inspec.resource(1)
5
6
  name "virtualization"
6
7
  supports platform: "unix"
8
+ supports platform: "windows"
7
9
  desc "Use the virtualization InSpec audit resource to test various virtualization platforms."
8
10
  example <<~EXAMPLE
9
11
  describe virtualization do
@@ -25,7 +27,15 @@ module Inspec::Resources
25
27
  def initialize
26
28
  # TODO: no need for hashie here... in fact, no reason for a hash at all
27
29
  @virtualization_data = Hashie::Mash.new
28
- collect_data_linux
30
+
31
+ if inspec.os.linux?
32
+ collect_data_linux
33
+ elsif inspec.os.windows?
34
+ collect_data_windows
35
+ end
36
+
37
+ # Allows checking for non-virtualized systems as well
38
+ @virtualization_data[:physical] = @virtualization_data.empty?
29
39
  end
30
40
 
31
41
  # add helper methods for easy access of properties
@@ -36,6 +46,14 @@ module Inspec::Resources
36
46
  end
37
47
  end
38
48
 
49
+ def virtual_system?
50
+ @virtualization_data[:role] == "guest"
51
+ end
52
+
53
+ def physical_system?
54
+ @virtualization_data[:physical]
55
+ end
56
+
39
57
  def params
40
58
  # TODO: this is broken. cannot return anything but nil
41
59
  collect_data_linux
@@ -236,6 +254,39 @@ module Inspec::Resources
236
254
  true
237
255
  end
238
256
 
257
+ # Detect VMware
258
+ def detect_vmware
259
+ return false unless inspec.file("/sys/devices/virtual/dmi/id/product_name").exist?
260
+
261
+ product_name = inspec.file("/sys/devices/virtual/dmi/id/product_name").content
262
+
263
+ if product_name =~ /^VMware/
264
+ @virtualization_data[:system] = "vmware"
265
+ @virtualization_data[:role] = "guest"
266
+ else
267
+ return false
268
+ end
269
+
270
+ true
271
+ end
272
+
273
+ # Detect Hyper-V
274
+ # @see https://gallery.technet.microsoft.com/scriptcenter/Get-MachineType-VM-or-ff43f3a9
275
+ def detect_hyperv
276
+ return false unless inspec.file("/sys/devices/virtual/dmi/id/product_name").exist?
277
+
278
+ product_name = inspec.file("/sys/devices/virtual/dmi/id/product_name").content
279
+
280
+ if product_name.rstrip == "Virtual Machine"
281
+ @virtualization_data[:system] = "hyper-v"
282
+ @virtualization_data[:role] = "guest"
283
+ else
284
+ return false
285
+ end
286
+
287
+ true
288
+ end
289
+
239
290
  def collect_data_linux
240
291
  # This avoids doing multiple detections in a single test
241
292
  return unless @virtualization_data.empty?
@@ -253,7 +304,40 @@ module Inspec::Resources
253
304
  return if detect_openvz
254
305
  return if detect_openstack
255
306
  return if detect_parallels
256
- # TODO: where is vmware?
307
+ return if detect_vmware
308
+ return if detect_hyperv
309
+ end
310
+
311
+ def windows_computer_system
312
+ script = "Get-WmiObject -Class Win32_ComputerSystem -ErrorAction Stop | ConvertTo-Json"
313
+ cmd = inspec.powershell(script)
314
+
315
+ JSON.parse(cmd.stdout)
316
+ rescue JSON::ParserError => _e
317
+ nil
318
+ end
319
+
320
+ def collect_data_windows
321
+ # This avoids doing multiple detections in a single test
322
+ return unless @virtualization_data.empty?
323
+
324
+ case windows_computer_system["Model"]
325
+ when "Virtual Machine"
326
+ @virtualization_data[:system] = "hyper-v"
327
+ when /^VMware/
328
+ @virtualization_data[:system] = "vmware"
329
+ when "VirtualBox"
330
+ @virtualization_data[:system] = "virtualbox"
331
+ end
332
+
333
+ case windows_computer_system[:manufacturer]
334
+ when "Xen"
335
+ @virtualization_data[:system] = "xen"
336
+ when "QEMU"
337
+ @virtualization_data[:system] = "kvm"
338
+ end
339
+
340
+ @virtualization_data[:role] = "guest" if @virtualization_data[:system]
257
341
  end
258
342
  end
259
343
  end
@@ -1,3 +1,3 @@
1
1
  module Inspec
2
- VERSION = "4.18.100".freeze
2
+ VERSION = "4.18.104".freeze
3
3
  end
@@ -60,18 +60,19 @@ module InspecPlugins
60
60
  # inspec plugin search
61
61
  #==================================================================#
62
62
 
63
- desc "search [options] PATTERN", "Searches rubygems.org for plugins."
63
+ desc "search [options] PATTERN", "Searches for plugins."
64
64
  long_desc <<~EOLD
65
- Searches rubygems.org for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
65
+ Searches rubygems.org or alternate source for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
66
66
  2 on a search miss. PATTERN is a simple string; a wildcard will be added as
67
67
  a suffix, unless -e is used.
68
68
  EOLD
69
69
  option :all, desc: "List all available versions, not just the latest one.", type: :boolean, aliases: [:a]
70
70
  option :exact, desc: "Assume PATTERN is exact; do not add a wildcard to the end", type: :boolean, aliases: [:e]
71
71
  option :'include-test-fixture', type: :boolean, desc: "Internal use", hide: true
72
+ option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
72
73
  # Justification for disabling ABC: currently at 33.51/33
73
74
  def search(search_term) # rubocop: disable Metrics/AbcSize
74
- search_results = installer.search(search_term, exact: options[:exact])
75
+ search_results = installer.search(search_term, exact: options[:exact], source: options[:source])
75
76
  # The search results have already been filtered by the reject list. But the
76
77
  # RejectList doesn't filter {inspec, train}-test-fixture because we need those
77
78
  # for testing. We want to hide those from users, so unless we know we're in
@@ -102,9 +103,9 @@ module InspecPlugins
102
103
  #==================================================================#
103
104
  # inspec plugin install
104
105
  #==================================================================#
105
- desc "install [-v VERSION] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
106
+ desc "install [options] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
106
107
  long_desc <<~EOLD
107
- PLUGIN may be the name of a gem on rubygems.org that begins with inspec- or train-.
108
+ PLUGIN may be the name of a gem on rubygems.org (or an alternate source) that begins with `inspec-` or `train-`.
108
109
  PLUGIN may also be the path to a local gemfile, which will then be installed like
109
110
  any other gem. Finally, if PLUGIN is a path ending in .rb, it is taken to be a
110
111
  local file that will act as athe entry point for a plugin (this mode is provided
@@ -112,6 +113,7 @@ module InspecPlugins
112
113
  already installed, and 1 if any other error occurs.
113
114
  EOLD
114
115
  option :version, desc: "When installing from rubygems.org, specifies a specific version to install.", aliases: [:v]
116
+ option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
115
117
  def install(plugin_id_arg)
116
118
  if plugin_id_arg =~ /\.gem$/ # Does it end in .gem?
117
119
  install_from_gemfile(plugin_id_arg)
@@ -407,7 +409,7 @@ module InspecPlugins
407
409
 
408
410
  # Rationale for RuboCop variance: This is a one-line method with heavy UX-focused error handling.
409
411
  def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
410
- installer.install(plugin_name, version: options[:version])
412
+ installer.install(plugin_name, version: options[:version], source: options[:source])
411
413
  rescue Inspec::Plugin::V2::PluginExcludedError => ex
412
414
  ui.red("Plugin on Exclusion List - #{plugin_name} is listed as an " \
413
415
  "incompatible gem - refusing to install.\n")
@@ -422,12 +424,13 @@ module InspecPlugins
422
424
  raise if Inspec::Log.level == :debug
423
425
 
424
426
  results = installer.search(plugin_name, exact: true)
427
+ source_host = URI(options[:source] || "https://rubygems.org/").host
425
428
  if results.empty?
426
429
  ui.red("No such plugin gem #{plugin_name} could be found on " \
427
- "rubygems.org - installation failed.\n")
430
+ "#{source_host} - installation failed.\n")
428
431
  elsif options[:version] && !results[plugin_name].include?(options[:version])
429
432
  ui.red("No such version - #{plugin_name} exists, but no such " \
430
- "version #{options[:version]} found on rubygems.org - " \
433
+ "version #{options[:version]} found on #{source_host} - " \
431
434
  "installation failed.\n")
432
435
  else
433
436
  ui.red("Unknown error occured - installation failed.\n")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.18.100
4
+ version: 4.18.104
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chef InSpec Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-03-03 00:00:00.000000000 Z
11
+ date: 2020-04-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-telemetry