inspec-core 4.18.100 → 4.18.104

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 699f8109813626e556c8f56fe2324ac80e444b62265808cbe37619d3ae5a46b2
-  data.tar.gz: 45f7ade4fe0020e8bec0f7f21bd9819807df1ed48666e65e7ab994e24fe97cb5
+  metadata.gz: 5866bdaba80db3f77d6a3a31af54fcdc6584cb0315093975a90e2a67616b95bd
+  data.tar.gz: a7a84ee7bba5072fc042ea7bd9af8692808e3cc4ae328d182c9af05dd495affd
 SHA512:
-  metadata.gz: b85550dd9d166506cbcda16e776db29edff56cf2f174c91dee528498d6224232dcd8c5d8b11ec8a56252cf40c03ed43205de56d802ea36f6ad8a03740c368826
-  data.tar.gz: a5b46d86ecf6762dd6f2643e67a0dc3274a36c71da4acd81950211ba19ac5f388f7eff2c7b860b65f168299df96d76727a083a0e8d9c50fa1184fb39a221c0a3
+  metadata.gz: 438487cd4e20e19f95c767d5627b246f8db486b9686df766ec1cc17883b93aeffad42e86f7bcdc513ecb6b39fa85c2a1f8d4344f1675b8c3768877204abef000
+  data.tar.gz: 32e554b6063e10342aa64d1f5697cc39b1c1b69f6e8b2af19367595b61fe5ef4c6f0c37d121db9195291430a62782bb52bb643c5275e07bda2f2a52054f8b8e5

data/lib/inspec/plugin/v2/installer.rb

@@ -3,6 +3,7 @@
 require "singleton"
 require "forwardable"
 require "fileutils"
+require "uri"
 
 # Gem extensions for doing unusual things - not loaded by Gem default
 require "rubygems/package"
@@ -56,6 +57,7 @@ module Inspec::Plugin::V2
     # @option opts [String] :gem_file Path to a local gem file to install from
     # @option opts [String] :path Path to a file to be used as the entry point for a path-based plugin
     # @option opts [String] :version Version constraint for remote gem installs
+    # @option opts [String] :source Alternate URL to use instead of rubygems.org
     def install(plugin_name, opts = {})
       # TODO: - check plugins.json for validity before trying anything that needs to modify it.
       validate_installation_opts(plugin_name, opts)
@@ -127,6 +129,11 @@ module Inspec::Plugin::V2
       validate_search_opts(plugin_query, opts)
 
       fetcher = Gem::SpecFetcher.fetcher
+      if opts[:source]
+        source_list = Gem::SourceList.from([opts[:source]])
+        fetcher = Gem::SpecFetcher.new(source_list)
+      end
+
       matched_tuples = []
       if opts[:exact]
         matched_tuples = fetcher.detect(opts[:scope]) { |tuple| tuple.name == plugin_query }
@@ -284,8 +291,22 @@ module Inspec::Plugin::V2
 
     def install_from_remote_gems(requested_plugin_name, opts)
       plugin_dependency = Gem::Dependency.new(requested_plugin_name, opts[:version] || "> 0")
-      # BestSet is rubygems.org API + indexing
-      install_gem_to_plugins_dir(plugin_dependency, [Gem::Resolver::BestSet.new], opts[:update_mode])
+
+      # BestSet is rubygems.org API + indexing, APISet is for custom sources
+      sources = if opts[:source]
+                  Gem::Resolver::APISet.new(URI.join(opts[:source] + "/api/v1/dependencies"))
+                else
+                  Gem::Resolver::BestSet.new
+                end
+
+      begin
+        install_gem_to_plugins_dir(plugin_dependency, [sources], opts[:update_mode])
+      rescue Gem::RemoteFetcher::FetchError => gem_ex
+        # TODO: Give a hint if the host was not resolvable or a 404 occured
+        ex = Inspec::Plugin::V2::InstallError.new(gem_ex.message)
+        ex.plugin_name = requested_plugin_name
+        raise ex
+      end
     end
 
     def install_gem_to_plugins_dir(new_plugin_dependency, # rubocop: disable Metrics/AbcSize

data/lib/inspec/resources/service.rb

@@ -104,6 +104,8 @@ module Inspec::Resources
       os = inspec.os
       platform = os[:name]
 
+      return WindowsSrv.new(inspec) if os.windows?
+
       # Ubuntu
       # @see: https://wiki.ubuntu.com/SystemdForUpstartUsers
       # Ubuntu 15.04 : Systemd
@@ -154,8 +156,6 @@ module Inspec::Resources
         SysV.new(inspec, service_ctl)
       when "mac_os_x"
         LaunchCtl.new(inspec, service_ctl)
-      when "windows"
-        WindowsSrv.new(inspec)
       when "freebsd"
         BSDInit.new(inspec, service_ctl)
       when "arch"

data/lib/inspec/resources/virtualization.rb

@@ -1,9 +1,11 @@
 require "hashie/mash"
+require "inspec/resources/powershell"
 
 module Inspec::Resources
   class Virtualization < Inspec.resource(1)
     name "virtualization"
     supports platform: "unix"
+    supports platform: "windows"
     desc "Use the virtualization InSpec audit resource to test various virtualization platforms."
     example <<~EXAMPLE
       describe virtualization do
@@ -25,7 +27,15 @@ module Inspec::Resources
     def initialize
       # TODO: no need for hashie here... in fact, no reason for a hash at all
       @virtualization_data = Hashie::Mash.new
-      collect_data_linux
+
+      if inspec.os.linux?
+        collect_data_linux
+      elsif inspec.os.windows?
+        collect_data_windows
+      end
+
+      # Allows checking for non-virtualized systems as well
+      @virtualization_data[:physical] = @virtualization_data.empty?
     end
 
     # add helper methods for easy access of properties
@@ -36,6 +46,14 @@ module Inspec::Resources
       end
     end
 
+    def virtual_system?
+      @virtualization_data[:role] == "guest"
+    end
+
+    def physical_system?
+      @virtualization_data[:physical]
+    end
+
     def params
       # TODO: this is broken. cannot return anything but nil
       collect_data_linux
@@ -236,6 +254,39 @@ module Inspec::Resources
       true
     end
 
+    # Detect VMware
+    def detect_vmware
+      return false unless inspec.file("/sys/devices/virtual/dmi/id/product_name").exist?
+
+      product_name = inspec.file("/sys/devices/virtual/dmi/id/product_name").content
+
+      if product_name =~ /^VMware/
+        @virtualization_data[:system] = "vmware"
+        @virtualization_data[:role] = "guest"
+      else
+        return false
+      end
+
+      true
+    end
+
+    # Detect Hyper-V
+    # @see https://gallery.technet.microsoft.com/scriptcenter/Get-MachineType-VM-or-ff43f3a9
+    def detect_hyperv
+      return false unless inspec.file("/sys/devices/virtual/dmi/id/product_name").exist?
+
+      product_name = inspec.file("/sys/devices/virtual/dmi/id/product_name").content
+
+      if product_name.rstrip == "Virtual Machine"
+        @virtualization_data[:system] = "hyper-v"
+        @virtualization_data[:role] = "guest"
+      else
+        return false
+      end
+
+      true
+    end
+
     def collect_data_linux
       # This avoids doing multiple detections in a single test
       return unless @virtualization_data.empty?
@@ -253,7 +304,40 @@ module Inspec::Resources
       return if detect_openvz
       return if detect_openstack
       return if detect_parallels
-      # TODO: where is vmware?
+      return if detect_vmware
+      return if detect_hyperv
+    end
+
+    def windows_computer_system
+      script = "Get-WmiObject -Class Win32_ComputerSystem -ErrorAction Stop | ConvertTo-Json"
+      cmd = inspec.powershell(script)
+
+      JSON.parse(cmd.stdout)
+    rescue JSON::ParserError => _e
+      nil
+    end
+
+    def collect_data_windows
+      # This avoids doing multiple detections in a single test
+      return unless @virtualization_data.empty?
+
+      case windows_computer_system["Model"]
+      when "Virtual Machine"
+        @virtualization_data[:system] = "hyper-v"
+      when /^VMware/
+        @virtualization_data[:system] = "vmware"
+      when "VirtualBox"
+        @virtualization_data[:system] = "virtualbox"
+      end
+
+      case windows_computer_system[:manufacturer]
+      when "Xen"
+        @virtualization_data[:system] = "xen"
+      when "QEMU"
+        @virtualization_data[:system] = "kvm"
+      end
+
+      @virtualization_data[:role] = "guest" if @virtualization_data[:system]
     end
   end
 end

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.18.100".freeze
+  VERSION = "4.18.104".freeze
 end

data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb

@@ -60,18 +60,19 @@ module InspecPlugins
       #                        inspec plugin search
       #==================================================================#
 
-      desc "search [options] PATTERN", "Searches rubygems.org for plugins."
+      desc "search [options] PATTERN", "Searches for plugins."
       long_desc <<~EOLD
-        Searches rubygems.org for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
+        Searches rubygems.org or alternate source for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
         2 on a search miss. PATTERN is a simple string; a wildcard will be added as
         a suffix, unless -e is used.
       EOLD
       option :all, desc: "List all available versions, not just the latest one.", type: :boolean, aliases: [:a]
       option :exact, desc: "Assume PATTERN is exact; do not add a wildcard to the end", type: :boolean, aliases: [:e]
       option :'include-test-fixture', type: :boolean, desc: "Internal use", hide: true
+      option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
       # Justification for disabling ABC: currently at 33.51/33
       def search(search_term) # rubocop: disable Metrics/AbcSize
-        search_results = installer.search(search_term, exact: options[:exact])
+        search_results = installer.search(search_term, exact: options[:exact], source: options[:source])
         # The search results have already been filtered by the reject list.  But the
         # RejectList doesn't filter {inspec, train}-test-fixture because we need those
         # for testing.  We want to hide those from users, so unless we know we're in
@@ -102,9 +103,9 @@ module InspecPlugins
       #==================================================================#
       #                       inspec plugin install
       #==================================================================#
-      desc "install [-v VERSION] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
+      desc "install [options] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
       long_desc <<~EOLD
-        PLUGIN may be the name of a gem on rubygems.org that begins with inspec- or train-.
+        PLUGIN may be the name of a gem on rubygems.org (or an alternate source) that begins with `inspec-` or `train-`.
         PLUGIN may also be the path to a local gemfile, which will then be installed like
         any other gem.  Finally, if PLUGIN is a path ending in .rb, it is taken to be a
         local file that will act as athe entry point for a plugin (this mode is provided
@@ -112,6 +113,7 @@ module InspecPlugins
         already installed, and 1 if any other error occurs.
       EOLD
       option :version, desc: "When installing from rubygems.org, specifies a specific version to install.", aliases: [:v]
+      option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
       def install(plugin_id_arg)
         if plugin_id_arg =~ /\.gem$/ # Does it end in .gem?
           install_from_gemfile(plugin_id_arg)
@@ -407,7 +409,7 @@ module InspecPlugins
 
       # Rationale for RuboCop variance: This is a one-line method with heavy UX-focused error handling.
       def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
-        installer.install(plugin_name, version: options[:version])
+        installer.install(plugin_name, version: options[:version], source: options[:source])
       rescue Inspec::Plugin::V2::PluginExcludedError => ex
         ui.red("Plugin on Exclusion List - #{plugin_name} is listed as an " \
                "incompatible gem - refusing to install.\n")
@@ -422,12 +424,13 @@ module InspecPlugins
         raise if Inspec::Log.level == :debug
 
         results = installer.search(plugin_name, exact: true)
+        source_host = URI(options[:source] || "https://rubygems.org/").host
         if results.empty?
           ui.red("No such plugin gem #{plugin_name} could be found on " \
-                 "rubygems.org - installation failed.\n")
+                 "#{source_host} - installation failed.\n")
         elsif options[:version] && !results[plugin_name].include?(options[:version])
           ui.red("No such version - #{plugin_name} exists, but no such " \
-                 "version #{options[:version]} found on rubygems.org - " \
+                 "version #{options[:version]} found on #{source_host} - " \
                  "installation failed.\n")
         else
           ui.red("Unknown error occured - installation failed.\n")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 4.18.100
+  version: 4.18.104
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-03 00:00:00.000000000 Z
+date: 2020-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry