inspec-core 4.18.100 → 4.19.0

data/lib/inspec/run_data/statistics.rb

@@ -0,0 +1,36 @@
+module Inspec
+  class RunData
+    # {:duration=>0.018407, :controls=>{:total=>3, :passed=>{:total=>3}, :skipped=>{:total=>0}, :failed=>{:total=>0}}}
+    Statistics = Struct.new(
+      :duration,
+      :controls
+    ) do
+      include HashLikeStruct
+      def initialize(raw_stat_data)
+        self.controls = Inspec::RunData::Statistics::Controls.new(raw_stat_data[:controls])
+        self.duration = raw_stat_data[:duration]
+      end
+    end
+    class Statistics
+      Controls = Struct.new(
+        :total,
+        :passed,
+        :skipped,
+        :failed
+      ) do
+        include HashLikeStruct
+        def initialize(raw_stat_ctl_data)
+          self.total = raw_stat_ctl_data[:total]
+          self.passed = Inspec::RunData::Statistics::Controls::Total.new(raw_stat_ctl_data[:passed][:total])
+          self.skipped = Inspec::RunData::Statistics::Controls::Total.new(raw_stat_ctl_data[:skipped][:total])
+          self.failed = Inspec::RunData::Statistics::Controls::Total.new(raw_stat_ctl_data[:failed][:total])
+        end
+      end
+      class Controls
+        Total = Struct.new(:total) do
+          include HashLikeStruct
+        end
+      end
+    end
+  end
+end

data/lib/inspec/shell.rb

@@ -36,8 +36,13 @@ module Inspec
       end
 
       # configure pry shell prompt
-      Pry.config.prompt_name = "inspec"
-      Pry.prompt = [proc { "#{readline_ignore("\e[1m\e[32m")}#{Pry.config.prompt_name}> #{readline_ignore("\e[0m")}" }]
+      Pry::Prompt.add(
+        :inspec,
+        "inspec custom prompt"
+      ) do |_context, _nesting, _pry_instance, _sep|
+        "#{readline_ignore("\e[1m\e[32m")}inspec> #{readline_ignore("\e[0m")}"
+      end
+      Pry.config.prompt = Pry::Prompt[:inspec]
 
       # Add a help menu as the default intro
       Pry.hooks.add_hook(:before_session, "inspec_intro") do
@@ -64,7 +69,7 @@ module Inspec
 
         pry.pager.open do |pager|
           pager.print pry.config.output_prefix
-          Pry::ColorPrinter.pp(value, pager, Pry::Terminal.width! - 1)
+          Pry::ColorPrinter.pp(value, pager, Pry::Output.new(pry).width - 1)
         end
       end
     end

data/lib/inspec/utils/json_profile_summary.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module Inspec
+  module Utils
+    #
+    # Inspec::Utils::JsonProfileSummary takes in certain information to identify a
+    # profile and then produces a JSON-formatted summary of that profile. It can
+    # return the results to STDOUT or a file. It is currently used in several
+    # places in the CLI such as `json`, `archive` and `artifact`.
+    #
+    #
+    module JsonProfileSummary
+      def self.produce_json(info:, write_path: "", suppress_output: false)
+        # add in inspec version
+        info[:generator] = {
+          name: "inspec",
+          version: Inspec::VERSION,
+        }
+        if write_path.empty?
+          puts JSON.dump(info)
+        else
+          unless suppress_output
+            if File.exist? write_path
+              Inspec::Log.info "----> updating #{write_path}"
+            else
+              Inspec::Log.info "----> creating #{write_path}"
+            end
+          end
+          full_write_path = File.expand_path(write_path)
+          File.write(full_write_path, JSON.dump(info))
+        end
+      end
+    end
+  end
+end

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.18.100".freeze
+  VERSION = "4.19.0".freeze
 end

data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb

@@ -5,6 +5,7 @@ require "set"
 require "tempfile"
 require "yaml"
 require "inspec/dist"
+require "inspec/utils/json_profile_summary"
 
 module InspecPlugins
   module Artifact
@@ -40,9 +41,13 @@ module InspecPlugins
 
       def self.profile_sign(options)
         artifact = new
+        path_to_profile = options["profile"]
+
+        # Write inspec.json file within artifact
+        write_inspec_json(path_to_profile, options)
+
         Dir.mktmpdir do |workdir|
           puts "Signing #{options["profile"]} with key #{options["keyname"]}"
-          path_to_profile = options["profile"]
           profile_md = artifact.read_profile_metadata(path_to_profile)
           artifact_filename = "#{profile_md["name"]}-#{profile_md["version"]}.#{SIGNED_PROFILE_SUFFIX}"
           tarfile = artifact.profile_compress(path_to_profile, profile_md, workdir)
@@ -63,6 +68,9 @@ module InspecPlugins
           end
           puts "Successfully generated #{artifact_filename}"
         end
+
+        # Cleanup
+        File.delete("#{path_to_profile}/inspec.json")
       end
 
       def self.profile_verify(options)
@@ -165,6 +173,15 @@ module InspecPlugins
           raise "Artifact is invalid"
         end
       end
+
+      def self.write_inspec_json(root_path, opts)
+        profile = Inspec::Profile.for_path(root_path, opts)
+        Inspec::Utils::JsonProfileSummary.produce_json(
+          info: profile.info,
+          write_path: "#{root_path}/inspec.json",
+          suppress_output: true
+        )
+      end
     end
   end
 end

data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb

@@ -302,6 +302,10 @@ module InspecPlugins
           )
           true
         else
+          Inspec::Log.debug(
+            "Received #{response.code} from #{url}#{automate_endpoint} - " \
+            "assuming target is not an #{AUTOMATE_PRODUCT_NAME}2 instance"
+          )
           false
         end
       end

data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb

@@ -41,8 +41,9 @@ module InspecPlugins
           templates_path: TEMPLATES_PATH,
           overwrite: options[:overwrite],
           file_rename_map: make_rename_map(plugin_type, plugin_name, snake_case),
-          skip_files: make_skip_list,
+          skip_files: make_skip_list(template_vars["hooks"].keys),
         }
+
         renderer = InspecPlugins::Init::Renderer.new(ui, render_opts)
 
         renderer.render_with_values(template_path, plugin_type + " plugin", template_vars)
@@ -72,6 +73,7 @@ module InspecPlugins
           File.join("lib", "inspec-plugin-template") => File.join("lib", plugin_name),
           File.join("lib", "inspec-plugin-template.rb") => File.join("lib", plugin_name + ".rb"),
           File.join("lib", "inspec-plugin-template", "cli_command.rb") => File.join("lib", plugin_name, "cli_command.rb"),
+          File.join("lib", "inspec-plugin-template", "reporter.rb") => File.join("lib", plugin_name, "reporter.rb"),
           File.join("lib", "inspec-plugin-template", "plugin.rb") => File.join("lib", plugin_name, "plugin.rb"),
           File.join("lib", "inspec-plugin-template", "version.rb") => File.join("lib", plugin_name, "version.rb"),
           File.join("test", "functional", "inspec_plugin_template_test.rb") => File.join("test", "functional", snake_case + "_test.rb"),
@@ -168,6 +170,9 @@ module InspecPlugins
         if hooks_by_type.key?(:cli_command)
           vars[:command_name_dashes] = hooks_by_type[:cli_command].tr("_", "-")
           vars[:command_name_snake] = hooks_by_type[:cli_command].tr("-", "_")
+        elsif hooks_by_type.key?(:reporter)
+          vars[:reporter_name_dashes] = hooks_by_type[:reporter].tr("_", "-")
+          vars[:reporter_name_snake] = hooks_by_type[:reporter].tr("-", "_")
         end
         vars
       end
@@ -205,19 +210,20 @@ module InspecPlugins
         end
       end
 
-      def make_skip_list
+      def make_skip_list(requested_hooks)
+        skips = []
         case options[:detail]
-        when "full"
-          []
+        when "full" # rubocop: disable Lint/EmptyWhen
+          # Do nothing but allow this case for validation
         when "core"
-          [
+          skips += [
             "Gemfile",
             "inspec-plugin-template.gemspec",
             "LICENSE",
             "Rakefile",
           ]
         when "test-fixture"
-          [
+          skips += [
             "Gemfile",
             "inspec-plugin-template.gemspec",
             "LICENSE",
@@ -237,6 +243,22 @@ module InspecPlugins
           ui.error "Unrecognized value for 'detail': #{options[:detail]} - expected one of full, core, test-fixture"
           ui.exit(:usage_error)
         end
+
+        # Remove hook-specific files
+        unless requested_hooks.include?(:cli_command)
+          skips += [
+            File.join("lib", "inspec-plugin-template", "cli_command.rb"),
+            File.join("test", "unit", "cli_args_test.rb"),
+            File.join("test", "functional", "inspec_plugin_template_test.rb"),
+          ]
+        end
+        unless requested_hooks.include?(:reporter)
+          skips += [
+            File.join("lib", "inspec-plugin-template", "reporter.rb"),
+          ]
+        end
+
+        skips.uniq
       end
     end
   end

data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb

@@ -28,6 +28,7 @@ module InspecPlugins
       # Internal machine name of the plugin. InSpec will use this in errors, etc.
       plugin_name :'<%= plugin_name %>'
 
+      <% if hooks[:cli_command] %>
       # Define a new CLI subcommand.
       # The argument here will be used to match against the command line args,
       # and if the user said `inspec list-resources`, this hook will get called.
@@ -48,6 +49,23 @@ module InspecPlugins
         # CLI engine tap into it.
         InspecPlugins::<%= module_name %>::CliCommand
       end
+      <% end %>
+
+      <% if hooks[:reporter] %>
+      # Define a new Reporter.
+      # The argument here will be used to match against the CLI --reporter option.
+      # `--reporter <%= reporter_name_snake %>` will load your reporter and call its renderer.
+      reporter :<%= reporter_name_snake %> do
+        # Calling this hook doesn't mean the reporter is being executed - just
+        # that we should be ready to do so. So, load the file that defines the
+        # functionality.
+        require '<%= plugin_name %>/reporter'
+
+        # Having loaded our functionality, return a class that will let the
+        # reporting engine tap into it.
+        InspecPlugins::<%= module_name %>::Reporter
+      end
+      <% end %>
     end
   end
 end

data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/reporter.rb

@@ -0,0 +1,27 @@
+module InspecPlugins::<%= module_name %>
+  # This class will provide the actual Reporter implementation.
+  # Its superclass is provided by another call to Inspec.plugin,
+  # this time with two args.  The first arg specifies we are requesting
+  # version 2 of the Plugins API.  The second says we are making a
+  # Reporter plugin component, so please make available any DSL needed
+  # for that.
+
+  class Reporter < Inspec.plugin(2, :reporter)
+
+    # All a Reporter *must* do is define a render() method that calls
+    # output(). You should access the run_data accessor to read off the
+    # results of the run.
+    def render
+      # There is much more to explore in the run_data structure!
+      run_data[:profiles].each do |profile|
+        output(profile[:title])
+        profile[:controls].each do |control|
+          output(control[:title])
+          control[:results].each do |test|
+            output(test[:status])
+          end
+        end
+      end
+    end
+  end
+end

data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb

@@ -60,18 +60,19 @@ module InspecPlugins
       #                        inspec plugin search
       #==================================================================#
 
-      desc "search [options] PATTERN", "Searches rubygems.org for plugins."
+      desc "search [options] PATTERN", "Searches for plugins."
       long_desc <<~EOLD
-        Searches rubygems.org for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
+        Searches rubygems.org or alternate source for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
         2 on a search miss. PATTERN is a simple string; a wildcard will be added as
         a suffix, unless -e is used.
       EOLD
       option :all, desc: "List all available versions, not just the latest one.", type: :boolean, aliases: [:a]
       option :exact, desc: "Assume PATTERN is exact; do not add a wildcard to the end", type: :boolean, aliases: [:e]
       option :'include-test-fixture', type: :boolean, desc: "Internal use", hide: true
+      option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
       # Justification for disabling ABC: currently at 33.51/33
       def search(search_term) # rubocop: disable Metrics/AbcSize
-        search_results = installer.search(search_term, exact: options[:exact])
+        search_results = installer.search(search_term, exact: options[:exact], source: options[:source])
         # The search results have already been filtered by the reject list.  But the
         # RejectList doesn't filter {inspec, train}-test-fixture because we need those
         # for testing.  We want to hide those from users, so unless we know we're in
@@ -102,9 +103,9 @@ module InspecPlugins
       #==================================================================#
       #                       inspec plugin install
       #==================================================================#
-      desc "install [-v VERSION] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
+      desc "install [options] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
       long_desc <<~EOLD
-        PLUGIN may be the name of a gem on rubygems.org that begins with inspec- or train-.
+        PLUGIN may be the name of a gem on rubygems.org (or an alternate source) that begins with `inspec-` or `train-`.
         PLUGIN may also be the path to a local gemfile, which will then be installed like
         any other gem.  Finally, if PLUGIN is a path ending in .rb, it is taken to be a
         local file that will act as athe entry point for a plugin (this mode is provided
@@ -112,6 +113,7 @@ module InspecPlugins
         already installed, and 1 if any other error occurs.
       EOLD
       option :version, desc: "When installing from rubygems.org, specifies a specific version to install.", aliases: [:v]
+      option :source, type: :string, desc: "URL of repository, defaults to https://rubygems.org", aliases: [:s]
       def install(plugin_id_arg)
         if plugin_id_arg =~ /\.gem$/ # Does it end in .gem?
           install_from_gemfile(plugin_id_arg)
@@ -407,7 +409,7 @@ module InspecPlugins
 
       # Rationale for RuboCop variance: This is a one-line method with heavy UX-focused error handling.
       def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
-        installer.install(plugin_name, version: options[:version])
+        installer.install(plugin_name, version: options[:version], source: options[:source])
       rescue Inspec::Plugin::V2::PluginExcludedError => ex
         ui.red("Plugin on Exclusion List - #{plugin_name} is listed as an " \
                "incompatible gem - refusing to install.\n")
@@ -422,12 +424,13 @@ module InspecPlugins
         raise if Inspec::Log.level == :debug
 
         results = installer.search(plugin_name, exact: true)
+        source_host = URI(options[:source] || "https://rubygems.org/").host
         if results.empty?
           ui.red("No such plugin gem #{plugin_name} could be found on " \
-                 "rubygems.org - installation failed.\n")
+                 "#{source_host} - installation failed.\n")
         elsif options[:version] && !results[plugin_name].include?(options[:version])
           ui.red("No such version - #{plugin_name} exists, but no such " \
-                 "version #{options[:version]} found on rubygems.org - " \
+                 "version #{options[:version]} found on #{source_host} - " \
                  "installation failed.\n")
         else
           ui.red("Unknown error occured - installation failed.\n")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 4.18.100
+  version: 4.19.0
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-03 00:00:00.000000000 Z
+date: 2020-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry
@@ -82,16 +82,22 @@ dependencies:
   name: method_source
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.8'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.8'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -146,14 +152,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: hashie
   requirement: !ruby/object:Gem::Requirement
@@ -465,6 +471,7 @@ files:
 - lib/inspec/plugin/v2/plugin_types/dsl.rb
 - lib/inspec/plugin/v2/plugin_types/input.rb
 - lib/inspec/plugin/v2/plugin_types/mock.rb
+- lib/inspec/plugin/v2/plugin_types/reporter.rb
 - lib/inspec/plugin/v2/registry.rb
 - lib/inspec/plugin/v2/status.rb
 - lib/inspec/profile.rb
@@ -607,6 +614,11 @@ files:
 - lib/inspec/resources/zfs_pool.rb
 - lib/inspec/rspec_extensions.rb
 - lib/inspec/rule.rb
+- lib/inspec/run_data.rb
+- lib/inspec/run_data/control.rb
+- lib/inspec/run_data/profile.rb
+- lib/inspec/run_data/result.rb
+- lib/inspec/run_data/statistics.rb
 - lib/inspec/runner.rb
 - lib/inspec/runner_mock.rb
 - lib/inspec/runner_rspec.rb
@@ -642,6 +654,7 @@ files:
 - lib/inspec/utils/hash.rb
 - lib/inspec/utils/install_context.rb
 - lib/inspec/utils/json_log.rb
+- lib/inspec/utils/json_profile_summary.rb
 - lib/inspec/utils/modulator.rb
 - lib/inspec/utils/nginx_parser.rb
 - lib/inspec/utils/object_traversal.rb
@@ -691,6 +704,7 @@ files:
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb
+- lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/reporter.rb
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb
 - lib/plugins/inspec-init/templates/profiles/aws/README.md
 - lib/plugins/inspec-init/templates/profiles/aws/attributes.yml