inspec-core 4.18.24 → 4.18.38

Sign up to get free protection for your applications and to get access to all the features.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/etc/deprecations.json +4 -0
  3. data/lib/inspec/cli.rb +2 -2
  4. data/lib/inspec/config.rb +2 -1
  5. data/lib/inspec/dependencies/requirement.rb +10 -6
  6. data/lib/inspec/describe_base.rb +25 -0
  7. data/lib/inspec/file_provider.rb +7 -1
  8. data/lib/inspec/input_dsl_helpers.rb +26 -0
  9. data/lib/inspec/input_registry.rb +6 -6
  10. data/lib/inspec/metadata.rb +6 -2
  11. data/lib/inspec/method_source.rb +1 -1
  12. data/lib/inspec/objects/control.rb +7 -0
  13. data/lib/inspec/objects/describe.rb +7 -0
  14. data/lib/inspec/objects/each_loop.rb +7 -0
  15. data/lib/inspec/objects/input.rb +4 -0
  16. data/lib/inspec/objects/or_test.rb +7 -0
  17. data/lib/inspec/objects/tag.rb +7 -0
  18. data/lib/inspec/objects/test.rb +8 -1
  19. data/lib/inspec/objects/value.rb +7 -0
  20. data/lib/inspec/plugin/v2/installer.rb +9 -4
  21. data/lib/inspec/resource.rb +2 -0
  22. data/lib/inspec/resources/apt.rb +1 -1
  23. data/lib/inspec/resources/auditd.rb +4 -4
  24. data/lib/inspec/resources/command.rb +1 -1
  25. data/lib/inspec/resources/filesystem.rb +3 -3
  26. data/lib/inspec/resources/gem.rb +3 -2
  27. data/lib/inspec/resources/http.rb +3 -3
  28. data/lib/inspec/resources/npm.rb +11 -3
  29. data/lib/inspec/resources/oracledb_session.rb +2 -2
  30. data/lib/inspec/resources/package.rb +2 -4
  31. data/lib/inspec/resources/service.rb +2 -0
  32. data/lib/inspec/resources/sys_info.rb +2 -2
  33. data/lib/inspec/resources/users.rb +4 -0
  34. data/lib/inspec/rspec_extensions.rb +4 -9
  35. data/lib/inspec/rule.rb +6 -1
  36. data/lib/inspec/runner.rb +4 -4
  37. data/lib/inspec/version.rb +1 -1
  38. data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +1 -1
  39. data/lib/plugins/shared/core_plugin_test_helper.rb +9 -11
  40. metadata +3 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 983039fedda07315582c5329b0041543af3b234cc66d8f5e09938f23540e4731
4
- data.tar.gz: aa83556f643cc61866aab9800c8cdb481808c2058d04fe3e80701cec75e473ce
3
+ metadata.gz: e80bff1bace3e7cd09a4c8ee8d42dff17021c71537f6e857d65678060a8b7d96
4
+ data.tar.gz: f2d9eee362213bc05a5b410d2b9aba371c366e56355a6a7384b3900dd0f2383a
5
5
  SHA512:
6
- metadata.gz: 7830977e9d97ee2654ca16727f99d94d28cf62f965fb813c17b04f98ef3f75cdec0f25e8b154b6d2a6ccf449b02b220a41e7cf7b4ed099b42382922b758557eb
7
- data.tar.gz: '09032668f99b15d19532e790244325da380c9bf317308a3ae4e336a6a7d4731c297b039d6a3df8724dafc7b9d6002e1fc150dac25ba34c60072f91aa11e87817'
6
+ metadata.gz: 066e480ce7a22cafbfe5d52c2be91fc1258234c08c93a935308fd665afd5a87d793bc1dc59a9977aa5e93068cbed4715944769bb2d9356895efa6d6f6e0a67d5
7
+ data.tar.gz: 4b0057206189584b25f6ff83960c69129e77264bf6177baec5216353a497f58c2cab3748de0d5546ca15e8c3098ef88bcdc728602cfaa6f149fc5a862ec8fef6
@@ -116,6 +116,10 @@
116
116
  "wmi_non_hash_usage": {
117
117
  "action": "fail_control",
118
118
  "suffix": "This property was removed in InSpec 4.0."
119
+ },
120
+ "object_classes": {
121
+ "action": "warn",
122
+ "suffix": "These classes will be removed in InSpec 5.0."
119
123
  }
120
124
  }
121
125
  }
@@ -122,8 +122,8 @@ class Inspec::InspecCLI < Inspec::BaseCLI
122
122
  else
123
123
  %w{location profile controls timestamp valid}.each do |item|
124
124
  prepared_string = format("%-12s %s",
125
- "#{item.to_s.capitalize} :",
126
- result[:summary][item.to_sym])
125
+ "#{item.to_s.capitalize} :",
126
+ result[:summary][item.to_sym])
127
127
  ui.plain_line(prepared_string)
128
128
  end
129
129
  puts
@@ -207,7 +207,8 @@ module Inspec
207
207
  end
208
208
 
209
209
  def _utc_find_credset_name(_credentials, transport_name)
210
- return nil unless final_options[:target]
210
+ return unless final_options[:target]
211
+
211
212
  match = final_options[:target].match(%r{^#{transport_name}://(?<credset_name>[\w\-]+)$})
212
213
  match ? match[:credset_name] : nil
213
214
  end
@@ -21,16 +21,20 @@ module Inspec
21
21
  }
22
22
 
23
23
  new(dep[:name],
24
- dep[:version],
25
- config,
26
- opts.merge(dep))
24
+ dep[:version],
25
+ config,
26
+ opts.merge(dep))
27
27
  end
28
28
 
29
29
  def self.from_lock_entry(entry, config, opts = {})
30
+ resolved_source = entry[:resolved_source]
31
+ .merge(backend: config[:backend])
32
+ .merge(opts)
33
+
30
34
  req = new(entry[:name],
31
- entry[:version_constraints],
32
- config,
33
- entry[:resolved_source].merge(backend: config[:backend]).merge(opts))
35
+ entry[:version_constraints],
36
+ config,
37
+ resolved_source)
34
38
 
35
39
  locked_deps = []
36
40
  Array(entry[:dependencies]).each do |dep_entry|
@@ -1,5 +1,10 @@
1
+ require "inspec/input_dsl_helpers"
2
+
1
3
  module Inspec
2
4
  class DescribeBase
5
+
6
+ include Inspec::InputDslHelpers
7
+
3
8
  def initialize(action)
4
9
  @action = action
5
10
  @checks = []
@@ -17,6 +22,14 @@ module Inspec
17
22
  @action.call("describe.one", @checks, nil)
18
23
  end
19
24
 
25
+ def input(input_name, options = {})
26
+ input_with_profile_id(__profile_id, input_name, options)
27
+ end
28
+
29
+ def input_object(name)
30
+ Inspec::InputRegistry.find_or_register_input(name, __profile_id)
31
+ end
32
+
20
33
  def method_missing(method_name, *arguments)
21
34
  Inspec::DSL.method_missing_resource(inspec, method_name, *arguments)
22
35
  end
@@ -24,5 +37,17 @@ module Inspec
24
37
  def describe(*args, &block)
25
38
  @checks.push(["describe", args, block])
26
39
  end
40
+
41
+ private
42
+
43
+ # While this is marked private, it gets consumed during an instance_eval,
44
+ # so it is fully visible. The double underscore is there to discourage
45
+ # use - this is a private API.
46
+ def __profile_id
47
+ # Excavate the profile ID. The action is a Method calling __add_check on
48
+ # a Rule whose profile ID we want
49
+ @action.receiver.instance_variable_get(:@__profile_id)
50
+ end
51
+
27
52
  end
28
53
  end
@@ -123,6 +123,7 @@ module Inspec
123
123
  end
124
124
 
125
125
  def read(file)
126
+ # TODO: this is inefficient
126
127
  @contents[file] ||= read_from_zip(file)
127
128
  end
128
129
 
@@ -141,6 +142,10 @@ module Inspec
141
142
  next unless file == entry.name
142
143
 
143
144
  res = io.read
145
+ try = res.dup
146
+ try.force_encoding Encoding::UTF_8
147
+ res = try.encode(try.encoding, universal_newline: true) if try.valid_encoding?
148
+
144
149
  break
145
150
  end
146
151
  end
@@ -174,7 +179,8 @@ module Inspec
174
179
  res = entry.read || ""
175
180
  try = res.dup
176
181
  try.force_encoding Encoding::UTF_8
177
- res = try if try.valid_encoding?
182
+ res = try.encode(try.encoding, universal_newline: true) if
183
+ try.valid_encoding?
178
184
  res
179
185
  end
180
186
  end
@@ -0,0 +1,26 @@
1
+
2
+ require "inspec/input_registry"
3
+
4
+ module Inspec
5
+ # A mixin to provide implementations for the input() DSL methods
6
+ module InputDslHelpers
7
+
8
+ # Find or create an input, explicitly named by a profile ID and
9
+ # input name. Evaluate the input and return the value.
10
+ # @param [String] Profile ID
11
+ # @param [String] Input Name
12
+ # @param [Hash] Input options - see input docs on website
13
+ # @returns [Object] Input value
14
+ def input_with_profile_id(profile_id, input_name, options)
15
+ if options.empty?
16
+ # Simply an access, no event here
17
+ Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
18
+ else
19
+ options[:priority] = 20
20
+ options[:provider] = :inline_control_code
21
+ evt = Inspec::Input.infer_event(options)
22
+ Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
23
+ end
24
+ end
25
+ end
26
+ end
@@ -208,8 +208,8 @@ module Inspec
208
208
  data = Inspec::SecretsBackend.resolve(path)
209
209
  if data.nil?
210
210
  raise Inspec::Exceptions::SecretsBackendNotFound,
211
- "Cannot find parser for inputs file '#{path}'. " \
212
- "Check to make sure file has the appropriate extension."
211
+ "Cannot find parser for inputs file '#{path}'. " \
212
+ "Check to make sure file has the appropriate extension."
213
213
  end
214
214
 
215
215
  next if data.inputs.nil?
@@ -230,14 +230,14 @@ module Inspec
230
230
  def validate_inputs_file_readability!(path)
231
231
  unless File.exist?(path)
232
232
  raise Inspec::Exceptions::InputsFileDoesNotExist,
233
- "Cannot find input file '#{path}'. " \
234
- "Check to make sure file exists."
233
+ "Cannot find input file '#{path}'. " \
234
+ "Check to make sure file exists."
235
235
  end
236
236
 
237
237
  unless File.readable?(path)
238
238
  raise Inspec::Exceptions::InputsFileNotReadable,
239
- "Cannot read input file '#{path}'. " \
240
- "Check to make sure file is readable."
239
+ "Cannot read input file '#{path}'. " \
240
+ "Check to make sure file is readable."
241
241
  end
242
242
 
243
243
  true
@@ -64,6 +64,7 @@ module Inspec
64
64
  end
65
65
 
66
66
  def supports_platform?(backend)
67
+ require "inspec/resources/platform" # break circularity in load
67
68
  backend.platform.supported?(params[:supports])
68
69
  end
69
70
 
@@ -156,9 +157,12 @@ module Inspec
156
157
  nil
157
158
  when nil then nil
158
159
  else
159
- Inspec.deprecate(:supports_syntax,
160
+ Inspec.deprecate(
161
+ :supports_syntax,
160
162
  "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
161
- "supports:\n - os-family: #{x}\n\n")
163
+ "supports:\n - os-family: #{x}\n\n"
164
+ )
165
+
162
166
  { :'os-family' => x } # rubocop:disable Style/HashSyntax
163
167
  end
164
168
  end
@@ -14,7 +14,7 @@ module Inspec
14
14
  ::MethodSource.expression_at(src.lines, location[:line]).force_encoding("utf-8")
15
15
  rescue SyntaxError => e
16
16
  raise ::MethodSource::SourceNotFoundError,
17
- "Could not parse source at #{location[:ref]}:#{location[:line]}: #{e.message}"
17
+ "Could not parse source at #{location[:ref]}:#{location[:line]}: #{e.message}"
18
18
  end
19
19
  end
20
20
  end
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class Control
3
8
  attr_accessor :id, :title, :descriptions, :impact, :tests, :tags, :refs, :only_if
@@ -6,6 +11,8 @@ module Inspec
6
11
  @tags = []
7
12
  @refs = []
8
13
  @descriptions = {}
14
+
15
+ Inspec.deprecate(:object_classes, "The Inspec::Control class is deprecated. Use the Inspec::Object::Control class from the inspec-objects Ruby library.")
9
16
  end
10
17
 
11
18
  def add_test(t)
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class Describe
3
8
  # Internal helper to structure test objects.
@@ -53,6 +58,8 @@ module Inspec
53
58
  @qualifier = []
54
59
  @tests = []
55
60
  @variables = []
61
+
62
+ Inspec.deprecate(:object_classes, "The Inspec::Describe class is deprecated. Use the Inspec::Object::Describe class from the inspec-objects Ruby library.")
56
63
  end
57
64
 
58
65
  def add_test(its, matcher, expectation, opts = {})
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class EachLoop < List
3
8
  attr_reader :variables
@@ -6,6 +11,8 @@ module Inspec
6
11
  super
7
12
  @tests = []
8
13
  @variables = []
14
+
15
+ Inspec.deprecate(:object_classes, "The Inspec::EachLoop class is deprecated. Use the Inspec::Object::EachLoop class from the inspec-objects Ruby library.")
9
16
  end
10
17
 
11
18
  def add_test(t = nil)
@@ -1,3 +1,7 @@
1
+ # This file is deprecated and will be removed in the next major release of InSpec.
2
+ # The Inspec::Input class will remain but these methods will be removed.
3
+ # Use the Inspec::Object::Input class from the inspec-objects rubygem instead.
4
+
1
5
  require "inspec/input"
2
6
 
3
7
  module Inspec
@@ -1,9 +1,16 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class OrTest
3
8
  attr_reader :tests
4
9
  def initialize(tests)
5
10
  @tests = tests
6
11
  @negated = false
12
+
13
+ Inspec.deprecate(:object_classes, "The Inspec::OrTest class is deprecated. Use the Inspec::Object::OrTest class from the inspec-objects Ruby library.")
7
14
  end
8
15
 
9
16
  def skip
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class Tag
3
8
  attr_accessor :key, :value
@@ -5,6 +10,8 @@ module Inspec
5
10
  def initialize(key, value)
6
11
  @key = key
7
12
  @value = value
13
+
14
+ Inspec.deprecate(:object_classes, "The Inspec::Tag class is deprecated. Use the Inspec::Object::Tag class from the inspec-objects Ruby library.")
8
15
  end
9
16
 
10
17
  def to_hash
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class Test
3
8
  attr_accessor :qualifier, :matcher, :expectation, :skip, :negated, :variables, :only_if
@@ -7,6 +12,8 @@ module Inspec
7
12
  @qualifier = []
8
13
  @negated = false
9
14
  @variables = []
15
+
16
+ Inspec.deprecate(:object_classes, "The Inspec::Test class is deprecated. Use the Inspec::Object::Test class from the inspec-objects Ruby library.")
10
17
  end
11
18
 
12
19
  def negate!
@@ -75,7 +82,7 @@ module Inspec
75
82
  " " + expectation.inspect
76
83
  end
77
84
  format("%s%sdescribe %s do\n %s { should%s %s%s }\nend",
78
- only_if_clause, vars, res, itsy, naughty, matcher, xpect)
85
+ only_if_clause, vars, res, itsy, naughty, matcher, xpect)
79
86
  end
80
87
 
81
88
  def rb_skip
@@ -1,3 +1,8 @@
1
+ # This class is deprecated and will be removed in the next major release of InSpec.
2
+ # Use the Inspec::Object classes from the inspec-objects rubygem instead.
3
+
4
+ require "inspec/utils/deprecation"
5
+
1
6
  module Inspec
2
7
  class Value
3
8
  include ::Inspec::RubyHelper
@@ -9,6 +14,8 @@ module Inspec
9
14
  def initialize(qualifiers = [])
10
15
  @qualifier = qualifiers
11
16
  @variable = nil
17
+
18
+ Inspec.deprecate(:object_classes, "The Inspec::Value class is deprecated. Use the Inspec::Object::Value class from the inspec-objects Ruby library.")
12
19
  end
13
20
 
14
21
  def to_ruby
@@ -267,12 +267,17 @@ module Inspec::Plugin::V2
267
267
  # Make Set that encompasses just the gemfile that was provided
268
268
  plugin_local_source = Gem::Source::SpecificFile.new(opts[:gem_file])
269
269
 
270
- plugin_dependency = Gem::Dependency.new(requested_plugin_name,
271
- plugin_local_source.spec.version)
270
+ plugin_dependency = Gem::Dependency.new(
271
+ requested_plugin_name,
272
+ plugin_local_source.spec.version
273
+ )
272
274
 
273
275
  requested_local_gem_set = Gem::Resolver::InstallerSet.new(:both)
274
- requested_local_gem_set.add_local(plugin_dependency.name,
275
- plugin_local_source.spec, plugin_local_source)
276
+ requested_local_gem_set.add_local(
277
+ plugin_dependency.name,
278
+ plugin_local_source.spec,
279
+ plugin_local_source
280
+ )
276
281
 
277
282
  install_gem_to_plugins_dir(plugin_dependency, [requested_local_gem_set])
278
283
  end
@@ -110,3 +110,5 @@ end
110
110
 
111
111
  # Many resources use FilterTable.
112
112
  require "inspec/utils/filter"
113
+ # conflicts with global `gem` method so we need to pre-load this.
114
+ require "inspec/resources/gem"
@@ -92,7 +92,7 @@ module Inspec::Resources
92
92
  # deb [trusted=yes] http://archive.ubuntu.com/ubuntu/ wily main restricted ...
93
93
 
94
94
  words = line.split
95
- words.delete 1 if words[1] && words[1].start_with?("[")
95
+ words.delete_at 1 if words[1] && words[1].start_with?("[")
96
96
  type, url, distro, *components = words
97
97
  url = url.delete('"') if url
98
98
 
@@ -30,7 +30,7 @@ module Inspec::Resources
30
30
  def initialize
31
31
  unless inspec.command("/sbin/auditctl").exist?
32
32
  raise Inspec::Exceptions::ResourceFailed,
33
- "Command `/sbin/auditctl` does not exist"
33
+ "Command `/sbin/auditctl` does not exist"
34
34
  end
35
35
 
36
36
  auditctl_cmd = "/sbin/auditctl -l"
@@ -38,7 +38,7 @@ module Inspec::Resources
38
38
 
39
39
  if result.exit_status != 0
40
40
  raise Inspec::Exceptions::ResourceFailed,
41
- "Command `#{auditctl_cmd}` failed with error: #{result.stderr}"
41
+ "Command `#{auditctl_cmd}` failed with error: #{result.stderr}"
42
42
  end
43
43
 
44
44
  @content = result.stdout
@@ -46,8 +46,8 @@ module Inspec::Resources
46
46
 
47
47
  if @content =~ /^LIST_RULES:/
48
48
  raise Inspec::Exceptions::ResourceFailed,
49
- "The version of audit is outdated." \
50
- "The `auditd` resource supports versions of audit >= 2.3."
49
+ "The version of audit is outdated." \
50
+ "The `auditd` resource supports versions of audit >= 2.3."
51
51
  end
52
52
  parse_content
53
53
  end
@@ -37,7 +37,7 @@ module Inspec::Resources
37
37
  # Make sure command is replaced so sensitive output isn't shown
38
38
  @command = "ERROR"
39
39
  raise Inspec::Exceptions::ResourceFailed,
40
- "The `redact_regex` option must be a regular expression"
40
+ "The `redact_regex` option must be a regular expression"
41
41
  end
42
42
  @redact_regex = options[:redact_regex]
43
43
  end
@@ -98,7 +98,7 @@ module Inspec::Resources
98
98
  cmd = inspec.command("df #{partition} -PT")
99
99
  if cmd.stdout.nil? || cmd.stdout.empty? || cmd.exit_status != 0
100
100
  raise Inspec::Exceptions::ResourceFailed,
101
- "Unable to get available space for partition #{partition}"
101
+ "Unable to get available space for partition #{partition}"
102
102
  end
103
103
  value = cmd.stdout.split(/\n/)[1].strip.split(" ")
104
104
  {
@@ -125,8 +125,8 @@ module Inspec::Resources
125
125
  fs = JSON.parse(cmd.stdout)
126
126
  rescue JSON::ParserError => e
127
127
  raise Inspec::Exceptions::ResourceFailed,
128
- "Failed to parse JSON from Powershell. " \
129
- "Error: #{e}"
128
+ "Failed to parse JSON from Powershell. " \
129
+ "Error: #{e}"
130
130
  end
131
131
  {
132
132
  name: fs["DeviceID"],
@@ -2,7 +2,7 @@ require "inspec/resources/command"
2
2
 
3
3
  module Inspec::Resources
4
4
  class GemPackage < Inspec.resource(1)
5
- name "gem"
5
+ name "gem" # TODO: rename to "rubygem" and provide alias
6
6
  supports platform: "unix"
7
7
  supports platform: "windows"
8
8
  desc "Use the gem InSpec audit resource to test if a global gem package is installed."
@@ -17,11 +17,12 @@ module Inspec::Resources
17
17
 
18
18
  def initialize(package_name, gem_binary = nil)
19
19
  @package_name = package_name
20
- @gem_binary = case gem_binary
20
+ @gem_binary = case gem_binary # TODO: no. this is not right
21
21
  when nil
22
22
  "gem"
23
23
  when :chef
24
24
  if inspec.os.windows?
25
+ # TODO: what about chef-dk or other installs?
25
26
  'c:\opscode\chef\embedded\bin\gem.bat'
26
27
  else
27
28
  "/opt/chef/embedded/bin/gem"
@@ -35,8 +35,8 @@ module Inspec::Resources
35
35
  # profiles.
36
36
  if opts.key?(:enable_remote_worker) && !inspec.local_transport?
37
37
  warn "Ignoring `enable_remote_worker` option, the `http` resource ",
38
- "remote worker is enabled by default for remote targets and ",
39
- "cannot be disabled"
38
+ "remote worker is enabled by default for remote targets and ",
39
+ "cannot be disabled"
40
40
  end
41
41
 
42
42
  # Run locally if InSpec is ran locally and remotely if ran remotely
@@ -164,7 +164,7 @@ module Inspec::Resources
164
164
  def initialize(inspec, http_method, url, opts)
165
165
  unless inspec.command("curl").exist?
166
166
  raise Inspec::Exceptions::ResourceSkipped,
167
- "curl is not available on the target machine"
167
+ "curl is not available on the target machine"
168
168
  end
169
169
 
170
170
  @ran_curl = false
@@ -27,12 +27,20 @@ module Inspec::Resources
27
27
  return @info if defined?(@info)
28
28
 
29
29
  if @location
30
- npm = "cd #{Shellwords.escape @location} && npm"
30
+ command_separator = inspec.os.platform?("windows") ? ";" : "&&"
31
+ invocation = "cd #{Shellwords.escape @location} #{command_separator} npm"
31
32
  else
32
- npm = "npm -g"
33
+ invocation = "npm -g"
33
34
  end
34
35
 
35
- cmd = inspec.command("#{npm} ls --json #{@package_name}")
36
+ invocation = "#{invocation} ls --json #{@package_name}"
37
+
38
+ # If on unix, wrap in sh -c to protect against sudo
39
+ unless inspec.os.platform?("windows")
40
+ invocation = "sh -c '#{invocation}'"
41
+ end
42
+
43
+ cmd = inspec.command(invocation)
36
44
  @info = {
37
45
  name: @package_name,
38
46
  type: "npm",
@@ -58,8 +58,8 @@ module Inspec::Resources
58
58
  command = command_builder(format_options, sql)
59
59
  inspec_cmd = inspec.command(command)
60
60
 
61
- DatabaseHelper::SQLQueryResult.new(inspec_cmd, send(parser,
62
- inspec_cmd.stdout))
61
+ DatabaseHelper::SQLQueryResult.new(inspec_cmd,
62
+ send(parser, inspec_cmd.stdout))
63
63
  end
64
64
 
65
65
  def to_s
@@ -217,8 +217,7 @@ module Inspec::Resources
217
217
  }
218
218
  rescue JSON::ParserError => e
219
219
  raise Inspec::Exceptions::ResourceFailed,
220
- "Failed to parse JSON from `brew` command. " \
221
- "Error: #{e}"
220
+ "Failed to parse JSON from `brew` command. Error: #{e}"
222
221
  end
223
222
  end
224
223
 
@@ -307,8 +306,7 @@ module Inspec::Resources
307
306
  package = JSON.parse(cmd.stdout)
308
307
  rescue JSON::ParserError => e
309
308
  raise Inspec::Exceptions::ResourceFailed,
310
- "Failed to parse JSON from PowerShell. " \
311
- "Error: #{e}"
309
+ "Failed to parse JSON from PowerShell. Error: #{e}"
312
310
  end
313
311
 
314
312
  # What if we match multiple packages? just pick the first one for now.
@@ -304,10 +304,12 @@ module Inspec::Resources
304
304
 
305
305
  # LoadState values eg. loaded, not-found
306
306
  installed = params["LoadState"] == "loaded"
307
+ startname = params["User"]
307
308
 
308
309
  {
309
310
  name: params["Id"],
310
311
  description: params["Description"],
312
+ startname: startname,
311
313
  installed: installed,
312
314
  running: is_active?(service_name),
313
315
  enabled: is_enabled?(service_name),
@@ -45,7 +45,7 @@ module Inspec::Resources
45
45
  end
46
46
 
47
47
  def linux_hostname(opt = nil)
48
- if !opt.nil?
48
+ if opt
49
49
  opt = case opt
50
50
  when "f", "long", "fqdn", "full"
51
51
  " -f"
@@ -67,7 +67,7 @@ module Inspec::Resources
67
67
  end
68
68
 
69
69
  def mac_hostname(opt = nil)
70
- if !opt.nil?
70
+ if opt
71
71
  opt = case opt
72
72
  when "f", "long", "fqdn", "full"
73
73
  " -f"
@@ -624,7 +624,9 @@ module Inspec::Resources
624
624
 
625
625
  def meta_info(username)
626
626
  res = identity(username)
627
+
627
628
  return if res.nil?
629
+
628
630
  {
629
631
  home: res[:home],
630
632
  shell: res[:shell],
@@ -635,7 +637,9 @@ module Inspec::Resources
635
637
 
636
638
  def credentials(username)
637
639
  res = identity(username)
640
+
638
641
  return if res.nil?
642
+
639
643
  {
640
644
  mindays: res[:mindays],
641
645
  maxdays: res[:maxdays],
@@ -1,6 +1,7 @@
1
1
  require "inspec/input_registry"
2
2
  require "inspec/plugin/v2"
3
3
  require "rspec/core/example_group"
4
+ require "inspec/input_dsl_helpers"
4
5
 
5
6
  # Any additions to RSpec::Core::ExampleGroup (the RSpec class behind describe blocks) should go here.
6
7
 
@@ -82,18 +83,12 @@ module Inspec
82
83
  end
83
84
 
84
85
  class RSpec::Core::ExampleGroup
86
+ include Inspec::InputDslHelpers
87
+
85
88
  # This DSL method allows us to access the values of inputs within InSpec tests
86
89
  def input(input_name, options = {})
87
90
  profile_id = self.class.metadata[:profile_id]
88
- if options.empty?
89
- # Simply an access, no event here
90
- Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
91
- else
92
- options[:priority] = 20
93
- options[:provider] = :inline_control_code
94
- evt = Inspec::Input.infer_event(options)
95
- Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
96
- end
91
+ input_with_profile_id(profile_id, input_name, options)
97
92
  end
98
93
  define_example_method :input
99
94
 
@@ -4,6 +4,7 @@ require "method_source"
4
4
  require "date"
5
5
  require "inspec/describe_base"
6
6
  require "inspec/expect"
7
+ require "inspec/impact"
7
8
  require "inspec/resource"
8
9
  require "inspec/resources/os"
9
10
  require "inspec/input_registry"
@@ -204,7 +205,11 @@ module Inspec
204
205
 
205
206
  def self.set_skip_rule(rule, value, message = nil, type = :only_if)
206
207
  rule.instance_variable_set(:@__skip_rule,
207
- { result: value, message: message, type: type })
208
+ {
209
+ result: value,
210
+ message: message,
211
+ type: type,
212
+ })
208
213
  end
209
214
 
210
215
  def self.merge_count(rule)
@@ -190,10 +190,10 @@ module Inspec
190
190
  #
191
191
  def add_target(target, _opts = [])
192
192
  profile = Inspec::Profile.for_target(target,
193
- vendor_cache: @cache,
194
- backend: @backend,
195
- controls: @controls,
196
- runner_conf: @conf)
193
+ vendor_cache: @cache,
194
+ backend: @backend,
195
+ controls: @controls,
196
+ runner_conf: @conf)
197
197
  raise "Could not resolve #{target} to valid input." if profile.nil?
198
198
 
199
199
  @target_profiles << profile if supports_profile?(profile)
@@ -1,3 +1,3 @@
1
1
  module Inspec
2
- VERSION = "4.18.24".freeze
2
+ VERSION = "4.18.38".freeze
3
3
  end
@@ -162,7 +162,7 @@ module InspecPlugins
162
162
  if verification_key.verify digest, signature, content
163
163
  content_block.yield(content)
164
164
  else
165
- puts "Artifact is invalid"
165
+ raise "Artifact is invalid"
166
166
  end
167
167
  end
168
168
  end
@@ -12,6 +12,7 @@ require "tmpdir"
12
12
  require "pathname"
13
13
  require "forwardable"
14
14
 
15
+ require "functional/helper"
15
16
  require "inspec/plugin/v2"
16
17
 
17
18
  # Configure Minitest to expose things like `let`
@@ -36,35 +37,32 @@ end
36
37
  # end
37
38
  # end
38
39
 
40
+ # TODO: remove me! There's no need!
39
41
  module CorePluginBaseHelper
40
- libdir = File.expand_path "lib"
41
-
42
- let(:repo_path) { File.expand_path(File.join(__FILE__, "..", "..", "..", "..")) }
43
- let(:inspec_path) { File.join(repo_path, "inspec-bin", "bin", "inspec") }
44
- let(:exec_inspec) { [Gem.ruby, "-I#{libdir}", inspec_path].join " " }
45
- let(:core_mock_path) { File.join(repo_path, "test", "unit", "mock") }
46
- let(:core_fixture_plugins_path) { File.join(core_mock_path, "plugins") }
47
- let(:core_config_dir_path) { File.join(core_mock_path, "config_dirs") }
42
+ let(:mock_path) { File.join(repo_path, "test", "fixtures", "mock") }
43
+ let(:core_fixture_plugins_path) { File.join(mock_path, "plugins") }
44
+ let(:core_config_dir_path) { File.join(mock_path, "config_dirs") }
48
45
 
49
46
  let(:registry) { Inspec::Plugin::V2::Registry.instance }
50
47
  end
51
48
 
52
- require "functional/helper"
53
-
54
49
  module CorePluginFunctionalHelper
55
50
  include CorePluginBaseHelper
56
51
  include FunctionalHelper
57
52
 
53
+ # TODO: so much duplication! Remove everything we can!
58
54
  require "train"
59
55
  TRAIN_CONNECTION = Train.create("local", command_runner: :generic).connection
60
56
 
57
+ # TODO: remove me! it's in test/functional/helper.rb
61
58
  def run_inspec_process(command_line, opts = {})
62
59
  prefix = ""
63
60
  if opts.key?(:prefix)
64
61
  prefix = opts[:prefix]
65
62
  elsif opts.key?(:env)
66
- prefix = opts[:env].to_a.map { |assignment| "#{assignment[0]}=#{assignment[1]}" }.join(" ")
63
+ prefix = assemble_env_prefix opts[:env]
67
64
  end
65
+
68
66
  TRAIN_CONNECTION.run_command("#{prefix} #{exec_inspec} #{command_line}")
69
67
  end
70
68
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.18.24
4
+ version: 4.18.38
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-10-31 00:00:00.000000000 Z
11
+ date: 2019-11-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train-core
@@ -44,20 +44,6 @@ dependencies:
44
44
  - - "<"
45
45
  - !ruby/object:Gem::Version
46
46
  version: '2.0'
47
- - !ruby/object:Gem::Dependency
48
- name: chef-core
49
- requirement: !ruby/object:Gem::Requirement
50
- requirements:
51
- - - "~>"
52
- - !ruby/object:Gem::Version
53
- version: '0.0'
54
- type: :runtime
55
- prerelease: false
56
- version_requirements: !ruby/object:Gem::Requirement
57
- requirements:
58
- - - "~>"
59
- - !ruby/object:Gem::Version
60
- version: '0.0'
61
47
  - !ruby/object:Gem::Dependency
62
48
  name: thor
63
49
  requirement: !ruby/object:Gem::Requirement
@@ -432,6 +418,7 @@ files:
432
418
  - lib/inspec/globals.rb
433
419
  - lib/inspec/impact.rb
434
420
  - lib/inspec/input.rb
421
+ - lib/inspec/input_dsl_helpers.rb
435
422
  - lib/inspec/input_registry.rb
436
423
  - lib/inspec/library_eval_context.rb
437
424
  - lib/inspec/log.rb