RubyGems - inspec-core - Versions diffs - 4.23.4 → 4.24.26 - Mend

inspec-core 4.23.4 → 4.24.26

Files changed (105) hide show

checksums.yaml +4 -4
data/Gemfile +16 -33
data/inspec-core.gemspec +8 -9
data/lib/bundles/inspec-supermarket/api.rb +2 -2
data/lib/bundles/inspec-supermarket/target.rb +1 -1
data/lib/inspec/archive/tar.rb +1 -1
data/lib/inspec/archive/zip.rb +3 -3
data/lib/inspec/base_cli.rb +7 -1
data/lib/inspec/cached_fetcher.rb +1 -1
data/lib/inspec/cli.rb +5 -3
data/lib/inspec/config.rb +5 -5
data/lib/inspec/dependencies/cache.rb +1 -1
data/lib/inspec/env_printer.rb +2 -2
data/lib/inspec/fetcher/git.rb +3 -3
data/lib/inspec/fetcher/local.rb +1 -1
data/lib/inspec/fetcher/url.rb +4 -4
data/lib/inspec/file_provider.rb +4 -4
data/lib/inspec/formatters/base.rb +16 -0
data/lib/inspec/globals.rb +8 -2
data/lib/inspec/input.rb +3 -0
data/lib/inspec/input_registry.rb +5 -3
data/lib/inspec/metadata.rb +1 -1
data/lib/inspec/plugin/v1/plugins.rb +2 -2
data/lib/inspec/plugin/v2.rb +5 -0
data/lib/inspec/plugin/v2/config_file.rb +1 -1
data/lib/inspec/plugin/v2/filter.rb +2 -2
data/lib/inspec/plugin/v2/installer.rb +5 -5
data/lib/inspec/plugin/v2/loader.rb +6 -1
data/lib/inspec/plugin/v2/registry.rb +2 -2
data/lib/inspec/profile.rb +3 -3
data/lib/inspec/profile_context.rb +1 -1
data/lib/inspec/reporters/automate.rb +2 -2
data/lib/inspec/reporters/json.rb +3 -1
data/lib/inspec/reporters/json_automate.rb +1 -1
data/lib/inspec/resource.rb +2 -0
data/lib/inspec/resources.rb +5 -5
data/lib/inspec/resources/apt.rb +6 -6
data/lib/inspec/resources/auditd.rb +1 -1
data/lib/inspec/resources/csv.rb +1 -1
data/lib/inspec/resources/dh_params.rb +1 -1
data/lib/inspec/resources/file.rb +1 -1
data/lib/inspec/resources/grub_conf.rb +2 -1
data/lib/inspec/resources/http.rb +1 -1
data/lib/inspec/resources/iis_website.rb +1 -1
data/lib/inspec/resources/interfaces.rb +1 -1
data/lib/inspec/resources/json.rb +2 -2
data/lib/inspec/resources/key_rsa.rb +1 -1
data/lib/inspec/resources/mssql_session.rb +5 -1
data/lib/inspec/resources/mysql_session.rb +1 -1
data/lib/inspec/resources/nginx.rb +1 -1
data/lib/inspec/resources/nginx_conf.rb +1 -1
data/lib/inspec/resources/npm.rb +1 -1
data/lib/inspec/resources/oracledb_session.rb +1 -1
data/lib/inspec/resources/package.rb +1 -1
data/lib/inspec/resources/parse_config.rb +5 -2
data/lib/inspec/resources/platform.rb +11 -1
data/lib/inspec/resources/port.rb +1 -1
data/lib/inspec/resources/postgres_session.rb +1 -1
data/lib/inspec/resources/ppa.rb +1 -1
data/lib/inspec/resources/processes.rb +1 -1
data/lib/inspec/resources/rabbitmq_conf.rb +1 -1
data/lib/inspec/resources/registry_key.rb +1 -1
data/lib/inspec/resources/sshd_config.rb +1 -1
data/lib/inspec/resources/ssl.rb +2 -2
data/lib/inspec/resources/toml.rb +1 -1
data/lib/inspec/resources/vbscript.rb +1 -1
data/lib/inspec/resources/windows_registry_key.rb +1 -1
data/lib/inspec/resources/wmi.rb +16 -8
data/lib/inspec/resources/x509_certificate.rb +1 -1
data/lib/inspec/resources/xml.rb +1 -1
data/lib/inspec/rule.rb +8 -8
data/lib/inspec/run_data.rb +1 -1
data/lib/inspec/run_data/result.rb +2 -0
data/lib/inspec/runner.rb +2 -2
data/lib/inspec/schema.rb +3 -1
data/lib/inspec/schema/exec_json.rb +1 -1
data/lib/inspec/schema/output_schema.rb +1 -1
data/lib/inspec/schema/primitives.rb +1 -1
data/lib/inspec/shell.rb +3 -3
data/lib/inspec/shell_detector.rb +2 -2
data/lib/inspec/utils/command_wrapper.rb +1 -1
data/lib/inspec/utils/deprecation/config_file.rb +2 -2
data/lib/inspec/utils/json_log.rb +1 -1
data/lib/inspec/utils/telemetry/collector.rb +1 -1
data/lib/inspec/utils/telemetry/data_series.rb +1 -1
data/lib/inspec/version.rb +1 -1
data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +5 -5
data/lib/plugins/inspec-compliance/README.md +1 -1
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +3 -3
data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +2 -2
data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +2 -2
data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +3 -3
data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +1 -1
data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +1 -1
data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +2 -2
data/lib/plugins/inspec-init/templates/profiles/aws/README.md +1 -1
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +3 -3
data/lib/plugins/inspec-reporter-html2/README.md +1 -1
data/lib/plugins/inspec-reporter-html2/lib/inspec-reporter-html2/reporter.rb +1 -1
data/lib/plugins/inspec-reporter-json-min/lib/inspec-reporter-json-min/reporter.rb +1 -1
data/lib/plugins/inspec-reporter-junit/README.md +9 -7
data/lib/plugins/inspec-reporter-junit/lib/inspec-reporter-junit.rb +10 -1
data/lib/plugins/inspec-reporter-junit/lib/inspec-reporter-junit/reporter.rb +94 -12
data/lib/plugins/shared/core_plugin_test_helper.rb +6 -22
metadata +44 -40

data/lib/inspec/plugin/v2/filter.rb CHANGED

@@ -1,5 +1,5 @@
-require "singleton"
-require "json"
+require "singleton" unless defined?(Singleton)
+require "json" unless defined?(JSON)
 require "inspec/globals"
 module Inspec::Plugin; end

data/lib/inspec/plugin/v2/installer.rb CHANGED

@@ -1,12 +1,12 @@
 # This file is not required by default.
-require "singleton"
-require "forwardable"
-require "fileutils"
-require "uri"
+require "singleton" unless defined?(Singleton)
+require "forwardable" unless defined?(Forwardable)
+require "fileutils" unless defined?(FileUtils)
+require "uri" unless defined?(URI)
 # Gem extensions for doing unusual things - not loaded by Gem default
-require "rubygems/package"
+require "rubygems/package" unless defined?(Gem::Package)
 require "rubygems/name_tuple"
 require "rubygems/uninstaller"
 require "rubygems/remote_fetcher"

data/lib/inspec/plugin/v2/loader.rb CHANGED

@@ -50,6 +50,11 @@ module Inspec::Plugin::V2
       # we want to allow "sidecar loading", in which case a plugin may add an entry to the registry.
       registry.plugin_names.dup.each do |plugin_name|
         plugin_details = registry[plugin_name]
+        # Under some conditions (kitchen-inspec with multiple test suites, for example), this may be
+        # called multple times. Don't reload anything.
+        next if plugin_details.loaded
         # We want to capture literally any possible exception here, since we are storing them.
         # rubocop: disable Lint/RescueException
         begin
@@ -125,7 +130,7 @@ module Inspec::Plugin::V2
     end
     def self.plugin_gem_path
-      require "rbconfig"
+      require "rbconfig" unless defined?(RbConfig)
       ruby_abi_version = RbConfig::CONFIG["ruby_version"]
       # TODO: why are we installing under the api directory for plugins?
       base_dir = Inspec.config_dir

data/lib/inspec/plugin/v2/registry.rb CHANGED

@@ -1,5 +1,5 @@
-require "forwardable"
-require "singleton"
+require "forwardable" unless defined?(Forwardable)
+require "singleton" unless defined?(Singleton)
 require "train"
 require_relative "status"

data/lib/inspec/profile.rb CHANGED

@@ -1,8 +1,8 @@
 # Copyright 2015 Dominik Richter
-require "forwardable"
-require "openssl"
-require "pathname"
+require "forwardable" unless defined?(Forwardable)
+require "openssl" unless defined?(OpenSSL)
+require "pathname" unless defined?(Pathname)
 require "inspec/input_registry"
 require "inspec/cached_fetcher" # TODO: split or rename
 require "inspec/source_reader"

data/lib/inspec/profile_context.rb CHANGED

@@ -4,7 +4,7 @@ require "inspec/resource"
 require "inspec/library_eval_context"
 require "inspec/control_eval_context"
 require "inspec/require_loader"
-require "securerandom"
+require "securerandom" unless defined?(SecureRandom)
 require "inspec/input_registry"
 module Inspec

data/lib/inspec/reporters/automate.rb CHANGED

@@ -1,5 +1,5 @@
-require "json"
-require "net/http"
+require "json" unless defined?(JSON)
+require "net/http" unless defined?(Net::HTTP)
 module Inspec::Reporters
   class Automate < JsonAutomate

data/lib/inspec/reporters/json.rb CHANGED

@@ -1,4 +1,4 @@
-require "json"
+require "json" unless defined?(JSON)
 module Inspec::Reporters
   # rubocop:disable Layout/AlignHash, Style/BlockDelimiters
@@ -40,6 +40,8 @@ module Inspec::Reporters
           message:      r[:message],
           exception:    r[:exception],
           backtrace:    r[:backtrace],
+          resource_class: r[:resource_class],
+          resource_params: r[:resource_params].to_s,
         }.reject { |_k, v| v.nil? }
       }
     end

data/lib/inspec/reporters/json_automate.rb CHANGED

@@ -1,4 +1,4 @@
-require "json"
+require "json" unless defined?(JSON)
 module Inspec::Reporters
   class JsonAutomate < Json

data/lib/inspec/resource.rb CHANGED

@@ -108,6 +108,7 @@ module Inspec
     # Infrastructure / Bookkeeping
     def self.__register(name, resource_klass)
+      # This has bitten us and should be a great candidate to remove in InSpec5
       cl = Class.new(resource_klass) do # TODO: remove
         # As best I can figure out, this anonymous class only exists
         # because we're trying to avoid having resources with
@@ -116,6 +117,7 @@ module Inspec
         # documentation.
         def initialize(backend, name, *args)
           supersuper_initialize(backend, name) do
+            @resource_params = args
             super(*args)
           end
         end

data/lib/inspec/resources.rb CHANGED

@@ -16,11 +16,11 @@ inspec_core_only = ENV["NO_AWS"] || !File.exist?(File.join(File.dirname(__FILE__
 # Do not attempt to load cloud resources if we are in inspec-core mode
 unless inspec_core_only
   require "resource_support/aws"
-  require "resources/azure/azure_backend.rb"
-  require "resources/azure/azure_generic_resource.rb"
-  require "resources/azure/azure_resource_group.rb"
-  require "resources/azure/azure_virtual_machine.rb"
-  require "resources/azure/azure_virtual_machine_data_disk.rb"
+  require "resources/azure/azure_backend"
+  require "resources/azure/azure_generic_resource"
+  require "resources/azure/azure_resource_group"
+  require "resources/azure/azure_virtual_machine"
+  require "resources/azure/azure_virtual_machine_data_disk"
 end
 require "inspec/resources/aide_conf"

data/lib/inspec/resources/apt.rb CHANGED

@@ -24,7 +24,7 @@ require "inspec/resources/command"
 # apt-get install software-properties-common
 # add-apt-repository ppa:ubuntu-wine/ppa
-require "uri"
+require "uri" unless defined?(URI)
 module Inspec::Resources
   class AptRepository < Inspec.resource(1)
@@ -87,13 +87,13 @@ module Inspec::Resources
         active = raw_line == line
         # formats:
-        # deb               "http://archive.ubuntu.com/ubuntu/" wily main restricted ...
-        # deb               http://archive.ubuntu.com/ubuntu/ wily main restricted ...
-        # deb [trusted=yes] http://archive.ubuntu.com/ubuntu/ wily main restricted ...
+        # deb                          "http://archive.ubuntu.com/ubuntu/" wily main restricted ...
+        # deb                          http://archive.ubuntu.com/ubuntu/ wily main restricted ...
+        # deb [trusted=yes]            http://archive.ubuntu.com/ubuntu/ wily main restricted ...
+        # deb [arch=amd64 trusted=yes] http://archive.ubuntu.com/ubuntu/ wily main restricted ...
         # deb cdrom:[Ubuntu 15.10 _Wily Werewolf_ - Release amd64 (20151021)]/ wily main restricted ...
-        words = line.split
-        words.delete_at 1 if words[1] && words[1].start_with?("[")
+        words = line.sub(/^(deb|deb-src)\s+\[.+?\]/, '\1').split
         type, url, distro, *components = words
         url = url.delete('"') if url

data/lib/inspec/resources/auditd.rb CHANGED

@@ -1,4 +1,4 @@
-require "forwardable"
+require "forwardable" unless defined?(Forwardable)
 require "inspec/utils/filter_array"
 require "inspec/utils/filter"
 require "inspec/utils/parser"

data/lib/inspec/resources/csv.rb CHANGED

@@ -20,7 +20,7 @@ module Inspec::Resources
     #      { 'name' => 'row2', 'col1' => 'value3', 'col2' => 'value4' }
     #    ]
     def parse(content)
-      require "csv"
+      require "csv" unless defined?(CSV)
       # convert empty field to nil
       CSV::Converters[:blank_to_nil] = lambda do |field|

data/lib/inspec/resources/dh_params.rb CHANGED

@@ -1,4 +1,4 @@
-require "openssl"
+require "openssl" unless defined?(OpenSSL)
 require "inspec/utils/file_reader"
 module Inspec::Resources

data/lib/inspec/resources/file.rb CHANGED

@@ -1,6 +1,6 @@
 # copyright: 2015, Vulcano Security GmbH
-require "shellwords"
+require "shellwords" unless defined?(Shellwords)
 require "inspec/utils/parser"
 module Inspec::Resources

data/lib/inspec/resources/grub_conf.rb CHANGED

@@ -29,7 +29,7 @@ module Inspec::Resources
       @content = read_file(@conf_path)
       @kernel = kernel || "default"
     rescue UnknownGrubConfig
-      skip_resource "The `grub_config` resource is not supported on your OS yet."
+      skip_resource "The `grub_conf` resource is not yet supported on the target OS #{inspec.os[:name]}."
     end
     def config_for_platform(path)
@@ -77,6 +77,7 @@ module Inspec::Resources
     def grub2_parse_kernel_lines(content, conf)
       menu_entries = extract_menu_entries(content)
+      return {} if menu_entries.empty?
       if @kernel == "default"
         default_menu_entry(menu_entries, conf["GRUB_DEFAULT"])

data/lib/inspec/resources/http.rb CHANGED

@@ -3,7 +3,7 @@
 # license: Apache v2
 require "inspec/resources/command"
-require "faraday"
+require "faraday" unless defined?(Faraday)
 require "faraday_middleware"
 require "hashie"

data/lib/inspec/resources/iis_website.rb CHANGED

@@ -1,2 +1,2 @@
 # This is just here to make the dynamic loader happy.
-require "inspec/resources/iis_website.rb"
+require "inspec/resources/iis_website"

data/lib/inspec/resources/interfaces.rb CHANGED

@@ -24,7 +24,7 @@ module Inspec::Resources
       .install_filter_methods_on_resource(self, :scan_interfaces)
     def ipv4_address
-      require "ipaddr"
+      require "ipaddr" unless defined?(IPAddr)
       # Loop over interface names
       # Select those that are up and have an ipv4 address

data/lib/inspec/resources/json.rb CHANGED

@@ -48,7 +48,7 @@ module Inspec::Resources
     # @return [Object] the value stored at this position
     def method_missing(*keys)
       # catch bahavior of rspec its implementation
-      # @see https://github.com/rspec/rspec-its/blob/master/lib/rspec/its.rb#L110
+      # @see https://github.com/rspec/rspec-its/blob/v1.2.0/lib/rspec/its.rb#L110
       keys.shift if keys.is_a?(Array) && keys[0] == :[]
       value(keys)
     end
@@ -66,7 +66,7 @@ module Inspec::Resources
     private
     def parse(content)
-      require "json"
+      require "json" unless defined?(JSON)
       JSON.parse(content)
     rescue => e
       raise Inspec::Exceptions::ResourceFailed, "Unable to parse JSON: #{e.message}"

data/lib/inspec/resources/key_rsa.rb CHANGED

@@ -1,4 +1,4 @@
-require "openssl"
+require "openssl" unless defined?(OpenSSL)
 require "hashie/mash"
 require "inspec/utils/file_reader"
 require "inspec/utils/pkey_reader"

data/lib/inspec/resources/mssql_session.rb CHANGED

@@ -12,6 +12,10 @@ module Inspec::Resources
   class MssqlSession < Inspec.resource(1)
     name "mssql_session"
     supports platform: "windows"
+    supports platform: "darwin"
+    supports platform: "debian"
+    supports platform: "redhat"
+    supports platform: "suse"
     desc "Use the mssql_session InSpec audit resource to test SQL commands run against a MS Sql Server database."
     example <<~EXAMPLE
       # Using SQL authentication
@@ -95,7 +99,7 @@ module Inspec::Resources
     end
     def parse_csv_result(cmd)
-      require "csv"
+      require "csv" unless defined?(CSV)
       table = CSV.parse(cmd.stdout, headers: true)
       # remove first row, since it will be a seperator line

data/lib/inspec/resources/mysql_session.rb CHANGED

@@ -1,7 +1,7 @@
 # copyright: 2015, Vulcano Security GmbH
 require "inspec/resources/command"
-require "shellwords"
+require "shellwords" unless defined?(Shellwords)
 module Inspec::Resources
   class Lines

data/lib/inspec/resources/nginx.rb CHANGED

@@ -1,4 +1,4 @@
-require "pathname"
+require "pathname" unless defined?(Pathname)
 require "hashie/mash"
 require "inspec/resources/command"

data/lib/inspec/resources/nginx_conf.rb CHANGED

@@ -1,7 +1,7 @@
 require "inspec/utils/nginx_parser"
 require "inspec/utils/find_files"
 require "inspec/utils/file_reader"
-require "forwardable"
+require "forwardable" unless defined?(Forwardable)
 # STABILITY: Experimental
 # This resouce needs a proper interace to the underlying data, which is currently missing.

data/lib/inspec/resources/npm.rb CHANGED

@@ -1,5 +1,5 @@
 require "inspec/resources/command"
-require "shellwords"
+require "shellwords" unless defined?(Shellwords)
 module Inspec::Resources
   class NpmPackage < Inspec.resource(1)

data/lib/inspec/resources/oracledb_session.rb CHANGED

@@ -1,7 +1,7 @@
 require "inspec/resources/command"
 require "inspec/utils/database_helpers"
 require "hashie/mash"
-require "csv"
+require "csv" unless defined?(CSV)
 module Inspec::Resources
   # STABILITY: Experimental

data/lib/inspec/resources/package.rb CHANGED

@@ -314,7 +314,7 @@ module Inspec::Resources
       # Find the package
       cmd = inspec.command <<-EOF.gsub(/^\s*/, "")
         Get-ItemProperty (@("#{search_paths.join('", "')}") | Where-Object { Test-Path $_ }) |
-        Where-Object { $_.DisplayName -match "^\s*#{package_name.shellescape}\.*" -or $_.PSChildName -match "^\s*#{package_name.shellescape}\.*" } |
+        Where-Object { $_.DisplayName -like "#{package_name}" -or $_.PSChildName -like "#{package_name}" } |
         Select-Object -Property DisplayName,DisplayVersion | ConvertTo-Json
       EOF

data/lib/inspec/resources/parse_config.rb CHANGED

@@ -55,8 +55,11 @@ module Inspec::Resources
       read_params unless @content.nil?
     end
-    def method_missing(name)
-      read_params[name.to_s]
+    def method_missing(*name)
+      # catch bahavior of rspec its implementation
+      # @see https://github.com/rspec/rspec-its/blob/v1.2.0/lib/rspec/its.rb#L110
+      name.shift if name.is_a?(Array) && name[0] == :[]
+      read_params[name[0].to_s]
     end
     def params(*opts)

data/lib/inspec/resources/platform.rb CHANGED

@@ -81,7 +81,7 @@ module Inspec::Resources
           when :os, :platform then
             platform?(v)
           when :os_name, :platform_name then
-            name == v
+            check_name(v)
           when :release then
             check_release(v)
           end
@@ -99,6 +99,16 @@ module Inspec::Resources
     private
+    def check_name(value)
+      # allow wild card matching
+      if value.include?("*")
+        cleaned = Regexp.escape(value).gsub('\*', ".*?")
+        name =~ /#{cleaned}/
+      else
+        name == value
+      end
+    end
     def check_release(value)
       # allow wild card matching
       if value.include?("*")

data/lib/inspec/resources/port.rb CHANGED

@@ -1,6 +1,6 @@
 require "inspec/utils/parser"
 require "inspec/utils/filter"
-require "ipaddr"
+require "ipaddr" unless defined?(IPAddr)
 # TODO: currently we return local ip only
 # TODO: improve handling of same port on multiple interfaces

data/lib/inspec/resources/postgres_session.rb CHANGED

@@ -1,6 +1,6 @@
 # copyright: 2015, Vulcano Security GmbH
-require "shellwords"
+require "shellwords" unless defined?(Shellwords)
 module Inspec::Resources
   class Lines

data/lib/inspec/resources/ppa.rb CHANGED

@@ -1,2 +1,2 @@
 # This is just here to make the dynamic loader happy.
-require "inspec/resources/apt.rb"
+require "inspec/resources/apt"

data/lib/inspec/resources/processes.rb CHANGED

@@ -1,7 +1,7 @@
 # copyright: 2015, Vulcano Security GmbH
 require "inspec/utils/filter"
-require "ostruct"
+require "ostruct" unless defined?(OpenStruct)
 require "inspec/resources/command"
 module Inspec::Resources

data/lib/inspec/resources/rabbitmq_conf.rb CHANGED

@@ -1,2 +1,2 @@
 # This is just here to make the dynamic loader happy.
-require "inspec/resources/rabbitmq_config.rb"
+require "inspec/resources/rabbitmq_config"

data/lib/inspec/resources/registry_key.rb CHANGED

@@ -1,6 +1,6 @@
 # copyright: 2015, Vulcano Security GmbH
-require "json"
+require "json" unless defined?(JSON)
 require "inspec/resources/powershell"
 # Three constructor methods are available:

data/lib/inspec/resources/sshd_config.rb CHANGED

@@ -1,2 +1,2 @@
 # This is just here to make the dynamic loader happy.
-require "inspec/resources/ssh_config.rb"
+require "inspec/resources/ssh_config"

data/lib/inspec/resources/ssl.rb CHANGED

@@ -1,8 +1,8 @@
 # copyright: 2015, Chef Software Inc.
-require "sslshake"
+require "sslshake" unless defined?(SSLShake)
 require "inspec/utils/filter"
-require "uri"
+require "uri" unless defined?(URI)
 require "parallel"
 # Custom resource based on the InSpec resource DSL