inspec-core 4.24.26 → 4.26.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +7 -3
  3. data/inspec-core.gemspec +4 -3
  4. data/lib/inspec/base_cli.rb +4 -2
  5. data/lib/inspec/config.rb +14 -1
  6. data/lib/inspec/profile_context.rb +3 -0
  7. data/lib/inspec/resources/nginx_conf.rb +39 -0
  8. data/lib/inspec/resources/oracledb_session.rb +1 -1
  9. data/lib/inspec/resources/ssh_config.rb +25 -3
  10. data/lib/inspec/utils/run_data_filters.rb +7 -5
  11. data/lib/inspec/version.rb +1 -1
  12. metadata +31 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bfed5976ebd618d37b1fbf0058fbd9389b243dbd5070444fda7558cf309392c3
4
- data.tar.gz: 3b894051f2f56e249af59acf0de10c50d8a826d3af1755eaf60100a7a4934dab
3
+ metadata.gz: 19dc98f8f780ec1c69bf76e316f50bf6a66de76fa2960928412bfda16ab9a7e3
4
+ data.tar.gz: 8238123e0f700752c00c3a147a0a0b71b8758dd609834c14bc589e1a3595cd63
5
5
  SHA512:
6
- metadata.gz: c1d9b3598a4bc81085d95b5a4b254ac57001aa301e4371394b8b8b307b54ed26644784ccf9dafd2e52d4e2553e5c1ff77ae821691ef738e542f13d892f692f81
7
- data.tar.gz: 54f9be8adc1870127be3e825e809499270717d395fa26d11408f186a66fdb61ca7db0ac78fd73143652893bd482acf2d1009c3343609e8b34bcd3ff3eb0aaa0c
6
+ metadata.gz: 97d0166605c0fccaa3938afeaeea2578a3acd849d69d8b25cbb89714a6758f503c2d7b10c185ca8a9a67c88cedba692b5dd3b3c10730196a86b9965695f25852
7
+ data.tar.gz: b16242929c1163917fed27a93af18c7632131f2a8397a8d3a1b175574bf692b06fde536bab33aa0303c3d0d6fb664b754bc00e3782752cc552e2d61c40625c18
data/Gemfile CHANGED
@@ -9,13 +9,17 @@ gem "inspec", path: "."
9
9
  # in it in order to package the executable. Hence the odd backwards dependency.
10
10
  gem "inspec-bin", path: "./inspec-bin"
11
11
 
12
- gem "ffi", ">= 1.9.14", "!= 1.13.0"
12
+ gem "ffi", ">= 1.9.14", "!= 1.13.0", "!= 1.14.2"
13
13
 
14
14
  if Gem.ruby_version.to_s.start_with?("2.5")
15
15
  # 16.7.23 required ruby 2.6+
16
16
  gem "chef-utils", "< 16.7.23" # TODO: remove when we drop ruby 2.5
17
17
  end
18
18
 
19
+ # inspec tests depend text output that changed in the 3.10 release
20
+ # but our runtime dep is still 3.9+
21
+ gem "rspec", ">= 3.10"
22
+
19
23
  group :omnibus do
20
24
  gem "rb-readline"
21
25
  gem "appbundler"
@@ -24,10 +28,10 @@ group :omnibus do
24
28
  end
25
29
 
26
30
  group :test do
27
- gem "chefstyle", "~> 1.5.7"
31
+ gem "chefstyle", "~> 1.7.1"
28
32
  gem "concurrent-ruby", "~> 1.0"
29
33
  gem "html-proofer", platforms: :ruby # do not attempt to run proofer on windows
30
- gem "json_schemer", ">= 0.2.1", "< 0.2.12"
34
+ gem "json_schemer", ">= 0.2.1", "< 0.2.18"
31
35
  gem "m"
32
36
  gem "minitest-sprint", "~> 1.0"
33
37
  gem "minitest", "~> 5.5"
data/inspec-core.gemspec CHANGED
@@ -28,19 +28,20 @@ Gem::Specification.new do |spec|
28
28
  spec.add_dependency "thor", ">= 0.20", "< 2.0"
29
29
  spec.add_dependency "method_source", ">= 0.8", "< 2.0"
30
30
  spec.add_dependency "rubyzip", ">= 1.2.2", "< 3.0"
31
- spec.add_dependency "rspec", "~> 3.10"
31
+ spec.add_dependency "rspec", ">= 3.9", "< 3.11"
32
32
  spec.add_dependency "rspec-its", "~> 1.2"
33
33
  spec.add_dependency "pry", "~> 0.13"
34
34
  spec.add_dependency "hashie", ">= 3.4", "< 5.0"
35
35
  spec.add_dependency "mixlib-log", "~> 3.0"
36
36
  spec.add_dependency "sslshake", "~> 1.2"
37
37
  spec.add_dependency "parallel", "~> 1.9"
38
- spec.add_dependency "faraday", ">= 0.9.0", "< 1.2"
38
+ spec.add_dependency "faraday", ">= 0.9.0", "< 1.4"
39
+ spec.add_dependency "faraday_middleware", "~> 1.0"
39
40
  spec.add_dependency "tty-table", "~> 0.10"
40
41
  spec.add_dependency "tty-prompt", "~> 0.17"
41
42
  spec.add_dependency "tomlrb", ">= 1.2", "< 2.1"
42
43
  spec.add_dependency "addressable", "~> 2.4"
43
- spec.add_dependency "parslet", ">= 1.5", "< 3.0"
44
+ spec.add_dependency "parslet", ">= 1.5", "< 2.0" # Pinned < 2.0, see #5389
44
45
  spec.add_dependency "semverse", "~> 3.0"
45
46
  spec.add_dependency "multipart-post", "~> 2.0"
46
47
 
data/lib/inspec/base_cli.rb CHANGED
@@ -1,4 +1,4 @@
1
- require "thor" unless defined?(Thor)
1
+ require "thor" # rubocop:disable Chef/Ruby/UnlessDefinedRequire
2
2
  require "inspec/log"
3
3
  require "inspec/ui"
4
4
  require "inspec/config"
@@ -118,6 +118,8 @@ module Inspec
118
118
  desc: "Disable SSL verification on select targets"
119
119
  option :target_id, type: :string,
120
120
  desc: "Provide a ID which will be included on reports"
121
+ option :winrm_shell_type, type: :string, default: "powershell",
122
+ desc: "Specify a shell type for winrm (eg. 'elevated' or 'powershell')"
121
123
  end
122
124
 
123
125
  def self.profile_options
@@ -136,7 +138,7 @@ module Inspec
136
138
  banner: "one two:/output/file/path",
137
139
  desc: "Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml"
138
140
  option :reporter_message_truncation, type: :string,
139
- desc: "Number of characters to truncate failure messages in report data to (default: no truncation)"
141
+ desc: "Number of characters to truncate failure messages and code_desc in report data to (default: no truncation)"
140
142
  option :reporter_backtrace_inclusion, type: :boolean,
141
143
  desc: "Include a code backtrace in report data (default: true)"
142
144
  option :input, type: :array, banner: "name1=value1 name2=value2",
data/lib/inspec/config.rb CHANGED
@@ -128,12 +128,25 @@ module Inspec
128
128
  end
129
129
 
130
130
  #-----------------------------------------------------------------------#
131
- # Fetching Plugin Data
131
+ # Handling Plugin Data
132
132
  #-----------------------------------------------------------------------#
133
133
  def fetch_plugin_config(plugin_name)
134
134
  Thor::CoreExt::HashWithIndifferentAccess.new(@plugin_cfg[plugin_name] || {})
135
135
  end
136
136
 
137
+ def set_plugin_config(plugin_name, plugin_config)
138
+ plugin_name = plugin_name.to_s unless plugin_name.is_a? String
139
+
140
+ @plugin_cfg[plugin_name] = plugin_config
141
+ end
142
+
143
+ def merge_plugin_config(plugin_name, additional_plugin_config)
144
+ plugin_name = plugin_name.to_s unless plugin_name.is_a? String
145
+
146
+ @plugin_cfg[plugin_name] = {} if @plugin_cfg[plugin_name].nil?
147
+ @plugin_cfg[plugin_name].merge!(additional_plugin_config)
148
+ end
149
+
137
150
  # clear the cached config
138
151
  def self.__reset
139
152
  @cached_config = nil
data/lib/inspec/profile_context.rb CHANGED
@@ -173,6 +173,9 @@ module Inspec
173
173
 
174
174
  def unregister_rule(id)
175
175
  @rules.delete(full_id(@profile_id, id))
176
+ @control_subcontexts.each do |c|
177
+ c.unregister_rule(id)
178
+ end
176
179
  end
177
180
 
178
181
  attr_reader :current_load
data/lib/inspec/resources/nginx_conf.rb CHANGED
@@ -54,6 +54,21 @@ module Inspec::Resources
54
54
  "nginx_conf #{@conf_path}"
55
55
  end
56
56
 
57
+ def method_missing(name)
58
+ return super if name.to_s.match?(/^to_/)
59
+
60
+ v = params[name.to_s]
61
+ return v.flatten unless v.nil?
62
+
63
+ nil
64
+ end
65
+
66
+ def respond_to_missing?(name, include_all = false)
67
+ return super if name.to_s.match?(/^to_/)
68
+
69
+ true
70
+ end
71
+
57
72
  private
58
73
 
59
74
  def read_content(path)
@@ -175,6 +190,18 @@ module Inspec::Resources
175
190
  end
176
191
  alias inspect to_s
177
192
 
193
+ def method_missing(name)
194
+ return super if name.to_s.match?(/^to_/)
195
+
196
+ (@params[name.to_s] || []).flatten
197
+ end
198
+
199
+ def respond_to_missing?(name, include_all = false)
200
+ return super if name.to_s.match?(/^to_/)
201
+
202
+ true
203
+ end
204
+
178
205
  private
179
206
 
180
207
  def server_table
@@ -207,6 +234,18 @@ module Inspec::Resources
207
234
  end
208
235
  alias inspect to_s
209
236
 
237
+ def method_missing(name)
238
+ return super if name.to_s.match?(/^to_/)
239
+
240
+ (@params[name.to_s] || []).flatten
241
+ end
242
+
243
+ def respond_to_missing?(name, include_all = false)
244
+ return super if name.to_s.match?(/^to_/)
245
+
246
+ true
247
+ end
248
+
210
249
  private
211
250
 
212
251
  def location_table
data/lib/inspec/resources/oracledb_session.rb CHANGED
@@ -48,7 +48,7 @@ module Inspec::Resources
48
48
  format_options = "set sqlformat csv\nSET FEEDBACK OFF"
49
49
  else
50
50
  @bin = "#{@sqlplus_bin} -S"
51
- format_options = "SET MARKUP CSV ON\nSET PAGESIZE 32000\nSET FEEDBACK OFF"
51
+ format_options = "SET PAGESIZE 32000\nSET FEEDBACK OFF\nSET UNDERLINE OFF"
52
52
  end
53
53
 
54
54
  command = command_builder(format_options, sql)
data/lib/inspec/resources/ssh_config.rb CHANGED
@@ -7,6 +7,7 @@ module Inspec::Resources
7
7
  class SshConfig < Inspec.resource(1)
8
8
  name "ssh_config"
9
9
  supports platform: "unix"
10
+ supports platform: "windows"
10
11
  desc "Use the `ssh_config` InSpec audit resource to test OpenSSH client configuration data located at `/etc/ssh/ssh_config` on Linux and Unix platforms."
11
12
  example <<~EXAMPLE
12
13
  describe ssh_config do
@@ -19,7 +20,7 @@ module Inspec::Resources
19
20
  include FileReader
20
21
 
21
22
  def initialize(conf_path = nil, type = nil)
22
- @conf_path = conf_path || "/etc/ssh/ssh_config"
23
+ @conf_path = conf_path || ssh_config_file("ssh_config")
23
24
  typename = (@conf_path.include?("sshd") ? "Server" : "Client")
24
25
  @type = type || "SSH #{typename} configuration #{conf_path}"
25
26
  read_content
@@ -38,7 +39,7 @@ module Inspec::Resources
38
39
  def convert_hash(hash)
39
40
  new_hash = {}
40
41
  hash.each do |k, v|
41
- new_hash[k.downcase] = v
42
+ new_hash[k.downcase] ||= v
42
43
  end
43
44
  new_hash
44
45
  end
@@ -75,11 +76,21 @@ module Inspec::Resources
75
76
  )
76
77
  @params = convert_hash(conf.params)
77
78
  end
79
+
80
+ def ssh_config_file(type)
81
+ if inspec.os.windows?
82
+ programdata = inspec.os_env("programdata").content
83
+ return "#{programdata}\\ssh\\#{type}"
84
+ end
85
+
86
+ "/etc/ssh/#{type}"
87
+ end
78
88
  end
79
89
 
80
90
  class SshdConfig < SshConfig
81
91
  name "sshd_config"
82
92
  supports platform: "unix"
93
+ supports platform: "windows"
83
94
  desc "Use the sshd_config InSpec audit resource to test configuration data for the Open SSH daemon located at /etc/ssh/sshd_config on Linux and UNIX platforms. sshd---the Open SSH daemon---listens on dedicated ports, starts a daemon for each incoming connection, and then handles encryption, authentication, key exchanges, command execution, and data exchanges."
84
95
  example <<~EXAMPLE
85
96
  describe sshd_config do
@@ -88,11 +99,22 @@ module Inspec::Resources
88
99
  EXAMPLE
89
100
 
90
101
  def initialize(path = nil)
91
- super(path || "/etc/ssh/sshd_config")
102
+ super(path || ssh_config_file("sshd_config"))
92
103
  end
93
104
 
94
105
  def to_s
95
106
  "SSHD Configuration"
96
107
  end
108
+
109
+ private
110
+
111
+ def ssh_config_file(type)
112
+ if inspec.os.windows?
113
+ programdata = inspec.os_env("programdata").content
114
+ return "#{programdata}\\ssh\\#{type}"
115
+ end
116
+
117
+ "/etc/ssh/#{type}"
118
+ end
97
119
  end
98
120
  end
data/lib/inspec/utils/run_data_filters.rb CHANGED
@@ -18,7 +18,7 @@ module Inspec
18
18
  sort_controls
19
19
  end
20
20
 
21
- # Apply options such as message truncation and removal of backtraces
21
+ # Apply options such as message and code_desc truncation, and removal of backtraces
22
22
  def apply_report_resize_options
23
23
  runtime_config = @config[:runtime_config]
24
24
 
@@ -30,7 +30,7 @@ module Inspec
30
30
  p[:controls].each do |c|
31
31
  c[:results]&.map! do |r|
32
32
  r.delete(:backtrace) unless include_backtrace
33
- process_message_truncation(r)
33
+ process_truncation(r)
34
34
  end
35
35
  end
36
36
  end
@@ -93,9 +93,11 @@ module Inspec
93
93
 
94
94
  private
95
95
 
96
- def process_message_truncation(result)
97
- if result.key?(:message) && result[:message] != "" && @trunc > -1 && result[:message].length > @trunc
98
- result[:message] = result[:message][0...@trunc] + "[Truncated to #{@trunc} characters]"
96
+ def process_truncation(result)
97
+ %i{code_desc message}.each do |field|
98
+ if result.key?(field) && result[field] != "" && @trunc > -1 && result[field].length > @trunc
99
+ result[field] = result[field][0...@trunc] + "[Truncated to #{@trunc} characters]"
100
+ end
99
101
  end
100
102
  result
101
103
  end
data/lib/inspec/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Inspec
2
- VERSION = "4.24.26".freeze
2
+ VERSION = "4.26.13".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.24.26
4
+ version: 4.26.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chef InSpec Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-23 00:00:00.000000000 Z
11
+ date: 2021-02-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-telemetry
@@ -108,16 +108,22 @@ dependencies:
108
108
  name: rspec
109
109
  requirement: !ruby/object:Gem::Requirement
110
110
  requirements:
111
- - - "~>"
111
+ - - ">="
112
+ - !ruby/object:Gem::Version
113
+ version: '3.9'
114
+ - - "<"
112
115
  - !ruby/object:Gem::Version
113
- version: '3.10'
116
+ version: '3.11'
114
117
  type: :runtime
115
118
  prerelease: false
116
119
  version_requirements: !ruby/object:Gem::Requirement
117
120
  requirements:
118
- - - "~>"
121
+ - - ">="
122
+ - !ruby/object:Gem::Version
123
+ version: '3.9'
124
+ - - "<"
119
125
  - !ruby/object:Gem::Version
120
- version: '3.10'
126
+ version: '3.11'
121
127
  - !ruby/object:Gem::Dependency
122
128
  name: rspec-its
123
129
  requirement: !ruby/object:Gem::Requirement
@@ -217,7 +223,7 @@ dependencies:
217
223
  version: 0.9.0
218
224
  - - "<"
219
225
  - !ruby/object:Gem::Version
220
- version: '1.2'
226
+ version: '1.4'
221
227
  type: :runtime
222
228
  prerelease: false
223
229
  version_requirements: !ruby/object:Gem::Requirement
@@ -227,7 +233,21 @@ dependencies:
227
233
  version: 0.9.0
228
234
  - - "<"
229
235
  - !ruby/object:Gem::Version
230
- version: '1.2'
236
+ version: '1.4'
237
+ - !ruby/object:Gem::Dependency
238
+ name: faraday_middleware
239
+ requirement: !ruby/object:Gem::Requirement
240
+ requirements:
241
+ - - "~>"
242
+ - !ruby/object:Gem::Version
243
+ version: '1.0'
244
+ type: :runtime
245
+ prerelease: false
246
+ version_requirements: !ruby/object:Gem::Requirement
247
+ requirements:
248
+ - - "~>"
249
+ - !ruby/object:Gem::Version
250
+ version: '1.0'
231
251
  - !ruby/object:Gem::Dependency
232
252
  name: tty-table
233
253
  requirement: !ruby/object:Gem::Requirement
@@ -299,7 +319,7 @@ dependencies:
299
319
  version: '1.5'
300
320
  - - "<"
301
321
  - !ruby/object:Gem::Version
302
- version: '3.0'
322
+ version: '2.0'
303
323
  type: :runtime
304
324
  prerelease: false
305
325
  version_requirements: !ruby/object:Gem::Requirement
@@ -309,7 +329,7 @@ dependencies:
309
329
  version: '1.5'
310
330
  - - "<"
311
331
  - !ruby/object:Gem::Version
312
- version: '3.0'
332
+ version: '2.0'
313
333
  - !ruby/object:Gem::Dependency
314
334
  name: semverse
315
335
  requirement: !ruby/object:Gem::Requirement
@@ -750,7 +770,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
750
770
  - !ruby/object:Gem::Version
751
771
  version: '0'
752
772
  requirements: []
753
- rubygems_version: 3.0.3
773
+ rubygems_version: 3.1.4
754
774
  signing_key:
755
775
  specification_version: 4
756
776
  summary: Infrastructure and compliance testing. Core library.