inspec-core 4.3.2 → 4.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +37 -21
- data/etc/deprecations.json +10 -0
- data/etc/plugin_filters.json +8 -0
- data/lib/bundles/inspec-compliance/api.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -1
- data/lib/bundles/inspec-compliance/http.rb +1 -1
- data/lib/bundles/inspec-compliance/support.rb +1 -1
- data/lib/bundles/inspec-compliance/target.rb +1 -1
- data/lib/bundles/inspec-supermarket.rb +3 -7
- data/lib/bundles/inspec-supermarket/api.rb +10 -13
- data/lib/bundles/inspec-supermarket/cli.rb +12 -15
- data/lib/bundles/inspec-supermarket/target.rb +7 -11
- data/lib/fetchers/git.rb +14 -15
- data/lib/fetchers/local.rb +6 -10
- data/lib/fetchers/mock.rb +3 -5
- data/lib/fetchers/url.rb +42 -44
- data/lib/inspec.rb +23 -24
- data/lib/inspec/archive/tar.rb +2 -6
- data/lib/inspec/archive/zip.rb +3 -7
- data/lib/inspec/backend.rb +8 -9
- data/lib/inspec/base_cli.rb +64 -65
- data/lib/inspec/cached_fetcher.rb +2 -3
- data/lib/inspec/cli.rb +136 -97
- data/lib/inspec/config.rb +71 -61
- data/lib/inspec/control_eval_context.rb +22 -18
- data/lib/inspec/dependencies/cache.rb +2 -3
- data/lib/inspec/dependencies/dependency_set.rb +2 -3
- data/lib/inspec/dependencies/lockfile.rb +8 -9
- data/lib/inspec/dependencies/requirement.rb +7 -8
- data/lib/inspec/dependencies/resolver.rb +5 -7
- data/lib/inspec/describe.rb +2 -6
- data/lib/inspec/dist.rb +20 -0
- data/lib/inspec/dsl.rb +4 -7
- data/lib/inspec/dsl_shared.rb +1 -2
- data/lib/inspec/env_printer.rb +11 -12
- data/lib/inspec/errors.rb +0 -4
- data/lib/inspec/exceptions.rb +0 -1
- data/lib/inspec/expect.rb +5 -8
- data/lib/inspec/fetcher.rb +7 -10
- data/lib/inspec/file_provider.rb +24 -24
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +8 -8
- data/lib/inspec/globals.rb +2 -2
- data/lib/inspec/impact.rb +5 -7
- data/lib/inspec/input_registry.rb +84 -33
- data/lib/inspec/library_eval_context.rb +3 -6
- data/lib/inspec/log.rb +1 -5
- data/lib/inspec/metadata.rb +17 -16
- data/lib/inspec/method_source.rb +5 -9
- data/lib/inspec/objects.rb +10 -12
- data/lib/inspec/objects/control.rb +7 -9
- data/lib/inspec/objects/describe.rb +9 -11
- data/lib/inspec/objects/each_loop.rb +1 -3
- data/lib/inspec/objects/input.rb +24 -26
- data/lib/inspec/objects/list.rb +4 -6
- data/lib/inspec/objects/or_test.rb +2 -4
- data/lib/inspec/objects/ruby_helper.rb +3 -5
- data/lib/inspec/objects/tag.rb +0 -2
- data/lib/inspec/objects/test.rb +9 -11
- data/lib/inspec/objects/value.rb +3 -5
- data/lib/inspec/plugin/v1.rb +2 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
- data/lib/inspec/plugin/v1/plugins.rb +15 -19
- data/lib/inspec/plugin/v1/registry.rb +0 -4
- data/lib/inspec/plugin/v2.rb +8 -8
- data/lib/inspec/plugin/v2/activator.rb +1 -1
- data/lib/inspec/plugin/v2/config_file.rb +6 -6
- data/lib/inspec/plugin/v2/filter.rb +13 -13
- data/lib/inspec/plugin/v2/installer.rb +36 -24
- data/lib/inspec/plugin/v2/loader.rb +28 -28
- data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
- data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
- data/lib/inspec/plugin/v2/registry.rb +7 -7
- data/lib/inspec/polyfill.rb +0 -3
- data/lib/inspec/profile.rb +55 -63
- data/lib/inspec/profile_context.rb +27 -30
- data/lib/inspec/profile_vendor.rb +6 -9
- data/lib/inspec/reporters.rb +24 -24
- data/lib/inspec/reporters/automate.rb +17 -19
- data/lib/inspec/reporters/base.rb +1 -1
- data/lib/inspec/reporters/cli.rb +88 -91
- data/lib/inspec/reporters/json.rb +2 -4
- data/lib/inspec/reporters/json_automate.rb +1 -3
- data/lib/inspec/reporters/json_min.rb +1 -3
- data/lib/inspec/reporters/junit.rb +26 -28
- data/lib/inspec/reporters/yaml.rb +1 -3
- data/lib/inspec/require_loader.rb +0 -4
- data/lib/inspec/resource.rb +4 -125
- data/lib/inspec/resources.rb +121 -0
- data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
- data/lib/{resources → inspec/resources}/apache.rb +13 -14
- data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
- data/lib/{resources → inspec/resources}/apt.rb +17 -17
- data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
- data/lib/{resources → inspec/resources}/auditd.rb +62 -64
- data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
- data/lib/{resources → inspec/resources}/bash.rb +6 -8
- data/lib/{resources → inspec/resources}/bond.rb +15 -14
- data/lib/{resources → inspec/resources}/bridge.rb +8 -8
- data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
- data/lib/{resources → inspec/resources}/command.rb +11 -10
- data/lib/{resources → inspec/resources}/cpan.rb +12 -12
- data/lib/{resources → inspec/resources}/cran.rb +9 -9
- data/lib/{resources → inspec/resources}/crontab.rb +47 -48
- data/lib/{resources → inspec/resources}/csv.rb +5 -5
- data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
- data/lib/{resources → inspec/resources}/directory.rb +5 -7
- data/lib/{resources → inspec/resources}/docker.rb +63 -63
- data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
- data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
- data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
- data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
- data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
- data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
- data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
- data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
- data/lib/{resources → inspec/resources}/file.rb +80 -79
- data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
- data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
- data/lib/{resources → inspec/resources}/gem.rb +12 -12
- data/lib/{resources → inspec/resources}/groups.rb +28 -27
- data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
- data/lib/{resources → inspec/resources}/host.rb +31 -29
- data/lib/{resources → inspec/resources}/http.rb +24 -24
- data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
- data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
- data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
- data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/ini.rb +7 -8
- data/lib/{resources → inspec/resources}/interface.rb +30 -30
- data/lib/{resources → inspec/resources}/iptables.rb +8 -8
- data/lib/{resources → inspec/resources}/json.rb +8 -10
- data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
- data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
- data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
- data/lib/{resources → inspec/resources}/ksh.rb +6 -8
- data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
- data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
- data/lib/{resources → inspec/resources}/mount.rb +6 -8
- data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
- data/lib/inspec/resources/mysql.rb +81 -0
- data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
- data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
- data/lib/{resources → inspec/resources}/nginx.rb +16 -17
- data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
- data/lib/{resources → inspec/resources}/npm.rb +9 -10
- data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/oneget.rb +8 -8
- data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
- data/lib/{resources → inspec/resources}/os.rb +6 -8
- data/lib/{resources → inspec/resources}/os_env.rb +11 -12
- data/lib/{resources → inspec/resources}/package.rb +66 -65
- data/lib/{resources → inspec/resources}/packages.rb +13 -13
- data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
- data/lib/{resources → inspec/resources}/passwd.rb +18 -19
- data/lib/{resources → inspec/resources}/pip.rb +19 -19
- data/lib/{resources → inspec/resources}/platform.rb +9 -11
- data/lib/{resources → inspec/resources}/port.rb +134 -136
- data/lib/{resources → inspec/resources}/postgres.rb +40 -32
- data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
- data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
- data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
- data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
- data/lib/{resources → inspec/resources}/powershell.rb +17 -13
- data/lib/{resources → inspec/resources}/processes.rb +29 -29
- data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
- data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
- data/lib/inspec/resources/script.rb +1 -0
- data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
- data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
- data/lib/{resources → inspec/resources}/service.rb +74 -75
- data/lib/{resources → inspec/resources}/shadow.rb +44 -45
- data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
- data/lib/{resources → inspec/resources}/ssl.rb +28 -29
- data/lib/inspec/resources/sys_info.rb +30 -0
- data/lib/{resources → inspec/resources}/toml.rb +5 -7
- data/lib/{resources → inspec/resources}/users.rb +65 -65
- data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
- data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
- data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
- data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
- data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
- data/lib/{resources → inspec/resources}/wmi.rb +7 -8
- data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
- data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
- data/lib/{resources → inspec/resources}/xml.rb +7 -7
- data/lib/{resources → inspec/resources}/yaml.rb +5 -6
- data/lib/{resources → inspec/resources}/yum.rb +10 -10
- data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
- data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
- data/lib/inspec/rspec_extensions.rb +24 -8
- data/lib/inspec/rule.rb +14 -15
- data/lib/inspec/runner.rb +28 -28
- data/lib/inspec/runner_mock.rb +1 -5
- data/lib/inspec/runner_rspec.rb +18 -20
- data/lib/inspec/runtime_profile.rb +2 -5
- data/lib/inspec/schema.rb +142 -143
- data/lib/inspec/secrets.rb +3 -7
- data/lib/inspec/secrets/yaml.rb +3 -5
- data/lib/inspec/shell.rb +11 -15
- data/lib/inspec/shell_detector.rb +6 -7
- data/lib/inspec/source_reader.rb +4 -8
- data/lib/inspec/ui.rb +33 -39
- data/lib/inspec/ui_table_helper.rb +12 -0
- data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
- data/lib/{utils → inspec/utils}/convert.rb +0 -4
- data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
- data/lib/inspec/utils/deprecation.rb +6 -0
- data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
- data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
- data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
- data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
- data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
- data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
- data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
- data/lib/{utils → inspec/utils}/filter.rb +30 -33
- data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
- data/lib/{utils → inspec/utils}/find_files.rb +9 -12
- data/lib/{utils → inspec/utils}/hash.rb +1 -5
- data/lib/inspec/utils/json_log.rb +15 -0
- data/lib/inspec/utils/latest_version.rb +13 -0
- data/lib/{utils → inspec/utils}/modulator.rb +0 -3
- data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
- data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
- data/lib/{utils → inspec/utils}/parser.rb +45 -45
- data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
- data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
- data/lib/{utils → inspec/utils}/spdx.rb +1 -4
- data/lib/{utils → inspec/utils}/spdx.txt +0 -0
- data/lib/inspec/utils/telemetry.rb +3 -3
- data/lib/inspec/utils/telemetry/collector.rb +30 -9
- data/lib/inspec/utils/telemetry/data_series.rb +3 -1
- data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +22 -25
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
- data/lib/plugins/inspec-habitat/Berksfile +2 -2
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
- data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
- data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
- data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
- data/lib/source_readers/flat.rb +6 -10
- data/lib/source_readers/inspec.rb +8 -12
- metadata +139 -140
- data/lib/resources/mysql.rb +0 -82
- data/lib/resources/sys_info.rb +0 -28
- data/lib/utils/deprecation.rb +0 -6
- data/lib/utils/json_log.rb +0 -18
- data/lib/utils/latest_version.rb +0 -22
@@ -10,13 +10,13 @@ PROFILE_PATH="{{pkg.path}}/{{pkg.name}}-{{pkg.version}}.tar.gz"
|
|
10
10
|
|
11
11
|
while true; do
|
12
12
|
echo "Executing ${PROFILE_IDENT}"
|
13
|
-
exec
|
13
|
+
exec <%= Inspec::Dist::EXEC_NAME %> exec ${PROFILE_PATH} --json-config ${CONFIG} 2>&1 | tee ${LOG_FILE}
|
14
14
|
|
15
15
|
exit_code=$?
|
16
16
|
if [ $exit_code -eq 1 ]; then
|
17
|
-
echo "
|
17
|
+
echo "<%= Inspec::Dist::PRODUCT_NAME %> run failed."
|
18
18
|
else
|
19
|
-
echo "
|
19
|
+
echo "<%= Inspec::Dist::PRODUCT_NAME %> run completed successfully."
|
20
20
|
if [ $exit_code -eq 0 ]; then
|
21
21
|
echo "No controls failed or were skipped."
|
22
22
|
elif [ $exit_code -eq 100 ]; then
|
@@ -18,7 +18,7 @@ do_before() {
|
|
18
18
|
return 1
|
19
19
|
fi
|
20
20
|
|
21
|
-
# Execute an '
|
21
|
+
# Execute an '<%= Inspec::Dist::EXEC_NAME %> compliance login' if a profile needs to be fetched from
|
22
22
|
# the Automate server
|
23
23
|
if [ "$(grep "compliance: " "$PLAN_CONTEXT/../inspec.yml")" ]; then
|
24
24
|
_do_compliance_login;
|
@@ -29,10 +29,10 @@ do_setup_environment() {
|
|
29
29
|
set_buildtime_env PROFILE_CACHE_DIR "$HAB_CACHE_SRC_PATH/$pkg_dirname"
|
30
30
|
set_buildtime_env ARCHIVE_NAME "$pkg_name-$pkg_version.tar.gz"
|
31
31
|
|
32
|
-
#
|
32
|
+
# <%= Inspec::Dist::PRODUCT_NAME %> loads `pry` which tries to expand `~`. This fails if HOME isn't set.
|
33
33
|
set_runtime_env HOME "$pkg_svc_var_path"
|
34
34
|
|
35
|
-
#
|
35
|
+
# <%= Inspec::Dist::PRODUCT_NAME %> will create a `.inspec` directory in the user's home directory.
|
36
36
|
# This overrides that to write to a place within the running service's path.
|
37
37
|
# NOTE: Setting HOME does the same currently. This is here to be explicit.
|
38
38
|
set_runtime_env INSPEC_CONFIG_DIR "$pkg_svc_var_path"
|
@@ -52,9 +52,9 @@ do_unpack() {
|
|
52
52
|
}
|
53
53
|
|
54
54
|
do_build() {
|
55
|
-
|
56
|
-
|
57
|
-
|
55
|
+
<%= Inspec::Dist::EXEC_NAME %> archive "$PROFILE_CACHE_DIR" \
|
56
|
+
--overwrite \
|
57
|
+
-o "$PROFILE_CACHE_DIR/$ARCHIVE_NAME"
|
58
58
|
}
|
59
59
|
|
60
60
|
do_install() {
|
@@ -63,7 +63,7 @@ do_install() {
|
|
63
63
|
|
64
64
|
_do_compliance_login() {
|
65
65
|
if [ -z $COMPLIANCE_CREDS ]; then
|
66
|
-
message="ERROR: Please perform an '
|
66
|
+
message="ERROR: Please perform an '<%= Inspec::Dist::EXEC_NAME %> compliance login' and set"
|
67
67
|
message="$message \$HAB_STUDIO_SECRET_COMPLIANCE_CREDS to the contents of"
|
68
68
|
message="$message '~/.inspec/compliance/config.json'"
|
69
69
|
build_line "$message"
|
@@ -78,8 +78,8 @@ _do_compliance_login() {
|
|
78
78
|
sed 's/"//g'
|
79
79
|
)
|
80
80
|
insecure=$(echo $COMPLIANCE_CREDS | jq .insecure)
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
81
|
+
<%= Inspec::Dist::EXEC_NAME %> compliance login --insecure $insecure \
|
82
|
+
--user $user \
|
83
|
+
--token $token \
|
84
|
+
$automate_server
|
85
85
|
}
|
@@ -1,17 +1,15 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require 'pathname'
|
4
|
-
require_relative 'renderer'
|
1
|
+
require "pathname"
|
2
|
+
require_relative "renderer"
|
5
3
|
|
6
4
|
module InspecPlugins
|
7
5
|
module Init
|
8
6
|
class CLI < Inspec.plugin(2, :cli_command)
|
9
|
-
subcommand_desc
|
7
|
+
subcommand_desc "init SUBCOMMAND", "Generate InSpec code"
|
10
8
|
|
11
|
-
TEMPLATES_PATH = File.expand_path(File.join(File.dirname(__FILE__),
|
9
|
+
TEMPLATES_PATH = File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "templates"))
|
12
10
|
|
13
|
-
require_relative
|
14
|
-
require_relative
|
11
|
+
require_relative "cli_profile"
|
12
|
+
require_relative "cli_plugin"
|
15
13
|
end
|
16
14
|
end
|
17
15
|
end
|
@@ -1,6 +1,4 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require_relative 'renderer'
|
1
|
+
require_relative "renderer"
|
4
2
|
|
5
3
|
module InspecPlugins
|
6
4
|
module Init
|
@@ -8,28 +6,28 @@ module InspecPlugins
|
|
8
6
|
#-------------------------------------------------------------------#
|
9
7
|
# inspec init plugin
|
10
8
|
#-------------------------------------------------------------------#
|
11
|
-
desc
|
9
|
+
desc "plugin PLUGIN_NAME [options]", "Generates an InSpec plugin, which can extend the functionality of InSpec itself."
|
12
10
|
# General options
|
13
|
-
option :prompt, type: :boolean, default: true, desc:
|
14
|
-
option :detail, type: :string, default:
|
11
|
+
option :prompt, type: :boolean, default: true, desc: "Interactively prompt for information to put in your generated plugin."
|
12
|
+
option :detail, type: :string, default: "full", desc: "How detailed of a plugin to generate. 'full' is a normal full gem with tests; 'core' has tests but no gemspec; 'test-fixture' is stripped down for a test fixture."
|
15
13
|
|
16
14
|
# Templating vars
|
17
|
-
option :author_email, type: :string, default:
|
18
|
-
option :author_name, type: :string, default:
|
19
|
-
option :description, type: :string, default:
|
20
|
-
option :summary, type: :string, default:
|
21
|
-
option :license_name, type: :string, default:
|
22
|
-
option :hook, type: :array, default: [
|
15
|
+
option :author_email, type: :string, default: "you@example.com", desc: "Author Email for gemspec"
|
16
|
+
option :author_name, type: :string, default: "Your Name", desc: "Author Name for gemspec"
|
17
|
+
option :description, type: :string, default: "", desc: "Multi-line description of the plugin"
|
18
|
+
option :summary, type: :string, default: "A plugin with a default summary", desc: "One-line summary of your plugin"
|
19
|
+
option :license_name, type: :string, default: "Apache-2.0", desc: "The name of a license"
|
20
|
+
option :hook, type: :array, default: ["cli_command:my_command"], desc: "A list of plugin hooks, in the form type1:name1, type2:name2, etc"
|
23
21
|
# These vars have calculated defaults
|
24
|
-
option :homepage, type: :string, default: nil, desc:
|
25
|
-
option :module_name, type: :string, default: nil, desc:
|
26
|
-
option :license_text, type: :string, default:
|
27
|
-
option :plugin_name, type: :string, default:
|
28
|
-
option :copyright, type: :string, default: nil, desc:
|
22
|
+
option :homepage, type: :string, default: nil, desc: "A URL for your project, often a GitHub link"
|
23
|
+
option :module_name, type: :string, default: nil, desc: "Module Name for your plugin package. Will change plugin name to CamelCase by default."
|
24
|
+
option :license_text, type: :string, default: "", hide: true
|
25
|
+
option :plugin_name, type: :string, default: "", hide: true # This is here to give a uniform interface
|
26
|
+
option :copyright, type: :string, default: nil, desc: "A copyright statement, to be added to LICENSE"
|
29
27
|
|
30
28
|
def plugin(plugin_name)
|
31
29
|
plugin_type = determine_plugin_type(plugin_name)
|
32
|
-
snake_case = plugin_name.tr(
|
30
|
+
snake_case = plugin_name.tr("-", "_")
|
33
31
|
|
34
32
|
template_vars = {
|
35
33
|
name: plugin_name,
|
@@ -37,7 +35,7 @@ module InspecPlugins
|
|
37
35
|
snake_case: snake_case,
|
38
36
|
}.merge(plugin_vars_from_opts)
|
39
37
|
|
40
|
-
template_path = File.join(
|
38
|
+
template_path = File.join("plugins", plugin_type + "-plugin-template")
|
41
39
|
|
42
40
|
render_opts = {
|
43
41
|
templates_path: TEMPLATES_PATH,
|
@@ -47,7 +45,7 @@ module InspecPlugins
|
|
47
45
|
}
|
48
46
|
renderer = InspecPlugins::Init::Renderer.new(ui, render_opts)
|
49
47
|
|
50
|
-
renderer.render_with_values(template_path, plugin_type +
|
48
|
+
renderer.render_with_values(template_path, plugin_type + " plugin", template_vars)
|
51
49
|
end
|
52
50
|
|
53
51
|
private
|
@@ -55,14 +53,14 @@ module InspecPlugins
|
|
55
53
|
def determine_plugin_type(plugin_name)
|
56
54
|
plugin_type = plugin_name.match(/^(inspec|train)\-/)
|
57
55
|
unless plugin_type
|
58
|
-
ui.error(
|
56
|
+
ui.error("Plugin names must begin with either " + ui.emphasis("inspec") + " or " + ui.emphasis("train") + " - saw " + ui.emphasis(plugin_name))
|
59
57
|
ui.exit(:usage_error)
|
60
58
|
end
|
61
59
|
options[:plugin_name] = plugin_name
|
62
60
|
|
63
61
|
plugin_type = plugin_type[1]
|
64
|
-
unless plugin_type ==
|
65
|
-
ui.error(
|
62
|
+
unless plugin_type == "inspec"
|
63
|
+
ui.error("Sorry, only InSpec (inspec-) plugins are supported at this time: Train (train-) support is not implemented yet.")
|
66
64
|
ui.exit(:usage_error)
|
67
65
|
end
|
68
66
|
plugin_type
|
@@ -70,19 +68,19 @@ module InspecPlugins
|
|
70
68
|
|
71
69
|
def make_rename_map(_plugin_type, plugin_name, snake_case)
|
72
70
|
{
|
73
|
-
|
74
|
-
File.join(
|
75
|
-
File.join(
|
76
|
-
File.join(
|
77
|
-
File.join(
|
78
|
-
File.join(
|
79
|
-
File.join(
|
71
|
+
"inspec-plugin-template.gemspec" => plugin_name + ".gemspec",
|
72
|
+
File.join("lib", "inspec-plugin-template") => File.join("lib", plugin_name),
|
73
|
+
File.join("lib", "inspec-plugin-template.rb") => File.join("lib", plugin_name + ".rb"),
|
74
|
+
File.join("lib", "inspec-plugin-template", "cli_command.rb") => File.join("lib", plugin_name, "cli_command.rb"),
|
75
|
+
File.join("lib", "inspec-plugin-template", "plugin.rb") => File.join("lib", plugin_name, "plugin.rb"),
|
76
|
+
File.join("lib", "inspec-plugin-template", "version.rb") => File.join("lib", plugin_name, "version.rb"),
|
77
|
+
File.join("test", "functional", "inspec_plugin_template_test.rb") => File.join("test", "functional", snake_case + "_test.rb"),
|
80
78
|
}
|
81
79
|
end
|
82
80
|
|
83
81
|
def plugin_vars_from_opts
|
84
82
|
# Set dynamic default - module name is straightforward. Copyright, homepage, and license_text depend on other prompted vars.
|
85
|
-
options[:module_name] ||= options[:plugin_name].sub(/^(inspec|train)\-/,
|
83
|
+
options[:module_name] ||= options[:plugin_name].sub(/^(inspec|train)\-/, "").split("-").map(&:capitalize).join("")
|
86
84
|
|
87
85
|
if options[:prompt] && ui.interactive?
|
88
86
|
vars = options.dup.merge(vars_from_prompts)
|
@@ -90,15 +88,15 @@ module InspecPlugins
|
|
90
88
|
vars = options.dup.merge(vars_from_defaults)
|
91
89
|
|
92
90
|
else
|
93
|
-
ui.error(
|
91
|
+
ui.error("You requested interactive prompting for the template variables, but this does not seem to be an interactive terminal.")
|
94
92
|
ui.exit(:usage_error)
|
95
93
|
end
|
96
94
|
vars.merge(parse_hook_option(options[:hook]))
|
97
95
|
end
|
98
96
|
|
99
97
|
def vars_from_defaults
|
100
|
-
options[:copyright] ||=
|
101
|
-
options[:homepage] ||=
|
98
|
+
options[:copyright] ||= "Copyright © " + Date.today.year.to_s + " " + options[:author_name]
|
99
|
+
options[:homepage] ||= "https://github.com/" + options[:author_email].split("@").first + "/" + options[:plugin_name]
|
102
100
|
options[:license_text] = fetch_license_text(options[:license_name])
|
103
101
|
options
|
104
102
|
end
|
@@ -110,17 +108,17 @@ module InspecPlugins
|
|
110
108
|
summary: {},
|
111
109
|
description: { mode: :multiline },
|
112
110
|
module_name: {},
|
113
|
-
copyright: { default_setter: proc { options[:copyright] ||=
|
111
|
+
copyright: { default_setter: proc { options[:copyright] ||= "Copyright © " + Date.today.year.to_s + " " + options[:author_name] } },
|
114
112
|
license_name: {
|
115
113
|
mode: :select,
|
116
114
|
choices: [
|
117
|
-
{ name:
|
118
|
-
{ name:
|
119
|
-
{ name:
|
120
|
-
{ name:
|
115
|
+
{ name: "Apache 2.0", value: "Apache-2.0", default: true },
|
116
|
+
{ name: "Modified BSD", value: "BSD-3-Clause" },
|
117
|
+
{ name: "Proprietary (Closed Source)", value: "Proprietary" },
|
118
|
+
{ name: "Other (edit LICENSE yourself)", value: "Other" },
|
121
119
|
],
|
122
120
|
},
|
123
|
-
homepage: { default_setter: proc { options[:homepage] ||=
|
121
|
+
homepage: { default_setter: proc { options[:homepage] ||= "https://github.com/" + options[:author_email].split("@").first + "/" + options[:plugin_name] } },
|
124
122
|
# TODO: Handle hooks, when we ever have more than one type of plugin
|
125
123
|
}
|
126
124
|
|
@@ -132,7 +130,7 @@ module InspecPlugins
|
|
132
130
|
end
|
133
131
|
|
134
132
|
def prompt_for_options(option_order) # rubocop: disable Metrics/AbcSize
|
135
|
-
option_defs = self.class.all_commands[
|
133
|
+
option_defs = self.class.all_commands["plugin"].options
|
136
134
|
|
137
135
|
option_order.each do |opt_name, prompt_options|
|
138
136
|
opt_def = option_defs[opt_name]
|
@@ -140,15 +138,15 @@ module InspecPlugins
|
|
140
138
|
|
141
139
|
case prompt_options[:mode]
|
142
140
|
when :select
|
143
|
-
options[opt_name] = ui.prompt.select(
|
144
|
-
if opt_name == :license_name && options[opt_name] ==
|
145
|
-
ui.plain_line
|
141
|
+
options[opt_name] = ui.prompt.select("Choose " + opt_def.description + ":", prompt_options[:choices])
|
142
|
+
if opt_name == :license_name && options[opt_name] == "Other"
|
143
|
+
ui.plain_line "OK, be sure to update the " + ui.emphasis("LICENSE") + " file with your license details."
|
146
144
|
end
|
147
145
|
when :multiline
|
148
|
-
options[opt_name] = ui.prompt.multiline(
|
146
|
+
options[opt_name] = ui.prompt.multiline("Enter " + opt_def.description + ". Press Control-D to end.", default: options[opt_name])
|
149
147
|
else
|
150
148
|
# Assume plain ask
|
151
|
-
options[opt_name] = ui.prompt.ask(
|
149
|
+
options[opt_name] = ui.prompt.ask("Enter " + opt_def.description + ":", default: options[opt_name])
|
152
150
|
end
|
153
151
|
end
|
154
152
|
end
|
@@ -156,11 +154,11 @@ module InspecPlugins
|
|
156
154
|
def parse_hook_option(raw_option)
|
157
155
|
hooks_by_type = {}
|
158
156
|
raw_option.each do |entry|
|
159
|
-
parts = entry.split(
|
157
|
+
parts = entry.split(":")
|
160
158
|
type = parts.first.to_sym
|
161
159
|
name = parts.last
|
162
160
|
if hooks_by_type.key?(type)
|
163
|
-
ui.error
|
161
|
+
ui.error "The InSpec plugin generator can currently only generate one hook of each type"
|
164
162
|
ui.exit(:usage_error)
|
165
163
|
end
|
166
164
|
hooks_by_type[type] = name
|
@@ -168,19 +166,19 @@ module InspecPlugins
|
|
168
166
|
|
169
167
|
vars = { hooks: hooks_by_type }
|
170
168
|
if hooks_by_type.key?(:cli_command)
|
171
|
-
vars[:command_name_dashes] = hooks_by_type[:cli_command].tr(
|
172
|
-
vars[:command_name_snake] = hooks_by_type[:cli_command].tr(
|
169
|
+
vars[:command_name_dashes] = hooks_by_type[:cli_command].tr("_", "-")
|
170
|
+
vars[:command_name_snake] = hooks_by_type[:cli_command].tr("-", "_")
|
173
171
|
end
|
174
172
|
vars
|
175
173
|
end
|
176
174
|
|
177
175
|
def fetch_license_text(license_name)
|
178
176
|
case license_name
|
179
|
-
when
|
177
|
+
when "Proprietary"
|
180
178
|
<<~EOL
|
181
179
|
Proprietary software. All Rights Reserved.
|
182
180
|
EOL
|
183
|
-
when
|
181
|
+
when "Apache-2.0"
|
184
182
|
<<~EOL
|
185
183
|
Licensed under the Apache License, Version 2.0 (the "License");
|
186
184
|
you may not use this file except in compliance with the License.
|
@@ -193,7 +191,7 @@ module InspecPlugins
|
|
193
191
|
limitations under the License.
|
194
192
|
|
195
193
|
EOL
|
196
|
-
when
|
194
|
+
when "BSD-3-Clause"
|
197
195
|
<<~EOL
|
198
196
|
Modified BSD License
|
199
197
|
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
|
@@ -209,31 +207,31 @@ module InspecPlugins
|
|
209
207
|
|
210
208
|
def make_skip_list
|
211
209
|
case options[:detail]
|
212
|
-
when
|
210
|
+
when "full"
|
213
211
|
[]
|
214
|
-
when
|
212
|
+
when "core"
|
215
213
|
[
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
214
|
+
"Gemfile",
|
215
|
+
"inspec-plugin-template.gemspec",
|
216
|
+
"LICENSE",
|
217
|
+
"Rakefile",
|
220
218
|
]
|
221
|
-
when
|
219
|
+
when "test-fixture"
|
222
220
|
[
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
File.join(
|
228
|
-
File.join(
|
229
|
-
File.join(
|
230
|
-
File.join(
|
231
|
-
File.join(
|
232
|
-
File.join(
|
233
|
-
File.join(
|
234
|
-
File.join(
|
235
|
-
File.join(
|
236
|
-
File.join(
|
221
|
+
"Gemfile",
|
222
|
+
"inspec-plugin-template.gemspec",
|
223
|
+
"LICENSE",
|
224
|
+
"Rakefile",
|
225
|
+
File.join("test", "fixtures", "README.md"),
|
226
|
+
File.join("test", "fixtures"),
|
227
|
+
File.join("test", "functional", "inspec_plugin_template_test.rb"),
|
228
|
+
File.join("test", "functional", "README.md"),
|
229
|
+
File.join("test", "unit", "cli_args_test.rb"),
|
230
|
+
File.join("test", "unit", "plugin_def_test.rb"),
|
231
|
+
File.join("test", "unit", "README.md"),
|
232
|
+
File.join("test", "unit"),
|
233
|
+
File.join("test", "helper.rb"),
|
234
|
+
File.join("test"),
|
237
235
|
]
|
238
236
|
else
|
239
237
|
ui.error "Unrecognized value for 'detail': #{options[:detail]} - expected one of full, core, test-fixture"
|
@@ -1,7 +1,5 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require 'pathname'
|
4
|
-
require_relative 'renderer'
|
1
|
+
require "pathname"
|
2
|
+
require_relative "renderer"
|
5
3
|
|
6
4
|
module InspecPlugins
|
7
5
|
module Init
|
@@ -11,8 +9,8 @@ module InspecPlugins
|
|
11
9
|
#-------------------------------------------------------------------#
|
12
10
|
def self.valid_profile_platforms
|
13
11
|
# Look in the 'template/profiles' directory and detect which platforms are available.
|
14
|
-
profile_templates_dir = File.join(TEMPLATES_PATH,
|
15
|
-
Dir.glob(File.join(profile_templates_dir,
|
12
|
+
profile_templates_dir = File.join(TEMPLATES_PATH, "profiles")
|
13
|
+
Dir.glob(File.join(profile_templates_dir, "*")).select { |p| File.directory?(p) }.map { |d| File.basename(d) }
|
16
14
|
end
|
17
15
|
|
18
16
|
no_commands do
|
@@ -21,17 +19,17 @@ module InspecPlugins
|
|
21
19
|
end
|
22
20
|
end
|
23
21
|
|
24
|
-
desc
|
25
|
-
option :platform, default:
|
22
|
+
desc "profile [OPTIONS] NAME", "Generate a new profile"
|
23
|
+
option :platform, default: "os", type: :string, aliases: [:p],
|
26
24
|
desc: "Which platform to generate a profile for: choose from #{valid_profile_platforms.join(', ')}"
|
27
25
|
option :overwrite, type: :boolean, default: false,
|
28
|
-
desc:
|
26
|
+
desc: "Overwrites existing directory"
|
29
27
|
def profile(new_profile_name)
|
30
28
|
unless valid_profile_platforms.include?(options[:platform])
|
31
29
|
ui.error "Unable to generate profile: No template available for platform '#{options[:platform]}' (expected one of: #{valid_profile_platforms.join(', ')})"
|
32
30
|
ui.exit(:usage_error)
|
33
31
|
end
|
34
|
-
template_path = File.join(
|
32
|
+
template_path = File.join("profiles", options[:platform])
|
35
33
|
|
36
34
|
render_opts = {
|
37
35
|
templates_path: TEMPLATES_PATH,
|
@@ -42,7 +40,7 @@ module InspecPlugins
|
|
42
40
|
vars = {
|
43
41
|
name: new_profile_name,
|
44
42
|
}
|
45
|
-
renderer.render_with_values(template_path,
|
43
|
+
renderer.render_with_values(template_path, "profile", vars)
|
46
44
|
end
|
47
45
|
end
|
48
46
|
end
|
@@ -1,5 +1,5 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "fileutils"
|
2
|
+
require "erb"
|
3
3
|
|
4
4
|
module InspecPlugins
|
5
5
|
module Init
|
@@ -24,7 +24,7 @@ module InspecPlugins
|
|
24
24
|
source_dir = File.join(templates_path, template_subdir_path)
|
25
25
|
|
26
26
|
# prepare glob for all subdirectories and files
|
27
|
-
template_glob = File.join(source_dir,
|
27
|
+
template_glob = File.join(source_dir, "**", "{*,.*}")
|
28
28
|
|
29
29
|
# Use the name attribute to define the path to the new thing.
|
30
30
|
# May contain slashes.
|
@@ -43,7 +43,7 @@ module InspecPlugins
|
|
43
43
|
ui.exit(:usage_error)
|
44
44
|
end
|
45
45
|
|
46
|
-
ui.headline(
|
46
|
+
ui.headline("InSpec Code Generator")
|
47
47
|
|
48
48
|
ui.plain_line "Creating new #{template_type} at #{ui.emphasis(full_destination_path)}"
|
49
49
|
|