inspec-core 4.3.2 → 4.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +37 -21
- data/etc/deprecations.json +10 -0
- data/etc/plugin_filters.json +8 -0
- data/lib/bundles/inspec-compliance/api.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -1
- data/lib/bundles/inspec-compliance/http.rb +1 -1
- data/lib/bundles/inspec-compliance/support.rb +1 -1
- data/lib/bundles/inspec-compliance/target.rb +1 -1
- data/lib/bundles/inspec-supermarket.rb +3 -7
- data/lib/bundles/inspec-supermarket/api.rb +10 -13
- data/lib/bundles/inspec-supermarket/cli.rb +12 -15
- data/lib/bundles/inspec-supermarket/target.rb +7 -11
- data/lib/fetchers/git.rb +14 -15
- data/lib/fetchers/local.rb +6 -10
- data/lib/fetchers/mock.rb +3 -5
- data/lib/fetchers/url.rb +42 -44
- data/lib/inspec.rb +23 -24
- data/lib/inspec/archive/tar.rb +2 -6
- data/lib/inspec/archive/zip.rb +3 -7
- data/lib/inspec/backend.rb +8 -9
- data/lib/inspec/base_cli.rb +64 -65
- data/lib/inspec/cached_fetcher.rb +2 -3
- data/lib/inspec/cli.rb +136 -97
- data/lib/inspec/config.rb +71 -61
- data/lib/inspec/control_eval_context.rb +22 -18
- data/lib/inspec/dependencies/cache.rb +2 -3
- data/lib/inspec/dependencies/dependency_set.rb +2 -3
- data/lib/inspec/dependencies/lockfile.rb +8 -9
- data/lib/inspec/dependencies/requirement.rb +7 -8
- data/lib/inspec/dependencies/resolver.rb +5 -7
- data/lib/inspec/describe.rb +2 -6
- data/lib/inspec/dist.rb +20 -0
- data/lib/inspec/dsl.rb +4 -7
- data/lib/inspec/dsl_shared.rb +1 -2
- data/lib/inspec/env_printer.rb +11 -12
- data/lib/inspec/errors.rb +0 -4
- data/lib/inspec/exceptions.rb +0 -1
- data/lib/inspec/expect.rb +5 -8
- data/lib/inspec/fetcher.rb +7 -10
- data/lib/inspec/file_provider.rb +24 -24
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +8 -8
- data/lib/inspec/globals.rb +2 -2
- data/lib/inspec/impact.rb +5 -7
- data/lib/inspec/input_registry.rb +84 -33
- data/lib/inspec/library_eval_context.rb +3 -6
- data/lib/inspec/log.rb +1 -5
- data/lib/inspec/metadata.rb +17 -16
- data/lib/inspec/method_source.rb +5 -9
- data/lib/inspec/objects.rb +10 -12
- data/lib/inspec/objects/control.rb +7 -9
- data/lib/inspec/objects/describe.rb +9 -11
- data/lib/inspec/objects/each_loop.rb +1 -3
- data/lib/inspec/objects/input.rb +24 -26
- data/lib/inspec/objects/list.rb +4 -6
- data/lib/inspec/objects/or_test.rb +2 -4
- data/lib/inspec/objects/ruby_helper.rb +3 -5
- data/lib/inspec/objects/tag.rb +0 -2
- data/lib/inspec/objects/test.rb +9 -11
- data/lib/inspec/objects/value.rb +3 -5
- data/lib/inspec/plugin/v1.rb +2 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
- data/lib/inspec/plugin/v1/plugins.rb +15 -19
- data/lib/inspec/plugin/v1/registry.rb +0 -4
- data/lib/inspec/plugin/v2.rb +8 -8
- data/lib/inspec/plugin/v2/activator.rb +1 -1
- data/lib/inspec/plugin/v2/config_file.rb +6 -6
- data/lib/inspec/plugin/v2/filter.rb +13 -13
- data/lib/inspec/plugin/v2/installer.rb +36 -24
- data/lib/inspec/plugin/v2/loader.rb +28 -28
- data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
- data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
- data/lib/inspec/plugin/v2/registry.rb +7 -7
- data/lib/inspec/polyfill.rb +0 -3
- data/lib/inspec/profile.rb +55 -63
- data/lib/inspec/profile_context.rb +27 -30
- data/lib/inspec/profile_vendor.rb +6 -9
- data/lib/inspec/reporters.rb +24 -24
- data/lib/inspec/reporters/automate.rb +17 -19
- data/lib/inspec/reporters/base.rb +1 -1
- data/lib/inspec/reporters/cli.rb +88 -91
- data/lib/inspec/reporters/json.rb +2 -4
- data/lib/inspec/reporters/json_automate.rb +1 -3
- data/lib/inspec/reporters/json_min.rb +1 -3
- data/lib/inspec/reporters/junit.rb +26 -28
- data/lib/inspec/reporters/yaml.rb +1 -3
- data/lib/inspec/require_loader.rb +0 -4
- data/lib/inspec/resource.rb +4 -125
- data/lib/inspec/resources.rb +121 -0
- data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
- data/lib/{resources → inspec/resources}/apache.rb +13 -14
- data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
- data/lib/{resources → inspec/resources}/apt.rb +17 -17
- data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
- data/lib/{resources → inspec/resources}/auditd.rb +62 -64
- data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
- data/lib/{resources → inspec/resources}/bash.rb +6 -8
- data/lib/{resources → inspec/resources}/bond.rb +15 -14
- data/lib/{resources → inspec/resources}/bridge.rb +8 -8
- data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
- data/lib/{resources → inspec/resources}/command.rb +11 -10
- data/lib/{resources → inspec/resources}/cpan.rb +12 -12
- data/lib/{resources → inspec/resources}/cran.rb +9 -9
- data/lib/{resources → inspec/resources}/crontab.rb +47 -48
- data/lib/{resources → inspec/resources}/csv.rb +5 -5
- data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
- data/lib/{resources → inspec/resources}/directory.rb +5 -7
- data/lib/{resources → inspec/resources}/docker.rb +63 -63
- data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
- data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
- data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
- data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
- data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
- data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
- data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
- data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
- data/lib/{resources → inspec/resources}/file.rb +80 -79
- data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
- data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
- data/lib/{resources → inspec/resources}/gem.rb +12 -12
- data/lib/{resources → inspec/resources}/groups.rb +28 -27
- data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
- data/lib/{resources → inspec/resources}/host.rb +31 -29
- data/lib/{resources → inspec/resources}/http.rb +24 -24
- data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
- data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
- data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
- data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/ini.rb +7 -8
- data/lib/{resources → inspec/resources}/interface.rb +30 -30
- data/lib/{resources → inspec/resources}/iptables.rb +8 -8
- data/lib/{resources → inspec/resources}/json.rb +8 -10
- data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
- data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
- data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
- data/lib/{resources → inspec/resources}/ksh.rb +6 -8
- data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
- data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
- data/lib/{resources → inspec/resources}/mount.rb +6 -8
- data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
- data/lib/inspec/resources/mysql.rb +81 -0
- data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
- data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
- data/lib/{resources → inspec/resources}/nginx.rb +16 -17
- data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
- data/lib/{resources → inspec/resources}/npm.rb +9 -10
- data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/oneget.rb +8 -8
- data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
- data/lib/{resources → inspec/resources}/os.rb +6 -8
- data/lib/{resources → inspec/resources}/os_env.rb +11 -12
- data/lib/{resources → inspec/resources}/package.rb +66 -65
- data/lib/{resources → inspec/resources}/packages.rb +13 -13
- data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
- data/lib/{resources → inspec/resources}/passwd.rb +18 -19
- data/lib/{resources → inspec/resources}/pip.rb +19 -19
- data/lib/{resources → inspec/resources}/platform.rb +9 -11
- data/lib/{resources → inspec/resources}/port.rb +134 -136
- data/lib/{resources → inspec/resources}/postgres.rb +40 -32
- data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
- data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
- data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
- data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
- data/lib/{resources → inspec/resources}/powershell.rb +17 -13
- data/lib/{resources → inspec/resources}/processes.rb +29 -29
- data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
- data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
- data/lib/inspec/resources/script.rb +1 -0
- data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
- data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
- data/lib/{resources → inspec/resources}/service.rb +74 -75
- data/lib/{resources → inspec/resources}/shadow.rb +44 -45
- data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
- data/lib/{resources → inspec/resources}/ssl.rb +28 -29
- data/lib/inspec/resources/sys_info.rb +30 -0
- data/lib/{resources → inspec/resources}/toml.rb +5 -7
- data/lib/{resources → inspec/resources}/users.rb +65 -65
- data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
- data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
- data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
- data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
- data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
- data/lib/{resources → inspec/resources}/wmi.rb +7 -8
- data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
- data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
- data/lib/{resources → inspec/resources}/xml.rb +7 -7
- data/lib/{resources → inspec/resources}/yaml.rb +5 -6
- data/lib/{resources → inspec/resources}/yum.rb +10 -10
- data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
- data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
- data/lib/inspec/rspec_extensions.rb +24 -8
- data/lib/inspec/rule.rb +14 -15
- data/lib/inspec/runner.rb +28 -28
- data/lib/inspec/runner_mock.rb +1 -5
- data/lib/inspec/runner_rspec.rb +18 -20
- data/lib/inspec/runtime_profile.rb +2 -5
- data/lib/inspec/schema.rb +142 -143
- data/lib/inspec/secrets.rb +3 -7
- data/lib/inspec/secrets/yaml.rb +3 -5
- data/lib/inspec/shell.rb +11 -15
- data/lib/inspec/shell_detector.rb +6 -7
- data/lib/inspec/source_reader.rb +4 -8
- data/lib/inspec/ui.rb +33 -39
- data/lib/inspec/ui_table_helper.rb +12 -0
- data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
- data/lib/{utils → inspec/utils}/convert.rb +0 -4
- data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
- data/lib/inspec/utils/deprecation.rb +6 -0
- data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
- data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
- data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
- data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
- data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
- data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
- data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
- data/lib/{utils → inspec/utils}/filter.rb +30 -33
- data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
- data/lib/{utils → inspec/utils}/find_files.rb +9 -12
- data/lib/{utils → inspec/utils}/hash.rb +1 -5
- data/lib/inspec/utils/json_log.rb +15 -0
- data/lib/inspec/utils/latest_version.rb +13 -0
- data/lib/{utils → inspec/utils}/modulator.rb +0 -3
- data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
- data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
- data/lib/{utils → inspec/utils}/parser.rb +45 -45
- data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
- data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
- data/lib/{utils → inspec/utils}/spdx.rb +1 -4
- data/lib/{utils → inspec/utils}/spdx.txt +0 -0
- data/lib/inspec/utils/telemetry.rb +3 -3
- data/lib/inspec/utils/telemetry/collector.rb +30 -9
- data/lib/inspec/utils/telemetry/data_series.rb +3 -1
- data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +22 -25
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
- data/lib/plugins/inspec-habitat/Berksfile +2 -2
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
- data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
- data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
- data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
- data/lib/source_readers/flat.rb +6 -10
- data/lib/source_readers/inspec.rb +8 -12
- metadata +139 -140
- data/lib/resources/mysql.rb +0 -82
- data/lib/resources/sys_info.rb +0 -28
- data/lib/utils/deprecation.rb +0 -6
- data/lib/utils/json_log.rb +0 -18
- data/lib/utils/latest_version.rb +0 -22
@@ -1,19 +1,18 @@
|
|
1
|
-
# encoding: utf-8
|
2
1
|
# copyright: 2018, The Authors
|
3
2
|
|
4
|
-
title
|
3
|
+
title "sample section"
|
5
4
|
|
6
5
|
# you can also use plain tests
|
7
|
-
describe file(
|
6
|
+
describe file("/tmp") do
|
8
7
|
it { should be_directory }
|
9
8
|
end
|
10
9
|
|
11
10
|
# you add controls here
|
12
|
-
control
|
11
|
+
control "tmp-1.0" do # A unique ID for this control
|
13
12
|
impact 0.7 # The criticality, if this control fails.
|
14
|
-
title
|
15
|
-
desc
|
16
|
-
describe file(
|
13
|
+
title "Create /tmp directory" # A human-readable title
|
14
|
+
desc "An optional description..."
|
15
|
+
describe file("/tmp") do # The actual test
|
17
16
|
it { should be_directory }
|
18
17
|
end
|
19
18
|
end
|
@@ -1,4 +1,3 @@
|
|
1
|
-
|
2
1
|
# Because this is a core plugin, we place the plugin definition here in the entry point.
|
3
2
|
# This is needed because under core testing, the entry point may be reloaded multiple times,
|
4
3
|
# and we need plugin registration to properly occur each time.
|
@@ -10,7 +9,7 @@ module InspecPlugins
|
|
10
9
|
plugin_name :'inspec-plugin-manager-cli'
|
11
10
|
|
12
11
|
cli_command :plugin do
|
13
|
-
require_relative
|
12
|
+
require_relative "inspec-plugin-manager-cli/cli_command"
|
14
13
|
InspecPlugins::PluginManager::CliCommand
|
15
14
|
end
|
16
15
|
end
|
@@ -1,33 +1,35 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
1
|
+
require "term/ansicolor"
|
2
|
+
require "pathname"
|
3
|
+
require "inspec/plugin/v2"
|
4
|
+
require "inspec/plugin/v2/installer"
|
5
|
+
require "inspec/dist"
|
5
6
|
|
6
7
|
module InspecPlugins
|
7
8
|
module PluginManager
|
8
9
|
class CliCommand < Inspec.plugin(2, :cli_command)
|
9
10
|
include Term::ANSIColor
|
11
|
+
include Inspec::Dist
|
10
12
|
|
11
|
-
subcommand_desc
|
13
|
+
subcommand_desc "plugin SUBCOMMAND", "Manage #{PRODUCT_NAME} and Train plugins"
|
12
14
|
|
13
15
|
#==================================================================#
|
14
16
|
# inspec plugin list
|
15
17
|
#==================================================================#
|
16
18
|
|
17
|
-
desc
|
18
|
-
option :all, desc:
|
19
|
+
desc "list [options]", "Lists user-installed #{PRODUCT_NAME} plugins."
|
20
|
+
option :all, desc: "Include plugins shipped with #{PRODUCT_NAME} as well.", type: :boolean, aliases: [:a]
|
19
21
|
def list
|
20
22
|
plugin_statuses = Inspec::Plugin::V2::Registry.instance.plugin_statuses
|
21
23
|
plugin_statuses.reject! { |s| [:core, :bundle].include?(s.installation_type) } unless options[:all]
|
22
24
|
|
23
25
|
# TODO: ui object support
|
24
26
|
puts
|
25
|
-
puts(bold { format(
|
26
|
-
puts
|
27
|
+
puts(bold { format(" %-30s%-10s%-8s%-6s", "Plugin Name", "Version", "Via", "ApiVer") })
|
28
|
+
puts "-" * 55
|
27
29
|
plugin_statuses.sort_by(&:name).each do |status|
|
28
|
-
puts(format(
|
30
|
+
puts(format(" %-30s%-10s%-8s%-6s", status.name, make_pretty_version(status), status.installation_type, status.api_generation.to_s))
|
29
31
|
end
|
30
|
-
puts
|
32
|
+
puts "-" * 55
|
31
33
|
puts(" #{plugin_statuses.count} plugin(s) total")
|
32
34
|
puts
|
33
35
|
end
|
@@ -36,15 +38,15 @@ module InspecPlugins
|
|
36
38
|
# inspec plugin search
|
37
39
|
#==================================================================#
|
38
40
|
|
39
|
-
desc
|
41
|
+
desc "search [options] PATTERN", "Searches rubygems.org for plugins."
|
40
42
|
long_desc <<~EOLD
|
41
|
-
Searches rubygems.org for
|
43
|
+
Searches rubygems.org for #{PRODUCT_NAME} plugins. Exits 0 on a search hit, 1 on user error,
|
42
44
|
2 on a search miss. PATTERN is a simple string; a wildcard will be added as
|
43
45
|
a suffix, unless -e is used.
|
44
46
|
EOLD
|
45
|
-
option :all, desc:
|
46
|
-
option :exact, desc:
|
47
|
-
option :'include-test-fixture', type: :boolean, desc:
|
47
|
+
option :all, desc: "List all available versions, not just the latest one.", type: :boolean, aliases: [:a]
|
48
|
+
option :exact, desc: "Assume PATTERN is exact; do not add a wildcard to the end", type: :boolean, aliases: [:e]
|
49
|
+
option :'include-test-fixture', type: :boolean, desc: "Internal use", hide: true
|
48
50
|
# Justification for disabling ABC: currently at 33.51/33
|
49
51
|
def search(search_term) # rubocop: disable Metrics/AbcSize
|
50
52
|
search_results = installer.search(search_term, exact: options[:exact])
|
@@ -53,20 +55,20 @@ module InspecPlugins
|
|
53
55
|
# for testing. We want to hide those from users, so unless we know we're in
|
54
56
|
# test mode, remove them.
|
55
57
|
unless options[:'include-test-fixture']
|
56
|
-
search_results.delete(
|
57
|
-
search_results.delete(
|
58
|
+
search_results.delete("inspec-test-fixture")
|
59
|
+
search_results.delete("train-test-fixture")
|
58
60
|
end
|
59
61
|
|
60
62
|
# TODO: ui object support
|
61
63
|
puts
|
62
|
-
puts(bold { format(
|
63
|
-
puts
|
64
|
+
puts(bold { format(" %-30s%-50s", "Plugin Name", "Versions Available") })
|
65
|
+
puts "-" * 55
|
64
66
|
search_results.keys.sort.each do |plugin_name|
|
65
67
|
versions = options[:all] ? search_results[plugin_name] : [search_results[plugin_name].first]
|
66
|
-
versions =
|
67
|
-
puts(format(
|
68
|
+
versions = "(" + versions.join(", ") + ")"
|
69
|
+
puts(format(" %-30s%-50s", plugin_name, versions))
|
68
70
|
end
|
69
|
-
puts
|
71
|
+
puts "-" * 55
|
70
72
|
puts(" #{search_results.count} plugin(s) found")
|
71
73
|
puts
|
72
74
|
|
@@ -79,7 +81,7 @@ module InspecPlugins
|
|
79
81
|
#==================================================================#
|
80
82
|
# inspec plugin install
|
81
83
|
#==================================================================#
|
82
|
-
desc
|
84
|
+
desc "install [-v VERSION] PLUGIN", "Installs a plugin from rubygems.org, a gemfile, or a path to local source."
|
83
85
|
long_desc <<~EOLD
|
84
86
|
PLUGIN may be the name of a gem on rubygems.org that begins with inspec- or train-.
|
85
87
|
PLUGIN may also be the path to a local gemfile, which will then be installed like
|
@@ -88,7 +90,7 @@ module InspecPlugins
|
|
88
90
|
for local plugin development). Exit codes are 0 on success, 2 if the plugin is
|
89
91
|
already installed, and 1 if any other error occurs.
|
90
92
|
EOLD
|
91
|
-
option :version, desc:
|
93
|
+
option :version, desc: "When installing from rubygems.org, specifies a specific version to install.", aliases: [:v]
|
92
94
|
def install(plugin_id_arg)
|
93
95
|
if plugin_id_arg =~ /\.gem$/ # Does it end in .gem?
|
94
96
|
install_from_gemfile(plugin_id_arg)
|
@@ -102,7 +104,7 @@ module InspecPlugins
|
|
102
104
|
#--------------------------
|
103
105
|
# update
|
104
106
|
#--------------------------
|
105
|
-
desc
|
107
|
+
desc "update PLUGIN", "Updates a plugin to the latest from from rubygems.org"
|
106
108
|
long_desc <<~EOLD
|
107
109
|
PLUGIN may be the name of a gem on rubygems.org that begins with inspec- or train-.
|
108
110
|
Exit codes are 0 on success, 2 if the plugin is already up to date, and 1 if any
|
@@ -110,14 +112,14 @@ module InspecPlugins
|
|
110
112
|
EOLD
|
111
113
|
def update(plugin_name)
|
112
114
|
pre_update_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
|
113
|
-
old_version = pre_update_versions.join(
|
115
|
+
old_version = pre_update_versions.join(", ")
|
114
116
|
|
115
117
|
update_preflight_check(plugin_name, pre_update_versions)
|
116
118
|
|
117
119
|
begin
|
118
120
|
installer.update(plugin_name)
|
119
121
|
rescue Inspec::Plugin::V2::UpdateError => ex
|
120
|
-
puts(red {
|
122
|
+
puts(red { "Update error: " } + ex.message + " - update failed")
|
121
123
|
exit 1
|
122
124
|
end
|
123
125
|
post_update_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
|
@@ -129,7 +131,7 @@ module InspecPlugins
|
|
129
131
|
#--------------------------
|
130
132
|
# uninstall
|
131
133
|
#--------------------------
|
132
|
-
desc
|
134
|
+
desc "uninstall PLUGIN_NAME", "Uninstalls a gem- or path- based plugin"
|
133
135
|
long_desc <<~EOLD
|
134
136
|
Removes a plugin from the users configuration.
|
135
137
|
In the case of a gem plugin (by far the most common), the plugin gem is removed, along
|
@@ -142,19 +144,19 @@ module InspecPlugins
|
|
142
144
|
def uninstall(plugin_name)
|
143
145
|
status = Inspec::Plugin::V2::Registry.instance[plugin_name.to_sym]
|
144
146
|
unless status
|
145
|
-
puts(red {
|
147
|
+
puts(red { "No such plugin installed: " } + "#{plugin_name} is not installed - uninstall failed")
|
146
148
|
|
147
149
|
exit 1
|
148
150
|
end
|
149
151
|
installer = Inspec::Plugin::V2::Installer.instance
|
150
152
|
|
151
153
|
pre_uninstall_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
|
152
|
-
old_version = pre_uninstall_versions.join(
|
154
|
+
old_version = pre_uninstall_versions.join(", ")
|
153
155
|
|
154
156
|
installer.uninstall(plugin_name)
|
155
157
|
|
156
158
|
if status.installation_type == :path
|
157
|
-
puts(bold { plugin_name } +
|
159
|
+
puts(bold { plugin_name } + " path-based plugin install has been uninstalled")
|
158
160
|
else
|
159
161
|
puts(bold { plugin_name } + " plugin, version #{old_version}, has been uninstalled")
|
160
162
|
end
|
@@ -170,14 +172,14 @@ module InspecPlugins
|
|
170
172
|
|
171
173
|
def install_from_gemfile(gem_file)
|
172
174
|
unless File.exist? gem_file
|
173
|
-
puts(red {
|
175
|
+
puts(red { "No such plugin gem file " } + gem_file + " - installation failed.")
|
174
176
|
exit 1
|
175
177
|
end
|
176
178
|
|
177
|
-
plugin_name_parts = File.basename(gem_file,
|
179
|
+
plugin_name_parts = File.basename(gem_file, ".gem").split("-")
|
178
180
|
version = plugin_name_parts.pop
|
179
|
-
plugin_name = plugin_name_parts.join(
|
180
|
-
check_plugin_name(plugin_name,
|
181
|
+
plugin_name = plugin_name_parts.join("-")
|
182
|
+
check_plugin_name(plugin_name, "installation")
|
181
183
|
|
182
184
|
installer.install(plugin_name, gem_file: gem_file)
|
183
185
|
|
@@ -187,22 +189,22 @@ module InspecPlugins
|
|
187
189
|
|
188
190
|
def install_from_path(path)
|
189
191
|
unless File.exist? path
|
190
|
-
puts(red {
|
192
|
+
puts(red { "No such source code path " } + path + " - installation failed.")
|
191
193
|
exit 1
|
192
194
|
end
|
193
195
|
|
194
|
-
plugin_name = File.basename(path,
|
196
|
+
plugin_name = File.basename(path, ".rb")
|
195
197
|
|
196
198
|
# While installer.install does some rudimentary checking,
|
197
199
|
# this file has good UI access, so we promise to validate the
|
198
200
|
# input a lot and hand the installer a sure-thing.
|
199
201
|
|
200
202
|
# Name OK?
|
201
|
-
check_plugin_name(plugin_name,
|
203
|
+
check_plugin_name(plugin_name, "installation")
|
202
204
|
|
203
205
|
# Already installed?
|
204
206
|
if registry.known_plugin?(plugin_name.to_sym)
|
205
|
-
puts(red {
|
207
|
+
puts(red { "Plugin already installed" } + " - #{plugin_name} - Use '#{EXEC_NAME} plugin list' to see previously installed plugin - installation failed.")
|
206
208
|
exit 2
|
207
209
|
end
|
208
210
|
|
@@ -215,7 +217,7 @@ module InspecPlugins
|
|
215
217
|
# OK, install it!
|
216
218
|
installer.install(plugin_name, path: entry_point)
|
217
219
|
|
218
|
-
puts(bold { plugin_name } +
|
220
|
+
puts(bold { plugin_name } + " plugin installed via source path reference, resolved to entry point " + entry_point)
|
219
221
|
exit 0
|
220
222
|
end
|
221
223
|
|
@@ -232,14 +234,14 @@ module InspecPlugins
|
|
232
234
|
parts = [
|
233
235
|
given.parent.parent.basename,
|
234
236
|
given.parent.basename,
|
235
|
-
given.basename(
|
237
|
+
given.basename(".rb"),
|
236
238
|
given.extname,
|
237
239
|
].map(&:to_s)
|
238
240
|
|
239
241
|
# Case 1: Simplest case: it was a full entry point, as presented.
|
240
242
|
# /home/you/projects/inspec-something/lib/inspec-something.rb
|
241
243
|
# parts index: ^0^ ^1^ ^2^ ^3^
|
242
|
-
if parts[0] =~ name_regex && parts[1] ==
|
244
|
+
if parts[0] =~ name_regex && parts[1] == "lib" && parts[2] == parts[0] && parts[3] == ".rb"
|
243
245
|
return given.to_s
|
244
246
|
end
|
245
247
|
|
@@ -247,37 +249,37 @@ module InspecPlugins
|
|
247
249
|
# or left the extansion off. Those are the same to us.
|
248
250
|
# /home/you/projects/inspec-something/lib/inspec-something
|
249
251
|
# parts index: ^0^ ^1^ ^2^ (3 is empty)
|
250
|
-
if parts[0] =~ name_regex && parts[1] ==
|
251
|
-
return given.to_s +
|
252
|
+
if parts[0] =~ name_regex && parts[1] == "lib" && parts[2] == parts[0] && parts[3].empty?
|
253
|
+
return given.to_s + ".rb"
|
252
254
|
end
|
253
255
|
|
254
256
|
# Case 3: Maybe they were refering to a path that is inside a gem installation, or an exploded gem?
|
255
257
|
# In that case, we'll have a version on the plugin name in part 0
|
256
258
|
# /home/you/.gems/2.4.0/gems/inspec-something-3.45.1/lib/inspec-something.rb
|
257
259
|
# parts index: ^0^ ^1^ ^2^ ^3^
|
258
|
-
if parts[0] =~ versioned_regex && parts[1] ==
|
260
|
+
if parts[0] =~ versioned_regex && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3] == ".rb"
|
259
261
|
return given.to_s
|
260
262
|
end
|
261
263
|
|
262
264
|
# Case 4: Like case 3, but missing the .rb
|
263
265
|
# /home/you/.gems/2.4.0/gems/inspec-something-3.45.1/lib/inspec-something
|
264
266
|
# parts index: ^0^ ^1^ ^2^ ^3^ (empty)
|
265
|
-
if parts[0] =~ versioned_regex && parts[1] ==
|
266
|
-
return given.to_s +
|
267
|
+
if parts[0] =~ versioned_regex && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3].empty?
|
268
|
+
return given.to_s + ".rb"
|
267
269
|
end
|
268
270
|
|
269
271
|
# Case 5: Easy to recognize, but harder to handle: they referred to the project root.
|
270
272
|
# /home/you/projects/inspec-something
|
271
273
|
# parts index: ^0^ ^1^ ^2^ (3 is empty)
|
272
274
|
# 0 and 1 are not meaningful to us, but we hope to find a parts[2]/lib/inspec-something.rb.
|
273
|
-
entry_point_guess = File.join(given.to_s,
|
275
|
+
entry_point_guess = File.join(given.to_s, "lib", parts[2] + ".rb")
|
274
276
|
if parts[2] =~ name_regex && File.exist?(entry_point_guess)
|
275
277
|
return entry_point_guess
|
276
278
|
end
|
277
279
|
|
278
280
|
# Well, if we got here, parts[2] matches an inspec/train prefix, but we have no idea about anything.
|
279
281
|
# Give up.
|
280
|
-
puts(red {
|
282
|
+
puts(red { "Unrecognizable plugin structure" } + " - #{parts[2]} - When installing from a path, please provide the path of the entry point file - installation failed.")
|
281
283
|
exit 1
|
282
284
|
end
|
283
285
|
|
@@ -286,23 +288,23 @@ module InspecPlugins
|
|
286
288
|
begin
|
287
289
|
require entry_point
|
288
290
|
rescue LoadError => ex
|
289
|
-
puts(red {
|
291
|
+
puts(red { "Plugin contains errors" } + " - #{plugin_name} - Encountered errors while trying to test load the plugin entry point, resolved to #{entry_point} - installation failed")
|
290
292
|
puts ex.message
|
291
293
|
exit 1
|
292
294
|
end
|
293
295
|
|
294
296
|
# OK, the wheels didn't fall off. But is it a plugin?
|
295
|
-
if plugin_name.to_s.start_with?(
|
297
|
+
if plugin_name.to_s.start_with?("train")
|
296
298
|
# Train internal names do not include the prix in their registry entries
|
297
299
|
# And the registry is keyed on Strings
|
298
|
-
registry_key = plugin_name.to_s.sub(/^train-/,
|
300
|
+
registry_key = plugin_name.to_s.sub(/^train-/, "")
|
299
301
|
unless Train::Plugins.registry.key?(registry_key)
|
300
|
-
puts(red {
|
302
|
+
puts(red { "Does not appear to be a plugin" } + " - #{plugin_name} - After probe-loading the supposed plugin, it did not register itself to Train. Ensure something inherits from 'Train.plugin(1)' - installation failed.")
|
301
303
|
exit 1
|
302
304
|
end
|
303
305
|
else
|
304
306
|
unless registry.known_plugin?(plugin_name.to_sym)
|
305
|
-
puts(red {
|
307
|
+
puts(red { "Does not appear to be a plugin" } + " - #{plugin_name} - After probe-loading the supposed plugin, it did not register itself to InSpec. Ensure something inherits from 'Inspec.plugin(2)' - installation failed.")
|
306
308
|
exit 1
|
307
309
|
end
|
308
310
|
end
|
@@ -311,7 +313,7 @@ module InspecPlugins
|
|
311
313
|
def install_from_remote_gem(plugin_name)
|
312
314
|
requested_version = options[:version]
|
313
315
|
|
314
|
-
check_plugin_name(plugin_name,
|
316
|
+
check_plugin_name(plugin_name, "installation")
|
315
317
|
|
316
318
|
# Version pre-flighting
|
317
319
|
pre_installed_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
|
@@ -346,12 +348,12 @@ module InspecPlugins
|
|
346
348
|
they_explicitly_asked_for_a_version = !options[:version].nil?
|
347
349
|
what_we_would_install_is_already_installed = pre_installed_versions.include?(requested_version)
|
348
350
|
if what_we_would_install_is_already_installed && they_explicitly_asked_for_a_version
|
349
|
-
puts(red {
|
351
|
+
puts(red { "Plugin already installed at requested version" } + " - plugin #{plugin_name} #{requested_version} - refusing to install.")
|
350
352
|
elsif what_we_would_install_is_already_installed && !they_explicitly_asked_for_a_version
|
351
|
-
puts(red {
|
353
|
+
puts(red { "Plugin already installed at latest version" } + " - plugin #{plugin_name} #{requested_version} - refusing to install.")
|
352
354
|
else
|
353
355
|
# There are existing versions installed, but none of them are what was requested
|
354
|
-
puts(red {
|
356
|
+
puts(red { "Update required" } + " - plugin #{plugin_name}, requested #{requested_version}, have #{pre_installed_versions.join(', ')}; use `inspec plugin update` - refusing to install.")
|
355
357
|
end
|
356
358
|
|
357
359
|
exit 2
|
@@ -361,20 +363,20 @@ module InspecPlugins
|
|
361
363
|
def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
|
362
364
|
installer.install(plugin_name, version: options[:version])
|
363
365
|
rescue Inspec::Plugin::V2::PluginExcludedError => ex
|
364
|
-
puts(red {
|
366
|
+
puts(red { "Plugin on Exclusion List" } + " - #{plugin_name} is listed as an incompatible gem - refusing to install.")
|
365
367
|
puts "Rationale: #{ex.details.rationale}"
|
366
|
-
puts
|
367
|
-
puts
|
368
|
+
puts "Exclusion list location: " + File.join(Inspec.src_root, "etc", "plugin_filters.json")
|
369
|
+
puts "If you disagree with this determination, please accept our apologies for the misunderstanding, and open an issue at https://github.com/inspec/inspec/issues/new"
|
368
370
|
exit 2
|
369
371
|
rescue Inspec::Plugin::V2::InstallError
|
370
372
|
raise if Inspec::Log.level == :debug
|
371
373
|
results = installer.search(plugin_name, exact: true)
|
372
374
|
if results.empty?
|
373
|
-
puts(red {
|
375
|
+
puts(red { "No such plugin gem " } + plugin_name + " could be found on rubygems.org - installation failed.")
|
374
376
|
elsif options[:version] && !results[plugin_name].include?(options[:version])
|
375
|
-
puts(red {
|
377
|
+
puts(red { "No such version" } + " - " + plugin_name + " exists, but no such version #{options[:version]} found on rubygems.org - installation failed.")
|
376
378
|
else
|
377
|
-
puts(red {
|
379
|
+
puts(red { "Unknown error occured " } + " - installation failed.")
|
378
380
|
end
|
379
381
|
exit 1
|
380
382
|
end
|
@@ -387,10 +389,10 @@ module InspecPlugins
|
|
387
389
|
# Check for path install
|
388
390
|
status = Inspec::Plugin::V2::Registry.instance[plugin_name.to_sym]
|
389
391
|
if !status
|
390
|
-
puts(red {
|
392
|
+
puts(red { "No such plugin installed: " } + "#{plugin_name} - update failed")
|
391
393
|
exit 1
|
392
394
|
elsif status.installation_type == :path
|
393
|
-
puts(red {
|
395
|
+
puts(red { "Cannot update path-based install: " } + "#{plugin_name} is installed via path reference; use `inspec plugin uninstall` to remove - refusing to update")
|
394
396
|
exit 2
|
395
397
|
end
|
396
398
|
end
|
@@ -400,7 +402,7 @@ module InspecPlugins
|
|
400
402
|
latest_version = latest_version[plugin_name]&.last
|
401
403
|
|
402
404
|
if pre_update_versions.include?(latest_version)
|
403
|
-
puts(red {
|
405
|
+
puts(red { "Already installed at latest version: " } + "#{plugin_name} is at #{latest_version}, which the latest - refusing to update")
|
404
406
|
exit 2
|
405
407
|
end
|
406
408
|
end
|
@@ -418,7 +420,7 @@ module InspecPlugins
|
|
418
420
|
|
419
421
|
def check_plugin_name(plugin_name, action)
|
420
422
|
unless plugin_name =~ /^(inspec|train)-/
|
421
|
-
puts(red {
|
423
|
+
puts(red { "Invalid plugin name" } + " - #{plugin_name} - All inspec plugins must begin with either 'inspec-' or 'train-' - #{action} failed.")
|
422
424
|
exit 1
|
423
425
|
end
|
424
426
|
end
|
@@ -435,7 +437,7 @@ module InspecPlugins
|
|
435
437
|
.sort_by(&:version)
|
436
438
|
.last.version
|
437
439
|
when :path
|
438
|
-
|
440
|
+
"src"
|
439
441
|
end
|
440
442
|
end
|
441
443
|
end
|