inspec-core 5.18.14 → 5.22.3

data/lib/plugins/inspec-init/templates/profiles/alicloud/README.md

@@ -0,0 +1,27 @@
+# Example InSpec Profile For AliCloud
+
+This example shows the implementation of an InSpec profile for AliCloud.
+
+The related control will simply be skipped if this is not provided.  See the [InSpec DSL documentation](https://docs.chef.io/inspec/dsl_inspec/) for more details on conditional execution using `only_if`.
+
+## Run the test
+
+```bash
+$ cd my-alicloud-sample-profile/
+$ inspec exec . -t alicloud://
+```
+
+```
+Profile:   Ali Cloud InSpec Profile (my-alicloud-profile)
+Version:   0.1.0
+Target:    alicloud://ap-south-1
+    ✔  ali-cloud-instances-1.0: Ensure AliCloud ECS Instances has correct attributes.
+         ✔  AliCloud ECS Instances (All) is expected to exist
+         ✔  AliCloud ECS Instances (All) entries.count is expected to be >= 1
+Profile:   AliCloud Resource Pack (inspec-alicloud)
+Version:   0.10.8
+Target:    alicloud://ap-south-1
+     No tests executed.
+Profile Summary: 1 successful controls, 0 control failures, 0 controls skipped
+Test Summary: 1 successful, 0 failures, 0 skipped
+```

data/lib/plugins/inspec-init/templates/profiles/alicloud/controls/example.rb

@@ -0,0 +1,10 @@
+title "Test AliCloud Instances count"
+
+control "ali-cloud-instances-1.0" do
+  impact 1.0
+  title "Ensure AliCloud ECS Instances Class has correct attributes."
+  describe alicloud_ecs_instances do
+    it { should exist }
+    its("entries.count") { should be >= 1 }
+  end
+end

data/lib/plugins/inspec-init/templates/profiles/alicloud/inputs.yml

@@ -0,0 +1 @@
+

data/lib/plugins/inspec-init/templates/profiles/alicloud/inspec.yml

@@ -0,0 +1,14 @@
+name: my-alicloud-sample-profile
+title: Ali Cloud InSpec Profile
+maintainer: The Authors
+copyright: The Authors
+copyright_email: you@example.com
+license: Apache-2.0
+summary: An InSpec Compliance Profile For Ali CLoud
+version: 0.1.0
+inspec_version: '~> 5'
+depends:
+  - name: inspec-alicloud
+    url: https://github.com/inspec/inspec-alicloud/archive/main.tar.gz
+supports:
+  - platform: alicloud

data/lib/plugins/inspec-reporter-html2/README.md

@@ -50,4 +50,4 @@ Specifies the full path to the location of a JavaScript file that will be read a
 
 ## Developing This Plugin
 
-This plugin is part of the Chef InSpec source code. While it has its own tests, the general contribution policy is dictated by the Chef InSpec project at https://github.com/inspec/inspec/blob/master/CONTRIBUTING.md
+This plugin is part of the Chef InSpec source code. While it has its own tests, the general contribution policy is dictated by the Chef InSpec project at https://github.com/inspec/inspec/blob/main/CONTRIBUTING.md

data/lib/plugins/inspec-reporter-html2/templates/body.html.erb

@@ -36,8 +36,14 @@
       <caption>Control Statistics</caption>
         <tr><th colspan="2"><h4 id="statistics-label">Control Statistics</h4></th></tr>
         <tr class= "passed"><th>Passed:</th><td><%= run_data.statistics.controls.passed.total %></td></tr>
-        <tr class= "skipped"><th>Skipped:</th><td><%= run_data.statistics.controls.skipped.total %></td></tr>
         <tr class= "failed"><th>Failed:</th><td><%= run_data.statistics.controls.failed.total %></td></tr>
+        <% if enhanced_outcomes %>
+          <tr class= "not_reviewed"><th>Not Reviewed:</th><td><%= run_data.statistics.controls.not_reviewed.total %></td></tr>
+          <tr class= "not_applicable"><th>Not Applicable:</th><td><%= run_data.statistics.controls.not_applicable.total %></td></tr>
+          <tr class= "error"><th>Error:</th><td><%= run_data.statistics.controls.error.total %></td></tr>
+        <% else %>
+          <tr class= "skipped"><th>Skipped:</th><td><%= run_data.statistics.controls.skipped.total %></td></tr>
+        <% end %>
         <tr class= "duration"><th>Duration:</th><td><%= run_data.statistics.duration %> seconds</td></tr>
         <tr class= "date"><th>Time Finished:</th><td><%= Time.now %></td></tr>
       </table>

data/lib/plugins/inspec-reporter-html2/templates/control.html.erb

@@ -1,11 +1,15 @@
 <% slugged_id = control.id.tr(" ", "_") %>
 <%
-    # Determine status of control
-    status = "passed"
-    if control.results.any? { |r| r.status == "failed" }
-      status = "failed"
-    elsif control.results.any? { |r| r.status == "skipped" }
-      status = "skipped"
+    if enhanced_outcomes
+      status = control.status
+    else
+      # Determine status of control
+      status = "passed"
+      if control.results.any? { |r| r.status == "failed" }
+        status = "failed"
+      elsif control.results.any? { |r| r.status == "skipped" }
+        status = "skipped"
+      end
     end
 %>
 

data/lib/plugins/inspec-reporter-html2/templates/default.css

@@ -60,6 +60,18 @@ pre code {
 .result-metadata .status-skipped div  {
   background-color: grey;
 }
+.control-metadata .status-error div,
+.result-metadata .status-error div  {
+  background-color: rgb(63, 15, 183);
+}
+.control-metadata .status-not_applicable div,
+.result-metadata .status-not_applicable div  {
+  background-color: rgb(135, 206, 250);
+}
+.control-metadata .status-not_reviewed div,
+.result-metadata .status-not_reviewed div  {
+  background-color: rgb(255, 194, 0);
+}
 .result-metadata,
 .control-metadata {
   margin: 0 0 0 5%;

data/lib/plugins/inspec-reporter-html2/templates/selector.html.erb

@@ -1,8 +1,14 @@
 <div class="selector-panel">
   <p id="selector-instructions">Display controls that are:</p>
   <input class="selector-checkbox" id="passed-checkbox" type="checkbox" checked="checked"/><label for="passed-checkbox">Passed</label>
-  <input class="selector-checkbox" id="skipped-checkbox" type="checkbox" checked="checked"/><label for="skipped-checkbox">Skipped</label>
   <input class="selector-checkbox" id="failed-checkbox" type="checkbox" checked="checked"/><label for="failed-checkbox">Failed</label>
+  <% if enhanced_outcomes %>
+    <input class="selector-checkbox" id="not_reviewed-checkbox" type="checkbox" checked="checked"/><label for="not_reviewed-checkbox">Not Reviewed</label>
+    <input class="selector-checkbox" id="not_applicable-checkbox" type="checkbox" checked="checked"/><label for="not_applicable-checkbox">Not Applicable</label>
+    <input class="selector-checkbox" id="error-checkbox" type="checkbox" checked="checked"/><label for="error-checkbox">Error</label>
+  <% else %>
+    <input class="selector-checkbox" id="skipped-checkbox" type="checkbox" checked="checked"/><label for="skipped-checkbox">Skipped</label>
+  <% end %>
   <p id="selector-instructions">Display profiles that are:</p>
   <input class="profile-selector-checkbox" id="child-profile-checkbox" type="checkbox" /><label for="child-profile-checkbox">Dependent Profiles</label>
 </div>

data/lib/plugins/inspec-sign/lib/inspec-sign/base.rb

@@ -59,11 +59,14 @@ module InspecPlugins
         # Read name and version from metadata and use them to form the filename
         profile_md = artifact.read_profile_metadata(profile_path)
 
-        artifact_filename = "#{profile_md["name"]}-#{profile_md["version"]}.#{SIGNED_PROFILE_SUFFIX}"
+        # Behave same as archive filename for iaf filename
+        slug = profile_md["name"].downcase.strip.tr(" ", "-").gsub(/[^\w-]/, "_")
+        filename = "#{slug}-#{profile_md["version"]}"
+        artifact_filename = "#{filename}.#{SIGNED_PROFILE_SUFFIX}"
 
         # Generating tar.gz file using archive method of Inspec Cli
         Inspec::InspecCLI.new.archive(profile_path, "error")
-        tarfile = "#{profile_md["name"]}-#{profile_md["version"]}.tar.gz"
+        tarfile = "#{filename}.tar.gz"
         tar_content = IO.binread(tarfile)
         FileUtils.rm(tarfile)
 

data/lib/plugins/inspec-streaming-reporter-progress-bar/lib/inspec-streaming-reporter-progress-bar/streaming_reporter.rb

@@ -20,6 +20,9 @@ module InspecPlugins::StreamingReporterProgressBar
         "passed" => "\033[0;1;32m",
         "skipped" => "\033[0;37m",
         "reset" => "\033[0m",
+        "error" => "\033[34m",
+        "not_applicable" => "\033[36m",
+        "not_reviewed" => "\033[33m",
       }.freeze
 
       # Most currently available Windows terminals have poor support
@@ -28,6 +31,9 @@ module InspecPlugins::StreamingReporterProgressBar
         "failed" => "[FAIL]",
         "skipped" => "[SKIP]",
         "passed" => "[PASS]",
+        "error" => "  [ERROR]  ",
+        "not_applicable" => "  [N/A]    ",
+        "not_reviewed" => "  [N/R]    ",
       }.freeze
     else
       # Extended colors for everyone else
@@ -36,6 +42,9 @@ module InspecPlugins::StreamingReporterProgressBar
         "passed" => "\033[38;5;41m",
         "skipped" => "\033[38;5;247m",
         "reset" => "\033[0m",
+        "error" => "\033[0;38;5;21m",
+        "not_applicable" => "\033[0;38;5;117m",
+        "not_reviewed" => "\033[0;38;5;214m",
       }.freeze
 
       # Groovy UTF-8 characters for everyone else...
@@ -44,6 +53,9 @@ module InspecPlugins::StreamingReporterProgressBar
         "failed" => "× [FAILED] ",
         "skipped" => "↺ [SKIPPED]",
         "passed" => "✔ [PASSED] ",
+        "error" => "× [ERROR]  ",
+        "not_applicable" => "  [N/A]    ",
+        "not_reviewed" => "  [N/R]    ",
       }.freeze
     end
 
@@ -71,29 +83,43 @@ module InspecPlugins::StreamingReporterProgressBar
       control_id = notification.example.metadata[:id]
       title = notification.example.metadata[:title]
       full_description = notification.example.metadata[:full_description]
-      control_impact = notification.example.metadata[:impact]
+
+      # No-op exception occurs in case of not_applicable_if
+      if (full_description.include? "No-op") && notification.example.exception
+        full_description += notification.example.exception.message
+      end
+
       set_status_mapping(control_id, status)
-      show_progress(control_id, title, full_description, control_impact) if control_ended?(control_id)
+      collect_notifications(notification, control_id, status)
+      control_ended = control_ended?(control_id)
+      if control_ended
+        control_outcome = add_enhanced_outcomes(control_id) if enhanced_outcomes
+        show_progress(control_id, title, full_description, control_outcome)
+      end
     end
 
-    def show_progress(control_id, title, full_description, control_impact)
+    def show_progress(control_id, title, full_description, control_outcome)
       @bar ||= ProgressBar.new(controls_count, :bar, :counter, :percentage)
       sleep 0.1
       @bar.increment!
-      @bar.puts format_it(control_id, title, full_description, control_impact)
+      @bar.puts format_it(control_id, title, full_description, control_outcome)
     rescue StandardError => e
       raise "Exception in Progress Bar streaming reporter: #{e}"
     end
 
-    def format_it(control_id, title, full_description, control_impact)
-      control_status = if @status_mapping[control_id].include? "failed"
-                         "failed"
-                       elsif @status_mapping[control_id].include? "passed"
-                         "passed"
-                       else
-                         @status_mapping[control_id].include? "skipped"
-                         "skipped"
-                       end
+    def format_it(control_id, title, full_description, control_outcome)
+      if control_outcome
+        control_status = control_outcome
+      else
+        control_status = if @status_mapping[control_id].include? "failed"
+                           "failed"
+                         elsif @status_mapping[control_id].include? "passed"
+                           "passed"
+                         else
+                           @status_mapping[control_id].include? "skipped"
+                           "skipped"
+                         end
+      end
       indicator = INDICATORS[control_status]
       message_to_format = ""
       message_to_format += "#{indicator}  "

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 5.18.14
+  version: 5.22.3
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-11 00:00:00.000000000 Z
+date: 2023-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry
@@ -226,34 +226,34 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.9.0
+        version: '1'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.9.0
+        version: '1'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: faraday_middleware
+  name: faraday-follow_redirects
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: tty-table
   requirement: !ruby/object:Gem::Requirement
@@ -429,6 +429,7 @@ files:
 - lib/inspec/dist.rb
 - lib/inspec/dsl.rb
 - lib/inspec/dsl_shared.rb
+- lib/inspec/enhanced_outcomes.rb
 - lib/inspec/env_printer.rb
 - lib/inspec/errors.rb
 - lib/inspec/exceptions.rb
@@ -583,6 +584,7 @@ files:
 - lib/inspec/resources/mysql.rb
 - lib/inspec/resources/mysql_conf.rb
 - lib/inspec/resources/mysql_session.rb
+- lib/inspec/resources/nftables.rb
 - lib/inspec/resources/nginx.rb
 - lib/inspec/resources/nginx_conf.rb
 - lib/inspec/resources/noop.rb
@@ -606,6 +608,12 @@ files:
 - lib/inspec/resources/php_config.rb
 - lib/inspec/resources/pip.rb
 - lib/inspec/resources/platform.rb
+- lib/inspec/resources/podman.rb
+- lib/inspec/resources/podman_container.rb
+- lib/inspec/resources/podman_image.rb
+- lib/inspec/resources/podman_network.rb
+- lib/inspec/resources/podman_pod.rb
+- lib/inspec/resources/podman_volume.rb
 - lib/inspec/resources/port.rb
 - lib/inspec/resources/postfix_conf.rb
 - lib/inspec/resources/postgres.rb
@@ -707,6 +715,7 @@ files:
 - lib/inspec/utils/object_traversal.rb
 - lib/inspec/utils/parser.rb
 - lib/inspec/utils/pkey_reader.rb
+- lib/inspec/utils/podman.rb
 - lib/inspec/utils/run_data_filters.rb
 - lib/inspec/utils/simpleconfig.rb
 - lib/inspec/utils/spdx.rb
@@ -716,8 +725,12 @@ files:
 - lib/inspec/utils/telemetry/data_series.rb
 - lib/inspec/utils/telemetry/global_methods.rb
 - lib/inspec/utils/telemetry/run_context_probe.rb
+- lib/inspec/utils/waivers/csv_file_reader.rb
+- lib/inspec/utils/waivers/excel_file_reader.rb
+- lib/inspec/utils/waivers/json_file_reader.rb
 - lib/inspec/utils/yaml_profile_summary.rb
 - lib/inspec/version.rb
+- lib/inspec/waiver_file_reader.rb
 - lib/matchers/matchers.rb
 - lib/plugins/README.md
 - lib/plugins/inspec-compliance/README.md
@@ -758,6 +771,10 @@ files:
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/reporter.erb
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/streaming_reporter.erb
 - lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.erb
+- lib/plugins/inspec-init/templates/profiles/alicloud/README.md
+- lib/plugins/inspec-init/templates/profiles/alicloud/controls/example.rb
+- lib/plugins/inspec-init/templates/profiles/alicloud/inputs.yml
+- lib/plugins/inspec-init/templates/profiles/alicloud/inspec.yml
 - lib/plugins/inspec-init/templates/profiles/aws/README.md
 - lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb
 - lib/plugins/inspec-init/templates/profiles/aws/inputs.yml