RubyGems - inspec-core - Versions diffs - 5.24.5 → 5.24.7 - Mend

inspec-core 5.24.5 → 5.24.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/inspec/resources/mssql_session.rb +13 -1
data/lib/inspec/utils/profile_ast_helpers.rb +38 -10
data/lib/inspec/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 786e3d95992223676c73b03e4fabae1aa5d1700b274c8870fb557e0ed54c8308
-  data.tar.gz: 6b8adfc8bd4e8a133b4b63e79a2cfc4bf94f32535a31849d6a56bee08dba8d47
+  metadata.gz: 1d51433ba0116888c84236e9e10a00eed659241c97bc52bc28adab5d166747b1
+  data.tar.gz: fbcdb575d6d6e318080fe33c9480d97a886e18795f8d9d70b631744998985039
 SHA512:
-  metadata.gz: e93a90a68347246a6e39c9eabaed0bcdc4a473c9f9a9dd65906d48ff228bb9099abaf6693a5727df1aa59fb0be9f9c8a4c8f602c9282d15c958ab452042514b2
-  data.tar.gz: d86cd0720240d5d3844e294dd90465e0480b72dd9019cdd52af908728ecb395d7f1162029ea510b2083d6dba190e7222ee2feccec5f3fbf1aa837e33f82f6e9c
+  metadata.gz: bd38bce6f7c2f0f53effda98239dc918e002c1f06266f32905fe464c22c4bcbc2c09a475c4b3e7eb9b902a50252b9f4c83978e1e857fb0bd0f78fb1e8ced781a
+  data.tar.gz: b9ae97157012e01b7522afc285b307b4042178900c25ba7f9e72898d4aa1670d97906ba8e8b50bab0cf04645d809a6bad2229d567eb658b1a2f327b359b0014a

data/lib/inspec/resources/mssql_session.rb CHANGED Viewed

@@ -30,9 +30,15 @@ module Inspec::Resources
         its('value') { should_not be_empty }
         its('value') { should cmp == 1 }
       end
+      # Trust the SQL Server TLS certificate when using sqlcmd
+      sql_tls = mssql_session(user: 'myuser', password: 'mypassword', trust_server_certificate: true)
+      describe sql_tls.query(\"SELECT SERVERPROPERTY('ProductVersion') as \\\"version\\\";\").row(0).column('version') do
+        its('value') { should_not be_empty }
+      end
     EXAMPLE
-    attr_reader :user, :password, :host, :port, :instance, :local_mode, :db_name
+    attr_reader :user, :password, :host, :port, :instance, :local_mode, :db_name, :trust_server_certificate
     def initialize(opts = {})
       @user = opts[:user]
       @password = opts[:password] || opts[:pass]
@@ -46,6 +52,7 @@ module Inspec::Resources
       end
       @instance = opts[:instance]
       @db_name = opts[:db_name]
+      @trust_server_certificate = !!opts[:trust_server_certificate] # rubocop:disable Style/DoubleNegation
       # check if sqlcmd is available
       raise Inspec::Exceptions::ResourceSkipped, "sqlcmd is missing" unless inspec.command("sqlcmd").exist?
@@ -57,6 +64,7 @@ module Inspec::Resources
       escaped_query = q.gsub(/\\/, "\\\\").gsub(/"/, '""').gsub(/\$/, '\\$')
       # surpress 'x rows affected' in SQLCMD with 'set nocount on;'
       cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
+      cmd_string += " -C" if trust_server_certificate?
       cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
       cmd_string += " -d '#{@db_name}'" unless @db_name.nil?
       unless local_mode?
@@ -94,6 +102,10 @@ module Inspec::Resources
       !!@local_mode # rubocop:disable Style/DoubleNegation
     end
+    def trust_server_certificate?
+      @trust_server_certificate
+    end
     def test_connection
       !query("select getdate()").empty?
     end

data/lib/inspec/utils/profile_ast_helpers.rb CHANGED Viewed

@@ -24,6 +24,37 @@ module Inspec
           @memo = memo
         end
+        def extract_node_value(node)
+          case node.class.to_s
+          when "RuboCop::AST::HashNode"
+            # Handle hash nodes
+            values = {}
+            node.children.each do |pair_node|
+              values.merge!(pair_node.key.value => extract_node_value(pair_node.value))
+            end
+            values
+          when "RuboCop::AST::ArrayNode"
+            # Handle array nodes
+            node.children.map { |element| extract_node_value(element) }
+          else
+            # Handle simple nodes (strings, numbers, symbols, booleans, nil, etc.)
+            if node.respond_to?(:type)
+              case node.type
+              when :true
+                true
+              when :false
+                false
+              when :nil
+                nil
+              else
+                node.respond_to?(:value) ? node.value : node
+              end
+            else
+              node.respond_to?(:value) ? node.value : node
+            end
+          end
+        end
         def collect_input(input_children)
           input_name = input_children.children[2].value
@@ -39,15 +70,9 @@ module Inspec
                 if VALID_INPUT_OPTIONS.include?(child_node.key.value)
                   if child_node.value.class == RuboCop::AST::Node && REQUIRED_VALUES_MAP.key?(child_node.value.type)
                     opts.merge!(child_node.key.value => REQUIRED_VALUES_MAP[child_node.value.type])
-                  elsif child_node.value.class == RuboCop::AST::HashNode
-                    # Here value will be a hash
-                    values = {}
-                    child_node.value.children.each do |grand_child_node|
-                      values.merge!(grand_child_node.key.value => grand_child_node.value.value)
-                    end
-                    opts.merge!(child_node.key.value => values)
                   else
-                    opts.merge!(child_node.key.value => child_node.value.value)
+                    # Use the helper method to recursively extract values from any node type
+                    opts.merge!(child_node.key.value => extract_node_value(child_node.value))
                   end
                 end
               end
@@ -313,8 +338,11 @@ module Inspec
             collectors.push InputCollectorWithinControlBlock.new(@memo)
             collectors.push TestsCollector.new(control_data) if include_tests
-            begin_block.each_node do |node_within_control|
-              collectors.each { |collector| collector.process(node_within_control) }
+            # Handle empty control blocks (e.g., control "id" do end)
+            if begin_block
+              begin_block.each_node do |node_within_control|
+                collectors.each { |collector| collector.process(node_within_control) }
+              end
             end
             memo[:controls].push control_data

data/lib/inspec/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "5.24.5".freeze
+  VERSION = "5.24.7".freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 5.24.5
+  version: 5.24.7
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-01-28 00:00:00.000000000 Z
+date: 2026-02-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry