inspec-core 3.9.3 → 4.1.4.preview

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA256:
3
- metadata.gz: 96ff01311bc29d2878ccaa989af9b586229a74cf6c4e22a5d15cccec333ab8b9
4
- data.tar.gz: 727e2df3d8d54bbf57fa4cd91b6dbb2a2d45b8124ee2fa6aaff2e8e29ad8c5fe
2
+ SHA1:
3
+ metadata.gz: 4153e41e5d8fddfb696a73688b7d92b299aed682
4
+ data.tar.gz: 9a9c379e82e175edacc705e63b299e091be4df1b
5
5
  SHA512:
6
- metadata.gz: 158b57f8f27e24c0a4c3dd9f6f0db7701ed1deac01872d6832332bfc523eea695f8af4654bbabdc6e1fdf649eff3ea007f37417d3e5dda92bf097fb5d1fe0438
7
- data.tar.gz: 994876c13c21a6a2230c945e2668515b75d5ac30202de624da721cb929e10fdcd96fb159a935e9119f0b92ed92ff75a8cf480a7937e5b159cc1dadd021eea719
6
+ metadata.gz: abbbc79378e7f76da10089bea0030fe19c0ad470eba604caaa5ad909ceb8977919f9849346e558f3dceb213d290d2317ec12a282936100cb2152f412f034aac2
7
+ data.tar.gz: 806520071a450b2a8c4fe097dbc580d3de4b6beed0b09f95f3ae3e4af2948ec653456ff59bdc815396149391b0a82d496f3abdaf608af1653ccd1ed82544009d
data/README.md CHANGED
@@ -46,7 +46,7 @@ inspec exec test.rb -t docker://container_id
46
46
 
47
47
  ## Installation
48
48
 
49
- InSpec requires Ruby ( >2.3 ).
49
+ InSpec requires Ruby ( >= 2.4 ).
50
50
 
51
51
  ### Install as package
52
52
 
@@ -454,4 +454,3 @@ distributed under the License is distributed on an "AS IS" BASIS,
454
454
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
455
455
  See the License for the specific language governing permissions and
456
456
  limitations under the License.
457
-
@@ -6,24 +6,106 @@
6
6
  "action": "ignore",
7
7
  "prefix": "The 'default' option for attributes is being replaced by 'value' - please use it instead."
8
8
  },
9
+ "aws_resources_in_resource_pack": {
10
+ "comment": "See #3822",
11
+ "action": "ignore",
12
+ "prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
13
+ },
9
14
  "cli_option_json_config": {
10
15
  "action": "ignore",
11
16
  "prefix": "The --json-config option is being replaced by the --config option.",
12
17
  "comment": "See #3661"
13
18
  },
14
- "filesystem_property_size": {
19
+ "file_resource_be_mounted_matchers": {
20
+ "action": "warn",
21
+ "suffix": "This will not be supported in InSpec 4.0."
22
+ },
23
+ "host_resource_proto_usage": {
24
+ "action": "warn",
25
+ "suffix": "This will not be supported in InSpec 4.0."
26
+ },
27
+ "inspec_ui_methods": {
28
+ "action": "ignore",
29
+ "suffix": "Please call `cli.ui` directly",
30
+ "comment": "See #3715"
31
+ },
32
+ "mssql_session_pass_option": {
33
+ "action": "warn",
34
+ "suffix": "This will not be supported in InSpec 4.0."
35
+ },
36
+ "oracledb_session_pass_option": {
37
+ "action": "warn",
38
+ "suffix": "This will not be supported in InSpec 4.0."
39
+ },
40
+ "property_filesystem_size": {
15
41
  "action": "ignore",
16
42
  "comment": "See #3778"
17
43
  },
44
+ "property_processes_list": {
45
+ "action": "warn",
46
+ "suffix": "This property will be removed in InSpec 4.0."
47
+ },
48
+ "properties_aws_iam_user": {
49
+ "action": "warn",
50
+ "suffix": "This property will be removed in InSpec 4.0."
51
+ },
52
+ "properties_shadow": {
53
+ "action": "warn",
54
+ "suffix": "This property will be removed in InSpec 4.0."
55
+ },
18
56
  "rename_attributes_to_inputs": {
19
57
  "action": "ignore",
20
58
  "prefix": "InSpec Attributes are being renamed to InSpec Inputs to avoid confusion with Chef Attributes.",
21
59
  "comment": "See #3802"
22
60
  },
23
- "aws_resources_in_resource_pack": {
24
- "comment": "See #3822",
25
- "action": "ignore",
26
- "prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
61
+ "resource_apache": {
62
+ "action": "warn",
63
+ "suffix": "This resource will be removed in InSpec 4.0."
64
+ },
65
+ "resource_azure_generic_resource": {
66
+ "action": "warn",
67
+ "prefix": "The azure_generic_resource is deprecated. Please use a specific resource. See: 'https://github.com/inspec/inspec/issues/3131'"
68
+ },
69
+ "resource_iis_website": {
70
+ "action": "warn",
71
+ "suffix": "This resource will be removed in InSpec 4.0.",
72
+ "comment": "Needed for ServerSpec compatibility"
73
+ },
74
+ "resource_linux_kernel_parameter": {
75
+ "action": "warn",
76
+ "suffix": "This resource will be removed in InSpec 4.0.",
77
+ "comment": "Needed for ServerSpec compatibility"
78
+ },
79
+ "resource_ppa": {
80
+ "action": "warn",
81
+ "suffix": "This resource will be removed in InSpec 4.0.",
82
+ "comment": "Needed for ServerSpec compatibility"
83
+ },
84
+ "resource_script": {
85
+ "action": "warn",
86
+ "suffix": "This resource will be removed in InSpec 4.0"
87
+ },
88
+ "resource_user_serverspec_compat": {
89
+ "action": "warn"
90
+ },
91
+ "resource_windows_registry_key": {
92
+ "action": "warn",
93
+ "suffix": "This resource will be removed in InSpec 4.0.",
94
+ "comment": "Needed for ServerSpec compatibility"
95
+ },
96
+ "serverspec_compatibility": {
97
+ "action": "warn",
98
+ "suffix": "This is only allowed for compatibility with ServerSpec"
99
+ },
100
+ "supports_syntax": {
101
+ "action": "warn"
102
+ },
103
+ "mount_parser_serverspec_compat": {
104
+ "action": "warn"
105
+ },
106
+ "wmi_non_hash_usage": {
107
+ "action": "warn",
108
+ "suffix": "This property will be removed in InSpec 4.0."
27
109
  }
28
110
  }
29
- }
111
+ }
@@ -164,28 +164,28 @@ module Inspec
164
164
  end
165
165
 
166
166
  def mark_text(text)
167
- # TODO: - deprecate, call cli.ui directly
167
+ Inspec.deprecate(:inspec_ui_methods)
168
168
  # Note that this one doesn't automatically print
169
169
  ui.emphasis(text, print: false)
170
170
  end
171
171
 
172
172
  def headline(title)
173
- # TODO: - deprecate, call cli.ui directly
173
+ Inspec.deprecate(:inspec_ui_methods)
174
174
  ui.headline(title)
175
175
  end
176
176
 
177
177
  def li(entry)
178
- # TODO: - deprecate, call cli.ui directly
178
+ Inspec.deprecate(:inspec_ui_methods)
179
179
  ui.list_item(entry)
180
180
  end
181
181
 
182
182
  def plain_text(msg)
183
- # TODO: - deprecate, call cli.ui directly
183
+ Inspec.deprecate(:inspec_ui_methods)
184
184
  ui.plain(msg + "\n")
185
185
  end
186
186
 
187
187
  def exit(code)
188
- # TODO: - deprecate, call cli.ui directly
188
+ Inspec.deprecate(:inspec_ui_methods)
189
189
  ui.exit code
190
190
  end
191
191
  end
@@ -39,6 +39,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
39
39
  class_option :disable_user_plugins, type: :string, banner: '',
40
40
  desc: 'Disable loading all plugins that the user installed.'
41
41
 
42
+ require 'license_acceptance/cli_flags/thor'
43
+ include LicenseAcceptance::CLIFlags::Thor
44
+
42
45
  desc 'json PATH', 'read all tests in PATH and generate a JSON summary'
43
46
  option :output, aliases: :o, type: :string,
44
47
  desc: 'Save the created profile to a path'
@@ -196,6 +199,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
196
199
  3 Fatal deprecation encountered
197
200
  100 Normal exit, at least one test failed
198
201
  101 Normal exit, at least one test skipped but none failed
202
+ 172 Chef License not accepted
199
203
  ```
200
204
 
201
205
  Below are some examples of using `exec` with different test LOCATIONS:
@@ -373,18 +377,44 @@ class Inspec::InspecCLI < Inspec::BaseCLI
373
377
  end
374
378
  end
375
379
 
380
+ #=====================================================================#
381
+ # Pre-Flight Code
382
+ #=====================================================================#
383
+
384
+ help_commands = ['-h', '--help', 'help']
385
+ version_commands = ['-v', '--version', 'version']
386
+ commands_exempt_from_license_check = help_commands + version_commands
387
+
388
+ #---------------------------------------------------------------------#
389
+ # EULA acceptance
390
+ #---------------------------------------------------------------------#
391
+ require 'license_acceptance/acceptor'
376
392
  begin
377
- # Handle help commands
378
- # This allows you to use any of the normal help commands after the normal args.
379
- help_commands = ['-h', '--help', 'help']
380
- (help_commands & ARGV).each do |cmd|
381
- # move the help argument to one place behind the end for Thor to digest
382
- if ARGV.size > 1
383
- match = ARGV.delete(cmd)
384
- ARGV.insert(-2, match)
385
- end
393
+ if (commands_exempt_from_license_check & ARGV.map(&:downcase)).empty? && # Did they use a non-exempt command?
394
+ !ARGV.empty? # Did they supply at least one command?
395
+ LicenseAcceptance::Acceptor.check_and_persist('inspec', Inspec::VERSION)
386
396
  end
397
+ rescue LicenseAcceptance::LicenseNotAcceptedError
398
+ Inspec::Log.error 'InSpec cannot execute without accepting the license'
399
+ Inspec::UI.new.exit(:license_not_accepted)
400
+ end
387
401
 
402
+ #---------------------------------------------------------------------#
403
+ # Adjustments for help handling
404
+ # This allows you to use any of the normal help commands after the normal args.
405
+ #---------------------------------------------------------------------#
406
+ (help_commands & ARGV).each do |cmd|
407
+ # move the help argument to one place behind the end for Thor to digest
408
+ if ARGV.size > 1
409
+ match = ARGV.delete(cmd)
410
+ ARGV.insert(-2, match)
411
+ end
412
+ end
413
+
414
+ #---------------------------------------------------------------------#
415
+ # Plugin Loading
416
+ #---------------------------------------------------------------------#
417
+ begin
388
418
  # Load v2 plugins. Manually check for plugin disablement.
389
419
  omit_core = ARGV.delete('--disable-core-plugins')
390
420
  omit_user = ARGV.delete('--disable-user-plugins')
@@ -197,7 +197,7 @@ module Inspec
197
197
 
198
198
  def check_for_piped_config(cli_opts)
199
199
  cli_opt = cli_opts[:config] || cli_opts[:json_config]
200
- Inspec.deprecate(:cli_option_json_config, '') if cli_opts.key?(:json_config)
200
+ Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
201
201
 
202
202
  return nil unless cli_opt
203
203
  return nil unless cli_opt == '-'
@@ -209,7 +209,7 @@ module Inspec
209
209
 
210
210
  def determine_cfg_path(cli_opts)
211
211
  path = cli_opts[:config] || cli_opts[:json_config]
212
- Inspec.deprecate(:cli_option_json_config, '') if cli_opts.key?(:json_config)
212
+ Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
213
213
 
214
214
  if path.nil?
215
215
  default_path = File.join(Inspec.config_dir, 'config.json')
@@ -149,11 +149,9 @@ module Inspec
149
149
  nil
150
150
  when nil then nil
151
151
  else
152
- logger ||= Logger.new(nil)
153
- logger.warn(
154
- "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
155
- "supports:\n - os-family: #{x}\n\n",
156
- )
152
+ Inspec.deprecate(:supports_syntax,
153
+ "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
154
+ "supports:\n - os-family: #{x}\n\n")
157
155
  { :'os-family' => x } # rubocop:disable Style/HashSyntax
158
156
  end
159
157
  end
@@ -147,7 +147,10 @@ module Inspec
147
147
  end
148
148
 
149
149
  # rubocop:enable Lint/NestedMethodDefinition
150
- if __resource_registry.key?(name)
150
+
151
+ # Warn if a resource pack is overwriting a core resource.
152
+ # Suppress warning if the resource is an AWS resource, see #3822
153
+ if __resource_registry.key?(name) && !name.start_with?('aws_')
151
154
  Inspec::Log.warn("Overwriting resource #{name}. To reference a specific version of #{name} use the resource() method")
152
155
  end
153
156
  __resource_registry[name] = cl
@@ -33,6 +33,7 @@ module Inspec
33
33
  EXIT_USAGE_ERROR = 1
34
34
  EXIT_PLUGIN_ERROR = 2
35
35
  EXIT_FATAL_DEPRECATION = 3
36
+ EXIT_LICENSE_NOT_ACCEPTED = 172
36
37
  EXIT_FAILED_TESTS = 100
37
38
  EXIT_SKIPPED_TESTS = 101
38
39
 
@@ -1,8 +1,3 @@
1
- # encoding: utf-8
2
- # frozen_string_literal: true
3
- # author: Dominik Richter
4
- # author: Christoph Hartmann
5
-
6
1
  module Inspec
7
- VERSION = '3.9.3'
2
+ VERSION = '4.1.4.preview'.freeze
8
3
  end
@@ -107,6 +107,7 @@ end
107
107
  # Deprecated: You should not use this matcher anymore
108
108
  RSpec::Matchers.define :be_running do
109
109
  match do |service|
110
+ Inspec.deprecate(:serverspec_compatibility, 'The service `be_running?` matcher is deprecated.')
110
111
  service.running? == true
111
112
  end
112
113
 
@@ -26,7 +26,7 @@ module Inspec::Resources
26
26
 
27
27
  attr_reader :service, :conf_dir, :conf_path, :user
28
28
  def initialize
29
- warn '[DEPRECATED] The `apache` resource is deprecated and will be removed in InSpec 4.0'
29
+ Inspec.deprecate(:resource_apache, 'The apache resource is deprecated')
30
30
 
31
31
  if inspec.os.debian?
32
32
  @service = 'apache2'
@@ -127,8 +127,6 @@ module Inspec::Resources
127
127
  end
128
128
  end
129
129
 
130
- # for compatability with serverspec
131
- # this is deprecated syntax and will be removed in future versions
132
130
  class PpaRepository < AptRepository
133
131
  name 'ppa'
134
132
 
@@ -143,7 +141,7 @@ module Inspec::Resources
143
141
  end
144
142
 
145
143
  def deprecated
146
- warn '[DEPRECATION] `ppa(reponame)` is deprecated. Please use `apt(reponame)` instead.'
144
+ Inspec.deprecate(:resource_ppa, 'The `ppa` resource is deprecated. Please use `apt`')
147
145
  end
148
146
  end
149
147
  end
@@ -98,7 +98,7 @@ module Inspec::Resources
98
98
  return file.mounted? if expected_options.nil?
99
99
 
100
100
  # deprecation warning, this functionality will be removed in future version
101
- warn "[DEPRECATION] `be_mounted.with and be_mounted.only_with` are deprecated. Please use `mount('#{source_path}')` instead."
101
+ Inspec.deprecate(:file_resource_be_mounted_matchers, 'The file resource `be_mounted.with` and `be_mounted.only_with` matchers are deprecated. Please use the `mount` resource instead')
102
102
 
103
103
  # we cannot read mount data on non-Linux systems
104
104
  return nil if !inspec.os.linux?
@@ -133,6 +133,35 @@ module Inspec::Resources
133
133
 
134
134
  alias sticky? sticky
135
135
 
136
+ def more_permissive_than?(max_mode = nil)
137
+ raise Inspec::Exceptions::ResourceFailed, 'The file' + file.path + 'doesn\'t seem to exist' unless exist?
138
+ raise ArgumentError, 'You must proivde a value for the `maximum allowable permission` for the file.' if max_mode.nil?
139
+ raise ArgumentError, 'You must proivde the `maximum permission target` as a `String`, you provided: ' + max_mode.class.to_s unless max_mode.is_a?(String)
140
+ raise ArgumentError, 'The value of the `maximum permission target` should be a valid file mode in 4-ditgit octal format: for example, `0644` or `0777`' unless /(0)?([0-7])([0-7])([0-7])/.match?(max_mode)
141
+
142
+ # Using the files mode and a few bit-wise calculations we can ensure a
143
+ # file is no more permisive than desired.
144
+ #
145
+ # 1. Calculate the inverse of the desired mode (e.g., 0644) by XOR it with
146
+ # 0777 (all 1s). We are interested in the bits that are currently 0 since
147
+ # it indicates that the actual mode is more permissive than the desired mode.
148
+ # Conversely, we dont care about the bits that are currently 1 because they
149
+ # cannot be any more permissive and we can safely ignore them.
150
+ #
151
+ # 2. Calculate the above result of ANDing the actual mode and the inverse
152
+ # mode. This will determine if any of the bits that would indicate a more
153
+ # permissive mode are set in the actual mode.
154
+ #
155
+ # 3. If the result is 0000, the files mode is equal
156
+ # to or less permissive than the desired mode (PASS). Otherwise, the files
157
+ # mode is more permissive than the desired mode (FAIL).
158
+
159
+ max_mode = max_mode.rjust(4, '0')
160
+ binary_desired_mode = format('%04b', max_mode).to_i(2)
161
+ desired_mode_inverse = (binary_desired_mode ^ 0b111111111)
162
+ (desired_mode_inverse & file.mode).zero? ? false : true
163
+ end
164
+
136
165
  def to_s
137
166
  "File #{source_path}"
138
167
  end
@@ -212,6 +241,10 @@ module Inspec::Resources
212
241
  raise '`check_file_permission_by_mask` is not supported on Windows'
213
242
  end
214
243
 
244
+ def more_permissive_than?(*)
245
+ raise Inspec::Exceptions::ResourceSkipped, 'The `more_permissive_than?` matcher is not supported on your OS yet.'
246
+ end
247
+
215
248
  def check_file_permission_by_user(access_type, user, path)
216
249
  access_rule = translate_perm_names(access_type)
217
250
  access_rule = convert_to_powershell_array(access_rule)
@@ -52,7 +52,7 @@ module Inspec::Resources
52
52
  end
53
53
 
54
54
  def size
55
- Inspec.deprecate(:filesystem_property_size, 'The `size` property did not reliably use the correct units. Please use `size_kb` instead.')
55
+ Inspec.deprecate(:property_filesystem_size, 'The `size` property did not reliably use the correct units. Please use `size_kb` instead.')
56
56
  if inspec.os.windows?
57
57
  # On windows, we had a bug prior to #3767 in which the
58
58
  # 'size' value was be scaled to GB in powershell.
@@ -49,7 +49,7 @@ module Inspec::Resources
49
49
  @port = params[:port]
50
50
 
51
51
  if params[:proto]
52
- warn '[DEPRECATION] The `proto` parameter is deprecated. Use `protocol` instead.'
52
+ Inspec.deprecate(:host_resource_proto_usage, 'The `host` resource `proto` resource parameter is deprecated. Please use `protocol`.')
53
53
  @protocol = params[:proto]
54
54
  else
55
55
  @protocol = params.fetch(:protocol, 'icmp')
@@ -75,7 +75,7 @@ module Inspec::Resources
75
75
  end
76
76
 
77
77
  def proto
78
- warn '[DEPRECATION] The `proto` method is deprecated. Use `protocol` instead.'
78
+ Inspec.deprecate(:host_resource_proto_usage, 'The host resource `proto` method is deprecated. Please use `protocol`.')
79
79
  protocol
80
80
  end
81
81
 
@@ -134,8 +134,8 @@ module Inspec::Resources
134
134
  EXAMPLE
135
135
 
136
136
  def initialize(site_name)
137
+ Inspec.deprecate(:resource_iis_website, 'The `iis_website` resource is deprecated. Please use `iis_site` instead.')
137
138
  super(site_name)
138
- warn '[DEPRECATION] `iis_website(site_name)` is deprecated. Please use `iis_site(site_name)` instead.'
139
139
  end
140
140
 
141
141
  def in_app_pool?(app_pool)
@@ -13,6 +13,8 @@ module Inspec::Resources
13
13
  it { should exist }
14
14
  it { should be_up }
15
15
  its('speed') { should eq 1000 }
16
+ its('ipv4_addresses') { should include '127.0.0.1' }
17
+ its('ipv6_cidrs') { should include '::1/128' }
16
18
  end
17
19
  EXAMPLE
18
20
  def initialize(iface)
@@ -41,6 +43,42 @@ module Inspec::Resources
41
43
  interface_info.nil? ? nil : interface_info[:speed]
42
44
  end
43
45
 
46
+ def ipv4_address?
47
+ !ipv4_addresses.nil? && !ipv4_addresses.empty?
48
+ end
49
+
50
+ def ipv6_address?
51
+ !ipv6_addresses.nil? && !ipv6_addresses.empty?
52
+ end
53
+
54
+ def ipv4_addresses
55
+ ipv4_cidrs.map { |i| i.split('/')[0] }
56
+ end
57
+
58
+ def ipv6_addresses
59
+ ipv6_cidrs.map { |i| i.split('/')[0] }
60
+ end
61
+
62
+ def ipv4_addresses_netmask
63
+ ipv4_cidrs.map { |i| i.split('/') }.map do |addr, netlen|
64
+ binmask = "#{'1' * netlen.to_i}#{'0' * (32 - netlen.to_i)}".to_i(2)
65
+ netmask = []
66
+ (1..4).each do |_byte|
67
+ netmask.unshift(binmask & 255)
68
+ binmask = binmask >> 8
69
+ end
70
+ "#{addr}/#{netmask.join('.')}"
71
+ end
72
+ end
73
+
74
+ def ipv4_cidrs
75
+ interface_info.nil? ? [] : interface_info[:ipv4_addresses]
76
+ end
77
+
78
+ def ipv6_cidrs
79
+ interface_info.nil? ? [] : interface_info[:ipv6_addresses]
80
+ end
81
+
44
82
  def to_s
45
83
  "Interface #{@iface}"
46
84
  end
@@ -87,28 +125,54 @@ module Inspec::Resources
87
125
  speed = convert_to_i(speed)
88
126
  end
89
127
 
128
+ family_addresses = addresses(iface)
90
129
  {
91
130
  name: iface,
92
131
  up: state,
93
132
  speed: speed,
133
+ ipv4_addresses: family_addresses['inet'],
134
+ ipv6_addresses: family_addresses['inet6'],
94
135
  }
95
136
  end
137
+
138
+ private
139
+
140
+ def addresses(iface)
141
+ addrs_by_family = { 'inet6' => [], 'inet' => [] }
142
+ [4, 6].each do |v|
143
+ cmd = inspec.command("/sbin/ip -br -#{v} address show dev #{iface}")
144
+ next unless cmd.exit_status.to_i == 0
145
+ family = v == 6 ? 'inet6' : 'inet'
146
+
147
+ cmd.stdout.each_line do |line|
148
+ _dev, _state, *addrs = line.split(/\s+/)
149
+ addrs_by_family[family] = addrs
150
+ end
151
+ end
152
+ addrs_by_family
153
+ end
96
154
  end
97
155
 
98
156
  class WindowsInterface < InterfaceInfo
99
157
  def interface_info(iface)
100
158
  # gather all network interfaces
101
- cmd = inspec.command('Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json')
159
+ cmd = inspec.command('Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, ' \
160
+ 'MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json')
161
+
162
+ addr_cmd = inspec.command('Get-NetIPAddress | Select-Object -Property IPv6Address, IPv4Address, InterfaceAlias,' \
163
+ ' PrefixLength | ConvertTo-Json')
102
164
 
103
165
  # filter network interface
104
166
  begin
105
167
  net_adapter = JSON.parse(cmd.stdout)
168
+ addresses = JSON.parse(addr_cmd.stdout)
106
169
  rescue JSON::ParserError => _e
107
170
  return nil
108
171
  end
109
172
 
110
173
  # ensure we have an array of groups
111
174
  net_adapter = [net_adapter] if !net_adapter.is_a?(Array)
175
+ addresses = [addresses] if !addresses.is_a?(Array)
112
176
 
113
177
  # select the requested interface
114
178
  adapters = net_adapter.each_with_object([]) do |adapter, adapter_collection|
@@ -117,6 +181,8 @@ module Inspec::Resources
117
181
  name: adapter['Name'],
118
182
  up: adapter['State'] == 2,
119
183
  speed: adapter['ReceiveLinkSpeed'] / 1000,
184
+ ipv4_addresses: addresses_for_proto(addresses, adapter['Name'], 'IPv4'),
185
+ ipv6_addresses: addresses_for_proto(addresses, adapter['Name'], 'IPv6'),
120
186
  }
121
187
  adapter_collection.push(info) if info[:name].casecmp(iface) == 0
122
188
  end
@@ -125,5 +191,13 @@ module Inspec::Resources
125
191
  warn "[Possible Error] detected multiple network interfaces with the name #{iface}" if adapters.size > 1
126
192
  adapters[0]
127
193
  end
194
+
195
+ private
196
+
197
+ def addresses_for_proto(all_addresses, iface, proto)
198
+ all_addresses.select { |i| i['InterfaceAlias'] == iface }
199
+ .map { |i| "#{i["#{proto}Address"]}/#{i['PrefixLength']}" unless i["#{proto}Address"].nil? }
200
+ .compact
201
+ end
128
202
  end
129
203
  end
@@ -33,24 +33,19 @@ module Inspec::Resources
33
33
  end
34
34
  end
35
35
 
36
- # for compatability with serverspec
37
- # this is deprecated syntax and will be removed in future versions
38
36
  class LinuxKernelParameter < KernelParameter
39
37
  name 'linux_kernel_parameter'
40
38
 
41
39
  def initialize(parameter)
40
+ Inspec.deprecate(:resource_linux_kernel_parameter, 'The `linux_kernel_parameter` resource is deprecated. Please use `kernel_parameter`')
42
41
  super(parameter)
43
42
  end
44
43
 
45
44
  def value
46
- deprecated
45
+ Inspec.deprecate(:resource_linux_kernel_parameter, 'The `linux_kernel_parameter` resource is deprecated. Please use `kernel_parameter`')
47
46
  super()
48
47
  end
49
48
 
50
- def deprecated
51
- warn '[DEPRECATION] `linux_kernel_parameter(parameter)` is deprecated. Please use `kernel_parameter(parameter)` instead.'
52
- end
53
-
54
49
  def to_s
55
50
  "Kernel Parameter #{@parameter}"
56
51
  end
@@ -34,7 +34,7 @@ module Inspec::Resources
34
34
  @user = opts[:user]
35
35
  @password = opts[:password] || opts[:pass]
36
36
  if opts[:pass]
37
- warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
37
+ Inspec.deprecate(:mssql_session_pass_option, 'The mssql_session `pass` option is deprecated. Please use `password`.')
38
38
  end
39
39
  @local_mode = opts[:local_mode]
40
40
  unless local_mode?
@@ -28,7 +28,7 @@ module Inspec::Resources
28
28
  @user = opts[:user]
29
29
  @password = opts[:password] || opts[:pass]
30
30
  if opts[:pass]
31
- warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
31
+ Inspec.deprecate(:oracledb_session_pass_option, 'The oracledb_session `pass` option is deprecated. Please use `password`.')
32
32
  end
33
33
 
34
34
  @host = opts[:host] || 'localhost'
@@ -56,12 +56,8 @@ module Inspec::Resources
56
56
  name 'script'
57
57
 
58
58
  def initialize(script)
59
- deprecated
59
+ Inspec.deprecate(:resource_script, 'The `script` resource is deprecated. Please use `powershell` instead.')
60
60
  super(script)
61
61
  end
62
-
63
- def deprecated
64
- warn '[DEPRECATION] `script(script)` is deprecated. Please use `powershell(script)` instead.'
65
- end
66
62
  end
67
63
  end
@@ -56,7 +56,7 @@ module Inspec::Resources
56
56
  end
57
57
 
58
58
  def list
59
- warn '[DEPRECATION] `processes.list` is deprecated. Please use `processes.entries` instead. It will be removed in version 4.0.'
59
+ Inspec.deprecate(:property_processes_list, 'The processes `list` property is deprecated. Please use `entries` instead.')
60
60
  @list
61
61
  end
62
62
 
@@ -280,18 +280,12 @@ module Inspec::Resources
280
280
  end
281
281
  end
282
282
 
283
- # for compatability with serverspec
284
- # this is deprecated syntax and will be removed in future versions
285
283
  class WindowsRegistryKey < RegistryKey
286
284
  name 'windows_registry_key'
287
285
 
288
286
  def initialize(name)
289
- deprecated
287
+ Inspec.deprecate(:resource_windows_registry_key, 'The `windows_registry_key` resource is deprecated. Please use `registry_key` instead.')
290
288
  super(name)
291
289
  end
292
-
293
- def deprecated
294
- warn '[DEPRECATION] `windows_registry_key(reg_key)` is deprecated. Please use `registry_key(\'path\to\key\')` instead.'
295
- end
296
290
  end
297
291
  end
@@ -91,32 +91,27 @@ module Inspec::Resources
91
91
  # Next 4 are deprecated methods. We define them here so we can emit a deprecation message.
92
92
  # They are also defined on the Table, above.
93
93
  def user(query = nil)
94
- warn '[DEPRECATION] The shadow `user` property is deprecated and will be removed' \
95
- ' in InSpec 3.0. Please use `users` instead.'
94
+ Inspec.deprecate(:properties_shadow, 'The shadow `user` property is deprecated. Please use `users` instead.')
96
95
  query.nil? ? where.users : where('user' => query)
97
96
  end
98
97
 
99
98
  def password(query = nil)
100
- warn '[DEPRECATION] The shadow `password` property is deprecated and will be removed' \
101
- ' in InSpec 3.0. Please use `passwords` instead.'
99
+ Inspec.deprecate(:properties_shadow, 'The shadow `password` property is deprecated. Please use `passwords` instead.')
102
100
  query.nil? ? where.passwords : where('password' => query)
103
101
  end
104
102
 
105
103
  def last_change(query = nil)
106
- warn '[DEPRECATION] The shadow `last_change` property is deprecated and will be removed' \
107
- ' in InSpec 3.0. Please use `last_changes` instead.'
104
+ Inspec.deprecate(:properties_shadow, 'The shadow `last_change` property is deprecated. Please use `last_changes` instead.')
108
105
  query.nil? ? where.last_changes : where('last_change' => query)
109
106
  end
110
107
 
111
108
  def expiry_date(query = nil)
112
- warn '[DEPRECATION] The shadow `expiry_date` property is deprecated and will be removed' \
113
- ' in InSpec 3.0. Please use `expiry_dates` instead.'
109
+ Inspec.deprecate(:properties_shadow, 'The shadow `expiry_date` property is deprecated. Please use `expiry_dates` instead.')
114
110
  query.nil? ? where.expiry_dates : where('expiry_date' => query)
115
111
  end
116
112
 
117
113
  def lines
118
- warn '[DEPRECATION] The shadow `lines` property is deprecated and will be removed' \
119
- ' in InSpec 3.0.'
114
+ Inspec.deprecate(:properties_shadow, 'The shadow `lines` property is deprecated.')
120
115
  shadow_content.to_s.split("\n")
121
116
  end
122
117
 
@@ -213,42 +213,38 @@ module Inspec::Resources
213
213
 
214
214
  # implement 'mindays' method to be compatible with serverspec
215
215
  def minimum_days_between_password_change
216
- deprecated('minimum_days_between_password_change', "Please use: its('mindays')")
216
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.')
217
217
  mindays
218
218
  end
219
219
 
220
220
  # implement 'maxdays' method to be compatible with serverspec
221
221
  def maximum_days_between_password_change
222
- deprecated('maximum_days_between_password_change', "Please use: its('maxdays')")
222
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `maximum_days_between_password_change` property is deprecated. Please use `maxdays`.')
223
223
  maxdays
224
224
  end
225
225
 
226
226
  # implements rspec has matcher, to be compatible with serverspec
227
227
  # @see: https://github.com/rspec/rspec-expectations/blob/master/lib/rspec/matchers/built_in/has.rb
228
228
  def has_uid?(compare_uid)
229
- deprecated('has_uid?')
229
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_uid?` matcher is deprecated.')
230
230
  uid == compare_uid
231
231
  end
232
232
 
233
233
  def has_home_directory?(compare_home)
234
- deprecated('has_home_directory?', "Please use: its('home')")
234
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_home_directory?` matcher is deprecated. Please use `its(\'home\')`.')
235
235
  home == compare_home
236
236
  end
237
237
 
238
238
  def has_login_shell?(compare_shell)
239
- deprecated('has_login_shell?', "Please use: its('shell')")
239
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_login_shell?` matcher is deprecated. Please use `its(\'shell\')`.')
240
240
  shell == compare_shell
241
241
  end
242
242
 
243
243
  def has_authorized_key?(_compare_key)
244
- deprecated('has_authorized_key?')
244
+ Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_authorized_key?` matcher is deprecated. There is no currently implemented alternative')
245
245
  raise NotImplementedError
246
246
  end
247
247
 
248
- def deprecated(name, alternative = nil)
249
- warn "[DEPRECATION] #{name} is deprecated. #{alternative}"
250
- end
251
-
252
248
  def to_s
253
249
  "User #{@username}"
254
250
  end
@@ -26,11 +26,10 @@ module Inspec::Resources
26
26
 
27
27
  def initialize(wmiclass = nil, opts = nil)
28
28
  @options = opts || {}
29
- # if wmiclass is not a hash, we have to handle deprecation behavior
30
29
  if wmiclass.is_a?(Hash)
31
30
  @options.merge!(wmiclass)
32
31
  else
33
- warn '[DEPRECATION] `wmi(\'wmiclass\')` is deprecated. Please use `wmi({class: \'wmiclass\'})` instead.'
32
+ Inspec.deprecate(:wmi_non_hash_usage, 'Using `wmi(\'wmisclass\')` is deprecated. Please use`wmi({class: \'wmisclass\'})`')
34
33
  @options[:class] = wmiclass
35
34
  end
36
35
  end
@@ -18,7 +18,7 @@ module Inspec
18
18
 
19
19
  action = group[:action] || :warn
20
20
  action_method = ('handle_' + action.to_s + '_action').to_sym
21
- send(action_method, assembled_message, group)
21
+ send(action_method, group_name.to_sym, assembled_message, group)
22
22
  end
23
23
 
24
24
  private
@@ -76,7 +76,8 @@ module Inspec
76
76
  false
77
77
  end
78
78
 
79
- def handle_ignore_action(message, _group)
79
+ # Unused args needed for unit test deprecation harness
80
+ def handle_ignore_action(_group_name, message, _group)
80
81
  handle_log_action(message, :debug)
81
82
  end
82
83
 
@@ -91,24 +92,24 @@ module Inspec
91
92
  end
92
93
  end
93
94
 
94
- def handle_warn_action(message, _group)
95
+ def handle_warn_action(_group_name, message, _group)
95
96
  handle_log_action(message, :warn)
96
97
  end
97
98
 
98
- def handle_error_action(message, _group)
99
+ def handle_error_action(_group_name, message, _group)
99
100
  handle_log_action(message, :error)
100
101
  end
101
102
 
102
- def handle_fail_control_action(message, group)
103
+ def handle_fail_control_action(group_name, message, group)
103
104
  if called_from_control?
104
105
  raise Inspec::Exceptions::ResourceFailed, message
105
106
  else
106
- handle_warn_action(message, group)
107
+ handle_warn_action(group_name, message, group)
107
108
  end
108
109
  end
109
110
 
110
- def handle_exit_action(message, group)
111
- handle_error_action(message, group)
111
+ def handle_exit_action(group_name, message, group)
112
+ handle_error_action(group_name, message, group)
112
113
  status = group[:exit_status] || :fatal_deprecation
113
114
  Inspec::UI.new.exit(status)
114
115
  end
@@ -1,7 +1,7 @@
1
1
  require 'utils/deprecation/deprecator'
2
2
 
3
3
  module Inspec
4
- def self.deprecate(group, msg, opts = {})
4
+ def self.deprecate(group, msg = '', opts = {})
5
5
  config_io = opts.delete(:config_io)
6
6
  deprecator = Inspec::Deprecation::Deprecator.new(config_io: config_io)
7
7
  deprecator.handle_deprecation(group, msg, opts)
@@ -88,7 +88,7 @@ module LinuxMountParser
88
88
  # parse options as array
89
89
  mount_options[:options] = mount[5].gsub(/\(|\)/, '').split(',')
90
90
  else
91
- # parse options as serverspec uses it, tbis is deprecated
91
+ Inspec.deprecate(:mount_parser_serverspec_compat, 'Parsing mount options in this fashion is deprecated')
92
92
  mount_options[:options] = {}
93
93
  mount[5].gsub(/\(|\)/, '').split(',').each do |option|
94
94
  name, val = option.split('=')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.9.3
4
+ version: 4.1.4.preview
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-04-15 00:00:00.000000000 Z
11
+ date: 2019-04-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train-core
@@ -16,20 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.5'
20
- - - ">="
21
- - !ruby/object:Gem::Version
22
- version: 1.7.2
19
+ version: '2.0'
23
20
  type: :runtime
24
21
  prerelease: false
25
22
  version_requirements: !ruby/object:Gem::Requirement
26
23
  requirements:
27
24
  - - "~>"
28
25
  - !ruby/object:Gem::Version
29
- version: '1.5'
30
- - - ">="
26
+ version: '2.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: license-acceptance
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '0.2'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
31
39
  - !ruby/object:Gem::Version
32
- version: 1.7.2
40
+ version: '0.2'
33
41
  - !ruby/object:Gem::Dependency
34
42
  name: thor
35
43
  requirement: !ruby/object:Gem::Requirement
@@ -664,14 +672,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
664
672
  requirements:
665
673
  - - ">="
666
674
  - !ruby/object:Gem::Version
667
- version: '2.3'
675
+ version: '2.4'
668
676
  required_rubygems_version: !ruby/object:Gem::Requirement
669
677
  requirements:
670
- - - ">="
678
+ - - ">"
671
679
  - !ruby/object:Gem::Version
672
- version: '0'
680
+ version: 1.3.1
673
681
  requirements: []
674
- rubygems_version: 3.0.3
682
+ rubyforge_project:
683
+ rubygems_version: 2.6.14.3
675
684
  signing_key:
676
685
  specification_version: 4
677
686
  summary: Just InSpec