inspec-core 4.7.24 → 4.10.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d8ebdd6aaafd9ef4f423418a420b3e46658f013f1f95c6117be5d1a19ae9a609
-  data.tar.gz: 8e11217be61503e5f478a30586aad4b9247752f37354caebf7746fa0483da8b0
+  metadata.gz: 431744ec266e2ed0cbde565cc232ee4bb944ff76076d8c10d381c73346796337
+  data.tar.gz: a8a844283829729c5a886a9e324e7fc22b31a986eb25e36c0a01fe7a26fbda78
 SHA512:
-  metadata.gz: c4cee03272408e51c0870fd0dc2fca4e743a94a5d8f2d3f1b4d423540062c1f913c6971526cd3c5f647eb5e6ac617dd9722f6ecd3d4788c49ac5e130b1e022ac
-  data.tar.gz: 269f2962d1011a85f72a80fa3d22ca59bc727cb4d8e197e2bc2bb4bddc1941cc097a59ee2272ed4a104107597a977756be27ceea638bb436ade579fd7a48b066
+  metadata.gz: 3678f2a31c972d7e6e08c3352249ce9bc72b82b7989a1758b70a3bdc41912cc0eb048bd70cc4da0794b929f53aacdfe6227e5defc13aeb3465cc5cc744393a8c
+  data.tar.gz: 5ded1f1c7315194f7ae8a791aea4e21221b524debdc4136fe2e60911b9c050c9e948af0529aca1eff1dcfd1e68a8f3ab17be448b65aab202bf16c789d0e7b4a1

data/README.md

@@ -7,8 +7,7 @@
 For more information on project states and SLAs, see [this documentation](https://github.com/chef/chef-oss-practices/blob/master/repo-management/repo-states.md).
 
 [![Slack](https://community-slack.chef.io/badge.svg)](https://community-slack.chef.io/)
-[![Build Status Master](https://travis-ci.org/inspec/inspec.svg?branch=master)](https://travis-ci.org/inspec/inspec)
-[![Build Status Master](https://ci.appveyor.com/api/projects/status/github/inspec/inspec?branch=master&svg=true&passingText=master%20-%20Ok&pendingText=master%20-%20Pending&failingText=master%20-%20Failing)](https://ci.appveyor.com/project/Chef/inspec/branch/master)
+[![Build status](https://badge.buildkite.com/bf4c5fdc3858cc9f8c8bab8376e8e40d625ad046df9d4d8619.svg?branch=master)](https://buildkite.com/chef-oss/inspec-inspec-master-verify)
 [![Coverage Status](https://coveralls.io/repos/github/inspec/inspec/badge.svg?branch=master)](https://coveralls.io/github/inspec/inspec?branch=master)
 
 Chef InSpec is an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.

data/lib/fetchers/git.rb

@@ -39,28 +39,65 @@ module Fetchers
       @branch = opts[:branch]
       @tag = opts[:tag]
       @ref = opts[:ref]
-      @remote_url = remote_url
+      @remote_url = expand_local_path(remote_url)
       @repo_directory = nil
+      @relative_path = opts[:relative_path] if opts[:relative_path] && !opts[:relative_path].empty?
     end
 
-    def fetch(dir)
-      @repo_directory = dir
-      FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
+    def expand_local_path(url_or_file_path)
+      # This paths to local on-disk repos, not relative paths within repos.
+      # This is especially needed with testing.
+
+      # We could try to do something clever with URI
+      # processing, but then again, if you passed a relative path
+      # to an on-disk repo, you probably expect it to exist.
+      return url_or_file_path unless File.exist?(url_or_file_path)
+      # It's important to expand this path, because it may be specified
+      # locally in the metadata files, and when we clone, we will be
+      # in a temp dir.
+      File.expand_path(url_or_file_path)
+    end
+
+    def fetch(destination_path)
+      @repo_directory = destination_path # Might be the cache, or vendoring, or something else
+      FileUtils.mkdir_p(destination_path) unless Dir.exist?(destination_path)
 
       if cloned?
         checkout
       else
-        Dir.mktmpdir do |tmpdir|
-          checkout(tmpdir)
-          Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
-          FileUtils.cp_r(tmpdir + "/.", @repo_directory)
+        Dir.mktmpdir do |working_dir|
+          checkout(working_dir)
+          if @relative_path
+            perform_relative_path_fetch(destination_path, working_dir)
+          else
+            Inspec::Log.debug("Checkout of #{resolved_ref} successful. " \
+                              "Moving checkout to #{destination_path}")
+            FileUtils.cp_r(working_dir + "/.", destination_path)
+          end
         end
       end
       @repo_directory
     end
 
+    def perform_relative_path_fetch(destination_path, working_dir)
+      Inspec::Log.debug("Checkout of #{resolved_ref} successful. " \
+                        "Moving #{@relative_path} to #{destination_path}")
+      unless File.exist?("#{working_dir}/#{@relative_path}")
+        # Cleanup the destination path - otherwise we'll have an empty dir
+        # in the cache, which is enough to confuse the cache reader
+        # This is a courtesy, assuming we're writing to the cache; if we're
+        # vendoring to something more complex, don't bother.
+        FileUtils.rmdir(destination_path) if Dir.empty?(destination_path)
+
+        raise ArgumentError, "Cannot find relative path '#{@relative_path}' " \
+                             "within profile in git repo specified by '#{@remote_url}'"
+      end
+      FileUtils.cp_r("#{working_dir}/#{@relative_path}", destination_path)
+    end
+
     def cache_key
-      resolved_ref
+      return resolved_ref unless @relative_path
+      OpenSSL::Digest::SHA256.hexdigest(resolved_ref + @relative_path)
     end
 
     def archive_path
@@ -68,7 +105,9 @@ module Fetchers
     end
 
     def resolved_source
-      { git: @remote_url, ref: resolved_ref }
+      source = { git: @remote_url, ref: resolved_ref }
+      source[:relative_path] = @relative_path if @relative_path
+      source
     end
 
     private

data/lib/inspec/cli.rb

@@ -123,36 +123,32 @@ class Inspec::InspecCLI < Inspec::BaseCLI
       puts JSON.generate(result)
     else
       %w{location profile controls timestamp valid}.each do |item|
-        puts format("%-12s %s", item.to_s.capitalize + ":",
-          mark_text(result[:summary][item.to_sym]))
+        prepared_string = format("%-12s %s",
+                                 "#{item.to_s.capitalize} :",
+                                 result[:summary][item.to_sym])
+        ui.plain_line(prepared_string)
       end
       puts
 
       if result[:errors].empty? && result[:warnings].empty?
-        puts "No errors or warnings"
+        ui.plain_line("No errors or warnings")
       else
-        red    = "\033[31m"
-        yellow = "\033[33m"
-        rst    = "\033[0m"
-
         item_msg = lambda { |item|
           pos = [item[:file], item[:line], item[:column]].compact.join(":")
           pos.empty? ? item[:msg] : pos + ": " + item[:msg]
         }
-        result[:errors].each do |item|
-          puts "#{red}  ✖  #{item_msg.call(item)}#{rst}"
-        end
-        result[:warnings].each do |item|
-          puts "#{yellow}  !  #{item_msg.call(item)}#{rst}"
-        end
+
+        result[:errors].each { |item| ui.red " #{Inspec::UI::GLYPHS[:script_x]}  #{item_msg.call(item)}\n" }
+        result[:warnings].each { |item| ui.yellow " !  #{item_msg.call(item)}\n" }
 
         puts
-        puts format("Summary:     %s%d errors%s, %s%d warnings%s",
-          red, result[:errors].length, rst,
-          yellow, result[:warnings].length, rst)
+
+        errors = ui.red("#{result[:errors].length} errors", print: false)
+        warnings = ui.yellow("#{result[:warnings].length} warnings", print: false)
+        ui.plain_line("Summary:     #{errors}, #{warnings}")
       end
     end
-    exit 1 unless result[:summary][:valid]
+    ui.exit Inspec::UI::EXIT_USAGE_ERROR unless result[:summary][:valid]
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -203,11 +199,11 @@ class Inspec::InspecCLI < Inspec::BaseCLI
 
     if result && !o[:ignore_errors] == false
       o[:logger].info "Profile check failed. Please fix the profile before generating an archive."
-      return exit 1
+      return ui.exit Inspec::UI::EXIT_USAGE_ERROR
     end
 
     # generate archive
-    exit 1 unless profile.archive(o)
+    ui.exit Inspec::UI::EXIT_USAGE_ERROR unless profile.archive(o)
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -294,10 +290,10 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     runner = Inspec::Runner.new(o)
     targets.each { |target| runner.add_target(target) }
 
-    exit runner.run
+    ui.exit runner.run
   rescue ArgumentError, RuntimeError, Train::UserError => e
     $stderr.puts e.message
-    exit 1
+    ui.exit Inspec::UI::EXIT_USAGE_ERROR
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -312,12 +308,12 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     if o["format"] == "json"
       puts res.to_json
     else
-      headline("Platform Details")
-      puts Inspec::BaseCLI.format_platform_info(params: res, indent: 0, color: 36)
+      ui.headline("Platform Details")
+      ui.plain Inspec::BaseCLI.format_platform_info(params: res, indent: 0, color: 36)
     end
   rescue ArgumentError, RuntimeError, Train::UserError => e
     $stderr.puts e.message
-    exit 1
+    ui.exit Inspec::UI::EXIT_USAGE_ERROR
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -348,12 +344,12 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     end
 
     run_type, res = run_command(o)
-    exit res unless run_type == :ruby_eval
+    ui.exit res unless run_type == :ruby_eval
 
     # No InSpec tests - just print evaluation output.
     res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if o["reporter"]&.keys&.include?("json")
     puts res
-    exit 0
+    ui.exit Inspec::UI::EXIT_NORMAL
   rescue RuntimeError, Train::UserError => e
     $stderr.puts e.message
   rescue StandardError => e
@@ -385,14 +381,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
       v = { version: Inspec::VERSION }
       puts v.to_json
     else
-      require "inspec/utils/latest_version"
       puts Inspec::VERSION
-      # display outdated version
-      # TODO: remove this. Don't notify of update to a gem when they install omnibus
-      latest = LatestInSpecVersion.new.latest || Inspec::VERSION
-      if Gem::Version.new(Inspec::VERSION) < Gem::Version.new(latest)
-        puts "\nYour version of #{Inspec::Dist::PRODUCT_NAME} is out of date! The latest version is #{latest}."
-      end
     end
   end
   map %w{-v --version} => :version
@@ -470,5 +459,5 @@ rescue Inspec::Plugin::V2::Exception => v2ex
   else
     Inspec::Log.error "Run again with --debug for a stacktrace."
   end
-  exit 2
+  ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
 end

data/lib/inspec/resources/windows_task.rb

@@ -88,6 +88,11 @@ module Inspec::Resources
         return nil
       end
 
+      # If multiple triggers are defined, `schtasks` returns a list.
+      # This merges that list with the latest item taking precedence.
+      # This is the same behavior as `Get-ScheduledTask`.
+      params = params.reduce(:merge) if params.is_a?(Array)
+
       @cache = {
         uri: params["URI"],
         state: params["State"],

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.7.24".freeze
+  VERSION = "4.10.4".freeze
 end

data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb

@@ -64,18 +64,6 @@ module InspecPlugins
           habitat_origin: read_habitat_config["origin"],
         }
         create_file_from_template(plan_file, "plan.sh.erb", vars)
-
-        run_hook_file = File.join(path, "habitat", "hooks", "run")
-        logger.info("Generating a Habitat run hook at #{run_hook_file}...")
-        create_file_from_template(run_hook_file, "hooks/run.erb")
-
-        default_toml = File.join(path, "habitat", "default.toml")
-        logger.info("Generating a Habitat default.toml at #{default_toml}...")
-        create_file_from_template(default_toml, "default.toml.erb")
-
-        config = File.join(path, "habitat", "config", "inspec_exec_config.json")
-        logger.info("Generating #{config} for `#{EXEC_NAME} exec`...")
-        create_file_from_template(config, "config/inspec_exec_config.json.erb")
       end
 
       def upload

data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb

@@ -5,81 +5,4 @@ pkg_deps=(chef/inspec)
 pkg_build_deps=(chef/inspec core/jq-static)
 pkg_svc_user=root
 <%= "pkg_license='#{profile.metadata.params[:license]}'" if profile.metadata.params[:license]%>
-
-do_before() {
-  # Exit with error if not in the directory with 'inspec.yml'.
-  # This can happen if someone does 'hab studio enter' from within the
-  # 'habitat/' directory.
-  if [ ! -f "$PLAN_CONTEXT/../inspec.yml" ]; then
-    message="ERROR: Cannot find inspec.yml."
-    message="$message Please build from the profile root"
-    build_line "$message"
-
-    return 1
-  fi
-
-  # Execute an '<%= Inspec::Dist::EXEC_NAME %> compliance login' if a profile needs to be fetched from
-  # the Automate server
-  if [ "$(grep "compliance: " "$PLAN_CONTEXT/../inspec.yml")" ]; then
-    _do_compliance_login;
-  fi
-}
-
-do_setup_environment() {
-  set_buildtime_env PROFILE_CACHE_DIR "$HAB_CACHE_SRC_PATH/$pkg_dirname"
-  set_buildtime_env ARCHIVE_NAME "$pkg_name-$pkg_version.tar.gz"
-
-  # <%= Inspec::Dist::PRODUCT_NAME %> loads `pry` which tries to expand `~`. This fails if HOME isn't set.
-  set_runtime_env HOME "$pkg_svc_var_path"
-
-  # <%= Inspec::Dist::PRODUCT_NAME %> will create a `.inspec` directory in the user's home directory.
-  # This overrides that to write to a place within the running service's path.
-  # NOTE: Setting HOME does the same currently. This is here to be explicit.
-  set_runtime_env INSPEC_CONFIG_DIR  "$pkg_svc_var_path"
-}
-
-do_unpack() {
-  # Change directory to where the profile files are
-  pushd "$PLAN_CONTEXT/../" > /dev/null
-
-  # Get a list of all files in the profile except those that are Habitat related
-  profile_files=($(ls -I habitat -I results -I "*.hart"))
-
-  mkdir -p "$PROFILE_CACHE_DIR" > /dev/null
-
-  # Copy just the profile files to the profile cache directory
-  cp -r ${profile_files[@]} "$PROFILE_CACHE_DIR"
-}
-
-do_build() {
-  <%= Inspec::Dist::EXEC_NAME %> archive "$PROFILE_CACHE_DIR" \
-                                         --overwrite \
-                                         -o "$PROFILE_CACHE_DIR/$ARCHIVE_NAME"
-}
-
-do_install() {
-  cp "$PROFILE_CACHE_DIR/$ARCHIVE_NAME" "$pkg_prefix"
-}
-
-_do_compliance_login() {
-  if [ -z $COMPLIANCE_CREDS ]; then
-    message="ERROR: Please perform an '<%= Inspec::Dist::EXEC_NAME %> compliance login' and set"
-    message="$message \$HAB_STUDIO_SECRET_COMPLIANCE_CREDS to the contents of"
-    message="$message '~/.inspec/compliance/config.json'"
-    build_line "$message"
-    return 1
-  fi
-
-  user=$(echo $COMPLIANCE_CREDS | jq .user | sed 's/"//g')
-  token=$(echo $COMPLIANCE_CREDS | jq .token | sed 's/"//g')
-  automate_server=$(echo $COMPLIANCE_CREDS | \
-                    jq .server | \
-                    sed 's/\/api\/v0//' | \
-                    sed 's/"//g'
-                   )
-  insecure=$(echo $COMPLIANCE_CREDS | jq .insecure)
-  <%= Inspec::Dist::EXEC_NAME %> compliance login --insecure $insecure \
-                                                  --user $user \
-                                                  --token $token \
-                                                  $automate_server
-}
+pkg_scaffolding="chef/scaffolding-chef-inspec"

data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb

@@ -1,4 +1,3 @@
-require "term/ansicolor"
 require "pathname"
 require "inspec/plugin/v2"
 require "inspec/plugin/v2/installer"
@@ -7,7 +6,6 @@ require "inspec/dist"
 module InspecPlugins
   module PluginManager
     class CliCommand < Inspec.plugin(2, :cli_command)
-      include Term::ANSIColor
       include Inspec::Dist
 
       subcommand_desc "plugin SUBCOMMAND", "Manage #{PRODUCT_NAME} and Train plugins"
@@ -22,15 +20,17 @@ module InspecPlugins
         plugin_statuses = Inspec::Plugin::V2::Registry.instance.plugin_statuses
         plugin_statuses.reject! { |s| %i{core bundle}.include?(s.installation_type) } unless options[:all]
 
-        # TODO: ui object support
         puts
-        puts(bold { format(" %-30s%-10s%-8s%-6s", "Plugin Name", "Version", "Via", "ApiVer") })
-        puts "-" * 55
+        ui.bold(format(" %-30s%-10s%-8s%-6s", "Plugin Name", "Version", "Via", "ApiVer"))
+        ui.line
         plugin_statuses.sort_by(&:name).each do |status|
-          puts(format(" %-30s%-10s%-8s%-6s", status.name, make_pretty_version(status), status.installation_type, status.api_generation.to_s))
+          ui.plain(format(" %-30s%-10s%-8s%-6s", status.name,
+                          make_pretty_version(status),
+                          status.installation_type,
+                          status.api_generation.to_s))
         end
-        puts "-" * 55
-        puts(" #{plugin_statuses.count} plugin(s) total")
+        ui.line
+        ui.plain(" #{plugin_statuses.count} plugin(s) total")
         puts
       end
 
@@ -59,23 +59,22 @@ module InspecPlugins
           search_results.delete("train-test-fixture")
         end
 
-        # TODO: ui object support
         puts
-        puts(bold { format(" %-30s%-50s", "Plugin Name", "Versions Available") })
-        puts "-" * 55
+        ui.bold(format(" %-30s%-50s", "Plugin Name", "Versions Available"))
+        ui.line
         search_results.keys.sort.each do |plugin_name|
           versions = options[:all] ? search_results[plugin_name] : [search_results[plugin_name].first]
           versions = "(" + versions.join(", ") + ")"
-          puts(format(" %-30s%-50s", plugin_name, versions))
+          ui.plain(format(" %-30s%-50s", plugin_name, versions))
         end
-        puts "-" * 55
-        puts(" #{search_results.count} plugin(s) found")
+        ui.line
+        ui.plain(" #{search_results.count} plugin(s) found")
         puts
 
-        exit 2 if search_results.empty?
+        ui.exit Inspec::UI::EXIT_PLUGIN_ERROR if search_results.empty?
       rescue Inspec::Plugin::V2::SearchError => ex
         Inspec::Log.error ex.message
-        exit 1
+        ui.exit Inspec::UI::EXIT_USAGE_ERROR
       end
 
       #==================================================================#
@@ -119,13 +118,14 @@ module InspecPlugins
         begin
           installer.update(plugin_name)
         rescue Inspec::Plugin::V2::UpdateError => ex
-          puts(red { "Update error: " } + ex.message + " - update failed")
-          exit 1
+          ui.plain("#{ui.red('Update error:')} #{ex.message} - update failed")
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
         post_update_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
         new_version = (post_update_versions - pre_update_versions).first
 
-        puts(bold { plugin_name } + " plugin, version #{old_version} -> #{new_version}, updated from rubygems.org")
+        ui.bold(plugin_name + " plugin, version #{old_version} -> " \
+                "#{new_version}, updated from rubygems.org")
       end
 
       #--------------------------
@@ -144,9 +144,9 @@ module InspecPlugins
       def uninstall(plugin_name)
         status = Inspec::Plugin::V2::Registry.instance[plugin_name.to_sym]
         unless status
-          puts(red { "No such plugin installed: " } + "#{plugin_name} is not installed - uninstall failed")
-
-          exit 1
+          ui.plain("#{ui.red('No such plugin installed:')} #{plugin_name} is not " \
+                 "installed - uninstall failed")
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
         installer = Inspec::Plugin::V2::Installer.instance
 
@@ -156,11 +156,13 @@ module InspecPlugins
         installer.uninstall(plugin_name)
 
         if status.installation_type == :path
-          puts(bold { plugin_name } + " path-based plugin install has been uninstalled")
+          ui.bold(plugin_name + " path-based plugin install has been " \
+                  "uninstalled")
         else
-          puts(bold { plugin_name } + " plugin, version #{old_version}, has been uninstalled")
+          ui.bold(plugin_name + " plugin, version #{old_version}, has " \
+                  "been uninstalled")
         end
-        exit 0
+        ui.exit Inspec::UI::EXIT_NORMAL
       end
 
       private
@@ -172,8 +174,8 @@ module InspecPlugins
 
       def install_from_gemfile(gem_file)
         unless File.exist? gem_file
-          puts(red { "No such plugin gem file " } + gem_file + " - installation failed.")
-          exit 1
+          ui.red("No such plugin gem file #{gem_file} - installation failed.")
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
 
         plugin_name_parts = File.basename(gem_file, ".gem").split("-")
@@ -183,14 +185,15 @@ module InspecPlugins
 
         installer.install(plugin_name, gem_file: gem_file)
 
-        puts(bold { plugin_name } + " plugin, version #{version}, installed from local .gem file")
-        exit 0
+        ui.bold("#{plugin_name} plugin, version #{version}, installed from " \
+                "local .gem file")
+        ui.exit Inspec::UI::EXIT_NORMAL
       end
 
       def install_from_path(path)
         unless File.exist? path
-          puts(red { "No such source code path " } + path + " - installation failed.")
-          exit 1
+          ui.red("No such source code path #{path} - installation failed.")
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
 
         plugin_name = File.basename(path, ".rb")
@@ -204,8 +207,10 @@ module InspecPlugins
 
         # Already installed?
         if registry.known_plugin?(plugin_name.to_sym)
-          puts(red { "Plugin already installed" } + " - #{plugin_name} - Use '#{EXEC_NAME} plugin list' to see previously installed plugin - installation failed.")
-          exit 2
+          ui.red("Plugin already installed - #{plugin_name} - Use '#{EXEC_NAME} " \
+                 "plugin list' to see previously installed plugin - " \
+                 "installation failed.")
+          ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
         end
 
         # Can we figure out how to load it?
@@ -217,8 +222,9 @@ module InspecPlugins
         # OK, install it!
         installer.install(plugin_name, path: entry_point)
 
-        puts(bold { plugin_name } + " plugin installed via source path reference, resolved to entry point " + entry_point)
-        exit 0
+        ui.bold("#{plugin_name} plugin installed via source path reference, " \
+                "resolved to entry point #{entry_point}")
+        ui.exit Inspec::UI::EXIT_NORMAL
       end
 
       # Rationale for rubocop variances: It's a heuristics method, and will be full of
@@ -229,6 +235,7 @@ module InspecPlugins
         given = given.expand_path # Resolve any relative paths
         name_regex = /^(inspec|train)-/
         versioned_regex = /^(inspec|train)-[a-z0-9\-\_]+-\d+\.\d+\.\d+$/
+        sha_ref_regex = /^(inspec|train)-[a-z0-9\-\_]+-[0-9a-f]{5,40}$/
 
         # What are the last four things like?
         parts = [
@@ -257,14 +264,14 @@ module InspecPlugins
         # In that case, we'll have a version on the plugin name in part 0
         # /home/you/.gems/2.4.0/gems/inspec-something-3.45.1/lib/inspec-something.rb
         #   parts index:                     ^0^             ^1^      ^2^         ^3^
-        if parts[0] =~ versioned_regex && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3] == ".rb"
+        if (parts[0] =~ versioned_regex || parts[0] =~ sha_ref_regex) && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3] == ".rb"
           return given.to_s
         end
 
         # Case 4: Like case 3, but missing the .rb
         # /home/you/.gems/2.4.0/gems/inspec-something-3.45.1/lib/inspec-something
         #   parts index:                     ^0^             ^1^      ^2^         ^3^ (empty)
-        if parts[0] =~ versioned_regex && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3].empty?
+        if (parts[0] =~ versioned_regex || parts[0] =~ sha_ref_regex) && parts[1] == "lib" && parts[0].start_with?(parts[2]) && parts[3].empty?
           return given.to_s + ".rb"
         end
 
@@ -279,8 +286,10 @@ module InspecPlugins
 
         # Well, if we got here, parts[2] matches an inspec/train prefix, but we have no idea about anything.
         # Give up.
-        puts(red { "Unrecognizable plugin structure" } + " - #{parts[2]} - When installing from a path, please provide the path of the entry point file - installation failed.")
-        exit 1
+        ui.red("Unrecognizable plugin structure - #{parts[2]} - When " \
+               "installing from a path, please provide the path of the " \
+               "entry point file - installation failed.")
+        ui.exit Inspec::UI::EXIT_USAGE_ERROR
       end
 
       def install_from_path__probe_load(entry_point, plugin_name)
@@ -288,9 +297,11 @@ module InspecPlugins
         begin
           require entry_point
         rescue LoadError => ex
-          puts(red { "Plugin contains errors" } + " - #{plugin_name} - Encountered errors while trying to test load the plugin entry point, resolved to #{entry_point} - installation failed")
-          puts ex.message
-          exit 1
+          ui.red("Plugin contains errors - #{plugin_name} - Encountered " \
+                 "errors while trying to test load the plugin entry point, " \
+                 "resolved to #{entry_point} - installation failed")
+          ui.plain ex.message
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
 
         # OK, the wheels didn't fall off.  But is it a plugin?
@@ -299,13 +310,19 @@ module InspecPlugins
           # And the registry is keyed on Strings
           registry_key = plugin_name.to_s.sub(/^train-/, "")
           unless Train::Plugins.registry.key?(registry_key)
-            puts(red { "Does not appear to be a plugin" } + " - #{plugin_name} - After probe-loading the supposed plugin, it did not register itself to Train. Ensure something inherits from 'Train.plugin(1)' - installation failed.")
-            exit 1
+            ui.red("Does not appear to be a plugin - #{plugin_name} - After " \
+                   "probe-loading the supposed plugin, it did not register " \
+                   "itself to Train. Ensure something inherits from " \
+                   "'Train.plugin(1)' - installation failed.")
+            ui.exit Inspec::UI::EXIT_USAGE_ERROR
           end
         else
           unless registry.known_plugin?(plugin_name.to_sym)
-            puts(red { "Does not appear to be a plugin" } + " - #{plugin_name} - After probe-loading the supposed plugin, it did not register itself to InSpec. Ensure something inherits from 'Inspec.plugin(2)' - installation failed.")
-            exit 1
+            ui.red("Does not appear to be a plugin - #{plugin_name} - After " \
+                   "probe-loading the supposed plugin, it did not register " \
+                   "itself to InSpec. Ensure something inherits from " \
+                   "'Inspec.plugin(2)' - installation failed.")
+            ui.exit Inspec::UI::EXIT_USAGE_ERROR
           end
         end
       end
@@ -325,8 +342,9 @@ module InspecPlugins
         post_installed_versions = installer.list_installed_plugin_gems.select { |spec| spec.name == plugin_name }.map { |spec| spec.version.to_s }
         new_version = (post_installed_versions - pre_installed_versions).first
 
-        puts(bold { plugin_name } + " plugin, version #{new_version}, installed from rubygems.org")
-        exit 0
+        ui.bold("#{plugin_name} plugin, version #{new_version}, installed " \
+                "from rubygems.org")
+        ui.exit Inspec::UI::EXIT_NORMAL
       end
 
       def install_from_remote_gem_verson_preflight_check(plugin_name, requested_version, pre_installed_versions)
@@ -348,38 +366,50 @@ module InspecPlugins
         they_explicitly_asked_for_a_version = !options[:version].nil?
         what_we_would_install_is_already_installed = pre_installed_versions.include?(requested_version)
         if what_we_would_install_is_already_installed && they_explicitly_asked_for_a_version
-          puts(red { "Plugin already installed at requested version" } + " - plugin #{plugin_name} #{requested_version} - refusing to install.")
+          ui.red("Plugin already installed at requested version - plugin " \
+                 "#{plugin_name} #{requested_version} - refusing to install.")
         elsif what_we_would_install_is_already_installed && !they_explicitly_asked_for_a_version
-          puts(red { "Plugin already installed at latest version" } + " - plugin #{plugin_name} #{requested_version} - refusing to install.")
+          ui.red("Plugin already installed at latest version - plugin " \
+                 "#{plugin_name} #{requested_version} - refusing to install.")
         else
           # There are existing versions installed, but none of them are what was requested
-          puts(red { "Update required" } + " - plugin #{plugin_name}, requested #{requested_version}, have #{pre_installed_versions.join(", ")}; use `inspec plugin update` - refusing to install.")
+          ui.red("Update required - plugin #{plugin_name}, requested " \
+                 "#{requested_version}, have " \
+                 "#{pre_installed_versions.join(', ')}; use `inspec " \
+                 "plugin update` - refusing to install.")
         end
 
-        exit 2
+        ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
       end
 
       # Rationale for RuboCop variance: This is a one-line method with heavy UX-focused error handling.
       def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
         installer.install(plugin_name, version: options[:version])
       rescue Inspec::Plugin::V2::PluginExcludedError => ex
-        puts(red { "Plugin on Exclusion List" } + " - #{plugin_name} is listed as an incompatible gem - refusing to install.")
-        puts "Rationale: #{ex.details.rationale}"
-        puts "Exclusion list location: " + File.join(Inspec.src_root, "etc", "plugin_filters.json")
-        puts "If you disagree with this determination, please accept our apologies for the misunderstanding, and open an issue at https://github.com/inspec/inspec/issues/new"
-        exit 2
+        ui.red("Plugin on Exclusion List - #{plugin_name} is listed as an " \
+               "incompatible gem - refusing to install.")
+        ui.plain("Rationale: #{ex.details.rationale}")
+        ui.plain("Exclusion list location: " +
+                 File.join(Inspec.src_root, "etc", "plugin_filters.json"))
+        ui.plain("If you disagree with this determination, please accept " \
+                 "our apologies for the misunderstanding, and open an issue " \
+                 "at https://github.com/inspec/inspec/issues/new")
+        ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
       rescue Inspec::Plugin::V2::InstallError
         raise if Inspec::Log.level == :debug
 
         results = installer.search(plugin_name, exact: true)
         if results.empty?
-          puts(red { "No such plugin gem " } + plugin_name + " could be found on rubygems.org - installation failed.")
+          ui.red("No such plugin gem #{plugin_name} could be found on " \
+                 "rubygems.org - installation failed.")
         elsif options[:version] && !results[plugin_name].include?(options[:version])
-          puts(red { "No such version" } + " - " + plugin_name + " exists, but no such version #{options[:version]} found on rubygems.org - installation failed.")
+          ui.red("No such version - #{plugin_name} exists, but no such " \
+                 "version #{options[:version]} found on rubygems.org - " \
+                 "installation failed.")
         else
-          puts(red { "Unknown error occured " } + " - installation failed.")
+          ui.red("Unknown error occured - installation failed.")
         end
-        exit 1
+        ui.exit Inspec::UI::EXIT_USAGE_ERROR
       end
 
       #==================================================================#
@@ -390,11 +420,14 @@ module InspecPlugins
           # Check for path install
           status = Inspec::Plugin::V2::Registry.instance[plugin_name.to_sym]
           if !status
-            puts(red { "No such plugin installed: " } + "#{plugin_name} - update failed")
-            exit 1
+            ui.plain("#{ui.red('No such plugin installed:')} #{plugin_name} - update failed")
+            ui.exit Inspec::UI::EXIT_USAGE_ERROR
           elsif status.installation_type == :path
-            puts(red { "Cannot update path-based install: " } + "#{plugin_name} is installed via path reference; use `inspec plugin uninstall` to remove - refusing to update")
-            exit 2
+            ui.plain("#{ui.red('Cannot update path-based install:')} " \
+                   "#{plugin_name} is installed via path reference; " \
+                   "use `inspec plugin uninstall` to remove - refusing to" \
+                   "update")
+            ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
           end
         end
 
@@ -403,8 +436,10 @@ module InspecPlugins
         latest_version = latest_version[plugin_name]&.last
 
         if pre_update_versions.include?(latest_version)
-          puts(red { "Already installed at latest version: " } + "#{plugin_name} is at #{latest_version}, which the latest - refusing to update")
-          exit 2
+          ui.plain("#{ui.red('Already installed at latest version:')} " \
+                   "#{plugin_name} is at #{latest_version}, which the " \
+                   "latest - refusing to update")
+          ui.exit Inspec::UI::EXIT_PLUGIN_ERROR
         end
       end
 
@@ -421,8 +456,10 @@ module InspecPlugins
 
       def check_plugin_name(plugin_name, action)
         unless plugin_name =~ /^(inspec|train)-/
-          puts(red { "Invalid plugin name" } + " - #{plugin_name} - All inspec plugins must begin with either 'inspec-' or 'train-' - #{action} failed.")
-          exit 1
+          ui.red("Invalid plugin name - #{plugin_name} - All inspec " \
+                 "plugins must begin with either 'inspec-' or 'train-' " \
+                 "- #{action} failed.")
+          ui.exit Inspec::UI::EXIT_USAGE_ERROR
         end
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 4.7.24
+  version: 4.10.4
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-25 00:00:00.000000000 Z
+date: 2019-08-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train-core
@@ -598,7 +598,6 @@ files:
 - lib/inspec/utils/find_files.rb
 - lib/inspec/utils/hash.rb
 - lib/inspec/utils/json_log.rb
-- lib/inspec/utils/latest_version.rb
 - lib/inspec/utils/modulator.rb
 - lib/inspec/utils/nginx_parser.rb
 - lib/inspec/utils/object_traversal.rb
@@ -633,9 +632,6 @@ files:
 - lib/plugins/inspec-habitat/lib/inspec-habitat.rb
 - lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb
 - lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb
-- lib/plugins/inspec-habitat/templates/habitat/config/inspec_exec_config.json.erb
-- lib/plugins/inspec-habitat/templates/habitat/default.toml.erb
-- lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb
 - lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb
 - lib/plugins/inspec-init/README.md
 - lib/plugins/inspec-init/lib/inspec-init.rb

data/lib/inspec/utils/latest_version.rb

@@ -1,13 +0,0 @@
-require "json"
-require "open-uri"
-
-class LatestInSpecVersion
-  # fetches the latest version from rubygems server
-  def latest
-    uri = URI("https://rubygems.org/api/v1/gems/inspec.json")
-    inspec_info = JSON.parse(uri.read(open_timeout: 1.5, read_timeout: 1.5))
-    inspec_info["version"]
-  rescue StandardError
-    nil
-  end
-end

data/lib/plugins/inspec-habitat/templates/habitat/config/inspec_exec_config.json.erb

@@ -1,25 +0,0 @@
-{
-  "target_id": "{{ sys.member_id }}",
-  "reporter": {
-    "cli": {
-      "stdout": {{cfg.report_to_stdout}}
-    },
-    "json": {
-      "file": "{{pkg.svc_path}}/logs/inspec_last_run.json"
-    }{{#if cfg.automate.token ~}},
-    "automate" : {
-      "url": "{{cfg.automate.url}}/data-collector/v0/",
-      "token": "{{cfg.automate.token}}",
-      "node_name": "{{ sys.hostname }}",
-      "verify_ssl": false
-    }{{/if ~}}
-  }
-  {{#if cfg.automate.token }},
-  "compliance": {
-   "server" : "{{cfg.automate.url}}",
-   "token" : "{{cfg.automate.token}}",
-   "user" : "{{cfg.automate.user}}",
-   "insecure" : true,
-   "ent" : "automate"
-  }{{/if }}
-}

data/lib/plugins/inspec-habitat/templates/habitat/default.toml.erb

@@ -1,9 +0,0 @@
-interval = 300
-report_to_stdout = true
-
-# Uncomment and replace values to report to Automate.
-# This can also be applied at runtime via `hab config apply`
-#[automate]
-#url = 'https://chef-automate.test'
-#token = 'TOKEN'
-#user = 'admin'

data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb

@@ -1,32 +0,0 @@
-#!/bin/sh
-
-exec 2>&1
-
-CONFIG="{{pkg.svc_config_path}}/inspec_exec_config.json"
-INTERVAL="{{cfg.interval}}"
-LOG_FILE="{{pkg.svc_path}}/logs/inspec_log.txt"
-PROFILE_IDENT="{{pkg.origin}}/{{pkg.name}}"
-PROFILE_PATH="{{pkg.path}}/{{pkg.name}}-{{pkg.version}}.tar.gz"
-
-while true; do
-  echo "Executing ${PROFILE_IDENT}"
-  exec <%= Inspec::Dist::EXEC_NAME %> exec ${PROFILE_PATH} --json-config ${CONFIG} 2>&1 | tee ${LOG_FILE}
-
-  exit_code=$?
-  if [ $exit_code -eq 1 ]; then
-    echo "<%= Inspec::Dist::PRODUCT_NAME %> run failed."
-  else
-    echo "<%= Inspec::Dist::PRODUCT_NAME %> run completed successfully."
-    if [ $exit_code -eq 0 ]; then
-      echo "No controls failed or were skipped."
-    elif [ $exit_code -eq 100 ]; then
-      echo "At least 1 control failed."
-    elif [ $exit_code -eq 101 ]; then
-      echo "No controls failed but at least 1 skipped."
-    fi
-  fi
-  echo "Results are logged here: ${LOG_FILE}"
-
-  echo "Sleeping for ${INTERVAL} seconds"
-  sleep ${INTERVAL}
-done