inspec-core 4.26.13 → 4.28.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/lib/inspec/base_cli.rb +2 -0
- data/lib/inspec/cli.rb +14 -0
- data/lib/inspec/resources/auditd_conf.rb +2 -0
- data/lib/inspec/resources/crontab.rb +8 -2
- data/lib/inspec/runner_rspec.rb +1 -1
- data/lib/inspec/utils/run_data_filters.rb +9 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f7e64d5cc4ef40dc18b0c488e88c804425403123a38ed5bdfbeac8e4e26c4f02
|
|
4
|
+
data.tar.gz: 1b953e8cf39b218bed69e379bb5f03d92ae7bde3f402de1a17bfee2a7c67f58d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f6b97c6cc9e7d23f64a5f5b9666831e6a1577ad164ce3b32a3bff3ce24b628be65f0b60894681aa9d408ce989355d5da946bc87f67ec51ca4679e04be2f0b77
|
|
7
|
+
data.tar.gz: 246ddd83d0af2e3ce069deb932451c0eb905e2e73dc5255b8ce574e862115b03e30cfc92a9cda0611a996d1d00ddb3895a7284cb44aa66677e4fea932bff9d09
|
data/Gemfile
CHANGED
|
@@ -31,7 +31,7 @@ group :test do
|
|
|
31
31
|
gem "chefstyle", "~> 1.7.1"
|
|
32
32
|
gem "concurrent-ruby", "~> 1.0"
|
|
33
33
|
gem "html-proofer", platforms: :ruby # do not attempt to run proofer on windows
|
|
34
|
-
gem "json_schemer", ">= 0.2.1", "< 0.2.
|
|
34
|
+
gem "json_schemer", ">= 0.2.1", "< 0.2.19"
|
|
35
35
|
gem "m"
|
|
36
36
|
gem "minitest-sprint", "~> 1.0"
|
|
37
37
|
gem "minitest", "~> 5.5"
|
data/lib/inspec/base_cli.rb
CHANGED
|
@@ -164,6 +164,8 @@ module Inspec
|
|
|
164
164
|
desc: "Use --no-diff to suppress 'diff' output of failed textual test results."
|
|
165
165
|
option :sort_results_by, type: :string, default: "file", banner: "--sort-results-by=none|control|file|random",
|
|
166
166
|
desc: "After normal execution order, results are sorted by control ID, or by file (default), or randomly. None uses legacy unsorted mode."
|
|
167
|
+
option :filter_empty_profiles, type: :boolean, default: false,
|
|
168
|
+
desc: "Filter empty profiles (profiles without controls) from the report."
|
|
167
169
|
end
|
|
168
170
|
|
|
169
171
|
def self.help(*args)
|
data/lib/inspec/cli.rb
CHANGED
|
@@ -395,6 +395,20 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|
|
395
395
|
end
|
|
396
396
|
map %w{-v --version} => :version
|
|
397
397
|
|
|
398
|
+
desc "clear_cache", "clears the InSpec cache. Useful for debugging."
|
|
399
|
+
option :vendor_cache, type: :string,
|
|
400
|
+
desc: "Use the given path for caching dependencies. (default: ~/.inspec/cache)"
|
|
401
|
+
def clear_cache
|
|
402
|
+
o = config
|
|
403
|
+
configure_logger(o)
|
|
404
|
+
cache_path = o[:vendor_cache] || "~/.inspec/cache"
|
|
405
|
+
FileUtils.rm_r Dir.glob(File.expand_path(cache_path))
|
|
406
|
+
|
|
407
|
+
o[:logger] = Logger.new($stdout)
|
|
408
|
+
o[:logger].level = get_log_level(o[:log_level])
|
|
409
|
+
o[:logger].info "== InSpec cache cleared successfully =="
|
|
410
|
+
end
|
|
411
|
+
|
|
398
412
|
private
|
|
399
413
|
|
|
400
414
|
def run_command(opts)
|
|
@@ -67,8 +67,14 @@ module Inspec::Resources
|
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
def crontab_cmd
|
|
70
|
-
|
|
71
|
-
|
|
70
|
+
if @user.nil?
|
|
71
|
+
"crontab -l"
|
|
72
|
+
elsif inspec.os.aix?
|
|
73
|
+
"crontab -l #{@user}"
|
|
74
|
+
else
|
|
75
|
+
# TODO: the -u scenario needs to be able to do sudo
|
|
76
|
+
"crontab -l -u #{@user}"
|
|
77
|
+
end
|
|
72
78
|
end
|
|
73
79
|
|
|
74
80
|
filter = FilterTable.create
|
data/lib/inspec/runner_rspec.rb
CHANGED
|
@@ -5,7 +5,7 @@ require "matchers/matchers"
|
|
|
5
5
|
require "inspec/rspec_extensions"
|
|
6
6
|
|
|
7
7
|
# There be dragons!! Or borgs, or something...
|
|
8
|
-
# This file and all its contents cannot be unit-tested. both test-
|
|
8
|
+
# This file and all its contents cannot be unit-tested. both test-suites
|
|
9
9
|
# collide and disable all unit tests that have been added.
|
|
10
10
|
|
|
11
11
|
module Inspec
|
|
@@ -13,6 +13,7 @@ module Inspec
|
|
|
13
13
|
def apply_run_data_filters_to_hash
|
|
14
14
|
@config[:runtime_config] = Inspec::Config.cached || {}
|
|
15
15
|
apply_report_resize_options
|
|
16
|
+
filter_empty_profiles
|
|
16
17
|
redact_sensitive_inputs
|
|
17
18
|
suppress_diff_output
|
|
18
19
|
sort_controls
|
|
@@ -36,6 +37,14 @@ module Inspec
|
|
|
36
37
|
end
|
|
37
38
|
end
|
|
38
39
|
|
|
40
|
+
# Filters profiles from report which don't have controls in it.
|
|
41
|
+
def filter_empty_profiles
|
|
42
|
+
runtime_config = @config[:runtime_config]
|
|
43
|
+
if runtime_config[:filter_empty_profiles] && @run_data[:profiles].count > 1
|
|
44
|
+
@run_data[:profiles].delete_if { |p| p[:controls].empty? }
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
39
48
|
# Find any inputs with :sensitive = true and replace their values with "***"
|
|
40
49
|
def redact_sensitive_inputs
|
|
41
50
|
@run_data[:profiles]&.each do |p|
|
data/lib/inspec/version.rb
CHANGED
data/lib/matchers/matchers.rb
CHANGED
|
@@ -287,7 +287,7 @@ RSpec::Matchers.define :cmp do |first_expected| # rubocop:disable Metrics/BlockL
|
|
|
287
287
|
end
|
|
288
288
|
|
|
289
289
|
def format_actual(actual)
|
|
290
|
-
actual = "0%o" % actual if octal?(@expected)
|
|
290
|
+
actual = "0%o" % actual if octal?(@expected) && !actual.nil?
|
|
291
291
|
"\n%s\n got: %s\n\n(compared using `cmp` matcher)\n" % [format_expectation(false), actual]
|
|
292
292
|
end
|
|
293
293
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.28.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef InSpec Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-03-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: chef-telemetry
|