inspec-core 4.29.3 → 4.31.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/inspec/base_cli.rb +5 -0
  3. data/lib/inspec/cli.rb +3 -0
  4. data/lib/inspec/input_registry.rb +1 -0
  5. data/lib/inspec/reporters/cli.rb +1 -1
  6. data/lib/inspec/resources/command.rb +19 -1
  7. data/lib/inspec/utils/filter.rb +8 -2
  8. data/lib/inspec/version.rb +1 -1
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 43aae7e5dcfc25cdce0c7e606c9b6279dc861ad91e7b3bb335efc95600f25b07
4
- data.tar.gz: 52ac9ef28da48806105475b63cfe980fb5ca84951abb2d396fa2527c928e1346
3
+ metadata.gz: de259f902d4d891726e44204083a9fa2ab6b2b7507914036cc1af230e82dbc6b
4
+ data.tar.gz: 16d2ce9dbe236411f8169b378c51bedd5e2fc87ee84429b14de8e7312f6576cd
5
5
  SHA512:
6
- metadata.gz: 46988111aa54016cf1fa7b7be5b1d0d3cb2ab55c5e3d5d795ff45701e828795023e3a271130d71d6885d7f6f98aace1658abb36bc57bd672572faf81f0ae11bd
7
- data.tar.gz: 56a9357b76e233dfbe31e32d10c2904c77045b2685dfdcbc7f7399a4d949dbf50d4469022bb0d6ad3c86ec47083f5cba177584e70378a5c441e2b63bd82aa089
6
+ metadata.gz: 6f6646ab26611a0d49bce5bb8dd927ac678cb1ab032d5c5de055e5e769ef667f4147f4bae82613450c21c9ca0ebcd99302f33741ba51c95094b45714a6f69303
7
+ data.tar.gz: c19721ef5d63cedae91fe69103f7f4ec4237ce4e16ab563895eff655b2ff32ec1ba15daf412cf23ed11966a9d94b5941b5c74ac6ba47c4c209f82a5db1240641
data/lib/inspec/base_cli.rb CHANGED
@@ -120,6 +120,8 @@ module Inspec
120
120
  desc: "Provide a ID which will be included on reports"
121
121
  option :winrm_shell_type, type: :string, default: "powershell",
122
122
  desc: "Specify a shell type for winrm (eg. 'elevated' or 'powershell')"
123
+ option :docker_url, type: :string,
124
+ desc: "Provides path to Docker API endpoint (Docker)"
123
125
  end
124
126
 
125
127
  def self.profile_options
@@ -166,6 +168,9 @@ module Inspec
166
168
  desc: "After normal execution order, results are sorted by control ID, or by file (default), or randomly. None uses legacy unsorted mode."
167
169
  option :filter_empty_profiles, type: :boolean, default: false,
168
170
  desc: "Filter empty profiles (profiles without controls) from the report."
171
+ option :command_timeout, type: :numeric, default: 3600,
172
+ desc: "Maximum seconds to allow commands to run during execution. Default 3600.",
173
+ long_desc: "Maximum seconds to allow commands to run during execution. Default 3600. A timed out command is considered an error."
169
174
  end
170
175
 
171
176
  def self.help(*args)
data/lib/inspec/cli.rb CHANGED
@@ -321,6 +321,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
321
321
  desc: "A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell"
322
322
  option :distinct_exit, type: :boolean, default: true,
323
323
  desc: "Exit with code 100 if any tests fail, and 101 if any are skipped but none failed (default). If disabled, exit 0 on skips and 1 for failures."
324
+ option :command_timeout, type: :numeric, default: 3600,
325
+ desc: "Maximum seconds to allow a command to run. Default 3600.",
326
+ long_desc: "Maximum seconds to allow commands to run. Default 3600. A timed out command is considered an error."
324
327
  option :inspect, type: :boolean, default: false, desc: "Use verbose/debugging output for resources."
325
328
  def shell_func
326
329
  o = config
data/lib/inspec/input_registry.rb CHANGED
@@ -82,6 +82,7 @@ module Inspec
82
82
  def find_or_register_input(input_name, profile_name, options = {})
83
83
  input_name = input_name.to_s
84
84
  profile_name = profile_name.to_s
85
+ options[:event].value = Thor::CoreExt::HashWithIndifferentAccess.new(options[:event].value) if options[:event]&.value.is_a?(Hash)
85
86
 
86
87
  if profile_alias?(profile_name) && !profile_aliases[profile_name].nil?
87
88
  alias_name = profile_name
data/lib/inspec/reporters/cli.rb CHANGED
@@ -170,7 +170,7 @@ module Inspec::Reporters
170
170
  end
171
171
 
172
172
  def all_unique_controls
173
- @unique_controls ||= begin
173
+ @unique_controls ||= begin # rubocop:disable Style/RedundantBegin
174
174
  run_data[:profiles].flat_map do |profile|
175
175
  profile[:controls]
176
176
  end.uniq
data/lib/inspec/resources/command.rb CHANGED
@@ -32,6 +32,16 @@ module Inspec::Resources
32
32
 
33
33
  @command = cmd
34
34
 
35
+ cli_timeout = Inspec::Config.cached["command_timeout"].to_i
36
+ # Can access this via Inspec::InspecCLI.commands["exec"].options[:command_timeout].default,
37
+ # but that may not be loaded for kitchen-inspec and other pure gem consumers
38
+ default_cli_timeout = 3600
39
+ if cli_timeout != default_cli_timeout
40
+ @timeout = cli_timeout
41
+ else
42
+ @timeout = options[:timeout]&.to_i || default_cli_timeout
43
+ end
44
+
35
45
  if options[:redact_regex]
36
46
  unless options[:redact_regex].is_a?(Regexp)
37
47
  # Make sure command is replaced so sensitive output isn't shown
@@ -44,7 +54,15 @@ module Inspec::Resources
44
54
  end
45
55
 
46
56
  def result
47
- @result ||= inspec.backend.run_command(@command)
57
+ @result ||= begin
58
+ inspec.backend.run_command(@command, timeout: @timeout)
59
+ rescue Train::CommandTimeoutReached
60
+ # Without a small sleep, the train connection gets broken
61
+ # We've already timed out, so a small sleep is not likely to be painful here.
62
+ sleep 0.1
63
+ raise Inspec::Exceptions::ResourceFailed,
64
+ "Command `#{@command}` timed out after #{@timeout} seconds"
65
+ end
48
66
  end
49
67
 
50
68
  def stdout
data/lib/inspec/utils/filter.rb CHANGED
@@ -36,14 +36,20 @@ module FilterTable
36
36
  # RSpec will check the object returned to see if it responds to a method
37
37
  # before calling it. We need to fake it out and tell it that it does. This
38
38
  # allows it to skip past that check and fall through to #method_missing
39
- def respond_to?(_method)
39
+ def respond_to?(_method, include_all = false)
40
40
  true
41
41
  end
42
42
 
43
43
  def to_s
44
- @original_resource.to_s
44
+ "#{@original_resource} (#{@original_exception.message})"
45
45
  end
46
46
  alias inspect to_s
47
+
48
+ # Rspec is not able to convert FilterTable::ExceptionCatcher issue https://github.com/inspec/inspec/issues/5369
49
+ # which result into not showing actual exception message this allows to convert it properly.
50
+ def to_ary
51
+ [ to_s ]
52
+ end
47
53
  end
48
54
 
49
55
  class Trace
data/lib/inspec/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Inspec
2
- VERSION = "4.29.3".freeze
2
+ VERSION = "4.31.0".freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.29.3
4
+ version: 4.31.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chef InSpec Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-24 00:00:00.000000000 Z
11
+ date: 2021-04-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-telemetry