inspec-core 4.32.0 → 4.33.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a32d0575d09a6902a6a3fbce06ed7aaf7757e3604039334ecc9aa9adc9830298
-  data.tar.gz: 3df4dd2409d4456c4f42fe666bddd9407c3eadff754f852206bbcd81927967b2
+  metadata.gz: ec42612f75dc95f62517b85b024c039ad15965f7c98dfaecb9494161b9f85611
+  data.tar.gz: 6373b89393e737cacdcb859ca510758afb9ce7e16d89e90d86877205a3d8d335
 SHA512:
-  metadata.gz: 298d75a54ef15d4f880eff7b049d361281511ca3705476550747c4f863ac3d97325fd1796cf99de4af44e179a0003c04db142ed3fda59547cd82dad3a4ec57ca
-  data.tar.gz: 14733ae7b9dbeec40c07654d83a65eed7e2d81dc18b2c9c813de4a99465b13117d0c2dbde25e6b51b26cf275c49cf78ac3eba8a991eb59e6914414f812fe89b2
+  metadata.gz: f1591b7c166d00fe78037f703eb55292384b2c2b13195db150da008b198424177809078db9509054af664f91aca8bae06f93f41939d808263cc78baf0414f29c
+  data.tar.gz: 5124bfc3a8b676bd097efc319233fec94d3fd3739b727e1b92678c7929d280c093c46136b80607f166d164e0bd85586b9ce560e2ebed0eadbd7f35d09bd517b9

data/lib/inspec/base_cli.rb

@@ -168,9 +168,11 @@ module Inspec
         desc: "After normal execution order, results are sorted by control ID, or by file (default), or randomly. None uses legacy unsorted mode."
       option :filter_empty_profiles, type: :boolean, default: false,
         desc: "Filter empty profiles (profiles without controls) from the report."
-      option :command_timeout, type: :numeric, default: 3600,
-        desc: "Maximum seconds to allow commands to run during execution. Default 3600.",
-        long_desc: "Maximum seconds to allow commands to run during execution. Default 3600. A timed out command is considered an error."
+      option :command_timeout, type: :numeric,
+        desc: "Maximum seconds to allow commands to run during execution.",
+        long_desc: "Maximum seconds to allow commands to run during execution. A timed out command is considered an error."
+      option :reporter_include_source, type: :boolean, default: false,
+        desc: "Include full source code of controls in the CLI report"
     end
 
     def self.help(*args)

data/lib/inspec/cli.rb

@@ -321,9 +321,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     desc: "A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell"
   option :distinct_exit, type: :boolean, default: true,
     desc: "Exit with code 100 if any tests fail, and 101 if any are skipped but none failed (default).  If disabled, exit 0 on skips and 1 for failures."
-  option :command_timeout, type: :numeric, default: 3600,
-      desc: "Maximum seconds to allow a command to run. Default 3600.",
-      long_desc: "Maximum seconds to allow commands to run. Default 3600. A timed out command is considered an error."
+  option :command_timeout, type: :numeric,
+      desc: "Maximum seconds to allow a command to run.",
+      long_desc: "Maximum seconds to allow commands to run. A timed out command is considered an error."
   option :inspect, type: :boolean, default: false, desc: "Use verbose/debugging output for resources."
   option :input_file, type: :array,
     desc: "Load one or more input files, a YAML file with values for the shell to use"

data/lib/inspec/reporters/cli.rb

@@ -41,12 +41,14 @@ module Inspec::Reporters
     MULTI_TEST_CONTROL_SUMMARY_MAX_LEN = 60
 
     def render
+      @src_extent_map = {}
       run_data[:profiles].each do |profile|
         if profile[:status] == "skipped"
           platform = run_data[:platform]
           output("Skipping profile: '#{profile[:name]}' on unsupported platform: '#{platform[:name]}/#{platform[:release]}'.")
           next
         end
+        read_control_source(profile)
         @control_count = 0
         output("")
         print_profile_header(profile)
@@ -89,6 +91,7 @@ module Inspec::Reporters
         next if control.results.nil?
 
         output(format_control_header(control))
+        output(format_control_source(control)) if Inspec::Config.cached[:reporter_include_source]
         control.results.each do |result|
           output(format_result(control, result, :standard))
           @control_count += 1
@@ -127,6 +130,62 @@ module Inspec::Reporters
       )
     end
 
+    def format_control_source(control)
+      src = @control_source[control.id]
+      message  = "Control Source from #{src[:path]}:#{src[:start]}..#{src[:end]}\n"
+      message += src[:content]
+      format_message(
+        color: "skipped",
+        indentation: 5,
+        message: message
+      )
+    end
+
+    def read_control_source(profile)
+      return unless Inspec::Config.cached[:reporter_include_source]
+
+      @control_source = {}
+      src_extent_map = {}
+
+      # First pass: build map of paths => ids => [start]
+      all_unique_controls.each do |control|
+        id = control[:id]
+        path = control[:source_location][:ref]
+        start = control[:source_location][:line]
+        next if path.nil? || start.nil?
+
+        src_extent_map[path] ||= []
+        src_extent_map[path] << { start: start, id: id }
+      end
+
+      # Now sort the controls by their starting line in their control file
+      src_extent_map.values.each do |extent_list|
+        extent_list.sort! { |a, b| a[:start] <=> b[:start] }
+      end
+
+      # Third pass: Read in files and split into lines
+      src_extent_map.keys.each do |path|
+        control_file_lines = File.read(path).lines # TODO error handling
+        last_line_in_file = control_file_lines.count
+        extent_list = src_extent_map[path]
+        extent_list.each_with_index do |extent, idx|
+          if idx == extent_list.count - 1 # Last entry
+            extent[:end] = last_line_in_file
+          else
+            extent[:end] = extent_list[idx + 1][:start] - 1
+          end
+
+          @control_source[extent[:id]] =
+            {
+              path: path,
+              start: extent[:start],
+              end: extent[:end],
+              content: control_file_lines.slice(extent[:start] - 1, extent[:end] - extent[:start] + 1).join(""),
+            }
+        end
+      end
+    end
+
     def format_result(control, result, type)
       impact = control.impact_string_for_result(result)
 
@@ -312,6 +371,10 @@ module Inspec::Reporters
         data[:impact]
       end
 
+      def source_location
+        data[:source_location]
+      end
+
       def anonymous?
         id.start_with?("(generated from ")
       end

data/lib/inspec/resources/command.rb

@@ -31,17 +31,11 @@ module Inspec::Resources
       end
 
       @command = cmd
-
-      cli_timeout = Inspec::Config.cached["command_timeout"].to_i
+      cli_timeout = Inspec::Config.cached["command_timeout"]&.to_i
       # Can access this via Inspec::InspecCLI.commands["exec"].options[:command_timeout].default,
       # but that may not be loaded for kitchen-inspec and other pure gem consumers
-      default_cli_timeout = 3600
-      cli_timeout = default_cli_timeout if cli_timeout == 0 # Under test-kitchen we get a 0 timeout, which can't be a resonable value
-      if cli_timeout != default_cli_timeout
-        @timeout = cli_timeout
-      else
-        @timeout = options[:timeout]&.to_i || default_cli_timeout
-      end
+      cli_timeout = nil if cli_timeout == 0 # Under test-kitchen we get a 0 timeout, which can't be a resonable value
+      @timeout = cli_timeout || options[:timeout]&.to_i
 
       if options[:redact_regex]
         unless options[:redact_regex].is_a?(Regexp)

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.32.0".freeze
+  VERSION = "4.33.1".freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 4.32.0
+  version: 4.33.1
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-14 00:00:00.000000000 Z
+date: 2021-04-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry