inspec-core 4.37.0 → 4.37.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/lib/inspec/fetcher/local.rb +1 -1
  4. data/lib/inspec/resources/http.rb +1 -1
  5. data/lib/inspec/resources/mssql_session.rb +1 -1
  6. data/lib/inspec/resources/mysql_session.rb +1 -1
  7. data/lib/inspec/resources/pip.rb +1 -1
  8. data/lib/inspec/resources/registry_key.rb +1 -1
  9. data/lib/inspec/resources/users.rb +1 -1
  10. data/lib/inspec/resources/windows_feature.rb +2 -1
  11. data/lib/inspec/runner.rb +1 -1
  12. data/lib/inspec/utils/erlang_parser.rb +2 -2
  13. data/lib/inspec/utils/filter.rb +7 -7
  14. data/lib/inspec/utils/nginx_parser.rb +3 -3
  15. data/lib/inspec/version.rb +1 -1
  16. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +17 -0
  17. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +21 -6
  18. data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +2 -3
  19. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 65d5a9d62e8e76b31b944e42f4ae6fc1784e3823fa578ce8ee439a2270a80816
4
- data.tar.gz: 1aa950d1012bd41e061cc58e5693003d9197749c3798d3fb7d50b434c33c13de
3
+ metadata.gz: d915bf11e35804382285502f46a3a37b35017a10ab34c4e2f78d7420b0e3f589
4
+ data.tar.gz: b85a4f9cda0e1da7461b6d23248e935ceb6fbb2d9028f5bd9eec0683426c1ec3
5
5
  SHA512:
6
- metadata.gz: 69e11bec35bfef9ccd66679c4c04a65afe7b8e2acb4f20ab1f2643ee594961148b269a21e4e84996053a5d18ae96120063f1cbfe634831488b8b830cb22b9942
7
- data.tar.gz: 0476cf2df46ae81d3dd0a797d39190425ef28eeb7d8c36c3157d68d7ae658b1922f02251948fce8e5f2a48305f5c9e6ff520bc39a532e655b7f32284c7c67b46
6
+ metadata.gz: e1925d3c20bcd18a711dfa9d2df7ff98bd522b4afd3fbc8f4c5bc16648e60101fd6984a5a3d4bebf568b2993ec29ecae1ca58380e8d1a5bb55498f335dd144ff
7
+ data.tar.gz: da6f422af63ddfa51d96b945cc8d34d0bc67d26557114367406108ff43bada35a2c9dd83e4c0c29081cb3a29fe6c545fcd7cf1e8a8d8a4618da1058b6e562883
data/Gemfile CHANGED
@@ -28,7 +28,7 @@ group :omnibus do
28
28
  end
29
29
 
30
30
  group :test do
31
- gem "chefstyle", "~> 1.7.1"
31
+ gem "chefstyle", "~> 2.0.3"
32
32
  gem "concurrent-ruby", "~> 1.0"
33
33
  gem "html-proofer", platforms: :ruby # do not attempt to run proofer on windows
34
34
  gem "json_schemer", ">= 0.2.1", "< 0.2.19"
data/lib/inspec/fetcher/local.rb CHANGED
@@ -31,7 +31,7 @@ module Inspec::Fetcher
31
31
  target = target.gsub(%r{^file://}, "")
32
32
  else
33
33
  # support for windows paths
34
- target = target.tr('\\', "/")
34
+ target = target.tr("\\", "/")
35
35
  end
36
36
 
37
37
  target if File.exist?(File.expand_path(target))
data/lib/inspec/resources/http.rb CHANGED
@@ -56,7 +56,7 @@ module Inspec::Resources
56
56
  end
57
57
 
58
58
  def body
59
- @worker.body
59
+ @worker.body&.force_encoding(Encoding::UTF_8)
60
60
  end
61
61
 
62
62
  def http_method
data/lib/inspec/resources/mssql_session.rb CHANGED
@@ -58,7 +58,7 @@ module Inspec::Resources
58
58
  end
59
59
 
60
60
  def query(q) # rubocop:disable Metrics/PerceivedComplexity
61
- escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '""').gsub(/\$/, '\\$')
61
+ escaped_query = q.gsub(/\\/, "\\\\").gsub(/"/, '""').gsub(/\$/, '\\$')
62
62
  # surpress 'x rows affected' in SQLCMD with 'set nocount on;'
63
63
  cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
64
64
  cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
data/lib/inspec/resources/mysql_session.rb CHANGED
@@ -75,7 +75,7 @@ module Inspec::Resources
75
75
  def create_mysql_cmd(q, db = "")
76
76
  # TODO: simple escape, must be handled by a library
77
77
  # that does this securely
78
- escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
78
+ escaped_query = q.gsub(/\\/, "\\\\").gsub(/"/, '\\"').gsub(/\$/, '\\$')
79
79
 
80
80
  # construct the query
81
81
  command = "mysql"
data/lib/inspec/resources/pip.rb CHANGED
@@ -117,7 +117,7 @@ module Inspec::Resources
117
117
  if defined?(windows_paths["Python"]) && pipcmd.nil?
118
118
  return nil if windows_paths["Pip"].nil?
119
119
 
120
- pipdir = windows_paths["Python"].split('\\')
120
+ pipdir = windows_paths["Python"].split("\\")
121
121
  # remove python.exe
122
122
  pipdir.pop
123
123
  pipcmd = pipdir.push("Scripts").push("pip.exe").join("/")
data/lib/inspec/resources/registry_key.rb CHANGED
@@ -281,7 +281,7 @@ module Inspec::Resources
281
281
  key = @options[:key]
282
282
  return "" unless key
283
283
 
284
- key.start_with?('\\') ? key : "\\#{key}"
284
+ key.start_with?("\\") ? key : "\\#{key}"
285
285
  end
286
286
  end
287
287
 
data/lib/inspec/resources/users.rb CHANGED
@@ -611,7 +611,7 @@ module Inspec::Resources
611
611
  # @see https://msdn.microsoft.com/en-us/library/aa394153(v=vs.85).aspx
612
612
  class WindowsUser < UserInfo
613
613
  def parse_windows_account(username)
614
- account = username.split('\\')
614
+ account = username.split("\\")
615
615
  name = account.pop
616
616
  domain = account.pop unless account.empty?
617
617
  [name, domain]
data/lib/inspec/resources/windows_feature.rb CHANGED
@@ -79,10 +79,11 @@ module Inspec::Resources
79
79
  result = cmd.stdout
80
80
  feature_name_regex = /Feature Name : (.*)(\r\n|\n)/
81
81
  description_regex = /Description : (.*)(\r\n|\n)/
82
+ state_regex = /State : (.*)(\r\n|\n)/
82
83
  feature_info = {
83
84
  name: result.match(feature_name_regex).captures[0].chomp,
84
85
  description: result.match(description_regex).captures[0].chomp,
85
- installed: true,
86
+ installed: result.match(state_regex).captures[0].chomp == 'Enabled',
86
87
  }
87
88
  end
88
89
 
data/lib/inspec/runner.rb CHANGED
@@ -243,7 +243,7 @@ module Inspec
243
243
  # to provide access to local profiles that add resources.
244
244
  @depends.each do |dep|
245
245
  # support for windows paths
246
- dep = dep.tr('\\', "/")
246
+ dep = dep.tr("\\", "/")
247
247
  Inspec::Profile.for_path(dep, { profile_context: ctx }).load_libraries
248
248
  end
249
249
 
data/lib/inspec/utils/erlang_parser.rb CHANGED
@@ -52,13 +52,13 @@ class ErlangParser < Parslet::Parser
52
52
 
53
53
  rule(:stringS) do
54
54
  str("'") >> (
55
- str('\\') >> any | str("'").absent? >> any
55
+ str("\\") >> any | str("'").absent? >> any
56
56
  ).repeat.as(:string) >> str("'") >> filler?
57
57
  end
58
58
 
59
59
  rule(:stringD) do
60
60
  str('"') >> (
61
- str('\\') >> any | str('"').absent? >> any
61
+ str("\\") >> any | str('"').absent? >> any
62
62
  ).repeat.as(:string) >> str('"') >> filler?
63
63
  end
64
64
 
data/lib/inspec/utils/filter.rb CHANGED
@@ -375,13 +375,13 @@ module FilterTable
375
375
  methods_to_install_on_resource_class = @filter_methods + @custom_properties.keys
376
376
  methods_to_install_on_resource_class.each do |method_name|
377
377
  resource_class.send(:define_method, method_name) do |*args, &block|
378
- begin
379
- # self here is the resource instance
380
- filter_table_instance = table_class.new(self, send(raw_data_fetcher_method_name), " with")
381
- filter_table_instance.send(method_name, *args, &block)
382
- rescue Inspec::Exceptions::ResourceFailed, Inspec::Exceptions::ResourceSkipped => e
383
- FilterTable::ExceptionCatcher.new(resource_class, e)
384
- end
378
+
379
+ # self here is the resource instance
380
+ filter_table_instance = table_class.new(self, send(raw_data_fetcher_method_name), " with")
381
+ filter_table_instance.send(method_name, *args, &block)
382
+ rescue Inspec::Exceptions::ResourceFailed, Inspec::Exceptions::ResourceSkipped => e
383
+ FilterTable::ExceptionCatcher.new(resource_class, e)
384
+
385
385
  end
386
386
  end
387
387
  end
data/lib/inspec/utils/nginx_parser.rb CHANGED
@@ -31,19 +31,19 @@ class NginxParser < Parslet::Parser
31
31
 
32
32
  rule(:standard_value) do
33
33
  ((match(/[#;{'"]/).absent? >> any) >> (
34
- str('\\') >> any | match('[#;{]|\s').absent? >> any
34
+ str("\\") >> any | match('[#;{]|\s').absent? >> any
35
35
  ).repeat).as(:value) >> space.repeat
36
36
  end
37
37
 
38
38
  rule(:single_quoted_value) do
39
39
  str("'") >> (
40
- str('\\') >> any | str("'").absent? >> any
40
+ str("\\") >> any | str("'").absent? >> any
41
41
  ).repeat.as(:value) >> str("'") >> space.repeat
42
42
  end
43
43
 
44
44
  rule(:double_quoted_value) do
45
45
  str('"') >> (
46
- str('\\') >> any | str('"').absent? >> any
46
+ str("\\") >> any | str('"').absent? >> any
47
47
  ).repeat.as(:value) >> str('"') >> space.repeat
48
48
  end
49
49
 
data/lib/inspec/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Inspec
2
- VERSION = "4.37.0".freeze
2
+ VERSION = "4.37.8".freeze
3
3
  end
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb CHANGED
@@ -170,6 +170,23 @@ module InspecPlugins
170
170
  [success, msg, access_token]
171
171
  end
172
172
 
173
+ # Use API access token to validate login using version API
174
+ def self.authenticate_login_using_version_api(url, api_token, insecure)
175
+ uri = URI.parse("#{url}/version")
176
+ req = Net::HTTP::Get.new(uri.path)
177
+ req["api-token"] = api_token
178
+ response = InspecPlugins::Compliance::HTTP.send_request(uri, req, insecure)
179
+
180
+ if response.code == "200"
181
+ msg = "Successfully Logged In"
182
+ success = true
183
+ else
184
+ success = false
185
+ msg = "Failed to authenticate to #{url} \n\Response code: #{response.code}\nBody: #{response.body}"
186
+ end
187
+ [success, msg]
188
+ end
189
+
173
190
  # Use username and password to get an API access token
174
191
  def self.get_token_via_password(url, username, password, insecure)
175
192
  uri = URI.parse("#{url}/login")
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb CHANGED
@@ -33,7 +33,8 @@ module InspecPlugins
33
33
 
34
34
  options["url"] = options["server"] + "/api/v0"
35
35
  token = options["dctoken"] || options["token"]
36
- store_access_token(options, token)
36
+ success, msg = API::Login.authenticate_login(options)
37
+ success ? store_access_token(options, token) : msg
37
38
  end
38
39
 
39
40
  def self.store_access_token(options, token)
@@ -52,7 +53,7 @@ module InspecPlugins
52
53
  config["version"] = "0"
53
54
 
54
55
  config.store
55
- config
56
+ API::Login.configuration_stored_message(config)
56
57
  end
57
58
 
58
59
  def self.verify_thor_options(o)
@@ -74,7 +75,8 @@ module InspecPlugins
74
75
 
75
76
  options["url"] = options["server"] + "/compliance"
76
77
  token = options["dctoken"] || options["token"]
77
- store_access_token(options, token)
78
+ success, msg = API::Login.authenticate_login(options)
79
+ success ? store_access_token(options, token) : msg
78
80
  end
79
81
 
80
82
  def self.store_access_token(options, token)
@@ -99,7 +101,7 @@ module InspecPlugins
99
101
  config["version"] = InspecPlugins::Compliance::API.version(config)
100
102
 
101
103
  config.store
102
- config
104
+ API::Login.configuration_stored_message(config)
103
105
  end
104
106
 
105
107
  # Automate login requires `--ent`, `--user`, and either `--token` or `--dctoken`
@@ -126,7 +128,8 @@ module InspecPlugins
126
128
  options["url"] = options["server"] + "/api"
127
129
 
128
130
  if options["user"] && options["token"]
129
- compliance_store_access_token(options, options["token"])
131
+ success, msg = API::Login.authenticate_login(options)
132
+ success ? compliance_store_access_token(options, options["token"]) : msg
130
133
  elsif options["user"] && options["password"]
131
134
  compliance_login_user_pass(options)
132
135
  elsif options["refresh_token"]
@@ -171,7 +174,7 @@ module InspecPlugins
171
174
  config["version"] = InspecPlugins::Compliance::API.version(config)
172
175
 
173
176
  config.store
174
- config
177
+ API::Login.configuration_stored_message(config)
175
178
  end
176
179
 
177
180
  # Compliance login requires `--user` or `--refresh_token`
@@ -192,6 +195,18 @@ module InspecPlugins
192
195
  raise ArgumentError, error_msg.join("\n") unless error_msg.empty?
193
196
  end
194
197
  end
198
+
199
+ def self.authenticate_login(options)
200
+ InspecPlugins::Compliance::API.authenticate_login_using_version_api(
201
+ options["url"],
202
+ options["token"],
203
+ options["insecure"]
204
+ )
205
+ end
206
+
207
+ def self.configuration_stored_message(config)
208
+ "Stored configuration for Chef #{config["server_type"].capitalize}: #{config["server"]}' with user: '#{config["user"]}'"
209
+ end
195
210
  end
196
211
  end
197
212
  end
data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb CHANGED
@@ -34,9 +34,8 @@ module InspecPlugins
34
34
  desc: "Enterprise for #{AUTOMATE_PRODUCT_NAME} reporting (#{AUTOMATE_PRODUCT_NAME} Only)"
35
35
  def login(server)
36
36
  options["server"] = server
37
- InspecPlugins::Compliance::API.login(options)
38
- config = InspecPlugins::Compliance::Configuration.new
39
- puts "Stored configuration for Chef #{config["server_type"].capitalize}: #{config["server"]}' with user: '#{config["user"]}'"
37
+ login_response = InspecPlugins::Compliance::API.login(options)
38
+ puts login_response
40
39
  end
41
40
 
42
41
  desc "profiles", "list all available profiles in #{AUTOMATE_PRODUCT_NAME}"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.37.0
4
+ version: 4.37.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chef InSpec Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-05 00:00:00.000000000 Z
11
+ date: 2021-05-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-telemetry