inspec 0.12.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +39 -2
- data/bin/inspec +11 -9
- data/docs/matchers.rst +129 -0
- data/docs/resources.rst +64 -37
- data/inspec.gemspec +1 -1
- data/lib/bundles/inspec-compliance/cli.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -0
- data/lib/bundles/inspec-compliance/target.rb +16 -32
- data/lib/bundles/inspec-init/cli.rb +2 -0
- data/lib/bundles/inspec-supermarket.rb +13 -0
- data/lib/bundles/inspec-supermarket/api.rb +2 -0
- data/lib/bundles/inspec-supermarket/cli.rb +2 -2
- data/lib/bundles/inspec-supermarket/target.rb +11 -15
- data/lib/fetchers/local.rb +31 -0
- data/lib/fetchers/tar.rb +48 -0
- data/lib/fetchers/url.rb +100 -0
- data/lib/fetchers/zip.rb +47 -0
- data/lib/inspec.rb +2 -3
- data/lib/inspec/fetcher.rb +22 -0
- data/lib/inspec/metadata.rb +4 -2
- data/lib/inspec/plugins.rb +2 -0
- data/lib/inspec/plugins/fetcher.rb +97 -0
- data/lib/inspec/plugins/source_reader.rb +36 -0
- data/lib/inspec/profile.rb +92 -81
- data/lib/inspec/resource.rb +1 -0
- data/lib/inspec/runner.rb +15 -35
- data/lib/inspec/source_reader.rb +32 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +5 -6
- data/lib/resources/file.rb +8 -2
- data/lib/resources/passwd.rb +71 -45
- data/lib/resources/service.rb +13 -9
- data/lib/resources/shadow.rb +135 -0
- data/lib/source_readers/flat.rb +38 -0
- data/lib/source_readers/inspec.rb +78 -0
- data/lib/utils/base_cli.rb +2 -2
- data/lib/utils/parser.rb +1 -1
- data/lib/utils/plugin_registry.rb +93 -0
- data/test/docker_test.rb +1 -1
- data/test/helper.rb +62 -2
- data/test/integration/cookbooks/os_prepare/recipes/service.rb +4 -2
- data/test/integration/test/integration/default/compare_matcher_spec.rb +11 -0
- data/test/integration/test/integration/default/service_spec.rb +16 -1
- data/test/unit/fetchers.rb +61 -0
- data/test/unit/fetchers/local_test.rb +67 -0
- data/test/unit/fetchers/tar_test.rb +36 -0
- data/test/unit/fetchers/url_test.rb +152 -0
- data/test/unit/fetchers/zip_test.rb +36 -0
- data/test/unit/mock/files/passwd +1 -1
- data/test/unit/mock/files/shadow +2 -0
- data/test/unit/mock/profiles/complete-profile/libraries/testlib.rb +1 -0
- data/test/unit/plugin_test.rb +0 -1
- data/test/unit/profile_test.rb +32 -53
- data/test/unit/resources/passwd_test.rb +69 -14
- data/test/unit/resources/shadow_test.rb +67 -0
- data/test/unit/source_reader_test.rb +17 -0
- data/test/unit/source_readers/flat_test.rb +61 -0
- data/test/unit/source_readers/inspec_test.rb +38 -0
- data/test/unit/utils/passwd_parser_test.rb +1 -1
- metadata +40 -21
- data/lib/inspec/targets.rb +0 -10
- data/lib/inspec/targets/archive.rb +0 -33
- data/lib/inspec/targets/core.rb +0 -56
- data/lib/inspec/targets/dir.rb +0 -144
- data/lib/inspec/targets/file.rb +0 -33
- data/lib/inspec/targets/folder.rb +0 -38
- data/lib/inspec/targets/tar.rb +0 -61
- data/lib/inspec/targets/url.rb +0 -78
- data/lib/inspec/targets/zip.rb +0 -55
- data/test/unit/targets.rb +0 -132
@@ -0,0 +1,67 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
# author: Dominik Richter
|
3
|
+
# author: Christoph Hartmann
|
4
|
+
|
5
|
+
require 'helper'
|
6
|
+
|
7
|
+
describe Fetchers::Local do
|
8
|
+
let(:fetcher) { Fetchers::Local }
|
9
|
+
|
10
|
+
it 'registers with the fetchers registry' do
|
11
|
+
reg = Inspec::Fetcher.registry
|
12
|
+
_(reg['local']).must_equal fetcher
|
13
|
+
end
|
14
|
+
|
15
|
+
describe 'applied to this file' do
|
16
|
+
let(:res) { fetcher.resolve(__FILE__) }
|
17
|
+
|
18
|
+
it 'must be resolved' do
|
19
|
+
_(res).must_be_kind_of fetcher
|
20
|
+
end
|
21
|
+
|
22
|
+
it 'must only contain this file' do
|
23
|
+
_(res.files).must_equal [__FILE__]
|
24
|
+
end
|
25
|
+
|
26
|
+
it 'must not read if the file doesnt exist' do
|
27
|
+
_(res.read('file-does-not-exist')).must_be_nil
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'must not read files not covered' do
|
31
|
+
not_covered = File.expand_path('../tar_test.rb', __FILE__)
|
32
|
+
_(File.file?(not_covered)).must_equal true
|
33
|
+
_(res.read(not_covered)).must_be_nil
|
34
|
+
end
|
35
|
+
|
36
|
+
it 'must read the contents of the file' do
|
37
|
+
_(res.read(__FILE__)).must_equal File.read(__FILE__)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
describe 'applied to this folder' do
|
42
|
+
let(:path) { File.dirname(__FILE__) }
|
43
|
+
let(:res) { fetcher.resolve(path) }
|
44
|
+
|
45
|
+
it 'must be resolved' do
|
46
|
+
_(res).must_be_kind_of fetcher
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'must contain all files' do
|
50
|
+
_(res.files).must_include __FILE__
|
51
|
+
end
|
52
|
+
|
53
|
+
it 'must not read if the file doesnt exist' do
|
54
|
+
_(res.read('file-not-in-folder')).must_be_nil
|
55
|
+
end
|
56
|
+
|
57
|
+
it 'must not read files not covered' do
|
58
|
+
not_covered = File.expand_path('../../../helper.rb', __FILE__)
|
59
|
+
_(File.file?(not_covered)).must_equal true
|
60
|
+
_(res.read(not_covered)).must_be_nil
|
61
|
+
end
|
62
|
+
|
63
|
+
it 'must read the contents of the file' do
|
64
|
+
_(res.read(__FILE__)).must_equal File.read(__FILE__)
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
# author: Dominik Richter
|
3
|
+
# author: Christoph Hartmann
|
4
|
+
|
5
|
+
require 'helper'
|
6
|
+
|
7
|
+
describe Fetchers::Tar do
|
8
|
+
let(:fetcher) { Fetchers::Tar }
|
9
|
+
|
10
|
+
it 'registers with the fetchers registry' do
|
11
|
+
reg = Inspec::Fetcher.registry
|
12
|
+
_(reg['tar']).must_equal fetcher
|
13
|
+
end
|
14
|
+
|
15
|
+
describe 'applied to a zipped archive' do
|
16
|
+
let(:target) { MockLoader.profile_tgz('complete-profile') }
|
17
|
+
let(:res) { fetcher.resolve(target) }
|
18
|
+
|
19
|
+
it 'must be resolved' do
|
20
|
+
_(res).must_be_kind_of fetcher
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'must contain all files' do
|
24
|
+
_(res.files.sort).must_equal %w{inspec.yml libraries libraries/testlib.rb
|
25
|
+
controls controls/filesystem_spec.rb}.sort
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'must not read if the file isnt included' do
|
29
|
+
_(res.read('file-not-in-archive')).must_be_nil
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'must read the contents of the file' do
|
33
|
+
_(res.read('inspec.yml')).must_match /^name: complete$/
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,152 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
# author: Dominik Richter
|
3
|
+
# author: Christoph Hartmann
|
4
|
+
|
5
|
+
require 'helper'
|
6
|
+
|
7
|
+
describe Fetchers::Url do
|
8
|
+
let(:fetcher) { Fetchers::Url }
|
9
|
+
|
10
|
+
it 'registers with the fetchers registry' do
|
11
|
+
reg = Inspec::Fetcher.registry
|
12
|
+
_(reg['url']).must_equal fetcher
|
13
|
+
end
|
14
|
+
|
15
|
+
describe 'testing different urls' do
|
16
|
+
let(:mock_file) { MockLoader.profile_path('complete-metadata') }
|
17
|
+
let(:fetcher) {
|
18
|
+
Class.new(Fetchers::Url) do
|
19
|
+
attr_reader :target, :archive
|
20
|
+
def initialize(target, opts)
|
21
|
+
@target = target
|
22
|
+
@archive = File.new(__FILE__)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
}
|
26
|
+
|
27
|
+
it 'handles a http url' do
|
28
|
+
url = 'http://chef.io/some.tar.gz'
|
29
|
+
res = fetcher.resolve(url)
|
30
|
+
_(res).must_be_kind_of Fetchers::Local
|
31
|
+
_(res.parent).must_be_kind_of Fetchers::Url
|
32
|
+
_(res.parent.target).must_equal 'http://chef.io/some.tar.gz'
|
33
|
+
end
|
34
|
+
|
35
|
+
it 'handles a https url' do
|
36
|
+
url = 'https://chef.io/some.tar.gz'
|
37
|
+
res = fetcher.resolve(url)
|
38
|
+
_(res).must_be_kind_of Fetchers::Local
|
39
|
+
_(res.parent).must_be_kind_of Fetchers::Url
|
40
|
+
_(res.parent.target).must_equal 'https://chef.io/some.tar.gz'
|
41
|
+
end
|
42
|
+
|
43
|
+
it 'doesnt handle other schemas' do
|
44
|
+
fetcher.resolve('gopher://chef.io/some.tar.gz').must_be_nil
|
45
|
+
end
|
46
|
+
|
47
|
+
it 'only handles URLs' do
|
48
|
+
fetcher.resolve(__FILE__).must_be_nil
|
49
|
+
end
|
50
|
+
|
51
|
+
%w{https://github.com/chef/inspec
|
52
|
+
https://github.com/chef/inspec.git
|
53
|
+
https://www.github.com/chef/inspec.git
|
54
|
+
http://github.com/chef/inspec
|
55
|
+
http://github.com/chef/inspec.git
|
56
|
+
http://www.github.com/chef/inspec.git}.each do |github|
|
57
|
+
it "resolves a github url #{github}" do
|
58
|
+
res = fetcher.resolve(github)
|
59
|
+
_(res).wont_be_nil
|
60
|
+
_(res.parent.target).must_equal 'https://github.com/chef/inspec/archive/master.tar.gz'
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
it "resolves a github branch url" do
|
65
|
+
github = 'https://github.com/hardening-io/tests-os-hardening/tree/2.0'
|
66
|
+
res = fetcher.resolve(github)
|
67
|
+
_(res).wont_be_nil
|
68
|
+
_(res.parent.target).must_equal 'https://github.com/hardening-io/tests-os-hardening/archive/2.0.tar.gz'
|
69
|
+
end
|
70
|
+
|
71
|
+
it "resolves a github commit url" do
|
72
|
+
github = 'https://github.com/hardening-io/tests-os-hardening/tree/48bd4388ddffde68badd83aefa654e7af3231876'
|
73
|
+
res = fetcher.resolve(github)
|
74
|
+
_(res).wont_be_nil
|
75
|
+
_(res.parent.target).must_equal 'https://github.com/hardening-io/tests-os-hardening/archive/48bd4388ddffde68badd83aefa654e7af3231876.tar.gz'
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
describe 'applied to a valid url (mocked tar.gz)' do
|
80
|
+
let(:mock_file) { MockLoader.profile_tgz('complete-profile') }
|
81
|
+
let(:target) { 'http://myurl/file.tar.gz' }
|
82
|
+
let(:res) {
|
83
|
+
mock_open = Minitest::Mock.new
|
84
|
+
mock_open.expect :meta, {'content-type' => 'application/gzip'}
|
85
|
+
mock_open.expect :read, File.read(mock_file)
|
86
|
+
fetcher.expects(:open).returns(mock_open)
|
87
|
+
fetcher.resolve(target)
|
88
|
+
}
|
89
|
+
|
90
|
+
it 'must be resolved to the final format' do
|
91
|
+
_(res).must_be_kind_of Fetchers::Tar
|
92
|
+
end
|
93
|
+
|
94
|
+
it 'must be resolved to the final format' do
|
95
|
+
_(res.parent).must_be_kind_of fetcher
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'must contain all files' do
|
99
|
+
_(res.files.sort).must_equal %w{inspec.yml libraries libraries/testlib.rb
|
100
|
+
controls controls/filesystem_spec.rb}.sort
|
101
|
+
end
|
102
|
+
|
103
|
+
it 'must not read if the file isnt included' do
|
104
|
+
_(res.read('file-not-in-archive')).must_be_nil
|
105
|
+
end
|
106
|
+
|
107
|
+
it 'must read the contents of the file' do
|
108
|
+
_(res.read('inspec.yml')).must_match /^name: complete$/
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
describe 'applied to a valid url (mocked zip)' do
|
113
|
+
let(:mock_file) { MockLoader.profile_zip('complete-profile') }
|
114
|
+
let(:target) { 'http://myurl/file.tar.gz' }
|
115
|
+
let(:res) {
|
116
|
+
mock_open = Minitest::Mock.new
|
117
|
+
mock_open.expect :meta, {'content-type' => 'application/zip'}
|
118
|
+
mock_open.expect :read, File.read(mock_file)
|
119
|
+
fetcher.expects(:open).returns(mock_open)
|
120
|
+
fetcher.resolve(target)
|
121
|
+
}
|
122
|
+
|
123
|
+
it 'must be resolved to the final format' do
|
124
|
+
_(res).must_be_kind_of Fetchers::Zip
|
125
|
+
end
|
126
|
+
|
127
|
+
it 'must contain all files' do
|
128
|
+
_(res.files.sort).must_equal %w{inspec.yml libraries libraries/testlib.rb
|
129
|
+
controls controls/filesystem_spec.rb}.sort
|
130
|
+
end
|
131
|
+
|
132
|
+
it 'must not read if the file isnt included' do
|
133
|
+
_(res.read('file-not-in-archive')).must_be_nil
|
134
|
+
end
|
135
|
+
|
136
|
+
it 'must read the contents of the file' do
|
137
|
+
_(res.read('inspec.yml')).must_match /^name: complete$/
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
describe 'applied to a valid url with wrong content-type' do
|
142
|
+
let(:mock_file) { MockLoader.profile_zip('complete-profile') }
|
143
|
+
let(:target) { 'http://myurl/file.tar.gz' }
|
144
|
+
|
145
|
+
it 'must be resolved to the final format' do
|
146
|
+
mock_open = Minitest::Mock.new
|
147
|
+
mock_open.expect :meta, {'content-type' => 'wrong'}
|
148
|
+
fetcher.expects(:open).returns(mock_open)
|
149
|
+
proc { fetcher.resolve(target) }.must_throw RuntimeError
|
150
|
+
end
|
151
|
+
end
|
152
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
# author: Dominik Richter
|
3
|
+
# author: Christoph Hartmann
|
4
|
+
|
5
|
+
require 'helper'
|
6
|
+
|
7
|
+
describe Fetchers::Zip do
|
8
|
+
let(:fetcher) { Fetchers::Zip }
|
9
|
+
|
10
|
+
it 'registers with the fetchers registry' do
|
11
|
+
reg = Inspec::Fetcher.registry
|
12
|
+
_(reg['zip']).must_equal fetcher
|
13
|
+
end
|
14
|
+
|
15
|
+
describe 'applied to a zipped archive' do
|
16
|
+
let(:target) { MockLoader.profile_zip('complete-profile') }
|
17
|
+
let(:res) { fetcher.resolve(target) }
|
18
|
+
|
19
|
+
it 'must be resolved' do
|
20
|
+
_(res).must_be_kind_of fetcher
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'must contain all files' do
|
24
|
+
_(res.files.sort).must_equal %w{inspec.yml libraries libraries/testlib.rb
|
25
|
+
controls controls/filesystem_spec.rb}.sort
|
26
|
+
end
|
27
|
+
|
28
|
+
it 'must not read if the file isnt included' do
|
29
|
+
_(res.read('file-not-in-archive')).must_be_nil
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'must read the contents of the file' do
|
33
|
+
_(res.read('inspec.yml')).must_match /^name: complete$/
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
data/test/unit/mock/files/passwd
CHANGED
@@ -1,2 +1,2 @@
|
|
1
1
|
root:x:0:0:root:/root:/bin/bash
|
2
|
-
www-data:x:33:
|
2
|
+
www-data:x:33:133:www-data:/var/www:/bin/sh
|
@@ -0,0 +1 @@
|
|
1
|
+
# Library resource
|
data/test/unit/plugin_test.rb
CHANGED
data/test/unit/profile_test.rb
CHANGED
@@ -4,35 +4,13 @@
|
|
4
4
|
|
5
5
|
require 'helper'
|
6
6
|
require 'inspec/profile_context'
|
7
|
-
require 'inspec/runner'
|
8
|
-
require 'inspec/runner_mock'
|
9
|
-
require 'fileutils'
|
10
7
|
|
11
8
|
describe Inspec::Profile do
|
12
9
|
let(:logger) { Minitest::Mock.new }
|
13
|
-
let(:home) {
|
14
|
-
|
15
|
-
def load_profile(name, opts = {})
|
16
|
-
opts[:test_collector] = Inspec::RunnerMock.new
|
17
|
-
Inspec::Profile.from_path("#{home}/mock/profiles/#{name}", opts)
|
18
|
-
end
|
19
|
-
|
20
|
-
def load_profile_tgz(name, opts = {})
|
21
|
-
path = "#{home}/mock/profiles/#{name}"
|
22
|
-
`tar zcvf #{path}.tgz #{path}`
|
23
|
-
load_profile("#{name}.tgz", opts)
|
24
|
-
FileUtils.rm("#{path}.tgz")
|
25
|
-
end
|
26
|
-
|
27
|
-
def load_profile_zip(name, opts = {})
|
28
|
-
path = "#{home}/mock/profiles/#{name}"
|
29
|
-
`zip #{path}.zip #{path}`
|
30
|
-
load_profile("#{name}.zip", opts)
|
31
|
-
FileUtils.rm("#{path}.zip")
|
32
|
-
end
|
10
|
+
let(:home) { MockLoader.home }
|
33
11
|
|
34
12
|
describe 'with an empty profile' do
|
35
|
-
let(:profile) { load_profile('empty-metadata') }
|
13
|
+
let(:profile) { MockLoader.load_profile('empty-metadata') }
|
36
14
|
|
37
15
|
it 'has no metadata' do
|
38
16
|
profile.params[:name].must_be_nil
|
@@ -44,7 +22,7 @@ describe Inspec::Profile do
|
|
44
22
|
end
|
45
23
|
|
46
24
|
describe 'with an empty profile (legacy mode)' do
|
47
|
-
let(:profile) { load_profile('legacy-empty-metadata') }
|
25
|
+
let(:profile) { MockLoader.load_profile('legacy-empty-metadata') }
|
48
26
|
|
49
27
|
it 'has no metadata' do
|
50
28
|
profile.params[:name].must_be_nil
|
@@ -57,7 +35,7 @@ describe Inspec::Profile do
|
|
57
35
|
|
58
36
|
describe 'with simple metadata in profile' do
|
59
37
|
let(:profile_id) { 'simple-metadata' }
|
60
|
-
let(:profile) { load_profile(profile_id) }
|
38
|
+
let(:profile) { MockLoader.load_profile(profile_id) }
|
61
39
|
|
62
40
|
it 'has metadata' do
|
63
41
|
profile.params[:name].must_equal 'yumyum profile'
|
@@ -69,13 +47,13 @@ describe Inspec::Profile do
|
|
69
47
|
|
70
48
|
it 'can overwrite the profile ID' do
|
71
49
|
testID = rand.to_s
|
72
|
-
res = load_profile(profile_id, id: testID)
|
50
|
+
res = MockLoader.load_profile(profile_id, id: testID)
|
73
51
|
res.params[:name].must_equal testID
|
74
52
|
end
|
75
53
|
end
|
76
54
|
|
77
55
|
describe 'with simple metadata in profile (legacy mode)' do
|
78
|
-
let(:profile) { load_profile('legacy-simple-metadata') }
|
56
|
+
let(:profile) { MockLoader.load_profile('legacy-simple-metadata') }
|
79
57
|
|
80
58
|
it 'has metadata' do
|
81
59
|
profile.params[:name].must_equal 'metadata profile'
|
@@ -91,17 +69,16 @@ describe Inspec::Profile do
|
|
91
69
|
let(:profile_id) { 'empty-metadata' }
|
92
70
|
|
93
71
|
it 'prints loads of warnings' do
|
94
|
-
inspec_yml = "#{home}/mock/profiles/#{profile_id}/inspec.yml"
|
95
72
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
96
|
-
logger.expect :error, nil, ["Missing profile name in
|
97
|
-
logger.expect :error, nil, ["Missing profile version in
|
98
|
-
logger.expect :warn, nil, ["Missing profile title in
|
99
|
-
logger.expect :warn, nil, ["Missing profile summary in
|
100
|
-
logger.expect :warn, nil, ["Missing profile maintainer in
|
101
|
-
logger.expect :warn, nil, ["Missing profile copyright in
|
73
|
+
logger.expect :error, nil, ["Missing profile name in inspec.yml"]
|
74
|
+
logger.expect :error, nil, ["Missing profile version in inspec.yml"]
|
75
|
+
logger.expect :warn, nil, ["Missing profile title in inspec.yml"]
|
76
|
+
logger.expect :warn, nil, ["Missing profile summary in inspec.yml"]
|
77
|
+
logger.expect :warn, nil, ["Missing profile maintainer in inspec.yml"]
|
78
|
+
logger.expect :warn, nil, ["Missing profile copyright in inspec.yml"]
|
102
79
|
logger.expect :warn, nil, ['No controls or tests were defined.']
|
103
80
|
|
104
|
-
result = load_profile(profile_id, {logger: logger}).check
|
81
|
+
result = MockLoader.load_profile(profile_id, {logger: logger}).check
|
105
82
|
# verify logger output
|
106
83
|
logger.verify
|
107
84
|
|
@@ -121,16 +98,16 @@ describe Inspec::Profile do
|
|
121
98
|
it 'prints loads of warnings' do
|
122
99
|
metadata_rb = "#{home}/mock/profiles/#{profile_id}/metadata.rb"
|
123
100
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
124
|
-
logger.expect :error, nil, ["Missing profile name in
|
101
|
+
logger.expect :error, nil, ["Missing profile name in metadata.rb"]
|
125
102
|
logger.expect :warn, nil, ['The use of `metadata.rb` is deprecated. Use `inspec.yml`.']
|
126
|
-
logger.expect :error, nil, ["Missing profile version in
|
127
|
-
logger.expect :warn, nil, ["Missing profile title in
|
128
|
-
logger.expect :warn, nil, ["Missing profile summary in
|
129
|
-
logger.expect :warn, nil, ["Missing profile maintainer in
|
130
|
-
logger.expect :warn, nil, ["Missing profile copyright in
|
103
|
+
logger.expect :error, nil, ["Missing profile version in metadata.rb"]
|
104
|
+
logger.expect :warn, nil, ["Missing profile title in metadata.rb"]
|
105
|
+
logger.expect :warn, nil, ["Missing profile summary in metadata.rb"]
|
106
|
+
logger.expect :warn, nil, ["Missing profile maintainer in metadata.rb"]
|
107
|
+
logger.expect :warn, nil, ["Missing profile copyright in metadata.rb"]
|
131
108
|
logger.expect :warn, nil, ['No controls or tests were defined.']
|
132
109
|
|
133
|
-
result = load_profile(profile_id, {logger: logger}).check
|
110
|
+
result = MockLoader.load_profile(profile_id, {logger: logger}).check
|
134
111
|
# verify logger output
|
135
112
|
logger.verify
|
136
113
|
|
@@ -146,7 +123,7 @@ describe Inspec::Profile do
|
|
146
123
|
|
147
124
|
describe 'a complete metadata profile' do
|
148
125
|
let(:profile_id) { 'complete-metadata' }
|
149
|
-
let(:profile) { load_profile(profile_id, {logger: logger}) }
|
126
|
+
let(:profile) { MockLoader.load_profile(profile_id, {logger: logger}) }
|
150
127
|
|
151
128
|
it 'prints ok messages' do
|
152
129
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
@@ -170,7 +147,7 @@ describe Inspec::Profile do
|
|
170
147
|
|
171
148
|
describe 'a complete metadata profile (legacy mode)' do
|
172
149
|
let(:profile_id) { 'legacy-complete-metadata' }
|
173
|
-
let(:profile) { load_profile(profile_id, {logger: logger}) }
|
150
|
+
let(:profile) { MockLoader.load_profile(profile_id, {logger: logger}) }
|
174
151
|
|
175
152
|
it 'prints ok messages' do
|
176
153
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
@@ -206,10 +183,10 @@ describe Inspec::Profile do
|
|
206
183
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
207
184
|
logger.expect :info, nil, ['Metadata OK.']
|
208
185
|
logger.expect :info, nil, ['Found 1 controls.']
|
209
|
-
logger.expect :info, nil, ["Verify all controls in
|
186
|
+
logger.expect :info, nil, ["Verify all controls in controls/filesystem_spec.rb"]
|
210
187
|
logger.expect :info, nil, ['Control definitions OK.']
|
211
188
|
|
212
|
-
result = load_profile(profile_id, {logger: logger}).check
|
189
|
+
result = MockLoader.load_profile(profile_id, {logger: logger}).check
|
213
190
|
# verify logger output
|
214
191
|
logger.verify
|
215
192
|
|
@@ -225,16 +202,17 @@ describe Inspec::Profile do
|
|
225
202
|
|
226
203
|
describe 'a complete metadata profile with controls in a tarball' do
|
227
204
|
let(:profile_id) { 'complete-profile' }
|
228
|
-
let(:
|
205
|
+
let(:profile_path) { MockLoader.profile_tgz(profile_id) }
|
206
|
+
let(:profile) { MockLoader.load_profile(profile_path, {logger: logger}) }
|
229
207
|
|
230
208
|
it 'prints ok messages and counts the rules' do
|
231
209
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
232
210
|
logger.expect :info, nil, ['Metadata OK.']
|
233
211
|
logger.expect :info, nil, ['Found 1 controls.']
|
234
|
-
logger.expect :info, nil, ["Verify all controls in
|
212
|
+
logger.expect :info, nil, ["Verify all controls in controls/filesystem_spec.rb"]
|
235
213
|
logger.expect :info, nil, ['Control definitions OK.']
|
236
214
|
|
237
|
-
result = load_profile(profile_id, {logger: logger}).check
|
215
|
+
result = MockLoader.load_profile(profile_id, {logger: logger}).check
|
238
216
|
# verify logger output
|
239
217
|
logger.verify
|
240
218
|
|
@@ -250,16 +228,17 @@ describe Inspec::Profile do
|
|
250
228
|
|
251
229
|
describe 'a complete metadata profile with controls in zipfile' do
|
252
230
|
let(:profile_id) { 'complete-profile' }
|
253
|
-
let(:
|
231
|
+
let(:profile_path) { MockLoader.profile_zip(profile_id) }
|
232
|
+
let(:profile) { MockLoader.load_profile(profile_path, {logger: logger}) }
|
254
233
|
|
255
234
|
it 'prints ok messages and counts the rules' do
|
256
235
|
logger.expect :info, nil, ["Checking profile in #{home}/mock/profiles/#{profile_id}"]
|
257
236
|
logger.expect :info, nil, ['Metadata OK.']
|
258
237
|
logger.expect :info, nil, ['Found 1 controls.']
|
259
|
-
logger.expect :info, nil, ["Verify all controls in
|
238
|
+
logger.expect :info, nil, ["Verify all controls in controls/filesystem_spec.rb"]
|
260
239
|
logger.expect :info, nil, ['Control definitions OK.']
|
261
240
|
|
262
|
-
result = load_profile(profile_id, {logger: logger}).check
|
241
|
+
result = MockLoader.load_profile(profile_id, {logger: logger}).check
|
263
242
|
# verify logger output
|
264
243
|
logger.verify
|
265
244
|
|