inspec 0.12.0 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +39 -2
  3. data/bin/inspec +11 -9
  4. data/docs/matchers.rst +129 -0
  5. data/docs/resources.rst +64 -37
  6. data/inspec.gemspec +1 -1
  7. data/lib/bundles/inspec-compliance/cli.rb +1 -1
  8. data/lib/bundles/inspec-compliance/configuration.rb +1 -0
  9. data/lib/bundles/inspec-compliance/target.rb +16 -32
  10. data/lib/bundles/inspec-init/cli.rb +2 -0
  11. data/lib/bundles/inspec-supermarket.rb +13 -0
  12. data/lib/bundles/inspec-supermarket/api.rb +2 -0
  13. data/lib/bundles/inspec-supermarket/cli.rb +2 -2
  14. data/lib/bundles/inspec-supermarket/target.rb +11 -15
  15. data/lib/fetchers/local.rb +31 -0
  16. data/lib/fetchers/tar.rb +48 -0
  17. data/lib/fetchers/url.rb +100 -0
  18. data/lib/fetchers/zip.rb +47 -0
  19. data/lib/inspec.rb +2 -3
  20. data/lib/inspec/fetcher.rb +22 -0
  21. data/lib/inspec/metadata.rb +4 -2
  22. data/lib/inspec/plugins.rb +2 -0
  23. data/lib/inspec/plugins/fetcher.rb +97 -0
  24. data/lib/inspec/plugins/source_reader.rb +36 -0
  25. data/lib/inspec/profile.rb +92 -81
  26. data/lib/inspec/resource.rb +1 -0
  27. data/lib/inspec/runner.rb +15 -35
  28. data/lib/inspec/source_reader.rb +32 -0
  29. data/lib/inspec/version.rb +1 -1
  30. data/lib/matchers/matchers.rb +5 -6
  31. data/lib/resources/file.rb +8 -2
  32. data/lib/resources/passwd.rb +71 -45
  33. data/lib/resources/service.rb +13 -9
  34. data/lib/resources/shadow.rb +135 -0
  35. data/lib/source_readers/flat.rb +38 -0
  36. data/lib/source_readers/inspec.rb +78 -0
  37. data/lib/utils/base_cli.rb +2 -2
  38. data/lib/utils/parser.rb +1 -1
  39. data/lib/utils/plugin_registry.rb +93 -0
  40. data/test/docker_test.rb +1 -1
  41. data/test/helper.rb +62 -2
  42. data/test/integration/cookbooks/os_prepare/recipes/service.rb +4 -2
  43. data/test/integration/test/integration/default/compare_matcher_spec.rb +11 -0
  44. data/test/integration/test/integration/default/service_spec.rb +16 -1
  45. data/test/unit/fetchers.rb +61 -0
  46. data/test/unit/fetchers/local_test.rb +67 -0
  47. data/test/unit/fetchers/tar_test.rb +36 -0
  48. data/test/unit/fetchers/url_test.rb +152 -0
  49. data/test/unit/fetchers/zip_test.rb +36 -0
  50. data/test/unit/mock/files/passwd +1 -1
  51. data/test/unit/mock/files/shadow +2 -0
  52. data/test/unit/mock/profiles/complete-profile/libraries/testlib.rb +1 -0
  53. data/test/unit/plugin_test.rb +0 -1
  54. data/test/unit/profile_test.rb +32 -53
  55. data/test/unit/resources/passwd_test.rb +69 -14
  56. data/test/unit/resources/shadow_test.rb +67 -0
  57. data/test/unit/source_reader_test.rb +17 -0
  58. data/test/unit/source_readers/flat_test.rb +61 -0
  59. data/test/unit/source_readers/inspec_test.rb +38 -0
  60. data/test/unit/utils/passwd_parser_test.rb +1 -1
  61. metadata +40 -21
  62. data/lib/inspec/targets.rb +0 -10
  63. data/lib/inspec/targets/archive.rb +0 -33
  64. data/lib/inspec/targets/core.rb +0 -56
  65. data/lib/inspec/targets/dir.rb +0 -144
  66. data/lib/inspec/targets/file.rb +0 -33
  67. data/lib/inspec/targets/folder.rb +0 -38
  68. data/lib/inspec/targets/tar.rb +0 -61
  69. data/lib/inspec/targets/url.rb +0 -78
  70. data/lib/inspec/targets/zip.rb +0 -55
  71. data/test/unit/targets.rb +0 -132
@@ -1,55 +0,0 @@
1
- # encoding: utf-8
2
- # author: Dominik Richter
3
- # author: Christoph Hartmann
4
-
5
- require 'zip'
6
- require 'inspec/targets/dir'
7
- require 'inspec/targets/archive'
8
-
9
- module Inspec::Targets
10
- class ZipHelper < ArchiveHelper
11
- def self.handles?(target)
12
- File.file?(target) and target.end_with?('.zip')
13
- end
14
-
15
- def content(input, path, rootdir = nil, opts = {})
16
- content = nil
17
- ::Zip::InputStream.open(input) do |io|
18
- while (entry = io.get_next_entry)
19
- next unless path == entry.name.gsub(rootdir, '')
20
- content = {
21
- # NB if some file is empty, return empty-string, not nil
22
- content: io.read || '',
23
- type: opts[:as] || :test,
24
- ref: entry.name,
25
- }
26
- abort
27
- end
28
- end
29
- content
30
- end
31
-
32
- def structure(input)
33
- files = []
34
- rootdir = ''
35
-
36
- ::Zip::InputStream.open(input) do |io|
37
- while (entry = io.get_next_entry)
38
- pn = Pathname(entry.name)
39
- rootdir = pn.dirname.to_s if pn.basename.to_s == 'inspec.yml' || pn.basename.to_s == 'metadata.rb'
40
- files.push(entry.name)
41
- end
42
- end
43
-
44
- # stores the rootdir of metadata.rb or inspec.yml
45
- rootdir += '/' if !rootdir.empty?
46
- [files, rootdir]
47
- end
48
-
49
- def to_s
50
- 'zip Loader'
51
- end
52
- end
53
-
54
- Inspec::Targets.add_module('zip', ZipHelper)
55
- end
data/test/unit/targets.rb DELETED
@@ -1,132 +0,0 @@
1
- # encoding: utf-8
2
- # author: Stephan Renatus
3
-
4
- require 'helper'
5
-
6
- describe Inspec::Targets::UrlHelper do
7
- let(:helper) { Inspec::Targets::UrlHelper.new }
8
-
9
- it 'handles http' do
10
- helper.handles?('http://chef.io').must_equal true
11
- end
12
-
13
- it 'handles https' do
14
- helper.handles?('https://chef.io').must_equal true
15
- end
16
-
17
- it 'returns false if given an invalid URL' do
18
- helper.handles?('cheshire_cat').must_equal false
19
- end
20
-
21
- it 'returns false if given an URL with a protocol different from http[s]' do
22
- helper.handles?('gopher://chef.io').must_equal false
23
- end
24
-
25
- it 'resolves various github urls' do
26
- hlpr = Minitest::Mock.new
27
- helper.stub :resolve_zip, hlpr do
28
- %w{https://github.com/chef/inspec
29
- https://github.com/chef/inspec.git
30
- https://www.github.com/chef/inspec.git
31
- http://github.com/chef/inspec
32
- http://github.com/chef/inspec.git
33
- http://www.github.com/chef/inspec.git}.each do |github|
34
- hlpr.expect :call, nil, ['https://github.com/chef/inspec/archive/master.tar.gz', {}]
35
-
36
- helper.resolve(github)
37
- end
38
- hlpr.verify
39
- end
40
- end
41
-
42
- it 'leaves proper, non-github urls unchanged' do
43
- url = 'https://chef.io/something.tar.gz'
44
- hlpr = Minitest::Mock.new
45
- hlpr.expect :call, nil, [url, {}]
46
- helper.stub :resolve_zip, hlpr do
47
- helper.resolve(url)
48
- end
49
- hlpr.verify
50
- end
51
-
52
- let (:url) { 'https://github.com/chef/inspec/archive/master.tar.gz' }
53
- let (:opts) { { http_basic_authentication: ['', ''] } }
54
-
55
- def archive_of_type(type)
56
- archive = Minitest::Mock.new
57
- archive.expect :write, nil, ["#{type}-content"]
58
- archive.expect :path, "/path/to/#{type}-archive.tar.gz" # always tar.gz!
59
- [:binmode, :rewind, :close, :unlink].each do |meth|
60
- archive.expect meth, nil
61
- end
62
- archive
63
- end
64
-
65
- def remote_of_type(type, content_type)
66
- remote = Minitest::Mock.new
67
- remote.expect :read, "#{type}-content"
68
- remote.expect :meta, { 'content-type' => content_type }
69
- remote
70
- end
71
-
72
- let (:archive_sth) { archive_of_type('sth') }
73
- let (:remote_sth) { remote_of_type('sth', 'application/x-very-funny') }
74
-
75
- it 'downloads an archive and returns it with its content-type' do
76
- helper.stub :open, remote_sth, [url, opts] do
77
- helper.download_archive(url, archive_sth, {}).must_equal([archive_sth, 'application/x-very-funny'])
78
- end
79
- remote_sth.verify
80
- end
81
-
82
- it 'downloads an archive and returns it with its content-type using options, too' do
83
- helper.stub :open, remote_sth, [url, { http_basic_authentication: ['alice', 'pw'] }] do
84
- helper.download_archive(url, archive_sth, 'user' => 'alice', 'password' => 'pw').must_equal([archive_sth, 'application/x-very-funny'])
85
- end
86
- remote_sth.verify
87
- end
88
-
89
- let (:archive_zip) { archive_of_type('zip') }
90
- let (:archive_tgz) { archive_of_type('tgz') }
91
-
92
- let (:tarhelper) do
93
- th = Minitest::Mock.new
94
- th.expect :resolve, 'tgz-content', ['/path/to/tgz-archive.tar.gz']
95
- th
96
- end
97
-
98
- %w{ application/gzip application/x-gzip }.each do |content_type|
99
- it "unpacks a tarball (#{content_type}) with TarHelper and returns the content" do
100
- Tempfile.stub :new, archive_tgz, [['inspec-dl-', '.tar.gz']] do
101
- helper.stub :download_archive, [archive_tgz, content_type], [url, archive_tgz, opts] do
102
- Inspec::Targets::TarHelper.stub :new, tarhelper do
103
- helper.resolve_zip(url, {}).must_equal('tgz-content')
104
- end
105
- end
106
- end
107
- tarhelper.verify
108
- end
109
- end
110
-
111
- let (:ziphelper) do
112
- zip = Minitest::Mock.new
113
- zip.expect :resolve, 'zip-content', [Pathname.new('/path/to/zip-archive.zip')]
114
- zip
115
- end
116
-
117
- %w{ application/zip application/x-zip-compressed }.each do |content_type|
118
- it "renames and unpacks a zip file (#{content_type}) with ZipHelper and returns the content" do
119
- helper.stub :download_archive, [archive_zip, content_type], [url, archive_zip, opts] do
120
- Tempfile.stub :new, archive_zip, [['inspec-dl-', '.tar.gz']] do
121
- File.stub :rename, nil, ['/path/to/zip-archive.tar.gz', '/path/to/zip-archive.zip'] do
122
- Inspec::Targets::ZipHelper.stub :new, ziphelper do
123
- File.stub :unlink, nil, ['/path/to/zip-archive.zip'] do
124
- helper.resolve_zip(url, {}).must_equal('zip-content')
125
- end
126
- end
127
- end
128
- end
129
- end
130
- end
131
- end
132
- end