inspec 0.12.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +39 -2
- data/bin/inspec +11 -9
- data/docs/matchers.rst +129 -0
- data/docs/resources.rst +64 -37
- data/inspec.gemspec +1 -1
- data/lib/bundles/inspec-compliance/cli.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -0
- data/lib/bundles/inspec-compliance/target.rb +16 -32
- data/lib/bundles/inspec-init/cli.rb +2 -0
- data/lib/bundles/inspec-supermarket.rb +13 -0
- data/lib/bundles/inspec-supermarket/api.rb +2 -0
- data/lib/bundles/inspec-supermarket/cli.rb +2 -2
- data/lib/bundles/inspec-supermarket/target.rb +11 -15
- data/lib/fetchers/local.rb +31 -0
- data/lib/fetchers/tar.rb +48 -0
- data/lib/fetchers/url.rb +100 -0
- data/lib/fetchers/zip.rb +47 -0
- data/lib/inspec.rb +2 -3
- data/lib/inspec/fetcher.rb +22 -0
- data/lib/inspec/metadata.rb +4 -2
- data/lib/inspec/plugins.rb +2 -0
- data/lib/inspec/plugins/fetcher.rb +97 -0
- data/lib/inspec/plugins/source_reader.rb +36 -0
- data/lib/inspec/profile.rb +92 -81
- data/lib/inspec/resource.rb +1 -0
- data/lib/inspec/runner.rb +15 -35
- data/lib/inspec/source_reader.rb +32 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +5 -6
- data/lib/resources/file.rb +8 -2
- data/lib/resources/passwd.rb +71 -45
- data/lib/resources/service.rb +13 -9
- data/lib/resources/shadow.rb +135 -0
- data/lib/source_readers/flat.rb +38 -0
- data/lib/source_readers/inspec.rb +78 -0
- data/lib/utils/base_cli.rb +2 -2
- data/lib/utils/parser.rb +1 -1
- data/lib/utils/plugin_registry.rb +93 -0
- data/test/docker_test.rb +1 -1
- data/test/helper.rb +62 -2
- data/test/integration/cookbooks/os_prepare/recipes/service.rb +4 -2
- data/test/integration/test/integration/default/compare_matcher_spec.rb +11 -0
- data/test/integration/test/integration/default/service_spec.rb +16 -1
- data/test/unit/fetchers.rb +61 -0
- data/test/unit/fetchers/local_test.rb +67 -0
- data/test/unit/fetchers/tar_test.rb +36 -0
- data/test/unit/fetchers/url_test.rb +152 -0
- data/test/unit/fetchers/zip_test.rb +36 -0
- data/test/unit/mock/files/passwd +1 -1
- data/test/unit/mock/files/shadow +2 -0
- data/test/unit/mock/profiles/complete-profile/libraries/testlib.rb +1 -0
- data/test/unit/plugin_test.rb +0 -1
- data/test/unit/profile_test.rb +32 -53
- data/test/unit/resources/passwd_test.rb +69 -14
- data/test/unit/resources/shadow_test.rb +67 -0
- data/test/unit/source_reader_test.rb +17 -0
- data/test/unit/source_readers/flat_test.rb +61 -0
- data/test/unit/source_readers/inspec_test.rb +38 -0
- data/test/unit/utils/passwd_parser_test.rb +1 -1
- metadata +40 -21
- data/lib/inspec/targets.rb +0 -10
- data/lib/inspec/targets/archive.rb +0 -33
- data/lib/inspec/targets/core.rb +0 -56
- data/lib/inspec/targets/dir.rb +0 -144
- data/lib/inspec/targets/file.rb +0 -33
- data/lib/inspec/targets/folder.rb +0 -38
- data/lib/inspec/targets/tar.rb +0 -61
- data/lib/inspec/targets/url.rb +0 -78
- data/lib/inspec/targets/zip.rb +0 -55
- data/test/unit/targets.rb +0 -132
data/lib/inspec/targets/zip.rb
DELETED
@@ -1,55 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
# author: Dominik Richter
|
3
|
-
# author: Christoph Hartmann
|
4
|
-
|
5
|
-
require 'zip'
|
6
|
-
require 'inspec/targets/dir'
|
7
|
-
require 'inspec/targets/archive'
|
8
|
-
|
9
|
-
module Inspec::Targets
|
10
|
-
class ZipHelper < ArchiveHelper
|
11
|
-
def self.handles?(target)
|
12
|
-
File.file?(target) and target.end_with?('.zip')
|
13
|
-
end
|
14
|
-
|
15
|
-
def content(input, path, rootdir = nil, opts = {})
|
16
|
-
content = nil
|
17
|
-
::Zip::InputStream.open(input) do |io|
|
18
|
-
while (entry = io.get_next_entry)
|
19
|
-
next unless path == entry.name.gsub(rootdir, '')
|
20
|
-
content = {
|
21
|
-
# NB if some file is empty, return empty-string, not nil
|
22
|
-
content: io.read || '',
|
23
|
-
type: opts[:as] || :test,
|
24
|
-
ref: entry.name,
|
25
|
-
}
|
26
|
-
abort
|
27
|
-
end
|
28
|
-
end
|
29
|
-
content
|
30
|
-
end
|
31
|
-
|
32
|
-
def structure(input)
|
33
|
-
files = []
|
34
|
-
rootdir = ''
|
35
|
-
|
36
|
-
::Zip::InputStream.open(input) do |io|
|
37
|
-
while (entry = io.get_next_entry)
|
38
|
-
pn = Pathname(entry.name)
|
39
|
-
rootdir = pn.dirname.to_s if pn.basename.to_s == 'inspec.yml' || pn.basename.to_s == 'metadata.rb'
|
40
|
-
files.push(entry.name)
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
# stores the rootdir of metadata.rb or inspec.yml
|
45
|
-
rootdir += '/' if !rootdir.empty?
|
46
|
-
[files, rootdir]
|
47
|
-
end
|
48
|
-
|
49
|
-
def to_s
|
50
|
-
'zip Loader'
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
Inspec::Targets.add_module('zip', ZipHelper)
|
55
|
-
end
|
data/test/unit/targets.rb
DELETED
@@ -1,132 +0,0 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
# author: Stephan Renatus
|
3
|
-
|
4
|
-
require 'helper'
|
5
|
-
|
6
|
-
describe Inspec::Targets::UrlHelper do
|
7
|
-
let(:helper) { Inspec::Targets::UrlHelper.new }
|
8
|
-
|
9
|
-
it 'handles http' do
|
10
|
-
helper.handles?('http://chef.io').must_equal true
|
11
|
-
end
|
12
|
-
|
13
|
-
it 'handles https' do
|
14
|
-
helper.handles?('https://chef.io').must_equal true
|
15
|
-
end
|
16
|
-
|
17
|
-
it 'returns false if given an invalid URL' do
|
18
|
-
helper.handles?('cheshire_cat').must_equal false
|
19
|
-
end
|
20
|
-
|
21
|
-
it 'returns false if given an URL with a protocol different from http[s]' do
|
22
|
-
helper.handles?('gopher://chef.io').must_equal false
|
23
|
-
end
|
24
|
-
|
25
|
-
it 'resolves various github urls' do
|
26
|
-
hlpr = Minitest::Mock.new
|
27
|
-
helper.stub :resolve_zip, hlpr do
|
28
|
-
%w{https://github.com/chef/inspec
|
29
|
-
https://github.com/chef/inspec.git
|
30
|
-
https://www.github.com/chef/inspec.git
|
31
|
-
http://github.com/chef/inspec
|
32
|
-
http://github.com/chef/inspec.git
|
33
|
-
http://www.github.com/chef/inspec.git}.each do |github|
|
34
|
-
hlpr.expect :call, nil, ['https://github.com/chef/inspec/archive/master.tar.gz', {}]
|
35
|
-
|
36
|
-
helper.resolve(github)
|
37
|
-
end
|
38
|
-
hlpr.verify
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
it 'leaves proper, non-github urls unchanged' do
|
43
|
-
url = 'https://chef.io/something.tar.gz'
|
44
|
-
hlpr = Minitest::Mock.new
|
45
|
-
hlpr.expect :call, nil, [url, {}]
|
46
|
-
helper.stub :resolve_zip, hlpr do
|
47
|
-
helper.resolve(url)
|
48
|
-
end
|
49
|
-
hlpr.verify
|
50
|
-
end
|
51
|
-
|
52
|
-
let (:url) { 'https://github.com/chef/inspec/archive/master.tar.gz' }
|
53
|
-
let (:opts) { { http_basic_authentication: ['', ''] } }
|
54
|
-
|
55
|
-
def archive_of_type(type)
|
56
|
-
archive = Minitest::Mock.new
|
57
|
-
archive.expect :write, nil, ["#{type}-content"]
|
58
|
-
archive.expect :path, "/path/to/#{type}-archive.tar.gz" # always tar.gz!
|
59
|
-
[:binmode, :rewind, :close, :unlink].each do |meth|
|
60
|
-
archive.expect meth, nil
|
61
|
-
end
|
62
|
-
archive
|
63
|
-
end
|
64
|
-
|
65
|
-
def remote_of_type(type, content_type)
|
66
|
-
remote = Minitest::Mock.new
|
67
|
-
remote.expect :read, "#{type}-content"
|
68
|
-
remote.expect :meta, { 'content-type' => content_type }
|
69
|
-
remote
|
70
|
-
end
|
71
|
-
|
72
|
-
let (:archive_sth) { archive_of_type('sth') }
|
73
|
-
let (:remote_sth) { remote_of_type('sth', 'application/x-very-funny') }
|
74
|
-
|
75
|
-
it 'downloads an archive and returns it with its content-type' do
|
76
|
-
helper.stub :open, remote_sth, [url, opts] do
|
77
|
-
helper.download_archive(url, archive_sth, {}).must_equal([archive_sth, 'application/x-very-funny'])
|
78
|
-
end
|
79
|
-
remote_sth.verify
|
80
|
-
end
|
81
|
-
|
82
|
-
it 'downloads an archive and returns it with its content-type using options, too' do
|
83
|
-
helper.stub :open, remote_sth, [url, { http_basic_authentication: ['alice', 'pw'] }] do
|
84
|
-
helper.download_archive(url, archive_sth, 'user' => 'alice', 'password' => 'pw').must_equal([archive_sth, 'application/x-very-funny'])
|
85
|
-
end
|
86
|
-
remote_sth.verify
|
87
|
-
end
|
88
|
-
|
89
|
-
let (:archive_zip) { archive_of_type('zip') }
|
90
|
-
let (:archive_tgz) { archive_of_type('tgz') }
|
91
|
-
|
92
|
-
let (:tarhelper) do
|
93
|
-
th = Minitest::Mock.new
|
94
|
-
th.expect :resolve, 'tgz-content', ['/path/to/tgz-archive.tar.gz']
|
95
|
-
th
|
96
|
-
end
|
97
|
-
|
98
|
-
%w{ application/gzip application/x-gzip }.each do |content_type|
|
99
|
-
it "unpacks a tarball (#{content_type}) with TarHelper and returns the content" do
|
100
|
-
Tempfile.stub :new, archive_tgz, [['inspec-dl-', '.tar.gz']] do
|
101
|
-
helper.stub :download_archive, [archive_tgz, content_type], [url, archive_tgz, opts] do
|
102
|
-
Inspec::Targets::TarHelper.stub :new, tarhelper do
|
103
|
-
helper.resolve_zip(url, {}).must_equal('tgz-content')
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
107
|
-
tarhelper.verify
|
108
|
-
end
|
109
|
-
end
|
110
|
-
|
111
|
-
let (:ziphelper) do
|
112
|
-
zip = Minitest::Mock.new
|
113
|
-
zip.expect :resolve, 'zip-content', [Pathname.new('/path/to/zip-archive.zip')]
|
114
|
-
zip
|
115
|
-
end
|
116
|
-
|
117
|
-
%w{ application/zip application/x-zip-compressed }.each do |content_type|
|
118
|
-
it "renames and unpacks a zip file (#{content_type}) with ZipHelper and returns the content" do
|
119
|
-
helper.stub :download_archive, [archive_zip, content_type], [url, archive_zip, opts] do
|
120
|
-
Tempfile.stub :new, archive_zip, [['inspec-dl-', '.tar.gz']] do
|
121
|
-
File.stub :rename, nil, ['/path/to/zip-archive.tar.gz', '/path/to/zip-archive.zip'] do
|
122
|
-
Inspec::Targets::ZipHelper.stub :new, ziphelper do
|
123
|
-
File.stub :unlink, nil, ['/path/to/zip-archive.zip'] do
|
124
|
-
helper.resolve_zip(url, {}).must_equal('zip-content')
|
125
|
-
end
|
126
|
-
end
|
127
|
-
end
|
128
|
-
end
|
129
|
-
end
|
130
|
-
end
|
131
|
-
end
|
132
|
-
end
|