inspec 0.31.0 → 0.32.0

data/lib/inspec/dependencies/vendor_index.rb

@@ -18,9 +18,9 @@ module Inspec
   #
   class VendorIndex
     attr_reader :path
-    def initialize(path)
-      @path = path
-      FileUtils.mkdir_p(path) unless File.directory?(path)
+    def initialize(path = nil)
+      @path = path || File.join(Dir.home, '.inspec', 'cache')
+      FileUtils.mkdir_p(@path) unless File.directory?(@path)
     end
 
     def add(name, source, path_from)
@@ -42,7 +42,14 @@ module Inspec
       path = base_path_for(name, source_url)
       if File.directory?(path)
         path
-      elsif File.exist?("#{path}.tar.gz")
+      else
+        archive_entry_for(name, source_url)
+      end
+    end
+
+    def archive_entry_for(name, source_url)
+      path = base_path_for(name, source_url)
+      if File.exist?("#{path}.tar.gz")
         "#{path}.tar.gz"
       elsif File.exist?("#{path}.zip")
         "#{path}.zip"

data/lib/inspec/dsl.rb

@@ -1,8 +1,8 @@
 # encoding: utf-8
 # copyright: 2015, Dominik Richter
-# license: All rights reserved
 # author: Dominik Richter
 # author: Christoph Hartmann
+require 'inspec/log'
 
 module Inspec::DSL
   def require_controls(id, &block)
@@ -32,28 +32,36 @@ module Inspec::DSL
   end
 
   def self.load_spec_files_for_profile(bind_context, opts, &block)
-    # get all spec files
-    target = opts[:dependencies].list[opts[:profile_id]] ||
-             fail("Can't find profile #{opts[:profile_id].inspect}, please add it as a dependency.")
-    profile = Inspec::Profile.for_target(target.path, opts)
-    context = load_profile_context(opts[:profile_id], profile, opts)
+    dependencies = opts[:dependencies]
+    profile_id = opts[:profile_id]
+
+    dep_entry = dependencies.list[profile_id]
+    if dep_entry.nil?
+      fail <<EOF
+Cannot load #{profile_id} since it is not listed as a dependency
+of #{bind_context.profile_name}.
+
+Dependencies available from this context are:
+
+     #{dependencies.list.keys.join("\n    ")}
+EOF
+    end
+
+    context = load_profile_context(dep_entry.profile, opts[:backend])
 
     # if we don't want all the rules, then just make 1 pass to get all rule_IDs
     # that we want to keep from the original
-    filter_included_controls(context, opts, &block) if !opts[:include_all]
+    filter_included_controls(context, dep_entry.profile, &block) if !opts[:include_all]
 
     # interpret the block and skip/modify as required
     context.load(block) if block_given?
 
-    # finally register all combined rules
-    context.rules.values.each do |control|
-      bind_context.register_control(control)
-    end
+    bind_context.add_subcontext(context)
   end
 
-  def self.filter_included_controls(context, opts, &block)
+  def self.filter_included_controls(context, profile, &block)
     mock = Inspec::Backend.create({ backend: 'mock' })
-    include_ctx = Inspec::ProfileContext.new(opts[:profile_id], mock, opts[:conf])
+    include_ctx = Inspec::ProfileContext.for_profile(profile, mock)
     include_ctx.load(block) if block_given?
     # remove all rules that were not registered
     context.rules.keys.each do |id|
@@ -63,8 +71,8 @@ module Inspec::DSL
     end
   end
 
-  def self.load_profile_context(id, profile, opts)
-    ctx = Inspec::ProfileContext.new(id, opts[:backend], opts[:conf])
+  def self.load_profile_context(profile, backend)
+    ctx = Inspec::ProfileContext.for_profile(profile, backend)
     profile.libraries.each do |path, content|
       ctx.load(content.to_s, path, 1)
       ctx.reload_dsl

data/lib/inspec/errors.rb

@@ -7,11 +7,5 @@ module Inspec
 
   # dependency resolution
   class CyclicDependencyError < Error; end
-  class VersionConflict < Error
-    attr_reader :conflicts
-    def initialize(conflicts, msg = nil)
-      super(msg)
-      @conflicts = conflicts
-    end
-  end
+  class UnsatisfiedVersionSpecification < Error; end
 end

data/lib/inspec/log.rb

@@ -1,34 +1,11 @@
 # encoding: utf-8
-# Copyright 2015 Dominik Richter. All rights reserved.
 # author: Dominik Richter
 # author: Christoph Hartmann
 
-require 'rainbow/ext/string'
+require 'mixlib/log'
 
 module Inspec
   class Log
-    def initialize(opts = {})
-      @quiet = opts[:quiet] || false
-    end
-
-    def show(msg)
-      puts msg unless @quiet
-    end
-
-    def info(msg)
-      show '  .  '.color(:white) + msg
-    end
-
-    def error(msg)
-      show '  ✖  '.color(:red).bright + msg
-    end
-
-    def warn(msg)
-      show '  !  '.color(:yellow).bright + msg
-    end
-
-    def ok(msg)
-      show '  ✔  '.color(:green).bright + msg
-    end
+    extend Mixlib::Log
   end
 end

data/lib/inspec/profile.rb

@@ -8,6 +8,7 @@ require 'inspec/polyfill'
 require 'inspec/fetcher'
 require 'inspec/source_reader'
 require 'inspec/metadata'
+require 'inspec/dependencies/lockfile'
 require 'inspec/dependencies/dependency_set'
 
 module Inspec
@@ -52,6 +53,10 @@ module Inspec
       Metadata.finalize(@source_reader.metadata, @profile_id)
     end
 
+    def name
+      metadata.params[:name]
+    end
+
     def params
       @params ||= load_params
     end
@@ -211,6 +216,44 @@ module Inspec
       @locked_dependencies ||= load_dependencies
     end
 
+    def lockfile_exists?
+      File.exist?(lockfile_path)
+    end
+
+    def lockfile_path
+      File.join(cwd, 'inspec.lock')
+    end
+
+    #
+    # TODO(ssd): Relative path handling really needs to be carefully
+    # thought through, especially with respect to relative paths in
+    # tarballs.
+    #
+    def cwd
+      @target.is_a?(String) && File.directory?(@target) ? @target : './'
+    end
+
+    def lockfile
+      @lockfile ||= if lockfile_exists?
+                      Inspec::Lockfile.from_file(lockfile_path)
+                    else
+                      generate_lockfile
+                    end
+    end
+
+    #
+    # Generate an in-memory lockfile. This won't render the lock file
+    # to disk, it must be explicitly written to disk by the caller.
+    #
+    # @param vendor_path [String] Path to the on-disk vendor dir
+    # @return [Inspec::Lockfile]
+    #
+    def generate_lockfile(vendor_path = nil)
+      res = Inspec::DependencySet.new(cwd, vendor_path)
+      res.vendor(metadata.dependencies)
+      Inspec::Lockfile.from_dependency_set(res)
+    end
+
     private
 
     # Create an archive name for this profile and an additional options
@@ -225,7 +268,7 @@ module Inspec
 
       name = params[:name] ||
              fail('Cannot create an archive without a profile name! Please '\
-             'specify the name in metadata or use --output to create the archive.')
+                  'specify the name in metadata or use --output to create the archive.')
       ext = opts[:zip] ? 'zip' : 'tar.gz'
       slug = name.downcase.strip.tr(' ', '-').gsub(/[^\w-]/, '_')
       Pathname.new(Dir.pwd).join("#{slug}.#{ext}")
@@ -239,34 +282,34 @@ module Inspec
       params
     end
 
+    #
+    # Returns a new runner for the current profile.
+    #
+    # @params [Symbol] The type of backend to use when constructing a
+    #                  new runner.
+    # @returns [Inspec::Runner]
+    #
+    def runner_for_profile(backend = :mock)
+      opts = @options.dup
+      opts[:ignore_supports] = true
+      r = Runner.new(id: @profile_id,
+                     backend: backend,
+                     test_collector: opts.delete(:test_collector))
+      r.add_profile(self, opts)
+      r
+    end
+
     def load_checks_params(params)
       params[:controls] = controls = {}
       params[:groups] = groups = {}
       prefix = @source_reader.target.prefix || ''
-
-      if @runner_context.nil?
-        # we're checking a profile, we don't care if it runs on the host machine
-        opts = @options.dup
-        opts[:ignore_supports] = true
-        runner = Runner.new(
-          id: @profile_id,
-          backend: :mock,
-          test_collector: opts.delete(:test_collector),
-        )
-        runner.add_profile(self, opts)
-        runner.rules.values.each do |rule|
-          f = load_rule_filepath(prefix, rule)
-          load_rule(rule, f, controls, groups)
-        end
-        params[:attributes] = runner.attributes
-      else
-        # load from context
-        @runner_context.rules.values.each do |rule|
-          f = load_rule_filepath(prefix, rule)
-          load_rule(rule, f, controls, groups)
-        end
-        params[:attributes] = @runner_context.attributes
+      # Load from the runner_context if it exists
+      runner = @runner_context || runner_for_profile
+      runner.all_rules.each do |rule|
+        f = load_rule_filepath(prefix, rule)
+        load_rule(rule, f, controls, groups)
       end
+      params[:attributes] = runner.attributes
       params
     end
 
@@ -297,10 +340,7 @@ module Inspec
     end
 
     def load_dependencies
-      cwd = File.directory?(@target) ? @target : nil
-      res = Inspec::DependencySet.new(cwd, nil)
-      res.vendor(metadata.dependencies)
-      res
+      Inspec::DependencySet.from_lockfile(lockfile, cwd, nil)
     end
   end
 end

data/lib/inspec/profile_context.rb

@@ -1,7 +1,7 @@
 # encoding: utf-8
 # author: Dominik Richter
 # author: Christoph Hartmann
-
+require 'inspec/log'
 require 'inspec/rule'
 require 'inspec/dsl'
 require 'inspec/require_loader'
@@ -10,18 +10,21 @@ require 'inspec/objects/attribute'
 
 module Inspec
   class ProfileContext # rubocop:disable Metrics/ClassLength
-    attr_reader :rules
-    attr_reader :attributes
+    def self.for_profile(profile, backend)
+      new(profile.name, backend, { 'profile' => profile })
+    end
+
+    attr_reader :attributes, :rules, :profile_id
     def initialize(profile_id, backend, conf)
       if backend.nil?
         fail 'ProfileContext is initiated with a backend == nil. ' \
              'This is a backend error which must be fixed upstream.'
       end
-
       @profile_id = profile_id
       @backend = backend
       @conf = conf.dup
       @rules = {}
+      @subcontexts = []
       @dependencies = {}
       @dependencies = conf['profile'].locked_dependencies unless conf['profile'].nil?
       @require_loader = ::Inspec::RequireLoader.new
@@ -35,6 +38,16 @@ module Inspec
       @profile_context = ctx.new(@backend, @conf, @dependencies, @require_loader)
     end
 
+    def all_rules
+      ret = @rules.values
+      ret += @subcontexts.map(&:all_rules).flatten
+      ret
+    end
+
+    def add_subcontext(context)
+      @subcontexts << context
+    end
+
     def load_libraries(libs)
       lib_prefix = 'libraries' + File::SEPARATOR
       autoloads = []
@@ -59,6 +72,7 @@ module Inspec
     end
 
     def load(content, source = nil, line = nil)
+      Inspec::Log.debug("Loading #{source || '<anonymous content>'} into #{self}")
       @current_load = { file: source }
       if content.is_a? Proc
         @profile_context.instance_eval(&content)
@@ -167,7 +181,11 @@ module Inspec
         end
 
         def to_s
-          'Profile Context Run'
+          "Profile Context Run #{profile_name}"
+        end
+
+        define_method :profile_name do
+          profile_id
         end
 
         define_method :control do |*args, &block|
@@ -185,9 +203,14 @@ module Inspec
             res = describe(*args, &block)
           end
           register_control(rule, &block)
+
           res
         end
 
+        define_method :add_subcontext do |context|
+          profile_context_owner.add_subcontext(context)
+        end
+
         define_method :register_control do |control, &block|
           ::Inspec::Rule.set_skip_rule(control, true) if @skip_profile
 

data/lib/inspec/rspec_json_formatter.rb

@@ -210,12 +210,7 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
     'passed'   => '  ✔  ',
     'unknown'  => '  ?  ',
     'empty'    => '     ',
-  }.freeze
-
-  TEST_INDICATORS = {
-    'failed'   => '     fail: ',
-    'skipped'  => '     skip: ',
-    'empty'    => '     ',
+    'small'    => '   ',
   }.freeze
 
   MULTI_TEST_CONTROL_SUMMARY_MAX_LEN = 60
@@ -223,18 +218,20 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
   def initialize(*args)
     @colors = COLORS
     @indicators = INDICATORS
-    @test_indicators = TEST_INDICATORS
 
     @format = '%color%indicator%id%summary'
     @current_control = nil
     @current_profile = nil
     @missing_controls = []
+    @anonymous_tests = []
     super(*args)
   end
 
   def close(_notification)
     flush_current_control
     output.puts('') unless @current_control.nil?
+    print_tests
+    output.puts('')
 
     @profiles_info.each do |_id, profile|
       next if profile[:already_printed]
@@ -274,13 +271,15 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
     summary_status = STATUS_TYPES['unknown']
     skips = []
     fails = []
+    passes = []
     @current_control[:results].each do |r|
       i = STATUS_TYPES[r[:status_type]]
       summary_status = i if i > summary_status
       fails.push(r) if i > 0
+      passes.push(r) if i == STATUS_TYPES['passed']
       skips.push(r) if i == STATUS_TYPES['skipped']
     end
-    [fails, skips, STATUS_TYPES.key(summary_status)]
+    [fails, skips, passes, STATUS_TYPES.key(summary_status)]
   end
 
   def current_control_title
@@ -344,20 +343,42 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
     lines.gsub(/\n/, "\n" + indentation)
   end
 
-  def print_fails_and_skips(all, color)
+  def print_results(all)
     all.each do |x|
-      indicator = @test_indicators[x[:status]]
-      indicator = @test_indicators['empty'] if all.length == 1 || indicator.nil?
+      test_status = x[:status_type]
+      test_color = @colors[test_status]
+      indicator = @indicators[x[:status]]
+      indicator = @indicators['empty'] if all.length == 1 || indicator.nil?
       msg = x[:message] || x[:skip_message] || x[:code_desc]
       print_line(
-        color:      color,
-        indicator:  indicator,
-        summary:    format_lines(msg, @test_indicators['empty']),
+        color:      test_color,
+        indicator:  @indicators['small'] + indicator,
+        summary:    format_lines(msg, @indicators['empty']),
         id: nil, profile: nil
       )
     end
   end
 
+  def print_tests
+    @anonymous_tests.each do |control|
+      control_result = control[:results]
+      title = control_result[0][:code_desc].split[0..1].join(' ')
+      puts '  ' + title
+      control_result.each do |test|
+        control_id = ''
+        test_result = test[:code_desc].split[2..-1].join(' ')
+        status_indicator = test[:status_type]
+        print_line(
+          color:      @colors[status_indicator] || '',
+          indicator:  @indicators['small'] + @indicators[status_indicator] || @indicators['unknown'],
+          summary:    format_lines(test_result, @indicators['empty']),
+          id:         control_id,
+          profile:    control[:profile_id],
+        )
+      end
+    end
+  end
+
   def flush_current_control
     return if @current_control.nil?
 
@@ -365,22 +386,24 @@ class InspecRspecCli < InspecRspecJson # rubocop:disable Metrics/ClassLength
     @current_profile = @profiles_info[@current_control[:profile_id]]
     print_current_profile if prev_profile != @current_profile
 
-    fails, skips, summary_indicator = current_control_infos
+    fails, skips, passes, summary_indicator = current_control_infos
     summary = current_control_summary(fails, skips)
 
     control_id = @current_control[:id].to_s
     control_id += ': '
-    control_id = '' if control_id.start_with? '(generated from '
-
-    print_line(
-      color:      @colors[summary_indicator] || '',
-      indicator:  @indicators[summary_indicator] || @indicators['unknown'],
-      summary:    format_lines(summary, @indicators['empty']),
-      id:         control_id,
-      profile:    @current_control[:profile_id],
-    )
+    if control_id.start_with? '(generated from '
+      @anonymous_tests.push(@current_control)
+    else
+      print_line(
+        color:      @colors[summary_indicator] || '',
+        indicator:  @indicators[summary_indicator] || @indicators['unknown'],
+        summary:    format_lines(summary, @indicators['empty']),
+        id:         control_id,
+        profile:    @current_control[:profile_id],
+      )
 
-    print_fails_and_skips(fails + skips, @colors[summary_indicator] || '')
+      print_results(fails + skips + passes)
+    end
   end
 
   def print_target(before, after)