inspec 1.29.0 → 1.30.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +19 -0
  3. data/bin/inspec +1 -1
  4. data/docs/profiles.md +14 -5
  5. data/docs/resources/iptables.md.erb +12 -5
  6. data/docs/resources/mssql_session.md.erb +11 -28
  7. data/docs/resources/mysql_session.md.erb +12 -0
  8. data/docs/resources/oracledb_session.md.erb +10 -28
  9. data/docs/resources/package.md.erb +6 -0
  10. data/docs/resources/postgres_conf.md.erb +2 -0
  11. data/examples/inheritance/controls/example.rb +0 -1
  12. data/examples/meta-profile/controls/example.rb +0 -1
  13. data/examples/profile/controls/example.rb +0 -1
  14. data/examples/profile/controls/gordon.rb +0 -1
  15. data/inspec.gemspec +1 -0
  16. data/lib/bundles/inspec-compliance/api.rb +12 -10
  17. data/lib/bundles/inspec-init/templates/profile/controls/example.rb +0 -1
  18. data/lib/inspec.rb +0 -1
  19. data/lib/inspec/backend.rb +0 -1
  20. data/lib/inspec/cli.rb +1 -1
  21. data/lib/inspec/metadata.rb +1 -1
  22. data/lib/inspec/polyfill.rb +0 -1
  23. data/lib/inspec/profile.rb +1 -1
  24. data/lib/inspec/resource.rb +1 -1
  25. data/lib/inspec/rule.rb +0 -1
  26. data/lib/inspec/runner.rb +0 -1
  27. data/lib/inspec/version.rb +1 -1
  28. data/lib/matchers/matchers.rb +0 -1
  29. data/lib/resources/apache.rb +0 -1
  30. data/lib/resources/apache_conf.rb +0 -1
  31. data/lib/resources/audit_policy.rb +0 -1
  32. data/lib/resources/auditd_conf.rb +0 -1
  33. data/lib/resources/auditd_rules.rb +0 -1
  34. data/lib/resources/command.rb +0 -1
  35. data/lib/resources/directory.rb +7 -3
  36. data/lib/resources/docker.rb +30 -3
  37. data/lib/resources/etc_group.rb +0 -1
  38. data/lib/resources/file.rb +0 -1
  39. data/lib/resources/grub_conf.rb +0 -1
  40. data/lib/resources/inetd_conf.rb +0 -1
  41. data/lib/resources/kernel_module.rb +0 -1
  42. data/lib/resources/kernel_parameter.rb +0 -1
  43. data/lib/resources/limits_conf.rb +0 -1
  44. data/lib/resources/login_def.rb +0 -1
  45. data/lib/resources/mssql_session.rb +62 -14
  46. data/lib/resources/mysql.rb +0 -1
  47. data/lib/resources/mysql_conf.rb +0 -1
  48. data/lib/resources/mysql_session.rb +15 -6
  49. data/lib/resources/nginx_conf.rb +95 -0
  50. data/lib/resources/ntp_conf.rb +0 -1
  51. data/lib/resources/oracledb_session.rb +109 -12
  52. data/lib/resources/os_env.rb +0 -1
  53. data/lib/resources/package.rb +47 -3
  54. data/lib/resources/packages.rb +0 -1
  55. data/lib/resources/parse_config.rb +0 -1
  56. data/lib/resources/passwd.rb +0 -1
  57. data/lib/resources/postgres.rb +9 -5
  58. data/lib/resources/postgres_conf.rb +12 -3
  59. data/lib/resources/postgres_session.rb +0 -1
  60. data/lib/resources/powershell.rb +0 -1
  61. data/lib/resources/processes.rb +0 -1
  62. data/lib/resources/registry_key.rb +0 -1
  63. data/lib/resources/service.rb +1 -1
  64. data/lib/resources/ssh_conf.rb +0 -1
  65. data/lib/resources/ssl.rb +0 -1
  66. data/lib/utils/database_helpers.rb +77 -0
  67. data/lib/utils/filter_array.rb +0 -1
  68. data/lib/utils/find_files.rb +0 -1
  69. data/lib/utils/nginx_parser.rb +4 -2
  70. data/lib/utils/simpleconfig.rb +0 -1
  71. metadata +18 -2
data/lib/resources/postgres_session.rb CHANGED
@@ -3,7 +3,6 @@
3
3
  # author: Dominik Richter
4
4
  # author: Christoph Hartmann
5
5
  # author: Aaron Lippold
6
- # license: All rights reserved
7
6
 
8
7
  module Inspec::Resources
9
8
  class Lines
data/lib/resources/powershell.rb CHANGED
@@ -2,7 +2,6 @@
2
2
  # copyright: 2015, Vulcano Security GmbH
3
3
  # author: Christoph Hartmann
4
4
  # author: Dominik Richter
5
- # license: All rights reserved
6
5
 
7
6
  module Inspec::Resources
8
7
  class PowershellScript < Cmd
data/lib/resources/processes.rb CHANGED
@@ -2,7 +2,6 @@
2
2
  # copyright: 2015, Vulcano Security GmbH
3
3
  # author: Dominik Richter
4
4
  # author: Christoph Hartmann
5
- # license: All rights reserved
6
5
 
7
6
  require 'utils/filter'
8
7
 
data/lib/resources/registry_key.rb CHANGED
@@ -1,7 +1,6 @@
1
1
  # encoding: utf-8
2
2
  # copyright: 2015, Vulcano Security GmbH
3
3
  # author: Christoph Hartmann
4
- # license: All rights reserved
5
4
 
6
5
  require 'json'
7
6
 
data/lib/resources/service.rb CHANGED
@@ -2,7 +2,7 @@
2
2
  # author: Christoph Hartmann
3
3
  # author: Dominik Richter
4
4
  # author: Stephan Renatus
5
- # license: All rights reserved
5
+
6
6
  require 'hashie'
7
7
 
8
8
  module Inspec::Resources
data/lib/resources/ssh_conf.rb CHANGED
@@ -2,7 +2,6 @@
2
2
  # copyright: 2015, Vulcano Security GmbH
3
3
  # author: Dominik Richter
4
4
  # author: Christoph Hartmann
5
- # license: All rights reserved
6
5
 
7
6
  require 'utils/simpleconfig'
8
7
 
data/lib/resources/ssl.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  # encoding: utf-8
2
2
  # copyright: 2015, Chef Software Inc.
3
- # license: All rights reserved
4
3
  # author: Dominik Richter
5
4
  # author: Christoph Hartmann
6
5
 
data/lib/utils/database_helpers.rb ADDED
@@ -0,0 +1,77 @@
1
+ # encoding: utf-8
2
+ # author: Christoph Hartmann
3
+ # author: Dominik Richter
4
+
5
+ module DatabaseHelper
6
+ class SQLColumn
7
+ def initialize(row, name)
8
+ @row = row
9
+ @name = name
10
+ end
11
+
12
+ def value
13
+ @row[@name.downcase]
14
+ end
15
+
16
+ def to_s
17
+ 'SQL Column'
18
+ end
19
+ end
20
+
21
+ class SQLRow
22
+ def initialize(query, row)
23
+ @query = query
24
+ @row = row
25
+ end
26
+
27
+ def column(column)
28
+ SQLColumn.new(@row, column)
29
+ end
30
+
31
+ def to_s
32
+ 'SQL Row'
33
+ end
34
+ end
35
+
36
+ class SQLQueryResult
37
+ attr_reader :error
38
+ def initialize(cmd, results)
39
+ @cmd = cmd
40
+ @results = results
41
+ end
42
+
43
+ def empty?
44
+ @results.empty?
45
+ end
46
+
47
+ def successful?
48
+ @cmd.exit_status == 0 && @error.nil?
49
+ end
50
+
51
+ def row(id)
52
+ SQLRow.new(self, @results[id])
53
+ end
54
+
55
+ def size
56
+ @results.size
57
+ end
58
+
59
+ def stdout
60
+ warn '[DEPRECATION] The `stdout` method is deprecated. Use `row` instead.'
61
+ @cmd.stdout
62
+ end
63
+
64
+ def stderr
65
+ warn '[DEPRECATION] The `stderr` method is deprecated. Use `successful?` instead.'
66
+ @cmd.stderr
67
+ end
68
+
69
+ def inspect
70
+ to_s
71
+ end
72
+
73
+ def to_s
74
+ 'SQL ResultSet'
75
+ end
76
+ end
77
+ end
data/lib/utils/filter_array.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  # encoding: utf-8
2
2
  # copyright: 2015, Chef Software, Inc.
3
- # license: All rights reserved
4
3
  # author: Stephan Renatus
5
4
 
6
5
  class FilterArray
data/lib/utils/find_files.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  # encoding: utf-8
2
2
  # copyright: 2015, Vulcano Security GmbH
3
- # license: All rights reserved
4
3
  # author: Dominik Richter
5
4
  # author: Christoph Hartmann
6
5
 
data/lib/utils/nginx_parser.rb CHANGED
@@ -22,7 +22,7 @@ class NginxParser < Parslet::Parser
22
22
  }
23
23
 
24
24
  rule(:identifier) {
25
- (match('[a-zA-Z]') >> match('[a-zA-Z0-9_]').repeat).as(:identifier) >> space >> space.repeat
25
+ (match('[a-zA-Z]') >> match('\S').repeat).as(:identifier) >> space >> space.repeat
26
26
  }
27
27
 
28
28
  rule(:value) {
@@ -60,6 +60,8 @@ class NginxConfig
60
60
  tree = NginxTransform.new.apply(lex)
61
61
  gtree = NginxTransform::Group.new(nil, '', tree)
62
62
  read_nginx_group(gtree)
63
+ rescue Parslet::ParseFailed => err
64
+ raise "Failed to parse NginX config: #{err}"
63
65
  end
64
66
 
65
67
  def self.read_nginx_group(t)
@@ -67,7 +69,7 @@ class NginxConfig
67
69
  agg_conf['_'] = t.args unless t.args == ''
68
70
 
69
71
  groups, conf = t.body.partition { |i| i.is_a? NginxTransform::Group }
70
- conf.each { |x| agg_conf[x.key] += [x.vals.join(' ')] }
72
+ conf.each { |x| agg_conf[x.key] += [x.vals] }
71
73
  groups.each { |x| agg_conf[x.id] += [read_nginx_group(x)] }
72
74
  agg_conf
73
75
  end
data/lib/utils/simpleconfig.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  # encoding: utf-8
2
2
  # copyright: 2015, Dominik Richter
3
- # license: All rights reserved
4
3
  # author: Dominik Richter
5
4
  # author: Christoph Hartmann
6
5
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.29.0
4
+ version: 1.30.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-06-22 00:00:00.000000000 Z
11
+ date: 2017-06-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train
@@ -274,6 +274,20 @@ dependencies:
274
274
  - - ">="
275
275
  - !ruby/object:Gem::Version
276
276
  version: '0'
277
+ - !ruby/object:Gem::Dependency
278
+ name: htmlentities
279
+ requirement: !ruby/object:Gem::Requirement
280
+ requirements:
281
+ - - ">="
282
+ - !ruby/object:Gem::Version
283
+ version: '0'
284
+ type: :runtime
285
+ prerelease: false
286
+ version_requirements: !ruby/object:Gem::Requirement
287
+ requirements:
288
+ - - ">="
289
+ - !ruby/object:Gem::Version
290
+ version: '0'
277
291
  description: InSpec provides a framework for creating end-to-end infrastructure tests.
278
292
  You can use it for integration or even compliance testing. Create fully portable
279
293
  test profiles and use them in your workflow to ensure stability and security. Integrate
@@ -583,6 +597,7 @@ files:
583
597
  - lib/resources/mysql.rb
584
598
  - lib/resources/mysql_conf.rb
585
599
  - lib/resources/mysql_session.rb
600
+ - lib/resources/nginx_conf.rb
586
601
  - lib/resources/npm.rb
587
602
  - lib/resources/ntp_conf.rb
588
603
  - lib/resources/oneget.rb
@@ -625,6 +640,7 @@ files:
625
640
  - lib/source_readers/inspec.rb
626
641
  - lib/utils/command_wrapper.rb
627
642
  - lib/utils/convert.rb
643
+ - lib/utils/database_helpers.rb
628
644
  - lib/utils/erlang_parser.rb
629
645
  - lib/utils/filter.rb
630
646
  - lib/utils/filter_array.rb