inspec 1.29.0 → 1.30.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +19 -0
- data/bin/inspec +1 -1
- data/docs/profiles.md +14 -5
- data/docs/resources/iptables.md.erb +12 -5
- data/docs/resources/mssql_session.md.erb +11 -28
- data/docs/resources/mysql_session.md.erb +12 -0
- data/docs/resources/oracledb_session.md.erb +10 -28
- data/docs/resources/package.md.erb +6 -0
- data/docs/resources/postgres_conf.md.erb +2 -0
- data/examples/inheritance/controls/example.rb +0 -1
- data/examples/meta-profile/controls/example.rb +0 -1
- data/examples/profile/controls/example.rb +0 -1
- data/examples/profile/controls/gordon.rb +0 -1
- data/inspec.gemspec +1 -0
- data/lib/bundles/inspec-compliance/api.rb +12 -10
- data/lib/bundles/inspec-init/templates/profile/controls/example.rb +0 -1
- data/lib/inspec.rb +0 -1
- data/lib/inspec/backend.rb +0 -1
- data/lib/inspec/cli.rb +1 -1
- data/lib/inspec/metadata.rb +1 -1
- data/lib/inspec/polyfill.rb +0 -1
- data/lib/inspec/profile.rb +1 -1
- data/lib/inspec/resource.rb +1 -1
- data/lib/inspec/rule.rb +0 -1
- data/lib/inspec/runner.rb +0 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +0 -1
- data/lib/resources/apache.rb +0 -1
- data/lib/resources/apache_conf.rb +0 -1
- data/lib/resources/audit_policy.rb +0 -1
- data/lib/resources/auditd_conf.rb +0 -1
- data/lib/resources/auditd_rules.rb +0 -1
- data/lib/resources/command.rb +0 -1
- data/lib/resources/directory.rb +7 -3
- data/lib/resources/docker.rb +30 -3
- data/lib/resources/etc_group.rb +0 -1
- data/lib/resources/file.rb +0 -1
- data/lib/resources/grub_conf.rb +0 -1
- data/lib/resources/inetd_conf.rb +0 -1
- data/lib/resources/kernel_module.rb +0 -1
- data/lib/resources/kernel_parameter.rb +0 -1
- data/lib/resources/limits_conf.rb +0 -1
- data/lib/resources/login_def.rb +0 -1
- data/lib/resources/mssql_session.rb +62 -14
- data/lib/resources/mysql.rb +0 -1
- data/lib/resources/mysql_conf.rb +0 -1
- data/lib/resources/mysql_session.rb +15 -6
- data/lib/resources/nginx_conf.rb +95 -0
- data/lib/resources/ntp_conf.rb +0 -1
- data/lib/resources/oracledb_session.rb +109 -12
- data/lib/resources/os_env.rb +0 -1
- data/lib/resources/package.rb +47 -3
- data/lib/resources/packages.rb +0 -1
- data/lib/resources/parse_config.rb +0 -1
- data/lib/resources/passwd.rb +0 -1
- data/lib/resources/postgres.rb +9 -5
- data/lib/resources/postgres_conf.rb +12 -3
- data/lib/resources/postgres_session.rb +0 -1
- data/lib/resources/powershell.rb +0 -1
- data/lib/resources/processes.rb +0 -1
- data/lib/resources/registry_key.rb +0 -1
- data/lib/resources/service.rb +1 -1
- data/lib/resources/ssh_conf.rb +0 -1
- data/lib/resources/ssl.rb +0 -1
- data/lib/utils/database_helpers.rb +77 -0
- data/lib/utils/filter_array.rb +0 -1
- data/lib/utils/find_files.rb +0 -1
- data/lib/utils/nginx_parser.rb +4 -2
- data/lib/utils/simpleconfig.rb +0 -1
- metadata +18 -2
data/lib/resources/powershell.rb
CHANGED
data/lib/resources/processes.rb
CHANGED
data/lib/resources/service.rb
CHANGED
data/lib/resources/ssh_conf.rb
CHANGED
data/lib/resources/ssl.rb
CHANGED
@@ -0,0 +1,77 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
# author: Christoph Hartmann
|
3
|
+
# author: Dominik Richter
|
4
|
+
|
5
|
+
module DatabaseHelper
|
6
|
+
class SQLColumn
|
7
|
+
def initialize(row, name)
|
8
|
+
@row = row
|
9
|
+
@name = name
|
10
|
+
end
|
11
|
+
|
12
|
+
def value
|
13
|
+
@row[@name.downcase]
|
14
|
+
end
|
15
|
+
|
16
|
+
def to_s
|
17
|
+
'SQL Column'
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
class SQLRow
|
22
|
+
def initialize(query, row)
|
23
|
+
@query = query
|
24
|
+
@row = row
|
25
|
+
end
|
26
|
+
|
27
|
+
def column(column)
|
28
|
+
SQLColumn.new(@row, column)
|
29
|
+
end
|
30
|
+
|
31
|
+
def to_s
|
32
|
+
'SQL Row'
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
class SQLQueryResult
|
37
|
+
attr_reader :error
|
38
|
+
def initialize(cmd, results)
|
39
|
+
@cmd = cmd
|
40
|
+
@results = results
|
41
|
+
end
|
42
|
+
|
43
|
+
def empty?
|
44
|
+
@results.empty?
|
45
|
+
end
|
46
|
+
|
47
|
+
def successful?
|
48
|
+
@cmd.exit_status == 0 && @error.nil?
|
49
|
+
end
|
50
|
+
|
51
|
+
def row(id)
|
52
|
+
SQLRow.new(self, @results[id])
|
53
|
+
end
|
54
|
+
|
55
|
+
def size
|
56
|
+
@results.size
|
57
|
+
end
|
58
|
+
|
59
|
+
def stdout
|
60
|
+
warn '[DEPRECATION] The `stdout` method is deprecated. Use `row` instead.'
|
61
|
+
@cmd.stdout
|
62
|
+
end
|
63
|
+
|
64
|
+
def stderr
|
65
|
+
warn '[DEPRECATION] The `stderr` method is deprecated. Use `successful?` instead.'
|
66
|
+
@cmd.stderr
|
67
|
+
end
|
68
|
+
|
69
|
+
def inspect
|
70
|
+
to_s
|
71
|
+
end
|
72
|
+
|
73
|
+
def to_s
|
74
|
+
'SQL ResultSet'
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
data/lib/utils/filter_array.rb
CHANGED
data/lib/utils/find_files.rb
CHANGED
data/lib/utils/nginx_parser.rb
CHANGED
@@ -22,7 +22,7 @@ class NginxParser < Parslet::Parser
|
|
22
22
|
}
|
23
23
|
|
24
24
|
rule(:identifier) {
|
25
|
-
(match('[a-zA-Z]') >> match('
|
25
|
+
(match('[a-zA-Z]') >> match('\S').repeat).as(:identifier) >> space >> space.repeat
|
26
26
|
}
|
27
27
|
|
28
28
|
rule(:value) {
|
@@ -60,6 +60,8 @@ class NginxConfig
|
|
60
60
|
tree = NginxTransform.new.apply(lex)
|
61
61
|
gtree = NginxTransform::Group.new(nil, '', tree)
|
62
62
|
read_nginx_group(gtree)
|
63
|
+
rescue Parslet::ParseFailed => err
|
64
|
+
raise "Failed to parse NginX config: #{err}"
|
63
65
|
end
|
64
66
|
|
65
67
|
def self.read_nginx_group(t)
|
@@ -67,7 +69,7 @@ class NginxConfig
|
|
67
69
|
agg_conf['_'] = t.args unless t.args == ''
|
68
70
|
|
69
71
|
groups, conf = t.body.partition { |i| i.is_a? NginxTransform::Group }
|
70
|
-
conf.each { |x| agg_conf[x.key] += [x.vals
|
72
|
+
conf.each { |x| agg_conf[x.key] += [x.vals] }
|
71
73
|
groups.each { |x| agg_conf[x.id] += [read_nginx_group(x)] }
|
72
74
|
agg_conf
|
73
75
|
end
|
data/lib/utils/simpleconfig.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.30.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-06-
|
11
|
+
date: 2017-06-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train
|
@@ -274,6 +274,20 @@ dependencies:
|
|
274
274
|
- - ">="
|
275
275
|
- !ruby/object:Gem::Version
|
276
276
|
version: '0'
|
277
|
+
- !ruby/object:Gem::Dependency
|
278
|
+
name: htmlentities
|
279
|
+
requirement: !ruby/object:Gem::Requirement
|
280
|
+
requirements:
|
281
|
+
- - ">="
|
282
|
+
- !ruby/object:Gem::Version
|
283
|
+
version: '0'
|
284
|
+
type: :runtime
|
285
|
+
prerelease: false
|
286
|
+
version_requirements: !ruby/object:Gem::Requirement
|
287
|
+
requirements:
|
288
|
+
- - ">="
|
289
|
+
- !ruby/object:Gem::Version
|
290
|
+
version: '0'
|
277
291
|
description: InSpec provides a framework for creating end-to-end infrastructure tests.
|
278
292
|
You can use it for integration or even compliance testing. Create fully portable
|
279
293
|
test profiles and use them in your workflow to ensure stability and security. Integrate
|
@@ -583,6 +597,7 @@ files:
|
|
583
597
|
- lib/resources/mysql.rb
|
584
598
|
- lib/resources/mysql_conf.rb
|
585
599
|
- lib/resources/mysql_session.rb
|
600
|
+
- lib/resources/nginx_conf.rb
|
586
601
|
- lib/resources/npm.rb
|
587
602
|
- lib/resources/ntp_conf.rb
|
588
603
|
- lib/resources/oneget.rb
|
@@ -625,6 +640,7 @@ files:
|
|
625
640
|
- lib/source_readers/inspec.rb
|
626
641
|
- lib/utils/command_wrapper.rb
|
627
642
|
- lib/utils/convert.rb
|
643
|
+
- lib/utils/database_helpers.rb
|
628
644
|
- lib/utils/erlang_parser.rb
|
629
645
|
- lib/utils/filter.rb
|
630
646
|
- lib/utils/filter_array.rb
|