inspec 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bc80c218f1945dc66bf6d693530077e66212968a
-  data.tar.gz: b54754846a031670396d5069a43f7434113e7fde
+  metadata.gz: ef0dc3a6c0cc982b6b612b46bcac69afd4a42ef0
+  data.tar.gz: 29537e78197748969056d139a34c50aef0f1db2a
 SHA512:
-  metadata.gz: 60442e056460a6c14ed1c7587b499f75f40f942f4064f43275ac11943ddb881968edcae4d5c49f49a37b551330d72aa89289438418e6cc24c5d992024365f102
-  data.tar.gz: fa8866e5fc94fc087908b6bd313d50295077b436757e70b49e1c4e7c1caed27c344908c548183f0c73096bb1c574b91bebcbd9d67d11b81cf235060ba7a29b66
+  metadata.gz: cc65160a882a9447c91069b4966edde3418a835d3fcb524867c67ce511df80ae4afd319f43e478c4af95999f0f0136c7bbb564ff07ed8731d7ad6b76e1974c0c
+  data.tar.gz: 37fa3f991ede6b6e69e80ee452fdd67de0be0666762f9b45b963da11e3a3e8a6d4e0706f63e3318cb5c77a89c46cd24db8582d01aaa0ea22ebce71f1537e7f8f

data/CHANGELOG.md

@@ -1,7 +1,32 @@
 # Change Log
 
-## [1.3.0](https://github.com/chef/inspec/tree/1.3.0) (2016-10-28)
-[Full Changelog](https://github.com/chef/inspec/compare/v1.2.1...1.3.0)
+## [1.4.0](https://github.com/chef/inspec/tree/1.4.0) (2016-11-04)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.3.0...1.4.0)
+
+**Fixed bugs:**
+
+- Windows Service State incorrectly interpretted for use in describe service.  [\#1269](https://github.com/chef/inspec/issues/1269)
+- /etc/passwd and /etc/shadow checks fail on CentOS [\#1264](https://github.com/chef/inspec/issues/1264)
+- Listing profiles on the Supermarket should return all profiles [\#1219](https://github.com/chef/inspec/issues/1219)
+
+**Closed issues:**
+
+- Add file integration tests for docker [\#1277](https://github.com/chef/inspec/issues/1277)
+- Solaris Sudo Not Always In /usr/bin/sudo [\#1265](https://github.com/chef/inspec/issues/1265)
+- Link to robert\_config.rb is broken on inspec.io [\#1226](https://github.com/chef/inspec/issues/1226)
+
+**Merged pull requests:**
+
+- activate file integration tests in docker [\#1278](https://github.com/chef/inspec/pull/1278) ([chris-rock](https://github.com/chris-rock))
+- Contain matcher maps to include matcher with warning [\#1276](https://github.com/chef/inspec/pull/1276) ([artem-sidorenko](https://github.com/artem-sidorenko))
+- Windows Service Check for service enabled state.  [\#1274](https://github.com/chef/inspec/pull/1274) ([hj70ft](https://github.com/hj70ft))
+- fix file permission check by mask [\#1273](https://github.com/chef/inspec/pull/1273) ([chris-rock](https://github.com/chris-rock))
+- fix \#1226 [\#1272](https://github.com/chef/inspec/pull/1272) ([chris-rock](https://github.com/chris-rock))
+- Enable the json resource to accept command output or JSON content [\#1271](https://github.com/chef/inspec/pull/1271) ([jerearista](https://github.com/jerearista))
+- Added tutorials for Days 8 & 9 [\#1263](https://github.com/chef/inspec/pull/1263) ([anniehedgpeth](https://github.com/anniehedgpeth))
+
+## [v1.3.0](https://github.com/chef/inspec/tree/v1.3.0) (2016-10-28)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.2.1...v1.3.0)
 
 **Implemented enhancements:**
 
@@ -56,7 +81,6 @@
 
 - Using "cmp" Against File Mode Fails [\#1188](https://github.com/chef/inspec/issues/1188)
 - Unexpected failures with kitchen-inspec and inspec 1.0.0 [\#1187](https://github.com/chef/inspec/issues/1187)
-- Rspec deprecation warnings added to test summary creating invalid json file [\#952](https://github.com/chef/inspec/issues/952)
 - update train to fix empty target URIs [\#1221](https://github.com/chef/inspec/pull/1221) ([arlimus](https://github.com/arlimus))
 
 **Closed issues:**

data/docs/dsl_resource.md

@@ -90,4 +90,4 @@ class GordonConfig < Inspec.resource(1)
 end
 ```
 
-For a full example, see our [example resource](../examples/profile/libraries/gordon_config.rb).
+For a full example, see our [example resource](https://github.com/chef/inspec/blob/master/examples/profile/libraries/gordon_config.rb).

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '1.3.0'.freeze
+  VERSION = '1.4.0'.freeze
 end

data/lib/matchers/matchers.rb

@@ -216,10 +216,11 @@ RSpec::Matchers.define :have_rule do |rule|
   end
 end
 
-# unsupported
-RSpec::Matchers.define :contain do |_rule|
-  match do |_resource|
-    fail "[UNSUPPORTED] `contain` matcher. Please use the following syntax `its('content') { should include('value') }`."
+# deprecated
+RSpec::Matchers.define :contain do |rule|
+  match do |resource|
+    warn "[DEPRECATION] `contain` matcher. Please use the following syntax `its('content') { should include('value') }`."
+    expect(resource).to include(rule)
   end
 end
 

data/lib/resources/file.rb

@@ -17,7 +17,7 @@ module Inspec::Resources
     end
   end
 
-  class FileResource < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
+  class FileResource < Inspec.resource(1)
     include FilePermissionsSelector
     include MountParser
 
@@ -127,22 +127,35 @@ module Inspec::Resources
 
     private
 
-    def file_permission_granted?(access, by_usergroup, by_specific_user)
+    def file_permission_granted?(access_type, by_usergroup, by_specific_user)
       fail '`file_permission_granted?` is not supported on your OS' if @perms_provider.nil?
       if by_specific_user.nil? || by_specific_user.empty?
-        fail '`check_file_permission_by_mask` is not supported on your OS' unless inspec.os.unix?
-        usergroup = usergroup_for(by_usergroup, by_specific_user)
-        check_file_permission_by_mask(usergroup, access)
+        @perms_provider.check_file_permission_by_mask(file, access_type, by_usergroup, by_specific_user)
       else
-        @perms_provider.check_file_permission_by_user(by_specific_user, access, source_path)
+        @perms_provider.check_file_permission_by_user(access_type, by_specific_user, source_path)
       end
     end
+  end
 
-    def check_file_permission_by_mask(usergroup, flag)
-      mask = file.unix_mode_mask(usergroup, flag)
-      fail 'Invalid usergroup/owner provided' if mask.nil?
+  class FilePermissions
+    attr_reader :inspec
+    def initialize(inspec)
+      @inspec = inspec
+    end
+  end
 
-      (file.mode & mask) != 0
+  class UnixFilePermissions < FilePermissions
+    def permission_flag(access_type)
+      case access_type
+      when 'read'
+        'r'
+      when 'write'
+        'w'
+      when 'execute'
+        'x'
+      else
+        fail 'Invalid access_type provided'
+      end
     end
 
     def usergroup_for(usergroup, specific_user)
@@ -154,27 +167,17 @@ module Inspec::Resources
         usergroup
       end
     end
-  end
 
-  class FilePermissions
-    attr_reader :inspec
-    def initialize(inspec)
-      @inspec = inspec
+    def check_file_permission_by_mask(file, access_type, usergroup, specific_user)
+      usergroup = usergroup_for(usergroup, specific_user)
+      flag = permission_flag(access_type)
+      mask = file.unix_mode_mask(usergroup, flag)
+      fail 'Invalid usergroup/owner provided' if mask.nil?
+      (file.mode & mask) != 0
     end
-  end
 
-  class UnixFilePermissions < FilePermissions
-    def check_file_permission_by_user(user, access_type, path)
-      flag = case access_type
-             when 'read'
-               'r'
-             when 'write'
-               'w'
-             when 'execute'
-               'x'
-             else
-               fail 'Invalid access_type provided'
-             end
+    def check_file_permission_by_user(access_type, user, path)
+      flag = permission_flag(access_type)
       if inspec.os.linux?
         perm_cmd = "su -s /bin/sh -c \"test -#{flag} #{path}\" #{user}"
       elsif inspec.os.bsd? || inspec.os.solaris?
@@ -193,7 +196,11 @@ module Inspec::Resources
   end
 
   class WindowsFilePermissions < FilePermissions
-    def check_file_permission_by_user(user, access_type, path)
+    def check_file_permission_by_mask(_file, _access_type, _usergroup, _specific_user)
+      fail '`check_file_permission_by_mask` is not supported on Windows'
+    end
+
+    def check_file_permission_by_user(access_type, user, path)
       access_rule = case access_type
                     when 'read'
                       '@(\'FullControl\', \'Modify\', \'ReadAndExecute\', \'Read\', \'ListDirectory\')'

data/lib/resources/json.rb

@@ -12,6 +12,15 @@ module Inspec::Resources
       describe json('policyfile.lock.json') do
         its(['cookbook_locks','omnibus','version']) { should eq('2.2.0') }
       end
+
+      describe json({ command: 'retrieve_data.py --json' }) do
+        its('state') { should eq('open') }
+      end
+
+      describe json({ content: '{\"item1\": { \"status\": \"available\" } }' }) do
+        its(['item1', 'status']) { should cmp 'available' }
+      end
+
     "
 
     include ObjectTraverser
@@ -19,21 +28,31 @@ module Inspec::Resources
     # make params readable
     attr_reader :params
 
-    def initialize(path)
-      @path = path
-      @file = inspec.file(@path)
-      @file_content = @file.content
+    def initialize(opts)
+      @opts = opts
+      if opts.is_a?(Hash)
+        if opts.key?(:content)
+          @file_content = opts[:content]
+        elsif opts.key?(:command)
+          @command = inspec.command(opts[:command])
+          @file_content = @command.stdout
+        end
+      else
+        @path = opts
+        @file = inspec.file(@opts)
+        @file_content = @file.content
 
-      # check if file is available
-      if !@file.file?
-        skip_resource "Can't find file \"#{@conf_path}\""
-        return @params = {}
-      end
+        # check if file is available
+        if !@file.file?
+          skip_resource "Can't find file \"#{@conf_path}\""
+          return @params = {}
+        end
 
-      # check if file is readable
-      if @file_content.empty? && @file.size > 0
-        skip_resource "Can't read file \"#{@conf_path}\""
-        return @params = {}
+        # check if file is readable
+        if @file_content.empty? && @file.size > 0
+          skip_resource "Can't read file \"#{@conf_path}\""
+          return @params = {}
+        end
       end
 
       @params = parse(@file_content)
@@ -61,7 +80,11 @@ module Inspec::Resources
     end
 
     def to_s
-      "Json #{@path}"
+      if @opts.is_a?(Hash) && @opts.key?(:content)
+        'Json content'
+      else
+        "Json #{@path}"
+      end
     end
   end
 end

data/lib/resources/service.rb

@@ -613,7 +613,8 @@ module Inspec::Resources
     def service_enabled?(service)
       !service['WMI'].nil? &&
         !service['WMI']['StartMode'].nil? &&
-        service['WMI']['StartMode'] == 'Auto'
+        (service['WMI']['StartMode'] == 'Auto' ||
+        service['WMI']['StartMode'] == 'Manual')
     end
 
     # detect if service is running

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-10-28 00:00:00.000000000 Z
+date: 2016-11-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train