inspec 1.51.0 → 1.51.6

data/docs/resources/service.md.erb

@@ -99,7 +99,7 @@ This is also possible with `systemd_service`, `runit_service`, `sysv_service`, `
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/docs/resources/shadow.md.erb

@@ -78,7 +78,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### count
 

data/docs/resources/ssh_config.md.erb

@@ -66,7 +66,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### name
 

data/docs/resources/sshd_config.md.erb

@@ -69,7 +69,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### name
 

data/docs/resources/ssl.md.erb

@@ -85,7 +85,7 @@ Or execute the profile directly via URL:
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/docs/resources/sys_info.md.erb

@@ -32,7 +32,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### hostname
 

data/docs/resources/systemd_service.md.erb

@@ -35,7 +35,7 @@ The path to the service manager's control may be specified for situations where
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/docs/resources/sysv_service.md.erb

@@ -35,7 +35,7 @@ The path to the service manager's control may be specified for situations where
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/docs/resources/upstart_service.md.erb

@@ -35,7 +35,7 @@ The path to the service manager's control may be specified for situations where
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/docs/resources/user.md.erb

@@ -64,7 +64,7 @@ The `nginx` user is typically `www-data`, but on CentOS it's `nginx`. The follow
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### exist
 

data/docs/resources/users.md.erb

@@ -51,7 +51,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### exist
 

data/docs/resources/windows_feature.md.erb

@@ -37,7 +37,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_installed
 

data/docs/resources/windows_hotfix.md.erb

@@ -43,7 +43,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_installed
 

data/docs/resources/xinetd_conf.md.erb

@@ -90,7 +90,7 @@ All three settings can be tested in the same block as well:
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabed
 

data/docs/resources/xml.md.erb

@@ -75,7 +75,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### name
 

data/docs/resources/yaml.md.erb

@@ -59,7 +59,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### name
 

data/docs/resources/yum.md.erb

@@ -60,7 +60,7 @@ The following examples show how to use this InSpec audit resource.
 
 ## Matchers
 
-This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/). 
 
 ### be_enabled
 

data/lib/inspec.rb

@@ -9,11 +9,12 @@ $LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
 require 'inspec/version'
 require 'inspec/exceptions'
 require 'inspec/profile'
-require 'inspec/rspec_json_formatter'
 require 'inspec/rule'
 require 'matchers/matchers'
 require 'inspec/runner'
 require 'inspec/shell'
+require 'inspec/formatters'
+require 'inspec/reporters'
 
 # all utils that may be required by plugins
 require 'inspec/base_cli'

data/lib/inspec/base_cli.rb

@@ -58,7 +58,10 @@ module Inspec
       option :controls, type: :array,
         desc: 'A list of controls to run. Ignore all other tests.'
       option :format, type: :string,
-        desc: 'Which formatter to use: cli, progress, documentation, json, json-min, junit'
+        desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
+      option :reporter, type: :array,
+        banner: 'one two:/output/file/path',
+        desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'
       option :color, type: :boolean,
         desc: 'Use colors in output.'
       option :attrs, type: :array,
@@ -71,36 +74,105 @@ module Inspec
         desc: 'Write out a lockfile based on this execution (unless one already exists)'
       option :backend_cache, type: :boolean,
         desc: 'Allow caching for backend command output.'
+      option :show_progress, type: :boolean,
+        desc: 'Show progress while executing tests.'
     end
 
     def self.default_options
       {
         exec: {
+          'reporter' => ['cli'],
+          'show_progress' => false,
           'color' => true,
           'create_lockfile' => true,
           'backend_cache' => false,
         },
+        shell: {
+          'reporter' => ['cli'],
+        },
       }
     end
 
-    private
+    def self.parse_reporters(opts)
+      # merge in any legacy formats as reporter
+      # this method will only be used for ad-hoc runners
+      if !opts['format'].nil? && opts['reporter'].nil?
+        warn '[DEPRECATED] The option --format is being is being deprecated and will be removed in inspec 3.0. Please use --reporter'
+        opts['reporter'] = Array(opts['format'])
+        opts.delete('format')
+      end
 
-    # helper method to run tests
-    def run_tests(targets, opts)
-      o = opts.dup
-      log_device = opts['format'] == 'json' ? nil : STDOUT
-      o[:logger] = Logger.new(log_device)
-      o[:logger].level = get_log_level(o.log_level)
+      # parse out cli to proper report format
+      if opts['reporter'].is_a?(Array)
+        reports = {}
+        opts['reporter'].each do |report|
+          reporter_name, target = report.split(':')
+          if target.nil? || target.strip == '-'
+            reports[reporter_name] = { 'stdout' => true }
+          else
+            reports[reporter_name] = {
+              'file' => target,
+              'stdout' => false,
+            }
+          end
+        end
+        opts['reporter'] = reports
+      end
 
-      runner = Inspec::Runner.new(o)
-      targets.each { |target| runner.add_target(target) }
-      exit runner.run
-    rescue ArgumentError, RuntimeError, Train::UserError => e
-      $stderr.puts e.message
-      exit 1
+      # add in stdout if not specified
+      if opts['reporter'].is_a?(Hash)
+        opts['reporter'].each do |reporter_name, config|
+          opts['reporter'][reporter_name] = {} if config.nil?
+          opts['reporter'][reporter_name]['stdout'] = true if opts['reporter'][reporter_name].empty?
+        end
+      end
+
+      validate_reporters(opts['reporter'])
+      opts
+    end
+
+    def self.validate_reporters(reporters)
+      return if reporters.nil?
+
+      valid_types = [
+        'json',
+        'json-min',
+        'json-rspec',
+        'cli',
+        'junit',
+        'html',
+        'documentation',
+        'progress',
+      ]
+
+      reporters.each do |k, _v|
+        raise NotImplementedError, "'#{k}' is not a valid reporter type." unless valid_types.include?(k)
+      end
+
+      # check to make sure we are only reporting one type to stdout
+      stdout = 0
+      reporters.each_value do |v|
+        stdout += 1 if v['stdout'] == true
+      end
+
+      raise ArgumentError, 'The option --reporter can only have a single report outputting to stdout.' if stdout > 1
     end
 
-    def diagnose
+    private
+
+    def suppress_log_output?(opts)
+      return false if opts['reporter'].nil?
+      match = %w{json json-min json-rspec junit html} & opts['reporter'].keys
+      unless match.empty?
+        match.each do |m|
+          # check to see if we are outputting to stdout
+          return true if opts['reporter'][m]['stdout'] == true
+        end
+      end
+      false
+    end
+
+    def diagnose(opts)
       return unless opts['diagnose']
       puts "InSpec version: #{Inspec::VERSION}"
       puts "Train version: #{Train::VERSION}"
@@ -132,15 +204,23 @@ module Inspec
 
     def merged_opts(type = nil)
       opts = {}
+      opts[:type] = type unless type.nil?
 
       # start with default options if we have any
-      opts = BaseCLI.default_options[type] unless type.nil?
+      opts = BaseCLI.default_options[type] unless type.nil? || BaseCLI.default_options[type].nil?
 
       # merge in any options from json-config
       opts.merge!(options_json)
 
+      # remove the default reporter if we are setting a legacy format on the cli
+      opts.delete('reporter') if options['format']
+
       # merge in any options defined via thor
       opts.merge!(options)
+
+      # parse reporter options
+      opts = BaseCLI.parse_reporters(opts) if %i(exec shell).include?(type)
+
       Thor::CoreExt::HashWithIndifferentAccess.new(opts)
     end
 
@@ -210,7 +290,7 @@ module Inspec
       #
       loc = if o.log_location
               o.log_location
-            elsif %w{json json-min}.include?(o['format'])
+            elsif suppress_log_output?(o)
               STDERR
             else
               STDOUT
@@ -221,7 +301,7 @@ module Inspec
 
       o[:logger] = Logger.new(STDOUT)
       # output json if we have activated the json formatter
-      if opts['log-format'] == 'json'
+      if o['log-format'] == 'json'
         o[:logger].formatter = Logger::JSONFormatter.new
       end
       o[:logger].level = get_log_level(o.log_level)

data/lib/inspec/cli.rb

@@ -32,16 +32,22 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     desc: 'A list of controls to include. Ignore all other tests.'
   profile_options
   def json(target)
-    diagnose
     o = opts.dup
+    diagnose(o)
     o[:ignore_supports] = true
     o[:backend] = Inspec::Backend.create(target: 'mock://')
     o[:check_mode] = true
 
     profile = Inspec::Profile.for_target(target, o)
+    info = profile.info
+    # add in inspec version
+    info[:generator] = {
+      name: 'inspec',
+      version: Inspec::VERSION,
+    }
     dst = o[:output].to_s
     if dst.empty?
-      puts JSON.dump(profile.info)
+      puts JSON.dump(info)
     else
       if File.exist? dst
         puts "----> updating #{dst}"
@@ -49,7 +55,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
         puts "----> creating #{dst}"
       end
       fdst = File.expand_path(dst)
-      File.write(fdst, JSON.dump(profile.info))
+      File.write(fdst, JSON.dump(info))
     end
   rescue StandardError => e
     pretty_handle_exception(e)
@@ -59,8 +65,8 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   option :format, type: :string
   profile_options
   def check(path) # rubocop:disable Metrics/AbcSize
-    diagnose
     o = opts.dup
+    diagnose(o)
     o[:ignore_supports] = true # we check for integrity only
     o[:backend] = Inspec::Backend.create(target: 'mock://')
     o[:check_mode] = true
@@ -69,7 +75,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     profile = Inspec::Profile.for_target(path, o)
     result = profile.check
 
-    if opts['format'] == 'json'
+    if o['format'] == 'json'
       puts JSON.generate(result)
     else
       %w{location profile controls timestamp valid}.each do |item|
@@ -128,9 +134,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   option :ignore_errors, type: :boolean, default: false,
     desc: 'Ignore profile warnings.'
   def archive(path)
-    diagnose
-
     o = opts.dup
+    diagnose(o)
+
     o[:logger] = Logger.new(STDOUT)
     o[:logger].level = get_log_level(o.log_level)
     o[:backend] = Inspec::Backend.create(target: 'mock://')
@@ -138,13 +144,13 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     profile = Inspec::Profile.for_target(path, o)
     result = profile.check
 
-    if result && !opts[:ignore_errors] == false
+    if result && !o[:ignore_errors] == false
       o[:logger].info 'Profile check failed. Please fix the profile before generating an archive.'
       return exit 1
     end
 
     # generate archive
-    exit 1 unless profile.archive(opts)
+    exit 1 unless profile.archive(o)
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -152,19 +158,23 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   desc 'exec PATHS', 'run all test files at the specified PATH.'
   exec_options
   def exec(*targets)
-    diagnose
     o = opts(:exec).dup
+    diagnose(o)
     configure_logger(o)
 
-    # check for deprecated --cache
     # TODO: REMOVE for inspec 2.0
     if o.key?('cache')
       o[:vendor_cache] = o[:cache]
       o[:logger].warn '[DEPRECATED] The use of `--cache` is being deprecated in InSpec 2.0. Please use `--vendor-cache` instead.'
     end
 
-    # run tests
-    run_tests(targets, o)
+    runner = Inspec::Runner.new(o)
+    targets.each { |target| runner.add_target(target) }
+
+    exit runner.run
+  rescue ArgumentError, RuntimeError, Train::UserError => e
+    $stderr.puts e.message
+    exit 1
   rescue StandardError => e
     pretty_handle_exception(e)
   end
@@ -173,10 +183,10 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   target_options
   option :format, type: :string
   def detect
-    o = opts.dup
+    o = opts(:detect).dup
     o[:command] = 'os.params'
     (_, res) = run_command(o)
-    if opts['format'] == 'json'
+    if o['format'] == 'json'
       puts res.to_json
     else
       headline('Operating System Details')
@@ -194,16 +204,18 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   option :command, aliases: :c,
     desc: 'A single command string to run instead of launching the shell'
   option :format, type: :string, default: nil, hide: true,
-    desc: 'Which formatter to use: cli, documentation, html, json, json-min, junit, progress'
+    desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
+  option :reporter, type: :array,
+    banner: 'one two:/output/file/path',
+    desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'
   option :depends, type: :array, default: [],
     desc: 'A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell'
   def shell_func
-    diagnose
-    o = opts.dup
+    o = opts(:shell).dup
+    diagnose(o)
     o[:debug_shell] = true
 
-    json_output = ['json', 'json-min'].include?(opts['format'])
-    log_device = json_output ? nil : STDOUT
+    log_device = suppress_log_output?(o) ? nil : STDOUT
     o[:logger] = Logger.new(log_device)
     o[:logger].level = get_log_level(o.log_level)
 
@@ -216,7 +228,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     exit res unless run_type == :ruby_eval
 
     # No InSpec tests - just print evaluation output.
-    res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if json_output
+    res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if o['reporter']&.keys&.include?('json')
     puts res
     exit 0
   rescue RuntimeError, Train::UserError => e