inspec 2.0.32 → 2.0.45

data/lib/bundles/inspec-supermarket/api.rb

@@ -1,84 +1,84 @@
-# encoding: utf-8
-# frozen_string_literal: true
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'net/http'
-require 'addressable/uri'
-
-module Supermarket
-  class API
-    SUPERMARKET_URL = 'https://supermarket.chef.io'
-
-    # displays a list of profiles
-    def self.profiles(supermarket_url = SUPERMARKET_URL)
-      url = "#{supermarket_url}/api/v1/tools-search"
-      _success, data = get(url, { type: 'compliance_profile', items: 100 })
-      if !data.nil?
-        profiles = JSON.parse(data)
-        profiles['items'].map { |x|
-          m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x['tool'])
-          x['slug'] = m[:slug]
-          x
-        }
-      else
-        []
-      end
-    end
-
-    def self.profile_name(profile)
-      # We use Addressable::URI here because URI has a bug in Ruby 2.1.x where it doesn't allow underscore in host
-      uri = Addressable::URI.parse profile
-      [uri.host, uri.path[1..-1]]
-    rescue
-      nil
-    end
-
-    # displays profile infos
-    def self.info(profile, supermarket_url = SUPERMARKET_URL)
-      _tool_owner, tool_name = profile_name("supermarket://#{profile}")
-      return if tool_name.nil? || tool_name.empty?
-      url = "#{supermarket_url}/api/v1/tools/#{tool_name}"
-      _success, data = get(url, {})
-      JSON.parse(data) if !data.nil?
-    rescue JSON::ParserError
-      nil
-    end
-
-    # compares a profile with the supermarket tool info
-    def self.same?(profile, supermarket_tool, supermarket_url = SUPERMARKET_URL)
-      tool_owner, tool_name = profile_name(profile)
-      tool = "#{supermarket_url}/api/v1/tools/#{tool_name}"
-      supermarket_tool['tool_owner'] == tool_owner && supermarket_tool['tool'] == tool
-    end
-
-    def self.find(profile, supermarket_url = SUPERMARKET_URL)
-      profiles = Supermarket::API.profiles(supermarket_url)
-      return if profiles.empty?
-
-      index = profiles.index { |t| same?(profile, t, supermarket_url) }
-      # return profile or nil
-      profiles[index] if !index.nil? && index >= 0
-    end
-
-    # verifies that a profile exists
-    def self.exist?(profile, supermarket_url = SUPERMARKET_URL)
-      !find(profile, supermarket_url).nil?
-    end
-
-    def self.get(url, params)
-      uri = URI.parse(url)
-      uri.query = URI.encode_www_form(params)
-      req = Net::HTTP::Get.new(uri)
-      send_request(uri, req)
-    end
-
-    def self.send_request(uri, req)
-      # send request
-      res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
-        http.request(req)
-      end
-      [res.is_a?(Net::HTTPSuccess), res.body]
-    end
-  end
-end
+# encoding: utf-8
+# frozen_string_literal: true
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'net/http'
+require 'addressable/uri'
+
+module Supermarket
+  class API
+    SUPERMARKET_URL = 'https://supermarket.chef.io'
+
+    # displays a list of profiles
+    def self.profiles(supermarket_url = SUPERMARKET_URL)
+      url = "#{supermarket_url}/api/v1/tools-search"
+      _success, data = get(url, { type: 'compliance_profile', items: 100 })
+      if !data.nil?
+        profiles = JSON.parse(data)
+        profiles['items'].map { |x|
+          m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x['tool'])
+          x['slug'] = m[:slug]
+          x
+        }
+      else
+        []
+      end
+    end
+
+    def self.profile_name(profile)
+      # We use Addressable::URI here because URI has a bug in Ruby 2.1.x where it doesn't allow underscore in host
+      uri = Addressable::URI.parse profile
+      [uri.host, uri.path[1..-1]]
+    rescue
+      nil
+    end
+
+    # displays profile infos
+    def self.info(profile, supermarket_url = SUPERMARKET_URL)
+      _tool_owner, tool_name = profile_name("supermarket://#{profile}")
+      return if tool_name.nil? || tool_name.empty?
+      url = "#{supermarket_url}/api/v1/tools/#{tool_name}"
+      _success, data = get(url, {})
+      JSON.parse(data) if !data.nil?
+    rescue JSON::ParserError
+      nil
+    end
+
+    # compares a profile with the supermarket tool info
+    def self.same?(profile, supermarket_tool, supermarket_url = SUPERMARKET_URL)
+      tool_owner, tool_name = profile_name(profile)
+      tool = "#{supermarket_url}/api/v1/tools/#{tool_name}"
+      supermarket_tool['tool_owner'] == tool_owner && supermarket_tool['tool'] == tool
+    end
+
+    def self.find(profile, supermarket_url = SUPERMARKET_URL)
+      profiles = Supermarket::API.profiles(supermarket_url)
+      return if profiles.empty?
+
+      index = profiles.index { |t| same?(profile, t, supermarket_url) }
+      # return profile or nil
+      profiles[index] if !index.nil? && index >= 0
+    end
+
+    # verifies that a profile exists
+    def self.exist?(profile, supermarket_url = SUPERMARKET_URL)
+      !find(profile, supermarket_url).nil?
+    end
+
+    def self.get(url, params)
+      uri = URI.parse(url)
+      uri.query = URI.encode_www_form(params)
+      req = Net::HTTP::Get.new(uri)
+      send_request(uri, req)
+    end
+
+    def self.send_request(uri, req)
+      # send request
+      res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
+        http.request(req)
+      end
+      [res.is_a?(Net::HTTPSuccess), res.body]
+    end
+  end
+end

data/lib/bundles/inspec-supermarket/cli.rb

@@ -1,73 +1,73 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-module Supermarket
-  class SupermarketCLI < Inspec::BaseCLI
-    namespace 'supermarket'
-
-    # TODO: find another solution, once https://github.com/erikhuda/thor/issues/261 is fixed
-    def self.banner(command, _namespace = nil, _subcommand = false)
-      "#{basename} #{subcommand_prefix} #{command.usage}"
-    end
-
-    def self.subcommand_prefix
-      namespace
-    end
-
-    desc 'profiles', 'list all available profiles in Chef Supermarket'
-    def profiles
-      # display profiles in format user/profile
-      supermarket_profiles = Supermarket::API.profiles
-
-      headline('Available profiles:')
-      supermarket_profiles.each { |p|
-        li("#{p['tool_name']} #{mark_text(p['tool_owner'] + '/' + p['slug'])}")
-      }
-    end
-
-    desc 'exec PROFILE', 'execute a Supermarket profile'
-    exec_options
-    def exec(*tests)
-      o = opts(:exec).dup
-      diagnose(o)
-      configure_logger(o)
-
-      # iterate over tests and add compliance scheme
-      tests = tests.map { |t| 'supermarket://' + t }
-
-      runner = Inspec::Runner.new(o)
-      tests.each { |target| runner.add_target(target) }
-
-      exit runner.run
-    rescue ArgumentError, RuntimeError, Train::UserError => e
-      $stderr.puts e.message
-      exit 1
-    end
-
-    desc 'info PROFILE', 'display Supermarket profile details'
-    def info(profile)
-      # check that the profile is available
-      supermarket_profiles = Supermarket::API.profiles
-      found = supermarket_profiles.select { |p|
-        profile == "#{p['tool_owner']}/#{p['slug']}"
-      }
-
-      if found.empty?
-        puts "#{mark_text(profile)} is not available on Supermarket"
-        return
-      end
-
-      # load details for the specific profile
-      info = Supermarket::API.info(profile)
-      puts "#{mark_text('name: ')}  #{info['slug']}"
-      puts "#{mark_text('owner:')}  #{info['owner']}"
-      puts "#{mark_text('url:  ')}  #{info['source_url']}"
-      puts
-      puts "#{mark_text('description:  ')} #{info['description']}"
-    end
-  end
-
-  # register the subcommand to Inspec CLI registry
-  Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, 'supermarket', 'supermarket SUBCOMMAND ...', 'Supermarket commands', {})
-end
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+module Supermarket
+  class SupermarketCLI < Inspec::BaseCLI
+    namespace 'supermarket'
+
+    # TODO: find another solution, once https://github.com/erikhuda/thor/issues/261 is fixed
+    def self.banner(command, _namespace = nil, _subcommand = false)
+      "#{basename} #{subcommand_prefix} #{command.usage}"
+    end
+
+    def self.subcommand_prefix
+      namespace
+    end
+
+    desc 'profiles', 'list all available profiles in Chef Supermarket'
+    def profiles
+      # display profiles in format user/profile
+      supermarket_profiles = Supermarket::API.profiles
+
+      headline('Available profiles:')
+      supermarket_profiles.each { |p|
+        li("#{p['tool_name']} #{mark_text(p['tool_owner'] + '/' + p['slug'])}")
+      }
+    end
+
+    desc 'exec PROFILE', 'execute a Supermarket profile'
+    exec_options
+    def exec(*tests)
+      o = opts(:exec).dup
+      diagnose(o)
+      configure_logger(o)
+
+      # iterate over tests and add compliance scheme
+      tests = tests.map { |t| 'supermarket://' + t }
+
+      runner = Inspec::Runner.new(o)
+      tests.each { |target| runner.add_target(target) }
+
+      exit runner.run
+    rescue ArgumentError, RuntimeError, Train::UserError => e
+      $stderr.puts e.message
+      exit 1
+    end
+
+    desc 'info PROFILE', 'display Supermarket profile details'
+    def info(profile)
+      # check that the profile is available
+      supermarket_profiles = Supermarket::API.profiles
+      found = supermarket_profiles.select { |p|
+        profile == "#{p['tool_owner']}/#{p['slug']}"
+      }
+
+      if found.empty?
+        puts "#{mark_text(profile)} is not available on Supermarket"
+        return
+      end
+
+      # load details for the specific profile
+      info = Supermarket::API.info(profile)
+      puts "#{mark_text('name: ')}  #{info['slug']}"
+      puts "#{mark_text('owner:')}  #{info['owner']}"
+      puts "#{mark_text('url:  ')}  #{info['source_url']}"
+      puts
+      puts "#{mark_text('description:  ')} #{info['description']}"
+    end
+  end
+
+  # register the subcommand to Inspec CLI registry
+  Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, 'supermarket', 'supermarket SUBCOMMAND ...', 'Supermarket commands', {})
+end

data/lib/bundles/inspec-supermarket/target.rb

@@ -1,34 +1,34 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'uri'
-require 'inspec/fetcher'
-require 'fetchers/url'
-
-# InSpec Target Helper for Supermarket
-module Supermarket
-  class Fetcher < Inspec.fetcher(1)
-    name 'supermarket'
-    priority 500
-
-    def self.resolve(target, opts = {})
-      supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme == 'supermarket'
-                                              [target, Supermarket::API::SUPERMARKET_URL]
-                                            elsif target.respond_to?(:key?) && target.key?(:supermarket)
-                                              supermarket_server = target[:supermarket_url] || Supermarket::API::SUPERMARKET_URL
-                                              ["supermarket://#{target[:supermarket]}", supermarket_server]
-                                            end
-      return nil unless supermarket_uri
-      return nil unless Supermarket::API.exist?(supermarket_uri, supermarket_server)
-      tool_info = Supermarket::API.find(supermarket_uri, supermarket_server)
-      resolve_next(tool_info['tool_source_url'], opts)
-    rescue URI::Error
-      nil
-    end
-
-    def to_s
-      'Chef Compliance Profile Loader'
-    end
-  end
-end
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'uri'
+require 'inspec/fetcher'
+require 'fetchers/url'
+
+# InSpec Target Helper for Supermarket
+module Supermarket
+  class Fetcher < Inspec.fetcher(1)
+    name 'supermarket'
+    priority 500
+
+    def self.resolve(target, opts = {})
+      supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme == 'supermarket'
+                                              [target, Supermarket::API::SUPERMARKET_URL]
+                                            elsif target.respond_to?(:key?) && target.key?(:supermarket)
+                                              supermarket_server = target[:supermarket_url] || Supermarket::API::SUPERMARKET_URL
+                                              ["supermarket://#{target[:supermarket]}", supermarket_server]
+                                            end
+      return nil unless supermarket_uri
+      return nil unless Supermarket::API.exist?(supermarket_uri, supermarket_server)
+      tool_info = Supermarket::API.find(supermarket_uri, supermarket_server)
+      resolve_next(tool_info['tool_source_url'], opts)
+    rescue URI::Error
+      nil
+    end
+
+    def to_s
+      'Chef Compliance Profile Loader'
+    end
+  end
+end

data/lib/fetchers/git.rb

@@ -1,163 +1,163 @@
-# encoding: utf-8
-require 'tmpdir'
-require 'fileutils'
-require 'mixlib/shellout'
-require 'inspec/log'
-
-module Fetchers
-  #
-  # The git fetcher uses the git binary to fetch remote git sources.
-  # Git-based sources should be specified with the `git:` key in the
-  # source hash. Additionally, we accept `:branch`, `:ref`, and `:tag`
-  # keys to allow users to pin to a particular revision.
-  #
-  # Parts of this class are derived from:
-  #
-  #  https://github.com/chef/omnibus/blob/master/lib/omnibus/fetchers/git_fetcher.rb
-  #
-  # which is Copyright 2012-2014 Chef Software, Inc. and offered under
-  # the same Apache 2 software license as inspec.
-  #
-  # Many thanks to the omnibus authors!
-  #
-  # Note that we haven't replicated all of omnibus' features here.  If
-  # you got to this file during debugging, you may want to look at the
-  # omnibus source for hints.
-  #
-  class Git < Inspec.fetcher(1)
-    name 'git'
-    priority 200
-
-    def self.resolve(target, opts = {})
-      new(target[:git], opts.merge(target)) if target.respond_to?(:has_key?) && target.key?(:git)
-    end
-
-    def initialize(remote_url, opts = {})
-      @branch = opts[:branch]
-      @tag = opts[:tag]
-      @ref = opts[:ref]
-      @remote_url = remote_url
-      @repo_directory = nil
-    end
-
-    def fetch(dir)
-      @repo_directory = dir
-      FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
-
-      if cloned?
-        checkout
-      else
-        Dir.mktmpdir do |tmpdir|
-          checkout(tmpdir)
-          Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
-          FileUtils.cp_r(tmpdir, @repo_directory)
-        end
-      end
-      @repo_directory
-    end
-
-    def cache_key
-      resolved_ref
-    end
-
-    def archive_path
-      @repo_directory
-    end
-
-    def resolved_source
-      { git: @remote_url, ref: resolved_ref }
-    end
-
-    private
-
-    def resolved_ref
-      @resolved_ref ||= if @ref
-                          @ref
-                        elsif @branch
-                          resolve_ref(@branch)
-                        elsif @tag
-                          resolve_ref(@tag)
-                        else
-                          resolve_ref('master')
-                        end
-    end
-
-    def resolve_ref(ref_name)
-      cmd = shellout("git ls-remote \"#{@remote_url}\" \"#{ref_name}*\"")
-      ref = parse_ls_remote(cmd.stdout, ref_name)
-      if !ref
-        raise "Unable to resolve #{ref_name} to a specific git commit for #{@remote_url}"
-      end
-      ref
-    end
-
-    #
-    # The following comment is a minor modification of the comment in
-    # the omnibus source for a similar function:
-    #
-    # Dereference annotated tags.
-    #
-    # The +remote_list+ parameter is assumed to look like this:
-    #
-    #   a2ed66c01f42514bcab77fd628149eccb4ecee28        refs/tags/rel-0.11.0
-    #   f915286abdbc1907878376cce9222ac0b08b12b8        refs/tags/rel-0.11.0^{}
-    #
-    # The SHA with ^{} is the commit pointed to by an annotated
-    # tag. If ref isn't an annotated tag, there will not be a line
-    # with trailing ^{}.
-    #
-    # @param [String] output
-    #   output from `git ls-remote origin` command
-    # @param [String] ref_name
-    #   the target git ref_name
-    #
-    # @return [String]
-    #
-    def parse_ls_remote(output, ref_name)
-      pairs = output.lines.map { |l| l.chomp.split("\t") }
-      tagged_commit = pairs.find { |m| m[1].end_with?("#{ref_name}^{}") }
-      if tagged_commit
-        tagged_commit.first
-      else
-        pairs.find { |m| m[1].end_with?(ref_name.to_s) }&.first
-      end
-    end
-
-    def cloned?
-      File.directory?(File.join(@repo_directory, '.git'))
-    end
-
-    def clone(dir = @repo_directory)
-      git_cmd("clone #{@remote_url} ./", dir) unless cloned?
-      @repo_directory
-    end
-
-    def checkout(dir = @repo_directory)
-      clone(dir)
-      git_cmd("checkout #{resolved_ref}", dir)
-      @repo_directory
-    end
-
-    def git_cmd(cmd, dir = @repo_directory)
-      cmd = shellout("git #{cmd}", cwd: dir)
-      cmd.error!
-      cmd.status
-    rescue Errno::ENOENT
-      raise 'To use git sources, you must have git installed.'
-    end
-
-    def shellout(cmd, opts = {})
-      Inspec::Log.debug("Running external command: #{cmd} (#{opts})")
-      cmd = Mixlib::ShellOut.new(cmd, opts)
-      cmd.run_command
-      Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
-      Inspec::Log.debug('External command: STDOUT BEGIN')
-      Inspec::Log.debug(cmd.stdout)
-      Inspec::Log.debug('External command: STDOUT END')
-      Inspec::Log.debug('External command: STDERR BEGIN')
-      Inspec::Log.debug(cmd.stderr)
-      Inspec::Log.debug('External command: STDERR END')
-      cmd
-    end
-  end
-end
+# encoding: utf-8
+require 'tmpdir'
+require 'fileutils'
+require 'mixlib/shellout'
+require 'inspec/log'
+
+module Fetchers
+  #
+  # The git fetcher uses the git binary to fetch remote git sources.
+  # Git-based sources should be specified with the `git:` key in the
+  # source hash. Additionally, we accept `:branch`, `:ref`, and `:tag`
+  # keys to allow users to pin to a particular revision.
+  #
+  # Parts of this class are derived from:
+  #
+  #  https://github.com/chef/omnibus/blob/master/lib/omnibus/fetchers/git_fetcher.rb
+  #
+  # which is Copyright 2012-2014 Chef Software, Inc. and offered under
+  # the same Apache 2 software license as inspec.
+  #
+  # Many thanks to the omnibus authors!
+  #
+  # Note that we haven't replicated all of omnibus' features here.  If
+  # you got to this file during debugging, you may want to look at the
+  # omnibus source for hints.
+  #
+  class Git < Inspec.fetcher(1)
+    name 'git'
+    priority 200
+
+    def self.resolve(target, opts = {})
+      new(target[:git], opts.merge(target)) if target.respond_to?(:has_key?) && target.key?(:git)
+    end
+
+    def initialize(remote_url, opts = {})
+      @branch = opts[:branch]
+      @tag = opts[:tag]
+      @ref = opts[:ref]
+      @remote_url = remote_url
+      @repo_directory = nil
+    end
+
+    def fetch(dir)
+      @repo_directory = dir
+      FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
+
+      if cloned?
+        checkout
+      else
+        Dir.mktmpdir do |tmpdir|
+          checkout(tmpdir)
+          Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
+          FileUtils.cp_r(tmpdir, @repo_directory)
+        end
+      end
+      @repo_directory
+    end
+
+    def cache_key
+      resolved_ref
+    end
+
+    def archive_path
+      @repo_directory
+    end
+
+    def resolved_source
+      { git: @remote_url, ref: resolved_ref }
+    end
+
+    private
+
+    def resolved_ref
+      @resolved_ref ||= if @ref
+                          @ref
+                        elsif @branch
+                          resolve_ref(@branch)
+                        elsif @tag
+                          resolve_ref(@tag)
+                        else
+                          resolve_ref('master')
+                        end
+    end
+
+    def resolve_ref(ref_name)
+      cmd = shellout("git ls-remote \"#{@remote_url}\" \"#{ref_name}*\"")
+      ref = parse_ls_remote(cmd.stdout, ref_name)
+      if !ref
+        raise "Unable to resolve #{ref_name} to a specific git commit for #{@remote_url}"
+      end
+      ref
+    end
+
+    #
+    # The following comment is a minor modification of the comment in
+    # the omnibus source for a similar function:
+    #
+    # Dereference annotated tags.
+    #
+    # The +remote_list+ parameter is assumed to look like this:
+    #
+    #   a2ed66c01f42514bcab77fd628149eccb4ecee28        refs/tags/rel-0.11.0
+    #   f915286abdbc1907878376cce9222ac0b08b12b8        refs/tags/rel-0.11.0^{}
+    #
+    # The SHA with ^{} is the commit pointed to by an annotated
+    # tag. If ref isn't an annotated tag, there will not be a line
+    # with trailing ^{}.
+    #
+    # @param [String] output
+    #   output from `git ls-remote origin` command
+    # @param [String] ref_name
+    #   the target git ref_name
+    #
+    # @return [String]
+    #
+    def parse_ls_remote(output, ref_name)
+      pairs = output.lines.map { |l| l.chomp.split("\t") }
+      tagged_commit = pairs.find { |m| m[1].end_with?("#{ref_name}^{}") }
+      if tagged_commit
+        tagged_commit.first
+      else
+        pairs.find { |m| m[1].end_with?(ref_name.to_s) }&.first
+      end
+    end
+
+    def cloned?
+      File.directory?(File.join(@repo_directory, '.git'))
+    end
+
+    def clone(dir = @repo_directory)
+      git_cmd("clone #{@remote_url} ./", dir) unless cloned?
+      @repo_directory
+    end
+
+    def checkout(dir = @repo_directory)
+      clone(dir)
+      git_cmd("checkout #{resolved_ref}", dir)
+      @repo_directory
+    end
+
+    def git_cmd(cmd, dir = @repo_directory)
+      cmd = shellout("git #{cmd}", cwd: dir)
+      cmd.error!
+      cmd.status
+    rescue Errno::ENOENT
+      raise 'To use git sources, you must have git installed.'
+    end
+
+    def shellout(cmd, opts = {})
+      Inspec::Log.debug("Running external command: #{cmd} (#{opts})")
+      cmd = Mixlib::ShellOut.new(cmd, opts)
+      cmd.run_command
+      Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
+      Inspec::Log.debug('External command: STDOUT BEGIN')
+      Inspec::Log.debug(cmd.stdout)
+      Inspec::Log.debug('External command: STDOUT END')
+      Inspec::Log.debug('External command: STDERR BEGIN')
+      Inspec::Log.debug(cmd.stderr)
+      Inspec::Log.debug('External command: STDERR END')
+      cmd
+    end
+  end
+end