inspec 2.0.32 → 2.0.45

data/lib/inspec/dsl.rb

@@ -1,66 +1,66 @@
-# encoding: utf-8
-# copyright: 2015, Dominik Richter
-# author: Dominik Richter
-# author: Christoph Hartmann
-require 'inspec/log'
-
-module Inspec::DSL
-  def require_controls(id, &block)
-    opts = { profile_id: id, include_all: false, backend: @backend, conf: @conf, dependencies: @dependencies }
-    ::Inspec::DSL.load_spec_files_for_profile(self, opts, &block)
-  end
-
-  def include_controls(id, &block)
-    opts = { profile_id: id, include_all: true, backend: @backend, conf: @conf, dependencies: @dependencies }
-    ::Inspec::DSL.load_spec_files_for_profile(self, opts, &block)
-  end
-
-  alias require_rules require_controls
-  alias include_rules include_controls
-
-  def require_resource(options = {})
-    raise 'You must specify a specific resource name when calling require_resource()' if options[:resource].nil?
-
-    from_profile = options[:profile] || profile_name
-    target_name = options[:as] || options[:resource]
-    res = resource_class(from_profile, options[:resource])
-    add_resource(target_name, res)
-  end
-
-  def self.load_spec_files_for_profile(bind_context, opts, &block)
-    dependencies = opts[:dependencies]
-    profile_id = opts[:profile_id]
-
-    dep_entry = dependencies.list[profile_id]
-    if dep_entry.nil?
-      raise <<~EOF
-        Cannot load #{profile_id} since it is not listed as a dependency of #{bind_context.profile_name}.
-
-        Dependencies available from this context are:
-            #{dependencies.list.keys.join("\n    ")}
-      EOF
-    end
-
-    context = dep_entry.profile.runner_context
-    # if we don't want all the rules, then just make 1 pass to get all rule_IDs
-    # that we want to keep from the original
-    filter_included_controls(context, dep_entry.profile, &block) if !opts[:include_all]
-    # interpret the block and skip/modify as required
-    context.load(block) if block_given?
-    bind_context.add_subcontext(context)
-  end
-
-  def self.filter_included_controls(context, profile, &block)
-    mock = Inspec::Backend.create({ backend: 'mock' })
-    include_ctx = Inspec::ProfileContext.for_profile(profile, mock, {})
-    include_ctx.load(block) if block_given?
-    # remove all rules that were not registered
-    context.all_rules.each do |r|
-      id = Inspec::Rule.rule_id(r)
-      fid = Inspec::Rule.profile_id(r) + '/' + id
-      unless include_ctx.rules[id] || include_ctx.rules[fid]
-        context.remove_rule(fid)
-      end
-    end
-  end
-end
+# encoding: utf-8
+# copyright: 2015, Dominik Richter
+# author: Dominik Richter
+# author: Christoph Hartmann
+require 'inspec/log'
+
+module Inspec::DSL
+  def require_controls(id, &block)
+    opts = { profile_id: id, include_all: false, backend: @backend, conf: @conf, dependencies: @dependencies }
+    ::Inspec::DSL.load_spec_files_for_profile(self, opts, &block)
+  end
+
+  def include_controls(id, &block)
+    opts = { profile_id: id, include_all: true, backend: @backend, conf: @conf, dependencies: @dependencies }
+    ::Inspec::DSL.load_spec_files_for_profile(self, opts, &block)
+  end
+
+  alias require_rules require_controls
+  alias include_rules include_controls
+
+  def require_resource(options = {})
+    raise 'You must specify a specific resource name when calling require_resource()' if options[:resource].nil?
+
+    from_profile = options[:profile] || profile_name
+    target_name = options[:as] || options[:resource]
+    res = resource_class(from_profile, options[:resource])
+    add_resource(target_name, res)
+  end
+
+  def self.load_spec_files_for_profile(bind_context, opts, &block)
+    dependencies = opts[:dependencies]
+    profile_id = opts[:profile_id]
+
+    dep_entry = dependencies.list[profile_id]
+    if dep_entry.nil?
+      raise <<~EOF
+        Cannot load #{profile_id} since it is not listed as a dependency of #{bind_context.profile_name}.
+
+        Dependencies available from this context are:
+            #{dependencies.list.keys.join("\n    ")}
+      EOF
+    end
+
+    context = dep_entry.profile.runner_context
+    # if we don't want all the rules, then just make 1 pass to get all rule_IDs
+    # that we want to keep from the original
+    filter_included_controls(context, dep_entry.profile, &block) if !opts[:include_all]
+    # interpret the block and skip/modify as required
+    context.load(block) if block_given?
+    bind_context.add_subcontext(context)
+  end
+
+  def self.filter_included_controls(context, profile, &block)
+    mock = Inspec::Backend.create({ backend: 'mock' })
+    include_ctx = Inspec::ProfileContext.for_profile(profile, mock, {})
+    include_ctx.load(block) if block_given?
+    # remove all rules that were not registered
+    context.all_rules.each do |r|
+      id = Inspec::Rule.rule_id(r)
+      fid = Inspec::Rule.profile_id(r) + '/' + id
+      unless include_ctx.rules[id] || include_ctx.rules[fid]
+        context.remove_rule(fid)
+      end
+    end
+  end
+end

data/lib/inspec/dsl_shared.rb

@@ -1,33 +1,33 @@
-# encoding: utf-8
-module Inspec
-  #
-  # Contains methods we would like in multiple DSL
-  #
-  module DSL
-    module RequireOverride
-      # Save the toplevel require method to load all ruby dependencies.
-      # It is used whenever the `require 'lib'` is not in libraries.
-      alias __ruby_require require
-
-      def require(path)
-        rbpath = path + '.rb'
-        return __ruby_require(path) if !@require_loader.exists?(rbpath)
-        return false if @require_loader.loaded?(rbpath)
-
-        # This is equivalent to calling `require 'lib'` with lib on disk.
-        # We cannot rely on libraries residing on disk however.
-        # TODO: Sandboxing.
-        content, path, line = @require_loader.load(rbpath)
-
-        # If we are in the realm of libraries and the LibraryEvalContext
-        # we should have access to the __inspec_binding, which is a Binding
-        # context that provides the correct plane to evaluate all required files to.
-        # It will ensure that embedded calls to `require` still call this
-        # method and get loaded from their correct paths.
-        return __inspec_binding.eval(content, path, line) if defined?(__inspec_binding)
-
-        eval(content, TOPLEVEL_BINDING, path, line) # rubocop:disable Security/Eval
-      end
-    end
-  end
-end
+# encoding: utf-8
+module Inspec
+  #
+  # Contains methods we would like in multiple DSL
+  #
+  module DSL
+    module RequireOverride
+      # Save the toplevel require method to load all ruby dependencies.
+      # It is used whenever the `require 'lib'` is not in libraries.
+      alias __ruby_require require
+
+      def require(path)
+        rbpath = path + '.rb'
+        return __ruby_require(path) if !@require_loader.exists?(rbpath)
+        return false if @require_loader.loaded?(rbpath)
+
+        # This is equivalent to calling `require 'lib'` with lib on disk.
+        # We cannot rely on libraries residing on disk however.
+        # TODO: Sandboxing.
+        content, path, line = @require_loader.load(rbpath)
+
+        # If we are in the realm of libraries and the LibraryEvalContext
+        # we should have access to the __inspec_binding, which is a Binding
+        # context that provides the correct plane to evaluate all required files to.
+        # It will ensure that embedded calls to `require` still call this
+        # method and get loaded from their correct paths.
+        return __inspec_binding.eval(content, path, line) if defined?(__inspec_binding)
+
+        eval(content, TOPLEVEL_BINDING, path, line) # rubocop:disable Security/Eval
+      end
+    end
+  end
+end

data/lib/inspec/env_printer.rb

@@ -1,157 +1,157 @@
-# encoding: utf-8
-require 'inspec/shell_detector'
-require 'erb'
-require 'shellwords'
-
-module Inspec
-  class EnvPrinter
-    attr_reader :shell
-
-    EVAL_COMMANDS = {
-      'bash' => 'eval \"$(inspec env bash)\"',
-      'fish' => 'inspec env fish > ~/.config/fish/completions/inspec.fish',
-      'zsh' => 'eval \"$(inspec env zsh)\"',
-    }.freeze
-
-    def initialize(command_class, shell = nil)
-      if !shell
-        @detected = true
-        @shell = Inspec::ShellDetector.new.shell
-      else
-        @shell = shell
-      end
-      @command_class = command_class
-    end
-
-    def print_and_exit!
-      exit_no_shell if !have_shell?
-      exit_no_completion if !have_shell_completion?
-
-      print_completion_for_shell
-      print_detection_warning($stdout) if @detected
-      print_usage_guidance
-      exit 0
-    end
-
-    private
-
-    def print_completion_for_shell
-      erb = ERB.new(File.read(completion_template_path), nil, '-')
-      puts erb.result(TemplateContext.new(@command_class).get_bindings)
-    end
-
-    def have_shell?
-      !(@shell.nil? || @shell.empty?)
-    end
-
-    def have_shell_completion?
-      File.exist?(completion_template_path)
-    end
-
-    def completion_dir
-      File.join(File.dirname(__FILE__), 'completions')
-    end
-
-    def completion_template_path
-      File.join(completion_dir, "#{@shell}.sh.erb")
-    end
-
-    def shells_with_completions
-      Dir.glob("#{completion_dir}/*.sh.erb").map { |f| File.basename(f, '.sh.erb') }
-    end
-
-    def print_usage_guidance
-      puts <<~EOF
-        # To use this, eval it in your shell
-        #
-        #    #{EVAL_COMMANDS[shell]}
-        #
-        #
-      EOF
-    end
-
-    def print_detection_warning(device)
-      device.puts <<~EOF
-        #
-        # The shell #{@shell} was auto-detected. If this is incorrect, please
-        # specify a shell explicitly by running:
-        #
-        #     inspec env SHELLNAME
-        #
-        # Currently supported shells are: #{shells_with_completions.join(', ')}
-        #
-      EOF
-    end
-
-    def exit_no_completion
-      $stderr.puts "# No completion script for #{@shell}!"
-      print_detection_warning($stderr) if @detected
-      exit 1
-    end
-
-    def exit_no_shell
-      if @detected
-        $stderr.puts '# Unable to automatically detect shell and no shell was provided.'
-      end
-      $stderr.puts <<~EOF
-        #
-        # Please provide the name of your shell via the command line:
-        #
-        #    inspec env SHELLNAME
-        #
-        # Currently supported shells are: #{shells_with_completions.join(', ')}
-      EOF
-      exit 1
-    end
-
-    class TemplateContext
-      def initialize(command_class)
-        @command_class = command_class
-      end
-
-      def get_bindings # rubocop:disable Style/AccessorMethodName
-        binding
-      end
-
-      #
-      # The following functions all assume that @command_class
-      # is something that provides a Thor-like API
-      #
-      def top_level_commands
-        commands_for_thor_class(@command_class)
-      end
-
-      def top_level_commands_with_descriptions
-        descript_lines_for_class(@command_class)
-      end
-
-      def subcommands_with_commands
-        ret = {}
-        @command_class.subcommand_classes.each do |k, v|
-          ret[k] = commands_for_thor_class(v)
-        end
-        ret
-      end
-
-      def subcommands_with_commands_and_descriptions
-        ret = {}
-        @command_class.subcommand_classes.each do |k, v|
-          ret[k] = descript_lines_for_class(v)
-        end
-        ret
-      end
-
-      def commands_for_thor_class(thor_class)
-        thor_class.all_commands.values.map { |c| c.usage.split.first }
-      end
-
-      def descript_lines_for_class(thor_class)
-        thor_class.all_commands.values.map { |c| descript_line_for_command(c) }
-      end
-
-      def descript_line_for_command(c)
-        "#{c.usage.split.first}:#{Shellwords.escape(c.description)}"
-      end
-    end
-  end
-end
+# encoding: utf-8
+require 'inspec/shell_detector'
+require 'erb'
+require 'shellwords'
+
+module Inspec
+  class EnvPrinter
+    attr_reader :shell
+
+    EVAL_COMMANDS = {
+      'bash' => 'eval \"$(inspec env bash)\"',
+      'fish' => 'inspec env fish > ~/.config/fish/completions/inspec.fish',
+      'zsh' => 'eval \"$(inspec env zsh)\"',
+    }.freeze
+
+    def initialize(command_class, shell = nil)
+      if !shell
+        @detected = true
+        @shell = Inspec::ShellDetector.new.shell
+      else
+        @shell = shell
+      end
+      @command_class = command_class
+    end
+
+    def print_and_exit!
+      exit_no_shell if !have_shell?
+      exit_no_completion if !have_shell_completion?
+
+      print_completion_for_shell
+      print_detection_warning($stdout) if @detected
+      print_usage_guidance
+      exit 0
+    end
+
+    private
+
+    def print_completion_for_shell
+      erb = ERB.new(File.read(completion_template_path), nil, '-')
+      puts erb.result(TemplateContext.new(@command_class).get_bindings)
+    end
+
+    def have_shell?
+      !(@shell.nil? || @shell.empty?)
+    end
+
+    def have_shell_completion?
+      File.exist?(completion_template_path)
+    end
+
+    def completion_dir
+      File.join(File.dirname(__FILE__), 'completions')
+    end
+
+    def completion_template_path
+      File.join(completion_dir, "#{@shell}.sh.erb")
+    end
+
+    def shells_with_completions
+      Dir.glob("#{completion_dir}/*.sh.erb").map { |f| File.basename(f, '.sh.erb') }
+    end
+
+    def print_usage_guidance
+      puts <<~EOF
+        # To use this, eval it in your shell
+        #
+        #    #{EVAL_COMMANDS[shell]}
+        #
+        #
+      EOF
+    end
+
+    def print_detection_warning(device)
+      device.puts <<~EOF
+        #
+        # The shell #{@shell} was auto-detected. If this is incorrect, please
+        # specify a shell explicitly by running:
+        #
+        #     inspec env SHELLNAME
+        #
+        # Currently supported shells are: #{shells_with_completions.join(', ')}
+        #
+      EOF
+    end
+
+    def exit_no_completion
+      $stderr.puts "# No completion script for #{@shell}!"
+      print_detection_warning($stderr) if @detected
+      exit 1
+    end
+
+    def exit_no_shell
+      if @detected
+        $stderr.puts '# Unable to automatically detect shell and no shell was provided.'
+      end
+      $stderr.puts <<~EOF
+        #
+        # Please provide the name of your shell via the command line:
+        #
+        #    inspec env SHELLNAME
+        #
+        # Currently supported shells are: #{shells_with_completions.join(', ')}
+      EOF
+      exit 1
+    end
+
+    class TemplateContext
+      def initialize(command_class)
+        @command_class = command_class
+      end
+
+      def get_bindings # rubocop:disable Style/AccessorMethodName
+        binding
+      end
+
+      #
+      # The following functions all assume that @command_class
+      # is something that provides a Thor-like API
+      #
+      def top_level_commands
+        commands_for_thor_class(@command_class)
+      end
+
+      def top_level_commands_with_descriptions
+        descript_lines_for_class(@command_class)
+      end
+
+      def subcommands_with_commands
+        ret = {}
+        @command_class.subcommand_classes.each do |k, v|
+          ret[k] = commands_for_thor_class(v)
+        end
+        ret
+      end
+
+      def subcommands_with_commands_and_descriptions
+        ret = {}
+        @command_class.subcommand_classes.each do |k, v|
+          ret[k] = descript_lines_for_class(v)
+        end
+        ret
+      end
+
+      def commands_for_thor_class(thor_class)
+        thor_class.all_commands.values.map { |c| c.usage.split.first }
+      end
+
+      def descript_lines_for_class(thor_class)
+        thor_class.all_commands.values.map { |c| descript_line_for_command(c) }
+      end
+
+      def descript_line_for_command(c)
+        "#{c.usage.split.first}:#{Shellwords.escape(c.description)}"
+      end
+    end
+  end
+end