inspec 2.1.83 → 2.1.84

Sign up to get free protection for your applications and to get access to all the features.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +13 -8
  3. data/README.md +1 -1
  4. data/docs/reporters.md +12 -0
  5. data/lib/fetchers/git.rb +1 -1
  6. data/lib/inspec/base_cli.rb +3 -2
  7. data/lib/inspec/reporters.rb +6 -0
  8. data/lib/inspec/reporters/yaml.rb +22 -0
  9. data/lib/inspec/runner_rspec.rb +1 -1
  10. data/lib/inspec/version.rb +1 -1
  11. data/lib/resources/groups.rb +34 -17
  12. data/lib/resources/iis_site.rb +4 -4
  13. data/lib/resources/mssql_session.rb +26 -11
  14. data/lib/resources/package.rb +1 -1
  15. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 74c87c98feba2e839a99c3a8190804fabd214f28df8b917e3ef16dd71e52a7ce
4
- data.tar.gz: 78449f73070d2312feffdc1af9d29c5aa99214381a260fe1cbc31fc2ecdca229
3
+ metadata.gz: 8db51c5f98be724241330204e33428997a6f4f8f6fadd18cb1e1545ed1cea8d1
4
+ data.tar.gz: 336108002818e82f3b97cbd66c3d18560ec59dba1436afb6d20884e7905268e3
5
5
  SHA512:
6
- metadata.gz: 6d3e79b6bb3a206656a12fc2bb0e3a48b56ca11e79bbd564b39d0a02f7c75075fc7b42b389143ec31980a3bdc7d3a0635420e3dbcc779bc00da786a0513935ce
7
- data.tar.gz: 58bdf10f8dbeb532116f45eb3ece5e3202ffd71fd68d8c29d0b6f83a7152cb42db12a0293b845cf74aad85975341ce92e8ed32b95813ebf2ad86938c4965ef28
6
+ metadata.gz: 4cae3554608530e49abc485bfcc55c411bf68917260720bb70791f6b509fdd0ca161dadac83ff08b9f267419a7eed3ec4c4605ccc356799c45a5739bfa8de8eb
7
+ data.tar.gz: 291b7d576300a22edab627a373f214e86d90de7928655a15e040642d7e0db6a0d07ea469d830e168e6abc84135878e56ddbeba80aa8c014d4d1109a62633eff3
data/CHANGELOG.md CHANGED
@@ -1,26 +1,31 @@
1
1
  # Change Log
2
2
  <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
3
- <!-- latest_release 2.1.83 -->
4
- ## [v2.1.83](https://github.com/chef/inspec/tree/v2.1.83) (2018-05-18)
3
+ <!-- latest_release 2.1.84 -->
4
+ ## [v2.1.84](https://github.com/inspec/inspec/tree/v2.1.84) (2018-05-31)
5
5
 
6
6
  #### Merged Pull Requests
7
- - Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick))
7
+ - Generate new org builds [#3087](https://github.com/inspec/inspec/pull/3087) ([jquick](https://github.com/jquick))
8
8
  <!-- latest_release -->
9
9
 
10
- <!-- release_rollup since=2.1.81 -->
11
- ### Changes since 2.1.81 release
10
+ <!-- release_rollup since=2.1.83 -->
11
+ ### Changes since 2.1.83 release
12
12
 
13
13
  #### Merged Pull Requests
14
- - Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick)) <!-- 2.1.83 -->
15
- - Update ruby required version. [#3070](https://github.com/chef/inspec/pull/3070) ([jquick](https://github.com/jquick)) <!-- 2.1.82 -->
14
+ - Generate new org builds [#3087](https://github.com/inspec/inspec/pull/3087) ([jquick](https://github.com/jquick)) <!-- 2.1.84 -->
16
15
  <!-- release_rollup -->
17
16
 
18
17
  <!-- latest_stable_release -->
18
+ ## [v2.1.83](https://github.com/chef/inspec/tree/v2.1.83) (2018-05-18)
19
+
20
+ #### Merged Pull Requests
21
+ - Update ruby required version. [#3070](https://github.com/chef/inspec/pull/3070) ([jquick](https://github.com/jquick))
22
+ - Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick))
23
+ <!-- latest_stable_release -->
24
+
19
25
  ## [v2.1.81](https://github.com/chef/inspec/tree/v2.1.81) (2018-05-17)
20
26
 
21
27
  #### Merged Pull Requests
22
28
  - Update Train pin to pull in msi env [#3068](https://github.com/chef/inspec/pull/3068) ([jquick](https://github.com/jquick))
23
- <!-- latest_stable_release -->
24
29
 
25
30
  ## [v2.1.80](https://github.com/chef/inspec/tree/v2.1.80) (2018-05-17)
26
31
 
data/README.md CHANGED
@@ -450,4 +450,4 @@ Unless required by applicable law or agreed to in writing, software
450
450
  distributed under the License is distributed on an "AS IS" BASIS,
451
451
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
452
452
  See the License for the specific language governing permissions and
453
- limitations under the License.
453
+ limitations under the License.
data/docs/reporters.md CHANGED
@@ -20,6 +20,14 @@ or
20
20
  inspec exec --reporter json:-
21
21
  ```
22
22
 
23
+ Output yaml to screen
24
+
25
+ ```bash
26
+ inspec exec --reporter yaml
27
+ or
28
+ inspec exec --reporter yaml:-
29
+ ```
30
+
23
31
  Output cli to screen and write json to a file.
24
32
 
25
33
  ```bash
@@ -84,6 +92,10 @@ This reporter includes all information about the profiles and test results in st
84
92
 
85
93
  This reporter is a redacted version of the json and only includes test results.
86
94
 
95
+ ### yaml
96
+
97
+ This reporter includes all information about the profiles and test results in standard yaml format.
98
+
87
99
  ### documentation
88
100
 
89
101
  This reporter is a very minimal text base report. It shows you which tests passed by name and has a small summary at the end.
data/lib/fetchers/git.rb CHANGED
@@ -50,7 +50,7 @@ module Fetchers
50
50
  Dir.mktmpdir do |tmpdir|
51
51
  checkout(tmpdir)
52
52
  Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
53
- FileUtils.cp_r(tmpdir, @repo_directory)
53
+ FileUtils.cp_r(tmpdir + '/.', @repo_directory)
54
54
  end
55
55
  end
56
56
  @repo_directory
data/lib/inspec/base_cli.rb CHANGED
@@ -70,7 +70,7 @@ module Inspec
70
70
  desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
71
71
  option :reporter, type: :array,
72
72
  banner: 'one two:/output/file/path',
73
- desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'
73
+ desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml'
74
74
  option :color, type: :boolean,
75
75
  desc: 'Use colors in output.'
76
76
  option :attrs, type: :array,
@@ -162,6 +162,7 @@ module Inspec
162
162
  'json-rspec',
163
163
  'junit',
164
164
  'progress',
165
+ 'yaml',
165
166
  ]
166
167
 
167
168
  reporters.each do |k, v|
@@ -203,7 +204,7 @@ module Inspec
203
204
 
204
205
  def suppress_log_output?(opts)
205
206
  return false if opts['reporter'].nil?
206
- match = %w{json json-min json-rspec junit html} & opts['reporter'].keys
207
+ match = %w{json json-min json-rspec junit html yaml documentation progress} & opts['reporter'].keys
207
208
  unless match.empty?
208
209
  match.each do |m|
209
210
  # check to see if we are outputting to stdout
data/lib/inspec/reporters.rb CHANGED
@@ -4,8 +4,10 @@ require 'inspec/reporters/json'
4
4
  require 'inspec/reporters/json_min'
5
5
  require 'inspec/reporters/junit'
6
6
  require 'inspec/reporters/automate'
7
+ require 'inspec/reporters/yaml'
7
8
 
8
9
  module Inspec::Reporters
10
+ # rubocop:disable Metrics/CyclomaticComplexity
9
11
  def self.render(reporter, run_data)
10
12
  name, config = reporter.dup
11
13
  config[:run_data] = run_data
@@ -20,6 +22,8 @@ module Inspec::Reporters
20
22
  reporter = Inspec::Reporters::Junit.new(config)
21
23
  when 'automate'
22
24
  reporter = Inspec::Reporters::Automate.new(config)
25
+ when 'yaml'
26
+ reporter = Inspec::Reporters::Yaml.new(config)
23
27
  else
24
28
  raise NotImplementedError, "'#{name}' is not a valid reporter type."
25
29
  end
@@ -50,6 +54,8 @@ module Inspec::Reporters
50
54
  reporter = Inspec::Reporters::Json.new(config)
51
55
  when 'json-min'
52
56
  reporter = Inspec::Reporters::JsonMin.new(config)
57
+ when 'yaml'
58
+ reporter = Inspec::Reporters::Yaml.new(config)
53
59
  else
54
60
  # use base run_data hash for any other report
55
61
  return run_data
data/lib/inspec/reporters/yaml.rb ADDED
@@ -0,0 +1,22 @@
1
+ # encoding: utf-8
2
+
3
+ require 'yaml'
4
+
5
+ module Inspec::Reporters
6
+ class Yaml < Base
7
+ def render
8
+ output(Inspec::Reporters::Json.new({ run_data: run_data }).report.to_yaml, false)
9
+ end
10
+
11
+ def report
12
+ {
13
+ platform: platform,
14
+ profiles: profiles,
15
+ statistics: {
16
+ duration: run_data[:statistics][:duration],
17
+ },
18
+ version: run_data[:version],
19
+ }
20
+ end
21
+ end
22
+ end
data/lib/inspec/runner_rspec.rb CHANGED
@@ -117,7 +117,7 @@ module Inspec
117
117
  if @conf['reporter']['json-rspec']&.[]('file').nil?
118
118
  RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson)
119
119
  else
120
- RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson, @conf[:reporter]['json-rspec']['file'])
120
+ RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson, @conf['reporter']['json-rspec']['file'])
121
121
  end
122
122
  @conf['reporter'].delete('json-rspec')
123
123
  end
data/lib/inspec/version.rb CHANGED
@@ -4,5 +4,5 @@
4
4
  # author: Christoph Hartmann
5
5
 
6
6
  module Inspec
7
- VERSION = '2.1.83'
7
+ VERSION = '2.1.84'
8
8
  end
data/lib/resources/groups.rb CHANGED
@@ -52,6 +52,7 @@ module Inspec::Resources
52
52
  .add(:names, field: 'name')
53
53
  .add(:gids, field: 'gid')
54
54
  .add(:domains, field: 'domain')
55
+ .add(:members, field: 'members')
55
56
  .add(:exists?) { |x| !x.entries.empty? }
56
57
  filter.connect(self, :collect_group_details)
57
58
 
@@ -90,6 +91,10 @@ module Inspec::Resources
90
91
  it { should exist }
91
92
  its('gid') { should eq 0 }
92
93
  end
94
+
95
+ describe group('Administrators') do
96
+ its('members') { should include 'Administrator' }
97
+ end
93
98
  "
94
99
 
95
100
  def initialize(groupname)
@@ -106,15 +111,7 @@ module Inspec::Resources
106
111
  end
107
112
 
108
113
  def gid
109
- gids = group_info.gids
110
- if gids.empty?
111
- nil
112
- # the default case should be one group
113
- elsif gids.size == 1
114
- gids.entries[0]
115
- else
116
- raise 'found more than one group with the same name, please use `groups` resource'
117
- end
114
+ flatten_entry(group_info, 'gid')
118
115
  end
119
116
 
120
117
  # implements rspec has matcher, to be compatible with serverspec
@@ -122,6 +119,11 @@ module Inspec::Resources
122
119
  gid == compare_gid
123
120
  end
124
121
 
122
+ def members
123
+ return unless inspec.os.windows?
124
+ flatten_entry(group_info, 'members')
125
+ end
126
+
125
127
  def local
126
128
  # at this point the implementation only returns local groups
127
129
  true
@@ -133,6 +135,17 @@ module Inspec::Resources
133
135
 
134
136
  private
135
137
 
138
+ def flatten_entry(group_info, prop)
139
+ entries = group_info.entries
140
+ if entries.empty?
141
+ nil
142
+ elsif entries.size == 1
143
+ entries.first.send(prop)
144
+ else
145
+ raise 'found more than one group with the same name, please use `groups` resource'
146
+ end
147
+ end
148
+
136
149
  def group_info
137
150
  # we need a local copy for the block
138
151
  group = @group.dup
@@ -183,18 +196,22 @@ module Inspec::Resources
183
196
  class WindowsGroup < GroupInfo
184
197
  # returns all local groups
185
198
  def groups
186
- script = <<~EOH
187
- Function ConvertTo-SID { Param([byte[]]$BinarySID)
188
- (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
199
+ script = <<-EOH
200
+ Function ConvertTo-SID { Param([byte[]]$BinarySID)
201
+ (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
189
202
  }
190
-
191
- $Computername = $Env:Computername
192
- $adsi = [ADSI]"WinNT://$Computername"
193
- $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach {
203
+ $Computername = $Env:Computername
204
+ $adsi = [ADSI]"WinNT://$Computername"
205
+ $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach {
194
206
  $name = $_.Name[0]
195
207
  $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
196
208
  $group =[ADSI]$_.Path
197
- new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain=$Computername}
209
+ $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) }
210
+ # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json
211
+ if(-not [bool]$members) {
212
+ $members = @()
213
+ }
214
+ new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members}
198
215
  }
199
216
  $groups | ConvertTo-Json -Depth 3
200
217
  EOH
data/lib/resources/iis_site.rb CHANGED
@@ -40,19 +40,19 @@ module Inspec::Resources
40
40
  end
41
41
 
42
42
  def app_pool
43
- iis_site[:app_pool]
43
+ iis_site.nil? ? nil : iis_site[:app_pool]
44
44
  end
45
45
 
46
46
  def bindings
47
- iis_site[:bindings]
47
+ iis_site.nil? ? nil : iis_site[:bindings]
48
48
  end
49
49
 
50
50
  def state
51
- iis_site[:state]
51
+ iis_site.nil? ? nil : iis_site[:state]
52
52
  end
53
53
 
54
54
  def path
55
- iis_site[:path]
55
+ iis_site.nil? ? nil : iis_site[:path]
56
56
  end
57
57
 
58
58
  def exists?
data/lib/resources/mssql_session.rb CHANGED
@@ -29,15 +29,22 @@ module Inspec::Resources
29
29
  end
30
30
  "
31
31
 
32
- attr_reader :user, :password, :host, :port, :instance
32
+ attr_reader :user, :password, :host, :port, :instance, :local_mode
33
33
  def initialize(opts = {})
34
34
  @user = opts[:user]
35
35
  @password = opts[:password] || opts[:pass]
36
36
  if opts[:pass]
37
37
  warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
38
38
  end
39
- @host = opts[:host] || 'localhost'
40
- @port = opts[:port] || '1433'
39
+ @local_mode = opts[:local_mode]
40
+ unless local_mode?
41
+ @host = opts[:host] || 'localhost'
42
+ if opts.key?(:port)
43
+ @port = opts[:port]
44
+ else
45
+ @port = '1433'
46
+ end
47
+ end
41
48
  @instance = opts[:instance]
42
49
 
43
50
  # check if sqlcmd is available
@@ -51,18 +58,22 @@ module Inspec::Resources
51
58
  # surpress 'x rows affected' in SQLCMD with 'set nocount on;'
52
59
  cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
53
60
  cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
54
- if @instance.nil?
55
- cmd_string += " -S '#{@host},#{@port}'"
56
- else
57
- cmd_string += " -S '#{@host},#{@port}\\#{@instance}'"
61
+ unless local_mode?
62
+ if @port.nil?
63
+ cmd_string += " -S '#{@host}"
64
+ else
65
+ cmd_string += " -S '#{@host},#{@port}"
66
+ end
67
+ if @instance.nil?
68
+ cmd_string += "'"
69
+ else
70
+ cmd_string += "\\#{@instance}'"
71
+ end
58
72
  end
59
73
  cmd = inspec.command(cmd_string)
60
74
  out = cmd.stdout + "\n" + cmd.stderr
61
75
  if cmd.exit_status != 0 || out =~ /Sqlcmd: Error/
62
- # TODO: we need to throw an exception here
63
- # change once https://github.com/chef/inspec/issues/1205 is in
64
- warn "Could not execute the sql query #{out}"
65
- DatabaseHelper::SQLQueryResult.new(cmd, Hashie::Mash.new({}))
76
+ raise Inspec::Exceptions::ResourceFailed, "Could not execute the sql query #{out}"
66
77
  else
67
78
  DatabaseHelper::SQLQueryResult.new(cmd, parse_csv_result(cmd))
68
79
  end
@@ -74,6 +85,10 @@ module Inspec::Resources
74
85
 
75
86
  private
76
87
 
88
+ def local_mode?
89
+ !!@local_mode # rubocop:disable Style/DoubleNegation
90
+ end
91
+
77
92
  def test_connection
78
93
  !query('select getdate()').empty?
79
94
  end
data/lib/resources/package.rb CHANGED
@@ -181,7 +181,7 @@ module Inspec::Resources
181
181
 
182
182
  def rpm_command(package_name)
183
183
  cmd = ''
184
- cmd += 'rpm -qia'
184
+ cmd += 'rpm -qi'
185
185
  cmd += " --dbpath #{@dbpath}" if @dbpath
186
186
  cmd += ' ' + package_name
187
187
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.83
4
+ version: 2.1.84
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-18 00:00:00.000000000 Z
11
+ date: 2018-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train
@@ -618,6 +618,7 @@ files:
618
618
  - lib/inspec/reporters/json.rb
619
619
  - lib/inspec/reporters/json_min.rb
620
620
  - lib/inspec/reporters/junit.rb
621
+ - lib/inspec/reporters/yaml.rb
621
622
  - lib/inspec/require_loader.rb
622
623
  - lib/inspec/resource.rb
623
624
  - lib/inspec/rule.rb