inspec 2.1.83 → 2.1.84

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 74c87c98feba2e839a99c3a8190804fabd214f28df8b917e3ef16dd71e52a7ce
-  data.tar.gz: 78449f73070d2312feffdc1af9d29c5aa99214381a260fe1cbc31fc2ecdca229
+  metadata.gz: 8db51c5f98be724241330204e33428997a6f4f8f6fadd18cb1e1545ed1cea8d1
+  data.tar.gz: 336108002818e82f3b97cbd66c3d18560ec59dba1436afb6d20884e7905268e3
 SHA512:
-  metadata.gz: 6d3e79b6bb3a206656a12fc2bb0e3a48b56ca11e79bbd564b39d0a02f7c75075fc7b42b389143ec31980a3bdc7d3a0635420e3dbcc779bc00da786a0513935ce
-  data.tar.gz: 58bdf10f8dbeb532116f45eb3ece5e3202ffd71fd68d8c29d0b6f83a7152cb42db12a0293b845cf74aad85975341ce92e8ed32b95813ebf2ad86938c4965ef28
+  metadata.gz: 4cae3554608530e49abc485bfcc55c411bf68917260720bb70791f6b509fdd0ca161dadac83ff08b9f267419a7eed3ec4c4605ccc356799c45a5739bfa8de8eb
+  data.tar.gz: 291b7d576300a22edab627a373f214e86d90de7928655a15e040642d7e0db6a0d07ea469d830e168e6abc84135878e56ddbeba80aa8c014d4d1109a62633eff3

data/CHANGELOG.md

@@ -1,26 +1,31 @@
 # Change Log
 <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
-<!-- latest_release 2.1.83 -->
-## [v2.1.83](https://github.com/chef/inspec/tree/v2.1.83) (2018-05-18)
+<!-- latest_release 2.1.84 -->
+## [v2.1.84](https://github.com/inspec/inspec/tree/v2.1.84) (2018-05-31)
 
 #### Merged Pull Requests
-- Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick))
+- Generate new org builds [#3087](https://github.com/inspec/inspec/pull/3087) ([jquick](https://github.com/jquick))
 <!-- latest_release -->
 
-<!-- release_rollup since=2.1.81 -->
-### Changes since 2.1.81 release
+<!-- release_rollup since=2.1.83 -->
+### Changes since 2.1.83 release
 
 #### Merged Pull Requests
-- Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick)) <!-- 2.1.83 -->
-- Update ruby required version. [#3070](https://github.com/chef/inspec/pull/3070) ([jquick](https://github.com/jquick)) <!-- 2.1.82 -->
+- Generate new org builds [#3087](https://github.com/inspec/inspec/pull/3087) ([jquick](https://github.com/jquick)) <!-- 2.1.84 -->
 <!-- release_rollup -->
 
 <!-- latest_stable_release -->
+## [v2.1.83](https://github.com/chef/inspec/tree/v2.1.83) (2018-05-18)
+
+#### Merged Pull Requests
+- Update ruby required version. [#3070](https://github.com/chef/inspec/pull/3070) ([jquick](https://github.com/jquick))
+- Test new gem builds [#3071](https://github.com/chef/inspec/pull/3071) ([jquick](https://github.com/jquick))
+<!-- latest_stable_release -->
+
 ## [v2.1.81](https://github.com/chef/inspec/tree/v2.1.81) (2018-05-17)
 
 #### Merged Pull Requests
 - Update Train pin to pull in msi env [#3068](https://github.com/chef/inspec/pull/3068) ([jquick](https://github.com/jquick))
-<!-- latest_stable_release -->
 
 ## [v2.1.80](https://github.com/chef/inspec/tree/v2.1.80) (2018-05-17)
 

data/README.md

@@ -450,4 +450,4 @@ Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
-limitations under the License.
+limitations under the License. 

data/docs/reporters.md

@@ -20,6 +20,14 @@ or
 inspec exec --reporter json:-
 ```
 
+Output yaml to screen
+
+```bash
+inspec exec --reporter yaml
+or
+inspec exec --reporter yaml:-
+```
+
 Output cli to screen and write json to a file.
 
 ```bash
@@ -84,6 +92,10 @@ This reporter includes all information about the profiles and test results in st
 
 This reporter is a redacted version of the json and only includes test results.
 
+### yaml
+
+This reporter includes all information about the profiles and test results in standard yaml format.
+
 ### documentation
 
 This reporter is a very minimal text base report. It shows you which tests passed by name and has a small summary at the end.

data/lib/fetchers/git.rb

@@ -50,7 +50,7 @@ module Fetchers
         Dir.mktmpdir do |tmpdir|
           checkout(tmpdir)
           Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
-          FileUtils.cp_r(tmpdir, @repo_directory)
+          FileUtils.cp_r(tmpdir + '/.', @repo_directory)
         end
       end
       @repo_directory

data/lib/inspec/base_cli.rb

@@ -70,7 +70,7 @@ module Inspec
         desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
       option :reporter, type: :array,
         banner: 'one two:/output/file/path',
-        desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'
+        desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml'
       option :color, type: :boolean,
         desc: 'Use colors in output.'
       option :attrs, type: :array,
@@ -162,6 +162,7 @@ module Inspec
         'json-rspec',
         'junit',
         'progress',
+        'yaml',
       ]
 
       reporters.each do |k, v|
@@ -203,7 +204,7 @@ module Inspec
 
     def suppress_log_output?(opts)
       return false if opts['reporter'].nil?
-      match = %w{json json-min json-rspec junit html} & opts['reporter'].keys
+      match = %w{json json-min json-rspec junit html yaml documentation progress} & opts['reporter'].keys
       unless match.empty?
         match.each do |m|
           # check to see if we are outputting to stdout

data/lib/inspec/reporters.rb

@@ -4,8 +4,10 @@ require 'inspec/reporters/json'
 require 'inspec/reporters/json_min'
 require 'inspec/reporters/junit'
 require 'inspec/reporters/automate'
+require 'inspec/reporters/yaml'
 
 module Inspec::Reporters
+  # rubocop:disable Metrics/CyclomaticComplexity
   def self.render(reporter, run_data)
     name, config = reporter.dup
     config[:run_data] = run_data
@@ -20,6 +22,8 @@ module Inspec::Reporters
       reporter = Inspec::Reporters::Junit.new(config)
     when 'automate'
       reporter = Inspec::Reporters::Automate.new(config)
+    when 'yaml'
+      reporter = Inspec::Reporters::Yaml.new(config)
     else
       raise NotImplementedError, "'#{name}' is not a valid reporter type."
     end
@@ -50,6 +54,8 @@ module Inspec::Reporters
       reporter = Inspec::Reporters::Json.new(config)
     when 'json-min'
       reporter = Inspec::Reporters::JsonMin.new(config)
+    when 'yaml'
+      reporter = Inspec::Reporters::Yaml.new(config)
     else
       # use base run_data hash for any other report
       return run_data

data/lib/inspec/reporters/yaml.rb

@@ -0,0 +1,22 @@
+# encoding: utf-8
+
+require 'yaml'
+
+module Inspec::Reporters
+  class Yaml < Base
+    def render
+      output(Inspec::Reporters::Json.new({ run_data: run_data }).report.to_yaml, false)
+    end
+
+    def report
+      {
+        platform: platform,
+        profiles: profiles,
+        statistics: {
+          duration: run_data[:statistics][:duration],
+        },
+        version: run_data[:version],
+      }
+    end
+  end
+end

data/lib/inspec/runner_rspec.rb

@@ -117,7 +117,7 @@ module Inspec
         if @conf['reporter']['json-rspec']&.[]('file').nil?
           RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson)
         else
-          RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson, @conf[:reporter]['json-rspec']['file'])
+          RSpec.configuration.add_formatter(Inspec::Formatters::RspecJson, @conf['reporter']['json-rspec']['file'])
         end
         @conf['reporter'].delete('json-rspec')
       end

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '2.1.83'
+  VERSION = '2.1.84'
 end

data/lib/resources/groups.rb

@@ -52,6 +52,7 @@ module Inspec::Resources
           .add(:names,     field: 'name')
           .add(:gids,      field: 'gid')
           .add(:domains,   field: 'domain')
+          .add(:members,   field: 'members')
           .add(:exists?) { |x| !x.entries.empty? }
     filter.connect(self, :collect_group_details)
 
@@ -90,6 +91,10 @@ module Inspec::Resources
         it { should exist }
         its('gid') { should eq 0 }
       end
+
+      describe group('Administrators') do
+        its('members') { should include 'Administrator' }
+      end
     "
 
     def initialize(groupname)
@@ -106,15 +111,7 @@ module Inspec::Resources
     end
 
     def gid
-      gids = group_info.gids
-      if gids.empty?
-        nil
-      # the default case should be one group
-      elsif gids.size == 1
-        gids.entries[0]
-      else
-        raise 'found more than one group with the same name, please use `groups` resource'
-      end
+      flatten_entry(group_info, 'gid')
     end
 
     # implements rspec has matcher, to be compatible with serverspec
@@ -122,6 +119,11 @@ module Inspec::Resources
       gid == compare_gid
     end
 
+    def members
+      return unless inspec.os.windows?
+      flatten_entry(group_info, 'members')
+    end
+
     def local
       # at this point the implementation only returns local groups
       true
@@ -133,6 +135,17 @@ module Inspec::Resources
 
     private
 
+    def flatten_entry(group_info, prop)
+      entries = group_info.entries
+      if entries.empty?
+        nil
+      elsif entries.size == 1
+        entries.first.send(prop)
+      else
+        raise 'found more than one group with the same name, please use `groups` resource'
+      end
+    end
+
     def group_info
       # we need a local copy for the block
       group = @group.dup
@@ -183,18 +196,22 @@ module Inspec::Resources
   class WindowsGroup < GroupInfo
     # returns all local groups
     def groups
-      script = <<~EOH
-        Function  ConvertTo-SID { Param([byte[]]$BinarySID)
-          (New-Object  System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
+      script = <<-EOH
+        Function ConvertTo-SID { Param([byte[]]$BinarySID)
+          (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
         }
-
-        $Computername =  $Env:Computername
-        $adsi  = [ADSI]"WinNT://$Computername"
-        $groups = $adsi.Children | where {$_.SchemaClassName -eq  'group'} |  ForEach {
+        $Computername = $Env:Computername
+        $adsi = [ADSI]"WinNT://$Computername"
+        $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach {
           $name = $_.Name[0]
           $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
           $group =[ADSI]$_.Path
-          new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain=$Computername}
+          $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) }
+          # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json
+          if(-not [bool]$members) {
+            $members = @()
+          }
+          new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members}
         }
         $groups | ConvertTo-Json -Depth 3
       EOH

data/lib/resources/iis_site.rb

@@ -40,19 +40,19 @@ module Inspec::Resources
     end
 
     def app_pool
-      iis_site[:app_pool]
+      iis_site.nil? ? nil : iis_site[:app_pool]
     end
 
     def bindings
-      iis_site[:bindings]
+      iis_site.nil? ? nil : iis_site[:bindings]
     end
 
     def state
-      iis_site[:state]
+      iis_site.nil? ? nil : iis_site[:state]
     end
 
     def path
-      iis_site[:path]
+      iis_site.nil? ? nil : iis_site[:path]
     end
 
     def exists?

data/lib/resources/mssql_session.rb

@@ -29,15 +29,22 @@ module Inspec::Resources
       end
     "
 
-    attr_reader :user, :password, :host, :port, :instance
+    attr_reader :user, :password, :host, :port, :instance, :local_mode
     def initialize(opts = {})
       @user = opts[:user]
       @password = opts[:password] || opts[:pass]
       if opts[:pass]
         warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
       end
-      @host = opts[:host] || 'localhost'
-      @port = opts[:port] || '1433'
+      @local_mode = opts[:local_mode]
+      unless local_mode?
+        @host = opts[:host] || 'localhost'
+        if opts.key?(:port)
+          @port = opts[:port]
+        else
+          @port = '1433'
+        end
+      end
       @instance = opts[:instance]
 
       # check if sqlcmd is available
@@ -51,18 +58,22 @@ module Inspec::Resources
       # surpress 'x rows affected' in SQLCMD with 'set nocount on;'
       cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
       cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
-      if @instance.nil?
-        cmd_string += " -S '#{@host},#{@port}'"
-      else
-        cmd_string += " -S '#{@host},#{@port}\\#{@instance}'"
+      unless local_mode?
+        if @port.nil?
+          cmd_string += " -S '#{@host}"
+        else
+          cmd_string += " -S '#{@host},#{@port}"
+        end
+        if @instance.nil?
+          cmd_string += "'"
+        else
+          cmd_string += "\\#{@instance}'"
+        end
       end
       cmd = inspec.command(cmd_string)
       out = cmd.stdout + "\n" + cmd.stderr
       if cmd.exit_status != 0 || out =~ /Sqlcmd: Error/
-        # TODO: we need to throw an exception here
-        # change once https://github.com/chef/inspec/issues/1205 is in
-        warn "Could not execute the sql query #{out}"
-        DatabaseHelper::SQLQueryResult.new(cmd, Hashie::Mash.new({}))
+        raise Inspec::Exceptions::ResourceFailed, "Could not execute the sql query #{out}"
       else
         DatabaseHelper::SQLQueryResult.new(cmd, parse_csv_result(cmd))
       end
@@ -74,6 +85,10 @@ module Inspec::Resources
 
     private
 
+    def local_mode?
+      !!@local_mode # rubocop:disable Style/DoubleNegation
+    end
+
     def test_connection
       !query('select getdate()').empty?
     end

data/lib/resources/package.rb

@@ -181,7 +181,7 @@ module Inspec::Resources
 
     def rpm_command(package_name)
       cmd = ''
-      cmd += 'rpm -qia'
+      cmd += 'rpm -qi'
       cmd += " --dbpath #{@dbpath}" if @dbpath
       cmd += ' ' + package_name
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 2.1.83
+  version: 2.1.84
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-18 00:00:00.000000000 Z
+date: 2018-05-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -618,6 +618,7 @@ files:
 - lib/inspec/reporters/json.rb
 - lib/inspec/reporters/json_min.rb
 - lib/inspec/reporters/junit.rb
+- lib/inspec/reporters/yaml.rb
 - lib/inspec/require_loader.rb
 - lib/inspec/resource.rb
 - lib/inspec/rule.rb