inspec 2.3.28 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8742ade52e04413d98857dbe243589448629c3db92d285cb943b8af4b70e6e88
-  data.tar.gz: f04e1dac3d71463472bfbf68069838b0bbd02527412f3a184dd9f2b8d52f8975
+  metadata.gz: 5ca6936485ca0d43d8e2a6d4a666d00d35a0b34213395edf195e3464922ac05c
+  data.tar.gz: 4af42fb90e856a6fdbb03da658caf5e5a299ab490655abdee8901d292425011c
 SHA512:
-  metadata.gz: 51d424a89a76c6cef322ff7f58747d1e7e75495bb160510436f0a02baa28f257ece67e844a4129de29cef11a2882b19248475215e9c4ac72974708728115748b
-  data.tar.gz: 891b0c14bfc29becb71add1adc968f0d23c6e397da0cd105ed7fe8550001c10987f3b1962732b61c83b09af006a8519406285371fe207d143142e7c674dd5afa
+  metadata.gz: b292beb653ebc321790748a416f99a0f0b5d9c8248e34af8ed1206d1f67764f09c9336ab61c2d8bbe2d8fa134d1faf4e4363636e4388f18b4b632ba49e9b7721
+  data.tar.gz: 335128b72b28c6b66cf9d2d9beac4a4540a597415fe019b250597e9a6dc9db33a987c7223a5999fa243c5ef9d27d2a2c284f1d5ab5662a6742f4e1ad79a40836

data/CHANGELOG.md

@@ -1,18 +1,19 @@
 # Change Log
 <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
-<!-- latest_release 2.3.28 -->
-## [v2.3.28](https://github.com/inspec/inspec/tree/v2.3.28) (2019-02-08)
+<!-- latest_release unreleased -->
+## Unreleased
 
-#### Merged Pull Requests
-- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe))
+#### Enhancements
+- Inspec 3.0 [#3512](https://github.com/inspec/inspec/pull/3512) ([jquick](https://github.com/jquick))
 <!-- latest_release -->
 
 <!-- release_rollup since=2.3.24 -->
 ### Changes since 2.3.24 release
 
+#### Enhancements
+- Inspec 3.0 [#3512](https://github.com/inspec/inspec/pull/3512) ([jquick](https://github.com/jquick)) <!-- 3.0.0 -->
+
 #### Merged Pull Requests
-- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.28 -->
-- Update copyright for 2.x branch [#3794](https://github.com/inspec/inspec/pull/3794) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.27 -->
 - Update the text on the generic default attribute [#3508](https://github.com/inspec/inspec/pull/3508) ([jquick](https://github.com/jquick)) <!-- 2.3.26 -->
 - Change `Inspec ` to `InSpec ` where appropriate [#3494](https://github.com/inspec/inspec/pull/3494) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.25 -->
 <!-- release_rollup -->

data/Gemfile

@@ -11,6 +11,7 @@ gem 'ffi', '>= 1.9.14'
 gem 'aws-sdk', '~> 2'
 
 group :test do
+  gem 'bundler', '~> 1.5'
   gem 'minitest', '~> 5.5'
   gem 'rake', '>= 10'
   gem 'rubocop', '= 0.49.1'

data/README.md

@@ -439,7 +439,7 @@ Please see [TESTING_AGAINST_AZURE.md](./test/integration/aws/TESTING_AGAINST_AZU
 | **Author:**    | Dominik Richter (<drichter@chef.io>)      |
 | **Author:**    | Christoph Hartmann (<chartmann@chef.io>)  |
 | **Copyright:** | Copyright (c) 2015 Vulcano Security GmbH. |
-| **Copyright:** | Copyright (c) 2019 Chef Software Inc.     |
+| **Copyright:** | Copyright (c) 2017 Chef Software Inc.     |
 | **License:**   | Apache License, Version 2.0               |
 
 Licensed under the Apache License, Version 2.0 (the "License");

data/inspec.gemspec

@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.3'
 
-  spec.add_dependency 'train', '~> 1.5', '= 1.7.1'
+  spec.add_dependency 'train', '~> 1.5'
   spec.add_dependency 'thor', '~> 0.20'
   spec.add_dependency 'json', '>= 1.8', '< 3.0'
   spec.add_dependency 'method_source', '~> 0.8'

data/lib/inspec/base_cli.rb

@@ -82,8 +82,6 @@ module Inspec
       profile_options
       option :controls, type: :array,
         desc: 'A list of control names to run, or a list of /regexes/ to match against control names. Ignore all other tests.'
-      option :format, type: :string,
-        desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
       option :reporter, type: :array,
         banner: 'one two:/output/file/path',
         desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml'
@@ -116,23 +114,7 @@ module Inspec
       }
     end
 
-    def self.parse_reporters(opts) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
-      # merge in any legacy formats as reporter
-      # this method will only be used for ad-hoc runners
-      if !opts['format'].nil? && opts['reporter'].nil?
-        warn '[DEPRECATED] The option --format is being deprecated and will be removed in inspec 3.0. Please use --reporter'
-
-        # see if we are using the legacy output to write to files
-        if opts['output']
-          warn '[DEPRECATED] The option \'output\' is being deprecated and will be removed in inspec 3.0. Please use --reporter name:path'
-          opts['format'] = "#{opts['format']}:#{opts['output']}"
-          opts.delete('output')
-        end
-
-        opts['reporter'] = Array(opts['format'])
-        opts.delete('format')
-      end
-
+    def self.parse_reporters(opts) # rubocop:disable Metrics/AbcSize
       # default to cli report for ad-hoc runners
       opts['reporter'] = ['cli'] if opts['reporter'].nil?
 
@@ -312,10 +294,6 @@ module Inspec
       json_config = options_json
       opts.merge!(json_config)
 
-      # remove the default reporter if we are setting a legacy format on the cli
-      # or via json-config
-      opts.delete('reporter') if options['format'] || json_config['format']
-
       # merge in any options defined via thor
       opts.merge!(options)
 

data/lib/inspec/cli.rb

@@ -213,8 +213,6 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   target_options
   option :command, aliases: :c,
     desc: 'A single command string to run instead of launching the shell'
-  option :format, type: :string, default: nil, hide: true,
-    desc: '[DEPRECATED] Please use --reporter - this will be removed in InSpec 3.0'
   option :reporter, type: :array,
     banner: 'one two:/output/file/path',
     desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'

data/lib/inspec/dsl.rb

@@ -30,8 +30,11 @@ module Inspec::DSL
   def self.load_spec_files_for_profile(bind_context, opts, &block)
     dependencies = opts[:dependencies]
     profile_id = opts[:profile_id]
-
     dep_entry = dependencies.list[profile_id]
+
+    # do not load any controls if the profile is not supported
+    return unless dep_entry.profile.supports_platform?
+
     if dep_entry.nil?
       raise <<~EOF
         Cannot load #{profile_id} since it is not listed as a dependency of #{bind_context.profile_name}.

data/lib/inspec/formatters/base.rb

@@ -69,7 +69,6 @@ module Inspec::Formatters
         name: platform(:name),
         release: platform(:release),
         target: backend_target,
-        uuid: platform(:uuid),
       }
     end
 

data/lib/inspec/metadata.rb

@@ -159,13 +159,6 @@ module Inspec
       when Hash   then [finalize_supports_elem(x, logger)]
       when Array  then x.map { |e| finalize_supports_elem(e, logger) }.compact
       when nil    then []
-      else
-        logger ||= Logger.new(nil)
-        logger.warn(
-          "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
-          "supports:\n  - os-family: #{x}\n\n",
-        )
-        [{ :'os-family' => x }] # rubocop:disable Style/HashSyntax
       end
     end
 

data/lib/inspec/profile.rb

@@ -159,10 +159,16 @@ module Inspec
       supports_platform? && supports_runtime?
     end
 
+    # We need to check if we're using a Mock'd backend for tests to function.
+    # @returns [TrueClass, FalseClass]
     def supports_platform?
       if @supports_platform.nil?
         @supports_platform = metadata.supports_platform?(@backend)
       end
+      if @backend.backend.class.to_s == 'Train::Transports::Mock::Connection'
+        @supports_platform = true
+      end
+
       @supports_platform
     end
 
@@ -178,7 +184,8 @@ module Inspec
     end
 
     def collect_tests(include_list = @controls)
-      if !@tests_collected
+      unless @tests_collected
+        return unless supports_platform?
         locked_dependencies.each(&:collect_tests)
 
         tests.each do |path, content|
@@ -222,7 +229,21 @@ module Inspec
     def load_libraries
       return @runner_context if @libraries_loaded
 
-      locked_dependencies.each do |d|
+      locked_dependencies.dep_list.each_with_index do |(_name, dep), i|
+        d = dep.profile
+        # this will force a dependent profile load so we are only going to add
+        # this metadata if the parent profile is supported.
+        if supports_platform? && !d.supports_platform?
+          # since ruby 1.9 hashes are ordered so we can just use index values here
+          metadata.dependencies[i][:status] = 'skipped'
+          msg = "Skipping profile: '#{d.name}' on unsupported platform: '#{d.backend.platform.name}/#{d.backend.platform.release}'."
+          metadata.dependencies[i][:skip_message] = msg
+          next
+        elsif metadata.dependencies[i]
+          # Currently wrapper profiles will load all dependencies, and then we
+          # load them again when we dive down. This needs to be re-done.
+          metadata.dependencies[i][:status] = 'loaded'
+        end
         c = d.load_libraries
         @runner_context.add_resources(c)
       end
@@ -245,7 +266,7 @@ module Inspec
       info(load_params.dup)
     end
 
-    def info(res = params.dup) # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+    def info(res = params.dup) # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
       # add information about the controls
       res[:controls] = res[:controls].map do |id, rule|
         next if id.to_s.empty?
@@ -284,6 +305,14 @@ module Inspec
       res[:sha256] = sha256
       res[:parent_profile] = parent_profile unless parent_profile.nil?
 
+      if !supports_platform?
+        res[:status] = 'skipped'
+        msg = "Skipping profile: '#{name}' on unsupported platform: '#{backend.platform.name}/#{backend.platform.release}'."
+        res[:skip_message] = msg
+      else
+        res[:status] = 'loaded'
+      end
+
       # convert legacy os-* supports to their platform counterpart
       if res[:supports] && !res[:supports].empty?
         res[:supports].each do |support|
@@ -335,9 +364,6 @@ module Inspec
 
       @logger.info "Checking profile in #{@target}"
       meta_path = @source_reader.target.abs_path(@source_reader.metadata.ref)
-      if meta_path =~ /metadata\.rb$/
-        warn.call(@target, 0, 0, nil, 'The use of `metadata.rb` is deprecated. Use `inspec.yml`.')
-      end
 
       # verify metadata
       m_errors, m_warnings = metadata.valid
@@ -350,12 +376,6 @@ module Inspec
       # extract profile name
       result[:summary][:profile] = metadata.params[:name]
 
-      # check if the profile is using the old test directory instead of the
-      # new controls directory
-      if @source_reader.tests.keys.any? { |x| x =~ %r{^test/$} }
-        warn.call(@target, 0, 0, nil, 'Profile uses deprecated `test` directory, rename it to `controls`.')
-      end
-
       count = controls_count
       result[:summary][:controls] = count
       if count == 0
@@ -542,7 +562,7 @@ module Inspec
       params[:controls] = controls = {}
       params[:groups] = groups = {}
       prefix = @source_reader.target.prefix || ''
-      tests.each do |rule|
+      tests&.each do |rule|
         next if rule.nil?
         f = load_rule_filepath(prefix, rule)
         load_rule(rule, f, controls, groups)

data/lib/inspec/reporters/automate.rb

@@ -23,7 +23,7 @@ module Inspec::Reporters
       final_report[:type] = 'inspec_report'
 
       final_report[:end_time] = Time.now.utc.strftime('%FT%TZ')
-      final_report[:node_uuid] = @config['node_uuid'] || @run_data[:platform][:uuid]
+      final_report[:node_uuid] = @config['node_uuid'] || @config['target_id']
       raise Inspec::ReporterError, 'Cannot find a UUID for your node. Please specify one via json-config.' if final_report[:node_uuid].nil?
 
       final_report[:report_uuid] = @config['report_uuid'] || uuid_from_string(final_report[:end_time] + final_report[:node_uuid])

data/lib/inspec/reporters/cli.rb

@@ -44,6 +44,11 @@ module Inspec::Reporters
 
     def render
       run_data[:profiles].each do |profile|
+        if profile[:status] == 'skipped'
+          platform = run_data[:platform]
+          output("Skipping profile: '#{profile[:name]}' on unsupported platform: '#{platform[:name]}/#{platform[:release]}'.")
+          next
+        end
         @control_count = 0
         output('')
         print_profile_header(profile)

data/lib/inspec/reporters/json.rb

@@ -112,6 +112,8 @@ module Inspec::Reporters
           depends: p[:depends],
           groups: profile_groups(p),
           controls: profile_controls(p),
+          status: p[:status],
+          skip_message: p[:skip_message],
         }
         profiles << profile.reject { |_k, v| v.nil? }
       end

data/lib/inspec/runner.rb

@@ -80,16 +80,24 @@ module Inspec
 
       @target_profiles.each do |profile|
         @test_collector.add_profile(profile)
+        next unless profile.supports_platform?
+
         write_lockfile(profile) if @create_lockfile
         profile.locked_dependencies
         profile_context = profile.load_libraries
 
         profile_context.dependencies.list.values.each do |requirement|
+          unless requirement.profile.supports_platform?
+            Inspec::Log.warn "Skipping profile: '#{requirement.profile.name}'" \
+             " on unsupported platform: '#{@backend.platform.name}/#{@backend.platform.release}'."
+            next
+          end
           @test_collector.add_profile(requirement.profile)
         end
 
         @attributes = profile.runner_context.attributes if @attributes.empty?
-        all_controls += profile.collect_tests
+        tests = profile.collect_tests
+        all_controls += tests unless tests.nil?
       end
 
       all_controls.each do |rule|
@@ -202,10 +210,6 @@ module Inspec
              "InSpec v#{Inspec::VERSION}.\n"
       end
 
-      if !profile.supports_platform?
-        raise "This OS/platform (#{@backend.platform.name}/#{@backend.platform.release}) is not supported by this profile."
-      end
-
       true
     end
 

data/lib/inspec/runner_rspec.rb

@@ -84,11 +84,12 @@ module Inspec
     def exit_code
       return @rspec_exit_code if @formatter.results.empty?
       stats = @formatter.results[:statistics][:controls]
-      if stats[:failed][:total] == 0 && stats[:skipped][:total] == 0
+      skipped = @formatter.results[:profiles].first[:status] == 'skipped'
+      if stats[:failed][:total] == 0 && stats[:skipped][:total] == 0 && !skipped
         0
       elsif stats[:failed][:total] > 0
         @conf['distinct_exit'] ? 100 : 1
-      elsif stats[:skipped][:total] > 0
+      elsif stats[:skipped][:total] > 0 || skipped
         @conf['distinct_exit'] ? 101 : 0
       else
         @rspec_exit_code

data/lib/inspec/schema.rb

@@ -137,6 +137,8 @@ module Inspec
         'copyright_email' => { 'type' => 'string', 'optional' => true },
         'license' => { 'type' => 'string', 'optional' => true },
         'summary' => { 'type' => 'string', 'optional' => true },
+        'status' => { 'type' => 'string', 'optional' => false },
+        'skip_message' => { 'type' => 'string', 'optional' => true },
 
         'supports' => {
           'type' => 'array',

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '2.3.28'
+  VERSION = '3.0.0'
 end

data/lib/resources/apache.rb

@@ -26,7 +26,7 @@ module Inspec::Resources
 
     attr_reader :service, :conf_dir, :conf_path, :user
     def initialize
-      warn '[DEPRECATED] The `apache` resource is deprecated and will be removed in InSpec 3.0.'
+      warn '[DEPRECATED] The `apache` resource is deprecated and will be removed in InSpec 4.0'
 
       if inspec.os.debian?
         @service = 'apache2'

data/lib/resources/processes.rb

@@ -56,7 +56,7 @@ module Inspec::Resources
     end
 
     def list
-      warn '[DEPRECATION] `processes.list` is deprecated. Please use `processes.entries` instead. It will be removed in version 2.0.0.'
+      warn '[DEPRECATION] `processes.list` is deprecated. Please use `processes.entries` instead. It will be removed in version 4.0.'
       @list
     end
 

data/lib/resources/yum.rb

@@ -152,29 +152,4 @@ module Inspec::Resources
       "YumRepo #{@reponame}"
     end
   end
-
-  # for compatability with serverspec
-  # this is deprecated syntax and will be removed in future versions
-  class YumRepoLegacy < Yum
-    name 'yumrepo'
-
-    def initialize(name)
-      super()
-      @repository = repo(name)
-    end
-
-    def exists?
-      deprecated
-      @repository.exist?
-    end
-
-    def enabled?
-      deprecated
-      @repository.enabled?
-    end
-
-    def deprecated
-      warn '[DEPRECATION] `yumrepo(reponame)` is deprecated.  Please use `yum.repo(reponame)` instead.'
-    end
-  end
 end

data/lib/source_readers/inspec.rb

@@ -12,14 +12,6 @@ module SourceReaders
 
     def self.resolve(target)
       return new(target, 'inspec.yml') if target.files.include?('inspec.yml')
-      # TODO: deprecated for 1.0.0 release
-      if target.files.include?('metadata.rb') &&
-         (
-           target.files.include?('controls') ||
-           target.files.include?('test')
-         )
-        return new(target, 'metadata.rb')
-      end
       nil
     end
 

data/lib/utils/database_helpers.rb

@@ -68,16 +68,6 @@ module DatabaseHelper
       @results.size
     end
 
-    def stdout
-      warn '[DEPRECATION] The `stdout` method is deprecated. Use `row` instead.'
-      @cmd.stdout
-    end
-
-    def stderr
-      warn '[DEPRECATION] The `stderr` method is deprecated. Use `successful?` instead.'
-      @cmd.stderr
-    end
-
     def inspect
       to_s
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 2.3.28
+  version: 3.0.0
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-02-08 00:00:00.000000000 Z
+date: 2018-10-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -17,9 +17,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -27,9 +24,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.7.1
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement