inspec 3.9.3 → 4.1.4.preview
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile +2 -7
- data/README.md +1 -2
- data/etc/deprecations.json +88 -6
- data/inspec.gemspec +4 -2
- data/lib/inspec/base_cli.rb +5 -5
- data/lib/inspec/cli.rb +39 -9
- data/lib/inspec/config.rb +2 -2
- data/lib/inspec/metadata.rb +3 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -1
- data/lib/inspec/ui.rb +1 -0
- data/lib/inspec/version.rb +1 -6
- data/lib/matchers/matchers.rb +1 -0
- data/lib/plugins/inspec-init/templates/profiles/aws/README.md +164 -26
- data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +18 -4
- data/lib/plugins/inspec-init/templates/profiles/aws/inspec.yml +10 -4
- data/lib/resource_support/aws.rb +17 -1
- data/lib/resources/apache.rb +1 -1
- data/lib/resources/apt.rb +1 -3
- data/lib/resources/aws/aws_iam_user.rb +3 -3
- data/lib/resources/azure/azure_generic_resource.rb +1 -1
- data/lib/resources/file.rb +34 -1
- data/lib/resources/filesystem.rb +1 -1
- data/lib/resources/host.rb +2 -2
- data/lib/resources/iis_site.rb +1 -1
- data/lib/resources/interface.rb +75 -1
- data/lib/resources/kernel_parameter.rb +2 -7
- data/lib/resources/mssql_session.rb +1 -1
- data/lib/resources/oracledb_session.rb +1 -1
- data/lib/resources/powershell.rb +1 -5
- data/lib/resources/processes.rb +1 -1
- data/lib/resources/registry_key.rb +1 -7
- data/lib/resources/shadow.rb +5 -10
- data/lib/resources/users.rb +6 -10
- data/lib/resources/wmi.rb +1 -2
- data/lib/utils/deprecation/deprecator.rb +9 -8
- data/lib/utils/deprecation/global_method.rb +1 -1
- data/lib/utils/parser.rb +1 -1
- metadata +37 -14
data/lib/resources/shadow.rb
CHANGED
@@ -91,32 +91,27 @@ module Inspec::Resources
|
|
91
91
|
# Next 4 are deprecated methods. We define them here so we can emit a deprecation message.
|
92
92
|
# They are also defined on the Table, above.
|
93
93
|
def user(query = nil)
|
94
|
-
|
95
|
-
' in InSpec 3.0. Please use `users` instead.'
|
94
|
+
Inspec.deprecate(:properties_shadow, 'The shadow `user` property is deprecated. Please use `users` instead.')
|
96
95
|
query.nil? ? where.users : where('user' => query)
|
97
96
|
end
|
98
97
|
|
99
98
|
def password(query = nil)
|
100
|
-
|
101
|
-
' in InSpec 3.0. Please use `passwords` instead.'
|
99
|
+
Inspec.deprecate(:properties_shadow, 'The shadow `password` property is deprecated. Please use `passwords` instead.')
|
102
100
|
query.nil? ? where.passwords : where('password' => query)
|
103
101
|
end
|
104
102
|
|
105
103
|
def last_change(query = nil)
|
106
|
-
|
107
|
-
' in InSpec 3.0. Please use `last_changes` instead.'
|
104
|
+
Inspec.deprecate(:properties_shadow, 'The shadow `last_change` property is deprecated. Please use `last_changes` instead.')
|
108
105
|
query.nil? ? where.last_changes : where('last_change' => query)
|
109
106
|
end
|
110
107
|
|
111
108
|
def expiry_date(query = nil)
|
112
|
-
|
113
|
-
' in InSpec 3.0. Please use `expiry_dates` instead.'
|
109
|
+
Inspec.deprecate(:properties_shadow, 'The shadow `expiry_date` property is deprecated. Please use `expiry_dates` instead.')
|
114
110
|
query.nil? ? where.expiry_dates : where('expiry_date' => query)
|
115
111
|
end
|
116
112
|
|
117
113
|
def lines
|
118
|
-
|
119
|
-
' in InSpec 3.0.'
|
114
|
+
Inspec.deprecate(:properties_shadow, 'The shadow `lines` property is deprecated.')
|
120
115
|
shadow_content.to_s.split("\n")
|
121
116
|
end
|
122
117
|
|
data/lib/resources/users.rb
CHANGED
@@ -213,42 +213,38 @@ module Inspec::Resources
|
|
213
213
|
|
214
214
|
# implement 'mindays' method to be compatible with serverspec
|
215
215
|
def minimum_days_between_password_change
|
216
|
-
|
216
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.')
|
217
217
|
mindays
|
218
218
|
end
|
219
219
|
|
220
220
|
# implement 'maxdays' method to be compatible with serverspec
|
221
221
|
def maximum_days_between_password_change
|
222
|
-
|
222
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `maximum_days_between_password_change` property is deprecated. Please use `maxdays`.')
|
223
223
|
maxdays
|
224
224
|
end
|
225
225
|
|
226
226
|
# implements rspec has matcher, to be compatible with serverspec
|
227
227
|
# @see: https://github.com/rspec/rspec-expectations/blob/master/lib/rspec/matchers/built_in/has.rb
|
228
228
|
def has_uid?(compare_uid)
|
229
|
-
|
229
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_uid?` matcher is deprecated.')
|
230
230
|
uid == compare_uid
|
231
231
|
end
|
232
232
|
|
233
233
|
def has_home_directory?(compare_home)
|
234
|
-
|
234
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_home_directory?` matcher is deprecated. Please use `its(\'home\')`.')
|
235
235
|
home == compare_home
|
236
236
|
end
|
237
237
|
|
238
238
|
def has_login_shell?(compare_shell)
|
239
|
-
|
239
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_login_shell?` matcher is deprecated. Please use `its(\'shell\')`.')
|
240
240
|
shell == compare_shell
|
241
241
|
end
|
242
242
|
|
243
243
|
def has_authorized_key?(_compare_key)
|
244
|
-
|
244
|
+
Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_authorized_key?` matcher is deprecated. There is no currently implemented alternative')
|
245
245
|
raise NotImplementedError
|
246
246
|
end
|
247
247
|
|
248
|
-
def deprecated(name, alternative = nil)
|
249
|
-
warn "[DEPRECATION] #{name} is deprecated. #{alternative}"
|
250
|
-
end
|
251
|
-
|
252
248
|
def to_s
|
253
249
|
"User #{@username}"
|
254
250
|
end
|
data/lib/resources/wmi.rb
CHANGED
@@ -26,11 +26,10 @@ module Inspec::Resources
|
|
26
26
|
|
27
27
|
def initialize(wmiclass = nil, opts = nil)
|
28
28
|
@options = opts || {}
|
29
|
-
# if wmiclass is not a hash, we have to handle deprecation behavior
|
30
29
|
if wmiclass.is_a?(Hash)
|
31
30
|
@options.merge!(wmiclass)
|
32
31
|
else
|
33
|
-
|
32
|
+
Inspec.deprecate(:wmi_non_hash_usage, 'Using `wmi(\'wmisclass\')` is deprecated. Please use`wmi({class: \'wmisclass\'})`')
|
34
33
|
@options[:class] = wmiclass
|
35
34
|
end
|
36
35
|
end
|
@@ -18,7 +18,7 @@ module Inspec
|
|
18
18
|
|
19
19
|
action = group[:action] || :warn
|
20
20
|
action_method = ('handle_' + action.to_s + '_action').to_sym
|
21
|
-
send(action_method, assembled_message, group)
|
21
|
+
send(action_method, group_name.to_sym, assembled_message, group)
|
22
22
|
end
|
23
23
|
|
24
24
|
private
|
@@ -76,7 +76,8 @@ module Inspec
|
|
76
76
|
false
|
77
77
|
end
|
78
78
|
|
79
|
-
|
79
|
+
# Unused args needed for unit test deprecation harness
|
80
|
+
def handle_ignore_action(_group_name, message, _group)
|
80
81
|
handle_log_action(message, :debug)
|
81
82
|
end
|
82
83
|
|
@@ -91,24 +92,24 @@ module Inspec
|
|
91
92
|
end
|
92
93
|
end
|
93
94
|
|
94
|
-
def handle_warn_action(message, _group)
|
95
|
+
def handle_warn_action(_group_name, message, _group)
|
95
96
|
handle_log_action(message, :warn)
|
96
97
|
end
|
97
98
|
|
98
|
-
def handle_error_action(message, _group)
|
99
|
+
def handle_error_action(_group_name, message, _group)
|
99
100
|
handle_log_action(message, :error)
|
100
101
|
end
|
101
102
|
|
102
|
-
def handle_fail_control_action(message, group)
|
103
|
+
def handle_fail_control_action(group_name, message, group)
|
103
104
|
if called_from_control?
|
104
105
|
raise Inspec::Exceptions::ResourceFailed, message
|
105
106
|
else
|
106
|
-
handle_warn_action(message, group)
|
107
|
+
handle_warn_action(group_name, message, group)
|
107
108
|
end
|
108
109
|
end
|
109
110
|
|
110
|
-
def handle_exit_action(message, group)
|
111
|
-
handle_error_action(message, group)
|
111
|
+
def handle_exit_action(group_name, message, group)
|
112
|
+
handle_error_action(group_name, message, group)
|
112
113
|
status = group[:exit_status] || :fatal_deprecation
|
113
114
|
Inspec::UI.new.exit(status)
|
114
115
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'utils/deprecation/deprecator'
|
2
2
|
|
3
3
|
module Inspec
|
4
|
-
def self.deprecate(group, msg, opts = {})
|
4
|
+
def self.deprecate(group, msg = '', opts = {})
|
5
5
|
config_io = opts.delete(:config_io)
|
6
6
|
deprecator = Inspec::Deprecation::Deprecator.new(config_io: config_io)
|
7
7
|
deprecator.handle_deprecation(group, msg, opts)
|
data/lib/utils/parser.rb
CHANGED
@@ -88,7 +88,7 @@ module LinuxMountParser
|
|
88
88
|
# parse options as array
|
89
89
|
mount_options[:options] = mount[5].gsub(/\(|\)/, '').split(',')
|
90
90
|
else
|
91
|
-
|
91
|
+
Inspec.deprecate(:mount_parser_serverspec_compat, 'Parsing mount options in this fashion is deprecated')
|
92
92
|
mount_options[:options] = {}
|
93
93
|
mount[5].gsub(/\(|\)/, '').split(',').each do |option|
|
94
94
|
name, val = option.split('=')
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.1.4.preview
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-04-
|
11
|
+
date: 2019-04-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train
|
@@ -16,20 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
20
|
-
- - ">="
|
21
|
-
- !ruby/object:Gem::Version
|
22
|
-
version: 1.7.2
|
19
|
+
version: '2.0'
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
24
|
- - "~>"
|
28
25
|
- !ruby/object:Gem::Version
|
29
|
-
version: '
|
30
|
-
- - ">="
|
31
|
-
- !ruby/object:Gem::Version
|
32
|
-
version: 1.7.2
|
26
|
+
version: '2.0'
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: train-habitat
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -44,6 +38,34 @@ dependencies:
|
|
44
38
|
- - "~>"
|
45
39
|
- !ruby/object:Gem::Version
|
46
40
|
version: '0.1'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: train-aws
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0.1'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0.1'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: license-acceptance
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0.2'
|
62
|
+
type: :runtime
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0.2'
|
47
69
|
- !ruby/object:Gem::Dependency
|
48
70
|
name: thor
|
49
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -797,14 +819,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
797
819
|
requirements:
|
798
820
|
- - ">="
|
799
821
|
- !ruby/object:Gem::Version
|
800
|
-
version: '2.
|
822
|
+
version: '2.4'
|
801
823
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
802
824
|
requirements:
|
803
|
-
- - "
|
825
|
+
- - ">"
|
804
826
|
- !ruby/object:Gem::Version
|
805
|
-
version:
|
827
|
+
version: 1.3.1
|
806
828
|
requirements: []
|
807
|
-
|
829
|
+
rubyforge_project:
|
830
|
+
rubygems_version: 2.6.14.3
|
808
831
|
signing_key:
|
809
832
|
specification_version: 4
|
810
833
|
summary: Infrastructure and compliance testing.
|