inspec 4.18.51 → 4.18.85
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/inspec.gemspec +15 -37
- data/lib/resource_support/aws/aws_resource_mixin.rb +1 -1
- metadata +22 -709
- data/Gemfile +0 -61
- data/LICENSE +0 -14
- data/README.md +0 -474
- data/etc/deprecations.json +0 -125
- data/etc/plugin_filters.json +0 -45
- data/lib/bundles/README.md +0 -3
- data/lib/bundles/inspec-compliance/api.rb +0 -7
- data/lib/bundles/inspec-compliance/configuration.rb +0 -7
- data/lib/bundles/inspec-compliance/http.rb +0 -7
- data/lib/bundles/inspec-compliance/support.rb +0 -7
- data/lib/bundles/inspec-compliance/target.rb +0 -7
- data/lib/bundles/inspec-supermarket.rb +0 -9
- data/lib/bundles/inspec-supermarket/README.md +0 -45
- data/lib/bundles/inspec-supermarket/api.rb +0 -87
- data/lib/bundles/inspec-supermarket/cli.rb +0 -71
- data/lib/bundles/inspec-supermarket/target.rb +0 -31
- data/lib/inspec.rb +0 -30
- data/lib/inspec/archive/tar.rb +0 -25
- data/lib/inspec/archive/zip.rb +0 -15
- data/lib/inspec/backend.rb +0 -101
- data/lib/inspec/base_cli.rb +0 -318
- data/lib/inspec/cached_fetcher.rb +0 -65
- data/lib/inspec/cli.rb +0 -469
- data/lib/inspec/completions/bash.sh.erb +0 -45
- data/lib/inspec/completions/fish.sh.erb +0 -34
- data/lib/inspec/completions/zsh.sh.erb +0 -61
- data/lib/inspec/config.rb +0 -511
- data/lib/inspec/control_eval_context.rb +0 -248
- data/lib/inspec/dependencies/cache.rb +0 -74
- data/lib/inspec/dependencies/dependency_set.rb +0 -93
- data/lib/inspec/dependencies/lockfile.rb +0 -115
- data/lib/inspec/dependencies/requirement.rb +0 -135
- data/lib/inspec/dependencies/resolver.rb +0 -86
- data/lib/inspec/describe_base.rb +0 -53
- data/lib/inspec/dist.rb +0 -20
- data/lib/inspec/dsl.rb +0 -115
- data/lib/inspec/dsl_shared.rb +0 -32
- data/lib/inspec/env_printer.rb +0 -156
- data/lib/inspec/errors.rb +0 -18
- data/lib/inspec/exceptions.rb +0 -11
- data/lib/inspec/expect.rb +0 -42
- data/lib/inspec/fetcher.rb +0 -48
- data/lib/inspec/fetcher/git.rb +0 -211
- data/lib/inspec/fetcher/local.rb +0 -116
- data/lib/inspec/fetcher/mock.rb +0 -34
- data/lib/inspec/fetcher/url.rb +0 -281
- data/lib/inspec/file_provider.rb +0 -318
- data/lib/inspec/formatters.rb +0 -3
- data/lib/inspec/formatters/base.rb +0 -269
- data/lib/inspec/formatters/json_rspec.rb +0 -20
- data/lib/inspec/formatters/show_progress.rb +0 -12
- data/lib/inspec/globals.rb +0 -9
- data/lib/inspec/impact.rb +0 -36
- data/lib/inspec/input.rb +0 -421
- data/lib/inspec/input_dsl_helpers.rb +0 -26
- data/lib/inspec/input_registry.rb +0 -315
- data/lib/inspec/library_eval_context.rb +0 -55
- data/lib/inspec/log.rb +0 -7
- data/lib/inspec/metadata.rb +0 -253
- data/lib/inspec/method_source.rb +0 -20
- data/lib/inspec/objects.rb +0 -14
- data/lib/inspec/objects/control.rb +0 -85
- data/lib/inspec/objects/describe.rb +0 -106
- data/lib/inspec/objects/each_loop.rb +0 -41
- data/lib/inspec/objects/input.rb +0 -49
- data/lib/inspec/objects/list.rb +0 -15
- data/lib/inspec/objects/or_test.rb +0 -45
- data/lib/inspec/objects/ruby_helper.rb +0 -13
- data/lib/inspec/objects/tag.rb +0 -32
- data/lib/inspec/objects/test.rb +0 -94
- data/lib/inspec/objects/value.rb +0 -32
- data/lib/inspec/plugin/v1.rb +0 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +0 -22
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +0 -83
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +0 -176
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +0 -11
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +0 -36
- data/lib/inspec/plugin/v1/plugins.rb +0 -59
- data/lib/inspec/plugin/v1/registry.rb +0 -90
- data/lib/inspec/plugin/v2.rb +0 -46
- data/lib/inspec/plugin/v2/activator.rb +0 -40
- data/lib/inspec/plugin/v2/config_file.rb +0 -151
- data/lib/inspec/plugin/v2/filter.rb +0 -96
- data/lib/inspec/plugin/v2/installer.rb +0 -512
- data/lib/inspec/plugin/v2/loader.rb +0 -321
- data/lib/inspec/plugin/v2/plugin_base.rb +0 -112
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +0 -49
- data/lib/inspec/plugin/v2/plugin_types/dsl.rb +0 -11
- data/lib/inspec/plugin/v2/plugin_types/input.rb +0 -34
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +0 -12
- data/lib/inspec/plugin/v2/registry.rb +0 -98
- data/lib/inspec/plugin/v2/status.rb +0 -29
- data/lib/inspec/profile.rb +0 -658
- data/lib/inspec/profile_context.rb +0 -203
- data/lib/inspec/profile_vendor.rb +0 -84
- data/lib/inspec/reporters.rb +0 -73
- data/lib/inspec/reporters/automate.rb +0 -78
- data/lib/inspec/reporters/base.rb +0 -25
- data/lib/inspec/reporters/cli.rb +0 -370
- data/lib/inspec/reporters/json.rb +0 -113
- data/lib/inspec/reporters/json_automate.rb +0 -80
- data/lib/inspec/reporters/json_min.rb +0 -48
- data/lib/inspec/reporters/junit.rb +0 -77
- data/lib/inspec/reporters/yaml.rb +0 -20
- data/lib/inspec/require_loader.rb +0 -29
- data/lib/inspec/resource.rb +0 -114
- data/lib/inspec/resources.rb +0 -130
- data/lib/inspec/resources/aide_conf.rb +0 -153
- data/lib/inspec/resources/apache.rb +0 -47
- data/lib/inspec/resources/apache_conf.rb +0 -156
- data/lib/inspec/resources/apt.rb +0 -151
- data/lib/inspec/resources/audit_policy.rb +0 -64
- data/lib/inspec/resources/auditd.rb +0 -251
- data/lib/inspec/resources/auditd_conf.rb +0 -45
- data/lib/inspec/resources/bash.rb +0 -33
- data/lib/inspec/resources/bond.rb +0 -70
- data/lib/inspec/resources/bridge.rb +0 -125
- data/lib/inspec/resources/bsd_service.rb +0 -2
- data/lib/inspec/resources/chocolatey_package.rb +0 -82
- data/lib/inspec/resources/command.rb +0 -91
- data/lib/inspec/resources/cpan.rb +0 -58
- data/lib/inspec/resources/cran.rb +0 -64
- data/lib/inspec/resources/crontab.rb +0 -173
- data/lib/inspec/resources/csv.rb +0 -56
- data/lib/inspec/resources/dh_params.rb +0 -83
- data/lib/inspec/resources/directory.rb +0 -23
- data/lib/inspec/resources/docker.rb +0 -274
- data/lib/inspec/resources/docker_container.rb +0 -91
- data/lib/inspec/resources/docker_image.rb +0 -84
- data/lib/inspec/resources/docker_object.rb +0 -52
- data/lib/inspec/resources/docker_plugin.rb +0 -64
- data/lib/inspec/resources/docker_service.rb +0 -91
- data/lib/inspec/resources/elasticsearch.rb +0 -165
- data/lib/inspec/resources/etc_fstab.rb +0 -96
- data/lib/inspec/resources/etc_group.rb +0 -157
- data/lib/inspec/resources/etc_hosts.rb +0 -68
- data/lib/inspec/resources/etc_hosts_allow.rb +0 -2
- data/lib/inspec/resources/etc_hosts_allow_deny.rb +0 -114
- data/lib/inspec/resources/etc_hosts_deny.rb +0 -2
- data/lib/inspec/resources/file.rb +0 -339
- data/lib/inspec/resources/filesystem.rb +0 -139
- data/lib/inspec/resources/firewalld.rb +0 -148
- data/lib/inspec/resources/gem.rb +0 -80
- data/lib/inspec/resources/group.rb +0 -2
- data/lib/inspec/resources/groups.rb +0 -241
- data/lib/inspec/resources/grub_conf.rb +0 -230
- data/lib/inspec/resources/host.rb +0 -310
- data/lib/inspec/resources/http.rb +0 -275
- data/lib/inspec/resources/iis_app.rb +0 -101
- data/lib/inspec/resources/iis_app_pool.rb +0 -127
- data/lib/inspec/resources/iis_site.rb +0 -148
- data/lib/inspec/resources/iis_website.rb +0 -2
- data/lib/inspec/resources/inetd_conf.rb +0 -53
- data/lib/inspec/resources/ini.rb +0 -28
- data/lib/inspec/resources/interface.rb +0 -204
- data/lib/inspec/resources/ip6tables.rb +0 -79
- data/lib/inspec/resources/iptables.rb +0 -80
- data/lib/inspec/resources/json.rb +0 -116
- data/lib/inspec/resources/kernel_module.rb +0 -106
- data/lib/inspec/resources/kernel_parameter.rb +0 -54
- data/lib/inspec/resources/key_rsa.rb +0 -66
- data/lib/inspec/resources/ksh.rb +0 -33
- data/lib/inspec/resources/launchd_service.rb +0 -2
- data/lib/inspec/resources/limits_conf.rb +0 -45
- data/lib/inspec/resources/linux_kernel_parameter.rb +0 -2
- data/lib/inspec/resources/login_defs.rb +0 -56
- data/lib/inspec/resources/mount.rb +0 -88
- data/lib/inspec/resources/mssql_session.rb +0 -117
- data/lib/inspec/resources/mysql.rb +0 -81
- data/lib/inspec/resources/mysql_conf.rb +0 -128
- data/lib/inspec/resources/mysql_session.rb +0 -88
- data/lib/inspec/resources/nginx.rb +0 -96
- data/lib/inspec/resources/nginx_conf.rb +0 -232
- data/lib/inspec/resources/noop.rb +0 -9
- data/lib/inspec/resources/npm.rb +0 -68
- data/lib/inspec/resources/ntp_conf.rb +0 -51
- data/lib/inspec/resources/oneget.rb +0 -71
- data/lib/inspec/resources/oracledb_session.rb +0 -149
- data/lib/inspec/resources/os.rb +0 -34
- data/lib/inspec/resources/os_env.rb +0 -86
- data/lib/inspec/resources/package.rb +0 -391
- data/lib/inspec/resources/packages.rb +0 -111
- data/lib/inspec/resources/parse_config.rb +0 -112
- data/lib/inspec/resources/parse_config_file.rb +0 -2
- data/lib/inspec/resources/passwd.rb +0 -73
- data/lib/inspec/resources/pip.rb +0 -132
- data/lib/inspec/resources/platform.rb +0 -112
- data/lib/inspec/resources/port.rb +0 -791
- data/lib/inspec/resources/postfix_conf.rb +0 -35
- data/lib/inspec/resources/postgres.rb +0 -152
- data/lib/inspec/resources/postgres_conf.rb +0 -116
- data/lib/inspec/resources/postgres_hba_conf.rb +0 -86
- data/lib/inspec/resources/postgres_ident_conf.rb +0 -75
- data/lib/inspec/resources/postgres_session.rb +0 -70
- data/lib/inspec/resources/powershell.rb +0 -67
- data/lib/inspec/resources/ppa.rb +0 -2
- data/lib/inspec/resources/processes.rb +0 -219
- data/lib/inspec/resources/rabbitmq_conf.rb +0 -2
- data/lib/inspec/resources/rabbitmq_config.rb +0 -52
- data/lib/inspec/resources/registry_key.rb +0 -296
- data/lib/inspec/resources/runit_service.rb +0 -2
- data/lib/inspec/resources/script.rb +0 -1
- data/lib/inspec/resources/security_identifier.rb +0 -91
- data/lib/inspec/resources/security_policy.rb +0 -182
- data/lib/inspec/resources/service.rb +0 -820
- data/lib/inspec/resources/shadow.rb +0 -150
- data/lib/inspec/resources/ssh_config.rb +0 -98
- data/lib/inspec/resources/sshd_config.rb +0 -2
- data/lib/inspec/resources/ssl.rb +0 -99
- data/lib/inspec/resources/sys_info.rb +0 -119
- data/lib/inspec/resources/systemd_service.rb +0 -2
- data/lib/inspec/resources/sysv_service.rb +0 -2
- data/lib/inspec/resources/toml.rb +0 -30
- data/lib/inspec/resources/upstart_service.rb +0 -2
- data/lib/inspec/resources/user.rb +0 -1
- data/lib/inspec/resources/users.rb +0 -742
- data/lib/inspec/resources/vbscript.rb +0 -67
- data/lib/inspec/resources/virtualization.rb +0 -255
- data/lib/inspec/resources/windows_feature.rb +0 -126
- data/lib/inspec/resources/windows_hotfix.rb +0 -37
- data/lib/inspec/resources/windows_registry_key.rb +0 -2
- data/lib/inspec/resources/windows_task.rb +0 -112
- data/lib/inspec/resources/wmi.rb +0 -109
- data/lib/inspec/resources/x509_certificate.rb +0 -143
- data/lib/inspec/resources/xinetd_conf.rb +0 -103
- data/lib/inspec/resources/xml.rb +0 -48
- data/lib/inspec/resources/yaml.rb +0 -42
- data/lib/inspec/resources/yum.rb +0 -162
- data/lib/inspec/resources/zfs_dataset.rb +0 -62
- data/lib/inspec/resources/zfs_pool.rb +0 -50
- data/lib/inspec/rspec_extensions.rb +0 -116
- data/lib/inspec/rule.rb +0 -389
- data/lib/inspec/runner.rb +0 -333
- data/lib/inspec/runner_mock.rb +0 -37
- data/lib/inspec/runner_rspec.rb +0 -184
- data/lib/inspec/runtime_profile.rb +0 -23
- data/lib/inspec/schema.rb +0 -245
- data/lib/inspec/secrets.rb +0 -15
- data/lib/inspec/secrets/yaml.rb +0 -29
- data/lib/inspec/shell.rb +0 -211
- data/lib/inspec/shell_detector.rb +0 -89
- data/lib/inspec/source_reader.rb +0 -26
- data/lib/inspec/ui.rb +0 -213
- data/lib/inspec/ui_table_helper.rb +0 -12
- data/lib/inspec/utils/command_wrapper.rb +0 -23
- data/lib/inspec/utils/convert.rb +0 -8
- data/lib/inspec/utils/database_helpers.rb +0 -75
- data/lib/inspec/utils/deprecation.rb +0 -6
- data/lib/inspec/utils/deprecation/config_file.rb +0 -109
- data/lib/inspec/utils/deprecation/deprecator.rb +0 -118
- data/lib/inspec/utils/deprecation/errors.rb +0 -14
- data/lib/inspec/utils/deprecation/global_method.rb +0 -9
- data/lib/inspec/utils/enumerable_delegation.rb +0 -7
- data/lib/inspec/utils/erlang_parser.rb +0 -190
- data/lib/inspec/utils/file_reader.rb +0 -24
- data/lib/inspec/utils/filter.rb +0 -461
- data/lib/inspec/utils/filter_array.rb +0 -25
- data/lib/inspec/utils/find_files.rb +0 -44
- data/lib/inspec/utils/hash.rb +0 -37
- data/lib/inspec/utils/json_log.rb +0 -15
- data/lib/inspec/utils/modulator.rb +0 -9
- data/lib/inspec/utils/nginx_parser.rb +0 -101
- data/lib/inspec/utils/object_traversal.rb +0 -47
- data/lib/inspec/utils/parser.rb +0 -277
- data/lib/inspec/utils/pkey_reader.rb +0 -17
- data/lib/inspec/utils/simpleconfig.rb +0 -121
- data/lib/inspec/utils/spdx.rb +0 -10
- data/lib/inspec/utils/spdx.txt +0 -383
- data/lib/inspec/utils/telemetry.rb +0 -3
- data/lib/inspec/utils/telemetry/collector.rb +0 -81
- data/lib/inspec/utils/telemetry/data_series.rb +0 -44
- data/lib/inspec/utils/telemetry/global_methods.rb +0 -22
- data/lib/inspec/version.rb +0 -3
- data/lib/matchers/matchers.rb +0 -341
- data/lib/plugins/README.md +0 -16
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +0 -12
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +0 -170
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +0 -116
- data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +0 -50
- data/lib/plugins/inspec-compliance/README.md +0 -207
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +0 -12
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +0 -362
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +0 -198
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +0 -269
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +0 -103
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +0 -117
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/images/cc-token.png +0 -0
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +0 -34
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +0 -146
- data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +0 -53
- data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +0 -91
- data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +0 -190
- data/lib/plugins/inspec-compliance/test/unit/api_test.rb +0 -386
- data/lib/plugins/inspec-compliance/test/unit/target_test.rb +0 -155
- data/lib/plugins/inspec-habitat/Berksfile +0 -5
- data/lib/plugins/inspec-habitat/README.md +0 -150
- data/lib/plugins/inspec-habitat/kitchen.yml +0 -28
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +0 -11
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +0 -41
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +0 -265
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +0 -6
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +0 -2
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/README.md +0 -3
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/files/hab_setup.exp +0 -28
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +0 -9
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +0 -61
- data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +0 -34
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/README.md +0 -3
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +0 -40
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/inspec.yml +0 -10
- data/lib/plugins/inspec-habitat/test/support/example_profile/README.md +0 -3
- data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +0 -7
- data/lib/plugins/inspec-habitat/test/support/example_profile/inspec.yml +0 -10
- data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +0 -242
- data/lib/plugins/inspec-init/README.md +0 -31
- data/lib/plugins/inspec-init/lib/inspec-init.rb +0 -12
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +0 -15
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +0 -243
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +0 -47
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +0 -97
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -11
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/LICENSE +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/README.md +0 -28
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Rakefile +0 -40
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -14
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -62
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -53
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -8
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/fixtures/README.md +0 -24
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/README.md +0 -12
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +0 -110
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +0 -24
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/README.md +0 -17
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +0 -67
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +0 -51
- data/lib/plugins/inspec-init/templates/profiles/aws/libraries/.gitkeep +0 -0
- data/lib/plugins/inspec-init/templates/profiles/azure/libraries/.gitkeep +0 -0
- data/lib/plugins/inspec-init/templates/profiles/gcp/libraries/.gitkeep +0 -0
- data/lib/plugins/inspec-init/templates/profiles/os/README.md +0 -3
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +0 -18
- data/lib/plugins/inspec-init/templates/profiles/os/inspec.yml +0 -10
- data/lib/plugins/inspec-init/templates/profiles/os/libraries/.gitkeep +0 -0
- data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +0 -184
- data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +0 -121
- data/lib/plugins/inspec-plugin-manager-cli/README.md +0 -6
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +0 -17
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +0 -518
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +0 -12
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/config_dirs/empty/.gitkeep +0 -0
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-egg-white-omelette/lib/inspec-egg-white-omelette.rb +0 -2
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-egg-white-omelette/lib/inspec-egg-white-omelette/.gitkeep +0 -0
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-wrong-structure/.gitkeep +0 -0
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +0 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name/.gitkeep +0 -0
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/help_test.rb +0 -23
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/helper.rb +0 -62
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/install_test.rb +0 -368
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/list_test.rb +0 -101
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/search_test.rb +0 -129
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/uninstall_test.rb +0 -63
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/update_test.rb +0 -84
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +0 -77
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +0 -39
- data/lib/plugins/shared/core_plugin_test_helper.rb +0 -153
- data/lib/plugins/things-for-train-integration.rb +0 -14
- data/lib/source_readers/flat.rb +0 -36
- data/lib/source_readers/inspec.rb +0 -66
data/lib/inspec/rule.rb
DELETED
@@ -1,389 +0,0 @@
|
|
1
|
-
# copyright: 2015, Dominik Richter
|
2
|
-
|
3
|
-
require "method_source"
|
4
|
-
require "date"
|
5
|
-
require "inspec/describe_base"
|
6
|
-
require "inspec/expect"
|
7
|
-
require "inspec/impact"
|
8
|
-
require "inspec/resource"
|
9
|
-
require "inspec/resources/os"
|
10
|
-
require "inspec/input_registry"
|
11
|
-
|
12
|
-
module Inspec
|
13
|
-
class Rule
|
14
|
-
include ::RSpec::Matchers
|
15
|
-
|
16
|
-
#
|
17
|
-
# Include any resources from the given resource DSL. The passed
|
18
|
-
# resource_dsl will also be included in any Inspec::Expect objects
|
19
|
-
# we make.
|
20
|
-
#
|
21
|
-
# @params resource_dsl [Module]
|
22
|
-
# @returns [TrueClass]
|
23
|
-
#
|
24
|
-
def self.with_resource_dsl(resource_dsl)
|
25
|
-
include resource_dsl
|
26
|
-
@resource_dsl = resource_dsl
|
27
|
-
true
|
28
|
-
end
|
29
|
-
|
30
|
-
def self.resource_dsl # rubocop:disable Style/TrivialAccessors
|
31
|
-
@resource_dsl
|
32
|
-
end
|
33
|
-
|
34
|
-
attr_reader :__waiver_data
|
35
|
-
def initialize(id, profile_id, opts, &block)
|
36
|
-
@impact = nil
|
37
|
-
@title = nil
|
38
|
-
@descriptions = {}
|
39
|
-
@refs = []
|
40
|
-
@tags = {}
|
41
|
-
|
42
|
-
# not changeable by the user:
|
43
|
-
@__code = nil
|
44
|
-
@__block = block
|
45
|
-
@__source_location = __get_block_source_location(&block)
|
46
|
-
@__rule_id = id
|
47
|
-
@__profile_id = profile_id
|
48
|
-
@__checks = []
|
49
|
-
@__skip_rule = {} # { result: true, message: "Why", type: [:only_if, :waiver] }
|
50
|
-
@__merge_count = 0
|
51
|
-
@__merge_changes = []
|
52
|
-
@__skip_only_if_eval = opts[:skip_only_if_eval]
|
53
|
-
|
54
|
-
# evaluate the given definition
|
55
|
-
return unless block_given?
|
56
|
-
|
57
|
-
begin
|
58
|
-
instance_eval(&block)
|
59
|
-
|
60
|
-
# By applying waivers *after* the instance eval, we assure that
|
61
|
-
# waivers have higher precedence than only_if.
|
62
|
-
__apply_waivers
|
63
|
-
|
64
|
-
rescue SystemStackError, StandardError => e
|
65
|
-
# We've encountered an exception while trying to eval the code inside the
|
66
|
-
# control block. We need to prevent the exception from bubbling up, and
|
67
|
-
# fail the control. Controls are failed by having a failed resource within
|
68
|
-
# them; but since our control block is unsafe (and opaque) to us, let's
|
69
|
-
# make a dummy and fail that.
|
70
|
-
location = block.source_location.compact.join(":")
|
71
|
-
describe "Control Source Code Error" do
|
72
|
-
# Rubocop thinks we are raising an exception - we're actually calling RSpec's fail()
|
73
|
-
its(location) { fail e.message } # rubocop: disable Style/SignalException
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
def to_s
|
79
|
-
Inspec::Rule.rule_id(self)
|
80
|
-
end
|
81
|
-
|
82
|
-
def id(*_)
|
83
|
-
# never overwrite the ID
|
84
|
-
@id
|
85
|
-
end
|
86
|
-
|
87
|
-
def impact(v = nil)
|
88
|
-
if v.is_a?(String)
|
89
|
-
@impact = Inspec::Impact.impact_from_string(v)
|
90
|
-
elsif !v.nil?
|
91
|
-
@impact = v
|
92
|
-
end
|
93
|
-
|
94
|
-
@impact
|
95
|
-
end
|
96
|
-
|
97
|
-
def title(v = nil)
|
98
|
-
@title = v unless v.nil?
|
99
|
-
@title
|
100
|
-
end
|
101
|
-
|
102
|
-
def desc(v = nil, data = nil)
|
103
|
-
return @descriptions[:default] if v.nil?
|
104
|
-
|
105
|
-
if data.nil?
|
106
|
-
@descriptions[:default] = unindent(v)
|
107
|
-
else
|
108
|
-
@descriptions[v.to_sym] = unindent(data)
|
109
|
-
end
|
110
|
-
end
|
111
|
-
|
112
|
-
def descriptions(description_hash = nil)
|
113
|
-
return @descriptions if description_hash.nil?
|
114
|
-
|
115
|
-
@descriptions.merge!(description_hash)
|
116
|
-
end
|
117
|
-
|
118
|
-
def ref(ref = nil, opts = {})
|
119
|
-
return @refs if ref.nil? && opts.empty?
|
120
|
-
|
121
|
-
if opts.empty? && ref.is_a?(Hash)
|
122
|
-
opts = ref
|
123
|
-
else
|
124
|
-
opts[:ref] = ref
|
125
|
-
end
|
126
|
-
@refs.push(opts)
|
127
|
-
end
|
128
|
-
|
129
|
-
def tag(*args)
|
130
|
-
args.each do |arg|
|
131
|
-
if arg.is_a?(Hash)
|
132
|
-
@tags.merge!(arg)
|
133
|
-
else
|
134
|
-
@tags[arg] ||= nil
|
135
|
-
end
|
136
|
-
end
|
137
|
-
@tags
|
138
|
-
end
|
139
|
-
|
140
|
-
def source_file
|
141
|
-
@__file
|
142
|
-
end
|
143
|
-
|
144
|
-
# Skip all checks if only_if is false
|
145
|
-
#
|
146
|
-
# @param [Type] &block returns true if tests are added, false otherwise
|
147
|
-
# @return [nil]
|
148
|
-
def only_if(message = nil)
|
149
|
-
return unless block_given?
|
150
|
-
return if @__skip_only_if_eval == true
|
151
|
-
|
152
|
-
@__skip_rule[:result] ||= !yield
|
153
|
-
@__skip_rule[:type] = :only_if
|
154
|
-
@__skip_rule[:message] = message
|
155
|
-
end
|
156
|
-
|
157
|
-
# Describe will add one or more tests to this control. There is 2 ways
|
158
|
-
# of calling it:
|
159
|
-
#
|
160
|
-
# describe resource do ... end
|
161
|
-
#
|
162
|
-
# or
|
163
|
-
#
|
164
|
-
# describe.one do ... end
|
165
|
-
#
|
166
|
-
# @param [any] Resource to be describe, string, or nil
|
167
|
-
# @param [Proc] An optional block containing tests for the described resource
|
168
|
-
# @return [nil|DescribeBase] if called without arguments, returns DescribeBase
|
169
|
-
def describe(*values, &block)
|
170
|
-
if values.empty? && !block_given?
|
171
|
-
dsl = self.class.ancestors[1]
|
172
|
-
Class.new(DescribeBase) do
|
173
|
-
include dsl
|
174
|
-
end.new(method(:__add_check))
|
175
|
-
else
|
176
|
-
__add_check("describe", values, with_dsl(block))
|
177
|
-
end
|
178
|
-
end
|
179
|
-
|
180
|
-
def expect(value, &block)
|
181
|
-
target = Inspec::Expect.new(value, &with_dsl(block))
|
182
|
-
__add_check("expect", [value], target)
|
183
|
-
target
|
184
|
-
end
|
185
|
-
|
186
|
-
def self.rule_id(rule)
|
187
|
-
rule.instance_variable_get(:@__rule_id)
|
188
|
-
end
|
189
|
-
|
190
|
-
def self.set_rule_id(rule, value)
|
191
|
-
rule.instance_variable_set(:@__rule_id, value)
|
192
|
-
end
|
193
|
-
|
194
|
-
def self.profile_id(rule)
|
195
|
-
rule.instance_variable_get(:@__profile_id)
|
196
|
-
end
|
197
|
-
|
198
|
-
def self.checks(rule)
|
199
|
-
rule.instance_variable_get(:@__checks)
|
200
|
-
end
|
201
|
-
|
202
|
-
def self.skip_status(rule)
|
203
|
-
rule.instance_variable_get(:@__skip_rule)
|
204
|
-
end
|
205
|
-
|
206
|
-
def self.set_skip_rule(rule, value, message = nil, type = :only_if)
|
207
|
-
rule.instance_variable_set(:@__skip_rule,
|
208
|
-
{
|
209
|
-
result: value,
|
210
|
-
message: message,
|
211
|
-
type: type,
|
212
|
-
})
|
213
|
-
end
|
214
|
-
|
215
|
-
def self.merge_count(rule)
|
216
|
-
rule.instance_variable_get(:@__merge_count)
|
217
|
-
end
|
218
|
-
|
219
|
-
def self.merge_changes(rule)
|
220
|
-
rule.instance_variable_get(:@__merge_changes)
|
221
|
-
end
|
222
|
-
|
223
|
-
# If a rule is marked to be skipped, this
|
224
|
-
# creates a dummay array of "checks" with a skip outcome
|
225
|
-
def self.prepare_checks(rule)
|
226
|
-
skip_check = skip_status(rule)
|
227
|
-
return checks(rule) unless skip_check[:result].eql?(true)
|
228
|
-
|
229
|
-
if skip_check[:message]
|
230
|
-
msg = "Skipped control due to #{skip_check[:type]} condition: #{skip_check[:message]}"
|
231
|
-
else
|
232
|
-
msg = "Skipped control due to #{skip_check[:type]} condition."
|
233
|
-
end
|
234
|
-
|
235
|
-
resource = rule.noop
|
236
|
-
resource.skip_resource(msg)
|
237
|
-
[["describe", [resource], nil]]
|
238
|
-
end
|
239
|
-
|
240
|
-
def self.merge(dst, src) # rubocop:disable Metrics/AbcSize
|
241
|
-
if src.id != dst.id
|
242
|
-
# TODO: register an error, this case should not happen
|
243
|
-
return
|
244
|
-
end
|
245
|
-
|
246
|
-
sp = rule_id(src)
|
247
|
-
dp = rule_id(dst)
|
248
|
-
if sp != dp
|
249
|
-
# TODO: register an error, this case should not happen
|
250
|
-
return
|
251
|
-
end
|
252
|
-
|
253
|
-
# merge all fields
|
254
|
-
dst.impact(src.impact) unless src.impact.nil?
|
255
|
-
dst.title(src.title) unless src.title.nil?
|
256
|
-
dst.descriptions(src.descriptions) unless src.descriptions.nil?
|
257
|
-
dst.tag(src.tag) unless src.tag.nil?
|
258
|
-
dst.ref(src.ref) unless src.ref.nil?
|
259
|
-
|
260
|
-
# merge indirect fields
|
261
|
-
# checks defined in the source will completely eliminate
|
262
|
-
# all checks that were defined in the destination
|
263
|
-
sc = checks(src)
|
264
|
-
dst.instance_variable_set(:@__checks, sc) unless sc.empty?
|
265
|
-
skip_check = skip_status(src)
|
266
|
-
sr = skip_check[:result]
|
267
|
-
msg = skip_check[:message]
|
268
|
-
skip_type = skip_check[:type]
|
269
|
-
set_skip_rule(dst, sr, msg, skip_type) unless sr.nil?
|
270
|
-
|
271
|
-
# Save merge history
|
272
|
-
dst.instance_variable_set(:@__merge_count, merge_count(dst) + 1)
|
273
|
-
dst.instance_variable_set(
|
274
|
-
:@__merge_changes,
|
275
|
-
merge_changes(dst) << src.instance_variable_get(:@__source_location)
|
276
|
-
)
|
277
|
-
end
|
278
|
-
|
279
|
-
private
|
280
|
-
|
281
|
-
def __add_check(describe_or_expect, values, block)
|
282
|
-
@__checks.push([describe_or_expect, values, block])
|
283
|
-
end
|
284
|
-
|
285
|
-
# Look for an input with a matching ID, and if found, apply waiver
|
286
|
-
# skipping logic. Basically, if we have a current waiver, and it says
|
287
|
-
# to skip, we'll replace all the checks with a dummy check (same as
|
288
|
-
# only_if mechanism)
|
289
|
-
# Double underscore: not intended to be called as part of the DSL
|
290
|
-
def __apply_waivers
|
291
|
-
input_name = @__rule_id # TODO: control ID slugging
|
292
|
-
registry = Inspec::InputRegistry.instance
|
293
|
-
input = registry.inputs_by_profile.dig(@__profile_id, input_name)
|
294
|
-
return unless input
|
295
|
-
|
296
|
-
# An InSpec Input is a datastructure that tracks a profile parameter
|
297
|
-
# over time. Its value can be set by many sources, and it keeps a
|
298
|
-
# log of each "set" event so that when it is collapsed to a value,
|
299
|
-
# it can determine the correct (highest priority) value.
|
300
|
-
# Store in an instance variable for.. later reading???
|
301
|
-
@__waiver_data = input.value
|
302
|
-
__waiver_data["skipped_due_to_waiver"] = false
|
303
|
-
__waiver_data["message"] = ""
|
304
|
-
|
305
|
-
# Waivers should have a hash value with keys possibly including "run" and
|
306
|
-
# expiration_date. We only care here if it has a "run" key and it
|
307
|
-
# is false-like, since all non-skipped waiver operations are handled
|
308
|
-
# during reporting phase.
|
309
|
-
return unless __waiver_data.key?("run") && !__waiver_data["run"]
|
310
|
-
|
311
|
-
# OK, the intent is to skip. Does it have an expiration date, and
|
312
|
-
# if so, is it in the future?
|
313
|
-
expiry = __waiver_data["expiration_date"]
|
314
|
-
if expiry
|
315
|
-
if expiry.is_a?(Date)
|
316
|
-
# It appears that yaml.rb automagically parses dates for us
|
317
|
-
if expiry < Date.today # If the waiver expired, return - no skip applied
|
318
|
-
__waiver_data["message"] = "Waiver expired on #{expiry}, evaluating control normally"
|
319
|
-
return
|
320
|
-
end
|
321
|
-
else
|
322
|
-
ui = Inspec::UI.new
|
323
|
-
ui.error("Unable to parse waiver expiration date '#{expiry}' for control #{@__rule_id}")
|
324
|
-
ui.exit(:usage_error)
|
325
|
-
end
|
326
|
-
end
|
327
|
-
|
328
|
-
# OK, apply a skip.
|
329
|
-
@__skip_rule[:result] = true
|
330
|
-
@__skip_rule[:type] = :waiver
|
331
|
-
@__skip_rule[:message] = __waiver_data["justification"]
|
332
|
-
__waiver_data["skipped_due_to_waiver"] = true
|
333
|
-
end
|
334
|
-
|
335
|
-
#
|
336
|
-
# Takes a block and returns a block that will run the given block
|
337
|
-
# with access to the resource_dsl of the current class. This is to
|
338
|
-
# ensure that inside the constructed Rspec::ExampleGroup users
|
339
|
-
# have access to DSL methods. Previous this was done in
|
340
|
-
# Inspec::Runner before sending the example groups to rspec. It
|
341
|
-
# was moved here to ensure that code inside `its` blocks hae the
|
342
|
-
# same visibility into resources as code outside its blocks.
|
343
|
-
#
|
344
|
-
# @param [Proc] block
|
345
|
-
# @return [Proc]
|
346
|
-
#
|
347
|
-
def with_dsl(block)
|
348
|
-
return nil if block.nil?
|
349
|
-
|
350
|
-
dsl = self.class.resource_dsl
|
351
|
-
|
352
|
-
return block unless dsl
|
353
|
-
|
354
|
-
proc do |*args|
|
355
|
-
include dsl
|
356
|
-
instance_exec(*args, &block)
|
357
|
-
end
|
358
|
-
end
|
359
|
-
|
360
|
-
# Idio(ma)tic unindent, behaves similar to Ruby2.3 curly heredocs.
|
361
|
-
# Find the shortest indentation of non-empty lines and strip that from every line
|
362
|
-
# See: https://bugs.ruby-lang.org/issues/9098
|
363
|
-
#
|
364
|
-
# It is implemented here to support pre-Ruby2.3 with this feature and
|
365
|
-
# to not force non-programmers to understand heredocs.
|
366
|
-
#
|
367
|
-
# Please note: tabs are not supported! (they will be removed but they are not
|
368
|
-
# treated the same as in Ruby2.3 heredocs)
|
369
|
-
#
|
370
|
-
# @param [String] text string which needs to be unindented
|
371
|
-
# @return [String] input with indentation removed; '' if input is nil
|
372
|
-
def unindent(text)
|
373
|
-
return "" if text.nil?
|
374
|
-
|
375
|
-
len = text.split("\n").reject { |l| l.strip.empty? }.map { |x| x.index(/[^\s]/) }.compact.min
|
376
|
-
text.gsub(/^[[:blank:]]{#{len}}/, "").strip
|
377
|
-
end
|
378
|
-
|
379
|
-
# get the source location of the block
|
380
|
-
def __get_block_source_location(&block)
|
381
|
-
return {} unless block_given?
|
382
|
-
|
383
|
-
r, l = block.source_location
|
384
|
-
{ ref: r, line: l }
|
385
|
-
rescue MethodSource::SourceNotFoundError
|
386
|
-
{}
|
387
|
-
end
|
388
|
-
end
|
389
|
-
end
|
data/lib/inspec/runner.rb
DELETED
@@ -1,333 +0,0 @@
|
|
1
|
-
# copyright: 2015, Dominik Richter
|
2
|
-
|
3
|
-
require "forwardable"
|
4
|
-
require "uri"
|
5
|
-
require "inspec/backend"
|
6
|
-
require "inspec/profile_context"
|
7
|
-
require "inspec/profile"
|
8
|
-
require "inspec/metadata"
|
9
|
-
require "inspec/config"
|
10
|
-
require "inspec/dependencies/cache"
|
11
|
-
require "inspec/dist"
|
12
|
-
require "inspec/reporters"
|
13
|
-
require "inspec/runner_rspec"
|
14
|
-
# spec requirements
|
15
|
-
|
16
|
-
module Inspec
|
17
|
-
#
|
18
|
-
# Inspec::Runner coordinates the running of tests and is the main
|
19
|
-
# entry point to the application.
|
20
|
-
#
|
21
|
-
# Users are expected to insantiate a runner, add targets to be run,
|
22
|
-
# and then call the run method:
|
23
|
-
#
|
24
|
-
# ```
|
25
|
-
# r = Inspec::Runner.new()
|
26
|
-
# r.add_target("/path/to/some/profile")
|
27
|
-
# r.add_target("http://url/to/some/profile")
|
28
|
-
# r.run
|
29
|
-
# ```
|
30
|
-
#
|
31
|
-
class Runner
|
32
|
-
extend Forwardable
|
33
|
-
|
34
|
-
attr_reader :backend, :rules
|
35
|
-
attr_accessor :target_profiles
|
36
|
-
|
37
|
-
attr_accessor :test_collector
|
38
|
-
|
39
|
-
def attributes
|
40
|
-
Inspec.deprecate(:rename_attributes_to_inputs, "Don't call runner.attributes, call runner.inputs")
|
41
|
-
inputs
|
42
|
-
end
|
43
|
-
|
44
|
-
def initialize(conf = {})
|
45
|
-
@rules = []
|
46
|
-
# If we were handed a Hash config (by audit cookbook or kitchen-inspec),
|
47
|
-
# upgrade it to a proper config. This handles a lot of config finalization,
|
48
|
-
# like reporter parsing.
|
49
|
-
@conf = conf.is_a?(Hash) ? Inspec::Config.new(conf) : conf
|
50
|
-
@conf[:logger] ||= Logger.new(nil)
|
51
|
-
@target_profiles = []
|
52
|
-
@controls = @conf[:controls] || []
|
53
|
-
@depends = @conf[:depends] || []
|
54
|
-
@create_lockfile = @conf[:create_lockfile]
|
55
|
-
@cache = Inspec::Cache.new(@conf[:vendor_cache])
|
56
|
-
|
57
|
-
@test_collector = @conf.delete(:test_collector) || begin
|
58
|
-
RunnerRspec.new(@conf)
|
59
|
-
end
|
60
|
-
|
61
|
-
if @conf[:waiver_file]
|
62
|
-
waivers = @conf.delete(:waiver_file)
|
63
|
-
@conf[:input_file] ||= []
|
64
|
-
@conf[:input_file].concat waivers
|
65
|
-
end
|
66
|
-
|
67
|
-
# About reading inputs:
|
68
|
-
# @conf gets passed around a lot, eventually to
|
69
|
-
# Inspec::InputRegistry.register_external_inputs.
|
70
|
-
#
|
71
|
-
# @conf may contain the key :attributes or :inputs, which is to be a Hash
|
72
|
-
# of values passed in from the Runner API.
|
73
|
-
# This is how kitchen-inspec and the audit_cookbook pass in inputs.
|
74
|
-
#
|
75
|
-
# @conf may contain the key :attrs or :input_file, which is to be an Array
|
76
|
-
# of file paths, each a YAML file. This how --input-file works.
|
77
|
-
|
78
|
-
configure_transport
|
79
|
-
end
|
80
|
-
|
81
|
-
def tests
|
82
|
-
@test_collector.tests
|
83
|
-
end
|
84
|
-
|
85
|
-
def configure_transport
|
86
|
-
@backend = Inspec::Backend.create(@conf)
|
87
|
-
@test_collector.backend = @backend
|
88
|
-
end
|
89
|
-
|
90
|
-
def reset
|
91
|
-
@test_collector.reset
|
92
|
-
@target_profiles.each do |profile|
|
93
|
-
profile.runner_context.rules = {}
|
94
|
-
end
|
95
|
-
@rules = []
|
96
|
-
end
|
97
|
-
|
98
|
-
def load
|
99
|
-
all_controls = []
|
100
|
-
|
101
|
-
@target_profiles.each do |profile|
|
102
|
-
@test_collector.add_profile(profile)
|
103
|
-
next unless profile.supports_platform?
|
104
|
-
|
105
|
-
write_lockfile(profile) if @create_lockfile
|
106
|
-
profile.locked_dependencies
|
107
|
-
profile_context = profile.load_libraries
|
108
|
-
|
109
|
-
profile_context.dependencies.list.values.each do |requirement|
|
110
|
-
unless requirement.profile.supports_platform?
|
111
|
-
Inspec::Log.warn "Skipping profile: '#{requirement.profile.name}'" \
|
112
|
-
" on unsupported platform: '#{@backend.platform.name}/#{@backend.platform.release}'."
|
113
|
-
next
|
114
|
-
end
|
115
|
-
@test_collector.add_profile(requirement.profile)
|
116
|
-
end
|
117
|
-
|
118
|
-
tests = profile.collect_tests
|
119
|
-
all_controls += tests unless tests.nil?
|
120
|
-
end
|
121
|
-
|
122
|
-
all_controls.each do |rule|
|
123
|
-
register_rule(rule) unless rule.nil?
|
124
|
-
end
|
125
|
-
end
|
126
|
-
|
127
|
-
def run(with = nil)
|
128
|
-
Inspec::Log.debug "Starting run with targets: #{@target_profiles.map(&:to_s)}"
|
129
|
-
load
|
130
|
-
run_tests(with)
|
131
|
-
end
|
132
|
-
|
133
|
-
def render_output(run_data)
|
134
|
-
return if @conf["reporter"].nil?
|
135
|
-
|
136
|
-
@conf["reporter"].each do |reporter|
|
137
|
-
result = Inspec::Reporters.render(reporter, run_data)
|
138
|
-
raise Inspec::ReporterError, "Error generating reporter '#{reporter[0]}'" if result == false
|
139
|
-
end
|
140
|
-
end
|
141
|
-
|
142
|
-
def report
|
143
|
-
Inspec::Reporters.report(@conf["reporter"].first, @run_data)
|
144
|
-
end
|
145
|
-
|
146
|
-
def write_lockfile(profile)
|
147
|
-
return false unless profile.writable?
|
148
|
-
|
149
|
-
if profile.lockfile_exists?
|
150
|
-
Inspec::Log.debug "Using existing lockfile #{profile.lockfile_path}"
|
151
|
-
else
|
152
|
-
Inspec::Log.debug "Creating lockfile: #{profile.lockfile_path}"
|
153
|
-
lockfile = profile.generate_lockfile
|
154
|
-
File.write(profile.lockfile_path, lockfile.to_yaml)
|
155
|
-
end
|
156
|
-
end
|
157
|
-
|
158
|
-
def run_tests(with = nil)
|
159
|
-
@run_data = @test_collector.run(with)
|
160
|
-
# dont output anything if we want a report
|
161
|
-
render_output(@run_data) unless @conf["report"]
|
162
|
-
@test_collector.exit_code
|
163
|
-
end
|
164
|
-
|
165
|
-
#
|
166
|
-
# add_target allows the user to add a target whose tests will be
|
167
|
-
# run when the user calls the run method.
|
168
|
-
#
|
169
|
-
# A target is a path or URL that points to a profile. Using this
|
170
|
-
# target we generate a Profile and a ProfileContext. The content
|
171
|
-
# (libraries, tests, and inputs) from the Profile are loaded
|
172
|
-
# into the ProfileContext.
|
173
|
-
#
|
174
|
-
# If the profile depends on other profiles, those profiles will be
|
175
|
-
# loaded on-demand when include_content or required_content are
|
176
|
-
# called using similar code in Inspec::DSL.
|
177
|
-
#
|
178
|
-
# Once the we've loaded all of the tests files in the profile, we
|
179
|
-
# query the profile for the full list of rules. Those rules are
|
180
|
-
# registered with the @test_collector which is ultimately
|
181
|
-
# responsible for actually running the tests.
|
182
|
-
#
|
183
|
-
# TODO: Deduplicate/clarify the loading code that exists in here,
|
184
|
-
# the ProfileContext, the Profile, and Inspec::DSL
|
185
|
-
#
|
186
|
-
# @params target [String] A path or URL to a profile or raw test.
|
187
|
-
# @params _opts [Hash] Unused, but still here to avoid breaking kitchen-inspec
|
188
|
-
#
|
189
|
-
# @eturns [Inspec::ProfileContext]
|
190
|
-
#
|
191
|
-
def add_target(target, _opts = [])
|
192
|
-
profile = Inspec::Profile.for_target(target,
|
193
|
-
vendor_cache: @cache,
|
194
|
-
backend: @backend,
|
195
|
-
controls: @controls,
|
196
|
-
runner_conf: @conf)
|
197
|
-
raise "Could not resolve #{target} to valid input." if profile.nil?
|
198
|
-
|
199
|
-
@target_profiles << profile if supports_profile?(profile)
|
200
|
-
end
|
201
|
-
|
202
|
-
def supports_profile?(profile)
|
203
|
-
unless profile.supports_runtime?
|
204
|
-
raise "This profile requires #{Inspec::Dist::PRODUCT_NAME} version "\
|
205
|
-
"#{profile.metadata.inspec_requirement}. You are running "\
|
206
|
-
"#{Inspec::Dist::PRODUCT_NAME} v#{Inspec::VERSION}.\n"
|
207
|
-
end
|
208
|
-
|
209
|
-
true
|
210
|
-
end
|
211
|
-
|
212
|
-
# In some places we read the rules off of the runner, in other
|
213
|
-
# places we read it off of the profile context. To keep the API's
|
214
|
-
# the same, we provide an #all_rules method here as well.
|
215
|
-
def all_rules
|
216
|
-
@rules
|
217
|
-
end
|
218
|
-
|
219
|
-
def register_rules(ctx)
|
220
|
-
new_tests = false
|
221
|
-
ctx.rules.each do |rule_id, rule|
|
222
|
-
next if block_given? && !(yield rule_id, rule)
|
223
|
-
|
224
|
-
new_tests = true
|
225
|
-
register_rule(rule)
|
226
|
-
end
|
227
|
-
new_tests
|
228
|
-
end
|
229
|
-
|
230
|
-
def eval_with_virtual_profile(command)
|
231
|
-
require "inspec/fetcher/mock"
|
232
|
-
add_target({ "inspec.yml" => "name: inspec-shell" })
|
233
|
-
our_profile = @target_profiles.first
|
234
|
-
ctx = our_profile.runner_context
|
235
|
-
|
236
|
-
# Load local profile dependencies. This is used in inspec shell
|
237
|
-
# to provide access to local profiles that add resources.
|
238
|
-
@depends.each do |dep|
|
239
|
-
# support for windows paths
|
240
|
-
dep = dep.tr('\\', "/")
|
241
|
-
Inspec::Profile.for_path(dep, { profile_context: ctx }).load_libraries
|
242
|
-
end
|
243
|
-
|
244
|
-
ctx.load(command)
|
245
|
-
end
|
246
|
-
|
247
|
-
private
|
248
|
-
|
249
|
-
def block_source_info(block)
|
250
|
-
return {} if block.nil? || !block.respond_to?(:source_location)
|
251
|
-
|
252
|
-
opts = {}
|
253
|
-
file_path, line = block.source_location
|
254
|
-
opts["file_path"] = file_path
|
255
|
-
opts["line_number"] = line
|
256
|
-
opts
|
257
|
-
end
|
258
|
-
|
259
|
-
def get_check_example(method_name, arg, block)
|
260
|
-
opts = block_source_info(block)
|
261
|
-
|
262
|
-
return nil if arg.empty?
|
263
|
-
|
264
|
-
resource = arg[0]
|
265
|
-
# check to see if we are using a filtertable object
|
266
|
-
resource = resource.resource if resource.is_a? FilterTable::Table
|
267
|
-
if resource.respond_to?(:resource_skipped?) && resource.resource_skipped?
|
268
|
-
return rspec_skipped_block(arg, opts, resource.resource_exception_message)
|
269
|
-
end
|
270
|
-
|
271
|
-
if resource.respond_to?(:resource_failed?) && resource.resource_failed?
|
272
|
-
return rspec_failed_block(arg, opts, resource.resource_exception_message)
|
273
|
-
end
|
274
|
-
|
275
|
-
# If neither skipped nor failed then add the resource
|
276
|
-
add_resource(method_name, arg, opts, block)
|
277
|
-
end
|
278
|
-
|
279
|
-
def register_rule(rule)
|
280
|
-
Inspec::Log.debug "Registering rule #{rule}"
|
281
|
-
@rules << rule
|
282
|
-
checks = ::Inspec::Rule.prepare_checks(rule)
|
283
|
-
examples = checks.flat_map do |m, a, b|
|
284
|
-
get_check_example(m, a, b)
|
285
|
-
end.compact
|
286
|
-
|
287
|
-
examples.each { |e| @test_collector.add_test(e, rule) }
|
288
|
-
end
|
289
|
-
|
290
|
-
def rspec_skipped_block(arg, opts, message)
|
291
|
-
@test_collector.example_group(*arg, opts) do
|
292
|
-
# Send custom `it` block to RSpec
|
293
|
-
it message
|
294
|
-
end
|
295
|
-
end
|
296
|
-
|
297
|
-
def rspec_failed_block(arg, opts, message)
|
298
|
-
@test_collector.example_group(*arg, opts) do
|
299
|
-
# Send custom `it` block to RSpec
|
300
|
-
it "" do
|
301
|
-
# Raising here to fail the test and get proper formatting
|
302
|
-
raise Inspec::Exceptions::ResourceFailed, message
|
303
|
-
end
|
304
|
-
end
|
305
|
-
end
|
306
|
-
|
307
|
-
def add_resource(method_name, arg, opts, block)
|
308
|
-
case method_name
|
309
|
-
when "describe"
|
310
|
-
opts = { backend: @test_collector.backend }.merge opts
|
311
|
-
|
312
|
-
@test_collector.example_group(*arg, opts, &block)
|
313
|
-
when "expect"
|
314
|
-
block.example_group
|
315
|
-
when "describe.one"
|
316
|
-
tests = arg.map do |x|
|
317
|
-
@test_collector.example_group(x[1][0], block_source_info(x[2]), &x[2])
|
318
|
-
end
|
319
|
-
return nil if tests.empty?
|
320
|
-
|
321
|
-
successful_tests = tests.find_all(&:run)
|
322
|
-
|
323
|
-
# Return all tests if none succeeds; we will just report full failure
|
324
|
-
return tests if successful_tests.empty?
|
325
|
-
|
326
|
-
successful_tests
|
327
|
-
else
|
328
|
-
raise "A rule was registered with #{method_name.inspect}," \
|
329
|
-
"which isn't understood and cannot be processed."
|
330
|
-
end
|
331
|
-
end
|
332
|
-
end
|
333
|
-
end
|