inspec 4.3.2 → 4.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +36 -38
- data/README.md +37 -21
- data/etc/deprecations.json +10 -0
- data/etc/plugin_filters.json +8 -0
- data/inspec.gemspec +38 -39
- data/lib/bundles/inspec-compliance/api.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -1
- data/lib/bundles/inspec-compliance/http.rb +1 -1
- data/lib/bundles/inspec-compliance/support.rb +1 -1
- data/lib/bundles/inspec-compliance/target.rb +1 -1
- data/lib/bundles/inspec-supermarket.rb +3 -7
- data/lib/bundles/inspec-supermarket/api.rb +10 -13
- data/lib/bundles/inspec-supermarket/cli.rb +12 -15
- data/lib/bundles/inspec-supermarket/target.rb +7 -11
- data/lib/fetchers/git.rb +14 -15
- data/lib/fetchers/local.rb +6 -10
- data/lib/fetchers/mock.rb +3 -5
- data/lib/fetchers/url.rb +42 -44
- data/lib/inspec.rb +23 -24
- data/lib/inspec/archive/tar.rb +2 -6
- data/lib/inspec/archive/zip.rb +3 -7
- data/lib/inspec/backend.rb +8 -9
- data/lib/inspec/base_cli.rb +64 -65
- data/lib/inspec/cached_fetcher.rb +2 -3
- data/lib/inspec/cli.rb +136 -97
- data/lib/inspec/config.rb +71 -61
- data/lib/inspec/control_eval_context.rb +22 -18
- data/lib/inspec/dependencies/cache.rb +2 -3
- data/lib/inspec/dependencies/dependency_set.rb +2 -3
- data/lib/inspec/dependencies/lockfile.rb +8 -9
- data/lib/inspec/dependencies/requirement.rb +7 -8
- data/lib/inspec/dependencies/resolver.rb +5 -7
- data/lib/inspec/describe.rb +2 -6
- data/lib/inspec/dist.rb +20 -0
- data/lib/inspec/dsl.rb +4 -7
- data/lib/inspec/dsl_shared.rb +1 -2
- data/lib/inspec/env_printer.rb +11 -12
- data/lib/inspec/errors.rb +0 -4
- data/lib/inspec/exceptions.rb +0 -1
- data/lib/inspec/expect.rb +5 -8
- data/lib/inspec/fetcher.rb +7 -10
- data/lib/inspec/file_provider.rb +24 -24
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +8 -8
- data/lib/inspec/globals.rb +2 -2
- data/lib/inspec/impact.rb +5 -7
- data/lib/inspec/input_registry.rb +84 -33
- data/lib/inspec/library_eval_context.rb +3 -6
- data/lib/inspec/log.rb +1 -5
- data/lib/inspec/metadata.rb +17 -16
- data/lib/inspec/method_source.rb +5 -9
- data/lib/inspec/objects.rb +10 -12
- data/lib/inspec/objects/control.rb +7 -9
- data/lib/inspec/objects/describe.rb +9 -11
- data/lib/inspec/objects/each_loop.rb +1 -3
- data/lib/inspec/objects/input.rb +24 -26
- data/lib/inspec/objects/list.rb +4 -6
- data/lib/inspec/objects/or_test.rb +2 -4
- data/lib/inspec/objects/ruby_helper.rb +3 -5
- data/lib/inspec/objects/tag.rb +0 -2
- data/lib/inspec/objects/test.rb +9 -11
- data/lib/inspec/objects/value.rb +3 -5
- data/lib/inspec/plugin/v1.rb +2 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
- data/lib/inspec/plugin/v1/plugins.rb +15 -19
- data/lib/inspec/plugin/v1/registry.rb +0 -4
- data/lib/inspec/plugin/v2.rb +8 -8
- data/lib/inspec/plugin/v2/activator.rb +1 -1
- data/lib/inspec/plugin/v2/config_file.rb +6 -6
- data/lib/inspec/plugin/v2/filter.rb +13 -13
- data/lib/inspec/plugin/v2/installer.rb +36 -24
- data/lib/inspec/plugin/v2/loader.rb +28 -28
- data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
- data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
- data/lib/inspec/plugin/v2/registry.rb +7 -7
- data/lib/inspec/polyfill.rb +0 -3
- data/lib/inspec/profile.rb +55 -63
- data/lib/inspec/profile_context.rb +27 -30
- data/lib/inspec/profile_vendor.rb +6 -9
- data/lib/inspec/reporters.rb +24 -24
- data/lib/inspec/reporters/automate.rb +17 -19
- data/lib/inspec/reporters/base.rb +1 -1
- data/lib/inspec/reporters/cli.rb +88 -91
- data/lib/inspec/reporters/json.rb +2 -4
- data/lib/inspec/reporters/json_automate.rb +1 -3
- data/lib/inspec/reporters/json_min.rb +1 -3
- data/lib/inspec/reporters/junit.rb +26 -28
- data/lib/inspec/reporters/yaml.rb +1 -3
- data/lib/inspec/require_loader.rb +0 -4
- data/lib/inspec/resource.rb +4 -125
- data/lib/inspec/resources.rb +121 -0
- data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
- data/lib/{resources → inspec/resources}/apache.rb +13 -14
- data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
- data/lib/{resources → inspec/resources}/apt.rb +17 -17
- data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
- data/lib/{resources → inspec/resources}/auditd.rb +62 -64
- data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
- data/lib/{resources → inspec/resources}/bash.rb +6 -8
- data/lib/{resources → inspec/resources}/bond.rb +15 -14
- data/lib/{resources → inspec/resources}/bridge.rb +8 -8
- data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
- data/lib/{resources → inspec/resources}/command.rb +11 -10
- data/lib/{resources → inspec/resources}/cpan.rb +12 -12
- data/lib/{resources → inspec/resources}/cran.rb +9 -9
- data/lib/{resources → inspec/resources}/crontab.rb +47 -48
- data/lib/{resources → inspec/resources}/csv.rb +5 -5
- data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
- data/lib/{resources → inspec/resources}/directory.rb +5 -7
- data/lib/{resources → inspec/resources}/docker.rb +63 -63
- data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
- data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
- data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
- data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
- data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
- data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
- data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
- data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
- data/lib/{resources → inspec/resources}/file.rb +80 -79
- data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
- data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
- data/lib/{resources → inspec/resources}/gem.rb +12 -12
- data/lib/{resources → inspec/resources}/groups.rb +28 -27
- data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
- data/lib/{resources → inspec/resources}/host.rb +31 -29
- data/lib/{resources → inspec/resources}/http.rb +24 -24
- data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
- data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
- data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
- data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/ini.rb +7 -8
- data/lib/{resources → inspec/resources}/interface.rb +30 -30
- data/lib/{resources → inspec/resources}/iptables.rb +8 -8
- data/lib/{resources → inspec/resources}/json.rb +8 -10
- data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
- data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
- data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
- data/lib/{resources → inspec/resources}/ksh.rb +6 -8
- data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
- data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
- data/lib/{resources → inspec/resources}/mount.rb +6 -8
- data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
- data/lib/inspec/resources/mysql.rb +81 -0
- data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
- data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
- data/lib/{resources → inspec/resources}/nginx.rb +16 -17
- data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
- data/lib/{resources → inspec/resources}/npm.rb +9 -10
- data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/oneget.rb +8 -8
- data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
- data/lib/{resources → inspec/resources}/os.rb +6 -8
- data/lib/{resources → inspec/resources}/os_env.rb +11 -12
- data/lib/{resources → inspec/resources}/package.rb +66 -65
- data/lib/{resources → inspec/resources}/packages.rb +13 -13
- data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
- data/lib/{resources → inspec/resources}/passwd.rb +18 -19
- data/lib/{resources → inspec/resources}/pip.rb +19 -19
- data/lib/{resources → inspec/resources}/platform.rb +9 -11
- data/lib/{resources → inspec/resources}/port.rb +134 -136
- data/lib/{resources → inspec/resources}/postgres.rb +40 -32
- data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
- data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
- data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
- data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
- data/lib/{resources → inspec/resources}/powershell.rb +17 -13
- data/lib/{resources → inspec/resources}/processes.rb +29 -29
- data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
- data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
- data/lib/inspec/resources/script.rb +1 -0
- data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
- data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
- data/lib/{resources → inspec/resources}/service.rb +74 -75
- data/lib/{resources → inspec/resources}/shadow.rb +44 -45
- data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
- data/lib/{resources → inspec/resources}/ssl.rb +28 -29
- data/lib/inspec/resources/sys_info.rb +30 -0
- data/lib/{resources → inspec/resources}/toml.rb +5 -7
- data/lib/{resources → inspec/resources}/users.rb +65 -65
- data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
- data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
- data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
- data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
- data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
- data/lib/{resources → inspec/resources}/wmi.rb +7 -8
- data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
- data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
- data/lib/{resources → inspec/resources}/xml.rb +7 -7
- data/lib/{resources → inspec/resources}/yaml.rb +5 -6
- data/lib/{resources → inspec/resources}/yum.rb +10 -10
- data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
- data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
- data/lib/inspec/rspec_extensions.rb +24 -8
- data/lib/inspec/rule.rb +14 -15
- data/lib/inspec/runner.rb +28 -28
- data/lib/inspec/runner_mock.rb +1 -5
- data/lib/inspec/runner_rspec.rb +18 -20
- data/lib/inspec/runtime_profile.rb +2 -5
- data/lib/inspec/schema.rb +142 -143
- data/lib/inspec/secrets.rb +3 -7
- data/lib/inspec/secrets/yaml.rb +3 -5
- data/lib/inspec/shell.rb +11 -15
- data/lib/inspec/shell_detector.rb +6 -7
- data/lib/inspec/source_reader.rb +4 -8
- data/lib/inspec/ui.rb +33 -39
- data/lib/inspec/ui_table_helper.rb +12 -0
- data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
- data/lib/{utils → inspec/utils}/convert.rb +0 -4
- data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
- data/lib/inspec/utils/deprecation.rb +6 -0
- data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
- data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
- data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
- data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
- data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
- data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
- data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
- data/lib/{utils → inspec/utils}/filter.rb +30 -33
- data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
- data/lib/{utils → inspec/utils}/find_files.rb +9 -12
- data/lib/{utils → inspec/utils}/hash.rb +1 -5
- data/lib/inspec/utils/json_log.rb +15 -0
- data/lib/inspec/utils/latest_version.rb +13 -0
- data/lib/{utils → inspec/utils}/modulator.rb +0 -3
- data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
- data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
- data/lib/{utils → inspec/utils}/parser.rb +45 -45
- data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
- data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
- data/lib/{utils → inspec/utils}/spdx.rb +1 -4
- data/lib/{utils → inspec/utils}/spdx.txt +0 -0
- data/lib/inspec/utils/telemetry.rb +3 -3
- data/lib/inspec/utils/telemetry/collector.rb +30 -9
- data/lib/inspec/utils/telemetry/data_series.rb +3 -1
- data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +22 -25
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
- data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +12 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
- data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +12 -14
- data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +39 -41
- data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +64 -64
- data/lib/plugins/inspec-compliance/test/unit/api_test.rb +157 -156
- data/lib/plugins/inspec-compliance/test/unit/target_test.rb +85 -85
- data/lib/plugins/inspec-habitat/Berksfile +2 -2
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
- data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +1 -1
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +8 -8
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +17 -17
- data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +9 -8
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +14 -14
- data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +4 -4
- data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +42 -41
- data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +5 -5
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +1 -3
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/azure/controls/example.rb +4 -5
- data/lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
- data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +51 -50
- data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +35 -33
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +281 -271
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +41 -41
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +25 -6
- data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
- data/lib/resource_support/aws.rb +67 -67
- data/lib/resource_support/aws/aws_plural_resource_mixin.rb +4 -1
- data/lib/resource_support/aws/aws_resource_mixin.rb +4 -3
- data/lib/resource_support/aws/aws_singular_resource_mixin.rb +4 -1
- data/lib/resources/aws/aws_billing_report.rb +15 -8
- data/lib/resources/aws/aws_billing_reports.rb +10 -7
- data/lib/resources/aws/aws_cloudtrail_trail.rb +9 -5
- data/lib/resources/aws/aws_cloudtrail_trails.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_alarm.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +12 -8
- data/lib/resources/aws/aws_config_delivery_channel.rb +13 -9
- data/lib/resources/aws/aws_config_recorder.rb +10 -6
- data/lib/resources/aws/aws_ebs_volume.rb +12 -8
- data/lib/resources/aws/aws_ebs_volumes.rb +9 -5
- data/lib/resources/aws/aws_ec2_instance.rb +14 -11
- data/lib/resources/aws/aws_ec2_instances.rb +9 -5
- data/lib/resources/aws/aws_ecs_cluster.rb +11 -7
- data/lib/resources/aws/aws_eks_cluster.rb +13 -9
- data/lib/resources/aws/aws_elb.rb +9 -5
- data/lib/resources/aws/aws_elbs.rb +9 -5
- data/lib/resources/aws/aws_flow_log.rb +17 -13
- data/lib/resources/aws/aws_iam_access_key.rb +15 -11
- data/lib/resources/aws/aws_iam_access_keys.rb +19 -15
- data/lib/resources/aws/aws_iam_group.rb +9 -5
- data/lib/resources/aws/aws_iam_groups.rb +9 -5
- data/lib/resources/aws/aws_iam_password_policy.rb +13 -10
- data/lib/resources/aws/aws_iam_policies.rb +9 -5
- data/lib/resources/aws/aws_iam_policy.rb +16 -12
- data/lib/resources/aws/aws_iam_role.rb +9 -5
- data/lib/resources/aws/aws_iam_root_user.rb +12 -8
- data/lib/resources/aws/aws_iam_user.rb +12 -12
- data/lib/resources/aws/aws_iam_users.rb +10 -10
- data/lib/resources/aws/aws_kms_key.rb +12 -8
- data/lib/resources/aws/aws_kms_keys.rb +9 -5
- data/lib/resources/aws/aws_rds_instance.rb +11 -8
- data/lib/resources/aws/aws_route_table.rb +11 -7
- data/lib/resources/aws/aws_route_tables.rb +10 -6
- data/lib/resources/aws/aws_s3_bucket.rb +14 -11
- data/lib/resources/aws/aws_s3_bucket_object.rb +12 -9
- data/lib/resources/aws/aws_s3_buckets.rb +9 -7
- data/lib/resources/aws/aws_security_group.rb +16 -12
- data/lib/resources/aws/aws_security_groups.rb +12 -8
- data/lib/resources/aws/aws_sns_subscription.rb +15 -11
- data/lib/resources/aws/aws_sns_topic.rb +10 -6
- data/lib/resources/aws/aws_sns_topics.rb +9 -5
- data/lib/resources/aws/aws_sqs_queue.rb +18 -14
- data/lib/resources/aws/aws_subnet.rb +11 -7
- data/lib/resources/aws/aws_subnets.rb +9 -5
- data/lib/resources/aws/aws_vpc.rb +10 -6
- data/lib/resources/aws/aws_vpcs.rb +9 -5
- data/lib/resources/azure/azure_backend.rb +20 -18
- data/lib/resources/azure/azure_generic_resource.rb +13 -15
- data/lib/resources/azure/azure_resource_group.rb +17 -19
- data/lib/resources/azure/azure_virtual_machine.rb +6 -8
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +6 -8
- data/lib/source_readers/flat.rb +6 -10
- data/lib/source_readers/inspec.rb +8 -12
- metadata +141 -142
- data/lib/resources/mysql.rb +0 -82
- data/lib/resources/sys_info.rb +0 -28
- data/lib/utils/deprecation.rb +0 -6
- data/lib/utils/json_log.rb +0 -18
- data/lib/utils/latest_version.rb +0 -22
@@ -1,13 +1,9 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
# author: Christoph Hartmann
|
3
|
-
# author: Dominik Richter
|
4
|
-
|
5
1
|
libdir = File.dirname(__FILE__)
|
6
2
|
$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
|
7
3
|
|
8
4
|
module Supermarket
|
9
|
-
autoload :API,
|
5
|
+
autoload :API, "inspec-supermarket/api"
|
10
6
|
end
|
11
7
|
|
12
|
-
require
|
13
|
-
require
|
8
|
+
require "inspec-supermarket/cli"
|
9
|
+
require "inspec-supermarket/target"
|
@@ -1,26 +1,23 @@
|
|
1
|
-
# encoding: utf-8
|
2
1
|
# frozen_string_literal: true
|
3
|
-
# author: Christoph Hartmann
|
4
|
-
# author: Dominik Richter
|
5
2
|
|
6
|
-
require
|
7
|
-
require
|
3
|
+
require "net/http"
|
4
|
+
require "addressable/uri"
|
8
5
|
|
9
6
|
module Supermarket
|
10
7
|
class API
|
11
|
-
SUPERMARKET_URL =
|
8
|
+
SUPERMARKET_URL = "https://supermarket.chef.io"
|
12
9
|
|
13
10
|
# displays a list of profiles
|
14
11
|
def self.profiles(supermarket_url = SUPERMARKET_URL)
|
15
12
|
url = "#{supermarket_url}/api/v1/tools-search"
|
16
|
-
_success, data = get(url, { type:
|
13
|
+
_success, data = get(url, { type: "compliance_profile", items: 100 })
|
17
14
|
if !data.nil?
|
18
15
|
profiles = JSON.parse(data)
|
19
|
-
profiles[
|
20
|
-
m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x[
|
21
|
-
x[
|
16
|
+
profiles["items"].map do |x|
|
17
|
+
m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x["tool"])
|
18
|
+
x["slug"] = m[:slug]
|
22
19
|
x
|
23
|
-
|
20
|
+
end
|
24
21
|
else
|
25
22
|
[]
|
26
23
|
end
|
@@ -54,7 +51,7 @@ module Supermarket
|
|
54
51
|
|
55
52
|
# Tool name in Supermarket URL is downcased so we need to downcase
|
56
53
|
tool = "#{supermarket_url}/api/v1/tools/#{tool_name.downcase}"
|
57
|
-
supermarket_tool[
|
54
|
+
supermarket_tool["tool_owner"] == tool_owner && supermarket_tool["tool"] == tool
|
58
55
|
end
|
59
56
|
|
60
57
|
def self.find(profile, supermarket_url = SUPERMARKET_URL)
|
@@ -80,7 +77,7 @@ module Supermarket
|
|
80
77
|
|
81
78
|
def self.send_request(uri, req)
|
82
79
|
# send request
|
83
|
-
res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme ==
|
80
|
+
res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == "https") do |http|
|
84
81
|
http.request(req)
|
85
82
|
end
|
86
83
|
[res.is_a?(Net::HTTPSuccess), res.body]
|
@@ -1,11 +1,8 @@
|
|
1
|
-
|
2
|
-
# author: Christoph Hartmann
|
3
|
-
# author: Dominik Richter
|
4
|
-
require 'inspec/base_cli'
|
1
|
+
require "inspec/base_cli"
|
5
2
|
|
6
3
|
module Supermarket
|
7
4
|
class SupermarketCLI < Inspec::BaseCLI
|
8
|
-
namespace
|
5
|
+
namespace "supermarket"
|
9
6
|
|
10
7
|
# TODO: find another solution, once https://github.com/erikhuda/thor/issues/261 is fixed
|
11
8
|
def self.banner(command, _namespace = nil, _subcommand = false)
|
@@ -16,18 +13,18 @@ module Supermarket
|
|
16
13
|
namespace
|
17
14
|
end
|
18
15
|
|
19
|
-
desc
|
16
|
+
desc "profiles", "list all available profiles in Chef Supermarket"
|
20
17
|
def profiles
|
21
18
|
# display profiles in format user/profile
|
22
19
|
supermarket_profiles = Supermarket::API.profiles
|
23
20
|
|
24
|
-
headline(
|
25
|
-
supermarket_profiles.each
|
21
|
+
headline("Available profiles:")
|
22
|
+
supermarket_profiles.each do |p|
|
26
23
|
li("#{p['tool_name']} #{mark_text(p['tool_owner'] + '/' + p['slug'])}")
|
27
|
-
|
24
|
+
end
|
28
25
|
end
|
29
26
|
|
30
|
-
desc
|
27
|
+
desc "exec PROFILE", "execute a Supermarket profile"
|
31
28
|
exec_options
|
32
29
|
def exec(*tests)
|
33
30
|
o = config
|
@@ -35,7 +32,7 @@ module Supermarket
|
|
35
32
|
configure_logger(o)
|
36
33
|
|
37
34
|
# iterate over tests and add compliance scheme
|
38
|
-
tests = tests.map { |t|
|
35
|
+
tests = tests.map { |t| "supermarket://" + t }
|
39
36
|
|
40
37
|
runner = Inspec::Runner.new(o)
|
41
38
|
tests.each { |target| runner.add_target(target) }
|
@@ -46,13 +43,13 @@ module Supermarket
|
|
46
43
|
exit 1
|
47
44
|
end
|
48
45
|
|
49
|
-
desc
|
46
|
+
desc "info PROFILE", "display Supermarket profile details"
|
50
47
|
def info(profile)
|
51
48
|
# check that the profile is available
|
52
49
|
supermarket_profiles = Supermarket::API.profiles
|
53
|
-
found = supermarket_profiles.select
|
50
|
+
found = supermarket_profiles.select do |p|
|
54
51
|
profile == "#{p['tool_owner']}/#{p['slug']}"
|
55
|
-
|
52
|
+
end
|
56
53
|
|
57
54
|
if found.empty?
|
58
55
|
puts "#{mark_text(profile)} is not available on Supermarket"
|
@@ -70,5 +67,5 @@ module Supermarket
|
|
70
67
|
end
|
71
68
|
|
72
69
|
# register the subcommand to InSpec CLI registry
|
73
|
-
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI,
|
70
|
+
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, "supermarket", "supermarket SUBCOMMAND ...", "Supermarket commands", {})
|
74
71
|
end
|
@@ -1,19 +1,15 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
require 'uri'
|
6
|
-
require 'inspec/fetcher'
|
7
|
-
require 'fetchers/url'
|
1
|
+
require "uri"
|
2
|
+
require "inspec/fetcher"
|
3
|
+
require "fetchers/url"
|
8
4
|
|
9
5
|
# InSpec Target Helper for Supermarket
|
10
6
|
module Supermarket
|
11
7
|
class Fetcher < Inspec.fetcher(1)
|
12
|
-
name
|
8
|
+
name "supermarket"
|
13
9
|
priority 500
|
14
10
|
|
15
11
|
def self.resolve(target, opts = {})
|
16
|
-
supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme ==
|
12
|
+
supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme == "supermarket"
|
17
13
|
[target, Supermarket::API::SUPERMARKET_URL]
|
18
14
|
elsif target.respond_to?(:key?) && target.key?(:supermarket)
|
19
15
|
supermarket_server = target[:supermarket_url] || Supermarket::API::SUPERMARKET_URL
|
@@ -22,13 +18,13 @@ module Supermarket
|
|
22
18
|
return nil unless supermarket_uri
|
23
19
|
return nil unless Supermarket::API.exist?(supermarket_uri, supermarket_server)
|
24
20
|
tool_info = Supermarket::API.find(supermarket_uri, supermarket_server)
|
25
|
-
resolve_next(tool_info[
|
21
|
+
resolve_next(tool_info["tool_source_url"], opts)
|
26
22
|
rescue URI::Error
|
27
23
|
nil
|
28
24
|
end
|
29
25
|
|
30
26
|
def to_s
|
31
|
-
|
27
|
+
"Chef Compliance Profile Loader"
|
32
28
|
end
|
33
29
|
end
|
34
30
|
end
|
data/lib/fetchers/git.rb
CHANGED
@@ -1,8 +1,7 @@
|
|
1
|
-
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require 'inspec/log'
|
1
|
+
require "tmpdir"
|
2
|
+
require "fileutils"
|
3
|
+
require "mixlib/shellout"
|
4
|
+
require "inspec/log"
|
6
5
|
|
7
6
|
module Fetchers
|
8
7
|
#
|
@@ -25,12 +24,12 @@ module Fetchers
|
|
25
24
|
# omnibus source for hints.
|
26
25
|
#
|
27
26
|
class Git < Inspec.fetcher(1)
|
28
|
-
name
|
27
|
+
name "git"
|
29
28
|
priority 200
|
30
29
|
|
31
30
|
def self.resolve(target, opts = {})
|
32
31
|
if target.is_a?(String)
|
33
|
-
new(target, opts) if target.start_with?(
|
32
|
+
new(target, opts) if target.start_with?("git@") || target.end_with?(".git")
|
34
33
|
elsif target.respond_to?(:has_key?) && target.key?(:git)
|
35
34
|
new(target[:git], opts.merge(target))
|
36
35
|
end
|
@@ -54,7 +53,7 @@ module Fetchers
|
|
54
53
|
Dir.mktmpdir do |tmpdir|
|
55
54
|
checkout(tmpdir)
|
56
55
|
Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
|
57
|
-
FileUtils.cp_r(tmpdir +
|
56
|
+
FileUtils.cp_r(tmpdir + "/.", @repo_directory)
|
58
57
|
end
|
59
58
|
end
|
60
59
|
@repo_directory
|
@@ -82,7 +81,7 @@ module Fetchers
|
|
82
81
|
elsif @tag
|
83
82
|
resolve_ref(@tag)
|
84
83
|
else
|
85
|
-
resolve_ref(
|
84
|
+
resolve_ref("master")
|
86
85
|
end
|
87
86
|
end
|
88
87
|
|
@@ -130,7 +129,7 @@ module Fetchers
|
|
130
129
|
end
|
131
130
|
|
132
131
|
def cloned?
|
133
|
-
File.directory?(File.join(@repo_directory,
|
132
|
+
File.directory?(File.join(@repo_directory, ".git"))
|
134
133
|
end
|
135
134
|
|
136
135
|
def clone(dir = @repo_directory)
|
@@ -149,7 +148,7 @@ module Fetchers
|
|
149
148
|
cmd.error!
|
150
149
|
cmd.status
|
151
150
|
rescue Errno::ENOENT
|
152
|
-
raise
|
151
|
+
raise "To use git sources, you must have git installed."
|
153
152
|
end
|
154
153
|
|
155
154
|
def shellout(cmd, opts = {})
|
@@ -157,12 +156,12 @@ module Fetchers
|
|
157
156
|
cmd = Mixlib::ShellOut.new(cmd, opts)
|
158
157
|
cmd.run_command
|
159
158
|
Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
|
160
|
-
Inspec::Log.debug(
|
159
|
+
Inspec::Log.debug("External command: STDOUT BEGIN")
|
161
160
|
Inspec::Log.debug(cmd.stdout)
|
162
|
-
Inspec::Log.debug(
|
163
|
-
Inspec::Log.debug(
|
161
|
+
Inspec::Log.debug("External command: STDOUT END")
|
162
|
+
Inspec::Log.debug("External command: STDERR BEGIN")
|
164
163
|
Inspec::Log.debug(cmd.stderr)
|
165
|
-
Inspec::Log.debug(
|
164
|
+
Inspec::Log.debug("External command: STDERR END")
|
166
165
|
cmd
|
167
166
|
end
|
168
167
|
end
|
data/lib/fetchers/local.rb
CHANGED
@@ -1,12 +1,8 @@
|
|
1
|
-
|
2
|
-
# author: Dominik Richter
|
3
|
-
# author: Christoph Hartmann
|
4
|
-
|
5
|
-
require 'openssl'
|
1
|
+
require "openssl"
|
6
2
|
|
7
3
|
module Fetchers
|
8
4
|
class Local < Inspec.fetcher(1)
|
9
|
-
name
|
5
|
+
name "local"
|
10
6
|
priority 0
|
11
7
|
|
12
8
|
def self.resolve(target)
|
@@ -31,11 +27,11 @@ module Fetchers
|
|
31
27
|
|
32
28
|
def self.resolve_from_string(target)
|
33
29
|
# Support "urls" in the form of file://
|
34
|
-
if target.start_with?(
|
35
|
-
target = target.gsub(%r{^file://},
|
30
|
+
if target.start_with?("file://")
|
31
|
+
target = target.gsub(%r{^file://}, "")
|
36
32
|
else
|
37
33
|
# support for windows paths
|
38
|
-
target = target.tr('\\',
|
34
|
+
target = target.tr('\\', "/")
|
39
35
|
end
|
40
36
|
|
41
37
|
target if File.exist?(File.expand_path(target))
|
@@ -105,7 +101,7 @@ module Fetchers
|
|
105
101
|
end
|
106
102
|
|
107
103
|
def perform_shasum(target)
|
108
|
-
@archive_shasum ||= OpenSSL::Digest::SHA256.digest(File.read(target)).unpack(
|
104
|
+
@archive_shasum ||= OpenSSL::Digest::SHA256.digest(File.read(target)).unpack("H*")[0]
|
109
105
|
end
|
110
106
|
|
111
107
|
def resolved_source
|
data/lib/fetchers/mock.rb
CHANGED
@@ -1,10 +1,8 @@
|
|
1
|
-
|
2
|
-
# author: Dominik Richter
|
3
|
-
# author: Christoph Hartmann
|
1
|
+
require "inspec/fetcher"
|
4
2
|
|
5
3
|
module Fetchers
|
6
4
|
class Mock < Inspec.fetcher(1)
|
7
|
-
name
|
5
|
+
name "mock"
|
8
6
|
priority 0
|
9
7
|
|
10
8
|
def self.resolve(target)
|
@@ -29,7 +27,7 @@ module Fetchers
|
|
29
27
|
end
|
30
28
|
|
31
29
|
def cache_key
|
32
|
-
|
30
|
+
""
|
33
31
|
end
|
34
32
|
end
|
35
33
|
end
|
data/lib/fetchers/url.rb
CHANGED
@@ -1,22 +1,18 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
require 'uri'
|
6
|
-
require 'openssl'
|
7
|
-
require 'tempfile'
|
8
|
-
require 'open-uri'
|
1
|
+
require "uri"
|
2
|
+
require "openssl"
|
3
|
+
require "tempfile"
|
4
|
+
require "open-uri"
|
9
5
|
|
10
6
|
module Fetchers
|
11
7
|
class Url < Inspec.fetcher(1)
|
12
8
|
MIME_TYPES = {
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
9
|
+
"application/x-zip-compressed" => ".zip",
|
10
|
+
"application/zip" => ".zip",
|
11
|
+
"application/x-gzip" => ".tar.gz",
|
12
|
+
"application/gzip" => ".tar.gz",
|
17
13
|
}.freeze
|
18
14
|
|
19
|
-
name
|
15
|
+
name "url"
|
20
16
|
priority 200
|
21
17
|
|
22
18
|
def self.resolve(target, opts = {})
|
@@ -31,7 +27,7 @@ module Fetchers
|
|
31
27
|
|
32
28
|
def self.resolve_from_string(target, opts, username = nil, password = nil)
|
33
29
|
uri = URI.parse(target)
|
34
|
-
return nil if uri.nil?
|
30
|
+
return nil if uri.nil? || uri.scheme.nil?
|
35
31
|
return nil unless %{ http https }.include? uri.scheme
|
36
32
|
target = transform(target)
|
37
33
|
opts[:username] = username if username
|
@@ -66,11 +62,11 @@ module Fetchers
|
|
66
62
|
# https://bitbucket.org/username/repo/commits/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc is transformed to
|
67
63
|
# https://bitbucket.org/username/repo/get/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc.tar.gz
|
68
64
|
|
69
|
-
GITHUB_URL_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w
|
70
|
-
GITHUB_URL_WITH_TREE_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w
|
71
|
-
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}
|
72
|
-
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}
|
73
|
-
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}
|
65
|
+
GITHUB_URL_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+?)(\.git)?(/)?$}.freeze
|
66
|
+
GITHUB_URL_WITH_TREE_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+)/tree/(?<commit>[\w\.]+)(/)?$}.freeze
|
67
|
+
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}.freeze
|
68
|
+
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}.freeze
|
69
|
+
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}.freeze
|
74
70
|
|
75
71
|
def self.transform(target)
|
76
72
|
transformed_target = if m = GITHUB_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
@@ -98,8 +94,8 @@ module Fetchers
|
|
98
94
|
def initialize(url, opts)
|
99
95
|
@target = url.to_s
|
100
96
|
@target_uri = url.is_a?(URI) ? url : parse_uri(url)
|
101
|
-
@insecure = opts[
|
102
|
-
@token = opts[
|
97
|
+
@insecure = opts["insecure"]
|
98
|
+
@token = opts["token"]
|
103
99
|
@config = opts
|
104
100
|
@archive_path = nil
|
105
101
|
@temp_archive_path = nil
|
@@ -130,23 +126,23 @@ module Fetchers
|
|
130
126
|
|
131
127
|
def sha256
|
132
128
|
file = @archive_path || temp_archive_path
|
133
|
-
OpenSSL::Digest::SHA256.digest(File.read(file)).unpack(
|
129
|
+
OpenSSL::Digest::SHA256.digest(File.read(file)).unpack("H*")[0]
|
134
130
|
end
|
135
131
|
|
136
132
|
def file_type_from_remote(remote)
|
137
|
-
content_type = remote.meta[
|
133
|
+
content_type = remote.meta["content-type"]
|
138
134
|
file_type = MIME_TYPES[content_type]
|
139
135
|
|
140
136
|
if file_type.nil?
|
141
137
|
Inspec::Log.warn("Unrecognized content type: #{content_type}. Assuming tar.gz")
|
142
|
-
file_type =
|
138
|
+
file_type = ".tar.gz"
|
143
139
|
end
|
144
140
|
|
145
141
|
file_type
|
146
142
|
end
|
147
143
|
|
148
144
|
def temp_archive_path
|
149
|
-
@temp_archive_path ||= if @config[
|
145
|
+
@temp_archive_path ||= if @config["server_type"] == "automate2"
|
150
146
|
download_automate2_archive_to_temp
|
151
147
|
else
|
152
148
|
download_archive_to_temp
|
@@ -158,13 +154,13 @@ module Fetchers
|
|
158
154
|
|
159
155
|
Inspec::Log.debug("Fetching URL: #{@target}")
|
160
156
|
json = {
|
161
|
-
owner: @config[
|
162
|
-
name: @config[
|
163
|
-
version: @config[
|
157
|
+
owner: @config["profile"][0],
|
158
|
+
name: @config["profile"][1],
|
159
|
+
version: @config["profile"][2],
|
164
160
|
}.to_json
|
165
161
|
|
166
162
|
opts = http_opts
|
167
|
-
opts[:use_ssl] = @target_uri.scheme ==
|
163
|
+
opts[:use_ssl] = @target_uri.scheme == "https"
|
168
164
|
|
169
165
|
if @insecure
|
170
166
|
opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE
|
@@ -177,12 +173,12 @@ module Fetchers
|
|
177
173
|
req.add_field(key, value)
|
178
174
|
end
|
179
175
|
req.body = json
|
180
|
-
res = Net::HTTP.start(@target_uri.host, @target_uri.port, opts)
|
176
|
+
res = Net::HTTP.start(@target_uri.host, @target_uri.port, opts) do |http|
|
181
177
|
http.request(req)
|
182
|
-
|
178
|
+
end
|
183
179
|
|
184
|
-
@archive_type =
|
185
|
-
archive = Tempfile.new([
|
180
|
+
@archive_type = ".tar.gz"
|
181
|
+
archive = Tempfile.new(["inspec-dl-", @archive_type])
|
186
182
|
archive.binmode
|
187
183
|
archive.write(res.body)
|
188
184
|
archive.rewind
|
@@ -197,7 +193,7 @@ module Fetchers
|
|
197
193
|
Inspec::Log.debug("Fetching URL: #{@target}")
|
198
194
|
remote = open_via_uri(@target)
|
199
195
|
@archive_type = file_type_from_remote(remote) # side effect :(
|
200
|
-
archive = Tempfile.new([
|
196
|
+
archive = Tempfile.new(["inspec-dl-", @archive_type])
|
201
197
|
archive.binmode
|
202
198
|
archive.write(remote.read)
|
203
199
|
archive.rewind
|
@@ -211,7 +207,7 @@ module Fetchers
|
|
211
207
|
|
212
208
|
if opts[:http_basic_authentication]
|
213
209
|
# OpenURI does not support userinfo so we need to remove it
|
214
|
-
open(target.sub("#{@target_uri.userinfo}@",
|
210
|
+
open(target.sub("#{@target_uri.userinfo}@", ""), opts)
|
215
211
|
else
|
216
212
|
open(target, opts)
|
217
213
|
end
|
@@ -231,16 +227,16 @@ module Fetchers
|
|
231
227
|
opts = {}
|
232
228
|
opts[:ssl_verify_mode] = OpenSSL::SSL::VERIFY_NONE if @insecure
|
233
229
|
|
234
|
-
if @config[
|
235
|
-
opts[
|
236
|
-
if @config[
|
237
|
-
opts[
|
230
|
+
if @config["server_type"] =~ /automate/
|
231
|
+
opts["chef-delivery-enterprise"] = @config["automate"]["ent"]
|
232
|
+
if @config["automate"]["token_type"] == "dctoken"
|
233
|
+
opts["x-data-collector-token"] = @config["token"]
|
238
234
|
else
|
239
|
-
opts[
|
240
|
-
opts[
|
235
|
+
opts["chef-delivery-user"] = @config["user"]
|
236
|
+
opts["chef-delivery-token"] = @config["token"]
|
241
237
|
end
|
242
238
|
elsif @token
|
243
|
-
opts[
|
239
|
+
opts["Authorization"] = "Bearer #{@token}"
|
244
240
|
end
|
245
241
|
|
246
242
|
username = @config[:username] || @target_uri.user
|
@@ -264,8 +260,10 @@ module Fetchers
|
|
264
260
|
true
|
265
261
|
end
|
266
262
|
end
|
267
|
-
|
268
|
-
"
|
263
|
+
unless keys_missing_values.empty?
|
264
|
+
raise "Unable to fetch profile - the following HTTP headers have no value: " \
|
265
|
+
"#{keys_missing_values.join(', ')}"
|
266
|
+
end
|
269
267
|
end
|
270
268
|
end
|
271
269
|
end
|