inspec 4.3.2 → 4.6.3

data/lib/{utils → inspec/utils}/filter_array.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
 # copyright: 2015, Chef Software, Inc.
-# author: Stephan Renatus
 
 class FilterArray
   attr_accessor :rules

data/lib/{utils → inspec/utils}/find_files.rb

@@ -1,18 +1,15 @@
-# encoding: utf-8
 # copyright: 2015, Vulcano Security GmbH
-# author: Dominik Richter
-# author: Christoph Hartmann
 
 module FindFiles
   TYPES = {
-    block: 'b',
-    character: 'c',
-    directory: 'd',
-    pipe: 'p',
-    file: 'f',
-    link: 'l',
-    socket: 's',
-    door: 'D',
+    block: "b",
+    character: "c",
+    directory: "d",
+    pipe: "p",
+    file: "f",
+    link: "l",
+    socket: "s",
+    door: "D",
   }.freeze
 
   # ignores errors
@@ -25,7 +22,7 @@ module FindFiles
     type = TYPES[opts[:type].to_sym] if opts[:type]
 
     # If `path` contains a `'` we must modify how we quote the `sh -c` argument
-    quote = path.include?("'") ? '"' : '\''
+    quote = path.include?("'") ? '"' : "'"
 
     cmd = "sh -c #{quote}find #{path}"
     cmd += " -type #{type}" unless type.nil?

data/lib/{utils → inspec/utils}/hash.rb

@@ -1,7 +1,3 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
-
 class ::Hash
   # Inspired by: http://stackoverflow.com/a/9381776
   def deep_merge(second)
@@ -21,7 +17,7 @@ class ::Hash
     inject({}) do |acc, (key, value)|
       index = prefix.to_s + key.to_s
       if value.is_a?(Hash)
-        acc.merge(value.smash(index + '-'))
+        acc.merge(value.smash(index + "-"))
       else
         acc.merge(index => value)
       end

data/lib/inspec/utils/json_log.rb

@@ -0,0 +1,15 @@
+require "json"
+
+# a simple streaming json logger
+class Logger::JSONFormatter < Logger::Formatter
+  def call(severity, time, progname, msg)
+    puts JSON.generate(
+      {
+        "progname" => progname,
+        "severity" => severity,
+        "time" => time,
+        "msg" => msg,
+      }
+    )
+  end
+end

data/lib/inspec/utils/latest_version.rb

@@ -0,0 +1,13 @@
+require "json"
+require "open-uri"
+
+class LatestInSpecVersion
+  # fetches the latest version from rubygems server
+  def latest
+    uri = URI("https://rubygems.org/api/v1/gems/inspec.json")
+    inspec_info = JSON.parse(uri.read(open_timeout: 1.5, read_timeout: 1.5))
+    inspec_info["version"]
+  rescue StandardError
+    nil
+  end
+end

data/lib/{utils → inspec/utils}/modulator.rb

@@ -1,6 +1,3 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
 module Modulator
   def modules
     @modules ||= {}

data/lib/{utils → inspec/utils}/nginx_parser.rb

@@ -1,8 +1,4 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
-
-require 'parslet'
+require "parslet"
 
 class NginxParser < Parslet::Parser
   root :outermost
@@ -12,60 +8,60 @@ class NginxParser < Parslet::Parser
   rule(:filler?) { one_filler.repeat }
   rule(:one_filler) { match('\s+') | match["\n"] | comment }
   rule(:space)   { match('\s+') }
-  rule(:comment) { str('#') >> (match["\n\r"].absent? >> any).repeat }
+  rule(:comment) { str("#") >> (match["\n\r"].absent? >> any).repeat }
 
-  rule(:exp) {
+  rule(:exp) do
     section | assignment
-  }
-  rule(:assignment) {
-    (identifier >> values.maybe.as(:args)).as(:assignment) >> str(';') >> filler?
-  }
+  end
+  rule(:assignment) do
+    (identifier >> values.maybe.as(:args)).as(:assignment) >> str(";") >> filler?
+  end
 
-  rule(:standard_identifier) {
-    (match('[a-zA-Z]') >> match('\S').repeat).as(:identifier) >> space >> space.repeat
-  }
+  rule(:standard_identifier) do
+    (match("[a-zA-Z]") >> match('\S').repeat).as(:identifier) >> space >> space.repeat
+  end
 
-  rule(:quoted_identifier) {
+  rule(:quoted_identifier) do
     str('"') >> (str('"').absent? >> any).repeat.as(:identifier) >> str('"') >> space.repeat
-  }
+  end
 
-  rule(:identifier) {
+  rule(:identifier) do
     standard_identifier | quoted_identifier
-  }
+  end
 
-  rule(:standard_value) {
+  rule(:standard_value) do
     ((match(/[#;{'"]/).absent? >> any) >> (
       str('\\') >> any | match('[#;{]|\s').absent? >> any
     ).repeat).as(:value) >> space.repeat
-  }
+  end
 
-  rule(:single_quoted_value) {
+  rule(:single_quoted_value) do
     str("'") >> (
       str('\\') >> any | str("'").absent? >> any
     ).repeat.as(:value) >> str("'") >> space.repeat
-  }
+  end
 
-  rule(:double_quoted_value) {
+  rule(:double_quoted_value) do
     str('"') >> (
       str('\\') >> any | str('"').absent? >> any
     ).repeat.as(:value) >> str('"') >> space.repeat
-  }
+  end
 
-  rule(:quoted_value) {
+  rule(:quoted_value) do
     single_quoted_value | double_quoted_value
-  }
+  end
 
-  rule(:value) {
+  rule(:value) do
     standard_value | quoted_value
-  }
+  end
 
-  rule(:values) {
+  rule(:values) do
     value.repeat >> space.maybe
-  }
+  end
 
-  rule(:section) {
-    identifier.as(:section) >> values.maybe.as(:args) >> str('{') >> filler? >> exp.repeat.as(:expressions) >> str('}') >> filler?
-  }
+  rule(:section) do
+    identifier.as(:section) >> values.maybe.as(:args) >> str("{") >> filler? >> exp.repeat.as(:expressions) >> str("}") >> filler?
+  end
 end
 
 class NginxTransform < Parslet::Transform
@@ -87,7 +83,7 @@ class NginxConfig
   def self.parse(content)
     lex = NginxParser.new.parse(content)
     tree = NginxTransform.new.apply(lex)
-    gtree = NginxTransform::Group.new(nil, '', tree)
+    gtree = NginxTransform::Group.new(nil, "", tree)
     read_nginx_group(gtree)
   rescue Parslet::ParseFailed => err
     raise "Failed to parse NginX config: #{err}"
@@ -95,7 +91,7 @@ class NginxConfig
 
   def self.read_nginx_group(t)
     agg_conf = Hash.new([])
-    agg_conf['_'] = t.args unless t.args == ''
+    agg_conf["_"] = t.args unless t.args == ""
 
     groups, conf = t.body.partition { |i| i.is_a? NginxTransform::Group }
     conf.each { |x| agg_conf[x.key] += [x.vals] }

data/lib/{utils → inspec/utils}/object_traversal.rb

@@ -1,6 +1,3 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
 module ObjectTraverser
   def extract_value(keys, value)
     return nil if value.nil?

data/lib/{utils → inspec/utils}/parser.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
+require "inspec/resources/command"
 
 module PasswdParser
   # Parse /etc/passwd files.
@@ -9,7 +7,7 @@ module PasswdParser
   # @return [Array] Collection of passwd entries
   def parse_passwd(content)
     content.to_s.split("\n").map do |line|
-      next if line[0] == '#'
+      next if line[0] == "#"
       parse_passwd_line(line)
     end.compact
   end
@@ -19,15 +17,15 @@ module PasswdParser
   # @param [String] line a line of /etc/passwd
   # @return [Hash] Map of entries in this line
   def parse_passwd_line(line)
-    x = line.split(':')
+    x = line.split(":")
     {
-      'user' => x.at(0),
-      'password' => x.at(1),
-      'uid' => x.at(2),
-      'gid' => x.at(3),
-      'desc' => x.at(4),
-      'home' => x.at(5),
-      'shell' => x.at(6),
+      "user" => x.at(0),
+      "password" => x.at(1),
+      "uid" => x.at(2),
+      "gid" => x.at(3),
+      "desc" => x.at(4),
+      "home" => x.at(5),
+      "shell" => x.at(6),
     }
   end
 end
@@ -44,7 +42,7 @@ module CommentParser
     idx_comment = raw.index(opts[:comment_char])
     idx_nl = raw.length if idx_nl.nil?
     idx_comment = idx_nl + 1 if idx_comment.nil?
-    line = ''
+    line = ""
 
     # is a comment inside this line
     if idx_comment < idx_nl && idx_comment != 0
@@ -70,11 +68,11 @@ module LinuxMountParser
     if includes_whitespaces?(mount_line)
       # Device-/Sharenames and Mountpoints including whitespaces require special treatment:
       # We use the keyword ' type ' to split up and rebuild the desired array of fields
-      type_split = mount_line.split(' type ')
+      type_split = mount_line.split(" type ")
       fs_path = type_split[0]
       other_opts = type_split[1]
       fs, path = fs_path.match(%r{^(.+?)\son\s(/.+?)$}).captures
-      mount = [fs, 'on', path, 'type']
+      mount = [fs, "on", path, "type"]
       mount.concat(other_opts.scan(/\S+/))
     else
       # ... otherwise we just split the fields by whitespaces
@@ -86,12 +84,12 @@ module LinuxMountParser
 
     if compatibility == false
       # parse options as array
-      mount_options[:options] = mount[5].gsub(/\(|\)/, '').split(',')
+      mount_options[:options] = mount[5].gsub(/\(|\)/, "").split(",")
     else
-      Inspec.deprecate(:mount_parser_serverspec_compat, 'Parsing mount options in this fashion is deprecated')
+      Inspec.deprecate(:mount_parser_serverspec_compat, "Parsing mount options in this fashion is deprecated")
       mount_options[:options] = {}
-      mount[5].gsub(/\(|\)/, '').split(',').each do |option|
-        name, val = option.split('=')
+      mount[5].gsub(/\(|\)/, "").split(",").each do |option|
+        name, val = option.split("=")
         if val.nil?
           val = true
         elsif val =~ /^\d+$/
@@ -108,7 +106,7 @@ module LinuxMountParser
   # Device-/Sharename or Mountpoint includes whitespaces?
   def includes_whitespaces?(mount_line)
     ws = mount_line.match(/^(.+)\son\s(.+)\stype\s.*$/)
-    ws.captures[0].include?(' ') or ws.captures[1].include?(' ')
+    ws.captures[0].include?(" ") || ws.captures[1].include?(" ")
   end
 end
 
@@ -118,8 +116,8 @@ module BsdMountParser
   def parse_mount_options(mount_line, _compatibility = false)
     return {} if mount_line.nil? || mount_line.empty?
 
-    mount = mount_line.chomp.split(' ', 4)
-    options = mount[3].tr('()', '').split(', ')
+    mount = mount_line.chomp.split(" ", 4)
+    options = mount[3].tr("()", "").split(", ")
 
     # parse device and type
     { device: mount[0], type: options.shift, options: options }
@@ -140,15 +138,15 @@ module SolarisNetstatParser
     ports = []
     cache_name_line = nil
 
-    content.each_line { |line|
+    content.each_line do |line|
       # find header, its delimiter
       if line =~ /TCP:|UDP:|SCTP:/
         # get protocol
-        protocol = line.split(':')[0].chomp.strip.downcase
+        protocol = line.split(":")[0].chomp.strip.downcase
 
         # determine version tcp, tcp6, udp, udp6
-        proto_version = line.split(':')[1].chomp.strip
-        protocol += '6' if proto_version == 'IPv6'
+        proto_version = line.split(":")[1].chomp.strip
+        protocol += "6" if proto_version == "IPv6"
 
         # reset names cache
         column_widths = nil
@@ -168,19 +166,19 @@ module SolarisNetstatParser
 
         # parse the header names
         # TODO: names should be optional
-        names = split_columns(column_widths, cache_name_line).to_a.map { |v| v.chomp.strip.downcase.tr(' ', '-').gsub(/[^\w-]/, '_') }
+        names = split_columns(column_widths, cache_name_line).to_a.map { |v| v.chomp.strip.downcase.tr(" ", "-").gsub(/[^\w-]/, "_") }
         info = {
-          'protocol' => protocol.downcase,
+          "protocol" => protocol.downcase,
         }
 
         # generate hash for each line and use the names as keys
-        names.each_index { |i|
+        names.each_index do |i|
           info[names[i]] = port[i] if i != 0
-        }
+        end
 
         ports.push(info)
       end
-    }
+    end
     ports
   end
 
@@ -200,12 +198,12 @@ module SolarisNetstatParser
     # generate regex based on columns
     sep = '\\s'
     length = columns.length
-    arr = columns.map.with_index { |x, i|
+    arr = columns.map.with_index do |x, i|
       reg = "(.{#{x}})#{sep}" # add seperator between columns
       reg = "(.{,#{x}})#{sep}" if i == length - 2 # make the pre-last one optional
       reg = "(.{,#{x}})" if i == length - 1 # use , to say max value
       reg
-    }
+    end
     # extracts the columns
     line.match(Regexp.new(arr.join))
   end
@@ -232,38 +230,38 @@ module XinetdParser
     rest = raw + "\n"
     until rest.empty?
       # extract content line
-      nl = rest.index("\n") || (rest.length-1)
-      comment = rest.index('#') || (rest.length-1)
+      nl = rest.index("\n") || (rest.length - 1)
+      comment = rest.index("#") || (rest.length - 1)
       dst_idx = comment < nl ? comment : nl
-      inner_line = dst_idx == 0 ? '' : rest[0..dst_idx-1].strip
+      inner_line = dst_idx == 0 ? "" : rest[0..dst_idx - 1].strip
       # update unparsed content
-      rest = rest[nl+1..-1]
+      rest = rest[nl + 1..-1]
       next if inner_line.empty?
 
-      if inner_line == '}'
-        if cur_group == 'defaults'
+      if inner_line == "}"
+        if cur_group == "defaults"
           res[cur_group] = SimpleConfig.new(simple_conf.join("\n"))
         else
           res[cur_group] ||= []
           res[cur_group].push(SimpleConfig.new(simple_conf.join("\n")))
         end
         cur_group = nil
-      elsif rest.lstrip[0] == '{'
+      elsif rest.lstrip[0] == "{"
         cur_group = inner_line
         simple_conf = []
-        rest = rest[rest.index("\n")+1..-1]
+        rest = rest[rest.index("\n") + 1..-1]
       elsif cur_group.nil?
         # parse all included files
         others = xinetd_include_dir(inner_line[/includedir (.+)/, 1])
 
         # complex merging of included configurations, as multiple services
         # may be defined with the same name but different configuration
-        others.each { |ores|
-          ores.each { |k, v|
+        others.each do |ores|
+          ores.each do |k, v|
             res[k] ||= []
             res[k].concat(v)
-          }
-        }
+          end
+        end
       else
         simple_conf.push(inner_line)
       end
@@ -272,3 +270,5 @@ module XinetdParser
     res
   end
 end
+
+require "inspec/utils/simpleconfig"

data/lib/{utils → inspec/utils}/pkey_reader.rb

@@ -1,15 +1,17 @@
+require "inspec/objects/input"
+
 module PkeyReader
   def read_pkey(filecontent, passphrase)
     raise_if_unset(passphrase)
 
     OpenSSL::PKey.read(filecontent, passphrase)
   rescue OpenSSL::PKey::PKeyError
-    raise Inspec::Exceptions::ResourceFailed, 'passphrase error'
+    raise Inspec::Exceptions::ResourceFailed, "passphrase error"
   end
 
   def raise_if_unset(passphrase)
     if passphrase.is_a? Inspec::Input::NO_VALUE_SET
-      raise Inspec::Exceptions::ResourceFailed, 'Please provide a value for input for openssl key passphrase'
+      raise Inspec::Exceptions::ResourceFailed, "Please provide a value for input for openssl key passphrase"
     end
   end
 end