inspec 4.38.3 → 4.46.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +5 -12
- data/inspec.gemspec +2 -1
- data/lib/plugins/inspec-init/templates/profiles/aws/inspec.yml +1 -1
- data/lib/plugins/inspec-init/templates/profiles/azure/inspec.yml +1 -1
- data/lib/plugins/inspec-init/templates/profiles/gcp/inspec.yml +1 -1
- data/lib/resources/aws/aws_iam_access_key.rb +1 -1
- data/lib/resources/azure/azure_backend.rb +3 -3
- data/lib/resources/azure/azure_virtual_machine.rb +1 -1
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +2 -2
- metadata +20 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 302eccf48140d73825ed9b203d9df1bdcc48e371ae9f6905ecf7deb68714f1e1
|
4
|
+
data.tar.gz: 8de5e9ff4db042c35d6c5b5335bf36be7e3be791b041eca774f23b0da4c705c7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e186a4053e1bfdd8c7ef047502e15aaddb85a2d8dcf8af3bd48ad619ab05db6c9f3102e1d74329a166be625d4b567dc6399aba7df63b95ebd5f1456c58710796
|
7
|
+
data.tar.gz: c7440350c1073d9c7422f2109a4604848f04cbf9b8904255213d80e3d675d6d48bc2abaf8e4b08d49a265df1956734b21d36bdd5237d300cb4068bdf088a37b6
|
data/Gemfile
CHANGED
@@ -20,28 +20,21 @@ end
|
|
20
20
|
# but our runtime dep is still 3.9+
|
21
21
|
gem "rspec", ">= 3.10"
|
22
22
|
|
23
|
-
def probably_x86?
|
24
|
-
# We don't currently build on ARM windows, so assume x86 there
|
25
|
-
return true if RUBY_PLATFORM =~ /windows|mswin|msys|mingw|cygwin/
|
26
|
-
|
27
|
-
# Otherwise rely on uname -m
|
28
|
-
`uname -m`.match?(/^(x86_64|i\d86)/)
|
29
|
-
end
|
30
|
-
|
31
23
|
group :omnibus do
|
32
24
|
gem "rb-readline"
|
33
25
|
gem "appbundler"
|
34
26
|
gem "ed25519" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
35
27
|
gem "bcrypt_pbkdf" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
36
|
-
if probably_x86?
|
37
|
-
gem "x25519" # ed25519 KEX module, not supported on ARM
|
38
|
-
end
|
39
28
|
end
|
40
29
|
|
41
30
|
group :test do
|
42
31
|
gem "chefstyle", "~> 2.0.3"
|
43
32
|
gem "concurrent-ruby", "~> 1.0"
|
44
|
-
|
33
|
+
if Gem.ruby_version.to_s.start_with?("2.5")
|
34
|
+
gem "html-proofer", "= 3.19.1" , platforms: :ruby # do not attempt to run proofer on windows
|
35
|
+
else
|
36
|
+
gem "html-proofer", platforms: :ruby # do not attempt to run proofer on windows
|
37
|
+
end
|
45
38
|
gem "json_schemer", ">= 0.2.1", "< 0.2.19"
|
46
39
|
gem "m"
|
47
40
|
gem "minitest-sprint", "~> 1.0"
|
data/inspec.gemspec
CHANGED
@@ -31,6 +31,7 @@ Gem::Specification.new do |spec|
|
|
31
31
|
|
32
32
|
# Train plugins we ship with InSpec
|
33
33
|
spec.add_dependency "train-habitat", "~> 0.1"
|
34
|
-
spec.add_dependency "train-aws", "~> 0.
|
34
|
+
spec.add_dependency "train-aws", "~> 0.2"
|
35
35
|
spec.add_dependency "train-winrm", "~> 0.2"
|
36
|
+
spec.add_dependency "mongo", "= 2.13.2" # 2.14 introduces a broken symlink in mongo-2.14.0/spec/support/ocsp
|
36
37
|
end
|
@@ -86,7 +86,7 @@ class AwsIamAccessKey < Inspec.resource(1)
|
|
86
86
|
end
|
87
87
|
|
88
88
|
if access_keys.count > 1
|
89
|
-
raise "More than one access key matched for aws_iam_access_key. Use more specific
|
89
|
+
raise "More than one access key matched for aws_iam_access_key. Use more specific parameters, such as access_key_id."
|
90
90
|
end
|
91
91
|
|
92
92
|
@exists = true
|
@@ -6,7 +6,7 @@ module Inspec::Resources
|
|
6
6
|
class AzureResourceBase < Inspec.resource(1)
|
7
7
|
attr_reader :opts, :client, :azure
|
8
8
|
|
9
|
-
# Constructor that
|
9
|
+
# Constructor that retrieves the specified resource
|
10
10
|
#
|
11
11
|
# The opts hash should contain the following
|
12
12
|
# :group_name - name of the resource group in which to look for items
|
@@ -275,7 +275,7 @@ end
|
|
275
275
|
|
276
276
|
# Class object to maintain a count of the Azure Resource types that are found
|
277
277
|
# when a less specific test is carried out. For example if all the resoures of a resource
|
278
|
-
# group are called for, there will be
|
278
|
+
# group are called for, there will be various types and number of those types.
|
279
279
|
#
|
280
280
|
# Each type is namespaced, so for example a virtual machine has the type 'Microsoft.Compute/virtualMachines'
|
281
281
|
# This is broken down into the 'Microsoft' class with the type 'Compute/virtualMachines'
|
@@ -310,7 +310,7 @@ class AzureResourceTypeCounts
|
|
310
310
|
end
|
311
311
|
|
312
312
|
# Class object that is created for each element that is returned by Azure.
|
313
|
-
# This is what is
|
313
|
+
# This is what is interrogated by InSpec. If they are nested hashes, then this results
|
314
314
|
# in nested AzureResourceProbe objects.
|
315
315
|
#
|
316
316
|
# For example, if the following was seen in an Azure Resource
|
@@ -85,7 +85,7 @@ module Inspec::Resources
|
|
85
85
|
# return hashtable
|
86
86
|
def parse_datadisk(disk, index)
|
87
87
|
# Configure parsed hashtable to hold the information
|
88
|
-
#
|
88
|
+
# Initialize this with common attributes from the different types of disk
|
89
89
|
parsed = {
|
90
90
|
disk: index,
|
91
91
|
number: index + 1,
|
@@ -115,7 +115,7 @@ module Inspec::Resources
|
|
115
115
|
parsed[:storage_account_type] = disk.managedDisk.storageAccountType
|
116
116
|
parsed[:id] = disk.managedDisk.id
|
117
117
|
|
118
|
-
# Break up the ID string so that the following information can get
|
118
|
+
# Break up the ID string so that the following information can get retrieved
|
119
119
|
# - subscription_id
|
120
120
|
# - resource_group
|
121
121
|
id_parts = parsed[:id].split(%r{/}).reject(&:empty?)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.46.13
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chef InSpec Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-09-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: inspec-core
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 4.
|
19
|
+
version: 4.46.13
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 4.
|
26
|
+
version: 4.46.13
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: train
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -78,14 +78,14 @@ dependencies:
|
|
78
78
|
requirements:
|
79
79
|
- - "~>"
|
80
80
|
- !ruby/object:Gem::Version
|
81
|
-
version: '0.
|
81
|
+
version: '0.2'
|
82
82
|
type: :runtime
|
83
83
|
prerelease: false
|
84
84
|
version_requirements: !ruby/object:Gem::Requirement
|
85
85
|
requirements:
|
86
86
|
- - "~>"
|
87
87
|
- !ruby/object:Gem::Version
|
88
|
-
version: '0.
|
88
|
+
version: '0.2'
|
89
89
|
- !ruby/object:Gem::Dependency
|
90
90
|
name: train-winrm
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,6 +100,20 @@ dependencies:
|
|
100
100
|
- - "~>"
|
101
101
|
- !ruby/object:Gem::Version
|
102
102
|
version: '0.2'
|
103
|
+
- !ruby/object:Gem::Dependency
|
104
|
+
name: mongo
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - '='
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: 2.13.2
|
110
|
+
type: :runtime
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - '='
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: 2.13.2
|
103
117
|
description: InSpec provides a framework for creating end-to-end infrastructure tests.
|
104
118
|
You can use it for integration or even compliance testing. Create fully portable
|
105
119
|
test profiles and use them in your workflow to ensure stability and security. Integrate
|