inspec 4.7.3 → 4.7.18

data/lib/inspec/utils/filter.rb

@@ -66,12 +66,14 @@ module FilterTable
     def self.to_ruby(trace)
       chain = trace.instance_variable_get(:@chain)
       return "" if chain.empty?
+
       " " + chain.map do |el|
         m = el[0][0]
         args = el[0].drop(1)
         nxt = to_ruby(el[1])
         next m.to_s + nxt if args.empty?
         next m.to_s + " " + args[0].inspect + nxt if args.length == 1
+
         m.to_s + "(" + args.map(&:inspect).join(", ") + ")" + nxt
       end.join(" ")
     end
@@ -91,7 +93,7 @@ module FilterTable
     # block; then construct a new Table of the same class as ourselves,
     # wrapping the filtered data, and return it.
     def where(conditions = {}, &block)
-      return self if !conditions.is_a?(Hash)
+      return self unless conditions.is_a?(Hash)
       return self if conditions.empty? && !block_given?
 
       # Initialize the details of the new Table.
@@ -101,7 +103,8 @@ module FilterTable
       # If we were provided params, interpret them as criteria to be evaluated
       # against the raw data. Criteria are assumed to be hash keys.
       conditions.each do |raw_field_name, desired_value|
-        raise(ArgumentError, "'#{decorate_symbols(raw_field_name)}' is not a recognized criterion - expected one of #{decorate_symbols(list_fields).join(', ')}'") unless field?(raw_field_name)
+        raise(ArgumentError, "'#{decorate_symbols(raw_field_name)}' is not a recognized criterion - expected one of #{decorate_symbols(list_fields).join(", ")}'") unless field?(raw_field_name)
+
         populate_lazy_field(raw_field_name, desired_value) if is_field_lazy?(raw_field_name)
         new_criteria_string += " #{raw_field_name} == #{desired_value.inspect}"
         filtered_raw_data = filter_raw_data(filtered_raw_data, raw_field_name, desired_value)
@@ -190,8 +193,10 @@ module FilterTable
     def populate_lazy_field(field_name, criterion)
       return unless is_field_lazy?(field_name)
       return if field_populated?(field_name)
+
       raw_data.each do |row|
         next if row.key?(field_name) # skip row if pre-existing data is present
+
         callback_for_lazy_field(field_name).call(row, criterion, self)
       end
       mark_lazy_field_populated(field_name)
@@ -206,6 +211,7 @@ module FilterTable
 
     def callback_for_lazy_field(field_name)
       return unless is_field_lazy?(field_name)
+
       custom_properties_schema.values.find do |property_struct|
         property_struct.field_name == field_name
       end.opts[:lazy]
@@ -224,17 +230,20 @@ module FilterTable
     def matches_float(x, y)
       return false if x.nil?
       return false if !x.is_a?(Float) && (x =~ /\A[-+]?(\d+\.?\d*|\.\d+)\z/).nil?
+
       x.to_f == y
     end
 
     def matches_int(x, y)
       return false if x.nil?
       return false if !x.is_a?(Integer) && (x =~ /\A[-+]?\d+\z/).nil?
+
       x.to_i == y
     end
 
     def matches_regex(x, y)
       return x == y if x.is_a?(Regexp)
+
       !x.to_s.match(y).nil?
     end
 
@@ -257,6 +266,7 @@ module FilterTable
 
       current_raw_data.find_all do |row|
         next unless row.key?(field)
+
         send(method_ref, row[field], desired_value)
       end
     end
@@ -265,6 +275,7 @@ module FilterTable
       return thing.map { |t| decorate_symbols(t) } if thing.is_a?(Array)
       return ":" + thing.to_s if thing.is_a? Symbol
       return thing + " (String)" if thing.is_a? String
+
       thing
     end
   end
@@ -273,7 +284,7 @@ module FilterTable
     CustomPropertyType = Struct.new(:field_name, :block, :opts)
 
     def initialize
-      @filter_methods = [:where, :entries, :raw_data]
+      @filter_methods = %i{where entries raw_data}
       @custom_properties = {}
       register_custom_matcher(:exist?) { |table| !table.raw_data.empty? }
       register_custom_property(:count) { |table|  table.raw_data.count }
@@ -313,6 +324,7 @@ module FilterTable
         # Install a method that can wrap all the fields into a context with accessors
         define_method :create_eval_context_for_row do |row_as_hash, criteria_string = ""|
           return row_eval_context_type.new if row_as_hash.nil?
+
           context = row_eval_context_type.new(*non_block_struct_fields.map { |field| row_as_hash[field] })
           context.criteria_string = criteria_string
           context.filter_table = self
@@ -330,6 +342,7 @@ module FilterTable
       # a setter for each field.
       @custom_properties.values.each do |property_info|
         next unless property_info.opts[:lazy]
+
         field_name = property_info.field_name.to_sym
         row_eval_context_type.send(:define_method, field_name) do
           unless filter_table.field_populated?(field_name)

data/lib/inspec/utils/find_files.rb

@@ -38,7 +38,7 @@ module FindFiles
     end
 
     result.stdout.split("\n")
-          .map(&:strip)
-          .find_all { |x| !x.empty? }
+      .map(&:strip)
+      .find_all { |x| !x.empty? }
   end
 end

data/lib/inspec/utils/object_traversal.rb

@@ -15,6 +15,7 @@ module ObjectTraverser
 
     # if there are no more keys, just return the value
     return value if keys.first.nil?
+
     # if there are more keys, extract more
     extract_value(keys.clone, value)
   end

data/lib/inspec/utils/parser.rb

@@ -8,6 +8,7 @@ module PasswdParser
   def parse_passwd(content)
     content.to_s.split("\n").map do |line|
       next if line[0] == "#"
+
       parse_passwd_line(line)
     end.compact
   end
@@ -224,6 +225,7 @@ module XinetdParser
 
   def parse_xinetd(raw) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
     return {} if raw.nil?
+
     res = {}
     cur_group = nil
     simple_conf = []

data/lib/inspec/utils/simpleconfig.rb

@@ -26,7 +26,7 @@ class SimpleConfig
     return if raw_data.nil?
 
     # prepare raw data if required
-    if !options[:line_separator].nil?
+    unless options[:line_separator].nil?
       raw_data = raw_data.tr(options[:line_separator], "\n")
     end
     rest = raw_data
@@ -67,8 +67,10 @@ class SimpleConfig
 
   def parse_group_line(line, opts)
     return nil if opts[:group_re].nil?
+
     m = opts[:group_re].match(line)
     return nil if m.nil?
+
     @groups.push(m[1])
 
     # We use a Hashie::Mash to provide method syntax for retrieving
@@ -81,6 +83,7 @@ class SimpleConfig
 
   def parse_implicit_assignment_line(line, opts)
     return nil if is_empty_line(line)
+
     if opts[:multiple_values]
       @vals[line.strip] ||= []
     else

data/lib/inspec/utils/telemetry/global_methods.rb

@@ -9,6 +9,7 @@ module Inspec
   def self.record_telemetry_data(data_series_name, data_point = nil)
     coll = Inspec::Telemetry::Collector.instance
     return unless coll.telemetry_enabled?
+
     ds = coll.find_or_create_data_series(data_series_name)
     return unless ds.enabled?
 

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.7.3".freeze
+  VERSION = "4.7.18".freeze
 end

data/lib/matchers/matchers.rb

@@ -221,6 +221,7 @@ RSpec::Matchers.define :cmp do |first_expected| # rubocop:disable Metrics/BlockL
 
   def octal?(value)
     return false unless value.is_a?(String)
+
     !(value =~ /\A0+[0-7]+\Z/).nil?
   end
 
@@ -274,11 +275,12 @@ RSpec::Matchers.define :cmp do |first_expected| # rubocop:disable Metrics/BlockL
     @operation ||= :==
     @expected ||= first_expected
     return actual === @expected if @operation == :=== # rubocop:disable Style/CaseEquality
+
     actual = actual[0] if actual.is_a?(Array) && !@expected.is_a?(Array) && actual.length == 1
     try_match(actual, @operation, @expected)
   end
 
-  [:==, :'!=', :<, :<=, :>=, :>, :===, :=~].each do |op|
+  %i{== != < <= >= > === =~}.each do |op|
     chain(op) do |x|
       @operation = op
       @expected = x
@@ -287,6 +289,7 @@ RSpec::Matchers.define :cmp do |first_expected| # rubocop:disable Metrics/BlockL
 
   def format_expectation(negate)
     return "expected: " + @expected.inspect if @operation == :== && !negate
+
     negate_str = negate ? "not " : ""
     "expected it #{negate_str}to be #{@operation} #{@expected.inspect}"
   end

data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb

@@ -29,11 +29,11 @@ module InspecPlugins
       def self.keygen(options)
         key = KEY_ALG.new KEY_BITS
         puts "Generating private key"
-        open "#{options['keyname']}.pem.key", "w" do |io|
+        open "#{options["keyname"]}.pem.key", "w" do |io|
           io.write key.to_pem
         end
         puts "Generating public key"
-        open "#{options['keyname']}.pem.pub", "w" do |io|
+        open "#{options["keyname"]}.pem.pub", "w" do |io|
           io.write key.public_key.to_pem
         end
       end
@@ -41,13 +41,13 @@ module InspecPlugins
       def self.profile_sign(options)
         artifact = new
         Dir.mktmpdir do |workdir|
-          puts "Signing #{options['profile']} with key #{options['keyname']}"
+          puts "Signing #{options["profile"]} with key #{options["keyname"]}"
           path_to_profile = options["profile"]
           profile_md = artifact.read_profile_metadata(path_to_profile)
-          artifact_filename = "#{profile_md['name']}-#{profile_md['version']}.#{SIGNED_PROFILE_SUFFIX}"
+          artifact_filename = "#{profile_md["name"]}-#{profile_md["version"]}.#{SIGNED_PROFILE_SUFFIX}"
           tarfile = artifact.profile_compress(path_to_profile, profile_md, workdir)
           content = IO.binread(tarfile)
-          signing_key = KEY_ALG.new File.read "#{options['keyname']}.pem.key"
+          signing_key = KEY_ALG.new File.read "#{options["keyname"]}.pem.key"
           sha = ARTIFACT_DIGEST.new
           signature = signing_key.sign sha, content
           # convert the signature to Base64
@@ -93,17 +93,18 @@ module InspecPlugins
         begin
           p = Pathname.new(path_to_profile)
           p = p.join("inspec.yml")
-          if not p.exist?
+          unless p.exist?
             raise "#{path_to_profile} doesn't appear to be a valid #{PRODUCT_NAME} profile"
           end
+
           yaml = YAML.load_file(p.to_s)
           yaml = yaml.to_hash
 
-          if not yaml.key? "name"
+          unless yaml.key? "name"
             raise "Profile is invalid, name is not defined"
           end
 
-          if not yaml.key? "version"
+          unless yaml.key? "version"
             raise "Profile is invalid, version is not defined"
           end
         rescue => e
@@ -125,12 +126,12 @@ module InspecPlugins
       def valid_header?(file_alg, file_version, file_keyname)
         public_keyfile = "#{file_keyname}.pem.pub"
         puts "Looking for #{public_keyfile} to verify artifact"
-        if !File.exist? public_keyfile
+        unless File.exist? public_keyfile
           raise "Can't find #{public_keyfile}"
         end
 
-        raise "Invalid artifact digest algorithm detected" if !VALID_PROFILE_DIGESTS.member?(file_alg)
-        raise "Invalid artifact version detected" if !VALID_PROFILE_VERSIONS.member?(file_version)
+        raise "Invalid artifact digest algorithm detected" unless VALID_PROFILE_DIGESTS.member?(file_alg)
+        raise "Invalid artifact version detected" unless VALID_PROFILE_VERSIONS.member?(file_version)
       end
 
       def verify(file_to_verifiy, &content_block)

data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb

@@ -11,7 +11,7 @@ class ArtifactCli < Minitest::Test
 
   def test_generating_archive_keys
     Dir.mktmpdir do |dir|
-      unique_key_name = SecureRandom.uuid()
+      unique_key_name = SecureRandom.uuid
       out = run_inspec_process("artifact generate --keyname #{unique_key_name}", prefix: "cd #{dir} &&")
       assert_equal 0, out.exit_status
 
@@ -23,8 +23,8 @@ class ArtifactCli < Minitest::Test
 
   def test_verify_and_install_signed_profile
     Dir.mktmpdir do |dir|
-      unique_key_name = SecureRandom.uuid()
-      install_dir = File.join(dir, SecureRandom.uuid())
+      unique_key_name = SecureRandom.uuid
+      install_dir = File.join(dir, SecureRandom.uuid)
       FileUtils.mkdir(install_dir)
 
       # create profile

data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb

@@ -27,13 +27,13 @@ module InspecPlugins
 
         # Chef Compliance
         if is_compliance_server?(config)
-          url = "#{config['server']}/user/compliance"
+          url = "#{config["server"]}/user/compliance"
         # Chef Automate2
         elsif is_automate2_server?(config)
-          url = "#{config['server']}/compliance/profiles/search"
+          url = "#{config["server"]}/compliance/profiles/search"
         # Chef Automate
         elsif is_automate_server?(config)
-          url = "#{config['server']}/profiles/#{owner}"
+          url = "#{config["server"]}/profiles/#{owner}"
         else
           raise ServerConfigurationMissing
         end
@@ -122,15 +122,15 @@ module InspecPlugins
       def self.upload(config, owner, profile_name, archive_path)
         # Chef Compliance
         if is_compliance_server?(config)
-          url = "#{config['server']}/owners/#{owner}/compliance/#{profile_name}/tar"
+          url = "#{config["server"]}/owners/#{owner}/compliance/#{profile_name}/tar"
         # Chef Automate pre 0.8.0
         elsif is_automate_server_pre_080?(config)
-          url = "#{config['server']}/#{owner}"
+          url = "#{config["server"]}/#{owner}"
         elsif is_automate2_server?(config)
-          url = "#{config['server']}/compliance/profiles?owner=#{owner}"
+          url = "#{config["server"]}/compliance/profiles?owner=#{owner}"
         # Chef Automate
         else
-          url = "#{config['server']}/profiles/#{owner}"
+          url = "#{config["server"]}/profiles/#{owner}"
         end
 
         headers = get_headers(config)
@@ -209,6 +209,7 @@ module InspecPlugins
 
       def self.get_token(config)
         return config["token"] unless config["refresh_token"]
+
         _success, _msg, token = get_token_via_refresh_token(config["server"], config["refresh_token"], config["insecure"])
         token
       end
@@ -216,13 +217,13 @@ module InspecPlugins
       def self.target_url(config, profile)
         owner, id, ver = profile_split(profile)
 
-        return "#{config['server']}/compliance/profiles/tar" if is_automate2_server?(config)
-        return "#{config['server']}/owners/#{owner}/compliance/#{id}/tar" unless is_automate_server?(config)
+        return "#{config["server"]}/compliance/profiles/tar" if is_automate2_server?(config)
+        return "#{config["server"]}/owners/#{owner}/compliance/#{id}/tar" unless is_automate_server?(config)
 
         if ver.nil?
-          "#{config['server']}/profiles/#{owner}/#{id}/tar"
+          "#{config["server"]}/profiles/#{owner}/#{id}/tar"
         else
-          "#{config['server']}/profiles/#{owner}/#{id}/version/#{ver}/tar"
+          "#{config["server"]}/profiles/#{owner}/#{id}/version/#{ver}/tar"
         end
       end
 
@@ -249,6 +250,7 @@ module InspecPlugins
       def self.is_automate_server_pre_080?(config)
         # Automate versions before 0.8.x do not have a valid version in the config
         return false unless config["server_type"] == "automate"
+
         server_version_from_config(config).nil?
       end
 
@@ -256,6 +258,7 @@ module InspecPlugins
         # Automate versions 0.8.x and later will have a "version" key in the config
         # that is properly parsed out via server_version_from_config below
         return false unless config["server_type"] == "automate"
+
         !server_version_from_config(config).nil?
       end
 
@@ -272,6 +275,7 @@ module InspecPlugins
         # that looks like: "version":{"api":"compliance","version":"0.8.24"}
         return nil unless config.key?("version")
         return nil unless config["version"].is_a?(Hash)
+
         config["version"]["version"]
       end
 

data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb

@@ -11,7 +11,7 @@ module InspecPlugins
         def login(options)
           raise ArgumentError, "Please specify a server using `#{EXEC_NAME} compliance login https://SERVER`" unless options["server"]
 
-          options["server"] = URI("https://#{options['server']}").to_s if URI(options["server"]).scheme.nil?
+          options["server"] = URI("https://#{options["server"]}").to_s if URI(options["server"]).scheme.nil?
 
           options["server_type"] = InspecPlugins::Compliance::API.determine_server_type(options["server"], options["insecure"])
 
@@ -23,7 +23,7 @@ module InspecPlugins
           when :compliance
             Login::ComplianceServer.login(options)
           else
-            raise CannotDetermineServerType, "Unable to determine if #{options['server']} is a #{AUTOMATE_PRODUCT_NAME} or #{COMPLIANCE_PRODUCT_NAME} server"
+            raise CannotDetermineServerType, "Unable to determine if #{options["server"]} is a #{AUTOMATE_PRODUCT_NAME} or #{COMPLIANCE_PRODUCT_NAME} server"
           end
         end
 
@@ -143,6 +143,7 @@ module InspecPlugins
             )
 
             raise msg unless success
+
             compliance_store_access_token(options, token)
           end
 
@@ -154,6 +155,7 @@ module InspecPlugins
             )
 
             raise msg unless success
+
             compliance_store_access_token(options, token)
           end
 

data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb

@@ -37,7 +37,7 @@ module InspecPlugins
         options["server"] = server
         InspecPlugins::Compliance::API.login(options)
         config = InspecPlugins::Compliance::Configuration.new
-        puts "Stored configuration for Chef #{config['server_type'].capitalize}: #{config['server']}' with user: '#{config['user']}'"
+        puts "Stored configuration for Chef #{config["server_type"].capitalize}: #{config["server"]}' with user: '#{config["user"]}'"
       end
 
       desc "profiles", "list all available profiles in #{COMPLIANCE_PRODUCT_NAME}"
@@ -45,7 +45,7 @@ module InspecPlugins
         desc: "owner whose profiles to list"
       def profiles
         config = InspecPlugins::Compliance::Configuration.new
-        return if !loggedin(config)
+        return unless loggedin(config)
 
         # set owner to config
         config["owner"] = options["owner"] || config["user"]
@@ -57,7 +57,7 @@ module InspecPlugins
           headline("Available profiles:")
           profiles.each do |profile|
             owner = profile["owner_id"] || profile["owner"]
-            li("#{profile['title']} v#{profile['version']} (#{mark_text(owner + '/' + profile['name'])})")
+            li("#{profile["title"]} v#{profile["version"]} (#{mark_text(owner + "/" + profile["name"])})")
           end
         else
           puts msg if msg != "success"
@@ -73,7 +73,8 @@ module InspecPlugins
       exec_options
       def exec(*tests)
         config = InspecPlugins::Compliance::Configuration.new
-        return if !loggedin(config)
+        return unless loggedin(config)
+
         o = opts(:exec).dup
         diagnose(o)
         configure_logger(o)
@@ -98,7 +99,7 @@ module InspecPlugins
         configure_logger(o)
 
         config = InspecPlugins::Compliance::Configuration.new
-        return if !loggedin(config)
+        return unless loggedin(config)
 
         profile_name = InspecPlugins::Compliance::API.sanitize_profile_name(profile_name)
         if InspecPlugins::Compliance::API.exist?(config, profile_name)
@@ -127,7 +128,7 @@ module InspecPlugins
         desc: "Owner that should own the profile"
       def upload(path) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity, Metrics/CyclomaticComplexity
         config = InspecPlugins::Compliance::Configuration.new
-        return if !loggedin(config)
+        return unless loggedin(config)
 
         # set owner to config
         config["owner"] = options["owner"] || config["user"]
@@ -177,7 +178,7 @@ module InspecPlugins
 
         # check that the profile is not uploaded already,
         # confirm upload to the user (overwrite with --force)
-        if InspecPlugins::Compliance::API.exist?(config, "#{config['owner']}/#{profile_name}##{profile_version}") && !options["overwrite"]
+        if InspecPlugins::Compliance::API.exist?(config, "#{config["owner"]}/#{profile_name}##{profile_version}") && !options["overwrite"]
           error.call("Profile exists on the server, use --overwrite")
         end
 
@@ -198,7 +199,7 @@ module InspecPlugins
           archive_path = path
         end
 
-        puts "Start upload to #{config['owner']}/#{profile_name}"
+        puts "Start upload to #{config["owner"]}/#{profile_name}"
         pname = ERB::Util.url_encode(profile_name)
 
         if InspecPlugins::Compliance::API.is_automate_server?(config) || InspecPlugins::Compliance::API.is_automate2_server?(config)
@@ -225,8 +226,8 @@ module InspecPlugins
         config = InspecPlugins::Compliance::Configuration.new
         info = InspecPlugins::Compliance::API.version(config)
         if !info.nil? && info["version"]
-          puts "Name:    #{info['api']}"
-          puts "Version: #{info['version']}"
+          puts "Name:    #{info["api"]}"
+          puts "Version: #{info["version"]}"
         else
           puts "Could not determine server version."
           exit 1
@@ -241,7 +242,7 @@ module InspecPlugins
         config = InspecPlugins::Compliance::Configuration.new
         unless config.supported?(:oidc) || config["token"].nil? || config["server_type"] == "automate"
           config = InspecPlugins::Compliance::Configuration.new
-          url = "#{config['server']}/logout"
+          url = "#{config["server"]}/logout"
           InspecPlugins::Compliance::HTTP.post(url, config["token"], config["insecure"], !config.supported?(:oidc))
         end
         success = config.destroy
@@ -257,7 +258,7 @@ module InspecPlugins
 
       def loggedin(config)
         serverknown = !config["server"].nil?
-        puts "You need to login first with `#{EXEC_NAME} compliance login`" if !serverknown
+        puts "You need to login first with `#{EXEC_NAME} compliance login`" unless serverknown
         serverknown
       end
     end