RubyGems - inspec - Versions diffs - 0.15.0 → 0.16.0 - Mend

inspec 0.15.0 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (79) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6ca71e169ffd037a7a61f99fc09188424a137168
-  data.tar.gz: 1aa83936f8b464a2044a7fae20cb14ddce1bdb87
+  metadata.gz: 243a577f37796094ac8a136876c11d14ded819c2
+  data.tar.gz: 7a95c3d207666f7d91c7ccb10316432d1ba70dd6
 SHA512:
-  metadata.gz: 774c8531d3bfdcab1c0a0587f670c09ab39099e89ff07a79e68c37bb3798e1a1a75e0b613c80a7bc7f8fb492c797ec26b04a12298a0493ddfd0d7784059cfb99
-  data.tar.gz: 4335e3fa250d9b6e3b54e25c82289fb3f232452ced7ad0d1a781349b2ae415d8b9533824c4ffda2f53340a96da0cea3720dd630637b59a6286511021672c3945
+  metadata.gz: 4d66e309baed6ba892f9b5fc4c03f488afc7886dc67c88bcf4a9d97e32e2a5cdbbb4e475e792e3f6d4199ea034177fd8a3698063a0d8b4d36d60b626eecfa993
+  data.tar.gz: 03d6a852e3d9e3d629e1e1d44555973ea69f66d78d630ebd80bbdcddcff6035a96a03416a58c02fcc757cbc01f838ef36e6b44ef17a41692204d6120d17426e8

data/CHANGELOG.md CHANGED Viewed

@@ -1,7 +1,44 @@
 # Change Log
-## [0.15.0](https://github.com/chef/inspec/tree/0.15.0) (2016-03-09)
-[Full Changelog](https://github.com/chef/inspec/compare/v0.14.8...0.15.0)
+## [0.16.0](https://github.com/chef/inspec/tree/0.16.0) (2016-03-19)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.15.0...0.16.0)
+**Implemented enhancements:**
+- Read Chef attributes within the tests ? [\#541](https://github.com/chef/inspec/issues/541)
+- A resource to test http GET calls [\#538](https://github.com/chef/inspec/issues/538)
+- rename `script` resource to `powershell` resource [\#553](https://github.com/chef/inspec/pull/553) ([chris-rock](https://github.com/chris-rock))
+- add fulljson formatter [\#552](https://github.com/chef/inspec/pull/552) ([arlimus](https://github.com/arlimus))
+- feature: add tags and refs [\#551](https://github.com/chef/inspec/pull/551) ([arlimus](https://github.com/arlimus))
+- fix detect + add output option to archive command [\#546](https://github.com/chef/inspec/pull/546) ([arlimus](https://github.com/arlimus))
+- adding named resource registry classes [\#540](https://github.com/chef/inspec/pull/540) ([adamleff](https://github.com/adamleff))
+- add output stream to rspec configuration [\#529](https://github.com/chef/inspec/pull/529) ([vjeffrey](https://github.com/vjeffrey))
+- Move integration tests to test/integration [\#468](https://github.com/chef/inspec/pull/468) ([chris-rock](https://github.com/chris-rock))
+**Fixed bugs:**
+- fix inspec shell and continuously test it [\#556](https://github.com/chef/inspec/pull/556) ([arlimus](https://github.com/arlimus))
+- bugfix: prevent duplicate loading of library files [\#547](https://github.com/chef/inspec/pull/547) ([arlimus](https://github.com/arlimus))
+- fix detect + add output option to archive command [\#546](https://github.com/chef/inspec/pull/546) ([arlimus](https://github.com/arlimus))
+- bugfix: archive command with inheritance-based profiles [\#545](https://github.com/chef/inspec/pull/545) ([arlimus](https://github.com/arlimus))
+**Closed issues:**
+- Add additional metadata to the control definition to allow for more complete mapping to security guidance documents [\#536](https://github.com/chef/inspec/issues/536)
+- CLI: Specifying --profiles-path on check succeeds but displays usage error on archive [\#535](https://github.com/chef/inspec/issues/535)
+- inspec failing to connect to Compliance \(SSL certificate error\) [\#531](https://github.com/chef/inspec/issues/531)
+**Merged pull requests:**
+- mock fetcher [\#550](https://github.com/chef/inspec/pull/550) ([arlimus](https://github.com/arlimus))
+- testing: add inspec exec tests with json formatter [\#549](https://github.com/chef/inspec/pull/549) ([arlimus](https://github.com/arlimus))
+- dont generate pretty json by default [\#548](https://github.com/chef/inspec/pull/548) ([arlimus](https://github.com/arlimus))
+- Add title, description, code, and source\_location to example metadata [\#543](https://github.com/chef/inspec/pull/543) ([vjeffrey](https://github.com/vjeffrey))
+- add functional tests for cli [\#542](https://github.com/chef/inspec/pull/542) ([arlimus](https://github.com/arlimus))
+- Add a Gitter chat badge to README.md [\#530](https://github.com/chef/inspec/pull/530) ([gitter-badger](https://github.com/gitter-badger))
+## [v0.15.0](https://github.com/chef/inspec/tree/v0.15.0) (2016-03-09)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.14.8...v0.15.0)
 **Implemented enhancements:**
@@ -20,6 +57,7 @@
 **Merged pull requests:**
+- 0.15.0 [\#528](https://github.com/chef/inspec/pull/528) ([arlimus](https://github.com/arlimus))
 - 0.14.9 [\#525](https://github.com/chef/inspec/pull/525) ([arlimus](https://github.com/arlimus))
 ## [v0.14.8](https://github.com/chef/inspec/tree/v0.14.8) (2016-03-04)

data/Gemfile CHANGED Viewed

@@ -19,10 +19,9 @@ end
 group :integration do
   gem 'berkshelf', '~> 4.0'
-  gem 'test-kitchen'
+  gem 'test-kitchen', '~> 1.6'
   gem 'kitchen-vagrant'
-  gem 'kitchen-inspec'
-  gem 'winrm-transport', '~> 1.0'
+  gem 'kitchen-inspec', '0.12.5'
   gem 'kitchen-ec2'
 end

data/README.md CHANGED Viewed

@@ -1,5 +1,7 @@
 # InSpec: Inspect Your Infrastructure
+[![Join the chat at https://gitter.im/chef/inspec](https://badges.gitter.im/chef/inspec.svg)](https://gitter.im/chef/inspec?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 InSpec is an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.
 ```ruby

data/Rakefile CHANGED Viewed

@@ -35,6 +35,14 @@ namespace :test do
     end or fail 'Failures'
   end
+  Rake::TestTask.new(:functional) do |t|
+    t.libs << 'test'
+    t.pattern = 'test/functional/**/*_test.rb'
+    t.warning = true
+    t.verbose = true
+    t.ruby_opts = ['--dev'] if defined?(JRUBY_VERSION)
+  end
   task :resources do
     tests = Dir['test/resource/*_test.rb']
     return if tests.empty?

data/bin/inspec CHANGED Viewed

@@ -4,162 +4,6 @@
 # author: Dominik Richter
 # author: Christoph Hartmann
-require 'thor'
-require 'json'
-require 'pp'
-require_relative '../lib/utils/base_cli'
 require_relative '../lib/inspec'
-require_relative '../lib/utils/json_log'
-class Inspec::InspecCLI < Inspec::BaseCLI # rubocop:disable Metrics/ClassLength
-  class_option :diagnose, type: :boolean,
-    desc: 'Show diagnostics (versions, configurations)'
-  desc 'json PATH', 'read all tests in PATH and generate a JSON summary'
-  option :id, type: :string,
-    desc: 'Attach a profile ID to all test results'
-  option :output, aliases: :o, type: :string,
-    desc: 'Save the created profile to a path'
-  profile_options
-  def json(target)
-    diagnose
-    o = opts.dup
-    o[:ignore_supports] = true
-    profile = Inspec::Profile.for_target(target, o)
-    dst = o[:output].to_s
-    if dst.empty?
-      puts JSON.pretty_generate(profile.info)
-    else
-      if File.exist? dst
-        puts "----> updating #{dst}"
-      else
-        puts "----> creating #{dst}"
-      end
-      fdst = File.expand_path(dst)
-      File.write(fdst, JSON.dump(profile.info))
-    end
-  end
-  desc 'check PATH', 'verify all tests at the specified PATH'
-  option :format, type: :string
-  profile_options
-  def check(path) # rubocop:disable Metrics/AbcSize
-    diagnose
-    o = opts.dup
-    # configure_logger(o) # we do not need a logger for check yet
-    o[:ignore_supports] = true # we check for integrity only
-    # run check
-    profile = Inspec::Profile.for_target(path, o)
-    result = profile.check
-    if opts['format'] == 'json'
-      puts JSON.generate(result)
-    else
-      headline('Summary')
-      %w{location profile controls timestamp valid}.each { |item|
-        puts "#{mark_text(item.to_s.capitalize + ':')} #{result[:summary][item.to_sym]}"
-      }
-      puts
-      %w{errors warnings}.each { |list|
-        headline(list.to_s.capitalize)
-        result[list.to_sym].each { |item|
-          puts "#{item[:file]}:#{item[:line]}:#{item[:column]}: #{item[:msg]} "
-        }
-        puts
-      }
-    end
-    exit 1 unless result[:summary][:valid]
-  end
-  desc 'archive PATH', 'archive a profile to tar.gz (default) or zip'
-  option :zip, type: :boolean, default: false,
-    desc: 'Generates a zip archive.'
-  option :tar, type: :boolean, default: false,
-    desc: 'Generates a tar.gz archive.'
-  option :overwrite, type: :boolean, default: false,
-    desc: 'Overwrite existing archive.'
-  option :ignore_errors, type: :boolean, default: false,
-    desc: 'Ignore profile warnings.'
-  def archive(path)
-    diagnose
-    o = opts.dup
-    o[:logger] = Logger.new(STDOUT)
-    o[:logger].level = get_log_level(o.log_level)
-    profile = Inspec::Profile.for_target(path, o)
-    result = profile.check
-    if result && !opts[:ignore_errors] == false
-      @logger.info 'Profile check failed. Please fix the profile before generating an archive.'
-      return exit 1
-    end
-    # generate archive
-    exit 1 unless profile.archive(opts)
-  end
-  desc 'exec PATHS', 'run all test files at the specified PATH.'
-  exec_options
-  def exec(*targets)
-    diagnose
-    run_tests(targets, opts)
-  end
-  desc 'detect', 'detect the target OS'
-  target_options
-  def detect
-    diagnose
-    rel = File.join(File.dirname(__FILE__), *%w{.. lib utils detect.rb})
-    detect_util = File.expand_path(rel)
-    # exits on execution:
-    runner = Inspec::Runner.new(opts)
-    profile = Inspec::Profile.for_target(detect_util, opts)
-    runner.add_profile(profile)
-    exit runner.run
-  rescue RuntimeError => e
-    puts e.message
-  end
-  desc 'shell', 'open an interactive debugging shell'
-  target_options
-  option :format, type: :string, default: Inspec::NoSummaryFormatter, hide: true
-  def shell_func
-    diagnose
-    o = opts.dup
-    o[:logger] = Logger.new(STDOUT)
-    o[:logger].level = get_log_level(o.log_level)
-    runner = Inspec::Runner.new(o)
-    Inspec::Shell.new(runner).start
-  rescue RuntimeError => e
-    puts e.message
-  end
-  desc 'version', 'prints the version of this tool'
-  def version
-    puts Inspec::VERSION
-  end
-end
-# Load all plugins on startup
-ctl = Inspec::PluginCtl.new
-ctl.list.each { |x| ctl.load(x) }
-# load CLI plugins before the Inspec CLI has been started
-Inspec::Plugins::CLI.subcommands.each { |_subcommand, params|
-  Inspec::InspecCLI.register(
-    params[:klass],
-    params[:subcommand_name],
-    params[:usage],
-    params[:description],
-    params[:options],
-  )
-}
-# start the CLI
+require_relative '../lib/inspec/cli'
 Inspec::InspecCLI.start(ARGV)

data/docs/resources.rst CHANGED Viewed

@@ -42,9 +42,9 @@ The following InSpec audit resources are available:
 * `port`_
 * `postgres_conf`_
 * `postgres_session`_
+* `powershell`_
 * `processes`_
 * `registry_key`_
-* `script`_
 * `security_policy`_
 * `service`_
 * `ssh_config`_
@@ -3525,6 +3525,84 @@ The following examples show how to use this InSpec audit resource.
+powershell
+=====================================================
+Use the ``powershell`` |inspec resource| to test a |powershell| script on the |windows| platform.
+**Stability: Experimental**
+Syntax
+-----------------------------------------------------
+A ``powershell`` |inspec resource| block declares a script to be tested, and then a command that should be part of that script:
+.. code-block:: ruby
+   script = <<-EOH
+     # you powershell script
+   EOH
+   describe powershell(script) do
+     its('matcher') { should eq 'output' }
+   end
+where
+* ``'script'`` must specify a Powershell script to be run
+* ``'matcher'`` is one of ``exit_status``, ``stderr``, or ``stdout``
+* ``'output'`` tests the output of the command run on the system versus the output value stated in the test
+Matchers
+-----------------------------------------------------
+This InSpec audit resource has the following matchers.
+exit_status
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+The ``exit_status`` matcher tests the exit status for the command:
+.. code-block:: ruby
+   its('exit_status') { should eq 123 }
+stderr
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+The ``stderr`` matcher tests results of the command as returned in standard error (stderr):
+.. code-block:: ruby
+   its('stderr') { should eq 'error' }
+stdout
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+The ``stdout`` matcher tests results of the command as returned in standard output (stdout):
+.. code-block:: ruby
+   its('stdout') { should eq '/^1$/' }
+Examples
+-----------------------------------------------------
+The following examples show how to use this InSpec audit resource.
+**Get all groups of Administrator user**
+.. code-block:: ruby
+   myscript = <<-EOH
+     # find user
+     $user = Get-WmiObject Win32_UserAccount -filter "Name = 'Administrator'"
+     # get related groups
+     $groups = $user.GetRelated('Win32_Group') | Select-Object -Property Caption, Domain, Name, LocalAccount, SID, SIDType, Status
+     $groups | ConvertTo-Json
+   EOH
+   describe script(myscript) do
+     its('stdout') { should_not eq '' }
+   end
 processes
 =====================================================
 Use the ``processes`` |inspec resource| to test properties for programs that are running on the system.
@@ -3651,83 +3729,6 @@ The following examples show how to use this InSpec audit resource.
 where ``'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule'`` is the full path to the setting.
-script
-=====================================================
-Use the ``script`` |inspec resource| to test a |powershell| script on the |windows| platform.
-**Stability: Experimental**
-Syntax
------------------------------------------------------
-A ``script`` |inspec resource| block declares a script to be tested, and then a command that should be part of that script:
-.. code-block:: ruby
-   script = <<-EOH
-     # you powershell script
-   EOH
-   describe script(script) do
-     its('matcher') { should eq 'output' }
-   end
-where
-* ``'script'`` must specify a Powershell script to be run
-* ``'matcher'`` is one of ``exit_status``, ``stderr``, or ``stdout``
-* ``'output'`` tests the output of the command run on the system versus the output value stated in the test
-Matchers
------------------------------------------------------
-This InSpec audit resource has the following matchers.
-exit_status
-+++++++++++++++++++++++++++++++++++++++++++++++++++++
-The ``exit_status`` matcher tests the exit status for the command:
-.. code-block:: ruby
-   its('exit_status') { should eq 123 }
-stderr
-+++++++++++++++++++++++++++++++++++++++++++++++++++++
-The ``stderr`` matcher tests results of the command as returned in standard error (stderr):
-.. code-block:: ruby
-   its('stderr') { should eq 'error' }
-stdout
-+++++++++++++++++++++++++++++++++++++++++++++++++++++
-The ``stdout`` matcher tests results of the command as returned in standard output (stdout):
-.. code-block:: ruby
-   its('stdout') { should eq '/^1$/' }
-Examples
------------------------------------------------------
-The following examples show how to use this InSpec audit resource.
-**Get all groups of Administrator user**
-.. code-block:: ruby
-   myscript = <<-EOH
-     # find user
-     $user = Get-WmiObject Win32_UserAccount -filter "Name = 'Administrator'"
-     # get related groups
-     $groups = $user.GetRelated('Win32_Group') | Select-Object -Property Caption, Domain, Name, LocalAccount, SID, SIDType, Status
-     $groups | ConvertTo-Json
-   EOH
-   describe script(myscript) do
-     its('stdout') { should_not eq '' }
-   end
 security_policy
 =====================================================
 Use the ``security_policy`` |inspec resource| to test security policies on the |windows| platform.