inspec 0.29.0 → 0.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5774f3ee48a607acb703378f30751ca137f73baa
-  data.tar.gz: ac25e0e4c2033ed592d167979b5be81c23d7b5ea
+  metadata.gz: 445532339f2a7c592cd2386791ec6dad4423b7cf
+  data.tar.gz: c9199103ea5e588100d2c8137e0dd4a4d8fab5d8
 SHA512:
-  metadata.gz: 8967dac4b642852dee7ea3c21d3b80e54ea33be10a7e517e8a17fbbc93fc8d0e26f014651bf1d1bdf66f2fc9d66eb7a1f1e3fbfd93a904096078229932215da9
-  data.tar.gz: 5ed1b7a369277b8de9c9f2c5742efb202f3b974519b8ac2575aa69642bbf372ac00c54f4bafcb4d6ccab462a41222cce311f9715a453945c08ce39a3347982fc
+  metadata.gz: f5cc4f2ed37f9a4797e5c44b9e478719c2b870dc80eeb4a63f8bda27268e19f885580f0e38f62a241d406e3459cbe7855b7db50bb9e7a524d6f9405b35372261
+  data.tar.gz: e68180568b488a72fff183bfb477d92a977c168817f5b0085420816f79e8f716bedb176bc39013abbe1b85ec53b29b855a0ae5d16a154224ddffb83e73cbb7fd

data/CHANGELOG.md

@@ -1,7 +1,37 @@
 # Change Log
 
-## [0.29.0](https://github.com/chef/inspec/tree/0.29.0) (2016-08-08)
-[Full Changelog](https://github.com/chef/inspec/compare/v0.28.1...0.29.0)
+## [0.30.0](https://github.com/chef/inspec/tree/0.30.0) (2016-08-12)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.29.0...0.30.0)
+
+**Implemented enhancements:**
+
+- introduce dependency resolution \(experimental\) [\#891](https://github.com/chef/inspec/pull/891) ([arlimus](https://github.com/arlimus))
+- Improve windows support of omnibus installer [\#890](https://github.com/chef/inspec/pull/890) ([ksubrama](https://github.com/ksubrama))
+- Add omnibus for inspec [\#658](https://github.com/chef/inspec/pull/658) ([chris-rock](https://github.com/chris-rock))
+
+**Fixed bugs:**
+
+- RHEL postgres data dir is not /var/lib/postgres as coded [\#494](https://github.com/chef/inspec/issues/494)
+- Add readline ignore markers to color escape codes in the shell [\#900](https://github.com/chef/inspec/pull/900) ([stevendanna](https://github.com/stevendanna))
+
+**Closed issues:**
+
+- `inspec exec` help option does not provide any context sensitive help [\#906](https://github.com/chef/inspec/issues/906)
+- Add windows MSI packaging support to omnibus [\#889](https://github.com/chef/inspec/issues/889)
+- tab-completion support in the inspec command line and in the inspec shell :\) [\#607](https://github.com/chef/inspec/issues/607)
+
+**Merged pull requests:**
+
+- auto-generate inspec cli docs [\#911](https://github.com/chef/inspec/pull/911) ([arlimus](https://github.com/arlimus))
+- move test suites to allowed failures until travis is fixed [\#904](https://github.com/chef/inspec/pull/904) ([chris-rock](https://github.com/chris-rock))
+- travis experiment: lower docker concurrency [\#902](https://github.com/chef/inspec/pull/902) ([stevendanna](https://github.com/stevendanna))
+- Improve detection of postgresql conf dir and data dir [\#901](https://github.com/chef/inspec/pull/901) ([stevendanna](https://github.com/stevendanna))
+- Add `inspec env` command to configure shell tab-completion [\#896](https://github.com/chef/inspec/pull/896) ([stevendanna](https://github.com/stevendanna))
+- Support regular expressions for Windows registry key [\#892](https://github.com/chef/inspec/pull/892) ([chris-rock](https://github.com/chris-rock))
+- add integration test for windows file and directory [\#880](https://github.com/chef/inspec/pull/880) ([chris-rock](https://github.com/chris-rock))
+
+## [v0.29.0](https://github.com/chef/inspec/tree/v0.29.0) (2016-08-08)
+[Full Changelog](https://github.com/chef/inspec/compare/v0.28.1...v0.29.0)
 
 **Implemented enhancements:**
 

data/Rakefile

@@ -157,3 +157,56 @@ task :release_docker do
   puts "--> #{cmd}"
   sh('sh', '-c', cmd)
 end
+
+namespace :docs do
+  desc 'Create cli docs'
+  task :cli do
+    res = "=====================================================\n"\
+          "InSpec CLI\n"\
+          "=====================================================\n\n"\
+          "Use the InSpec CLI to run tests and audits against targets "\
+          "using local, SSH, WinRM, or Docker connections.\n\n"
+
+    require 'inspec/cli'
+    cmds = Inspec::InspecCLI.all_commands
+    cmds.keys.sort.each do |key|
+      cmd = cmds[key]
+
+      res << "#{cmd.usage.split.first}\n"\
+             "=====================================================\n\n"
+
+      res << cmd.description.capitalize
+      res << "\n\n"
+
+      res << "Syntax\n"\
+             "-----------------------------------------------------\n\n"
+
+      res << "This subcommand has the following syntax:\n\n"\
+             ".. code-block:: bash\n\n"\
+             "   $ inspec #{cmd.usage}\n\n"
+
+      opts = cmd.options.select { |_, o| !o.hide }
+      unless opts.empty?
+        res << "Options\n"\
+               "-----------------------------------------------------\n\n"\
+               "This subcommand has additional options:\n\n"
+
+        opts.keys.sort.each do |option|
+          opt = cmd.options[option]
+          # TODO: remove when UX of help is reworked 1.0
+          usage = opt.usage.split(', ')
+                     .map { |x| x.tr('[]', '') }
+                     .map { |x| x.start_with?('-') ? x : '-'+x }
+                     .map { |x| '``' + x + '``' }
+          res << "#{usage.join(', ')}\n   #{opt.description}\n\n"
+        end
+
+      end
+      res << "\n\n"
+    end
+
+    dst = 'docs/cli.rst'
+    File.write(dst, res)
+    puts "Documentation generated in #{dst.inspect}"
+  end
+end

data/docs/cli.rst

@@ -0,0 +1,442 @@
+=====================================================
+InSpec CLI
+=====================================================
+
+Use the InSpec CLI to run tests and audits against targets using local, SSH, WinRM, or Docker connections.
+
+archive
+=====================================================
+
+Archive a profile to tar.gz (default) or zip
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec archive PATH
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``--ignore-errors``, ``--no-ignore-errors``
+   Ignore profile warnings.
+
+``-o``, ``--output=OUTPUT``
+   Save the archive to a path
+
+``--overwrite``, ``--no-overwrite``
+   Overwrite existing archive.
+
+``--profiles-path=PROFILES_PATH``
+   Folder which contains referenced profiles.
+
+``--tar``, ``--no-tar``
+   Generates a tar.gz archive.
+
+``--zip``, ``--no-zip``
+   Generates a zip archive.
+
+
+
+check
+=====================================================
+
+Verify all tests at the specified path
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec check PATH
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``--format=FORMAT``
+
+
+``--profiles-path=PROFILES_PATH``
+   Folder which contains referenced profiles.
+
+
+
+compliance
+=====================================================
+
+Chef compliance commands
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec compliance SUBCOMMAND ...
+
+
+
+detect
+=====================================================
+
+Detect the target os
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec detect
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``-b``, ``--backend=BACKEND``
+   Choose a backend: local, ssh, winrm, docker.
+
+``--format=FORMAT``
+
+
+``--host=HOST``
+   Specify a remote host which is tested.
+
+``--json-config=JSON_CONFIG``
+   Read configuration from JSON file (`-` reads from stdin).
+
+``-i``, ``--key-files=one two three``
+   Login key or certificate file for a remote scan.
+
+``-l``, ``--log-level=LOG_LEVEL``
+   Set the log level: info (default), debug, warn, error
+
+``--password=PASSWORD``
+   Login password for a remote scan, if required.
+
+``--path=PATH``
+   Login path to use when connecting to the target (WinRM).
+
+``-p``, ``--port=N``
+   Specify the login port for a remote scan.
+
+``--self-signed``, ``--no-self-signed``
+   Allow remote scans with self-signed certificates (WinRM).
+
+``--ssl``, ``--no-ssl``
+   Use SSL for transport layer encryption (WinRM).
+
+``--sudo``, ``--no-sudo``
+   Run scans with sudo. Only activates on Unix and non-root user.
+
+``--sudo-command=SUDO_COMMAND``
+   Alternate command for sudo.
+
+``--sudo-options=SUDO_OPTIONS``
+   Additional sudo options for a remote scan.
+
+``--sudo-password=SUDO_PASSWORD``
+   Specify a sudo password, if it is required.
+
+``-t``, ``--target=TARGET``
+   Simple targeting option using URIs, e.g. ssh://user:pass@host:port
+
+``--user=USER``
+   The login user for a remote scan.
+
+
+
+env
+=====================================================
+
+Output shell-appropriate completion configuration
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec env
+
+
+
+exec
+=====================================================
+
+Run all test files at the specified path.
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec exec PATHS
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``--attrs=one two three``
+   Load attributes file (experimental)
+
+``-b``, ``--backend=BACKEND``
+   Choose a backend: local, ssh, winrm, docker.
+
+``--color``, ``--no-color``
+   Use colors in output.
+
+``--controls=one two three``
+   A list of controls to run. Ignore all other tests.
+
+``--format=FORMAT``
+   Which formatter to use: cli, progress, documentation, json, json-min
+
+``--host=HOST``
+   Specify a remote host which is tested.
+
+``--json-config=JSON_CONFIG``
+   Read configuration from JSON file (`-` reads from stdin).
+
+``-i``, ``--key-files=one two three``
+   Login key or certificate file for a remote scan.
+
+``-l``, ``--log-level=LOG_LEVEL``
+   Set the log level: info (default), debug, warn, error
+
+``--password=PASSWORD``
+   Login password for a remote scan, if required.
+
+``--path=PATH``
+   Login path to use when connecting to the target (WinRM).
+
+``-p``, ``--port=N``
+   Specify the login port for a remote scan.
+
+``--profiles-path=PROFILES_PATH``
+   Folder which contains referenced profiles.
+
+``--self-signed``, ``--no-self-signed``
+   Allow remote scans with self-signed certificates (WinRM).
+
+``--ssl``, ``--no-ssl``
+   Use SSL for transport layer encryption (WinRM).
+
+``--sudo``, ``--no-sudo``
+   Run scans with sudo. Only activates on Unix and non-root user.
+
+``--sudo-command=SUDO_COMMAND``
+   Alternate command for sudo.
+
+``--sudo-options=SUDO_OPTIONS``
+   Additional sudo options for a remote scan.
+
+``--sudo-password=SUDO_PASSWORD``
+   Specify a sudo password, if it is required.
+
+``-t``, ``--target=TARGET``
+   Simple targeting option using URIs, e.g. ssh://user:pass@host:port
+
+``--user=USER``
+   The login user for a remote scan.
+
+
+
+help
+=====================================================
+
+Describe available commands or one specific command
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec help [COMMAND]
+
+
+
+init
+=====================================================
+
+Scaffolds a new project
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec init TEMPLATE ...
+
+
+
+json
+=====================================================
+
+Read all tests in path and generate a json summary
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec json PATH
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``--controls=one two three``
+   A list of controls to include. Ignore all other tests.
+
+``-o``, ``--output=OUTPUT``
+   Save the created profile to a path
+
+``--profiles-path=PROFILES_PATH``
+   Folder which contains referenced profiles.
+
+
+
+scap
+=====================================================
+
+Scap commands
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec scap SUBCOMMAND ...
+
+
+
+shell
+=====================================================
+
+Open an interactive debugging shell
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec shell
+
+Options
+-----------------------------------------------------
+
+This subcommand has additional options:
+
+``-b``, ``--backend=BACKEND``
+   Choose a backend: local, ssh, winrm, docker.
+
+``-c``, ``--command=COMMAND``
+
+
+``--host=HOST``
+   Specify a remote host which is tested.
+
+``--json-config=JSON_CONFIG``
+   Read configuration from JSON file (`-` reads from stdin).
+
+``-i``, ``--key-files=one two three``
+   Login key or certificate file for a remote scan.
+
+``-l``, ``--log-level=LOG_LEVEL``
+   Set the log level: info (default), debug, warn, error
+
+``--password=PASSWORD``
+   Login password for a remote scan, if required.
+
+``--path=PATH``
+   Login path to use when connecting to the target (WinRM).
+
+``-p``, ``--port=N``
+   Specify the login port for a remote scan.
+
+``--self-signed``, ``--no-self-signed``
+   Allow remote scans with self-signed certificates (WinRM).
+
+``--ssl``, ``--no-ssl``
+   Use SSL for transport layer encryption (WinRM).
+
+``--sudo``, ``--no-sudo``
+   Run scans with sudo. Only activates on Unix and non-root user.
+
+``--sudo-command=SUDO_COMMAND``
+   Alternate command for sudo.
+
+``--sudo-options=SUDO_OPTIONS``
+   Additional sudo options for a remote scan.
+
+``--sudo-password=SUDO_PASSWORD``
+   Specify a sudo password, if it is required.
+
+``-t``, ``--target=TARGET``
+   Simple targeting option using URIs, e.g. ssh://user:pass@host:port
+
+``--user=USER``
+   The login user for a remote scan.
+
+
+
+supermarket
+=====================================================
+
+Supermarket commands
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec supermarket SUBCOMMAND ...
+
+
+
+version
+=====================================================
+
+Prints the version of this tool
+
+Syntax
+-----------------------------------------------------
+
+This subcommand has the following syntax:
+
+.. code-block:: bash
+
+   $ inspec version
+
+
+