inspec 1.11.0 → 1.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 22bd19e0cf0854eb85632b57eee930bb8de88a7b
-  data.tar.gz: 34154c0b82954d31f5d59dd877b3390e716d7fd3
+  metadata.gz: 716b0f2740402869ee9542519dff597bef2c6239
+  data.tar.gz: 304547b882202c6a9748148987a8a859efe14752
 SHA512:
-  metadata.gz: 81cd38965333e8d651d54a1ce8499279eec91a19abe8e2cbf8ecf6f58ca384fc4abfd580434d4554a864c0bfeace71b02bafdb9f110f26988b2aa2b793868c7e
-  data.tar.gz: 8ffbd0fb553fd662fb369383b7cbbb04c6c1f338ccbe0abe5d8a417263ab8446d5b74feb7c3cc082a8a7fe8d6efa520f48de660a2a07bef72834687b7fed10ff
+  metadata.gz: 2796299fda33d2ad2251e0627c7ecc7ee8e54d2c91e79dc9e03a6c8a1a924fa5105ef77d045a48cbfcc84f0c830187c69f7da6586cf83abce74319eef21a4c5d
+  data.tar.gz: 26174779c09a85bcb8dfbb2d3026113b80e27158ae8d7ad021a7e9b8155b845ab47389c8813808d7ee5bab02c5ad35ae27a41f2c933833f34ad6204c5a5fe508

data/CHANGELOG.md

@@ -1,7 +1,20 @@
 # Change Log
 
-## [1.11.0](https://github.com/chef/inspec/tree/1.11.0) (2017-02-01)
-[Full Changelog](https://github.com/chef/inspec/compare/v1.10.0...1.11.0)
+## [1.12.0](https://github.com/chef/inspec/tree/1.12.0) (2017-02-03)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.11.0...1.12.0)
+
+**Closed issues:**
+
+- `skip` parameter ignored inside `describe` block [\#1450](https://github.com/chef/inspec/issues/1450)
+
+**Merged pull requests:**
+
+- Allow setting of the tests array [\#1455](https://github.com/chef/inspec/pull/1455) ([alexpop](https://github.com/alexpop))
+- switch to faraday as http backend [\#1452](https://github.com/chef/inspec/pull/1452) ([chris-rock](https://github.com/chris-rock))
+- Add FilterTable support to processes resource [\#1451](https://github.com/chef/inspec/pull/1451) ([alexpop](https://github.com/alexpop))
+
+## [v1.11.0](https://github.com/chef/inspec/tree/v1.11.0) (2017-02-01)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.10.0...v1.11.0)
 
 **Implemented enhancements:**
 
@@ -2039,19 +2052,10 @@
 
 **Implemented enhancements:**
 
-- pretty-print resources [\#78](https://github.com/chef/inspec/issues/78)
-- Add networking resources [\#68](https://github.com/chef/inspec/issues/68)
 - Add WinRM transport layer [\#64](https://github.com/chef/inspec/issues/64)
 
-**Fixed bugs:**
-
-- expose all necessary methods in OS resource [\#79](https://github.com/chef/inspec/issues/79)
-
 **Closed issues:**
 
-- script resource [\#74](https://github.com/chef/inspec/issues/74)
-- add project docs [\#72](https://github.com/chef/inspec/issues/72)
-- OS detection on debian does not detect versions [\#39](https://github.com/chef/inspec/issues/39)
 - ensure all resources have a proper to\_s method [\#98](https://github.com/chef/inspec/issues/98)
 - Escape commands before we execute them [\#70](https://github.com/chef/inspec/issues/70)
 
@@ -2078,90 +2082,6 @@
 - Improve unit tests [\#106](https://github.com/chef/inspec/pull/106) ([chris-rock](https://github.com/chris-rock))
 - add to\_s methods to resources, fixes \#98 [\#105](https://github.com/chef/inspec/pull/105) ([chris-rock](https://github.com/chris-rock))
 - 0.7.0 release [\#104](https://github.com/chef/inspec/pull/104) ([chris-rock](https://github.com/chris-rock))
-- implement iptables resource [\#103](https://github.com/chef/inspec/pull/103) ([chris-rock](https://github.com/chris-rock))
-- bugfix: return function if data is already cached [\#102](https://github.com/chef/inspec/pull/102) ([chris-rock](https://github.com/chris-rock))
-- implement apt resource [\#101](https://github.com/chef/inspec/pull/101) ([chris-rock](https://github.com/chris-rock))
-- improve shell [\#100](https://github.com/chef/inspec/pull/100) ([chris-rock](https://github.com/chris-rock))
-- implement host resource [\#99](https://github.com/chef/inspec/pull/99) ([chris-rock](https://github.com/chris-rock))
-- implement bridge resource [\#97](https://github.com/chef/inspec/pull/97) ([chris-rock](https://github.com/chris-rock))
-- interactive shell [\#95](https://github.com/chef/inspec/pull/95) ([arlimus](https://github.com/arlimus))
-- interface resource [\#94](https://github.com/chef/inspec/pull/94) ([chris-rock](https://github.com/chris-rock))
-- lint: dont use undefined vars [\#93](https://github.com/chef/inspec/pull/93) ([arlimus](https://github.com/arlimus))
-- fix delivery dependencies [\#92](https://github.com/chef/inspec/pull/92) ([arlimus](https://github.com/arlimus))
-- improvement: add default print method to resources [\#91](https://github.com/chef/inspec/pull/91) ([arlimus](https://github.com/arlimus))
-- extend os backend helper [\#90](https://github.com/chef/inspec/pull/90) ([chris-rock](https://github.com/chris-rock))
-- integrate docs [\#89](https://github.com/chef/inspec/pull/89) ([chris-rock](https://github.com/chris-rock))
-- integrate docs [\#88](https://github.com/chef/inspec/pull/88) ([chris-rock](https://github.com/chris-rock))
-- script resource [\#87](https://github.com/chef/inspec/pull/87) ([chris-rock](https://github.com/chris-rock))
-- implement group resource [\#85](https://github.com/chef/inspec/pull/85) ([chris-rock](https://github.com/chris-rock))
-- add author header [\#84](https://github.com/chef/inspec/pull/84) ([chris-rock](https://github.com/chris-rock))
-- Resource bugfix [\#83](https://github.com/chef/inspec/pull/83) ([arlimus](https://github.com/arlimus))
-- Resource in resource [\#80](https://github.com/chef/inspec/pull/80) ([arlimus](https://github.com/arlimus))
-- ignore local delivery config [\#77](https://github.com/chef/inspec/pull/77) ([arlimus](https://github.com/arlimus))
-- bugfix user resource for windows [\#76](https://github.com/chef/inspec/pull/76) ([chris-rock](https://github.com/chris-rock))
-- activate lint in travis [\#75](https://github.com/chef/inspec/pull/75) ([arlimus](https://github.com/arlimus))
-- Simplify SSL configuration [\#69](https://github.com/chef/inspec/pull/69) ([arlimus](https://github.com/arlimus))
-- implement user resource [\#67](https://github.com/chef/inspec/pull/67) ([chris-rock](https://github.com/chris-rock))
-- switch from open4 -\> mixlib-shellout [\#66](https://github.com/chef/inspec/pull/66) ([arlimus](https://github.com/arlimus))
-- WinRM path [\#63](https://github.com/chef/inspec/pull/63) ([arlimus](https://github.com/arlimus))
-- bugfix: catch cases where oneget returns an array [\#62](https://github.com/chef/inspec/pull/62) ([chris-rock](https://github.com/chris-rock))
-- extend delivery tests to extra docker images [\#61](https://github.com/chef/inspec/pull/61) ([arlimus](https://github.com/arlimus))
-- rename --key-file to --key on cli [\#60](https://github.com/chef/inspec/pull/60) ([arlimus](https://github.com/arlimus))
-- Simpleconfig groups [\#57](https://github.com/chef/inspec/pull/57) ([arlimus](https://github.com/arlimus))
-- OS detection tests [\#56](https://github.com/chef/inspec/pull/56) ([arlimus](https://github.com/arlimus))
-- Start Linting remaining resources [\#55](https://github.com/chef/inspec/pull/55) ([arlimus](https://github.com/arlimus))
-- fix various robocop lint issues [\#54](https://github.com/chef/inspec/pull/54) ([chris-rock](https://github.com/chris-rock))
-- overhaul rule structure [\#53](https://github.com/chef/inspec/pull/53) ([arlimus](https://github.com/arlimus))
-- Verify ssh transport backend [\#51](https://github.com/chef/inspec/pull/51) ([arlimus](https://github.com/arlimus))
-- Unit test for service resource [\#50](https://github.com/chef/inspec/pull/50) ([chris-rock](https://github.com/chris-rock))
-- Ssh backend tests [\#49](https://github.com/chef/inspec/pull/49) ([arlimus](https://github.com/arlimus))
-- Docker concurrency [\#48](https://github.com/chef/inspec/pull/48) ([arlimus](https://github.com/arlimus))
-- unit tests for package resource [\#47](https://github.com/chef/inspec/pull/47) ([chris-rock](https://github.com/chris-rock))
-- Docker runner test [\#46](https://github.com/chef/inspec/pull/46) ([arlimus](https://github.com/arlimus))
-- add port resource [\#45](https://github.com/chef/inspec/pull/45) ([chris-rock](https://github.com/chris-rock))
-- bugfix: windows server 2008 detection [\#44](https://github.com/chef/inspec/pull/44) ([arlimus](https://github.com/arlimus))
-- Add detect command [\#43](https://github.com/chef/inspec/pull/43) ([arlimus](https://github.com/arlimus))
-- unit test mock os [\#42](https://github.com/chef/inspec/pull/42) ([chris-rock](https://github.com/chris-rock))
-- let travis do dockerized resource tests [\#41](https://github.com/chef/inspec/pull/41) ([arlimus](https://github.com/arlimus))
-- docker test run [\#40](https://github.com/chef/inspec/pull/40) ([arlimus](https://github.com/arlimus))
-- bugfix: detect os via unames [\#38](https://github.com/chef/inspec/pull/38) ([arlimus](https://github.com/arlimus))
-- run kitchen test instead of converge [\#37](https://github.com/chef/inspec/pull/37) ([arlimus](https://github.com/arlimus))
-- bugfix: local file owner [\#36](https://github.com/chef/inspec/pull/36) ([arlimus](https://github.com/arlimus))
-- bugfix: backend description for local + docker [\#35](https://github.com/chef/inspec/pull/35) ([arlimus](https://github.com/arlimus))
-- implement fake os method for mock backend \(for now\) [\#34](https://github.com/chef/inspec/pull/34) ([chris-rock](https://github.com/chris-rock))
-- add Windows feature resource [\#33](https://github.com/chef/inspec/pull/33) ([chris-rock](https://github.com/chris-rock))
-- add linux kernel resources [\#32](https://github.com/chef/inspec/pull/32) ([chris-rock](https://github.com/chris-rock))
-- Exist vs exists [\#31](https://github.com/chef/inspec/pull/31) ([arlimus](https://github.com/arlimus))
-- File formats [\#30](https://github.com/chef/inspec/pull/30) ([chris-rock](https://github.com/chris-rock))
-- OS detection and resource [\#29](https://github.com/chef/inspec/pull/29) ([arlimus](https://github.com/arlimus))
-- bugfix: fix simplified runner configuration [\#28](https://github.com/chef/inspec/pull/28) ([chris-rock](https://github.com/chris-rock))
-- improvement: simplify runner configuration [\#27](https://github.com/chef/inspec/pull/27) ([arlimus](https://github.com/arlimus))
-- bugfix: catch cases, where no service is available [\#26](https://github.com/chef/inspec/pull/26) ([chris-rock](https://github.com/chris-rock))
-- support package for windows [\#25](https://github.com/chef/inspec/pull/25) ([chris-rock](https://github.com/chris-rock))
-- implement service for FreeBSD [\#24](https://github.com/chef/inspec/pull/24) ([chris-rock](https://github.com/chris-rock))
-- move integration dependencies to Gemfile [\#23](https://github.com/chef/inspec/pull/23) ([chris-rock](https://github.com/chris-rock))
-- add oracle linux docker tests [\#22](https://github.com/chef/inspec/pull/22) ([arlimus](https://github.com/arlimus))
-- Support FreeBSD [\#21](https://github.com/chef/inspec/pull/21) ([arlimus](https://github.com/arlimus))
-- Service resource [\#20](https://github.com/chef/inspec/pull/20) ([chris-rock](https://github.com/chris-rock))
-- Improvements [\#19](https://github.com/chef/inspec/pull/19) ([chris-rock](https://github.com/chris-rock))
-- bugfix: set host for ssh config in specinfra [\#18](https://github.com/chef/inspec/pull/18) ([chris-rock](https://github.com/chris-rock))
-- improve readme [\#17](https://github.com/chef/inspec/pull/17) ([chris-rock](https://github.com/chris-rock))
-- Integration tests for the backend runner [\#16](https://github.com/chef/inspec/pull/16) ([arlimus](https://github.com/arlimus))
-- Fix specinfra OS detection [\#15](https://github.com/chef/inspec/pull/15) ([arlimus](https://github.com/arlimus))
-- Os detection [\#14](https://github.com/chef/inspec/pull/14) ([chris-rock](https://github.com/chris-rock))
-- bugfix: require specinfra backend [\#13](https://github.com/chef/inspec/pull/13) ([chris-rock](https://github.com/chris-rock))
-- improve docker test runner structure [\#12](https://github.com/chef/inspec/pull/12) ([arlimus](https://github.com/arlimus))
-- Concurrent integrationtest [\#11](https://github.com/chef/inspec/pull/11) ([arlimus](https://github.com/arlimus))
-- add oneget resource [\#10](https://github.com/chef/inspec/pull/10) ([chris-rock](https://github.com/chris-rock))
-- Winrm [\#9](https://github.com/chef/inspec/pull/9) ([chris-rock](https://github.com/chris-rock))
-- bugfix: linux file stat parameters and mount [\#8](https://github.com/chef/inspec/pull/8) ([arlimus](https://github.com/arlimus))
-- Mysql conf [\#7](https://github.com/chef/inspec/pull/7) ([arlimus](https://github.com/arlimus))
-- Lint update [\#6](https://github.com/chef/inspec/pull/6) ([arlimus](https://github.com/arlimus))
-- SSH PTY [\#5](https://github.com/chef/inspec/pull/5) ([arlimus](https://github.com/arlimus))
-- Start Docker + SSH backends [\#4](https://github.com/chef/inspec/pull/4) ([arlimus](https://github.com/arlimus))
-- travis checks [\#3](https://github.com/chef/inspec/pull/3) ([chris-rock](https://github.com/chris-rock))
-- Package [\#2](https://github.com/chef/inspec/pull/2) ([chris-rock](https://github.com/chris-rock))
-- shared linux file handling + specinfra config + cleanup [\#1](https://github.com/chef/inspec/pull/1) ([arlimus](https://github.com/arlimus))
 
 
 

data/examples/inheritance/inspec.lock

@@ -0,0 +1,11 @@
+---
+lockfile_version: 1
+depends:
+- name: profile
+  resolved_source:
+    path: "/pub/git/inspec/examples/profile"
+  version_constraints: ">= 0"
+- name: profile-attribute
+  resolved_source:
+    path: "/pub/git/inspec/examples/profile-attribute"
+  version_constraints: ">= 0"

data/examples/profile/inspec.lock

@@ -0,0 +1,3 @@
+---
+lockfile_version: 1
+depends: []

data/inspec.gemspec

@@ -38,5 +38,5 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'sslshake', '~> 1'
   spec.add_dependency 'parallel', '~> 1.9'
   spec.add_dependency 'rspec_junit_formatter', '~> 0.2.3'
-  spec.add_dependency 'http', '~> 2.1.0'
+  spec.add_dependency 'faraday', '>=0.9.0'
 end

data/lib/inspec/objects/each_loop.rb

@@ -2,7 +2,8 @@
 
 module Inspec
   class EachLoop < List
-    attr_reader :tests, :variables
+    attr_reader :variables
+    attr_accessor :tests
     def initialize
       super
       @tests = []

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '1.11.0'.freeze
+  VERSION = '1.12.0'.freeze
 end

data/lib/resources/http.rb

@@ -1,9 +1,10 @@
 # encoding: utf-8
 # copyright: 2017, Criteo
-# author: Guilhem Lettron
+# copyright: 2017, Chef Software Inc
+# author: Guilhem Lettron, Christoph Hartmann
 # license: Apache v2
 
-require 'http'
+require 'faraday'
 require 'hashie'
 
 module Inspec::Resources
@@ -38,7 +39,7 @@ module Inspec::Resources
     end
 
     def body
-      response.to_s
+      response.body
     end
 
     def headers
@@ -52,9 +53,18 @@ module Inspec::Resources
     private
 
     def response
-      http = HTTP.headers(@headers)
-      http = http.basic_auth(@auth) unless @auth.empty?
-      @response ||= http.request(@method, @url, { body: @data, params: @params })
+      conn = Faraday.new url: @url, headers: @headers, params: @params
+
+      # set basic authentication
+      conn.basic_auth @auth[:user], @auth[:pass] unless @auth.empty?
+
+      # set default timeout
+      conn.options.timeout      = 5  # open/read timeout in seconds
+      conn.options.open_timeout = 3  # connection open timeout in seconds
+
+      @response = conn.send(@method.downcase) do |req|
+        req.body = @data
+      end
     end
   end
 end

data/lib/resources/processes.rb

@@ -4,22 +4,23 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
+require 'utils/filter'
+
 module Inspec::Resources
   class Processes < Inspec.resource(1)
     name 'processes'
     desc 'Use the processes InSpec audit resource to test properties for programs that are running on the system.'
     example "
       describe processes('mysqld') do
-        its('list.length') { should eq 1 }
+        its('entries.length') { should eq 1 }
         its('users') { should eq ['mysql'] }
         its('states') { should include 'S' }
       end
+      describe processes(/.+/).where { label != 'unconfined' && pid < 1000 } do
+        its('users') { should cmp [] }
+      end
     "
 
-    attr_reader :list,
-                :users,
-                :states
-
     def initialize(grep)
       @grep = grep
       # turn into a regexp if it isn't one yet
@@ -31,19 +32,40 @@ module Inspec::Resources
       @list = all_cmds.find_all do |hm|
         hm[:command] =~ grep
       end
-
-      { users: :user,
-        states: :stat }.each do |var, key|
-        instance_variable_set("@#{var}", @list.map { |l| l[key] }.uniq)
-      end
     end
 
     def to_s
       "Processes #{@grep.class == String ? @grep : @grep.inspect}"
     end
 
+    def list
+      warn '[DEPRECATION] `processes.list` is deprecated. Please use `processes.entries` instead. It will be removed in version 2.0.0.'
+      @list
+    end
+
+    filter = FilterTable.create
+    filter.add_accessor(:where)
+          .add_accessor(:entries)
+          .add(:labels,   field: 'label')
+          .add(:pids,     field: 'pid')
+          .add(:cpus,     field: 'cpu')
+          .add(:mem,      field: 'mem')
+          .add(:vsz,      field: 'vsz')
+          .add(:rss,      field: 'rss')
+          .add(:tty,      field: 'tty')
+          .add(:states,   field: 'stat')
+          .add(:start,    field: 'start')
+          .add(:time,     field: 'time')
+          .add(:users,    field: 'user')
+          .add(:commands, field: 'command')
+          .connect(self, :filtered_processes)
+
     private
 
+    def filtered_processes
+      @list
+    end
+
     def ps_axo
       os = inspec.os
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.11.0
+  version: 1.12.0
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-01 00:00:00.000000000 Z
+date: 2017-02-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -219,19 +219,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.2.3
 - !ruby/object:Gem::Dependency
-  name: http
+  name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 0.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 0.9.0
 description: InSpec provides a framework for creating end-to-end infrastructure tests.
   You can use it for integration or even compliance testing. Create fully portable
   test profiles and use them in your workflow to ensure stability and security. Integrate
@@ -341,6 +341,7 @@ files:
 - examples/README.md
 - examples/inheritance/README.md
 - examples/inheritance/controls/example.rb
+- examples/inheritance/inspec.lock
 - examples/inheritance/inspec.yml
 - examples/kitchen-ansible/.kitchen.yml
 - examples/kitchen-ansible/Gemfile
@@ -375,6 +376,7 @@ files:
 - examples/profile/controls/example.rb
 - examples/profile/controls/gordon.rb
 - examples/profile/controls/meta.rb
+- examples/profile/inspec.lock
 - examples/profile/inspec.yml
 - examples/profile/libraries/gordon_config.rb
 - inspec.gemspec