inspec 1.26.0 → 1.27.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: fecbcfd7ae1d3b85d799bc71dc2eabe989f16136
4
- data.tar.gz: 20bd1251717cd160dbd5b4b8884ca2d916838f3b
3
+ metadata.gz: a97d110626e91da96f74c2ade783985774f985c6
4
+ data.tar.gz: 9c6f406166b6e6592b1a43b69353c5bcaf8dc0ef
5
5
  SHA512:
6
- metadata.gz: 3553ac4c21f7f73f70fcaed794292b013f7106a7b226ffb5500c1c9c6451d4355d10aa0526d28d32db926e6a281f5a1f48cf7bcb68255b893853020debfa8a42
7
- data.tar.gz: 743f7fce23d0d50eb6d3df716c7f44d9ca1f8824fdc47df6940d77308a720146caf07eb1f6c3a47616cc230561e832b32aa89206d97ace6cea43a7e69abd5f13
6
+ metadata.gz: 9d6ec986d6914cd057869cce5ba76c3c13c31a8bd044aefcaed4cf6a01cc4cf91ac0b3c118519e7c58c98b8ddd63bef0e04780c8099e1c68bacbfca218d8ae88
7
+ data.tar.gz: 6b20ef3baa24b1e3de67373101f6c356189ac990fd7789d889ac50fb6d9272f2889f45d61edbdcbe12d9ae4b75d3b302837b043536e7d1d57c5064b95ffa6312
data/CHANGELOG.md CHANGED
@@ -1,24 +1,48 @@
1
1
  # Change Log
2
2
 
3
- ## [v1.26.0](https://github.com/chef/inspec/tree/v1.26.0) (2017-05-30)
3
+ ## [v1.27.0](https://github.com/chef/inspec/tree/v1.27.0) (2017-06-06)
4
+ [Full Changelog](https://github.com/chef/inspec/compare/v1.26.0...v1.27.0)
5
+
6
+ **Implemented enhancements:**
7
+
8
+ - Support special cases for crontab resource [\#1893](https://github.com/chef/inspec/pull/1893) ([arlimus](https://github.com/arlimus))
9
+ - add the Nginx parser [\#1888](https://github.com/chef/inspec/pull/1888) ([arlimus](https://github.com/arlimus))
10
+ - support FIPS 140-2 compliant digest calls [\#1887](https://github.com/chef/inspec/pull/1887) ([arlimus](https://github.com/arlimus))
11
+ - Add windows support to the `processes` resource [\#1878](https://github.com/chef/inspec/pull/1878) ([username-is-already-taken2](https://github.com/username-is-already-taken2))
12
+ - add bitbucket repo url handling [\#1866](https://github.com/chef/inspec/pull/1866) ([stubblyhead](https://github.com/stubblyhead))
13
+ - Commenting the `contain\_duplicates` deprecation until we have a good alternative [\#1860](https://github.com/chef/inspec/pull/1860) ([alexpop](https://github.com/alexpop))
14
+ - verifies that inspec.yml uses licenses in SPDX format [\#1858](https://github.com/chef/inspec/pull/1858) ([chris-rock](https://github.com/chris-rock))
15
+ - funtion to get pgsql version, exposed version, cluster and fixed session [\#1758](https://github.com/chef/inspec/pull/1758) ([aaronlippold](https://github.com/aaronlippold))
16
+
17
+ **Fixed bugs:**
18
+
19
+ - Use RubyGems version for habitat plan [\#1883](https://github.com/chef/inspec/pull/1883) ([smith](https://github.com/smith))
20
+ - Fix version method call for refresh token [\#1875](https://github.com/chef/inspec/pull/1875) ([ndobson](https://github.com/ndobson))
21
+ - Add warningaction to test-netconnection [\#1869](https://github.com/chef/inspec/pull/1869) ([seththoenen](https://github.com/seththoenen))
22
+ - Fix parameters to `find` commands [\#1856](https://github.com/chef/inspec/pull/1856) ([chris-rock](https://github.com/chris-rock))
23
+ - Fix command exists check on Windows with full paths [\#1850](https://github.com/chef/inspec/pull/1850) ([username-is-already-taken2](https://github.com/username-is-already-taken2))
24
+ - Fix compliance uploads when version is not present [\#1849](https://github.com/chef/inspec/pull/1849) ([adamleff](https://github.com/adamleff))
25
+
26
+ ## [v1.26.0](https://github.com/chef/inspec/tree/v1.26.0) (2017-05-31)
4
27
  [Full Changelog](https://github.com/chef/inspec/compare/v1.25.1...v1.26.0)
5
28
 
6
29
  **Implemented enhancements:**
7
30
 
31
+ - Bump default timeouts for `http` resource [\#1835](https://github.com/chef/inspec/pull/1835) ([schisamo](https://github.com/schisamo))
8
32
  - Improvements to Habitat plan [\#1820](https://github.com/chef/inspec/pull/1820) ([smith](https://github.com/smith))
9
33
 
10
34
  **Fixed bugs:**
11
35
 
12
- - bugfix: adjust localhost+sudo test output to train update [\#1873](https://github.com/chef/inspec/pull/1873) ([arlimus](https://github.com/arlimus))
36
+ - adjust localhost+sudo test output to train update [\#1873](https://github.com/chef/inspec/pull/1873) ([arlimus](https://github.com/arlimus))
37
+ - sudo-detection for target execution [\#1870](https://github.com/chef/inspec/pull/1870) ([arlimus](https://github.com/arlimus))
13
38
  - bugfix: do not send nil to command on unsupported OS [\#1865](https://github.com/chef/inspec/pull/1865) ([arlimus](https://github.com/arlimus))
14
39
  - bugfix: non-url servers with compliance login [\#1861](https://github.com/chef/inspec/pull/1861) ([arlimus](https://github.com/arlimus))
40
+ - Raise exception if profile target URL cannot be parsed [\#1853](https://github.com/chef/inspec/pull/1853) ([adamleff](https://github.com/adamleff))
41
+ - postgres relative path includes [\#1852](https://github.com/chef/inspec/pull/1852) ([aaronlippold](https://github.com/aaronlippold))
42
+ - Amended the processes resource to skip on windows [\#1851](https://github.com/chef/inspec/pull/1851) ([username-is-already-taken2](https://github.com/username-is-already-taken2))
43
+ - Fix assert that a gem is not installed [\#1844](https://github.com/chef/inspec/pull/1844) ([cattywampus](https://github.com/cattywampus))
15
44
  - Habitat Profiles: redirect stderr to stdout [\#1826](https://github.com/chef/inspec/pull/1826) ([adamleff](https://github.com/adamleff))
16
45
 
17
- **Closed issues:**
18
-
19
- - Using Automate - `compliance\_profile\_name': undefined method `\[\]' for nil:NilClass \(NoMethodError\) seeing 1.25.1 Inspec [\#1848](https://github.com/chef/inspec/issues/1848)
20
- - Missing filesystem size check for InSpec [\#1843](https://github.com/chef/inspec/issues/1843)
21
-
22
46
  ## [v1.25.1](https://github.com/chef/inspec/tree/v1.25.1) (2017-05-20)
23
47
  [Full Changelog](https://github.com/chef/inspec/compare/v1.25.0...v1.25.1)
24
48
 
@@ -41,7 +65,6 @@
41
65
  **Fixed bugs:**
42
66
 
43
67
  - read source code if profile is in tgz/zip [\#1816](https://github.com/chef/inspec/pull/1816) ([arlimus](https://github.com/arlimus))
44
- - Update postgresql conf resource to accept include\_dir as a string as well as an array [\#1727](https://github.com/chef/inspec/pull/1727) ([elliott-davis](https://github.com/elliott-davis))
45
68
 
46
69
  ## [v1.24.0](https://github.com/chef/inspec/tree/v1.24.0) (2017-05-11)
47
70
  [Full Changelog](https://github.com/chef/inspec/compare/v1.23.0...v1.24.0)
@@ -56,7 +79,6 @@
56
79
  - Add support for Windows auth in mssql\_resourcet [\#1786](https://github.com/chef/inspec/pull/1786) ([arlimus](https://github.com/arlimus))
57
80
  - Allow mysql\_session to test databases on different hosts [\#1779](https://github.com/chef/inspec/pull/1779) ([aaronlippold](https://github.com/aaronlippold))
58
81
  - Handle parse errors for attrs/secrets [\#1775](https://github.com/chef/inspec/pull/1775) ([adamleff](https://github.com/adamleff))
59
- - Add an oracledb\_session resource [\#1751](https://github.com/chef/inspec/pull/1751) ([nsdavidson](https://github.com/nsdavidson))
60
82
 
61
83
  ## [v1.23.0](https://github.com/chef/inspec/tree/v1.23.0) (2017-05-04)
62
84
  [Full Changelog](https://github.com/chef/inspec/compare/v1.22.0...v1.23.0)
@@ -64,37 +86,14 @@
64
86
  **Implemented enhancements:**
65
87
 
66
88
  - Add command-line completions for fish shell [\#1760](https://github.com/chef/inspec/pull/1760) ([smith](https://github.com/smith))
67
- - Error and exit when using --sudo locally [\#1741](https://github.com/chef/inspec/pull/1741) ([adamleff](https://github.com/adamleff))
68
-
69
- **Fixed bugs:**
70
-
71
- - Make the --no-color flag work for inspec exec [\#1749](https://github.com/chef/inspec/pull/1749) ([adamleff](https://github.com/adamleff))
72
- - Fix xinetd resource failing when file cannot be read [\#1746](https://github.com/chef/inspec/pull/1746) ([adamleff](https://github.com/adamleff))
73
- - Habitat profile bug fixes and improvements [\#1735](https://github.com/chef/inspec/pull/1735) ([rhass](https://github.com/rhass))
74
89
 
75
90
  **Merged pull requests:**
76
91
 
77
92
  - rake: lint before test [\#1755](https://github.com/chef/inspec/pull/1755) ([arlimus](https://github.com/arlimus))
78
- - rename old deprecations that were meant for 1.0 [\#1737](https://github.com/chef/inspec/pull/1737) ([arlimus](https://github.com/arlimus))
79
- - add `inspec.profile.file\(...\)` for profile files [\#1720](https://github.com/chef/inspec/pull/1720) ([arlimus](https://github.com/arlimus))
80
93
 
81
94
  ## [v1.22.0](https://github.com/chef/inspec/tree/v1.22.0) (2017-04-27)
82
95
  [Full Changelog](https://github.com/chef/inspec/compare/v1.21.0...v1.22.0)
83
96
 
84
- **Implemented enhancements:**
85
-
86
- - rename `parse\_config` options for clarity [\#1709](https://github.com/chef/inspec/issues/1709)
87
- - rename SimpleConfig / parse\_config / parse\_config\_file options [\#1723](https://github.com/chef/inspec/pull/1723) ([arlimus](https://github.com/arlimus))
88
- - Add matchers help to shell, clean up help output [\#1722](https://github.com/chef/inspec/pull/1722) ([adamleff](https://github.com/adamleff))
89
- - provide `inspec.version` information [\#1719](https://github.com/chef/inspec/pull/1719) ([arlimus](https://github.com/arlimus))
90
- - provide the `inspec` keyword [\#1718](https://github.com/chef/inspec/pull/1718) ([arlimus](https://github.com/arlimus))
91
- - print and prettyprint the inspec backend class [\#1717](https://github.com/chef/inspec/pull/1717) ([arlimus](https://github.com/arlimus))
92
-
93
- **Fixed bugs:**
94
-
95
- - pretty-print multiline control descriptions [\#1711](https://github.com/chef/inspec/pull/1711) ([arlimus](https://github.com/arlimus))
96
- - bugfix: unindent description misbehaviors [\#1707](https://github.com/chef/inspec/pull/1707) ([arlimus](https://github.com/arlimus))
97
-
98
97
  ## [v1.21.0](https://github.com/chef/inspec/tree/v1.21.0) (2017-04-24)
99
98
  [Full Changelog](https://github.com/chef/inspec/compare/v1.20.0...v1.21.0)
100
99
 
data/Rakefile CHANGED
@@ -6,6 +6,7 @@ require 'bundler/gem_tasks'
6
6
  require 'rake/testtask'
7
7
  require_relative 'tasks/changelog'
8
8
  require_relative 'tasks/maintainers'
9
+ require_relative 'tasks/spdx'
9
10
 
10
11
  # The docs tasks rely on ruby-progressbar. If we can't load it, then don't
11
12
  # load the docs tasks. This is necessary to allow this Rakefile to work
@@ -174,7 +175,7 @@ task :release_habitat do
174
175
  raise "Please set the HAB_AUTH_TOKEN environment variable"
175
176
  end
176
177
  cmd = "echo #{version} > ./habitat/VERSION && "\
177
- "hab studio build ./habitat && " \
178
+ "hab pkg build . && " \
178
179
  "hab pkg upload ./results/*.hart"
179
180
  puts "--> #{cmd}"
180
181
  sh('sh', '-c', cmd)
@@ -195,4 +196,3 @@ namespace :www do
195
196
  exit(1)
196
197
  end
197
198
  end
198
-
@@ -4,7 +4,7 @@ title: About the crontab Resource
4
4
 
5
5
  # crontab
6
6
 
7
- Use the `crontab` InSpec audit resource to test the crontab entries for a particular user on the system.
7
+ Use the `crontab` InSpec audit resource to test the crontab entries for a particular user on the system. It recognizes special time strings (@yearly, @weekly, etc).
8
8
 
9
9
  ## Syntax
10
10
 
@@ -66,3 +66,19 @@ The following examples show how to use this InSpec audit resource.
66
66
  describe crontab.where { command =~ /a partial command string/ } do
67
67
  its('entries.length') { should cmp 1 }
68
68
  end
69
+
70
+ ### Test a special time string (i.e., @yearly /root/anual_report.sh)
71
+
72
+ describe crontab.commands('/root/anual_report.sh') do
73
+ its('hours') { should cmp '0' }
74
+ its('minutes') { should cmp '0' }
75
+ its('days') { should cmp '1' }
76
+ its('months') { should cmp '1' }
77
+ end
78
+
79
+ ### Test @reboot case
80
+
81
+ describe crontab.commands('/root/reboot.sh') do
82
+ its('hours') { should cmp '-1' }
83
+ its('minutes') { should cmp '-1' }
84
+ end
@@ -14,7 +14,7 @@ This will be corrected in a future version of InSpec. New InSpec releases are po
14
14
 
15
15
  An `http` resource block declares the configuration settings to be tested:
16
16
 
17
- describe http('url', auth: {user: 'user', pass: 'test'}, params: {params}, method: 'method', headers: {headers}, body: body) do
17
+ describe http('url', auth: {user: 'user', pass: 'test'}, params: {params}, method: 'method', headers: {headers}, data: data, open_timeout: 60, read_timeout: 60, ssl_verify: true) do
18
18
  its('status') { should eq number }
19
19
  its('body') { should eq 'body' }
20
20
  its('headers.name') { should eq 'header' }
@@ -23,11 +23,14 @@ An `http` resource block declares the configuration settings to be tested:
23
23
  where
24
24
 
25
25
  * `('url')` is the url to test
26
- * `{user: 'user', pass: 'test'}` may be specified for basic auth request
26
+ * `auth: { user: 'user', pass: 'test' }` may be specified for basic auth request
27
27
  * `{params}` may be specified for http request parameters
28
28
  * `'method'` may be specified for http request method (default to 'GET')
29
29
  * `{headers}` may be specified for http request headers
30
- * `body` may be specified for http request body
30
+ * `data` may be specified for http request body
31
+ * `open_timeout` may be specified for a timeout for opening connections (default to 60)
32
+ * `read_timeout` may be specified for a timeout for reading connections (default to 60)
33
+ * `ssl_verify` may be specified to enable or disable verification of SSL certificates (default to `true`)
31
34
 
32
35
  ## Matchers
33
36
 
@@ -60,18 +60,33 @@ The following examples show how to use this InSpec audit resource.
60
60
  its('list.length') { should eq 1 }
61
61
  end
62
62
 
63
- ### Test if the init process is owned by the root user
63
+ ### Test if the process is owned by a specifc user
64
64
 
65
65
  describe processes('init') do
66
66
  its('users') { should eq ['root'] }
67
67
  end
68
68
 
69
+ describe processes('winlogon') do
70
+ its('users') { should cmp "NT AUTHORITY\\SYSTEM" }
71
+ end
72
+
73
+
69
74
  ### Test if a high-priority process is running
70
75
 
71
- describe processes('some_process') do
76
+ describe processes('linux_process') do
72
77
  its('states') { should eq ['R<'] }
73
78
  end
74
79
 
80
+ describe processes('windows_process') do
81
+ its('labels') { should cmp "High" }
82
+ end
83
+
84
+ ### Test if a process exists on the system
85
+
86
+ describe processes('some_process') do
87
+ it { should exist }
88
+ end
89
+
75
90
  ### Test for a process using a specific Regexp
76
91
 
77
92
  If the process name is too common for a string to uniquely find it,
@@ -81,3 +96,28 @@ needed.
81
96
  describe processes(Regexp.new("/usr/local/bin/swap -d")) do
82
97
  its('list.length') { should eq 1 }
83
98
  end
99
+
100
+ ### Notes for auditing Windows systems
101
+
102
+ Sometimes with system properties there isn't a direct comparison between different operating systems.
103
+ Most of the `property_name`'s do align between the different OS's.
104
+
105
+ There are however some exception's, for example, within linux `states` offers multiple properties.
106
+ Windows doesn't have direct comparison that is a single property so instead `states` is mapped to the property of `Responding`, This is a boolean true/false flag to help determine if the process is hung.
107
+
108
+ Below is a mapping table to help you understand what property the unix field maps to the windows `Get-Process` Property
109
+
110
+ | *unix ps field* | *windows PowerShell Property* |
111
+ |:---------------:|:-----------------------------:|
112
+ |labels |PriorityClass|
113
+ |pids |Id|
114
+ |cpus |CPU|
115
+ |mem |PM|
116
+ |vsz |VirtualMemorySize|
117
+ |rss |NPM|
118
+ |tty |SessionId|
119
+ |states |Responding|
120
+ |start |StartTime|
121
+ |time |TotalProcessorTime|
122
+ |users |UserName|
123
+ |commands |Path|
@@ -3,7 +3,7 @@ title: InSpec example inheritance
3
3
  maintainer: Chef Software, Inc.
4
4
  copyright: Chef Software, Inc.
5
5
  copyright_email: support@chef.io
6
- license: Apache 2 license
6
+ license: Apache-2.0
7
7
  summary: Demonstrates the use of InSpec profile inheritance
8
8
  version: 1.0.0
9
9
  supports:
@@ -3,7 +3,7 @@ title: Meta Compliance Profile
3
3
  maintainer: InSpec Authors
4
4
  copyright: InSpec Authors
5
5
  copyright_email: support@chef.io
6
- license: Apache 2
6
+ license: Apache-2.0
7
7
  summary: InSpec Profile that is only consuming dependencies
8
8
  version: 0.2.0
9
9
  depends:
@@ -3,6 +3,6 @@ title: InSpec Profile
3
3
  maintainer: The Authors
4
4
  copyright: The Authors
5
5
  copyright_email: you@example.com
6
- license: All Rights Reserved
6
+ license: Apache-2.0
7
7
  summary: An InSpec Compliance Profile
8
8
  version: 0.1.0
@@ -3,7 +3,7 @@ title: InSpec Example Profile
3
3
  maintainer: Chef Software, Inc.
4
4
  copyright: Chef Software, Inc.
5
5
  copyright_email: support@chef.io
6
- license: Apache 2 license
6
+ license: Apache-2.0
7
7
  summary: Demonstrates the use of InSpec Compliance Profile
8
8
  version: 1.0.0
9
9
  supports:
@@ -70,13 +70,14 @@ module Compliance
70
70
  headers = get_headers(config)
71
71
  response = Compliance::HTTP.get(url+'/version', headers, insecure)
72
72
  return {} if response.code == '404'
73
+
73
74
  data = response.body
75
+ return {} if data.nil? || data.empty?
74
76
 
75
- if !data.nil?
76
- JSON.parse(data)
77
- else
78
- {}
79
- end
77
+ parsed = JSON.parse(data)
78
+ return {} unless parsed.key?('version') && !parsed['version'].empty?
79
+
80
+ parsed
80
81
  end
81
82
 
82
83
  # verifies that a profile
@@ -203,11 +204,11 @@ module Compliance
203
204
  end
204
205
 
205
206
  def self.is_automate_server_pre_080?(config)
206
- config['server_type'] == 'automate' && config['version'].empty?
207
+ config['server_type'] == 'automate' && config['version'].nil?
207
208
  end
208
209
 
209
210
  def self.is_automate_server_080_and_later?(config)
210
- config['server_type'] == 'automate' && !config['version'].empty?
211
+ config['server_type'] == 'automate' && !config['version'].nil?
211
212
  end
212
213
 
213
214
  def self.is_automate_server?(config)
@@ -355,7 +355,7 @@ module Compliance
355
355
  config['user'] = user
356
356
  config['insecure'] = insecure
357
357
  config['server_type'] = 'compliance'
358
- config['version'] = Compliance::API.version(url, insecure)
358
+ config['version'] = Compliance::API.version(config)
359
359
 
360
360
  if !verify
361
361
  config.store
@@ -3,6 +3,6 @@ title: InSpec Profile
3
3
  maintainer: The Authors
4
4
  copyright: The Authors
5
5
  copyright_email: you@example.com
6
- license: All Rights Reserved
6
+ license: Apache-2.0
7
7
  summary: An InSpec Compliance Profile
8
8
  version: 0.1.0
@@ -2,6 +2,8 @@
2
2
  # author: Dominik Richter
3
3
  # author: Christoph Hartmann
4
4
 
5
+ require 'openssl'
6
+
5
7
  module Fetchers
6
8
  class Local < Inspec.fetcher(1)
7
9
  name 'local'
@@ -65,7 +67,8 @@ module Fetchers
65
67
 
66
68
  def sha256
67
69
  return nil if File.directory?(@target)
68
- @archive_shasum ||= Digest::SHA256.hexdigest File.read(@target)
70
+ @archive_shasum ||=
71
+ OpenSSL::Digest::SHA256.digest(File.read(@target)).unpack('H*')[0]
69
72
  end
70
73
 
71
74
  def resolved_source
data/lib/fetchers/url.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # author: Christoph Hartmann
4
4
 
5
5
  require 'uri'
6
- require 'digest'
6
+ require 'openssl'
7
7
  require 'tempfile'
8
8
  require 'open-uri'
9
9
 
@@ -37,8 +37,8 @@ module Fetchers
37
37
  nil
38
38
  end
39
39
 
40
- # Transforms a browser github url to github tar url
41
- # We distinguish between three different Github URL types:
40
+ # Transforms a browser github/bitbucket url to github/bitbucket tar url
41
+ # We distinguish between three different Github/Bitbucket URL types:
42
42
  # - Master URL
43
43
  # - Branch URL
44
44
  # - Commit URL
@@ -46,22 +46,39 @@ module Fetchers
46
46
  # master url:
47
47
  # https://github.com/nathenharvey/tmp_compliance_profile/ is transformed to
48
48
  # https://github.com/nathenharvey/tmp_compliance_profile/archive/master.tar.gz
49
+ # https://bitbucket.org/username/repo is transformed to
50
+ # https://bitbucket.org/username/repo/get/master.tar.gz
49
51
  #
50
- # github branch:
52
+ # branch:
51
53
  # https://github.com/hardening-io/tests-os-hardening/tree/2.0 is transformed to
52
54
  # https://github.com/hardening-io/tests-os-hardening/archive/2.0.tar.gz
55
+ # https://bitbucket.org/username/repo/branch/branchname is transformed to
56
+ # https://bitbucket.org/username/repo/get/newbranch.tar.gz
53
57
  #
54
- # github commit:
58
+ # commit:
55
59
  # https://github.com/hardening-io/tests-os-hardening/tree/48bd4388ddffde68badd83aefa654e7af3231876
56
60
  # is transformed to
57
61
  # https://github.com/hardening-io/tests-os-hardening/archive/48bd4388ddffde68badd83aefa654e7af3231876.tar.gz
62
+ # https://bitbucket.org/username/repo/commits/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc is transformed to
63
+ # https://bitbucket.org/username/repo/get/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc.tar.gz
64
+
58
65
  GITHUB_URL_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}
59
66
  GITHUB_URL_WITH_TREE_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w-]+)/tree/(?<commit>[\w\.]+)(/)?$}
67
+ BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}
68
+ BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}
69
+ BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}
70
+
60
71
  def self.transform(target)
61
72
  transformed_target = if m = GITHUB_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
62
73
  "https://github.com/#{m[:user]}/#{m[:repo]}/archive/master.tar.gz"
63
74
  elsif m = GITHUB_URL_WITH_TREE_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
64
75
  "https://github.com/#{m[:user]}/#{m[:repo]}/archive/#{m[:commit]}.tar.gz"
76
+ elsif m = BITBUCKET_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
77
+ "https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/master.tar.gz"
78
+ elsif m = BITBUCKET_URL_BRANCH_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
79
+ "https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{m[:branch]}.tar.gz"
80
+ elsif m = BITBUCKET_URL_COMMIT_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
81
+ "https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{m[:commit]}.tar.gz"
65
82
  end
66
83
 
67
84
  if transformed_target
@@ -101,7 +118,7 @@ module Fetchers
101
118
 
102
119
  def sha256
103
120
  file = @archive_path || temp_archive_path
104
- Digest::SHA256.hexdigest File.read(file)
121
+ OpenSSL::Digest::SHA256.digest(File.read(file)).unpack('H*')[0]
105
122
  end
106
123
 
107
124
  def file_type_from_remote(remote)