inspec 1.31.1 → 1.32.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bde0ae439f6b243b79718378e46563a6dad1cc5f
-  data.tar.gz: ff5c267161334e1282bd2768da752ad8c5964ccf
+  metadata.gz: 948ae149c470a8f1cae9771d186aa19b58f87915
+  data.tar.gz: f808ef05e4b43f5ec1641587208921bed0c4cbbc
 SHA512:
-  metadata.gz: 77fa982b37b5cfe3d0fca7e44c4400159c0465e583cfd1e11e132cc1c9a62089ff5c06fefe66252303e08e65dfc59d34cf5a525f029fbfda1e9f0283671b233c
-  data.tar.gz: e5f847ecb5ff91141c523d290bcac93ffdecd7bb90f8ac5e1f78bdba1178489f992ff528723a3a4c4a1eceaca619e966a0df40b26efb18d1d17861075859bc8c
+  metadata.gz: 912882be28420aa20252d1fae9339c032fcb0fd8ba43a3f02bf1be70ac186441a107997ed5baa946ca4e5372f113f9192fccfafb9e64896a1e1172626485ddb7
+  data.tar.gz: e4a0b2000edff96342228396a357f92efb57bf9b00dd8f3f574222c52ff92c53e71444ec10315d013043c2403e112b1dc57513de3496de29e5159e979e5b1162

data/CHANGELOG.md

@@ -1,5 +1,31 @@
 # Change Log
 
+<!-- latest_release -->
+## [v1.32.1](https://github.com/chef/inspec/tree/v1.32.1) (2017-08-03)
+
+#### Merged Pull Requests
+- Prep for 1.32.0 release [#2046](https://github.com/chef/inspec/pull/2046) ([adamleff](https://github.com/adamleff))
+<!-- latest_release -->
+
+<!-- release_rollup since=1.32.1 -->
+### Changes since 1.32.1 release
+<!-- release_rollup -->
+
+<!-- latest_stable_release -->
+## [v1.32.1](https://github.com/chef/inspec/tree/v1.32.1) (2017-08-03)
+
+#### Merged Pull Requests
+- bug fix: properly support profile files that are more than one directory deep
+- bug fix: fix mysql_session resource to not use socket for host target
+- host resource now properly handles localhost lookup
+- bugfix: empty file strings from archive readers [#2027](https://github.com/chef/inspec/pull/2027) ([arlimus](https://github.com/arlimus))
+- Fix issue when xinetd.conf does not end in newline [#2040](https://github.com/chef/inspec/pull/2040) ([kareiva](https://github.com/kareiva))
+- catch newline issues in xinet.d [#2043](https://github.com/chef/inspec/pull/2043) ([arlimus](https://github.com/arlimus))
+- Prep for 1.32.0 release [#2046](https://github.com/chef/inspec/pull/2046) ([adamleff](https://github.com/adamleff))
+<!-- latest_stable_release -->
+
+
+
 ## [v1.31.1](https://github.com/chef/inspec/tree/v1.31.1) (2017-07-06)
 [Full Changelog](https://github.com/chef/inspec/compare/v1.31.0...v1.31.1)
 
@@ -181,8 +207,4 @@
 [Full Changelog](https://github.com/chef/inspec/compare/v1.21.0...v1.22.0)
 
 ## [v1.21.0](https://github.com/chef/inspec/tree/v1.21.0) (2017-04-24)
-[Full Changelog](https://github.com/chef/inspec/compare/v1.20.0...v1.21.0)
-
-
-
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+[Full Changelog](https://github.com/chef/inspec/compare/v1.20.0...v1.21.0)

data/Rakefile

@@ -176,7 +176,7 @@ task :release_habitat do
     end
     cmd = "echo #{version} > ./habitat/VERSION && "\
           "hab pkg build . && " \
-          "hab pkg upload ./results/*.hart"
+          "hab pkg upload ./results/*.hart --channel stable"
     puts "--> #{cmd}"
     sh('sh', '-c', cmd)
 end

data/lib/inspec/file_provider.rb

@@ -97,9 +97,10 @@ module Inspec
       @path = path
       @contents = {}
       @files = []
-      ::Zip::InputStream.open(@path) do |io|
+      walk_zip(@path) do |io|
         while (entry = io.get_next_entry)
-          @files.push(entry.name.sub(%r{/+$}, ''))
+          name = entry.name.sub(%r{/+$}, '')
+          @files.push(name) unless name.empty?
         end
       end
     end
@@ -110,10 +111,14 @@ module Inspec
 
     private
 
+    def walk_zip(path, &callback)
+      ::Zip::InputStream.open(path, &callback)
+    end
+
     def read_from_zip(file)
       return nil unless @files.include?(file)
       res = nil
-      ::Zip::InputStream.open(@path) do |io|
+      walk_zip(@path) do |io|
         while (entry = io.get_next_entry)
           next unless file == entry.name
           res = io.read
@@ -131,8 +136,8 @@ module Inspec
       @path = path
       @contents = {}
       @files = []
-      Gem::Package::TarReader.new(Zlib::GzipReader.open(@path)) do |tar|
-        @files = tar.map(&:full_name)
+      walk_tar(@path) do |tar|
+        @files = tar.map(&:full_name).find_all { |x| !x.empty? }
       end
     end
 
@@ -142,11 +147,15 @@ module Inspec
 
     private
 
+    def walk_tar(path, &callback)
+      Gem::Package::TarReader.new(Zlib::GzipReader.open(path), &callback)
+    end
+
     def read_from_tar(file)
       return nil unless @files.include?(file)
       res = nil
       # NB `TarReader` includes `Enumerable` beginning with Ruby 2.x
-      Gem::Package::TarReader.new(Zlib::GzipReader.open(@path)) do |tar|
+      walk_tar(@path) do |tar|
         tar.each do |entry|
           next unless entry.file? && file == entry.full_name
           res = entry.read

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '1.31.1'.freeze
+  VERSION = '1.32.1'.freeze
 end

data/lib/resources/host.rb

@@ -148,17 +148,17 @@ module Inspec::Resources
     def resolve_with_dig(hostname)
       addresses = []
 
-      # look for IPv6 addresses
-      cmd = inspec.command("dig +short AAAA #{hostname}")
+      # look for IPv4 addresses
+      cmd = inspec.command("dig +short A #{hostname}")
       cmd.stdout.lines.each do |line|
-        matched = line.chomp.match(Resolv::IPv6::Regex)
+        matched = line.chomp.match(Resolv::IPv4::Regex)
         addresses << matched.to_s unless matched.nil?
       end
 
-      # look for IPv4 addresses
-      cmd = inspec.command("dig +short A #{hostname}")
+      # look for IPv6 addresses
+      cmd = inspec.command("dig +short AAAA #{hostname}")
       cmd.stdout.lines.each do |line|
-        matched = line.chomp.match(Resolv::IPv4::Regex)
+        matched = line.chomp.match(Resolv::IPv6::Regex)
         addresses << matched.to_s unless matched.nil?
       end
 
@@ -166,13 +166,25 @@ module Inspec::Resources
     end
 
     def resolve_with_getent(hostname)
-      # TODO: we rely on getent hosts for now, but it prefers to return IPv6, only then IPv4
-      cmd = inspec.command("getent hosts #{hostname}")
-      return nil if cmd.exit_status.to_i != 0
+      cmd = inspec.command("getent ahosts #{hostname}")
+      return nil unless cmd.exit_status.to_i.zero?
+
+      # getent ahosts output is formatted like so:
+      # $ getent ahosts www.google.com
+      # 172.217.8.4     STREAM www.google.com
+      # 172.217.8.4     DGRAM
+      # 172.217.8.4     RAW
+      # 2607:f8b0:4004:803::2004 STREAM
+      # 2607:f8b0:4004:803::2004 DGRAM
+      # 2607:f8b0:4004:803::2004 RAW
+      addresses = []
+      cmd.stdout.lines.each do |line|
+        ip, = line.split(/\s+/, 2)
+        next unless ip.match(Resolv::IPv4::Regex) || ip.match(Resolv::IPv6::Regex)
+        addresses << ip unless addresses.include?(ip)
+      end
 
-      # extract ip adress
-      resolve = /^\s*(?<ip>\S+)\s+(.*)\s*$/.match(cmd.stdout.chomp)
-      [resolve[1]] if resolve
+      addresses
     end
   end
 
@@ -245,7 +257,7 @@ module Inspec::Resources
     end
 
     def resolve(hostname)
-      inspec.command('dig').exist? ? resolve_with_dig(hostname) : resolve_with_getent(hostname)
+      resolve_with_getent(hostname)
     end
   end
 

data/lib/resources/mysql_session.rb

@@ -38,7 +38,7 @@ module Inspec::Resources
         command += " -h #{@host}"
       end
       command += " --port #{@port}" unless @port.nil?
-      command += " #{db} -s -S #{@socket} -e \"#{escaped_query}\""
+      command += " #{db} -s -e \"#{escaped_query}\""
 
       cmd = inspec.command(command)
       out = cmd.stdout + "\n" + cmd.stderr

data/lib/source_readers/inspec.rb

@@ -54,21 +54,21 @@ module SourceReaders
       tests = @target.files.find_all do |path|
         path.start_with?('controls') && path.end_with?('.rb')
       end
-      Hash[tests.map { |x| [x, @target.read(x)] }]
+      Hash[tests.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
     end
 
     def load_libs
       tests = @target.files.find_all do |path|
         path.start_with?('libraries') && path.end_with?('.rb')
       end
-      Hash[tests.map { |x| [x, @target.read(x)] }]
+      Hash[tests.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
     end
 
     def load_data_files
       files = @target.files.find_all do |path|
         path.start_with?('files' + File::SEPARATOR)
       end
-      Hash[files.map { |x| [x, @target.read(x)] }]
+      Hash[files.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
     end
   end
 end

data/lib/utils/parser.rb

@@ -211,7 +211,7 @@ module XinetdParser
     res = {}
     cur_group = nil
     simple_conf = []
-    rest = raw
+    rest = raw + "\n"
     until rest.empty?
       # extract content line
       nl = rest.index("\n") || (rest.length-1)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.31.1
+  version: 1.32.1
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-07-06 00:00:00.000000000 Z
+date: 2017-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -319,6 +319,7 @@ files:
 - docs/migration.md
 - docs/plugin_kitchen_inspec.md
 - docs/profiles.md
+- docs/resources.md
 - docs/resources/apache_conf.md.erb
 - docs/resources/apt.md.erb
 - docs/resources/audit_policy.md.erb