inspec 2.3.10 → 2.3.23

Sign up to get free protection for your applications and to get access to all the features.
Files changed (271) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +34 -13
  3. data/etc/plugin_filters.json +25 -0
  4. data/inspec.gemspec +3 -3
  5. data/lib/bundles/inspec-compliance/api.rb +3 -0
  6. data/lib/bundles/inspec-compliance/configuration.rb +3 -0
  7. data/lib/bundles/inspec-compliance/http.rb +3 -0
  8. data/lib/bundles/inspec-compliance/support.rb +3 -0
  9. data/lib/bundles/inspec-compliance/target.rb +3 -0
  10. data/lib/inspec/objects/attribute.rb +3 -0
  11. data/lib/inspec/plugin/v2.rb +3 -0
  12. data/lib/inspec/plugin/v2/filter.rb +62 -0
  13. data/lib/inspec/plugin/v2/installer.rb +21 -1
  14. data/lib/inspec/plugin/v2/loader.rb +4 -0
  15. data/lib/inspec/profile.rb +3 -1
  16. data/lib/inspec/version.rb +1 -1
  17. data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +25 -3
  18. data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +65 -11
  19. data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +5 -1
  20. data/lib/resources/package.rb +1 -1
  21. metadata +5 -253
  22. data/MAINTAINERS.toml +0 -52
  23. data/docs/.gitignore +0 -2
  24. data/docs/README.md +0 -41
  25. data/docs/dev/control-eval.md +0 -62
  26. data/docs/dev/filtertable-internals.md +0 -353
  27. data/docs/dev/filtertable-usage.md +0 -533
  28. data/docs/dev/integration-testing.md +0 -31
  29. data/docs/dev/plugins.md +0 -323
  30. data/docs/dsl_inspec.md +0 -354
  31. data/docs/dsl_resource.md +0 -100
  32. data/docs/glossary.md +0 -381
  33. data/docs/habitat.md +0 -193
  34. data/docs/inspec_and_friends.md +0 -114
  35. data/docs/matchers.md +0 -161
  36. data/docs/migration.md +0 -293
  37. data/docs/platforms.md +0 -119
  38. data/docs/plugin_kitchen_inspec.md +0 -60
  39. data/docs/plugins.md +0 -57
  40. data/docs/profiles.md +0 -576
  41. data/docs/reporters.md +0 -170
  42. data/docs/resources/aide_conf.md.erb +0 -86
  43. data/docs/resources/apache.md.erb +0 -77
  44. data/docs/resources/apache_conf.md.erb +0 -78
  45. data/docs/resources/apt.md.erb +0 -81
  46. data/docs/resources/audit_policy.md.erb +0 -57
  47. data/docs/resources/auditd.md.erb +0 -89
  48. data/docs/resources/auditd_conf.md.erb +0 -78
  49. data/docs/resources/aws_cloudtrail_trail.md.erb +0 -165
  50. data/docs/resources/aws_cloudtrail_trails.md.erb +0 -96
  51. data/docs/resources/aws_cloudwatch_alarm.md.erb +0 -101
  52. data/docs/resources/aws_cloudwatch_log_metric_filter.md.erb +0 -164
  53. data/docs/resources/aws_config_delivery_channel.md.erb +0 -111
  54. data/docs/resources/aws_config_recorder.md.erb +0 -96
  55. data/docs/resources/aws_ebs_volume.md.erb +0 -76
  56. data/docs/resources/aws_ebs_volumes.md.erb +0 -86
  57. data/docs/resources/aws_ec2_instance.md.erb +0 -122
  58. data/docs/resources/aws_ec2_instances.md.erb +0 -89
  59. data/docs/resources/aws_elb.md.erb +0 -154
  60. data/docs/resources/aws_elbs.md.erb +0 -252
  61. data/docs/resources/aws_flow_log.md.erb +0 -128
  62. data/docs/resources/aws_iam_access_key.md.erb +0 -139
  63. data/docs/resources/aws_iam_access_keys.md.erb +0 -214
  64. data/docs/resources/aws_iam_group.md.erb +0 -74
  65. data/docs/resources/aws_iam_groups.md.erb +0 -92
  66. data/docs/resources/aws_iam_password_policy.md.erb +0 -92
  67. data/docs/resources/aws_iam_policies.md.erb +0 -97
  68. data/docs/resources/aws_iam_policy.md.erb +0 -264
  69. data/docs/resources/aws_iam_role.md.erb +0 -79
  70. data/docs/resources/aws_iam_root_user.md.erb +0 -86
  71. data/docs/resources/aws_iam_user.md.erb +0 -130
  72. data/docs/resources/aws_iam_users.md.erb +0 -289
  73. data/docs/resources/aws_kms_key.md.erb +0 -187
  74. data/docs/resources/aws_kms_keys.md.erb +0 -99
  75. data/docs/resources/aws_rds_instance.md.erb +0 -76
  76. data/docs/resources/aws_route_table.md.erb +0 -63
  77. data/docs/resources/aws_route_tables.md.erb +0 -65
  78. data/docs/resources/aws_s3_bucket.md.erb +0 -156
  79. data/docs/resources/aws_s3_bucket_object.md.erb +0 -99
  80. data/docs/resources/aws_s3_buckets.md.erb +0 -69
  81. data/docs/resources/aws_security_group.md.erb +0 -323
  82. data/docs/resources/aws_security_groups.md.erb +0 -107
  83. data/docs/resources/aws_sns_subscription.md.erb +0 -140
  84. data/docs/resources/aws_sns_topic.md.erb +0 -79
  85. data/docs/resources/aws_sns_topics.md.erb +0 -68
  86. data/docs/resources/aws_subnet.md.erb +0 -150
  87. data/docs/resources/aws_subnets.md.erb +0 -142
  88. data/docs/resources/aws_vpc.md.erb +0 -135
  89. data/docs/resources/aws_vpcs.md.erb +0 -135
  90. data/docs/resources/azure_generic_resource.md.erb +0 -183
  91. data/docs/resources/azure_resource_group.md.erb +0 -294
  92. data/docs/resources/azure_virtual_machine.md.erb +0 -357
  93. data/docs/resources/azure_virtual_machine_data_disk.md.erb +0 -234
  94. data/docs/resources/bash.md.erb +0 -85
  95. data/docs/resources/bond.md.erb +0 -100
  96. data/docs/resources/bridge.md.erb +0 -67
  97. data/docs/resources/bsd_service.md.erb +0 -77
  98. data/docs/resources/chocolatey_package.md.erb +0 -68
  99. data/docs/resources/command.md.erb +0 -176
  100. data/docs/resources/cpan.md.erb +0 -89
  101. data/docs/resources/cran.md.erb +0 -74
  102. data/docs/resources/crontab.md.erb +0 -103
  103. data/docs/resources/csv.md.erb +0 -64
  104. data/docs/resources/dh_params.md.erb +0 -221
  105. data/docs/resources/directory.md.erb +0 -40
  106. data/docs/resources/docker.md.erb +0 -240
  107. data/docs/resources/docker_container.md.erb +0 -113
  108. data/docs/resources/docker_image.md.erb +0 -104
  109. data/docs/resources/docker_plugin.md.erb +0 -80
  110. data/docs/resources/docker_service.md.erb +0 -124
  111. data/docs/resources/elasticsearch.md.erb +0 -252
  112. data/docs/resources/etc_fstab.md.erb +0 -135
  113. data/docs/resources/etc_group.md.erb +0 -85
  114. data/docs/resources/etc_hosts.md.erb +0 -88
  115. data/docs/resources/etc_hosts_allow.md.erb +0 -84
  116. data/docs/resources/etc_hosts_deny.md.erb +0 -84
  117. data/docs/resources/file.md.erb +0 -543
  118. data/docs/resources/filesystem.md.erb +0 -51
  119. data/docs/resources/firewalld.md.erb +0 -117
  120. data/docs/resources/gem.md.erb +0 -108
  121. data/docs/resources/group.md.erb +0 -71
  122. data/docs/resources/grub_conf.md.erb +0 -111
  123. data/docs/resources/host.md.erb +0 -96
  124. data/docs/resources/http.md.erb +0 -207
  125. data/docs/resources/iis_app.md.erb +0 -132
  126. data/docs/resources/iis_site.md.erb +0 -145
  127. data/docs/resources/inetd_conf.md.erb +0 -104
  128. data/docs/resources/ini.md.erb +0 -86
  129. data/docs/resources/interface.md.erb +0 -68
  130. data/docs/resources/iptables.md.erb +0 -74
  131. data/docs/resources/json.md.erb +0 -73
  132. data/docs/resources/kernel_module.md.erb +0 -130
  133. data/docs/resources/kernel_parameter.md.erb +0 -63
  134. data/docs/resources/key_rsa.md.erb +0 -95
  135. data/docs/resources/launchd_service.md.erb +0 -67
  136. data/docs/resources/limits_conf.md.erb +0 -85
  137. data/docs/resources/login_defs.md.erb +0 -81
  138. data/docs/resources/mount.md.erb +0 -79
  139. data/docs/resources/mssql_session.md.erb +0 -78
  140. data/docs/resources/mysql_conf.md.erb +0 -109
  141. data/docs/resources/mysql_session.md.erb +0 -84
  142. data/docs/resources/nginx.md.erb +0 -89
  143. data/docs/resources/nginx_conf.md.erb +0 -148
  144. data/docs/resources/npm.md.erb +0 -78
  145. data/docs/resources/ntp_conf.md.erb +0 -70
  146. data/docs/resources/oneget.md.erb +0 -63
  147. data/docs/resources/oracledb_session.md.erb +0 -103
  148. data/docs/resources/os.md.erb +0 -153
  149. data/docs/resources/os_env.md.erb +0 -101
  150. data/docs/resources/package.md.erb +0 -130
  151. data/docs/resources/packages.md.erb +0 -77
  152. data/docs/resources/parse_config.md.erb +0 -113
  153. data/docs/resources/parse_config_file.md.erb +0 -148
  154. data/docs/resources/passwd.md.erb +0 -151
  155. data/docs/resources/pip.md.erb +0 -77
  156. data/docs/resources/port.md.erb +0 -147
  157. data/docs/resources/postgres_conf.md.erb +0 -89
  158. data/docs/resources/postgres_hba_conf.md.erb +0 -103
  159. data/docs/resources/postgres_ident_conf.md.erb +0 -86
  160. data/docs/resources/postgres_session.md.erb +0 -79
  161. data/docs/resources/powershell.md.erb +0 -112
  162. data/docs/resources/processes.md.erb +0 -119
  163. data/docs/resources/rabbitmq_config.md.erb +0 -51
  164. data/docs/resources/registry_key.md.erb +0 -197
  165. data/docs/resources/runit_service.md.erb +0 -67
  166. data/docs/resources/security_policy.md.erb +0 -57
  167. data/docs/resources/service.md.erb +0 -131
  168. data/docs/resources/shadow.md.erb +0 -267
  169. data/docs/resources/ssh_config.md.erb +0 -83
  170. data/docs/resources/sshd_config.md.erb +0 -93
  171. data/docs/resources/ssl.md.erb +0 -129
  172. data/docs/resources/sys_info.md.erb +0 -52
  173. data/docs/resources/systemd_service.md.erb +0 -67
  174. data/docs/resources/sysv_service.md.erb +0 -67
  175. data/docs/resources/upstart_service.md.erb +0 -67
  176. data/docs/resources/user.md.erb +0 -150
  177. data/docs/resources/users.md.erb +0 -137
  178. data/docs/resources/vbscript.md.erb +0 -65
  179. data/docs/resources/virtualization.md.erb +0 -67
  180. data/docs/resources/windows_feature.md.erb +0 -69
  181. data/docs/resources/windows_hotfix.md.erb +0 -63
  182. data/docs/resources/windows_task.md.erb +0 -95
  183. data/docs/resources/wmi.md.erb +0 -91
  184. data/docs/resources/x509_certificate.md.erb +0 -161
  185. data/docs/resources/xinetd_conf.md.erb +0 -166
  186. data/docs/resources/xml.md.erb +0 -95
  187. data/docs/resources/yaml.md.erb +0 -79
  188. data/docs/resources/yum.md.erb +0 -108
  189. data/docs/resources/zfs_dataset.md.erb +0 -63
  190. data/docs/resources/zfs_pool.md.erb +0 -57
  191. data/docs/shared/matcher_be.md.erb +0 -1
  192. data/docs/shared/matcher_cmp.md.erb +0 -43
  193. data/docs/shared/matcher_eq.md.erb +0 -3
  194. data/docs/shared/matcher_include.md.erb +0 -1
  195. data/docs/shared/matcher_match.md.erb +0 -1
  196. data/docs/shell.md +0 -217
  197. data/docs/style.md +0 -178
  198. data/examples/README.md +0 -8
  199. data/examples/custom-resource/README.md +0 -3
  200. data/examples/custom-resource/controls/example.rb +0 -7
  201. data/examples/custom-resource/inspec.yml +0 -8
  202. data/examples/custom-resource/libraries/batsignal.rb +0 -20
  203. data/examples/custom-resource/libraries/gordon.rb +0 -21
  204. data/examples/inheritance/README.md +0 -65
  205. data/examples/inheritance/controls/example.rb +0 -14
  206. data/examples/inheritance/inspec.yml +0 -16
  207. data/examples/kitchen-ansible/.kitchen.yml +0 -25
  208. data/examples/kitchen-ansible/Gemfile +0 -19
  209. data/examples/kitchen-ansible/README.md +0 -53
  210. data/examples/kitchen-ansible/files/nginx.repo +0 -6
  211. data/examples/kitchen-ansible/tasks/main.yml +0 -16
  212. data/examples/kitchen-ansible/test/integration/default/default.yml +0 -5
  213. data/examples/kitchen-ansible/test/integration/default/web_spec.rb +0 -28
  214. data/examples/kitchen-chef/.kitchen.yml +0 -20
  215. data/examples/kitchen-chef/Berksfile +0 -3
  216. data/examples/kitchen-chef/Gemfile +0 -19
  217. data/examples/kitchen-chef/README.md +0 -27
  218. data/examples/kitchen-chef/metadata.rb +0 -7
  219. data/examples/kitchen-chef/recipes/default.rb +0 -6
  220. data/examples/kitchen-chef/recipes/nginx.rb +0 -30
  221. data/examples/kitchen-chef/test/integration/default/web_spec.rb +0 -28
  222. data/examples/kitchen-puppet/.kitchen.yml +0 -23
  223. data/examples/kitchen-puppet/Gemfile +0 -20
  224. data/examples/kitchen-puppet/Puppetfile +0 -25
  225. data/examples/kitchen-puppet/README.md +0 -53
  226. data/examples/kitchen-puppet/manifests/site.pp +0 -33
  227. data/examples/kitchen-puppet/metadata.json +0 -11
  228. data/examples/kitchen-puppet/modules/.gitkeep +0 -0
  229. data/examples/kitchen-puppet/test/integration/default/web_spec.rb +0 -28
  230. data/examples/meta-profile/README.md +0 -37
  231. data/examples/meta-profile/controls/example.rb +0 -13
  232. data/examples/meta-profile/inspec.yml +0 -13
  233. data/examples/plugins/inspec-resource-lister/Gemfile +0 -12
  234. data/examples/plugins/inspec-resource-lister/LICENSE +0 -13
  235. data/examples/plugins/inspec-resource-lister/README.md +0 -62
  236. data/examples/plugins/inspec-resource-lister/Rakefile +0 -40
  237. data/examples/plugins/inspec-resource-lister/inspec-resource-lister.gemspec +0 -45
  238. data/examples/plugins/inspec-resource-lister/lib/inspec-resource-lister.rb +0 -16
  239. data/examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/cli_command.rb +0 -70
  240. data/examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/plugin.rb +0 -55
  241. data/examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/version.rb +0 -10
  242. data/examples/plugins/inspec-resource-lister/test/fixtures/README.md +0 -24
  243. data/examples/plugins/inspec-resource-lister/test/functional/README.md +0 -18
  244. data/examples/plugins/inspec-resource-lister/test/functional/inspec_resource_lister_test.rb +0 -110
  245. data/examples/plugins/inspec-resource-lister/test/helper.rb +0 -26
  246. data/examples/plugins/inspec-resource-lister/test/unit/README.md +0 -17
  247. data/examples/plugins/inspec-resource-lister/test/unit/cli_args_test.rb +0 -64
  248. data/examples/plugins/inspec-resource-lister/test/unit/plugin_def_test.rb +0 -51
  249. data/examples/profile-attribute.yml +0 -2
  250. data/examples/profile-attribute/README.md +0 -14
  251. data/examples/profile-attribute/controls/example.rb +0 -11
  252. data/examples/profile-attribute/inspec.yml +0 -8
  253. data/examples/profile-aws/controls/iam_password_policy_expiration.rb +0 -8
  254. data/examples/profile-aws/controls/iam_password_policy_max_age.rb +0 -8
  255. data/examples/profile-aws/controls/iam_root_user_mfa.rb +0 -8
  256. data/examples/profile-aws/controls/iam_users_access_key_age.rb +0 -8
  257. data/examples/profile-aws/controls/iam_users_console_users_mfa.rb +0 -8
  258. data/examples/profile-aws/inspec.yml +0 -11
  259. data/examples/profile-azure/controls/azure_resource_group_example.rb +0 -24
  260. data/examples/profile-azure/controls/azure_vm_example.rb +0 -29
  261. data/examples/profile-azure/inspec.yml +0 -11
  262. data/examples/profile-sensitive/README.md +0 -29
  263. data/examples/profile-sensitive/controls/sensitive-failures.rb +0 -9
  264. data/examples/profile-sensitive/controls/sensitive.rb +0 -9
  265. data/examples/profile-sensitive/inspec.yml +0 -8
  266. data/examples/profile/README.md +0 -48
  267. data/examples/profile/controls/example.rb +0 -24
  268. data/examples/profile/controls/gordon.rb +0 -36
  269. data/examples/profile/controls/meta.rb +0 -36
  270. data/examples/profile/inspec.yml +0 -11
  271. data/examples/profile/libraries/gordon_config.rb +0 -59
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d261f57b62c68d93b2eae0ac5638f4a629bb79957706cc69076c104cf48275a2
4
- data.tar.gz: 3e56e8f8d99b7ffccd9cd3e2987728c81515170e78d0f00edd088cda80f606ab
3
+ metadata.gz: bb147670fb50f5098fa9bedd9800c529d2e1d93a56e2b80770089f6713dd99fc
4
+ data.tar.gz: c7af0a7c8d4518f20c03ff338ac940ae4a2d70834c3b53d8951a3d16abd4a024
5
5
  SHA512:
6
- metadata.gz: 6ad6c74ff0b50cc206aa2611aa0230aeaafbbb62cdeba18044437f2d482ccf3392d07b6cb8d1b2fadb5b6634a7cb2502808cd11f1de387158b6db981f2fac8ef
7
- data.tar.gz: ee8921329a5652a91cce8a7d9720da31be2a2aae5b50af909a7f073ae1296177c8060f0ca3650eaf63b12f873fc59413e92b52c9d5221bc92cbdb3dc200018e9
6
+ metadata.gz: d47c6b4fc24e3541723e19ad6656629b82429a3b22530bcd8a1c2fe3a4dcfc876797ea41eafa6eb0f36c778a1d79e07ef6e23735b0d9a8b2fff73d16a14c5ae2
7
+ data.tar.gz: 3e996b5ac2419172aeae1d164531d38c6a2dc1564c2ae203793699fb2bf6fefff5646c6ef00e93011af3b6f1e7b43d86fb83c9655aebf9053d451ac26213d70d
data/CHANGELOG.md CHANGED
@@ -1,33 +1,54 @@
1
1
  # Change Log
2
2
  <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
3
- <!-- latest_release 2.3.10 -->
4
- ## [v2.3.10](https://github.com/inspec/inspec/tree/v2.3.10) (2018-10-04)
3
+ <!-- latest_release 2.3.23 -->
4
+ ## [v2.3.23](https://github.com/inspec/inspec/tree/v2.3.23) (2018-10-12)
5
5
 
6
- #### Enhancements
7
- - Move compliance to v2 plugin [#3423](https://github.com/inspec/inspec/pull/3423) ([jquick](https://github.com/jquick))
6
+ #### Merged Pull Requests
7
+ - Fix plugin issues on omni builds [#3499](https://github.com/inspec/inspec/pull/3499) ([jquick](https://github.com/jquick))
8
8
  <!-- latest_release -->
9
9
 
10
- <!-- release_rollup since=2.3.5 -->
11
- ### Changes since 2.3.5 release
10
+ <!-- release_rollup since=2.3.10 -->
11
+ ### Changes since 2.3.10 release
12
+
13
+ #### Enhancements
14
+ - Plugins: Filter Plugins During Search and Install [#3458](https://github.com/inspec/inspec/pull/3458) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.20 -->
12
15
 
13
16
  #### Bug Fixes
14
- - Fix distinct_exit cli desc to reflect reality [#3463](https://github.com/inspec/inspec/pull/3463) ([teknofire](https://github.com/teknofire)) <!-- 2.3.8 -->
17
+ - Backport compliance namespace and add testing for A2 audit report. [#3493](https://github.com/inspec/inspec/pull/3493) ([jquick](https://github.com/jquick)) <!-- 2.3.21 -->
18
+ - Fix error on empty attributes yaml [#3485](https://github.com/inspec/inspec/pull/3485) ([jquick](https://github.com/jquick)) <!-- 2.3.19 -->
19
+ - small fix - update to AlpinePkg Class [#3483](https://github.com/inspec/inspec/pull/3483) ([aaronlippold](https://github.com/aaronlippold)) <!-- 2.3.16 -->
15
20
 
16
21
  #### Merged Pull Requests
17
- - Fix `attribute` with empty hash regression [#3454](https://github.com/inspec/inspec/pull/3454) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.7 -->
22
+ - Fix plugin issues on omni builds [#3499](https://github.com/inspec/inspec/pull/3499) ([jquick](https://github.com/jquick)) <!-- 2.3.23 -->
23
+ - Set a static node GUID for travis runs [#3497](https://github.com/inspec/inspec/pull/3497) ([jquick](https://github.com/jquick)) <!-- 2.3.22 -->
24
+ - docs: Add version to multiple descriptions doc [#3477](https://github.com/inspec/inspec/pull/3477) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.18 -->
25
+ - Skip running appveyor on docs and examples [#3474](https://github.com/inspec/inspec/pull/3474) ([btm](https://github.com/btm)) <!-- 2.3.17 -->
26
+ - Remove &#39;demo&#39; from website. [#3475](https://github.com/inspec/inspec/pull/3475) ([miah](https://github.com/miah)) <!-- 2.3.15 -->
27
+ - Enable compression for deb/rpm packages [#3472](https://github.com/inspec/inspec/pull/3472) ([tas50](https://github.com/tas50)) <!-- 2.3.14 -->
28
+ - Fix Packages Resource Docs [#3469](https://github.com/inspec/inspec/pull/3469) ([pwelch](https://github.com/pwelch)) <!-- 2.3.13 -->
29
+ - Exclude docs and examples from the gem [#3471](https://github.com/inspec/inspec/pull/3471) ([tas50](https://github.com/tas50)) <!-- 2.3.12 -->
30
+ - Fix archive with required attributes [#3468](https://github.com/inspec/inspec/pull/3468) ([jquick](https://github.com/jquick)) <!-- 2.3.11 -->
31
+ <!-- release_rollup -->
32
+
33
+ <!-- latest_stable_release -->
34
+ ## [v2.3.10](https://github.com/inspec/inspec/tree/v2.3.10) (2018-10-04)
18
35
 
19
36
  #### Enhancements
20
- - Move compliance to v2 plugin [#3423](https://github.com/inspec/inspec/pull/3423) ([jquick](https://github.com/jquick)) <!-- 2.3.10 -->
21
- - Support finding larger processes on Busybox [#3446](https://github.com/inspec/inspec/pull/3446) ([RoboticCheese](https://github.com/RoboticCheese)) <!-- 2.3.9 -->
22
- - Modify `cmp` matcher output to use `.inspect` [#3450](https://github.com/inspec/inspec/pull/3450) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.6 -->
23
- <!-- release_rollup -->
37
+ - Modify `cmp` matcher output to use `.inspect` [#3450](https://github.com/inspec/inspec/pull/3450) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
38
+ - Support finding larger processes on Busybox [#3446](https://github.com/inspec/inspec/pull/3446) ([RoboticCheese](https://github.com/RoboticCheese))
39
+ - Move compliance to v2 plugin [#3423](https://github.com/inspec/inspec/pull/3423) ([jquick](https://github.com/jquick))
40
+
41
+ #### Bug Fixes
42
+ - Fix distinct_exit cli desc to reflect reality [#3463](https://github.com/inspec/inspec/pull/3463) ([teknofire](https://github.com/teknofire))
24
43
 
44
+ #### Merged Pull Requests
45
+ - Fix `attribute` with empty hash regression [#3454](https://github.com/inspec/inspec/pull/3454) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
25
46
  <!-- latest_stable_release -->
47
+
26
48
  ## [v2.3.5](https://github.com/inspec/inspec/tree/v2.3.5) (2018-10-01)
27
49
 
28
50
  #### Bug Fixes
29
51
  - Update plugin gem install code [#3453](https://github.com/inspec/inspec/pull/3453) ([jquick](https://github.com/jquick))
30
- <!-- latest_stable_release -->
31
52
 
32
53
  ## [v2.3.4](https://github.com/inspec/inspec/tree/v2.3.4) (2018-09-28)
33
54
 
@@ -0,0 +1,25 @@
1
+ {
2
+ "file_version": "1.0.0",
3
+ "exclude": [
4
+ {
5
+ "plugin_name": "inspec-core",
6
+ "rationale": "This gem is a stripped-down alternate packaging of InSpec. It is not a plugin."
7
+ },
8
+ {
9
+ "plugin_name": "inspec-multi-server",
10
+ "rationale": "This gem is a script that attempts to drive a parallel execution of InSpec by wrapping and forking. It is not a plugin."
11
+ },
12
+ {
13
+ "plugin_name": "train-tax-calculator",
14
+ "rationale": "This gem is a tax calculation tool for the Philippines. It has nothing to do the Chef Train remote execution framework, or the InSpec project."
15
+ },
16
+ {
17
+ "plugin_name": "inspec-plugin-example",
18
+ "rationale": "This gem is an early self-taught example of a v1 plugin. Please use inspec-resource-lister as an example for PluginV2 development."
19
+ },
20
+ {
21
+ "plugin_name": "train-core",
22
+ "rationale": "This gem is a stripped-down alternate packaging of Train. It is not a plugin."
23
+ }
24
+ ]
25
+ }
data/inspec.gemspec CHANGED
@@ -10,14 +10,14 @@ Gem::Specification.new do |spec|
10
10
  spec.email = ['dominik.richter@gmail.com']
11
11
  spec.summary = 'Infrastructure and compliance testing.'
12
12
  spec.description = 'InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.'
13
- spec.homepage = 'https://github.com/chef/inspec'
13
+ spec.homepage = 'https://github.com/inspec/inspec'
14
14
  spec.license = 'Apache-2.0'
15
15
 
16
16
  spec.files = %w{
17
- README.md Rakefile MAINTAINERS.toml MAINTAINERS.md LICENSE inspec.gemspec
17
+ README.md Rakefile MAINTAINERS.md LICENSE inspec.gemspec
18
18
  Gemfile CHANGELOG.md .rubocop.yml
19
19
  } + Dir.glob(
20
- '{bin,docs,examples,lib}/**/*', File::FNM_DOTMATCH
20
+ '{bin,lib,etc}/**/*', File::FNM_DOTMATCH
21
21
  ).reject { |f| File.directory?(f) }
22
22
 
23
23
  spec.executables = %w{inspec}
@@ -2,3 +2,6 @@
2
2
  # TODO: Remove in inspec 4.0
3
3
 
4
4
  require 'plugins/inspec-compliance/lib/inspec-compliance/api'
5
+
6
+ # Backport old namespace
7
+ Compliance = InspecPlugins::Compliance unless defined?(Compliance)
@@ -2,3 +2,6 @@
2
2
  # TODO: Remove in inspec 4.0
3
3
 
4
4
  require 'plugins/inspec-compliance/lib/inspec-compliance/configuration'
5
+
6
+ # Backport old namespace
7
+ Compliance = InspecPlugins::Compliance unless defined?(Compliance)
@@ -2,3 +2,6 @@
2
2
  # TODO: Remove in inspec 4.0
3
3
 
4
4
  require 'plugins/inspec-compliance/lib/inspec-compliance/http'
5
+
6
+ # Backport old namespace
7
+ Compliance = InspecPlugins::Compliance unless defined?(Compliance)
@@ -2,3 +2,6 @@
2
2
  # TODO: Remove in inspec 4.0
3
3
 
4
4
  require 'plugins/inspec-compliance/lib/inspec-compliance/support'
5
+
6
+ # Backport old namespace
7
+ Compliance = InspecPlugins::Compliance unless defined?(Compliance)
@@ -2,3 +2,6 @@
2
2
  # TODO: Remove in inspec 4.0
3
3
 
4
4
  require 'plugins/inspec-compliance/lib/inspec-compliance/target'
5
+
6
+ # Backport old namespace
7
+ Compliance = InspecPlugins::Compliance unless defined?(Compliance)
@@ -89,6 +89,9 @@ module Inspec
89
89
  private
90
90
 
91
91
  def validate_required(value)
92
+ # skip if we are not doing an exec call (archive/vendor/check)
93
+ return unless Inspec::BaseCLI.inspec_cli_command == :exec
94
+
92
95
  # value will be set already if a secrets file was passed in
93
96
  if (!@opts.key?(:default) && value.nil?) || (@opts[:default].nil? && value.nil?)
94
97
  error = Inspec::Attribute::RequiredError.new
@@ -11,6 +11,9 @@ module Inspec
11
11
  attr_accessor :version
12
12
  end
13
13
  class InstallError < Inspec::Plugin::V2::GemActionError; end
14
+ class PluginExcludedError < Inspec::Plugin::V2::InstallError
15
+ attr_accessor :details
16
+ end
14
17
  class UpdateError < Inspec::Plugin::V2::GemActionError
15
18
  attr_accessor :from_version, :to_version
16
19
  end
@@ -0,0 +1,62 @@
1
+ require 'singleton'
2
+ require 'json'
3
+ require 'inspec/globals'
4
+
5
+ module Inspec::Plugin::V2
6
+ Exclusion = Struct.new(:plugin_name, :rationale)
7
+
8
+ class PluginFilter
9
+ include Singleton
10
+ def initialize
11
+ read_filter_data
12
+ end
13
+
14
+ def self.exclude?(plugin_name)
15
+ instance.exclude?(plugin_name)
16
+ end
17
+
18
+ def exclude?(plugin_name)
19
+ # Currently, logic is very simple: is there an exact match?
20
+ # In the future, we might add regexes on names, or exclude version ranges
21
+ return false unless @filter_data[:exclude].detect { |e| e.plugin_name == plugin_name }
22
+
23
+ # OK, return entire data structure.
24
+ @filter_data[:exclude].detect { |e| e.plugin_name == plugin_name }
25
+ end
26
+
27
+ private
28
+
29
+ def read_filter_data
30
+ path = File.join(Inspec.src_root, 'etc', 'plugin_filters.json')
31
+ @filter_data = JSON.parse(File.read(path))
32
+
33
+ unless @filter_data['file_version'] == '1.0.0'
34
+ raise Inspec::Plugin::V2::ConfigError, "Unknown plugin fillter file format at #{path}"
35
+ end
36
+
37
+ validate_plugin_filter_file('1.0.0')
38
+
39
+ @filter_data[:exclude] = @filter_data['exclude'].map do |entry|
40
+ Exclusion.new(entry['plugin_name'], entry['rationale'])
41
+ end
42
+ @filter_data.delete('exclude')
43
+ end
44
+
45
+ def validate_plugin_filter_file(_file_version)
46
+ unless @filter_data.key?('exclude') && @filter_data['exclude'].is_a?(Array)
47
+ raise Inspec::Plugin::V2::ConfigError, 'Unknown plugin fillter file format: expected "exclude" to be an array'
48
+ end
49
+ @filter_data['exclude'].each_with_index do |entry, idx|
50
+ unless entry.is_a? Hash
51
+ raise Inspec::Plugin::V2::ConfigError, "Unknown plugin fillter file format: expected entry #{idx} to be a Hash / JS Object"
52
+ end
53
+ unless entry.key?('plugin_name')
54
+ raise Inspec::Plugin::V2::ConfigError, "Unknown plugin fillter file format: expected entry #{idx} to have a \"plugin_name\" field"
55
+ end
56
+ unless entry.key?('rationale')
57
+ raise Inspec::Plugin::V2::ConfigError, "Unknown plugin fillter file format: expected entry #{idx} to have a \"rationale\" field"
58
+ end
59
+ end
60
+ end
61
+ end
62
+ end
@@ -9,6 +9,8 @@ require 'rubygems/package'
9
9
  require 'rubygems/name_tuple'
10
10
  require 'rubygems/uninstaller'
11
11
 
12
+ require 'inspec/plugin/v2/filter'
13
+
12
14
  module Inspec::Plugin::V2
13
15
  # Handles all actions modifying the user's plugin set:
14
16
  # * Modifying the plugins.json file
@@ -127,7 +129,7 @@ module Inspec::Plugin::V2
127
129
  else
128
130
  regex = Regexp.new('^' + plugin_query + '.*')
129
131
  matched_tuples = fetcher.detect(opts[:scope]) do |tuple|
130
- tuple.name != 'inspec-core' && tuple.name =~ regex
132
+ tuple.name =~ regex && !Inspec::Plugin::V2::PluginFilter.exclude?(tuple.name)
131
133
  end
132
134
  end
133
135
 
@@ -193,6 +195,13 @@ module Inspec::Plugin::V2
193
195
  raise InstallError, "#{plugin_name} is already installed. Use 'inspec plugin update' to change version."
194
196
  end
195
197
  end
198
+
199
+ reason = Inspec::Plugin::V2::PluginFilter.exclude?(plugin_name)
200
+ if reason
201
+ ex = PluginExcludedError.new("Refusing to install #{plugin_name}. It is on the Plugin Exclusion List. Rationale: #{reason.rationale}")
202
+ ex.details = reason
203
+ raise ex
204
+ end
196
205
  end
197
206
  # rubocop: enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/AbcSize
198
207
 
@@ -386,10 +395,21 @@ module Inspec::Plugin::V2
386
395
  class InstalledVendorSet < Gem::Resolver::VendorSet
387
396
  def initialize
388
397
  super
398
+
389
399
  Gem::Specification.find_all do |spec|
390
400
  @specs[spec.name] = spec
391
401
  @directories[spec] = spec.gem_dir
392
402
  end
403
+
404
+ if !defined?(::Bundler)
405
+ directories = Gem::Specification.dirs.find_all do |path|
406
+ !path.start_with?(Gem.user_dir)
407
+ end
408
+ Gem::Specification.each_spec(directories) do |spec|
409
+ @specs[spec.name] = spec
410
+ @directories[spec] = spec.gem_dir
411
+ end
412
+ end
393
413
  end
394
414
  end
395
415
 
@@ -31,6 +31,10 @@ module Inspec::Plugin::V2
31
31
  end
32
32
 
33
33
  def load_all
34
+ # This fixes the gem paths on some bundles
35
+ Gem.path << plugin_gem_path
36
+ Gem.refresh
37
+
34
38
  # Be careful not to actually iterate directly over the registry here;
35
39
  # we want to allow "sidecar loading", in which case a plugin may add an entry to the registry.
36
40
  registry.plugin_names.dup.each do |plugin_name|
@@ -126,12 +126,14 @@ module Inspec
126
126
  end
127
127
 
128
128
  def register_metadata_attributes
129
- if metadata.params.key?(:attributes)
129
+ if metadata.params.key?(:attributes) && metadata.params[:attributes].is_a?(Array)
130
130
  metadata.params[:attributes].each do |attribute|
131
131
  attr_dup = attribute.dup
132
132
  name = attr_dup.delete(:name)
133
133
  @runner_context.register_attribute(name, attr_dup)
134
134
  end
135
+ elsif metadata.params.key?(:attributes)
136
+ Inspec::Log.warn 'Attributes must be defined as an Array. Skipping current definition.'
135
137
  end
136
138
  end
137
139
 
@@ -4,5 +4,5 @@
4
4
  # author: Christoph Hartmann
5
5
 
6
6
  module Inspec
7
- VERSION = '2.3.10'
7
+ VERSION = '2.3.23'
8
8
  end
@@ -1,5 +1,6 @@
1
1
  require 'term/ansicolor'
2
2
  require 'pathname'
3
+ require 'inspec/plugin/v2'
3
4
  require 'inspec/plugin/v2/installer'
4
5
 
5
6
  module InspecPlugins
@@ -35,16 +36,30 @@ module InspecPlugins
35
36
  # inspec plugin search
36
37
  #==================================================================#
37
38
 
38
- desc 'search [options] PATTERN', 'Searches rubygems.org for InSpec plugins. Exits 0 on a search hit, exits 2 on a search miss.'
39
+ desc 'search [options] PATTERN', 'Searches rubygems.org for plugins.'
40
+ long_desc <<~EOLD
41
+ Searches rubygems.org for InSpec plugins. Exits 0 on a search hit, 1 on user error,
42
+ 2 on a search miss. PATTERN is a simple string; a wildcard will be added as
43
+ a suffix, unless -e is used.
44
+ EOLD
39
45
  option :all, desc: 'List all available versions, not just the latest one.', type: :boolean, aliases: [:a]
40
46
  option :exact, desc: 'Assume PATTERN is exact; do not add a wildcard to the end', type: :boolean, aliases: [:e]
47
+ option :'include-test-fixture', type: :boolean, desc: 'Internal use', hide: true
41
48
  # Justification for disabling ABC: currently at 33.51/33
42
49
  def search(search_term) # rubocop: disable Metrics/AbcSize
43
50
  search_results = installer.search(search_term, exact: options[:exact])
51
+ # The search results have already been filtered by the reject list. But the
52
+ # RejectList doesn't filter {inspec, train}-test-fixture because we need those
53
+ # for testing. We want to hide those from users, so unless we know we're in
54
+ # test mode, remove them.
55
+ unless options[:'include-test-fixture']
56
+ search_results.delete('inspec-test-fixture')
57
+ search_results.delete('train-test-fixture')
58
+ end
44
59
 
45
60
  # TODO: ui object support
46
61
  puts
47
- puts(bold { format(' %-30s%-50s%', 'Plugin Name', 'Versions Available') })
62
+ puts(bold { format(' %-30s%-50s', 'Plugin Name', 'Versions Available') })
48
63
  puts '-' * 55
49
64
  search_results.keys.sort.each do |plugin_name|
50
65
  versions = options[:all] ? search_results[plugin_name] : [search_results[plugin_name].first]
@@ -342,8 +357,15 @@ module InspecPlugins
342
357
  exit 2
343
358
  end
344
359
 
345
- def install_attempt_install(plugin_name)
360
+ # Rationale for RuboCop variance: This is a one-line method with heavy UX-focused error handling.
361
+ def install_attempt_install(plugin_name) # rubocop: disable Metrics/AbcSize
346
362
  installer.install(plugin_name, version: options[:version])
363
+ rescue Inspec::Plugin::V2::PluginExcludedError => ex
364
+ puts(red { 'Plugin on Exclusion List' } + " - #{plugin_name} is listed as an incompatible gem - refusing to install.")
365
+ puts "Rationale: #{ex.details.rationale}"
366
+ puts 'Exclusion list location: ' + File.join(Inspec.src_root, 'etc', 'plugin_filters.json')
367
+ puts 'If you disagree with this determination, please accept our apologies for the misunderstanding, and open an issue at https://github.com/inspec/inspec/issues/new'
368
+ exit 2
347
369
  rescue Inspec::Plugin::V2::InstallError
348
370
  results = installer.search(plugin_name, exact: true)
349
371
  if results.empty?
@@ -143,8 +143,14 @@ class PluginManagerCliSearch < MiniTest::Test
143
143
  include CorePluginFunctionalHelper
144
144
  include PluginManagerHelpers
145
145
 
146
+ # TODO: Thor can't hide options, but we wish it could.
147
+ # def test_search_include_fixture_hidden_option
148
+ # result = run_inspec_process_with_this_plugin('plugin help search')
149
+ # refute_includes result.stdout, '--include-test-fixture'
150
+ # end
151
+
146
152
  def test_search_for_a_real_gem_with_full_name_no_options
147
- result = run_inspec_process('plugin search inspec-test-fixture')
153
+ result = run_inspec_process('plugin search --include-test-fixture inspec-test-fixture')
148
154
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
149
155
  assert_includes result.stdout, 'inspec-test-fixture', 'Search result should contain the gem name'
150
156
  assert_includes result.stdout, '1 plugin(s) found', 'Search result should find 1 plugin'
@@ -153,7 +159,7 @@ class PluginManagerCliSearch < MiniTest::Test
153
159
  end
154
160
 
155
161
  def test_search_for_a_real_gem_with_stub_name_no_options
156
- result = run_inspec_process('plugin search inspec-test-')
162
+ result = run_inspec_process('plugin search --include-test-fixture inspec-test-')
157
163
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
158
164
  assert_includes result.stdout, 'inspec-test-fixture', 'Search result should contain the gem name'
159
165
  assert_includes result.stdout, '1 plugin(s) found', 'Search result should find 1 plugin'
@@ -163,26 +169,26 @@ class PluginManagerCliSearch < MiniTest::Test
163
169
  end
164
170
 
165
171
  def test_search_for_a_real_gem_with_full_name_and_exact_option
166
- result = run_inspec_process('plugin search --exact inspec-test-fixture')
172
+ result = run_inspec_process('plugin search --exact --include-test-fixture inspec-test-fixture')
167
173
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
168
174
  assert_includes result.stdout, 'inspec-test-fixture', 'Search result should contain the gem name'
169
175
  assert_includes result.stdout, '1 plugin(s) found', 'Search result should find 1 plugin'
170
176
 
171
- result = run_inspec_process('plugin search -e inspec-test-fixture')
177
+ result = run_inspec_process('plugin search -e --include-test-fixture inspec-test-fixture')
172
178
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
173
179
  end
174
180
 
175
181
  def test_search_for_a_real_gem_with_stub_name_and_exact_option
176
- result = run_inspec_process('plugin search --exact inspec-test-')
182
+ result = run_inspec_process('plugin search --exact --include-test-fixture inspec-test-')
177
183
  assert_equal 2, result.exit_status, 'Search should exit 2 on a miss'
178
184
  assert_includes result.stdout, '0 plugin(s) found', 'Search result should find 0 plugins'
179
185
 
180
- result = run_inspec_process('plugin search -e inspec-test-')
186
+ result = run_inspec_process('plugin search -e --include-test-fixture inspec-test-')
181
187
  assert_equal 2, result.exit_status, 'Search should exit 2 on a miss'
182
188
  end
183
189
 
184
190
  def test_search_for_a_real_gem_with_full_name_and_all_option
185
- result = run_inspec_process('plugin search --all inspec-test-fixture')
191
+ result = run_inspec_process('plugin search --all --include-test-fixture inspec-test-fixture')
186
192
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
187
193
  assert_includes result.stdout, 'inspec-test-fixture', 'Search result should contain the gem name'
188
194
  assert_includes result.stdout, '1 plugin(s) found', 'Search result should find 1 plugin'
@@ -190,24 +196,24 @@ class PluginManagerCliSearch < MiniTest::Test
190
196
  line = result.stdout.split("\n").grep(/inspec-test-fixture/).first
191
197
  assert_match(/\s*inspec-test-fixture\s+\((\d+\.\d+\.\d+(,\s)?){2,}\)/,line,'Plugin line should include name and at least two versions')
192
198
 
193
- result = run_inspec_process('plugin search -a inspec-test-fixture')
199
+ result = run_inspec_process('plugin search -a --include-test-fixture inspec-test-fixture')
194
200
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
195
201
  end
196
202
 
197
203
  def test_search_for_a_gem_with_missing_prefix
198
- result = run_inspec_process('plugin search test-fixture')
204
+ result = run_inspec_process('plugin search --include-test-fixture test-fixture')
199
205
  assert_equal 1, result.exit_status, 'Search should exit 1 on user error'
200
206
  assert_includes result.stdout, "All inspec plugins must begin with either 'inspec-' or 'train-'"
201
207
  end
202
208
 
203
209
  def test_search_for_a_gem_that_does_not_exist
204
- result = run_inspec_process('plugin search inspec-test-fixture-nonesuch')
210
+ result = run_inspec_process('plugin search --include-test-fixture inspec-test-fixture-nonesuch')
205
211
  assert_equal 2, result.exit_status, 'Search should exit 2 on a miss'
206
212
  assert_includes result.stdout, '0 plugin(s) found', 'Search result should find 0 plugins'
207
213
  end
208
214
 
209
215
  def test_search_for_a_real_gem_with_full_name_no_options_and_train_name
210
- result = run_inspec_process('plugin search train-test-fixture')
216
+ result = run_inspec_process('plugin search --include-test-fixture train-test-fixture')
211
217
  assert_equal 0, result.exit_status, 'Search should exit 0 on a hit'
212
218
  assert_includes result.stdout, 'train-test-fixture', 'Search result should contain the gem name'
213
219
  assert_includes result.stdout, '1 plugin(s) found', 'Search result should find 1 plugin'
@@ -215,6 +221,28 @@ class PluginManagerCliSearch < MiniTest::Test
215
221
  assert_match(/\s*train-test-fixture\s+\((\d+\.\d+\.\d+){1}\)/,line,'Plugin line should include name and exactly one version')
216
222
  end
217
223
 
224
+ def test_search_omit_excluded_inspec_plugins
225
+ result = run_inspec_process('plugin search --include-test-fixture inspec-')
226
+ assert_equal 0, result.exit_status, 'Search should exit 0'
227
+ assert_includes result.stdout, 'inspec-test-fixture', 'Search result should contain the test gem'
228
+ [
229
+ 'inspec-core',
230
+ 'inspec-multi-server',
231
+ ].each do |plugin_name|
232
+ refute_includes result.stdout, plugin_name, 'Search result should not contain excluded gems'
233
+ end
234
+ end
235
+ def test_search_for_a_real_gem_with_full_name_no_options_filter_fixtures
236
+ result = run_inspec_process('plugin search inspec-test-fixture')
237
+ refute_includes result.stdout, 'inspec-test-fixture', 'Search result should not contain the fixture gem name'
238
+ end
239
+
240
+ def test_search_for_a_real_gem_with_full_name_no_options_filter_fixtures_train
241
+ result = run_inspec_process('plugin search train-test-fixture')
242
+ refute_includes result.stdout, 'train-test-fixture', 'Search result should not contain the fixture gem name'
243
+ end
244
+
245
+
218
246
  end
219
247
 
220
248
  #-----------------------------------------------------------------------------------------#
@@ -513,6 +541,32 @@ class PluginManagerCliInstall < MiniTest::Test
513
541
  refute_nil itf_line, 'train-test-fixture should now appear in the output of inspec list'
514
542
  assert_match(/\s*train-test-fixture\s+0.1.0\s+gem\s+/, itf_line, 'list output should show that it is a gem installation with version')
515
543
  end
544
+
545
+ def test_refuse_install_when_plugin_on_exclusion_list
546
+
547
+ # Here, 'inspec-core', 'inspec-multi-server', and 'train-tax-collector'
548
+ # are the names of real rubygems. They are not InSpec/Train plugins, though,
549
+ # and installing them would be a jam-up.
550
+ # This is configured in 'etc/plugin-filter.json'.
551
+ [
552
+ 'inspec-core',
553
+ 'inspec-multi-server',
554
+ 'train-tax-calculator',
555
+ ].each do |plugin_name|
556
+ install_result = run_inspec_process_with_this_plugin("plugin install #{plugin_name}")
557
+ assert_empty install_result.stderr
558
+ assert_equal 2, install_result.exit_status, 'Exit status should be 2'
559
+
560
+ refusal_message = install_result.stdout
561
+ refute_nil refusal_message, 'Should find a failure message at the end'
562
+ assert_includes refusal_message, plugin_name
563
+ assert_includes refusal_message, 'Plugin on Exclusion List'
564
+ assert_includes refusal_message, 'refusing to install'
565
+ assert_includes refusal_message, 'Rationale:'
566
+ assert_includes refusal_message, 'etc/plugin_filters.json'
567
+ assert_includes refusal_message, 'github.com/inspec/inspec/issues/new'
568
+ end
569
+ end
516
570
  end
517
571
 
518
572