inspec 2.3.24 → 2.3.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -9
- data/Gemfile +0 -1
- data/README.md +1 -1
- data/inspec.gemspec +1 -1
- data/lib/bundles/inspec-supermarket/cli.rb +1 -1
- data/lib/inspec/cli.rb +1 -1
- data/lib/inspec/objects/attribute.rb +10 -4
- data/lib/inspec/secrets/yaml.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +2 -2
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +3 -3
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +1 -1
- data/lib/resources/aws/aws_iam_user.rb +1 -1
- data/lib/resources/azure/azure_generic_resource.rb +1 -1
- data/lib/resources/azure/azure_resource_group.rb +1 -1
- data/lib/resources/azure/azure_virtual_machine.rb +4 -4
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +1 -1
- data/lib/resources/chocolatey_package.rb +1 -1
- metadata +8 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8742ade52e04413d98857dbe243589448629c3db92d285cb943b8af4b70e6e88
|
|
4
|
+
data.tar.gz: f04e1dac3d71463472bfbf68069838b0bbd02527412f3a184dd9f2b8d52f8975
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51d424a89a76c6cef322ff7f58747d1e7e75495bb160510436f0a02baa28f257ece67e844a4129de29cef11a2882b19248475215e9c4ac72974708728115748b
|
|
7
|
+
data.tar.gz: 891b0c14bfc29becb71add1adc968f0d23c6e397da0cd105ed7fe8550001c10987f3b1962732b61c83b09af006a8519406285371fe207d143142e7c674dd5afa
|
data/CHANGELOG.md
CHANGED
|
@@ -1,20 +1,29 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
<!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
|
|
3
|
-
<!-- latest_release 2.3.
|
|
4
|
-
## [v2.3.
|
|
3
|
+
<!-- latest_release 2.3.28 -->
|
|
4
|
+
## [v2.3.28](https://github.com/inspec/inspec/tree/v2.3.28) (2019-02-08)
|
|
5
5
|
|
|
6
|
-
####
|
|
7
|
-
-
|
|
6
|
+
#### Merged Pull Requests
|
|
7
|
+
- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
|
8
8
|
<!-- latest_release -->
|
|
9
9
|
|
|
10
|
-
<!-- release_rollup since=2.3.
|
|
11
|
-
### Changes since 2.3.
|
|
10
|
+
<!-- release_rollup since=2.3.24 -->
|
|
11
|
+
### Changes since 2.3.24 release
|
|
12
12
|
|
|
13
|
-
####
|
|
14
|
-
-
|
|
13
|
+
#### Merged Pull Requests
|
|
14
|
+
- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.28 -->
|
|
15
|
+
- Update copyright for 2.x branch [#3794](https://github.com/inspec/inspec/pull/3794) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.27 -->
|
|
16
|
+
- Update the text on the generic default attribute [#3508](https://github.com/inspec/inspec/pull/3508) ([jquick](https://github.com/jquick)) <!-- 2.3.26 -->
|
|
17
|
+
- Change `Inspec ` to `InSpec ` where appropriate [#3494](https://github.com/inspec/inspec/pull/3494) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.25 -->
|
|
15
18
|
<!-- release_rollup -->
|
|
16
19
|
|
|
17
20
|
<!-- latest_stable_release -->
|
|
21
|
+
## [v2.3.24](https://github.com/inspec/inspec/tree/v2.3.24) (2018-10-12)
|
|
22
|
+
|
|
23
|
+
#### Bug Fixes
|
|
24
|
+
- Fix plugin install issues in different ruby envs [#3505](https://github.com/inspec/inspec/pull/3505) ([jquick](https://github.com/jquick))
|
|
25
|
+
<!-- latest_stable_release -->
|
|
26
|
+
|
|
18
27
|
## [v2.3.23](https://github.com/inspec/inspec/tree/v2.3.23) (2018-10-12)
|
|
19
28
|
|
|
20
29
|
#### Enhancements
|
|
@@ -35,7 +44,6 @@
|
|
|
35
44
|
- docs: Add version to multiple descriptions doc [#3477](https://github.com/inspec/inspec/pull/3477) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
|
36
45
|
- Set a static node GUID for travis runs [#3497](https://github.com/inspec/inspec/pull/3497) ([jquick](https://github.com/jquick))
|
|
37
46
|
- Fix plugin issues on omni builds [#3499](https://github.com/inspec/inspec/pull/3499) ([jquick](https://github.com/jquick))
|
|
38
|
-
<!-- latest_stable_release -->
|
|
39
47
|
|
|
40
48
|
## [v2.3.10](https://github.com/inspec/inspec/tree/v2.3.10) (2018-10-04)
|
|
41
49
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -439,7 +439,7 @@ Please see [TESTING_AGAINST_AZURE.md](./test/integration/aws/TESTING_AGAINST_AZU
|
|
|
439
439
|
| **Author:** | Dominik Richter (<drichter@chef.io>) |
|
|
440
440
|
| **Author:** | Christoph Hartmann (<chartmann@chef.io>) |
|
|
441
441
|
| **Copyright:** | Copyright (c) 2015 Vulcano Security GmbH. |
|
|
442
|
-
| **Copyright:** | Copyright (c)
|
|
442
|
+
| **Copyright:** | Copyright (c) 2019 Chef Software Inc. |
|
|
443
443
|
| **License:** | Apache License, Version 2.0 |
|
|
444
444
|
|
|
445
445
|
Licensed under the Apache License, Version 2.0 (the "License");
|
data/inspec.gemspec
CHANGED
|
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
|
|
|
26
26
|
|
|
27
27
|
spec.required_ruby_version = '>= 2.3'
|
|
28
28
|
|
|
29
|
-
spec.add_dependency 'train', '~> 1.5'
|
|
29
|
+
spec.add_dependency 'train', '~> 1.5', '= 1.7.1'
|
|
30
30
|
spec.add_dependency 'thor', '~> 0.20'
|
|
31
31
|
spec.add_dependency 'json', '>= 1.8', '< 3.0'
|
|
32
32
|
spec.add_dependency 'method_source', '~> 0.8'
|
|
@@ -69,6 +69,6 @@ module Supermarket
|
|
|
69
69
|
end
|
|
70
70
|
end
|
|
71
71
|
|
|
72
|
-
# register the subcommand to
|
|
72
|
+
# register the subcommand to InSpec CLI registry
|
|
73
73
|
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, 'supermarket', 'supermarket SUBCOMMAND ...', 'Supermarket commands', {})
|
|
74
74
|
end
|
data/lib/inspec/cli.rb
CHANGED
|
@@ -305,7 +305,7 @@ begin
|
|
|
305
305
|
ctl = Inspec::PluginCtl.new
|
|
306
306
|
ctl.list.each { |x| ctl.load(x) }
|
|
307
307
|
|
|
308
|
-
# load v1 CLI plugins before the
|
|
308
|
+
# load v1 CLI plugins before the InSpec CLI has been started
|
|
309
309
|
Inspec::Plugins::CLI.subcommands.each { |_subcommand, params|
|
|
310
310
|
Inspec::InspecCLI.register(
|
|
311
311
|
params[:klass],
|
|
@@ -17,20 +17,26 @@ module Inspec
|
|
|
17
17
|
DEFAULT_ATTRIBUTE = Class.new do
|
|
18
18
|
def initialize(name)
|
|
19
19
|
@name = name
|
|
20
|
-
end
|
|
21
20
|
|
|
22
|
-
|
|
21
|
+
# output warn message if we are in a exec call
|
|
23
22
|
Inspec::Log.warn(
|
|
24
|
-
"
|
|
23
|
+
"Attribute '#{@name}' does not have a value. "\
|
|
25
24
|
"Use --attrs to provide a value for '#{@name}' or specify a default "\
|
|
26
25
|
"value with `attribute('#{@name}', default: 'somedefault', ...)`.",
|
|
27
|
-
)
|
|
26
|
+
) if Inspec::BaseCLI.inspec_cli_command == :exec
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def method_missing(*_)
|
|
28
30
|
self
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def respond_to_missing?(_, _)
|
|
32
34
|
true
|
|
33
35
|
end
|
|
36
|
+
|
|
37
|
+
def to_s
|
|
38
|
+
"Attribute '#{@name}' does not have a value. Skipping test."
|
|
39
|
+
end
|
|
34
40
|
end
|
|
35
41
|
|
|
36
42
|
def initialize(name, options = {})
|
data/lib/inspec/secrets/yaml.rb
CHANGED
data/lib/inspec/version.rb
CHANGED
|
@@ -87,7 +87,7 @@ module InspecPlugins
|
|
|
87
87
|
p = Pathname.new(path_to_profile)
|
|
88
88
|
p = p.join('inspec.yml')
|
|
89
89
|
if not p.exist?
|
|
90
|
-
raise "#{path_to_profile} doesn't appear to be a valid
|
|
90
|
+
raise "#{path_to_profile} doesn't appear to be a valid InSpec profile"
|
|
91
91
|
end
|
|
92
92
|
yaml = YAML.load_file(p.to_s)
|
|
93
93
|
yaml = yaml.to_hash
|
|
@@ -101,7 +101,7 @@ module InspecPlugins
|
|
|
101
101
|
end
|
|
102
102
|
rescue => e
|
|
103
103
|
# rewrap it and pass it up to the CLI
|
|
104
|
-
raise "Error reading
|
|
104
|
+
raise "Error reading InSpec profile metadata: #{e}"
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
yaml
|
|
@@ -12,7 +12,7 @@ require_relative 'base'
|
|
|
12
12
|
#
|
|
13
13
|
#
|
|
14
14
|
# .IAF file format
|
|
15
|
-
# .iaf = "
|
|
15
|
+
# .iaf = "InSpec Artifact File", easy to rename if you'd like something more appropriate.
|
|
16
16
|
# The iaf file wraps a binary artifact with some metadata. The first implementation
|
|
17
17
|
# looks like this:
|
|
18
18
|
#
|
|
@@ -62,8 +62,8 @@ require_relative 'base'
|
|
|
62
62
|
# private keys. We should establish a common key directory (similar to /hab/cache/keys
|
|
63
63
|
# or ~/.hab/cache/keys in Habitat).
|
|
64
64
|
#
|
|
65
|
-
# Extracting artifacts outside of
|
|
66
|
-
# As in Habitat, the artifact format for
|
|
65
|
+
# Extracting artifacts outside of InSpec
|
|
66
|
+
# As in Habitat, the artifact format for InSpec allows the use of common
|
|
67
67
|
# Unix tools to read the header and body of an artifact.
|
|
68
68
|
# To extract the header from a .iaf:
|
|
69
69
|
# sed '/^$/q' foo.iaf
|
|
@@ -260,7 +260,7 @@ module InspecPlugins
|
|
|
260
260
|
end
|
|
261
261
|
end
|
|
262
262
|
|
|
263
|
-
# register the subcommand to
|
|
263
|
+
# register the subcommand to InSpec CLI registry
|
|
264
264
|
# Inspec::Plugins::CLI.add_subcommand(InspecPlugins::ComplianceCLI, 'compliance', 'compliance SUBCOMMAND ...', 'Chef InspecPlugins::Compliance commands', {})
|
|
265
265
|
end
|
|
266
266
|
end
|
|
@@ -97,7 +97,7 @@ class AwsIamUser < Inspec.resource(1)
|
|
|
97
97
|
mfa_info = backend.list_mfa_devices(user_name: username)
|
|
98
98
|
@has_mfa_enabled = !mfa_info.mfa_devices.empty?
|
|
99
99
|
|
|
100
|
-
# TODO: consider returning
|
|
100
|
+
# TODO: consider returning InSpec AwsIamAccessKey objects
|
|
101
101
|
@access_keys = backend.list_access_keys(user_name: username).access_key_metadata
|
|
102
102
|
# If the above call fails, we get nil here; but we promise access_keys will be an array.
|
|
103
103
|
@access_keys ||= []
|
|
@@ -7,7 +7,7 @@ module Inspec::Resources
|
|
|
7
7
|
name 'azure_virtual_machine'
|
|
8
8
|
|
|
9
9
|
desc '
|
|
10
|
-
|
|
10
|
+
InSpec Resource to test Azure Virtual Machines
|
|
11
11
|
'
|
|
12
12
|
|
|
13
13
|
supports platform: 'azure'
|
|
@@ -122,7 +122,7 @@ module Inspec::Resources
|
|
|
122
122
|
#
|
|
123
123
|
# This allows the use of
|
|
124
124
|
# it { should have_password_authentication }
|
|
125
|
-
# within the
|
|
125
|
+
# within the InSpec profile
|
|
126
126
|
#
|
|
127
127
|
# @return boolean
|
|
128
128
|
def has_password_authentication?
|
|
@@ -146,7 +146,7 @@ module Inspec::Resources
|
|
|
146
146
|
#
|
|
147
147
|
# This allows the use of
|
|
148
148
|
# it { should have_custom_data }
|
|
149
|
-
# within the
|
|
149
|
+
# within the InSpec Profile
|
|
150
150
|
#
|
|
151
151
|
# @return boolean
|
|
152
152
|
def has_custom_data?
|
|
@@ -168,7 +168,7 @@ module Inspec::Resources
|
|
|
168
168
|
#
|
|
169
169
|
# This allows the use of
|
|
170
170
|
# it { should have_ssh_keys }
|
|
171
|
-
# within the
|
|
171
|
+
# within the InSpec Profile
|
|
172
172
|
#
|
|
173
173
|
# @return boolean
|
|
174
174
|
def has_ssh_keys?
|
|
@@ -8,7 +8,7 @@ module Inspec::Resources
|
|
|
8
8
|
name 'azure_virtual_machine_data_disk'
|
|
9
9
|
|
|
10
10
|
desc '
|
|
11
|
-
|
|
11
|
+
InSpec Resource to ensure that the data disks attached to a machine are correct
|
|
12
12
|
'
|
|
13
13
|
|
|
14
14
|
supports platform: 'azure'
|
|
@@ -6,7 +6,7 @@ module Inspec::Resources
|
|
|
6
6
|
class ChocoPkg < Inspec.resource(1)
|
|
7
7
|
name 'chocolatey_package'
|
|
8
8
|
supports platform: 'windows'
|
|
9
|
-
desc 'Use the chocolatey_package
|
|
9
|
+
desc 'Use the chocolatey_package InSpec audit resource to test if the named package and/or package version is installed on the system.'
|
|
10
10
|
example <<-EOH
|
|
11
11
|
describe chocolatey_package('git') do
|
|
12
12
|
it { should be_installed }
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.28
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dominik Richter
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-02-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: train
|
|
@@ -17,6 +17,9 @@ dependencies:
|
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: '1.5'
|
|
20
|
+
- - '='
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: 1.7.1
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -24,6 +27,9 @@ dependencies:
|
|
|
24
27
|
- - "~>"
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
29
|
version: '1.5'
|
|
30
|
+
- - '='
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: 1.7.1
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: thor
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|