inspec 2.3.24 → 2.3.28
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -9
- data/Gemfile +0 -1
- data/README.md +1 -1
- data/inspec.gemspec +1 -1
- data/lib/bundles/inspec-supermarket/cli.rb +1 -1
- data/lib/inspec/cli.rb +1 -1
- data/lib/inspec/objects/attribute.rb +10 -4
- data/lib/inspec/secrets/yaml.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +2 -2
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +3 -3
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +1 -1
- data/lib/resources/aws/aws_iam_user.rb +1 -1
- data/lib/resources/azure/azure_generic_resource.rb +1 -1
- data/lib/resources/azure/azure_resource_group.rb +1 -1
- data/lib/resources/azure/azure_virtual_machine.rb +4 -4
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +1 -1
- data/lib/resources/chocolatey_package.rb +1 -1
- metadata +8 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8742ade52e04413d98857dbe243589448629c3db92d285cb943b8af4b70e6e88
|
4
|
+
data.tar.gz: f04e1dac3d71463472bfbf68069838b0bbd02527412f3a184dd9f2b8d52f8975
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 51d424a89a76c6cef322ff7f58747d1e7e75495bb160510436f0a02baa28f257ece67e844a4129de29cef11a2882b19248475215e9c4ac72974708728115748b
|
7
|
+
data.tar.gz: 891b0c14bfc29becb71add1adc968f0d23c6e397da0cd105ed7fe8550001c10987f3b1962732b61c83b09af006a8519406285371fe207d143142e7c674dd5afa
|
data/CHANGELOG.md
CHANGED
@@ -1,20 +1,29 @@
|
|
1
1
|
# Change Log
|
2
2
|
<!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
|
3
|
-
<!-- latest_release 2.3.
|
4
|
-
## [v2.3.
|
3
|
+
<!-- latest_release 2.3.28 -->
|
4
|
+
## [v2.3.28](https://github.com/inspec/inspec/tree/v2.3.28) (2019-02-08)
|
5
5
|
|
6
|
-
####
|
7
|
-
-
|
6
|
+
#### Merged Pull Requests
|
7
|
+
- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
8
8
|
<!-- latest_release -->
|
9
9
|
|
10
|
-
<!-- release_rollup since=2.3.
|
11
|
-
### Changes since 2.3.
|
10
|
+
<!-- release_rollup since=2.3.24 -->
|
11
|
+
### Changes since 2.3.24 release
|
12
12
|
|
13
|
-
####
|
14
|
-
-
|
13
|
+
#### Merged Pull Requests
|
14
|
+
- Remove bundler pin from 2.x series [#3795](https://github.com/inspec/inspec/pull/3795) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.28 -->
|
15
|
+
- Update copyright for 2.x branch [#3794](https://github.com/inspec/inspec/pull/3794) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 2.3.27 -->
|
16
|
+
- Update the text on the generic default attribute [#3508](https://github.com/inspec/inspec/pull/3508) ([jquick](https://github.com/jquick)) <!-- 2.3.26 -->
|
17
|
+
- Change `Inspec ` to `InSpec ` where appropriate [#3494](https://github.com/inspec/inspec/pull/3494) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 2.3.25 -->
|
15
18
|
<!-- release_rollup -->
|
16
19
|
|
17
20
|
<!-- latest_stable_release -->
|
21
|
+
## [v2.3.24](https://github.com/inspec/inspec/tree/v2.3.24) (2018-10-12)
|
22
|
+
|
23
|
+
#### Bug Fixes
|
24
|
+
- Fix plugin install issues in different ruby envs [#3505](https://github.com/inspec/inspec/pull/3505) ([jquick](https://github.com/jquick))
|
25
|
+
<!-- latest_stable_release -->
|
26
|
+
|
18
27
|
## [v2.3.23](https://github.com/inspec/inspec/tree/v2.3.23) (2018-10-12)
|
19
28
|
|
20
29
|
#### Enhancements
|
@@ -35,7 +44,6 @@
|
|
35
44
|
- docs: Add version to multiple descriptions doc [#3477](https://github.com/inspec/inspec/pull/3477) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
36
45
|
- Set a static node GUID for travis runs [#3497](https://github.com/inspec/inspec/pull/3497) ([jquick](https://github.com/jquick))
|
37
46
|
- Fix plugin issues on omni builds [#3499](https://github.com/inspec/inspec/pull/3499) ([jquick](https://github.com/jquick))
|
38
|
-
<!-- latest_stable_release -->
|
39
47
|
|
40
48
|
## [v2.3.10](https://github.com/inspec/inspec/tree/v2.3.10) (2018-10-04)
|
41
49
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -439,7 +439,7 @@ Please see [TESTING_AGAINST_AZURE.md](./test/integration/aws/TESTING_AGAINST_AZU
|
|
439
439
|
| **Author:** | Dominik Richter (<drichter@chef.io>) |
|
440
440
|
| **Author:** | Christoph Hartmann (<chartmann@chef.io>) |
|
441
441
|
| **Copyright:** | Copyright (c) 2015 Vulcano Security GmbH. |
|
442
|
-
| **Copyright:** | Copyright (c)
|
442
|
+
| **Copyright:** | Copyright (c) 2019 Chef Software Inc. |
|
443
443
|
| **License:** | Apache License, Version 2.0 |
|
444
444
|
|
445
445
|
Licensed under the Apache License, Version 2.0 (the "License");
|
data/inspec.gemspec
CHANGED
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
|
|
26
26
|
|
27
27
|
spec.required_ruby_version = '>= 2.3'
|
28
28
|
|
29
|
-
spec.add_dependency 'train', '~> 1.5'
|
29
|
+
spec.add_dependency 'train', '~> 1.5', '= 1.7.1'
|
30
30
|
spec.add_dependency 'thor', '~> 0.20'
|
31
31
|
spec.add_dependency 'json', '>= 1.8', '< 3.0'
|
32
32
|
spec.add_dependency 'method_source', '~> 0.8'
|
@@ -69,6 +69,6 @@ module Supermarket
|
|
69
69
|
end
|
70
70
|
end
|
71
71
|
|
72
|
-
# register the subcommand to
|
72
|
+
# register the subcommand to InSpec CLI registry
|
73
73
|
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, 'supermarket', 'supermarket SUBCOMMAND ...', 'Supermarket commands', {})
|
74
74
|
end
|
data/lib/inspec/cli.rb
CHANGED
@@ -305,7 +305,7 @@ begin
|
|
305
305
|
ctl = Inspec::PluginCtl.new
|
306
306
|
ctl.list.each { |x| ctl.load(x) }
|
307
307
|
|
308
|
-
# load v1 CLI plugins before the
|
308
|
+
# load v1 CLI plugins before the InSpec CLI has been started
|
309
309
|
Inspec::Plugins::CLI.subcommands.each { |_subcommand, params|
|
310
310
|
Inspec::InspecCLI.register(
|
311
311
|
params[:klass],
|
@@ -17,20 +17,26 @@ module Inspec
|
|
17
17
|
DEFAULT_ATTRIBUTE = Class.new do
|
18
18
|
def initialize(name)
|
19
19
|
@name = name
|
20
|
-
end
|
21
20
|
|
22
|
-
|
21
|
+
# output warn message if we are in a exec call
|
23
22
|
Inspec::Log.warn(
|
24
|
-
"
|
23
|
+
"Attribute '#{@name}' does not have a value. "\
|
25
24
|
"Use --attrs to provide a value for '#{@name}' or specify a default "\
|
26
25
|
"value with `attribute('#{@name}', default: 'somedefault', ...)`.",
|
27
|
-
)
|
26
|
+
) if Inspec::BaseCLI.inspec_cli_command == :exec
|
27
|
+
end
|
28
|
+
|
29
|
+
def method_missing(*_)
|
28
30
|
self
|
29
31
|
end
|
30
32
|
|
31
33
|
def respond_to_missing?(_, _)
|
32
34
|
true
|
33
35
|
end
|
36
|
+
|
37
|
+
def to_s
|
38
|
+
"Attribute '#{@name}' does not have a value. Skipping test."
|
39
|
+
end
|
34
40
|
end
|
35
41
|
|
36
42
|
def initialize(name, options = {})
|
data/lib/inspec/secrets/yaml.rb
CHANGED
data/lib/inspec/version.rb
CHANGED
@@ -87,7 +87,7 @@ module InspecPlugins
|
|
87
87
|
p = Pathname.new(path_to_profile)
|
88
88
|
p = p.join('inspec.yml')
|
89
89
|
if not p.exist?
|
90
|
-
raise "#{path_to_profile} doesn't appear to be a valid
|
90
|
+
raise "#{path_to_profile} doesn't appear to be a valid InSpec profile"
|
91
91
|
end
|
92
92
|
yaml = YAML.load_file(p.to_s)
|
93
93
|
yaml = yaml.to_hash
|
@@ -101,7 +101,7 @@ module InspecPlugins
|
|
101
101
|
end
|
102
102
|
rescue => e
|
103
103
|
# rewrap it and pass it up to the CLI
|
104
|
-
raise "Error reading
|
104
|
+
raise "Error reading InSpec profile metadata: #{e}"
|
105
105
|
end
|
106
106
|
|
107
107
|
yaml
|
@@ -12,7 +12,7 @@ require_relative 'base'
|
|
12
12
|
#
|
13
13
|
#
|
14
14
|
# .IAF file format
|
15
|
-
# .iaf = "
|
15
|
+
# .iaf = "InSpec Artifact File", easy to rename if you'd like something more appropriate.
|
16
16
|
# The iaf file wraps a binary artifact with some metadata. The first implementation
|
17
17
|
# looks like this:
|
18
18
|
#
|
@@ -62,8 +62,8 @@ require_relative 'base'
|
|
62
62
|
# private keys. We should establish a common key directory (similar to /hab/cache/keys
|
63
63
|
# or ~/.hab/cache/keys in Habitat).
|
64
64
|
#
|
65
|
-
# Extracting artifacts outside of
|
66
|
-
# As in Habitat, the artifact format for
|
65
|
+
# Extracting artifacts outside of InSpec
|
66
|
+
# As in Habitat, the artifact format for InSpec allows the use of common
|
67
67
|
# Unix tools to read the header and body of an artifact.
|
68
68
|
# To extract the header from a .iaf:
|
69
69
|
# sed '/^$/q' foo.iaf
|
@@ -260,7 +260,7 @@ module InspecPlugins
|
|
260
260
|
end
|
261
261
|
end
|
262
262
|
|
263
|
-
# register the subcommand to
|
263
|
+
# register the subcommand to InSpec CLI registry
|
264
264
|
# Inspec::Plugins::CLI.add_subcommand(InspecPlugins::ComplianceCLI, 'compliance', 'compliance SUBCOMMAND ...', 'Chef InspecPlugins::Compliance commands', {})
|
265
265
|
end
|
266
266
|
end
|
@@ -97,7 +97,7 @@ class AwsIamUser < Inspec.resource(1)
|
|
97
97
|
mfa_info = backend.list_mfa_devices(user_name: username)
|
98
98
|
@has_mfa_enabled = !mfa_info.mfa_devices.empty?
|
99
99
|
|
100
|
-
# TODO: consider returning
|
100
|
+
# TODO: consider returning InSpec AwsIamAccessKey objects
|
101
101
|
@access_keys = backend.list_access_keys(user_name: username).access_key_metadata
|
102
102
|
# If the above call fails, we get nil here; but we promise access_keys will be an array.
|
103
103
|
@access_keys ||= []
|
@@ -7,7 +7,7 @@ module Inspec::Resources
|
|
7
7
|
name 'azure_virtual_machine'
|
8
8
|
|
9
9
|
desc '
|
10
|
-
|
10
|
+
InSpec Resource to test Azure Virtual Machines
|
11
11
|
'
|
12
12
|
|
13
13
|
supports platform: 'azure'
|
@@ -122,7 +122,7 @@ module Inspec::Resources
|
|
122
122
|
#
|
123
123
|
# This allows the use of
|
124
124
|
# it { should have_password_authentication }
|
125
|
-
# within the
|
125
|
+
# within the InSpec profile
|
126
126
|
#
|
127
127
|
# @return boolean
|
128
128
|
def has_password_authentication?
|
@@ -146,7 +146,7 @@ module Inspec::Resources
|
|
146
146
|
#
|
147
147
|
# This allows the use of
|
148
148
|
# it { should have_custom_data }
|
149
|
-
# within the
|
149
|
+
# within the InSpec Profile
|
150
150
|
#
|
151
151
|
# @return boolean
|
152
152
|
def has_custom_data?
|
@@ -168,7 +168,7 @@ module Inspec::Resources
|
|
168
168
|
#
|
169
169
|
# This allows the use of
|
170
170
|
# it { should have_ssh_keys }
|
171
|
-
# within the
|
171
|
+
# within the InSpec Profile
|
172
172
|
#
|
173
173
|
# @return boolean
|
174
174
|
def has_ssh_keys?
|
@@ -8,7 +8,7 @@ module Inspec::Resources
|
|
8
8
|
name 'azure_virtual_machine_data_disk'
|
9
9
|
|
10
10
|
desc '
|
11
|
-
|
11
|
+
InSpec Resource to ensure that the data disks attached to a machine are correct
|
12
12
|
'
|
13
13
|
|
14
14
|
supports platform: 'azure'
|
@@ -6,7 +6,7 @@ module Inspec::Resources
|
|
6
6
|
class ChocoPkg < Inspec.resource(1)
|
7
7
|
name 'chocolatey_package'
|
8
8
|
supports platform: 'windows'
|
9
|
-
desc 'Use the chocolatey_package
|
9
|
+
desc 'Use the chocolatey_package InSpec audit resource to test if the named package and/or package version is installed on the system.'
|
10
10
|
example <<-EOH
|
11
11
|
describe chocolatey_package('git') do
|
12
12
|
it { should be_installed }
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.3.
|
4
|
+
version: 2.3.28
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-02-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train
|
@@ -17,6 +17,9 @@ dependencies:
|
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '1.5'
|
20
|
+
- - '='
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 1.7.1
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -24,6 +27,9 @@ dependencies:
|
|
24
27
|
- - "~>"
|
25
28
|
- !ruby/object:Gem::Version
|
26
29
|
version: '1.5'
|
30
|
+
- - '='
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 1.7.1
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: thor
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|