inspec 4.17.17 → 4.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/inspec.gemspec +1 -1
- data/lib/inspec/base_cli.rb +5 -1
- data/lib/inspec/cli.rb +10 -1
- data/lib/inspec/dsl.rb +2 -0
- data/lib/inspec/formatters/base.rb +5 -0
- data/lib/inspec/reporters/json.rb +1 -1
- data/lib/inspec/resources/apt.rb +2 -0
- data/lib/inspec/resources/interface.rb +17 -19
- data/lib/inspec/resources/users.rb +73 -0
- data/lib/inspec/rspec_extensions.rb +1 -0
- data/lib/inspec/rule.rb +4 -4
- data/lib/inspec/runner_rspec.rb +1 -1
- data/lib/inspec/schema.rb +10 -0
- data/lib/inspec/utils/parser.rb +8 -7
- data/lib/inspec/version.rb +1 -1
- data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +42 -42
- data/lib/plugins/inspec-compliance/test/unit/api_test.rb +54 -54
- data/lib/plugins/inspec-compliance/test/unit/target_test.rb +11 -11
- data/lib/plugins/shared/core_plugin_test_helper.rb +16 -16
- metadata +10 -5
- data/lib/inspec/polyfill.rb +0 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f1383016cfa4899dc2457ba11f9f4a7e79e02b8cfa9c1fd9b2cba34e8b0a6aa4
|
4
|
+
data.tar.gz: f80b35ba96ed8a3954240b5a43611bd4e7822589bf1a52e761b75e3a9e144ab6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1c2b2cc5aea6c768acb57bd40cfd414c66ac56926dd8243e947e74aa748877a45ae778001c89d7d8a2f03abcc3ee165b2f525ebb664d0732f2d634a91498fbfe
|
7
|
+
data.tar.gz: cd5787223718099c19c4b3d4c85b726eee454305ea66ad7a0762674df7778efc64840d3f3db0debcaa4e1ec485202f9bebe8a2c9ad59c50361510133197efe7c
|
data/inspec.gemspec
CHANGED
@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
|
|
35
35
|
spec.add_dependency "json-schema", "~> 2.8"
|
36
36
|
spec.add_dependency "method_source", "~> 0.8"
|
37
37
|
spec.add_dependency "rubyzip", "~> 1.2", ">= 1.2.2"
|
38
|
-
spec.add_dependency "rspec", "~> 3"
|
38
|
+
spec.add_dependency "rspec", ["~> 3.0", "< 3.9"] # TODO: Loosen - See https://github.com/inspec/inspec/issues/4575
|
39
39
|
spec.add_dependency "rspec-its", "~> 1.2"
|
40
40
|
spec.add_dependency "pry", "~> 0"
|
41
41
|
spec.add_dependency "hashie", "~> 3.4"
|
data/lib/inspec/base_cli.rb
CHANGED
@@ -222,16 +222,20 @@ module Inspec
|
|
222
222
|
|
223
223
|
private
|
224
224
|
|
225
|
+
ALL_OF_OUR_REPORTERS = %w{json json-min json-rspec json-automate junit html yaml documentation progress}.freeze # BUT WHY?!?!
|
226
|
+
|
225
227
|
def suppress_log_output?(opts)
|
226
228
|
return false if opts["reporter"].nil?
|
227
229
|
|
228
|
-
match =
|
230
|
+
match = ALL_OF_OUR_REPORTERS & opts["reporter"].keys
|
231
|
+
|
229
232
|
unless match.empty?
|
230
233
|
match.each do |m|
|
231
234
|
# check to see if we are outputting to stdout
|
232
235
|
return true if opts["reporter"][m]["stdout"] == true
|
233
236
|
end
|
234
237
|
end
|
238
|
+
|
235
239
|
false
|
236
240
|
end
|
237
241
|
|
data/lib/inspec/cli.rb
CHANGED
@@ -9,6 +9,7 @@ module Inspec # TODO: move this somewhere "better"?
|
|
9
9
|
autoload :BaseCLI, "inspec/base_cli"
|
10
10
|
autoload :Deprecation, "inspec/utils/deprecation"
|
11
11
|
autoload :Exceptions, "inspec/exceptions"
|
12
|
+
autoload :EnvPrinter, "inspec/env_printer"
|
12
13
|
autoload :Fetcher, "inspec/fetcher"
|
13
14
|
autoload :Formatters, "inspec/formatters"
|
14
15
|
autoload :Globals, "inspec/globals"
|
@@ -340,7 +341,15 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|
340
341
|
ui.exit res unless run_type == :ruby_eval
|
341
342
|
|
342
343
|
# No InSpec tests - just print evaluation output.
|
343
|
-
|
344
|
+
reporters = o["reporter"] || {}
|
345
|
+
if reporters.keys.include?("json")
|
346
|
+
res = if res.respond_to?(:to_json)
|
347
|
+
res.to_json
|
348
|
+
else
|
349
|
+
JSON.dump(res)
|
350
|
+
end
|
351
|
+
end
|
352
|
+
|
344
353
|
puts res
|
345
354
|
ui.exit Inspec::UI::EXIT_NORMAL
|
346
355
|
rescue RuntimeError, Train::UserError => e
|
data/lib/inspec/dsl.rb
CHANGED
@@ -259,6 +259,11 @@ module Inspec::Formatters
|
|
259
259
|
example.delete(:id)
|
260
260
|
example.delete(:profile_id)
|
261
261
|
control[:results].push(example)
|
262
|
+
|
263
|
+
# Waiver data, if available, is internally stored on a per-result
|
264
|
+
# (that is, per-describe-block) basis, because that is the only granularity
|
265
|
+
# available to us in the RSpec report data structure which we use as a vehicle.
|
266
|
+
control[:waiver_data] ||= example[:waiver_data] || {}
|
262
267
|
end
|
263
268
|
end
|
264
269
|
end
|
@@ -40,7 +40,6 @@ module Inspec::Reporters
|
|
40
40
|
message: r[:message],
|
41
41
|
exception: r[:exception],
|
42
42
|
backtrace: r[:backtrace],
|
43
|
-
waiver_data: r[:waiver_data],
|
44
43
|
}.reject { |_k, v| v.nil? }
|
45
44
|
}
|
46
45
|
end
|
@@ -96,6 +95,7 @@ module Inspec::Reporters
|
|
96
95
|
line: c[:source_location][:line],
|
97
96
|
ref: c[:source_location][:ref],
|
98
97
|
},
|
98
|
+
waiver_data: c[:waiver_data] || {},
|
99
99
|
results: profile_results(c),
|
100
100
|
}
|
101
101
|
}
|
data/lib/inspec/resources/apt.rb
CHANGED
@@ -87,12 +87,14 @@ module Inspec::Resources
|
|
87
87
|
active = raw_line == line
|
88
88
|
|
89
89
|
# formats:
|
90
|
+
# deb "http://archive.ubuntu.com/ubuntu/" wily main restricted ...
|
90
91
|
# deb http://archive.ubuntu.com/ubuntu/ wily main restricted ...
|
91
92
|
# deb [trusted=yes] http://archive.ubuntu.com/ubuntu/ wily main restricted ...
|
92
93
|
|
93
94
|
words = line.split
|
94
95
|
words.delete 1 if words[1] && words[1].start_with?("[")
|
95
96
|
type, url, distro, *components = words
|
97
|
+
url = url.delete('"') if url
|
96
98
|
|
97
99
|
next if components.empty?
|
98
100
|
next unless URI::HTTP === URI.parse(url)
|
@@ -17,38 +17,34 @@ module Inspec::Resources
|
|
17
17
|
its('ipv6_cidrs') { should include '::1/128' }
|
18
18
|
end
|
19
19
|
EXAMPLE
|
20
|
+
|
20
21
|
def initialize(iface)
|
21
22
|
@iface = iface
|
22
|
-
|
23
|
-
@interface_provider = nil
|
24
|
-
if inspec.os.linux?
|
25
|
-
@interface_provider = LinuxInterface.new(inspec)
|
26
|
-
elsif inspec.os.windows?
|
27
|
-
@interface_provider = WindowsInterface.new(inspec)
|
28
|
-
else
|
29
|
-
return skip_resource "The `interface` resource is not supported on your OS yet."
|
30
|
-
end
|
31
23
|
end
|
32
24
|
|
33
25
|
def exists?
|
34
|
-
|
26
|
+
!!(interface_info && interface_info[:name])
|
35
27
|
end
|
36
28
|
|
37
29
|
def up?
|
38
|
-
interface_info
|
30
|
+
!!(interface_info && interface_info[:up])
|
31
|
+
end
|
32
|
+
|
33
|
+
def name
|
34
|
+
interface_info[:name]
|
39
35
|
end
|
40
36
|
|
41
37
|
# returns link speed in Mbits/sec
|
42
38
|
def speed
|
43
|
-
interface_info
|
39
|
+
interface_info && interface_info[:speed]
|
44
40
|
end
|
45
41
|
|
46
42
|
def ipv4_address?
|
47
|
-
|
43
|
+
ipv4_addresses && !ipv4_addresses.empty?
|
48
44
|
end
|
49
45
|
|
50
46
|
def ipv6_address?
|
51
|
-
|
47
|
+
ipv6_addresses && !ipv6_addresses.empty?
|
52
48
|
end
|
53
49
|
|
54
50
|
def ipv4_addresses
|
@@ -72,11 +68,11 @@ module Inspec::Resources
|
|
72
68
|
end
|
73
69
|
|
74
70
|
def ipv4_cidrs
|
75
|
-
interface_info
|
71
|
+
interface_info && Array(interface_info[:ipv4_addresses])
|
76
72
|
end
|
77
73
|
|
78
74
|
def ipv6_cidrs
|
79
|
-
interface_info
|
75
|
+
interface_info && Array(interface_info[:ipv6_addresses])
|
80
76
|
end
|
81
77
|
|
82
78
|
def to_s
|
@@ -86,9 +82,11 @@ module Inspec::Resources
|
|
86
82
|
private
|
87
83
|
|
88
84
|
def interface_info
|
89
|
-
|
90
|
-
|
91
|
-
|
85
|
+
@cache ||= begin
|
86
|
+
provider = LinuxInterface.new(inspec) if inspec.os.linux?
|
87
|
+
provider = WindowsInterface.new(inspec) if inspec.os.windows?
|
88
|
+
Hash(provider && provider.interface_info(@iface))
|
89
|
+
end
|
92
90
|
end
|
93
91
|
end
|
94
92
|
|
@@ -3,6 +3,7 @@ require "inspec/utils/convert"
|
|
3
3
|
require "inspec/utils/filter"
|
4
4
|
require "inspec/utils/simpleconfig"
|
5
5
|
require "inspec/resources/powershell"
|
6
|
+
require "date"
|
6
7
|
|
7
8
|
module Inspec::Resources
|
8
9
|
# This file contains two resources, the `user` and `users` resource.
|
@@ -116,6 +117,24 @@ module Inspec::Resources
|
|
116
117
|
# its('mindays') { should eq 0 }
|
117
118
|
# its('maxdays') { should eq 99 }
|
118
119
|
# its('warndays') { should eq 5 }
|
120
|
+
# its('passwordage') { should be >= 0 }
|
121
|
+
# its('maxbadpasswords') { should eq nil } // not yet supported on linux
|
122
|
+
# its('badpasswordattempts') { should eq 0 }
|
123
|
+
# end
|
124
|
+
# describe user('Administrator') do
|
125
|
+
# it { should exist }
|
126
|
+
# its('uid') { should eq "S-1-5-21-1759981009-4135989804-1844563890-500" }
|
127
|
+
# its('gid') { should eq nil } // not supported on Windows
|
128
|
+
# its('group') { should eq nil } // not supported on Windows
|
129
|
+
# its('groups') { should eq ['Administrators', 'Users']}
|
130
|
+
# its('home') { should eq '' }
|
131
|
+
# its('shell') { should eq nil } // not supported on Windows
|
132
|
+
# its('mindays') { should eq 0 }
|
133
|
+
# its('maxdays') { should eq 42 }
|
134
|
+
# its('warndays') { should eq nil }
|
135
|
+
# its('passwordage') { should eq 355 }
|
136
|
+
# its('maxbadpasswords') { should eq 0 }
|
137
|
+
# its('badpasswordattempts') { should eq 0 }
|
119
138
|
# end
|
120
139
|
#
|
121
140
|
# The following Serverspec matchers are deprecated in favor for direct value access
|
@@ -196,6 +215,14 @@ module Inspec::Resources
|
|
196
215
|
meta_info[:shell] unless meta_info.nil?
|
197
216
|
end
|
198
217
|
|
218
|
+
def domain
|
219
|
+
meta_info[:domain] unless meta_info.nil?
|
220
|
+
end
|
221
|
+
|
222
|
+
def userflags
|
223
|
+
meta_info[:userflags] unless meta_info.nil?
|
224
|
+
end
|
225
|
+
|
199
226
|
# returns the minimum days between password changes
|
200
227
|
def mindays
|
201
228
|
credentials[:mindays] unless credentials.nil?
|
@@ -211,6 +238,18 @@ module Inspec::Resources
|
|
211
238
|
credentials[:warndays] unless credentials.nil?
|
212
239
|
end
|
213
240
|
|
241
|
+
def badpasswordattempts
|
242
|
+
credentials[:badpasswordattempts] unless credentials.nil?
|
243
|
+
end
|
244
|
+
|
245
|
+
def maxbadpasswords
|
246
|
+
credentials[:maxbadpasswords] unless credentials.nil?
|
247
|
+
end
|
248
|
+
|
249
|
+
def passwordage
|
250
|
+
credentials[:passwordage] unless credentials.nil?
|
251
|
+
end
|
252
|
+
|
214
253
|
# implement 'mindays' method to be compatible with serverspec
|
215
254
|
def minimum_days_between_password_change
|
216
255
|
Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.")
|
@@ -425,10 +464,17 @@ module Inspec::Resources
|
|
425
464
|
multiple_values: false
|
426
465
|
).params
|
427
466
|
|
467
|
+
dparse = Date.parse "#{params['Last password change']}"
|
468
|
+
dayslastset = (Date.today - dparse).to_i
|
469
|
+
cmd = inspec.command("lastb -w -a | grep #{username} | wc -l")
|
470
|
+
badpasswordattempts = convert_to_i(cmd.stdout.chomp) if cmd.exit_status == 0
|
471
|
+
|
428
472
|
{
|
429
473
|
mindays: convert_to_i(params["Minimum number of days between password change"]),
|
430
474
|
maxdays: convert_to_i(params["Maximum number of days between password change"]),
|
431
475
|
warndays: convert_to_i(params["Number of days of warning before password expires"]),
|
476
|
+
passwordage: dayslastset,
|
477
|
+
badpasswordattempts: badpasswordattempts,
|
432
478
|
}
|
433
479
|
end
|
434
480
|
end
|
@@ -481,6 +527,8 @@ module Inspec::Resources
|
|
481
527
|
mindays: user_sec[1].to_i * 7,
|
482
528
|
maxdays: user_sec[2].to_i * 7,
|
483
529
|
warndays: user_sec[3].to_i,
|
530
|
+
passwordage: nil,
|
531
|
+
badpasswordattempts: nil,
|
484
532
|
}
|
485
533
|
end
|
486
534
|
end
|
@@ -573,6 +621,31 @@ module Inspec::Resources
|
|
573
621
|
res[0] unless res.empty?
|
574
622
|
end
|
575
623
|
|
624
|
+
def meta_info(username)
|
625
|
+
res = identity(username)
|
626
|
+
return if res.nil?
|
627
|
+
{
|
628
|
+
home: res[:home],
|
629
|
+
shell: res[:shell],
|
630
|
+
domain: res[:domain],
|
631
|
+
userflags: res[:userflags],
|
632
|
+
}
|
633
|
+
end
|
634
|
+
|
635
|
+
def credentials(username)
|
636
|
+
res = identity(username)
|
637
|
+
return if res.nil?
|
638
|
+
{
|
639
|
+
mindays: res[:mindays],
|
640
|
+
maxdays: res[:maxdays],
|
641
|
+
warndays: res[:warndays],
|
642
|
+
badpasswordattempts: res[:badpasswordattempts],
|
643
|
+
maxbadpasswords: res[:maxbadpasswords],
|
644
|
+
minpasswordlength: res[:minpasswordlength],
|
645
|
+
passwordage: res[:passwordage],
|
646
|
+
}
|
647
|
+
end
|
648
|
+
|
576
649
|
def list_users
|
577
650
|
collect_user_details.map { |user| user[:username] }
|
578
651
|
end
|
@@ -50,6 +50,7 @@ module Inspec
|
|
50
50
|
def method_missing(method_name, *arguments, &block)
|
51
51
|
# see if it is a resource first
|
52
52
|
begin
|
53
|
+
inspec = inspec if respond_to?(:inspec) # backend not available??
|
53
54
|
resource = Inspec::DSL.method_missing_resource(inspec, method_name, *arguments)
|
54
55
|
return resource if resource
|
55
56
|
rescue LoadError
|
data/lib/inspec/rule.rb
CHANGED
@@ -297,11 +297,11 @@ module Inspec
|
|
297
297
|
__waiver_data["skipped_due_to_waiver"] = false
|
298
298
|
__waiver_data["message"] = ""
|
299
299
|
|
300
|
-
# Waivers should have a hash value with keys possibly including
|
301
|
-
# expiration_date. We only care here if it has a
|
302
|
-
# is
|
300
|
+
# Waivers should have a hash value with keys possibly including "run" and
|
301
|
+
# expiration_date. We only care here if it has a "run" key and it
|
302
|
+
# is false-like, since all non-skipped waiver operations are handled
|
303
303
|
# during reporting phase.
|
304
|
-
return unless __waiver_data.key?("
|
304
|
+
return unless __waiver_data.key?("run") && !__waiver_data["run"]
|
305
305
|
|
306
306
|
# OK, the intent is to skip. Does it have an expiration date, and
|
307
307
|
# if so, is it in the future?
|
data/lib/inspec/runner_rspec.rb
CHANGED
@@ -83,7 +83,7 @@ module Inspec
|
|
83
83
|
return @rspec_exit_code if @formatter.results.empty?
|
84
84
|
|
85
85
|
stats = @formatter.results[:statistics][:controls]
|
86
|
-
skipped = @formatter.results
|
86
|
+
skipped = @formatter.results.dig(:profiles, 0, :status) == "skipped"
|
87
87
|
if stats[:failed][:total] == 0 && stats[:skipped][:total] == 0 && !skipped
|
88
88
|
0
|
89
89
|
elsif stats[:failed][:total] > 0
|
data/lib/inspec/schema.rb
CHANGED
@@ -96,6 +96,16 @@ module Inspec
|
|
96
96
|
},
|
97
97
|
},
|
98
98
|
"results" => { "type" => "array", "items" => RESULT },
|
99
|
+
"waiver_data" => {
|
100
|
+
"type" => "object",
|
101
|
+
"properties" => {
|
102
|
+
"skipped_due_to_waiver" => { "type" => "string" },
|
103
|
+
"run" => { "type" => "boolean" },
|
104
|
+
"message" => { "type" => "string" },
|
105
|
+
"expiration_date" => { "type" => "string" },
|
106
|
+
"justification" => { "type" => "string" },
|
107
|
+
},
|
108
|
+
},
|
99
109
|
},
|
100
110
|
}.freeze
|
101
111
|
|
data/lib/inspec/utils/parser.rb
CHANGED
@@ -20,13 +20,14 @@ module PasswdParser
|
|
20
20
|
def parse_passwd_line(line)
|
21
21
|
x = line.split(":")
|
22
22
|
{
|
23
|
-
|
24
|
-
"
|
25
|
-
"
|
26
|
-
"
|
27
|
-
"
|
28
|
-
"
|
29
|
-
"
|
23
|
+
# rubocop:disable Layout/AlignHash
|
24
|
+
"user" => x[0],
|
25
|
+
"password" => x[1],
|
26
|
+
"uid" => x[2],
|
27
|
+
"gid" => x[3],
|
28
|
+
"desc" => x[4],
|
29
|
+
"home" => x[5],
|
30
|
+
"shell" => x[6],
|
30
31
|
}
|
31
32
|
end
|
32
33
|
end
|
data/lib/inspec/version.rb
CHANGED
@@ -58,18 +58,18 @@ describe InspecPlugins::Compliance::API do
|
|
58
58
|
it "raises an error if `--user` is missing" do
|
59
59
|
options = automate_options
|
60
60
|
options.delete("user")
|
61
|
-
err =
|
62
|
-
err.message.must_match(/Please specify a user.*/)
|
63
|
-
err.message.lines.length.must_equal(1)
|
61
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
62
|
+
_(err.message).must_match(/Please specify a user.*/)
|
63
|
+
_(err.message.lines.length).must_equal(1)
|
64
64
|
end
|
65
65
|
|
66
66
|
it "raises an error if `--token` and `--dctoken` are missing" do
|
67
67
|
options = automate_options
|
68
68
|
options.delete("token")
|
69
69
|
options.delete("dctoken")
|
70
|
-
err =
|
71
|
-
err.message.must_match(/Please specify a token.*/)
|
72
|
-
err.message.lines.length.must_equal(1)
|
70
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
71
|
+
_(err.message).must_match(/Please specify a token.*/)
|
72
|
+
_(err.message.lines.length).must_equal(1)
|
73
73
|
end
|
74
74
|
|
75
75
|
it "stores an access token" do
|
@@ -79,12 +79,12 @@ describe InspecPlugins::Compliance::API do
|
|
79
79
|
InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
|
80
80
|
|
81
81
|
InspecPlugins::Compliance::API.login(options)
|
82
|
-
fake_config["automate"]["ent"].must_equal("automate")
|
83
|
-
fake_config["automate"]["token_type"].must_equal("dctoken")
|
84
|
-
fake_config["user"].must_equal("someone")
|
85
|
-
fake_config["server"].must_equal("https://automate.example.com/api/v0")
|
86
|
-
fake_config["server_type"].must_equal("automate2")
|
87
|
-
fake_config["token"].must_equal("token")
|
82
|
+
_(fake_config["automate"]["ent"]).must_equal("automate")
|
83
|
+
_(fake_config["automate"]["token_type"]).must_equal("dctoken")
|
84
|
+
_(fake_config["user"]).must_equal("someone")
|
85
|
+
_(fake_config["server"]).must_equal("https://automate.example.com/api/v0")
|
86
|
+
_(fake_config["server_type"]).must_equal("automate2")
|
87
|
+
_(fake_config["token"]).must_equal("token")
|
88
88
|
end
|
89
89
|
end
|
90
90
|
|
@@ -96,26 +96,26 @@ describe InspecPlugins::Compliance::API do
|
|
96
96
|
it "raises an error if `--user` is missing" do
|
97
97
|
options = automate_options
|
98
98
|
options.delete("user")
|
99
|
-
err =
|
100
|
-
err.message.must_match(/Please specify a user.*/)
|
101
|
-
err.message.lines.length.must_equal(1)
|
99
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
100
|
+
_(err.message).must_match(/Please specify a user.*/)
|
101
|
+
_(err.message.lines.length).must_equal(1)
|
102
102
|
end
|
103
103
|
|
104
104
|
it "raises an error if `--ent` is missing" do
|
105
105
|
options = automate_options
|
106
106
|
options.delete("ent")
|
107
|
-
err =
|
108
|
-
err.message.must_match(/Please specify an enterprise.*/)
|
109
|
-
err.message.lines.length.must_equal(1)
|
107
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
108
|
+
_(err.message).must_match(/Please specify an enterprise.*/)
|
109
|
+
_(err.message.lines.length).must_equal(1)
|
110
110
|
end
|
111
111
|
|
112
112
|
it "raises an error if `--token` and `--dctoken` are missing" do
|
113
113
|
options = automate_options
|
114
114
|
options.delete("token")
|
115
115
|
options.delete("dctoken")
|
116
|
-
err =
|
117
|
-
err.message.must_match(/Please specify a token.*/)
|
118
|
-
err.message.lines.length.must_equal(1)
|
116
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
117
|
+
_(err.message).must_match(/Please specify a token.*/)
|
118
|
+
_(err.message.lines.length).must_equal(1)
|
119
119
|
end
|
120
120
|
|
121
121
|
it "stores an access token" do
|
@@ -125,12 +125,12 @@ describe InspecPlugins::Compliance::API do
|
|
125
125
|
InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
|
126
126
|
|
127
127
|
InspecPlugins::Compliance::API.login(options)
|
128
|
-
fake_config["automate"]["ent"].must_equal("automate")
|
129
|
-
fake_config["automate"]["token_type"].must_equal("usertoken")
|
130
|
-
fake_config["user"].must_equal("someone")
|
131
|
-
fake_config["server"].must_equal("https://automate.example.com/compliance")
|
132
|
-
fake_config["server_type"].must_equal("automate")
|
133
|
-
fake_config["token"].must_equal("token")
|
128
|
+
_(fake_config["automate"]["ent"]).must_equal("automate")
|
129
|
+
_(fake_config["automate"]["token_type"]).must_equal("usertoken")
|
130
|
+
_(fake_config["user"]).must_equal("someone")
|
131
|
+
_(fake_config["server"]).must_equal("https://automate.example.com/compliance")
|
132
|
+
_(fake_config["server_type"]).must_equal("automate")
|
133
|
+
_(fake_config["token"]).must_equal("token")
|
134
134
|
end
|
135
135
|
end
|
136
136
|
|
@@ -143,9 +143,9 @@ describe InspecPlugins::Compliance::API do
|
|
143
143
|
options = automate_options
|
144
144
|
options.delete("user")
|
145
145
|
options.delete("refresh_token")
|
146
|
-
err =
|
147
|
-
err.message.must_match(/Please specify a.*--user.*--refresh-token.*/)
|
148
|
-
err.message.lines.length.must_equal(1)
|
146
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
147
|
+
_(err.message).must_match(/Please specify a.*--user.*--refresh-token.*/)
|
148
|
+
_(err.message.lines.length).must_equal(1)
|
149
149
|
end
|
150
150
|
|
151
151
|
it "raises an error if `--user` is present but authentication method missing" do
|
@@ -153,9 +153,9 @@ describe InspecPlugins::Compliance::API do
|
|
153
153
|
options.delete("password")
|
154
154
|
options.delete("token")
|
155
155
|
options.delete("refresh_token")
|
156
|
-
err =
|
157
|
-
err.message.must_match(/Please specify.*--password.*--token.*--refresh-token.*/)
|
158
|
-
err.message.lines.length.must_equal(1)
|
156
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
157
|
+
_(err.message).must_match(/Please specify.*--password.*--token.*--refresh-token.*/)
|
158
|
+
_(err.message.lines.length).must_equal(1)
|
159
159
|
end
|
160
160
|
|
161
161
|
it "stores an access token" do
|
@@ -165,25 +165,25 @@ describe InspecPlugins::Compliance::API do
|
|
165
165
|
InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
|
166
166
|
|
167
167
|
InspecPlugins::Compliance::API.login(options)
|
168
|
-
fake_config["user"].must_equal("someone")
|
169
|
-
fake_config["server"].must_equal("https://compliance.example.com/api")
|
170
|
-
fake_config["server_type"].must_equal("compliance")
|
171
|
-
fake_config["token"].must_equal("token")
|
168
|
+
_(fake_config["user"]).must_equal("someone")
|
169
|
+
_(fake_config["server"]).must_equal("https://compliance.example.com/api")
|
170
|
+
_(fake_config["server_type"]).must_equal("compliance")
|
171
|
+
_(fake_config["token"]).must_equal("token")
|
172
172
|
end
|
173
173
|
end
|
174
174
|
|
175
175
|
describe "when target is neither a Chef Compliance nor Chef Automate server" do
|
176
176
|
it "raises an error if `https://SERVER` is missing" do
|
177
177
|
options = {}
|
178
|
-
err =
|
179
|
-
err.message.must_match(/Please specify a server.*/)
|
180
|
-
err.message.lines.length.must_equal(1)
|
178
|
+
err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
|
179
|
+
_(err.message).must_match(/Please specify a server.*/)
|
180
|
+
_(err.message.lines.length).must_equal(1)
|
181
181
|
end
|
182
182
|
|
183
183
|
it "rasies a `CannotDetermineServerType` error" do
|
184
184
|
InspecPlugins::Compliance::API.expects(:determine_server_type).returns(nil)
|
185
|
-
err =
|
186
|
-
err.message.must_match(/Unable to determine/)
|
185
|
+
err = _ { InspecPlugins::Compliance::API.login(automate_options) }.must_raise(StandardError)
|
186
|
+
_(err.message).must_match(/Unable to determine/)
|
187
187
|
end
|
188
188
|
end
|
189
189
|
end
|
@@ -60,7 +60,7 @@ describe InspecPlugins::Compliance::API do
|
|
60
60
|
response = mock
|
61
61
|
response.stubs(:code).returns("404")
|
62
62
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
63
|
-
InspecPlugins::Compliance::API.version(config).must_equal({})
|
63
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({})
|
64
64
|
end
|
65
65
|
end
|
66
66
|
|
@@ -70,7 +70,7 @@ describe InspecPlugins::Compliance::API do
|
|
70
70
|
response.stubs(:code).returns("200")
|
71
71
|
response.stubs(:body).returns(nil)
|
72
72
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
73
|
-
InspecPlugins::Compliance::API.version(config).must_equal({})
|
73
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({})
|
74
74
|
end
|
75
75
|
end
|
76
76
|
|
@@ -80,7 +80,7 @@ describe InspecPlugins::Compliance::API do
|
|
80
80
|
response.stubs(:code).returns("200")
|
81
81
|
response.stubs(:body).returns("")
|
82
82
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
83
|
-
InspecPlugins::Compliance::API.version(config).must_equal({})
|
83
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({})
|
84
84
|
end
|
85
85
|
end
|
86
86
|
|
@@ -90,7 +90,7 @@ describe InspecPlugins::Compliance::API do
|
|
90
90
|
response.stubs(:code).returns("200")
|
91
91
|
response.stubs(:body).returns('{"api":"compliance"}')
|
92
92
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
93
|
-
InspecPlugins::Compliance::API.version(config).must_equal({})
|
93
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({})
|
94
94
|
end
|
95
95
|
end
|
96
96
|
|
@@ -100,7 +100,7 @@ describe InspecPlugins::Compliance::API do
|
|
100
100
|
response.stubs(:code).returns("200")
|
101
101
|
response.stubs(:body).returns('{"api":"compliance","version":""}')
|
102
102
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
103
|
-
InspecPlugins::Compliance::API.version(config).must_equal({})
|
103
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({})
|
104
104
|
end
|
105
105
|
end
|
106
106
|
|
@@ -110,7 +110,7 @@ describe InspecPlugins::Compliance::API do
|
|
110
110
|
response.stubs(:code).returns("200")
|
111
111
|
response.stubs(:body).returns('{"api":"compliance","version":"1.2.3"}')
|
112
112
|
InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
|
113
|
-
InspecPlugins::Compliance::API.version(config).must_equal({ "version" => "1.2.3", "api" => "compliance" })
|
113
|
+
_(InspecPlugins::Compliance::API.version(config)).must_equal({ "version" => "1.2.3", "api" => "compliance" })
|
114
114
|
end
|
115
115
|
end
|
116
116
|
end
|
@@ -121,11 +121,11 @@ describe InspecPlugins::Compliance::API do
|
|
121
121
|
config = InspecPlugins::Compliance::Configuration.new
|
122
122
|
config.clean
|
123
123
|
config["server_type"] = "compliance"
|
124
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal true
|
125
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal false
|
126
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
|
127
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
|
128
|
-
InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
|
124
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal true
|
125
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal false
|
126
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
|
127
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
|
128
|
+
_(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
|
129
129
|
end
|
130
130
|
end
|
131
131
|
|
@@ -134,11 +134,11 @@ describe InspecPlugins::Compliance::API do
|
|
134
134
|
config = InspecPlugins::Compliance::Configuration.new
|
135
135
|
config.clean
|
136
136
|
config["server_type"] = "automate2"
|
137
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
|
138
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal false
|
139
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
|
140
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
|
141
|
-
InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal true
|
137
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
|
138
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal false
|
139
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
|
140
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
|
141
|
+
_(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal true
|
142
142
|
end
|
143
143
|
end
|
144
144
|
|
@@ -147,11 +147,11 @@ describe InspecPlugins::Compliance::API do
|
|
147
147
|
config = InspecPlugins::Compliance::Configuration.new
|
148
148
|
config.clean
|
149
149
|
config["server_type"] = "automate"
|
150
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
|
151
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
|
152
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
|
153
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
|
154
|
-
InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
|
150
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
|
151
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
|
152
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
|
153
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
|
154
|
+
_(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
|
155
155
|
end
|
156
156
|
end
|
157
157
|
|
@@ -161,11 +161,11 @@ describe InspecPlugins::Compliance::API do
|
|
161
161
|
config.clean
|
162
162
|
config["server_type"] = "automate"
|
163
163
|
config["version"] = "1.2.3"
|
164
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
|
165
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
|
166
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
|
167
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
|
168
|
-
InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
|
164
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
|
165
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
|
166
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
|
167
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
|
168
|
+
_(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
|
169
169
|
end
|
170
170
|
end
|
171
171
|
|
@@ -175,10 +175,10 @@ describe InspecPlugins::Compliance::API do
|
|
175
175
|
config.clean
|
176
176
|
config["server_type"] = "automate"
|
177
177
|
config["version"] = {}
|
178
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
|
179
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
|
180
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
|
181
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
|
178
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
|
179
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
|
180
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
|
181
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
|
182
182
|
end
|
183
183
|
end
|
184
184
|
|
@@ -188,10 +188,10 @@ describe InspecPlugins::Compliance::API do
|
|
188
188
|
config.clean
|
189
189
|
config["server_type"] = "automate"
|
190
190
|
config["version"] = { "version" => "0.8.1" }
|
191
|
-
InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
|
192
|
-
InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
|
193
|
-
InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
|
194
|
-
InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal true
|
191
|
+
_(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
|
192
|
+
_(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
|
193
|
+
_(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
|
194
|
+
_(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal true
|
195
195
|
end
|
196
196
|
end
|
197
197
|
end
|
@@ -199,32 +199,32 @@ describe InspecPlugins::Compliance::API do
|
|
199
199
|
describe ".server_version_from_config" do
|
200
200
|
it "returns nil when the config has no version key" do
|
201
201
|
config = {}
|
202
|
-
InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
|
202
|
+
_(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
|
203
203
|
end
|
204
204
|
|
205
205
|
it "returns nil when the version value is not a hash" do
|
206
206
|
config = { "version" => "123" }
|
207
|
-
InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
|
207
|
+
_(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
|
208
208
|
end
|
209
209
|
|
210
210
|
it "returns nil when the version value is a hash but has no version key inside" do
|
211
211
|
config = { "version" => {} }
|
212
|
-
InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
|
212
|
+
_(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
|
213
213
|
end
|
214
214
|
|
215
215
|
it "returns the version if the version value is a hash containing a version" do
|
216
216
|
config = { "version" => { "version" => "1.2.3" } }
|
217
|
-
InspecPlugins::Compliance::API.server_version_from_config(config).must_equal "1.2.3"
|
217
|
+
_(InspecPlugins::Compliance::API.server_version_from_config(config)).must_equal "1.2.3"
|
218
218
|
end
|
219
219
|
end
|
220
220
|
|
221
221
|
describe "profile_split" do
|
222
222
|
it "handles a profile without version" do
|
223
|
-
InspecPlugins::Compliance::API.profile_split("admin/apache-baseline").must_equal ["admin", "apache-baseline", nil]
|
223
|
+
_(InspecPlugins::Compliance::API.profile_split("admin/apache-baseline")).must_equal ["admin", "apache-baseline", nil]
|
224
224
|
end
|
225
225
|
|
226
226
|
it "handles a profile with a version" do
|
227
|
-
InspecPlugins::Compliance::API.profile_split("admin/apache-baseline#2.0.1").must_equal ["admin", "apache-baseline", "2.0.1"]
|
227
|
+
_(InspecPlugins::Compliance::API.profile_split("admin/apache-baseline#2.0.1")).must_equal ["admin", "apache-baseline", "2.0.1"]
|
228
228
|
end
|
229
229
|
end
|
230
230
|
|
@@ -235,8 +235,8 @@ describe InspecPlugins::Compliance::API do
|
|
235
235
|
config["server_type"] = "automate"
|
236
236
|
config["server"] = "https://myautomate"
|
237
237
|
config["version"] = "1.6.99"
|
238
|
-
InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline").must_equal "https://myautomate/profiles/admin/apache-baseline/tar"
|
239
|
-
InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2").must_equal "https://myautomate/profiles/admin/apache-baseline/version/2.0.2/tar"
|
238
|
+
_(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline")).must_equal "https://myautomate/profiles/admin/apache-baseline/tar"
|
239
|
+
_(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2")).must_equal "https://myautomate/profiles/admin/apache-baseline/version/2.0.2/tar"
|
240
240
|
end
|
241
241
|
|
242
242
|
it "handles a chef-compliance profile with and without version" do
|
@@ -245,8 +245,8 @@ describe InspecPlugins::Compliance::API do
|
|
245
245
|
config["server_type"] = "compliance"
|
246
246
|
config["server"] = "https://mychefcompliance"
|
247
247
|
config["version"] = "1.1.2"
|
248
|
-
InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline").must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
|
249
|
-
InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2").must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
|
248
|
+
_(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline")).must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
|
249
|
+
_(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2")).must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
|
250
250
|
end
|
251
251
|
end
|
252
252
|
|
@@ -269,10 +269,10 @@ describe InspecPlugins::Compliance::API do
|
|
269
269
|
.with(headers: { "Accept" => "*/*", "Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "Chef-Delivery-Enterprise" => "automate", "User-Agent" => "Ruby", "X-Data-Collector-Token" => "" })
|
270
270
|
.to_return(status: 200, body: profiles_response.to_json, headers: {})
|
271
271
|
|
272
|
-
InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline").must_equal true
|
273
|
-
InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.1").must_equal true
|
274
|
-
InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.999").must_equal false
|
275
|
-
InspecPlugins::Compliance::API.exist?(config, "admin/missing-in-action").must_equal false
|
272
|
+
_(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline")).must_equal true
|
273
|
+
_(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.1")).must_equal true
|
274
|
+
_(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.999")).must_equal false
|
275
|
+
_(InspecPlugins::Compliance::API.exist?(config, "admin/missing-in-action")).must_equal false
|
276
276
|
end
|
277
277
|
end
|
278
278
|
|
@@ -295,7 +295,7 @@ describe InspecPlugins::Compliance::API do
|
|
295
295
|
.with(url + automate2_endpoint, headers, insecure)
|
296
296
|
.returns(good_response)
|
297
297
|
|
298
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate2)
|
298
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate2)
|
299
299
|
end
|
300
300
|
|
301
301
|
it "returns `:automate` when a 401 is received from `https://URL/compliance/version`" do
|
@@ -309,7 +309,7 @@ describe InspecPlugins::Compliance::API do
|
|
309
309
|
.with(url + automate_endpoint, headers, insecure)
|
310
310
|
.returns(good_response)
|
311
311
|
|
312
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate)
|
312
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate)
|
313
313
|
end
|
314
314
|
|
315
315
|
# Chef Automate currently returns 401 for `/compliance/version` but some
|
@@ -327,7 +327,7 @@ describe InspecPlugins::Compliance::API do
|
|
327
327
|
.with(url + automate_endpoint, headers, insecure)
|
328
328
|
.returns(good_response)
|
329
329
|
|
330
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate)
|
330
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate)
|
331
331
|
end
|
332
332
|
|
333
333
|
it "returns `nil` if a 200 is received from `https://URL/compliance/version` but not redirected to Chef Manage" do
|
@@ -347,7 +347,7 @@ describe InspecPlugins::Compliance::API do
|
|
347
347
|
.with(url + compliance_endpoint, headers, insecure)
|
348
348
|
.returns(mock_compliance_response)
|
349
349
|
|
350
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_be_nil
|
350
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_be_nil
|
351
351
|
end
|
352
352
|
|
353
353
|
it "returns `:compliance` when a 200 is received from `https://URL/api/version`" do
|
@@ -364,7 +364,7 @@ describe InspecPlugins::Compliance::API do
|
|
364
364
|
.with(url + compliance_endpoint, headers, insecure)
|
365
365
|
.returns(good_response)
|
366
366
|
|
367
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:compliance)
|
367
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:compliance)
|
368
368
|
end
|
369
369
|
|
370
370
|
it "returns `nil` if it cannot determine the server type" do
|
@@ -380,7 +380,7 @@ describe InspecPlugins::Compliance::API do
|
|
380
380
|
.with(url + compliance_endpoint, headers, insecure)
|
381
381
|
.returns(bad_response)
|
382
382
|
|
383
|
-
InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_be_nil
|
383
|
+
_(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_be_nil
|
384
384
|
end
|
385
385
|
end
|
386
386
|
end
|
@@ -15,7 +15,7 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
15
15
|
|
16
16
|
it "returns an error when token is not set" do
|
17
17
|
ex = assert_raises(Inspec::FetcherFailure) { fetcher.class.check_compliance_token("http://test.com", config) }
|
18
|
-
ex.message.must_include "Cannot fetch http://test.com because your compliance token has not been\nconfigured."
|
18
|
+
_(ex.message).must_include "Cannot fetch http://test.com because your compliance token has not been\nconfigured."
|
19
19
|
end
|
20
20
|
end
|
21
21
|
|
@@ -25,7 +25,7 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
25
25
|
it "returns the correct owner and profile name" do
|
26
26
|
config["profile"] = ["admin", "ssh-baseline", nil]
|
27
27
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profile", config)
|
28
|
-
fetcher.send(:compliance_profile_name).must_equal "admin/ssh-baseline"
|
28
|
+
_(fetcher.send(:compliance_profile_name)).must_equal "admin/ssh-baseline"
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
@@ -34,12 +34,12 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
34
34
|
|
35
35
|
it "returns the correct profile name when the url is correct" do
|
36
36
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/myowner/myprofile/tar", config)
|
37
|
-
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
37
|
+
_(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
|
38
38
|
end
|
39
39
|
|
40
40
|
it "raises an exception if the url is malformed" do
|
41
41
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
42
|
-
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
42
|
+
_(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
|
43
43
|
end
|
44
44
|
end
|
45
45
|
|
@@ -51,12 +51,12 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
51
51
|
|
52
52
|
it "returns the correct profile name when the url is correct" do
|
53
53
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profiles/myowner/myprofile/tar", config)
|
54
|
-
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
54
|
+
_(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
|
55
55
|
end
|
56
56
|
|
57
57
|
it "raises an exception if the url is malformed" do
|
58
58
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
59
|
-
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
59
|
+
_(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
|
60
60
|
end
|
61
61
|
end
|
62
62
|
|
@@ -68,12 +68,12 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
68
68
|
|
69
69
|
it "returns the correct profile name when the url is correct" do
|
70
70
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/owners/myowner/compliance/myprofile/tar", config)
|
71
|
-
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
71
|
+
_(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
|
72
72
|
end
|
73
73
|
|
74
74
|
it "raises an exception if the url is malformed" do
|
75
75
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
76
|
-
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
76
|
+
_(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
|
77
77
|
end
|
78
78
|
end
|
79
79
|
|
@@ -104,7 +104,7 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
104
104
|
InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
|
105
105
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve("compliance://admin/ssh-baseline")
|
106
106
|
assert = ["admin", "ssh-baseline", nil]
|
107
|
-
fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
|
107
|
+
_(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
|
108
108
|
end
|
109
109
|
|
110
110
|
it "returns the correct profile name when parsing compliance hash" do
|
@@ -116,7 +116,7 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
116
116
|
}
|
117
117
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve(hash)
|
118
118
|
assert = ["admin", "ssh-baseline", nil]
|
119
|
-
fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
|
119
|
+
_(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
|
120
120
|
end
|
121
121
|
end
|
122
122
|
|
@@ -149,7 +149,7 @@ describe InspecPlugins::Compliance::Fetcher do
|
|
149
149
|
prof = profiles_result[0]
|
150
150
|
target = "compliance://#{prof["owner"]}/#{prof["name"]}"
|
151
151
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve(target)
|
152
|
-
fetcher.upstream_sha256.must_equal prof["sha256"]
|
152
|
+
_(fetcher.upstream_sha256).must_equal prof["sha256"]
|
153
153
|
end
|
154
154
|
end
|
155
155
|
end
|
@@ -19,22 +19,22 @@ class Module
|
|
19
19
|
include Minitest::Spec::DSL # TODO: NO! remove this!
|
20
20
|
end
|
21
21
|
|
22
|
-
module Inspec
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
end
|
22
|
+
# module Inspec
|
23
|
+
# class FuncTestRunResult
|
24
|
+
# attr_reader :train_result
|
25
|
+
# attr_reader :payload
|
26
|
+
#
|
27
|
+
# extend Forwardable
|
28
|
+
# def_delegator :train_result, :stdout
|
29
|
+
# def_delegator :train_result, :stderr
|
30
|
+
# def_delegator :train_result, :exit_status
|
31
|
+
#
|
32
|
+
# def initialize(train_result)
|
33
|
+
# @train_result = train_result
|
34
|
+
# @payload = OpenStruct.new
|
35
|
+
# end
|
36
|
+
# end
|
37
|
+
# end
|
38
38
|
|
39
39
|
module CorePluginBaseHelper
|
40
40
|
libdir = File.expand_path "lib"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.18.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chef InSpec Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-10-
|
11
|
+
date: 2019-10-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: train
|
@@ -154,14 +154,20 @@ dependencies:
|
|
154
154
|
requirements:
|
155
155
|
- - "~>"
|
156
156
|
- !ruby/object:Gem::Version
|
157
|
-
version: '3'
|
157
|
+
version: '3.0'
|
158
|
+
- - "<"
|
159
|
+
- !ruby/object:Gem::Version
|
160
|
+
version: '3.9'
|
158
161
|
type: :runtime
|
159
162
|
prerelease: false
|
160
163
|
version_requirements: !ruby/object:Gem::Requirement
|
161
164
|
requirements:
|
162
165
|
- - "~>"
|
163
166
|
- !ruby/object:Gem::Version
|
164
|
-
version: '3'
|
167
|
+
version: '3.0'
|
168
|
+
- - "<"
|
169
|
+
- !ruby/object:Gem::Version
|
170
|
+
version: '3.9'
|
165
171
|
- !ruby/object:Gem::Dependency
|
166
172
|
name: rspec-its
|
167
173
|
requirement: !ruby/object:Gem::Requirement
|
@@ -502,7 +508,6 @@ files:
|
|
502
508
|
- lib/inspec/plugin/v2/plugin_types/mock.rb
|
503
509
|
- lib/inspec/plugin/v2/registry.rb
|
504
510
|
- lib/inspec/plugin/v2/status.rb
|
505
|
-
- lib/inspec/polyfill.rb
|
506
511
|
- lib/inspec/profile.rb
|
507
512
|
- lib/inspec/profile_context.rb
|
508
513
|
- lib/inspec/profile_vendor.rb
|