puppet-lint-security-plugins 0.1.7 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ca2d2823689fee2c5355557052f052a8ee154b88
-  data.tar.gz: f49555ff6d3ef1634104cd81027349f9bc524b37
+  metadata.gz: 1b6def59f026140613ea0c905c9a133fcfd78760
+  data.tar.gz: e46af64b3174e0806b3c1e312ebd5f19cda01828
 SHA512:
-  metadata.gz: e1bd04bfa0cc93d486bb84d7fb15b14b7647b558672cf708f9b18f66ec78f9d6e7188a02c71e21ce38a14ba0315fcfe7c000a93478e4aa7065ee8f96f333b17b
-  data.tar.gz: 63f202e85d363a2f5c93cbb60a2b0bb493d35e7cc2e03194a1a4e80fe38f570ee67b1763c91766de78ff48e155f6c6e3d36e9151e56414e57e6e0515d6d602ed
+  metadata.gz: 7e1bca0361771c490655bf68e6682167e479c44a35899fdd7ebc04d7ee73a42803b48ab711c860385678ba93dcdfc8b71cbf6c27fb9a4af544fd1548fe4e686c
+  data.tar.gz: 16c00da9f12c451052e6ff12afd0ae4207088e4aa4fe0e3b0dd9f3375fba15d24cef9b6e5d36cb33628a9eccf36ffaf47bab3e2c2c3f484e4b0f74a86108a7a8

data/README.md

@@ -7,6 +7,8 @@ are implemented, please feel free to contribute.
 
     gem install puppet-lint-security-plugins
 
+[![Gem Version](https://badge.fury.io/rb/puppet-lint-security-plugins@2x.png)](https://badge.fury.io/rb/puppet-lint-security-plugins)
+
 ## Testing your manifests
 
 Just use `puppet-lint`. After installation security checks are enabled by default.
@@ -24,7 +26,6 @@ At the moment, the following tests have been implemented:
  * Should not pin packages to specific version
  * Must not store plaintext passwords in the manifest
  * Must not use password variables in exec
- * Should use range markers (\A,\z,^,$) in regular expressions
  * Must not use class or defined\_type parameters in `exec`
  * Should not use `tidy`with `age` and/or `size` parameter
  * Should not use `tidy` with `match` equals to `*`

data/lib/puppet-lint/plugins/check_security_class_or_define_parameter_in_exec.rb

@@ -7,11 +7,11 @@ PuppetLint.new_check(:security_class_or_define_parameter_in_exec) do
     check_resource_index(
       :resource_type => 'exec',
       :severity => :error,
-      :message => 'Class or definded_type parameter in exec used (security!)'
+      :message => 'Class or defined_type parameter in exec used (security!)'
     ) do |rule|
 
       class_definitions=class_indexes.find_all do |cd|
-        resource_in_class_or_define?(rule,cd) 
+        resource_in_class_or_define?(rule,cd)
       end
 
       defined_types=defined_type_indexes.find_all do |dt|

data/lib/puppet-lint/security.rb

@@ -2,7 +2,7 @@
 class PuppetLint::CheckPlugin
 
   # This types represent valid values for variables and parameters
-  VALID_CONTENT_TOKENS=[:NAME,:SSTRING,:STRING,:NUMBER,:TRUE,:FALSE,:DQPRE,:DQMID,:DQPOST,:VARIABLE]
+  VALID_CONTENT_TOKENS=[:NAME,:FUNCTION_NAME,:SSTRING,:STRING,:NUMBER,:TRUE,:FALSE,:DQPRE,:DQMID,:DQPOST,:VARIABLE]
 
   # Checks if given resource is defined in given class or define
   #
@@ -120,7 +120,7 @@ class PuppetLint::CheckPlugin
   def get_argument_token_for_function(tokens,function)
     lparen=tokens.find do |token|
       token.type == :LPAREN and
-        token.prev_code_token.type == :NAME and
+        token.prev_code_token.type == :FUNCTION_NAME and
         token.prev_code_token.value == function
     end
 
@@ -159,7 +159,7 @@ class PuppetLint::CheckPlugin
       t = block_starter.next_token
 
       until [:SEMIC,:RBRACE].include? t.type
-        token_array << t unless t.type == :COLON
+        token_array << t
         t = t.next_token
       end
 

data/spec/puppet-lint/plugins/check_security_apache_no_ssl_vhost_spec.rb

@@ -16,7 +16,7 @@ apache::vhost { 'fourth.example.com':
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(38)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(37)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_apt_absent_no_key_spec.rb

@@ -24,7 +24,7 @@ apt::source {
       end
 
       it 'should create a error' do
-        expect(problems).to contain_error(msg).on_line(6).in_column(16)
+        expect(problems).to contain_error(msg).on_line(6).in_column(15)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_apt_no_key_spec.rb

@@ -5,7 +5,8 @@ describe 'security_apt_no_key' do
 
   context 'with fix disabled' do
     context 'code having no key parameter in apt' do
-      let(:code) { "apt::source { 'puppetlabs':
+      let(:code) { "
+apt::source { 'puppetlabs':
   location => 'http://apt.puppetlabs.com',
   repos    => 'main',
 }
@@ -16,7 +17,7 @@ describe 'security_apt_no_key' do
       end
 
       it 'should create a error' do
-        expect(problems).to contain_error(msg).on_line(1).in_column(28)
+        expect(problems).to contain_error(msg).on_line(2).in_column(27)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_class_or_define_parameter_in_exec_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe 'security_class_or_define_parameter_in_exec' do
-  let(:msg) { 'Class or definded_type parameter in exec used (security!)' }
+  let(:msg) { 'Class or defined_type parameter in exec used (security!)' }
 
   context 'with fix disabled' do
     context 'code having variables in execs' do

data/spec/puppet-lint/plugins/check_security_firewall_any_any_deny_spec.rb

@@ -18,7 +18,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 
@@ -36,7 +36,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 
@@ -52,7 +52,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 
@@ -69,7 +69,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 
@@ -86,7 +86,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 
@@ -103,7 +103,7 @@ describe 'security_firewall_any_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(29)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(28)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_firewall_puppetmaster_any_deny_spec.rb

@@ -18,7 +18,7 @@ describe 'security_firewall_puppetmaster_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(38)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(37)
       end
     end
 
@@ -37,7 +37,7 @@ describe 'security_firewall_puppetmaster_any_deny' do
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(38)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(37)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_tidy_all_files_spec.rb

@@ -15,7 +15,7 @@ tidy { '/usr/local':
       end
 
       it 'should create a warning' do
-        expect(problems).to contain_warning(msg).on_line(2).in_column(21)
+        expect(problems).to contain_warning(msg).on_line(2).in_column(20)
       end
     end
 

data/spec/puppet-lint/plugins/check_security_user_with_id_0_created_spec.rb

@@ -23,7 +23,7 @@ user {'myroot':
       end
 
       it 'should create a error' do
-        expect(problems).to contain_error(msg).on_line(3).in_column(16)
+        expect(problems).to contain_error(msg).on_line(3).in_column(15)
       end
     end
 

metadata

@@ -1,114 +1,115 @@
 --- !ruby/object:Gem::Specification
 name: puppet-lint-security-plugins
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.2.0
 platform: ruby
 authors:
 - Florian Freund
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-01 00:00:00.000000000 Z
+date: 2017-08-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: puppet-lint
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '3.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '3.3'
 - !ruby/object:Gem::Dependency
   name: rspec-its
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rspec-collection_matchers
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: mail
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: "    Checks puppet manifests for security related problems.\n"
+description: |2
+      Checks puppet manifests for security related problems.
 email: mail@floek.net
 executables: []
 extensions: []
@@ -181,17 +182,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.0.14.1
 signing_key: 
 specification_version: 4
 summary: A puppet-lint plugin to check security issues.