simp-beaker-helpers 1.24.1 → 1.24.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bf9271df59bd88be59e1555cd5536c0906f7d09dcb2d1096df801302b1ebbd0d
-  data.tar.gz: 967fb58eb7e5561c35b32899beb972d4b0f70a423239d05e5e12aad20b207658
+  metadata.gz: a3ebfb21a6409e25775b605532f96982fe2bfc200dced0a88683427bf1c3818e
+  data.tar.gz: 94ecd0803ebda28858480211e6fc0d0ab0402c96dbf3101fa4f6a7f17070c11e
 SHA512:
-  metadata.gz: 9dfd8dcd9bb759cd995aad0f33f072064537dccd5d96cd9b19e5193b069a8c62b5df860802c8a99f0478bbb596fa882cbd8f482d1d581ff9c72218049c3051f2
-  data.tar.gz: bd0af0b10d2b743c2f8995821d00c64c4d3bf9d387ebefd3c6af81e4bb738b88ded50671214baf7c74e174fa5e4eb8f884722c5d34c4a06f831e4d79fd098b10
+  metadata.gz: 72fb511dc7fb090c5ae5f80170975af6c0e33ebf01744b090a1cae8579e052d8baa354b9d42e9b9a9b50fda12afc54e8e519e1278bc565633b8777be79827c18
+  data.tar.gz: 4629b633ec4a047d1549fa9f7ab2dbc457a72e1770cfbff8aaf9eba9a5648905a9be87b32a5191797caab501e25e47ba6cb975e70a1ebc9ca9b0bd16f34201de

data/.fixtures.yml

@@ -7,6 +7,3 @@ fixtures:
     disa_stig-el7-baseline:
       repo: https://github.com/mitre/redhat-enterprise-linux-7-stig-baseline
       target: spec/fixtures/inspec_deps/inspec_profiles/profiles
-    disa_stig-el8-baseline:
-      repo: https://github.com/mitre/redhat-enterprise-linux-8-stig-baseline
-      target: spec/fixtures/inspec_deps/inspec_profiles/profiles

data/.github/workflows/pr_acceptance.yml

@@ -1,5 +1,5 @@
 # Run all tests as GitHub Actions
-name: Unit Tests
+name: Acceptance Tests
 on:
   push:
     branches:

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+### 1.24.2 / 2022-03-09
+* Fixed:
+  * Prevent `spec/` directory symlink recursion in `copy_fixture_modules_to`
+  * Update the derivatives workaround to insert an inert line instead of
+    commenting out the previous line to allow for logic updates
+  * Addressed a bug where passing an empty exceptions array would produce an
+    invalid xpath query
+  * Ensure that the new SIMP community RPMs are used
+
 ### 1.24.1 / 2021-10-27
 * Fixed:
   * Worked around a bug in 'puppet lookup' - PUP-11402

data/lib/simp/beaker_helpers/inspec.rb

@@ -34,9 +34,7 @@ module Simp::BeakerHelpers
     #   The name of the profile against which to run
     #
     def initialize(sut, profile)
-      # The 4.41 release is currently broken
-      # @inspec_version = ENV['BEAKER_inspec_version'] || 'latest'
-      @inspec_version = ENV['BEAKER_inspec_version'] || '4.39.0'
+      @inspec_version = ENV['BEAKER_inspec_version'] || 'latest'
 
       @sut = sut
 

data/lib/simp/beaker_helpers/ssg.rb

@@ -278,9 +278,8 @@ module Simp::BeakerHelpers
 
         xpath_query << ')' if filter.size > 1
 
-        if exclusions
-          exclusions = Array(exclusions)
-
+        exclusions = Array(exclusions)
+        unless exclusions.empty?
           xpath_query << 'and not('
 
           xpath_query << exclusions.map do |exl|
@@ -419,7 +418,7 @@ module Simp::BeakerHelpers
         #
         # This isn't 100% correct but it's "good enough" for an automated CI
         # environment to tell us if something is critically out of alignment.
-        on(@sut, %(cd scap-content/build-scripts; sed -ci 's/ssg.build_derivatives.profile_handling/#ssg.build_derivatives.profile_handling/g' enable_derivatives.py))
+        on(@sut, %(cd scap-content/build-scripts; sed -ci 's/ssg.build_derivatives.profile_handling/__simp_dontcare__ = None #ssg.build_derivatives.profile_handling/g' enable_derivatives.py))
 
         on(@sut, %(cd scap-content/build; cmake ../; make -j4 #{OS_INFO[@os][@os_rel]['ssg']['build_target']}-content && cp *ds.xml #{@scap_working_dir}))
       end

data/lib/simp/beaker_helpers/version.rb

@@ -1,5 +1,5 @@
 module Simp; end
 
 module Simp::BeakerHelpers
-  VERSION = '1.24.1'
+  VERSION = '1.24.2'
 end

data/lib/simp/beaker_helpers.rb

@@ -411,7 +411,7 @@ module Simp::BeakerHelpers
               begin
                 tarfile = "#{Simp::BeakerHelpers.tmpname}.tar"
 
-                excludes = PUPPET_MODULE_INSTALL_IGNORE.map do |x|
+                excludes = (PUPPET_MODULE_INSTALL_IGNORE + ['spec']).map do |x|
                   x = "--exclude '*/#{x}'"
                 end.join(' ')
 
@@ -1498,10 +1498,12 @@ module Simp::BeakerHelpers
     block_on(suts, :run_in_parallel => parallel) do |sut|
       install_package_unless_present_on(sut, 'yum-utils')
 
+      release = fact_on(sut, 'os.release.major')
+
       install_package_unless_present_on(
         sut,
         'simp-release-community',
-        "https://download.simp-project.com/simp-release-community.rpm",
+        "https://download.simp-project.com/simp-release-community.el#{release}.rpm"
       )
 
       to_disable = disable.dup

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: simp-beaker-helpers
 version: !ruby/object:Gem::Version
-  version: 1.24.1
+  version: 1.24.2
 platform: ruby
 authors:
 - Chris Tessmer
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-01-11 00:00:00.000000000 Z
+date: 2022-03-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: beaker
@@ -254,11 +254,8 @@ files:
 - spec/acceptance/suites/windows/nodesets/win2016.yml
 - spec/acceptance/suites/windows/nodesets/win2019.yml
 - spec/fixtures/inspec_profiles/CentOS-7-disa_stig
-- spec/fixtures/inspec_profiles/CentOS-8-disa_stig
 - spec/fixtures/inspec_profiles/RedHat-7-disa_stig/controls/00_Control_Selector.rb
 - spec/fixtures/inspec_profiles/RedHat-7-disa_stig/inspec.yml
-- spec/fixtures/inspec_profiles/RedHat-8-disa_stig/controls/00_Control_Selector.rb
-- spec/fixtures/inspec_profiles/RedHat-8-disa_stig/inspec.yml
 - spec/lib/simp/beaker_helpers_spec.rb
 - spec/spec_helper.rb
 - spec/spec_helper_acceptance.rb

data/spec/fixtures/inspec_profiles/CentOS-8-disa_stig

@@ -1 +0,0 @@
-spec/fixtures/inspec_profiles/RedHat-8-disa_stig

data/spec/fixtures/inspec_profiles/RedHat-8-disa_stig/controls/00_Control_Selector.rb

@@ -1,45 +0,0 @@
-skips = {
-  'V-72209' => 'Cannot guarantee a remote syslog server during test'
-}
-overrides = [ 'V-72091' ]
-subsystems = []
-
-require_controls 'disa_stig-el8-baseline' do
-  skips.each_pair do |ctrl, reason|
-    control ctrl do
-      describe "Skip #{ctrl}" do
-        skip "Reason: #{skips[ctrl]}" do
-        end
-      end
-    end
-  end
-
-  @conf['profile'].info[:controls].each do |ctrl|
-    next if (overrides + skips.keys).include?(ctrl[:id])
-
-    if subsystems.empty?
-      control ctrl[:id]
-    else
-      tags = ctrl[:tags]
-      if tags && tags[:subsystems]
-        subsystems.each do |subsystem|
-          if tags[:subsystems].include?(subsystem)
-            control ctrl[:id]
-          end
-        end
-      end
-    end
-  end
-
-  ## Overrides ##
-
-  # There's no email server to send anything to by default so syslog is a safer
-  # default for processing.
-  control 'V-72091' do
-    overrides << self.to_s
-
-    describe auditd_conf do
-      its('space_left_action.downcase') { should cmp 'syslog' }
-    end
-  end
-end

data/spec/fixtures/inspec_profiles/RedHat-8-disa_stig/inspec.yml

@@ -1,14 +0,0 @@
-name: EL8 STIG
-title: STIG for EL 8
-supports:
-  - os-family: redhat
-maintainer: SIMP Team
-copyright: Onyx Point, Inc.
-copyright_email: simp@onyxpoint.com
-license: Apache-2.0
-summary: |
-  A collection of InSpec tests
-version: 0.0.1
-depends:
-  - name: disa_stig-el8-baseline
-    path: ../../inspec_deps/inspec_profiles/profiles/disa_stig-el8-baseline