train-juniper 0.7.1 → 0.7.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 86bf86dd54cabe94e072c6e3a2b64ffcdfbdf774a5f33f1a3a76012829dd71bc
-  data.tar.gz: c2e5d2fe1ecfa259f78c2d80f76d94eaa68afb817d584c57d02bfb4c46779924
+  metadata.gz: c7074cafad165e2055edc5be8495a250025f4fc06ad658e740b77248e3d2273c
+  data.tar.gz: febffacb8ad71ffc912a76b3be460f598e48e20b0c500de48f10c3cefe11c549
 SHA512:
-  metadata.gz: 168356b0c2a48f7b4817acb535571c2b651d12365dc7340c96c9b2b2d6db30981516683c29965bd295459d8cbb2b2625e020a35789a3bbed4d295ce29712264e
-  data.tar.gz: 8a209708671652728890ff96f75b3a2da922f37f93c61896881e99b387adc15ecc1e889d6e416637dc0eee011ed1f1b9b0fcd33b99c2bacfe15f2736daaa9da8
+  metadata.gz: 4c47e243ab6d5922904bd7898b4c1da8dff8ac4986f3b60629e4662c566e79ace9bbec8a0dfda2ee400e51ec7f060f2c871b11be07d84130ce1f1ac1d23b4d76
+  data.tar.gz: af8b001261139a75f38da8be9711c3c9f14c8a618bd8195234c750262ef40e4a772cd9a081a59deb2880e1c78ac5ad44846ba7c902cc360420a4d4a4b5092be6

data/CHANGELOG.md

@@ -5,6 +5,37 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.7.3] - 2025-06-23
+
+### Documentation
+
+- Improve README structure for better MkDocs rendering
+- Add platform support section to README
+
+### Fixed
+
+- Follow standard RubyGems conventions for gem packaging
+- Remove .md extensions from internal MkDocs links
+- **docs**: Improve Support section formatting with subsections
+- **windows**: Use PowerShell for SSH_ASKPASS on Windows and add cross-platform CI/CD
+- **ci**: Add comprehensive platform support for cross-platform compatibility
+- Update ffi dependency to support Ruby 3.3 on Windows
+- Handle Windows PowerShell script paths in bastion proxy tests
+- Use direct gem push instead of rubygems/release-gem action
+- Complete release workflow implementation
+
+### Miscellaneous Tasks
+
+- Add session.md to .gitignore
+
+### Styling
+
+- Fix trailing whitespace in bastion proxy files
+
+### Testing
+
+- Add nocov markers for Windows-specific PowerShell code
+
 ## [0.7.1] - 2025-06-23
 
 ### Added
@@ -26,6 +57,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Add v0.7.0 to mkdocs and automate nav updates
 - **coverage**: Properly handle SimpleCov :nocov: markers in analysis
 - **docs**: Move Security Policy to About section in navigation
+- Resolve RuboCop violations for CI/CD compliance
+- Update release task to handle GitHub Actions gem publishing
+- Resolve final RuboCop issues in release task
 
 ### Miscellaneous Tasks
 

data/CONTRIBUTING.md

@@ -146,7 +146,7 @@ Releases are managed by project maintainers:
 
 ## Community
 
-- Follow our [Code of Conduct](CODE_OF_CONDUCT.md)
+- Follow our [Code of Conduct](CODE_OF_CONDUCT)
 - Be respectful and collaborative
 - Help others learn and contribute
 

data/README.md

@@ -175,11 +175,11 @@ This allows maximum flexibility while providing sensible defaults for common sce
 | `key_files` | SSH private key files | - | - |
 | `keys_only` | Use only specified keys | false | - |
 
-**Notes**: 
-- Cannot specify both `bastion_host` and `proxy_command` simultaneously
-- If `bastion_user` not provided, falls back to using main `user` for bastion authentication
-- If `bastion_password` not provided, falls back to using main `password` for bastion authentication
-- Supports automated password authentication via SSH_ASKPASS mechanism
+!!! note "Important Configuration Notes"
+    - Cannot specify both `bastion_host` and `proxy_command` simultaneously
+    - If `bastion_user` not provided, falls back to using main `user` for bastion authentication
+    - If `bastion_password` not provided, falls back to using main `password` for bastion authentication
+    - Supports automated password authentication via SSH_ASKPASS mechanism
 
 ### InSpec Configuration File
 
@@ -280,7 +280,8 @@ Train.create('juniper', {
 
 ### Common Authentication Issues
 
-#### ❌ **Error**: "No bastion password specified"
+#### ❌ Error: "No bastion password specified"
+
 **Solution**: Train doesn't have `--bastion-password`. Use one of these patterns:
 ```bash
 # Same password for both (most common)
@@ -293,7 +294,8 @@ inspec detect -t "juniper://user@device?bastion_host=jump" --key-files ~/.ssh/id
 inspec detect -t "juniper://user@device?proxy_command=sshpass%20-p%20jumppass%20ssh%20jumpuser@jump%20-W%20%h:%p" --password "device_pass"
 ```
 
-#### ❌ **Error**: "Authentication failed"
+#### ❌ Error: "Authentication failed"
+
 **Solutions**:
 ```bash
 # Verify bastion connection first
@@ -309,7 +311,8 @@ inspec detect -t "juniper://user@device?bastion_host=jump&proxy_command=ssh%20-v
 inspec detect -t "juniper://user@device?bastion_host=jump" --password "pass" -l debug
 ```
 
-#### ❌ **Error**: "Connection timeout"
+#### ❌ Error: "Connection timeout"
+
 **Solutions**:
 ```bash
 # Increase timeouts
@@ -349,6 +352,7 @@ result = connection.run_command('show version')
 ```
 
 Mock mode provides:
+
 - ✅ Realistic JunOS command outputs
 - ✅ Platform detection (JunOS 12.1X47-D15.4)
 - ✅ Error simulation for negative testing
@@ -393,12 +397,31 @@ This plugin implements the Train Plugin V1 API with:
 - **Platform** (`lib/train-juniper/platform.rb`) - JunOS platform detection
 - **Version** (`lib/train-juniper/version.rb`) - Plugin version management
 
+### Platform Support
+
+This gem supports a wide range of platforms to ensure maximum compatibility:
+
+| Platform | Description | Use Case |
+|----------|-------------|----------|
+| `ruby` | Platform-independent | Pure Ruby installations |
+| `x86_64-linux` | Standard Linux | Most Linux servers and CI/CD |
+| `aarch64-linux` | ARM64 Linux | AWS Graviton, Raspberry Pi |
+| `x86_64-linux-musl` | Alpine Linux | Docker containers |
+| `x86_64-darwin` | Intel macOS | Older Mac workstations |
+| `arm64-darwin-*` | Apple Silicon macOS | Modern Mac workstations |
+| `x64-mingw-ucrt` | Windows (UCRT) | Windows 10/11 with modern Ruby |
+| `x86_64-freebsd` | FreeBSD | Network appliances (JunOS heritage) |
+| `x86_64-solaris` | Solaris/illumos | Enterprise environments |
+
+!!! note "Platform Compatibility"
+    This comprehensive platform support ensures the plugin works wherever InSpec runs, from developer workstations to CI/CD pipelines to production jump hosts. The FreeBSD support is particularly relevant given that JunOS is based on FreeBSD.
+
 ### Documentation
 
-- **[Installation Guide](installation.md)** - Complete installation instructions
-- **[Basic Usage](basic-usage.md)** - Getting started with the plugin
-- **[Release Process](RELEASE_PROCESS.md)** - How to cut releases and publish gems
-- **[Project Roadmap](ROADMAP.md)** - Future development plans and contribution opportunities
+- **[Installation Guide](installation)** - Complete installation instructions
+- **[Basic Usage](basic-usage)** - Getting started with the plugin
+- **[Release Process](RELEASE_PROCESS)** - How to cut releases and publish gems
+- **[Project Roadmap](ROADMAP)** - Future development plans and contribution opportunities
 
 ### Plugin Development Resources
 
@@ -407,19 +430,29 @@ This plugin implements the Train Plugin V1 API with:
 
 ## Contributing
 
+We welcome contributions! Here's how to get started:
+
 1. Fork the repository
-2. Create a feature branch
+2. Create a feature branch (`git checkout -b feature/amazing-feature`)
 3. Make your changes with tests
-4. Run `bundle exec rake test` 
+4. Run `bundle exec rake test` to ensure tests pass
 5. Submit a pull request
 
+Please see our [Contributing Guide](CONTRIBUTING) for more details.
+
 ## Support and Contact
 
+### General Support
+
 For questions, feature requests, or general support:
+
 - Email: [saf@mitre.org](mailto:saf@mitre.org)
 - GitHub Issues: [https://github.com/mitre/train-juniper/issues](https://github.com/mitre/train-juniper/issues)
 
+### Security Issues
+
 For security issues or vulnerabilities:
+
 - Email: [saf-security@mitre.org](mailto:saf-security@mitre.org)
 - GitHub Security: [https://github.com/mitre/train-juniper/security](https://github.com/mitre/train-juniper/security)
 
@@ -439,12 +472,12 @@ Special thanks to the Train and InSpec communities for their excellent documenta
 
 Licensed under the Apache-2.0 license, except as noted below.
 
-See [LICENSE](LICENSE.md) for full details.
+See [LICENSE](LICENSE) for full details.
 
 ### Notice
 
 This software was produced for the U.S. Government under contract and is subject to Federal Acquisition Regulation Clause 52.227-14.
 
-See [NOTICE](NOTICE.md) for full details.
+See [NOTICE](NOTICE) for full details.
 
 © 2025 The MITRE Corporation.

data/lib/train-juniper/connection/bastion_proxy.rb

@@ -46,13 +46,33 @@ module TrainPlugins
       def create_ssh_askpass_script(password)
         require 'tempfile'
 
-        script = Tempfile.new(['ssh_askpass', '.sh'])
-        script.write("#!/bin/bash\necho '#{password}'\n")
-        script.close
-        File.chmod(0o755, script.path)
-
-        @logger.debug("Created SSH_ASKPASS script at #{script.path}")
-        script.path
+        if Gem.win_platform?
+          # :nocov:
+          # Create Windows PowerShell script
+          script = Tempfile.new(['ssh_askpass', '.ps1'])
+          # PowerShell handles escaping better, just escape quotes
+          escaped_password = password.gsub("'", "''")
+          script.write("Write-Output '#{escaped_password}'\r\n")
+          script.close
+
+          # Create a wrapper batch file to execute PowerShell with bypass policy
+          wrapper = Tempfile.new(['ssh_askpass_wrapper', '.bat'])
+          wrapper.write("@echo off\r\npowershell.exe -ExecutionPolicy Bypass -File \"#{script.path}\"\r\n")
+          wrapper.close
+
+          @logger.debug("Created SSH_ASKPASS PowerShell script at #{script.path} with wrapper at #{wrapper.path}")
+          wrapper.path
+          # :nocov:
+        else
+          # Create Unix shell script
+          script = Tempfile.new(['ssh_askpass', '.sh'])
+          script.write("#!/bin/bash\necho '#{password}'\n")
+          script.close
+          File.chmod(0o755, script.path)
+
+          @logger.debug("Created SSH_ASKPASS script at #{script.path}")
+          script.path
+        end
       end
 
       # Generate SSH proxy command for bastion host using ProxyJump (-J)

data/lib/train-juniper/version.rb

@@ -8,6 +8,6 @@
 module TrainPlugins
   module Juniper
     # Version number of the train-juniper plugin
-    VERSION = '0.7.1'
+    VERSION = '0.7.3'
   end
 end

data/train-juniper.gemspec

@@ -68,8 +68,8 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'net-ssh', '>= 2.9', '< 8.0'
 
   # FFI dependency - required by train-core
-  # Match InSpec 7's FFI version range for compatibility
-  spec.add_dependency 'ffi', '>= 1.15.5', '< 1.17.0'
+  # Updated to support Ruby 3.3 on Windows (ffi 1.17.x required)
+  spec.add_dependency 'ffi', '>= 1.15.5', '< 1.18.0'
 
   # Development dependencies
   spec.add_development_dependency 'bundler', '~> 2.0'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: train-juniper
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.7.3
 platform: ruby
 authors:
 - MITRE Corporation
@@ -53,7 +53,7 @@ dependencies:
         version: 1.15.5
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.17.0
+        version: 1.18.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -63,7 +63,7 @@ dependencies:
         version: 1.15.5
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.17.0
+        version: 1.18.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement