Merge remote-tracking branch 'upstream/master' into yt/wildcart_support_platform_name

This commit is contained in:
superyarick 2020-12-01 18:26:09 -05:00
commit 90a8d509b9
24 changed files with 90 additions and 24 deletions

View file

@ -17,14 +17,6 @@ steps:
docker:
image: ruby:2.6
- label: run-tests-ruby-2.4
command:
- /workdir/.expeditor/buildkite/verify.sh
expeditor:
executor:
docker:
image: ruby:2.4
- label: run-tests-ruby-2.5
command:
- /workdir/.expeditor/buildkite/verify.sh

View file

@ -1,16 +1,26 @@
# Change Log
<!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
<!-- latest_release unreleased -->
## Unreleased
<!-- latest_release 4.23.24 -->
## [v4.23.24](https://github.com/inspec/inspec/tree/v4.23.24) (2020-12-01)
#### Merged Pull Requests
- Update Codeowners file for Docs [#5298](https://github.com/inspec/inspec/pull/5298) ([mjingle](https://github.com/mjingle))
- Fix escaping of Windows package names [#5323](https://github.com/inspec/inspec/pull/5323) ([ramereth](https://github.com/ramereth))
<!-- latest_release -->
<!-- release_rollup since=4.23.15 -->
### Changes since 4.23.15 release
#### New Features
- InSpec Cloud: Reporting by Resource [#5241](https://github.com/inspec/inspec/pull/5241) ([Schwad](https://github.com/Schwad)) <!-- 4.23.22 -->
#### Bug Fixes
- Don&#39;t reload plugins if load_all is called repeatedly [#5308](https://github.com/inspec/inspec/pull/5308) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 4.23.20 -->
#### Merged Pull Requests
- Fix escaping of Windows package names [#5323](https://github.com/inspec/inspec/pull/5323) ([ramereth](https://github.com/ramereth)) <!-- 4.23.24 -->
- Drop EOL Ruby 2.4 from testing, Fix Ruby 2.5 Gem build [#5321](https://github.com/inspec/inspec/pull/5321) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 4.23.23 -->
- Update Ruby to 2.7.2 [#5281](https://github.com/inspec/inspec/pull/5281) ([tas50](https://github.com/tas50)) <!-- 4.23.22 -->
- grub_conf - handle no menuentry config [#5306](https://github.com/inspec/inspec/pull/5306) ([james-stocks](https://github.com/james-stocks)) <!-- 4.23.21 -->
- Update Codeowners file for Docs [#5298](https://github.com/inspec/inspec/pull/5298) ([mjingle](https://github.com/mjingle)) <!-- 4.23.19 -->
- Bumps parallel for ruby 2.4 issue [#5304](https://github.com/inspec/inspec/pull/5304) ([Schwad](https://github.com/Schwad)) <!-- 4.23.19 -->
- replace deprecated attributes section with inputs [#5295](https://github.com/inspec/inspec/pull/5295) ([KonradSchieban](https://github.com/KonradSchieban)) <!-- 4.23.18 -->

View file

@ -11,6 +11,11 @@ gem "inspec-bin", path: "./inspec-bin"
gem "ffi", ">= 1.9.14", "!= 1.13.0"
if Gem.ruby_version.to_s.start_with?("2.5")
# 16.7.23 required ruby 2.6+
gem "chef-utils", "< 16.7.23" # TODO: remove when we drop ruby 2.5
end
group :omnibus do
gem "rb-readline"
gem "appbundler"

View file

@ -1 +1 @@
4.23.19
4.23.24

View file

@ -486,6 +486,7 @@ The `run_data` object contains all data from the Chef InSpec run. Here is an ove
v0.1.0 - Initial version
v0.2.0 - added `run_data.profiles[0].inputs[0].options.sensitive`
v0.3.0 - added resource_name && params
## Implementing Input Plugins

View file

@ -1,5 +1,5 @@
# This file managed by automation - do not edit manually
module InspecBin
INSPECBIN_ROOT = File.expand_path("../..", __FILE__)
VERSION = "4.23.19".freeze
VERSION = "4.23.24".freeze
end

View file

@ -159,6 +159,14 @@ module Inspec::Formatters
resource_title: example.metadata[:described_class] || example.metadata[:example_group][:description],
expectation_message: format_expectation_message(example),
waiver_data: example.metadata[:waiver_data],
# This enforces the resource name as expected based off of the class
# name. However, if we wanted the `name` attribute against the class
# to be canonical for this case (consider edge cases!) we would use
# example.metadata[:described_class].instance_variable_get(:@__resource_name__)&.to_s
resource_class: example.metadata[:described_class].class.superclass.name,
# This is a raw grep of the text passed to the resource in any format,
# and is used to enforce near-uniqueness against the resource.
resource_params: find_resource_params(example.metadata[:described_class]),
}
unless (pid = example.metadata[:profile_id]).nil?
@ -174,6 +182,14 @@ module Inspec::Formatters
res
end
def find_resource_params(example)
if example.class.ancestors.include?(Inspec::Resource)
example.instance_variable_get(:@resource_params)
else
[]
end
end
def format_expectation_message(example)
if (example.metadata[:example_group][:description_args].first == example.metadata[:example_group][:described_class]) ||
example.metadata[:example_group][:described_class].nil?

View file

@ -50,6 +50,11 @@ module Inspec::Plugin::V2
# we want to allow "sidecar loading", in which case a plugin may add an entry to the registry.
registry.plugin_names.dup.each do |plugin_name|
plugin_details = registry[plugin_name]
# Under some conditions (kitchen-inspec with multiple test suites, for example), this may be
# called multple times. Don't reload anything.
next if plugin_details.loaded
# We want to capture literally any possible exception here, since we are storing them.
# rubocop: disable Lint/RescueException
begin

View file

@ -40,6 +40,8 @@ module Inspec::Reporters
message: r[:message],
exception: r[:exception],
backtrace: r[:backtrace],
resource_class: r[:resource_class],
resource_params: r[:resource_params].to_s,
}.reject { |_k, v| v.nil? }
}
end

View file

@ -108,6 +108,7 @@ module Inspec
# Infrastructure / Bookkeeping
def self.__register(name, resource_klass)
# This has bitten us and should be a great candidate to remove in InSpec5
cl = Class.new(resource_klass) do # TODO: remove
# As best I can figure out, this anonymous class only exists
# because we're trying to avoid having resources with
@ -116,6 +117,7 @@ module Inspec
# documentation.
def initialize(backend, name, *args)
supersuper_initialize(backend, name) do
@resource_params = args
super(*args)
end
end

View file

@ -29,7 +29,7 @@ module Inspec::Resources
@content = read_file(@conf_path)
@kernel = kernel || "default"
rescue UnknownGrubConfig
skip_resource "The `grub_config` resource is not supported on your OS yet."
skip_resource "The `grub_conf` resource is not yet supported on the target OS #{inspec.os[:name]}."
end
def config_for_platform(path)
@ -77,6 +77,7 @@ module Inspec::Resources
def grub2_parse_kernel_lines(content, conf)
menu_entries = extract_menu_entries(content)
return {} if menu_entries.empty?
if @kernel == "default"
default_menu_entry(menu_entries, conf["GRUB_DEFAULT"])

View file

@ -314,7 +314,7 @@ module Inspec::Resources
# Find the package
cmd = inspec.command <<-EOF.gsub(/^\s*/, "")
Get-ItemProperty (@("#{search_paths.join('", "')}") | Where-Object { Test-Path $_ }) |
Where-Object { $_.DisplayName -match "^\s*#{package_name.shellescape}\.*" -or $_.PSChildName -match "^\s*#{package_name.shellescape}\.*" } |
Where-Object { $_.DisplayName -like "#{package_name}" -or $_.PSChildName -like "#{package_name}" } |
Select-Object -Property DisplayName,DisplayVersion | ConvertTo-Json
EOF

View file

@ -47,7 +47,7 @@ module Inspec
# core reporters have been migrated to plugins. It is probable that new data elements
# and new Hash compatibility behavior will be added during the core reporter plugin
# conversion process.
SCHEMA_VERSION = "0.2.0".freeze
SCHEMA_VERSION = "0.3.0".freeze
def self.compatible_schema?(constraints)
reqs = Gem::Requirement.create(constraints)

View file

@ -8,6 +8,7 @@ module Inspec
:run_time, # Float seconds execution time
:skip_message, # String
:start_time, # DateTime
:resource_params, # What is passed to the resource as a raw grep
:status, # String
:resource_title, # Ugly internals
# :waiver_data, # Undocumented tramp data / not exposed in this API
@ -34,6 +35,7 @@ module Inspec
end
self.resource_name = raw_res_data[:resource_title].instance_variable_get(:@__resource_name__)&.to_s
self.resource_params = raw_res_data[:resource_title].instance_variable_get(:@grep)&.to_s
end
end
end

View file

@ -56,6 +56,7 @@ module Inspec
"code_desc" => { "type" => "string" },
"run_time" => { "type" => "number" },
"start_time" => { "type" => "string" },
"resource_class" => { "type" => "string", "optional" => true },
"skip_message" => { "type" => "string", "optional" => true },
"resource" => { "type" => "string", "optional" => true },
"message" => { "type" => "string", "optional" => true },
@ -194,6 +195,7 @@ module Inspec
"profile_sha256" => { "type" => "string" },
"status" => { "type" => "string" },
"code_desc" => { "type" => "string" },
"resource_class" => { "type" => "string", "optional" => true },
"skip_message" => { "type" => "string", "optional" => true },
"resource" => { "type" => "string", "optional" => true },
"message" => { "type" => "string", "optional" => true },

View file

@ -1,3 +1,3 @@
module Inspec
VERSION = "4.23.19".freeze
VERSION = "4.23.24".freeze
end

View file

@ -3,4 +3,4 @@
# grab the current train release from rubygems.org
train_stable = /^train \((.*)\)/.match(`gem list ^train$ --remote`)[1]
override "train", version: "v#{train_stable}"
override "ruby", version: "2.6.6"
override "ruby", version: "2.7.2"

View file

@ -61,7 +61,8 @@
"status": "passed",
"code_desc": "File /etc/hosts mode should eq 420",
"run_time": 0.031503,
"start_time": "2018-07-30T08:56:41-04:00"
"start_time": "2018-07-30T08:56:41-04:00",
"resource_params": ""
}
]
},
@ -101,7 +102,8 @@
"status": "passed",
"code_desc": "File /etc/passwd should exist",
"run_time": 0.003954,
"start_time": "2018-07-30T08:56:41-04:00"
"start_time": "2018-07-30T08:56:41-04:00",
"resource_params": ""
}
]
},
@ -131,7 +133,8 @@
"run_time": 2.9e-05,
"start_time": "2018-07-30T08:56:41-04:00",
"resource": "Operating System Detection",
"skip_message": "Skipped control due to only_if condition."
"skip_message": "Skipped control due to only_if condition.",
"resource_params": ""
}
]
}

View file

@ -1 +1 @@
{"platform":{"name":"mac_os_x","release":"17.2.0"},"profiles":[{"name":"long_commands","version":"0.1.0","sha256":"4f816f8cf18f165f05f1cf20936aaad06a15287de3f578891197647ca05c7df4","title":"InSpec Profile","maintainer":"The Authors","summary":"An InSpec Compliance Profile","license":"Apache-2.0","copyright":"The Authors","copyright_email":"you@example.com","supports":[{"os-family":"bds"},{"os-name":"mac_os_x","release":"17.*"}],"attributes":[],"groups":[{"id":"controls/example.rb","controls":["(generated from example.rb:7 871cd54043069c5c4f6e382fd5627830)","tmp-1.0","(generated from example.rb:21 2ff474c5357e7070f4c3efa932032dcb)"],"title":"sample section"},{"id":"controls/run_command.rb","controls":["(generated from run_command.rb:5 a411d4ded1530b2f48170840e1127584)"]}],"controls":[{"id":"(generated from example.rb:7 871cd54043069c5c4f6e382fd5627830)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /tmp should be directory","run_time":0.002058,"start_time":"2018-01-05 11:43:04 -0500"}]},{"id":"tmp-1.0","title":"Create /tmp directory","desc":"An optional description...","descriptions":[{"label":"default","data":"An optional description..."}],"impact":0.7,"refs":[],"tags":{},"code":"control 'tmp-1.0' do # A unique ID for this control\n impact 0.7 # The criticality, if this control fails.\n title 'Create /tmp directory' # A human-readable title\n desc 'An optional description...'\n describe file('/tmp') do # The actual test\n it { should be_directory }\n end\nend\n","waiver_data":{},"source_location":{"line":12,"ref":"../inspec-demo/_test/long_commands/controls/example.rb"},"results":[{"status":"passed","code_desc":"File /tmp should be directory","run_time":0.000102,"start_time":"2018-01-05 11:43:04 -0500"}]},{"id":"(generated from example.rb:21 2ff474c5357e7070f4c3efa932032dcb)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","waiver_data":{},"source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"results":[{"status":"failed","code_desc":"gem package rubocop should be installed","run_time":0.000168,"start_time":"2018-01-05 11:43:04 -0500","message":"rubocop is not installed"}]},{"id":"(generated from run_command.rb:5 a411d4ded1530b2f48170840e1127584)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","waiver_data":{},"source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"results":[{"status":"passed","code_desc":"Command whoami stdout should eq \"jquick\\n\"","run_time":0.034938,"start_time":"2018-01-05 11:43:04 -0500"}]}]}],"statistics":{"duration":0.039182},"version":"1.49.2"}
{"platform":{"name":"mac_os_x","release":"17.2.0"},"profiles":[{"name":"long_commands","version":"0.1.0","sha256":"4f816f8cf18f165f05f1cf20936aaad06a15287de3f578891197647ca05c7df4","title":"InSpec Profile","maintainer":"The Authors","summary":"An InSpec Compliance Profile","license":"Apache-2.0","copyright":"The Authors","copyright_email":"you@example.com","supports":[{"os-family":"bds"},{"os-name":"mac_os_x","release":"17.*"}],"attributes":[],"groups":[{"id":"controls/example.rb","controls":["(generated from example.rb:7 871cd54043069c5c4f6e382fd5627830)","tmp-1.0","(generated from example.rb:21 2ff474c5357e7070f4c3efa932032dcb)"],"title":"sample section"},{"id":"controls/run_command.rb","controls":["(generated from run_command.rb:5 a411d4ded1530b2f48170840e1127584)"]}],"controls":[{"id":"(generated from example.rb:7 871cd54043069c5c4f6e382fd5627830)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /tmp should be directory","run_time":0.002058,"start_time":"2018-01-05 11:43:04 -0500","resource_params":""}]},{"id":"tmp-1.0","title":"Create /tmp directory","desc":"An optional description...","descriptions":[{"label":"default","data":"An optional description..."}],"impact":0.7,"refs":[],"tags":{},"code":"control 'tmp-1.0' do # A unique ID for this control\n impact 0.7 # The criticality, if this control fails.\n title 'Create /tmp directory' # A human-readable title\n desc 'An optional description...'\n describe file('/tmp') do # The actual test\n it { should be_directory }\n end\nend\n","waiver_data":{},"source_location":{"line":12,"ref":"../inspec-demo/_test/long_commands/controls/example.rb"},"results":[{"status":"passed","code_desc":"File /tmp should be directory","run_time":0.000102,"start_time":"2018-01-05 11:43:04 -0500","resource_params":""}]},{"id":"(generated from example.rb:21 2ff474c5357e7070f4c3efa932032dcb)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","waiver_data":{},"source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"results":[{"status":"failed","code_desc":"gem package rubocop should be installed","run_time":0.000168,"start_time":"2018-01-05 11:43:04 -0500","message":"rubocop is not installed","resource_params":""}]},{"id":"(generated from run_command.rb:5 a411d4ded1530b2f48170840e1127584)","title":null,"desc":null,"descriptions":[],"impact":0.5,"refs":[],"tags":{},"code":"","waiver_data":{},"source_location":{"line":89,"ref":"/Users/jquick/Chef/inspec/lib/inspec/control_eval_context.rb"},"results":[{"status":"passed","code_desc":"Command whoami stdout should eq \"jquick\\n\"","run_time":0.034938,"start_time":"2018-01-05 11:43:04 -0500","resource_params":""}]}]}],"statistics":{"duration":0.039182},"version":"1.49.2"}

View file

@ -30,6 +30,7 @@
:code_desc: File /tmp should exist
:run_time: 0.001313935
:start_time: '2018-05-31T16:22:19+05:30'
:resource_params: ''
:statistics:
:duration: 0.002678506
:version: 2.1.83

View file

@ -187,6 +187,29 @@ describe "inspec exec with json formatter" do
_(ex1["impact"]).must_equal 0.7
end
describe "results" do
let(:result) { ex1["results"][0] }
let(:result2) { ex2["results"][0] }
it "has a code_desc" do
_(result["code_desc"]).must_equal "File / is expected to be directory"
end
it "has a resource_class" do
_(result["resource_class"]).must_equal "file"
end
# This is a raw grep of the argument(s) passed to the resource, currently
# used by automate to identify and sort differing resources
it "has a resource_params that's empty" do
_(result["resource_params"]).must_equal "[\"/\"]"
end
it "has a resource_params with values" do
_(result2["resource_params"]).must_equal "[\"/\"]"
end
end
it "has all the metadata" do
actual = profile.dup
key = actual.delete("controls")

View file

@ -271,7 +271,7 @@ class MockLoader
"rmsock f0000000000000001 tcpcb" => cmd.call("rmsock-f0001"),
"rmsock f0000000000000002 tcpcb" => cmd.call("rmsock-f0002"),
# packages on windows
"f7718ece69188bb19cd458e2aeab0a8d968f3d40ac2f4199e21cc976f8db5ef6" => cmd.call("get-item-property-package"),
"6785190b3df7291a7622b0b75b0217a9a78bd04690bc978df51ae17ec852a282" => cmd.call("get-item-property-package"),
# service status upstart on ubuntu
"initctl status ssh" => cmd.call("initctl-status-ssh"),
# upstart version on ubuntu

View file

@ -15,7 +15,6 @@ describe Inspec::Reporters::JsonAutomate do
report.render
actual = JSON.parse(report.rendered_output, symbolize_names: true)
_(actual).must_equal output
end
end

View file

@ -55,6 +55,7 @@ describe Inspec::Reporters::Json do
code_desc: "File /tmp should be directory",
run_time: 0.002058,
start_time: "2018-01-05 11:43:04 -0500",
resource_params: "",
}
result = report.send(:profile_results, control)
_(result.first).must_equal hash
@ -68,6 +69,7 @@ describe Inspec::Reporters::Json do
code_desc: "File /tmp should be directory",
run_time: 0.002058,
start_time: "2018-01-05 11:43:04 -0500",
resource_params: "",
resource: "File",
skip_message: "skipping",
}