mirror of
https://github.com/inspec/inspec
synced 2024-11-21 20:23:06 +00:00
blindly applied chefstyle -a
Signed-off-by: Ryan Davis <zenspider@chef.io>
This commit is contained in:
parent
5a0dd5a5d8
commit
a5309ea392
688 changed files with 16796 additions and 16827 deletions
|
@ -1,4 +1,4 @@
|
|||
source 'https://supermarket.chef.io'
|
||||
source "https://supermarket.chef.io"
|
||||
|
||||
cookbook 'audit'
|
||||
cookbook 'os_prepare', path: './test/cookbooks/os_prepare'
|
||||
cookbook "audit"
|
||||
cookbook "os_prepare", path: "./test/cookbooks/os_prepare"
|
||||
|
|
66
Gemfile
66
Gemfile
|
@ -1,61 +1,61 @@
|
|||
source 'https://rubygems.org'
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem 'inspec', path: '.'
|
||||
gem "inspec", path: "."
|
||||
|
||||
# This dependency is NOT used for normal gem deployment
|
||||
# - instead, inspec-bin gemspec-depends on inspec
|
||||
#
|
||||
# However, AppBundler requires a top-level Gemfile.lock with inspec-bin
|
||||
# in it in order to package the executable. Hence the odd backwards dependency.
|
||||
gem 'inspec-bin', path: './inspec-bin'
|
||||
gem "inspec-bin", path: "./inspec-bin"
|
||||
|
||||
gem 'ffi', '>= 1.9.14'
|
||||
gem "ffi", ">= 1.9.14"
|
||||
|
||||
group :omnibus do
|
||||
gem 'rb-readline'
|
||||
gem 'appbundler'
|
||||
gem 'ed25519' # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
||||
gem 'bcrypt_pbkdf' # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
||||
gem "rb-readline"
|
||||
gem "appbundler"
|
||||
gem "ed25519" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
||||
gem "bcrypt_pbkdf" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
|
||||
end
|
||||
|
||||
group :test do
|
||||
gem 'chefstyle', '~> 0.6'
|
||||
gem 'coveralls', require: false
|
||||
gem 'minitest', '~> 5.5'
|
||||
gem 'rake', '>= 10'
|
||||
gem 'simplecov', '~> 0.10'
|
||||
gem 'concurrent-ruby', '~> 1.0'
|
||||
gem 'mocha', '~> 1.1'
|
||||
gem 'ruby-progressbar', '~> 1.8'
|
||||
gem 'webmock', '~> 3.0'
|
||||
gem 'passgen'
|
||||
gem 'm'
|
||||
gem 'pry', '~> 0.10'
|
||||
gem 'pry-byebug'
|
||||
gem "chefstyle", "~> 0.6"
|
||||
gem "coveralls", require: false
|
||||
gem "minitest", "~> 5.5"
|
||||
gem "rake", ">= 10"
|
||||
gem "simplecov", "~> 0.10"
|
||||
gem "concurrent-ruby", "~> 1.0"
|
||||
gem "mocha", "~> 1.1"
|
||||
gem "ruby-progressbar", "~> 1.8"
|
||||
gem "webmock", "~> 3.0"
|
||||
gem "passgen"
|
||||
gem "m"
|
||||
gem "pry", "~> 0.10"
|
||||
gem "pry-byebug"
|
||||
end
|
||||
|
||||
group :integration do
|
||||
gem 'berkshelf'
|
||||
gem 'chef', '< 15'
|
||||
gem 'test-kitchen'
|
||||
gem 'kitchen-vagrant'
|
||||
gem 'kitchen-inspec'
|
||||
gem 'kitchen-ec2'
|
||||
gem 'kitchen-dokken'
|
||||
gem 'git'
|
||||
gem "berkshelf"
|
||||
gem "chef", "< 15"
|
||||
gem "test-kitchen"
|
||||
gem "kitchen-vagrant"
|
||||
gem "kitchen-inspec"
|
||||
gem "kitchen-ec2"
|
||||
gem "kitchen-dokken"
|
||||
gem "git"
|
||||
end
|
||||
|
||||
# gems for Maintainers.md generation
|
||||
group :maintenance do
|
||||
gem 'tomlrb'
|
||||
gem "tomlrb"
|
||||
|
||||
# To sync maintainers with github
|
||||
gem 'octokit'
|
||||
gem 'netrc'
|
||||
gem "octokit"
|
||||
gem "netrc"
|
||||
end
|
||||
|
||||
group :deploy do
|
||||
gem 'inquirer'
|
||||
gem "inquirer"
|
||||
end
|
||||
|
||||
# add these additional dependencies into Gemfile.local
|
||||
|
|
187
Rakefile
187
Rakefile
|
@ -1,15 +1,15 @@
|
|||
#!/usr/bin/env rake
|
||||
|
||||
require 'bundler'
|
||||
require 'bundler/gem_helper'
|
||||
require 'rake/testtask'
|
||||
require 'passgen'
|
||||
require 'train'
|
||||
require_relative 'tasks/maintainers'
|
||||
require_relative 'tasks/spdx'
|
||||
require 'fileutils'
|
||||
require "bundler"
|
||||
require "bundler/gem_helper"
|
||||
require "rake/testtask"
|
||||
require "passgen"
|
||||
require "train"
|
||||
require_relative "tasks/maintainers"
|
||||
require_relative "tasks/spdx"
|
||||
require "fileutils"
|
||||
|
||||
Bundler::GemHelper.install_tasks name: 'inspec'
|
||||
Bundler::GemHelper.install_tasks name: "inspec"
|
||||
|
||||
def prompt(message)
|
||||
print(message)
|
||||
|
@ -21,17 +21,17 @@ end
|
|||
# when the "tests" gem group in the Gemfile has been excluded, such as
|
||||
# during an appbundle-updater run.
|
||||
begin
|
||||
require 'ruby-progressbar'
|
||||
require_relative 'tasks/docs'
|
||||
require "ruby-progressbar"
|
||||
require_relative "tasks/docs"
|
||||
rescue LoadError
|
||||
puts 'docs tasks are unavailable because the ruby-progressbar gem is not available.'
|
||||
puts "docs tasks are unavailable because the ruby-progressbar gem is not available."
|
||||
end
|
||||
|
||||
begin
|
||||
require 'git'
|
||||
require_relative 'tasks/contrib'
|
||||
require "git"
|
||||
require_relative "tasks/contrib"
|
||||
rescue LoadError
|
||||
puts 'contrib tasks are unavailable because the git gem is not available.'
|
||||
puts "contrib tasks are unavailable because the git gem is not available."
|
||||
end
|
||||
|
||||
task :install do
|
||||
|
@ -44,27 +44,27 @@ GLOBS = [
|
|||
"test/unit/**/*_test.rb",
|
||||
"test/functional/**/*_test.rb",
|
||||
"lib/plugins/inspec-*/test/**/*_test.rb",
|
||||
]
|
||||
].freeze
|
||||
|
||||
# run tests
|
||||
task default: ['test:lint', 'test:default']
|
||||
task default: ["test:lint", "test:default"]
|
||||
|
||||
namespace :test do
|
||||
|
||||
Rake::TestTask.new(:default) do |t|
|
||||
t.libs << 'test'
|
||||
t.libs << "test"
|
||||
t.test_files = Dir[*GLOBS].sort
|
||||
t.warning = !!ENV["W"]
|
||||
t.verbose = !!ENV["V"] # default to off. the test commands are _huge_.
|
||||
t.ruby_opts = ['--dev'] if defined?(JRUBY_VERSION)
|
||||
t.ruby_opts = ["--dev"] if defined?(JRUBY_VERSION)
|
||||
end
|
||||
task :default => [:accept_license]
|
||||
task default: [:accept_license]
|
||||
|
||||
begin
|
||||
require 'rubocop/rake_task'
|
||||
require "rubocop/rake_task"
|
||||
RuboCop::RakeTask.new(:lint)
|
||||
rescue LoadError
|
||||
puts 'rubocop is not available. Install the rubocop gem to run the lint tests.'
|
||||
puts "rubocop is not available. Install the rubocop gem to run the lint tests."
|
||||
end
|
||||
|
||||
task :list do
|
||||
|
@ -75,9 +75,9 @@ namespace :test do
|
|||
clean = true
|
||||
|
||||
failures = Dir[*GLOBS]
|
||||
failures.reject! { |file|
|
||||
system(Gem.ruby, '-Ilib:test', file)
|
||||
}
|
||||
failures.reject! do |file|
|
||||
system(Gem.ruby, "-Ilib:test", file)
|
||||
end
|
||||
|
||||
unless failures.empty?
|
||||
puts "These test files failed:\n"
|
||||
|
@ -87,91 +87,91 @@ namespace :test do
|
|||
end
|
||||
|
||||
task :accept_license do
|
||||
FileUtils.mkdir_p(File.join(Dir.home, '.chef', 'accepted_licenses'))
|
||||
FileUtils.mkdir_p(File.join(Dir.home, ".chef", "accepted_licenses"))
|
||||
# If the user has not accepted the license, touch the acceptance
|
||||
# file, but also touch a marker that it is only for testing.
|
||||
unless File.exist?(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec'))
|
||||
unless File.exist?(File.join(Dir.home, ".chef", "accepted_licenses", "inspec"))
|
||||
puts "\n\nTemporarily accepting Chef user license for the duration of testing...\n"
|
||||
FileUtils.touch(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec'))
|
||||
FileUtils.touch(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec.for_testing'))
|
||||
FileUtils.touch(File.join(Dir.home, ".chef", "accepted_licenses", "inspec"))
|
||||
FileUtils.touch(File.join(Dir.home, ".chef", "accepted_licenses", "inspec.for_testing"))
|
||||
end
|
||||
|
||||
# Regardless of what happens, when this process exits, check for cleanup.
|
||||
at_exit do
|
||||
if File.exist?(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec.for_testing'))
|
||||
if File.exist?(File.join(Dir.home, ".chef", "accepted_licenses", "inspec.for_testing"))
|
||||
puts "\n\nRemoving temporary Chef user license acceptance file that was placed for test duration.\n"
|
||||
FileUtils.rm_f(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec'))
|
||||
FileUtils.rm_f(File.join(Dir.home, '.chef', 'accepted_licenses', 'inspec.for_testing'))
|
||||
FileUtils.rm_f(File.join(Dir.home, ".chef", "accepted_licenses", "inspec"))
|
||||
FileUtils.rm_f(File.join(Dir.home, ".chef", "accepted_licenses", "inspec.for_testing"))
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
Rake::TestTask.new(:functional) do |t|
|
||||
t.libs << 'test'
|
||||
t.libs << "test"
|
||||
t.test_files = Dir.glob([
|
||||
'test/functional/**/*_test.rb',
|
||||
'lib/plugins/inspec-*/test/functional/**/*_test.rb',
|
||||
"test/functional/**/*_test.rb",
|
||||
"lib/plugins/inspec-*/test/functional/**/*_test.rb",
|
||||
])
|
||||
t.warning = !!ENV["W"]
|
||||
t.verbose = !!ENV["V"] # default to off. the test commands are _huge_.
|
||||
t.ruby_opts = ['--dev'] if defined?(JRUBY_VERSION)
|
||||
t.ruby_opts = ["--dev"] if defined?(JRUBY_VERSION)
|
||||
end
|
||||
# Inject a prerequisite task
|
||||
task :functional => [:accept_license]
|
||||
task functional: [:accept_license]
|
||||
|
||||
Rake::TestTask.new(:unit) do |t|
|
||||
t.libs << 'test'
|
||||
t.libs << "test"
|
||||
t.test_files = Dir.glob([
|
||||
'test/unit/**/*_test.rb',
|
||||
'lib/plugins/inspec-*/test/unit/**/*_test.rb',
|
||||
"test/unit/**/*_test.rb",
|
||||
"lib/plugins/inspec-*/test/unit/**/*_test.rb",
|
||||
])
|
||||
t.warning = !!ENV["W"]
|
||||
t.verbose = !!ENV["V"] # default to off. the test commands are _huge_.
|
||||
t.ruby_opts = ['--dev'] if defined?(JRUBY_VERSION)
|
||||
t.ruby_opts = ["--dev"] if defined?(JRUBY_VERSION)
|
||||
end
|
||||
# Inject a prerequisite task
|
||||
task :unit => [:accept_license]
|
||||
task unit: [:accept_license]
|
||||
|
||||
task :resources do
|
||||
tests = Dir['test/unit/resource/*_test.rb']
|
||||
tests = Dir["test/unit/resource/*_test.rb"]
|
||||
return if tests.empty?
|
||||
sh(Gem.ruby, 'test/docker_test.rb', *tests)
|
||||
sh(Gem.ruby, "test/docker_test.rb", *tests)
|
||||
end
|
||||
|
||||
task :integration, [:os] do |task, args|
|
||||
concurrency = ENV['CONCURRENCY'] || 1
|
||||
os = args[:os] || ENV['OS'] || ''
|
||||
ENV['DOCKER'] = 'true' if ENV['docker'].nil?
|
||||
concurrency = ENV["CONCURRENCY"] || 1
|
||||
os = args[:os] || ENV["OS"] || ""
|
||||
ENV["DOCKER"] = "true" if ENV["docker"].nil?
|
||||
sh("bundle exec kitchen test -c #{concurrency} #{os}")
|
||||
end
|
||||
# Inject a prerequisite task
|
||||
task :'integration' => [:accept_license]
|
||||
task 'integration': [:accept_license]
|
||||
|
||||
task :ssh, [:target] do |_t, args|
|
||||
tests_path = File.join(File.dirname(__FILE__), 'test', 'integration', 'test', 'integration', 'default')
|
||||
key_files = ENV['key_files'] || File.join(ENV['HOME'], '.ssh', 'id_rsa')
|
||||
tests_path = File.join(File.dirname(__FILE__), "test", "integration", "test", "integration", "default")
|
||||
key_files = ENV["key_files"] || File.join(ENV["HOME"], ".ssh", "id_rsa")
|
||||
|
||||
sh_cmd = "bin/inspec exec #{tests_path}/"
|
||||
sh_cmd += ENV['test'] ? "#{ENV['test']}_spec.rb" : '*'
|
||||
sh_cmd += " --sudo" unless args[:target].split('@')[0] == 'root'
|
||||
sh_cmd += ENV["test"] ? "#{ENV['test']}_spec.rb" : "*"
|
||||
sh_cmd += " --sudo" unless args[:target].split("@")[0] == "root"
|
||||
sh_cmd += " -t ssh://#{args[:target]}"
|
||||
sh_cmd += " --key_files=#{key_files}"
|
||||
sh_cmd += " --format=#{ENV['format']}" if ENV['format']
|
||||
sh_cmd += " --format=#{ENV['format']}" if ENV["format"]
|
||||
|
||||
sh('sh', '-c', sh_cmd)
|
||||
sh("sh", "-c", sh_cmd)
|
||||
end
|
||||
|
||||
project_dir = File.dirname(__FILE__)
|
||||
namespace :aws do
|
||||
['default', 'minimal'].each do |account|
|
||||
integration_dir = File.join(project_dir, 'test', 'integration', 'aws', account)
|
||||
attribute_file = File.join(integration_dir, '.attribute.yml')
|
||||
%w{default minimal}.each do |account|
|
||||
integration_dir = File.join(project_dir, "test", "integration", "aws", account)
|
||||
attribute_file = File.join(integration_dir, ".attribute.yml")
|
||||
|
||||
task :"setup:#{account}", :tf_workspace do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must either call the top-level test:aws:#{account} task, or set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
puts "----> Setup"
|
||||
abort("You must set the environment variable AWS_REGION") unless ENV['AWS_REGION']
|
||||
abort("You must set the environment variable AWS_REGION") unless ENV["AWS_REGION"]
|
||||
puts "----> Checking for required AWS profile..."
|
||||
sh("aws configure get aws_access_key_id --profile inspec-aws-test-#{account} > /dev/null")
|
||||
sh("cd #{integration_dir}/build/ && terraform init -upgrade")
|
||||
|
@ -185,7 +185,7 @@ namespace :test do
|
|||
sh("cd #{integration_dir}/build/ && AWS_PROFILE=inspec-aws-test-#{account} terraform output > #{attribute_file}")
|
||||
raw_output = File.read(attribute_file)
|
||||
yaml_output = raw_output.gsub(" = ", " : ")
|
||||
File.open(attribute_file, "w") {|file| file.puts yaml_output}
|
||||
File.open(attribute_file, "w") { |file| file.puts yaml_output }
|
||||
end
|
||||
|
||||
task :"run:#{account}" do
|
||||
|
@ -194,7 +194,7 @@ namespace :test do
|
|||
end
|
||||
|
||||
task :"cleanup:#{account}", :tf_workspace do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must either call the top-level test:aws:#{account} task, or set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
puts "----> Cleanup"
|
||||
sh("cd #{integration_dir}/build/ && AWS_PROFILE=inspec-aws-test-#{account} terraform destroy -force")
|
||||
|
@ -203,14 +203,14 @@ namespace :test do
|
|||
end
|
||||
|
||||
task :"#{account}" do
|
||||
tf_workspace = ENV['INSPEC_TERRAFORM_ENV'] || prompt("Please enter a workspace for your integration tests to run in: ")
|
||||
tf_workspace = ENV["INSPEC_TERRAFORM_ENV"] || prompt("Please enter a workspace for your integration tests to run in: ")
|
||||
begin
|
||||
Rake::Task["test:aws:setup:#{account}"].execute({:tf_workspace => tf_workspace})
|
||||
Rake::Task["test:aws:setup:#{account}"].execute({ tf_workspace: tf_workspace })
|
||||
Rake::Task["test:aws:run:#{account}"].execute
|
||||
rescue
|
||||
abort("Integration testing has failed for the #{account} account")
|
||||
ensure
|
||||
Rake::Task["test:aws:cleanup:#{account}"].execute({:tf_workspace => tf_workspace})
|
||||
Rake::Task["test:aws:cleanup:#{account}"].execute({ tf_workspace: tf_workspace })
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -220,15 +220,15 @@ namespace :test do
|
|||
|
||||
namespace :azure do
|
||||
# Specify the directory for the integration tests
|
||||
integration_dir = File.join(project_dir, 'test', 'integration', 'azure')
|
||||
tf_vars_file = File.join(integration_dir, 'build', 'terraform.tfvars')
|
||||
attribute_file = File.join(integration_dir, '.attribute.yml')
|
||||
integration_dir = File.join(project_dir, "test", "integration", "azure")
|
||||
tf_vars_file = File.join(integration_dir, "build", "terraform.tfvars")
|
||||
attribute_file = File.join(integration_dir, ".attribute.yml")
|
||||
|
||||
task :setup, :tf_workspace do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must either call the top-level test:azure task, or set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
|
||||
puts '----> Setup Terraform Workspace'
|
||||
puts "----> Setup Terraform Workspace"
|
||||
|
||||
sh("cd #{integration_dir}/build/ && terraform init -upgrade")
|
||||
sh("cd #{integration_dir}/build/ && terraform workspace new #{tf_workspace}")
|
||||
|
@ -243,15 +243,15 @@ namespace :test do
|
|||
|
||||
next if File.exist?(tf_vars_file)
|
||||
|
||||
puts '----> Generating Vars'
|
||||
puts "----> Generating Vars"
|
||||
|
||||
# Generate Azure crendentials
|
||||
connection = Train.create('azure').connection
|
||||
connection = Train.create("azure").connection
|
||||
creds = connection.options
|
||||
|
||||
# Determine the storage account name and the admin password
|
||||
sa_name = (0...15).map { (65 + rand(26)).chr }.join.downcase
|
||||
admin_password = Passgen::generate(length: 12, uppercase: true, lowercase: true, symbols: true, digits: true)
|
||||
admin_password = Passgen.generate(length: 12, uppercase: true, lowercase: true, symbols: true, digits: true)
|
||||
|
||||
# Use the first 4 characters of the storage account to create a suffix
|
||||
suffix = sa_name[0..3]
|
||||
|
@ -266,17 +266,17 @@ namespace :test do
|
|||
suffix = "#{suffix}"
|
||||
VARS
|
||||
|
||||
content << "location = \"#{ENV['AZURE_LOCATION']}\"\n" if ENV['AZURE_LOCATION']
|
||||
content << "location = \"#{ENV['AZURE_LOCATION']}\"\n" if ENV["AZURE_LOCATION"]
|
||||
|
||||
File.write(tf_vars_file, content)
|
||||
end
|
||||
|
||||
desc "generate plan from state using terraform.tfvars file"
|
||||
task :plan, [:tf_workspace] => [:vars] do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
|
||||
puts '----> Generating Plan'
|
||||
puts "----> Generating Plan"
|
||||
|
||||
result = sh("cd #{integration_dir}/build/ && terraform workspace select #{tf_workspace}")
|
||||
|
||||
|
@ -285,9 +285,9 @@ namespace :test do
|
|||
|
||||
desc "apply terraform plan"
|
||||
task :apply, [:tf_workspace] => [:plan] do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
puts '----> Applying Plan'
|
||||
puts "----> Applying Plan"
|
||||
|
||||
sh("cd #{integration_dir}/build/ && terraform workspace select #{tf_workspace}")
|
||||
|
||||
|
@ -296,22 +296,22 @@ namespace :test do
|
|||
Rake::Task["test:azure:dump_attrs"].execute
|
||||
end
|
||||
|
||||
task :"dump_attrs" do
|
||||
task :dump_attrs do
|
||||
sh("cd #{integration_dir}/build/ && terraform output > #{attribute_file}")
|
||||
raw_output = File.read(attribute_file)
|
||||
yaml_output = raw_output.gsub(" = ", " : ")
|
||||
File.open(attribute_file, "w") {|file| file.puts yaml_output}
|
||||
File.open(attribute_file, "w") { |file| file.puts yaml_output }
|
||||
end
|
||||
|
||||
task :run do
|
||||
puts '----> Run'
|
||||
puts "----> Run"
|
||||
sh("bundle exec inspec exec #{integration_dir}/verify -t azure://1e0b427a-d58b-494e-ae4f-ee558463ebbf")
|
||||
end
|
||||
|
||||
task :cleanup, :tf_workspace do |t, args|
|
||||
tf_workspace = args[:tf_workspace] || ENV['INSPEC_TERRAFORM_ENV']
|
||||
tf_workspace = args[:tf_workspace] || ENV["INSPEC_TERRAFORM_ENV"]
|
||||
abort("You must either call the top-level test:azure task, or set the INSPEC_TERRAFORM_ENV variable.") unless tf_workspace
|
||||
puts '----> Cleanup'
|
||||
puts "----> Cleanup"
|
||||
|
||||
sh("cd #{integration_dir}/build/ && terraform destroy -force ")
|
||||
|
||||
|
@ -323,14 +323,14 @@ namespace :test do
|
|||
|
||||
desc "Perform Azure Integration Tests"
|
||||
task :azure do
|
||||
tf_workspace = ENV['INSPEC_TERRAFORM_ENV'] || prompt("Please enter a workspace for your integration tests to run in: ")
|
||||
tf_workspace = ENV["INSPEC_TERRAFORM_ENV"] || prompt("Please enter a workspace for your integration tests to run in: ")
|
||||
begin
|
||||
Rake::Task["test:azure:setup"].execute({:tf_workspace => tf_workspace})
|
||||
Rake::Task["test:azure:setup"].execute({ tf_workspace: tf_workspace })
|
||||
Rake::Task["test:azure:run"].execute
|
||||
rescue
|
||||
abort("Integration testing has failed")
|
||||
ensure
|
||||
Rake::Task["test:azure:cleanup"].execute({:tf_workspace => tf_workspace})
|
||||
Rake::Task["test:azure:cleanup"].execute({ tf_workspace: tf_workspace })
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -339,10 +339,10 @@ end
|
|||
#
|
||||
# @param [Type] target the new version you want to set, or nil if you only want to show
|
||||
def inspec_version(target = nil)
|
||||
path = 'lib/inspec/version.rb'
|
||||
require_relative path.sub(/.rb$/, '')
|
||||
path = "lib/inspec/version.rb"
|
||||
require_relative path.sub(/.rb$/, "")
|
||||
|
||||
nu_version = target.nil? ? '' : " -> #{target}"
|
||||
nu_version = target.nil? ? "" : " -> #{target}"
|
||||
puts "Inspec: #{Inspec::VERSION}#{nu_version}"
|
||||
|
||||
unless target.nil?
|
||||
|
@ -359,7 +359,7 @@ end
|
|||
# @param [Type] msg the message to display if the command is missing
|
||||
def require_command(x, msg = nil)
|
||||
return if system("command -v #{x} || exit 1")
|
||||
msg ||= 'Please install it first!'
|
||||
msg ||= "Please install it first!"
|
||||
puts "\033[31;1mCan't find command #{x.inspect}. #{msg}\033[0m"
|
||||
exit 1
|
||||
end
|
||||
|
@ -377,16 +377,16 @@ end
|
|||
|
||||
# Check the requirements for running an update of this repository.
|
||||
def check_update_requirements
|
||||
require_command 'git'
|
||||
require_command "git"
|
||||
end
|
||||
|
||||
# Show the current version of this gem.
|
||||
desc 'Show the version of this gem'
|
||||
desc "Show the version of this gem"
|
||||
task :version do
|
||||
inspec_version
|
||||
end
|
||||
|
||||
desc 'Release a new docker image'
|
||||
desc "Release a new docker image"
|
||||
task :release_docker do
|
||||
version = Inspec::VERSION
|
||||
cmd = "rm *.gem; gem build *gemspec && "\
|
||||
|
@ -396,6 +396,5 @@ task :release_docker do
|
|||
"docker tag chef/inspec:#{version} chef/inspec:latest &&"\
|
||||
"docker push chef/inspec:latest"
|
||||
puts "--> #{cmd}"
|
||||
sh('sh', '-c', cmd)
|
||||
sh("sh", "-c", cmd)
|
||||
end
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
class Batsignal < Inspec.resource(1)
|
||||
name 'batsignal'
|
||||
name "batsignal"
|
||||
|
||||
example "
|
||||
describe batsignal do
|
||||
|
@ -15,6 +15,6 @@ class Batsignal < Inspec.resource(1)
|
|||
|
||||
def local_command_call
|
||||
# call out to a core resource
|
||||
inspec.command('echo 4').stdout.to_i
|
||||
inspec.command("echo 4").stdout.to_i
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
class Gordon < Inspec.resource(1)
|
||||
name 'gordon'
|
||||
name "gordon"
|
||||
|
||||
example "
|
||||
describe gordon do
|
||||
|
@ -18,4 +18,3 @@ class Gordon < Inspec.resource(1)
|
|||
true
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
source 'https://rubygems.org'
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem 'inspec', path: '../../.'
|
||||
gem "inspec", path: "../../."
|
||||
|
||||
group :test do
|
||||
gem 'bundler', '~> 1.5'
|
||||
gem 'minitest', '~> 5.5'
|
||||
gem 'rake', '~> 10'
|
||||
gem 'simplecov', '~> 0.10'
|
||||
gem "bundler", "~> 1.5"
|
||||
gem "minitest", "~> 5.5"
|
||||
gem "rake", "~> 10"
|
||||
gem "simplecov", "~> 0.10"
|
||||
end
|
||||
|
||||
group :integration do
|
||||
gem 'test-kitchen', '~> 1.4'
|
||||
gem 'kitchen-ansible'
|
||||
gem 'kitchen-vagrant'
|
||||
gem 'kitchen-inspec'
|
||||
gem 'concurrent-ruby', '~> 1.0'
|
||||
gem "test-kitchen", "~> 1.4"
|
||||
gem "kitchen-ansible"
|
||||
gem "kitchen-vagrant"
|
||||
gem "kitchen-inspec"
|
||||
gem "concurrent-ruby", "~> 1.0"
|
||||
end
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
# use basic tests
|
||||
describe package('nginx') do
|
||||
describe package("nginx") do
|
||||
it { should be_installed }
|
||||
end
|
||||
|
||||
# extend tests with metadata
|
||||
control '01' do
|
||||
control "01" do
|
||||
impact 0.7
|
||||
title 'Verify nginx service'
|
||||
desc 'Ensures nginx service is up and running'
|
||||
describe service('nginx') do
|
||||
title "Verify nginx service"
|
||||
desc "Ensures nginx service is up and running"
|
||||
describe service("nginx") do
|
||||
it { should be_enabled }
|
||||
it { should be_installed }
|
||||
it { should be_running }
|
||||
|
@ -16,8 +16,8 @@ control '01' do
|
|||
end
|
||||
|
||||
# implement os dependent tests
|
||||
web_user = 'www-data'
|
||||
web_user = 'nginx' if os[:family] == 'centos'
|
||||
web_user = "www-data"
|
||||
web_user = "nginx" if os[:family] == "centos"
|
||||
|
||||
describe user(web_user) do
|
||||
it { should exist }
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
source 'https://supermarket.chef.io'
|
||||
source "https://supermarket.chef.io"
|
||||
|
||||
metadata
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
source 'https://rubygems.org'
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem 'inspec', path: '../../.'
|
||||
gem "inspec", path: "../../."
|
||||
|
||||
group :test do
|
||||
gem 'bundler', '~> 1.5'
|
||||
gem 'minitest', '~> 5.5'
|
||||
gem 'rake', '~> 10'
|
||||
gem 'simplecov', '~> 0.10'
|
||||
gem "bundler", "~> 1.5"
|
||||
gem "minitest", "~> 5.5"
|
||||
gem "rake", "~> 10"
|
||||
gem "simplecov", "~> 0.10"
|
||||
end
|
||||
|
||||
group :integration do
|
||||
gem 'berkshelf', '~> 4.0'
|
||||
gem 'test-kitchen', '~> 1.4'
|
||||
gem 'kitchen-vagrant'
|
||||
gem 'kitchen-inspec'
|
||||
gem 'concurrent-ruby', '~> 0.9'
|
||||
gem "berkshelf", "~> 4.0"
|
||||
gem "test-kitchen", "~> 1.4"
|
||||
gem "kitchen-vagrant"
|
||||
gem "kitchen-inspec"
|
||||
gem "concurrent-ruby", "~> 0.9"
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
name 'prepare'
|
||||
maintainer 'Chef Software, Inc.'
|
||||
maintainer_email 'support@chef.io'
|
||||
description 'This cookbook prepares the test operating systems'
|
||||
version '1.0.0'
|
||||
depends 'apt'
|
||||
depends 'yum'
|
||||
name "prepare"
|
||||
maintainer "Chef Software, Inc."
|
||||
maintainer_email "support@chef.io"
|
||||
description "This cookbook prepares the test operating systems"
|
||||
version "1.0.0"
|
||||
depends "apt"
|
||||
depends "yum"
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
# install nginx
|
||||
include_recipe('prepare::nginx')
|
||||
include_recipe("prepare::nginx")
|
||||
|
|
|
@ -1,25 +1,25 @@
|
|||
# install repositories for nginx
|
||||
case node['platform']
|
||||
when 'ubuntu'
|
||||
case node["platform"]
|
||||
when "ubuntu"
|
||||
# if ubuntu, install
|
||||
apt_repository 'nginx-php' do
|
||||
uri 'ppa:nginx/stable'
|
||||
distribution node['lsb']['codename']
|
||||
apt_repository "nginx-php" do
|
||||
uri "ppa:nginx/stable"
|
||||
distribution node["lsb"]["codename"]
|
||||
end
|
||||
when 'centos'
|
||||
when "centos"
|
||||
# add repo for Centos 7
|
||||
yum_repository 'nginx' do
|
||||
description 'Nginx Repo'
|
||||
baseurl 'http://nginx.org/packages/centos/7/x86_64'
|
||||
gpgkey 'http://nginx.org/keys/nginx_signing.key'
|
||||
yum_repository "nginx" do
|
||||
description "Nginx Repo"
|
||||
baseurl "http://nginx.org/packages/centos/7/x86_64"
|
||||
gpgkey "http://nginx.org/keys/nginx_signing.key"
|
||||
action :create
|
||||
end
|
||||
end
|
||||
|
||||
# install nginx package
|
||||
package 'nginx'
|
||||
package "nginx"
|
||||
|
||||
# start the service
|
||||
service 'nginx' do
|
||||
service "nginx" do
|
||||
action :start
|
||||
end
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
# use basic tests
|
||||
describe package('nginx') do
|
||||
describe package("nginx") do
|
||||
it { should be_installed }
|
||||
end
|
||||
|
||||
# extend tests with metadata
|
||||
control '01' do
|
||||
control "01" do
|
||||
impact 0.7
|
||||
title 'Verify nginx service'
|
||||
desc 'Ensures nginx service is up and running'
|
||||
describe service('nginx') do
|
||||
title "Verify nginx service"
|
||||
desc "Ensures nginx service is up and running"
|
||||
describe service("nginx") do
|
||||
it { should be_enabled }
|
||||
it { should be_installed }
|
||||
it { should be_running }
|
||||
|
@ -16,8 +16,8 @@ control '01' do
|
|||
end
|
||||
|
||||
# implement os dependent tests
|
||||
web_user = 'www-data'
|
||||
web_user = 'nginx' if os[:family] == 'centos'
|
||||
web_user = "www-data"
|
||||
web_user = "nginx" if os[:family] == "centos"
|
||||
|
||||
describe user(web_user) do
|
||||
it { should exist }
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
source 'https://rubygems.org'
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem 'inspec', path: '../../.'
|
||||
gem "inspec", path: "../../."
|
||||
|
||||
group :test do
|
||||
gem 'bundler', '~> 1.5'
|
||||
gem 'minitest', '~> 5.5'
|
||||
gem 'rake', '~> 10'
|
||||
gem 'simplecov', '~> 0.10'
|
||||
gem "bundler", "~> 1.5"
|
||||
gem "minitest", "~> 5.5"
|
||||
gem "rake", "~> 10"
|
||||
gem "simplecov", "~> 0.10"
|
||||
end
|
||||
|
||||
group :integration do
|
||||
gem 'test-kitchen', '~> 1.4'
|
||||
gem 'kitchen-vagrant'
|
||||
gem 'kitchen-puppet'
|
||||
gem 'librarian-puppet'
|
||||
gem 'kitchen-inspec'
|
||||
gem 'concurrent-ruby', '~> 0.9'
|
||||
gem "test-kitchen", "~> 1.4"
|
||||
gem "kitchen-vagrant"
|
||||
gem "kitchen-puppet"
|
||||
gem "librarian-puppet"
|
||||
gem "kitchen-inspec"
|
||||
gem "concurrent-ruby", "~> 0.9"
|
||||
end
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/usr/bin/env ruby
|
||||
#^syntax detection
|
||||
# ^syntax detection
|
||||
|
||||
forge "https://forgeapi.puppetlabs.com"
|
||||
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
# use basic tests
|
||||
describe package('nginx') do
|
||||
describe package("nginx") do
|
||||
it { should be_installed }
|
||||
end
|
||||
|
||||
# extend tests with metadata
|
||||
control '01' do
|
||||
control "01" do
|
||||
impact 0.7
|
||||
title 'Verify nginx service'
|
||||
desc 'Ensures nginx service is up and running'
|
||||
describe service('nginx') do
|
||||
title "Verify nginx service"
|
||||
desc "Ensures nginx service is up and running"
|
||||
describe service("nginx") do
|
||||
it { should be_enabled }
|
||||
it { should be_installed }
|
||||
it { should be_running }
|
||||
|
@ -16,8 +16,8 @@ control '01' do
|
|||
end
|
||||
|
||||
# implement os dependent tests
|
||||
web_user = 'www-data'
|
||||
web_user = 'nginx' if os[:family] == 'centos'
|
||||
web_user = "www-data"
|
||||
web_user = "nginx" if os[:family] == "centos"
|
||||
|
||||
describe user(web_user) do
|
||||
it { should exist }
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
source 'https://rubygems.org'
|
||||
source "https://rubygems.org"
|
||||
|
||||
gemspec
|
||||
|
||||
group :development do
|
||||
gem 'bundler'
|
||||
gem 'byebug'
|
||||
gem 'minitest'
|
||||
gem 'rake'
|
||||
gem 'rubocop', '= 0.49.1' # Need to keep in sync with main InSpec project, so config files will work
|
||||
gem "bundler"
|
||||
gem "byebug"
|
||||
gem "minitest"
|
||||
gem "rake"
|
||||
gem "rubocop", "= 0.49.1" # Need to keep in sync with main InSpec project, so config files will work
|
||||
end
|
||||
|
|
|
@ -7,13 +7,13 @@
|
|||
|
||||
# This task template will make a task named 'test', and run
|
||||
# the tests that it finds.
|
||||
require 'rake/testtask'
|
||||
require "rake/testtask"
|
||||
|
||||
Rake::TestTask.new do |t|
|
||||
t.libs.push 'lib'
|
||||
t.libs.push "lib"
|
||||
t.test_files = FileList[
|
||||
'test/unit/*_test.rb',
|
||||
'test/functional/*_test.rb',
|
||||
"test/unit/*_test.rb",
|
||||
"test/functional/*_test.rb",
|
||||
]
|
||||
t.verbose = true
|
||||
# Ideally, we'd run tests with warnings enabled,
|
||||
|
@ -26,15 +26,15 @@ end
|
|||
#------------------------------------------------------------------#
|
||||
# Code Style Tasks
|
||||
#------------------------------------------------------------------#
|
||||
require 'rubocop/rake_task'
|
||||
require "rubocop/rake_task"
|
||||
|
||||
RuboCop::RakeTask.new(:lint) do |t|
|
||||
# Choices of rubocop rules to enforce are deeply personal.
|
||||
# Here, we set things up so that your plugin will use the Bundler-installed
|
||||
# inspec gem's copy of the InSpec project's rubocop.yml file (which
|
||||
# is indeed packaged with the inspec gem).
|
||||
require 'inspec/globals'
|
||||
inspec_rubocop_yml = File.join(Inspec.src_root, '.rubocop.yml')
|
||||
require "inspec/globals"
|
||||
inspec_rubocop_yml = File.join(Inspec.src_root, ".rubocop.yml")
|
||||
|
||||
t.options = ['--display-cop-names', '--config', inspec_rubocop_yml]
|
||||
t.options = ["--display-cop-names", "--config", inspec_rubocop_yml]
|
||||
end
|
||||
|
|
|
@ -4,23 +4,23 @@
|
|||
|
||||
# It is traditional in a gemspec to dynamically load the current version
|
||||
# from a file in the source tree. The next three lines make that happen.
|
||||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
require 'inspec-resource-lister/version'
|
||||
require "inspec-resource-lister/version"
|
||||
|
||||
Gem::Specification.new do |spec|
|
||||
# Importantly, all InSpec plugins must be prefixed with `inspec-` (most
|
||||
# plugins) or `train-` (plugins which add new connectivity features).
|
||||
spec.name = 'inspec-resource-lister'
|
||||
spec.name = "inspec-resource-lister"
|
||||
|
||||
# It is polite to namespace your plugin under InspecPlugins::YourPluginInCamelCase
|
||||
spec.version = InspecPlugins::ResourceLister::VERSION
|
||||
spec.authors = ['Clinton Wolfe']
|
||||
spec.email = ['cwolfe@chef.io']
|
||||
spec.summary = 'InSpec Plugin example, lists available resources'
|
||||
spec.description = 'Example for implementing an InSpec Plugin. This simply lists available resources.'
|
||||
spec.homepage = 'https://github.com/inspec/inspec/tree/master/examples/plugin'
|
||||
spec.license = 'Apache-2.0'
|
||||
spec.authors = ["Clinton Wolfe"]
|
||||
spec.email = ["cwolfe@chef.io"]
|
||||
spec.summary = "InSpec Plugin example, lists available resources"
|
||||
spec.description = "Example for implementing an InSpec Plugin. This simply lists available resources."
|
||||
spec.homepage = "https://github.com/inspec/inspec/tree/master/examples/plugin"
|
||||
spec.license = "Apache-2.0"
|
||||
|
||||
# Though complicated-looking, this is pretty standard for a gemspec.
|
||||
# It just filters what will actually be packaged in the gem (leaving
|
||||
|
@ -28,9 +28,9 @@ Gem::Specification.new do |spec|
|
|||
spec.files = %w{
|
||||
README.md inspec-resource-lister.gemspec Gemfile
|
||||
} + Dir.glob(
|
||||
'lib/**/*', File::FNM_DOTMATCH
|
||||
"lib/**/*", File::FNM_DOTMATCH
|
||||
).reject { |f| File.directory?(f) }
|
||||
spec.require_paths = ['lib']
|
||||
spec.require_paths = ["lib"]
|
||||
|
||||
# If you rely on any other gems, list them here with any constraints.
|
||||
# This is how `inspec plugin install` is able to manage your dependencies.
|
||||
|
@ -39,5 +39,5 @@ Gem::Specification.new do |spec|
|
|||
|
||||
# All plugins should mention inspec, > 2.2.78
|
||||
# 2.2.78 included the v2 Plugin API
|
||||
spec.add_dependency 'inspec', '>=2.2.78', '<4.0.0'
|
||||
spec.add_dependency "inspec", ">=2.2.78", "<4.0.0"
|
||||
end
|
||||
|
|
|
@ -11,4 +11,4 @@
|
|||
libdir = File.dirname(__FILE__)
|
||||
$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
|
||||
|
||||
require 'inspec-resource-lister/plugin'
|
||||
require "inspec-resource-lister/plugin"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/resource'
|
||||
require "inspec/resource"
|
||||
|
||||
module InspecPlugins::ResourceLister
|
||||
# This class will provide the actual CLI implementation.
|
||||
|
@ -16,18 +16,18 @@ module InspecPlugins::ResourceLister
|
|||
# register the subcommand. Args are a usage message, and a short decription.
|
||||
# These will appear when someone has installed the plugin, and then they
|
||||
# run `inspec help`.
|
||||
subcommand_desc 'list-resources [COMMAND]', 'List resources that InSpec finds.'
|
||||
subcommand_desc "list-resources [COMMAND]", "List resources that InSpec finds."
|
||||
|
||||
# The usual rhythm for a Thor CLI file is description, options, command method.
|
||||
# Thor just has you call DSL methods in sequence prior to each command.
|
||||
# Let's make a command, 'core', that lists all of the resources included with InSpec.
|
||||
|
||||
# First, provide a usage / description. This will appear in `inspec help list-resources`.
|
||||
desc 'core [OPTIONS]', 'List resources that are included with InSpec.'
|
||||
desc "core [OPTIONS]", "List resources that are included with InSpec."
|
||||
|
||||
# Let's include an option, -s, to summarize the list.
|
||||
# Refer to the Thors docs; there is a lot you can do here.
|
||||
option :summary, desc: 'Include a total at the bottom', \
|
||||
option :summary, desc: "Include a total at the bottom", \
|
||||
type: :boolean, default: true, aliases: [:s]
|
||||
|
||||
# OK, now the actual method itself. If you provide params, you're telling Thor that
|
||||
|
@ -42,7 +42,7 @@ module InspecPlugins::ResourceLister
|
|||
# If we were passed a CLI arg, wrap the arg in Regexp matchers so
|
||||
# we will match anywhere in the name.
|
||||
unless pattern == /.+/
|
||||
pattern = Regexp.new('.*' + pattern + '.*')
|
||||
pattern = Regexp.new(".*" + pattern + ".*")
|
||||
end
|
||||
|
||||
# This gets a bit into InSpec innards; but this is simply a Hash.
|
||||
|
@ -53,7 +53,7 @@ module InspecPlugins::ResourceLister
|
|||
resource_names.each { |name| puts name }
|
||||
|
||||
if options[:summary]
|
||||
puts '-' * 30
|
||||
puts "-" * 30
|
||||
puts "#{resource_names.count} resources total"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
# fast and light by only loading heavy things when they are needed.
|
||||
|
||||
# Presumably this is light
|
||||
require 'inspec-resource-lister/version'
|
||||
require "inspec-resource-lister/version"
|
||||
|
||||
# The InspecPlugins namespace is where all plugins should declare themselves.
|
||||
# The 'Inspec' capitalization is used throughout the InSpec source code; yes, it's
|
||||
|
@ -42,7 +42,7 @@ module InspecPlugins
|
|||
# functionality.
|
||||
# For example, InSpec will activate this hook when `inspec help` is
|
||||
# executed, so that this plugin's usage message will be included in the help.
|
||||
require 'inspec-resource-lister/cli_command'
|
||||
require "inspec-resource-lister/cli_command"
|
||||
|
||||
# Having loaded our functionality, return a class that will let the
|
||||
# CLI engine tap into it.
|
||||
|
|
|
@ -3,6 +3,6 @@
|
|||
# to learn the current version.
|
||||
module InspecPlugins
|
||||
module ResourceLister
|
||||
VERSION = '0.1.0'.freeze
|
||||
VERSION = "0.1.0".freeze
|
||||
end
|
||||
end
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
# Functional tests generally do not have inside knowledge of how the plugin works.
|
||||
|
||||
# Include our test harness
|
||||
require_relative '../helper'
|
||||
require_relative "../helper"
|
||||
|
||||
# Because InSpec is a Spec-style test suite, we're going to use Minitest::Spec
|
||||
# here, for familiar look and feel. However, this isn't InSpec (or RSpec) code.
|
||||
describe 'inspec list-resources core' do
|
||||
describe "inspec list-resources core" do
|
||||
# Our helper.rb locates this library from the InSpec install that
|
||||
# Bundler installed for us. If we want its methods, we still must
|
||||
# import it. Including it here will make it available in all child
|
||||
|
@ -30,7 +30,7 @@ describe 'inspec list-resources core' do
|
|||
# think that this plugin we are currently testing is installed as a
|
||||
# user plugin, by writing a plugin config file in a temp dir.
|
||||
# To use it, just provide a command line, minus the word `inspec`.
|
||||
let (:outcome) { run_inspec_process_with_this_plugin('listresources core') }
|
||||
let (:outcome) { run_inspec_process_with_this_plugin("listresources core") }
|
||||
|
||||
# Some tests through here use minitest Expectations, which attach to all
|
||||
# Objects, and begin with 'must' (positive) or 'wont' (negative)
|
||||
|
@ -40,7 +40,7 @@ describe 'inspec list-resources core' do
|
|||
|
||||
# A selection of core resources, just spot checking.
|
||||
# This is an example of using Ruby to define sets of tests.
|
||||
['process', 'service', 'user', 'file'].each do |resource_name|
|
||||
%w{process service user file}.each do |resource_name|
|
||||
it "should mention the '#{resource_name}' resource" do
|
||||
outcome.stdout.must_include(resource_name)
|
||||
end
|
||||
|
@ -48,7 +48,7 @@ describe 'inspec list-resources core' do
|
|||
|
||||
# Check for the summary
|
||||
it "should mention the summary" do
|
||||
outcome.stdout.must_include('resources total')
|
||||
outcome.stdout.must_include("resources total")
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -56,19 +56,19 @@ describe 'inspec list-resources core' do
|
|||
describe "when run with a search pattern that matches things" do
|
||||
# Notice that the command line is changed here:
|
||||
# "list all resources that have the word user in them"
|
||||
let (:outcome) { run_inspec_process_with_this_plugin('listresources core user') }
|
||||
let (:outcome) { run_inspec_process_with_this_plugin("listresources core user") }
|
||||
|
||||
# Should be well-behaved...
|
||||
it("should exit successfully") { outcome.exit_status.must_equal(0) }
|
||||
it("should be silent on stderr") { outcome.stderr.must_be_empty }
|
||||
|
||||
# Here, we want to know it DID match some things, and NOT some others.
|
||||
['user', 'users'].each do |resource_name|
|
||||
%w{user users}.each do |resource_name|
|
||||
it "should mention the '#{resource_name}' resource" do
|
||||
outcome.stdout.must_include(resource_name)
|
||||
end
|
||||
end
|
||||
['process', 'service', 'file'].each do |resource_name|
|
||||
%w{process service file}.each do |resource_name|
|
||||
it "should NOT mention the '#{resource_name}' resource" do
|
||||
outcome.stdout.wont_include(resource_name)
|
||||
end
|
||||
|
@ -76,7 +76,7 @@ describe 'inspec list-resources core' do
|
|||
end
|
||||
describe "when run with a search pattern that matches nothing" do
|
||||
# Unlikely we'll have a resource with the string 'autogyro' in it.
|
||||
let (:outcome) { run_inspec_process_with_this_plugin('listresources core autogyro') }
|
||||
let (:outcome) { run_inspec_process_with_this_plugin("listresources core autogyro") }
|
||||
|
||||
# Should be well-behaved...
|
||||
it("should exit successfully") { outcome.exit_status.must_equal(0) }
|
||||
|
@ -89,14 +89,14 @@ describe 'inspec list-resources core' do
|
|||
|
||||
# Check for the summary
|
||||
it "should mention a zero-resource summary" do
|
||||
outcome.stdout.must_include('0 resources total')
|
||||
outcome.stdout.must_include("0 resources total")
|
||||
end
|
||||
end
|
||||
|
||||
# Exercise the summary option, which defaults to 'true'.
|
||||
describe "when run with the no-summary flag" do
|
||||
# Alter the command string to include the no-summary option
|
||||
let(:outcome) { run_inspec_process_with_this_plugin('listresources core --no-summary') }
|
||||
let(:outcome) { run_inspec_process_with_this_plugin("listresources core --no-summary") }
|
||||
|
||||
# Should be well-behaved...
|
||||
it("should exit successfully") { outcome.exit_status.must_equal(0) }
|
||||
|
@ -104,7 +104,7 @@ describe 'inspec list-resources core' do
|
|||
|
||||
# Check for the summary
|
||||
it "should NOT mention summary" do
|
||||
outcome.stdout.wont_include('0 resources total')
|
||||
outcome.stdout.wont_include("0 resources total")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,11 +6,11 @@
|
|||
# InSpec core provides a number of such libraries and facilities, in the file
|
||||
# lib/pligins/shared/core_plugin_test_helper.rb . So, one job in this file is
|
||||
# to locate and load that file.
|
||||
require 'inspec/../plugins/shared/core_plugin_test_helper'
|
||||
require "inspec/../plugins/shared/core_plugin_test_helper"
|
||||
|
||||
# Also load the InSpec plugin system. We need this so we can unit-test the plugin
|
||||
# classes, which will rely on the plugin system.
|
||||
require 'inspec/plugin/v2'
|
||||
require "inspec/plugin/v2"
|
||||
|
||||
# Caution: loading all of InSpec (i.e. require 'inspec') may cause interference with
|
||||
# minitest/spec; one symptom would be appearing to have no tests.
|
||||
|
@ -19,8 +19,8 @@ require 'inspec/plugin/v2'
|
|||
# You can select from a number of test harnesses. Since InSpec uses Spec-style controls
|
||||
# in profile code, you will probably want to use something like minitest/spec, which provides
|
||||
# Spec-style tests.
|
||||
require 'minitest/spec'
|
||||
require 'minitest/autorun'
|
||||
require "minitest/spec"
|
||||
require "minitest/autorun"
|
||||
|
||||
# You might want to put some debugging tools here. We run tests to find bugs, after all.
|
||||
# require 'byebug'
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
# inspec-resource-lister are correct.
|
||||
|
||||
# Include our test harness
|
||||
require_relative '../helper'
|
||||
require_relative "../helper"
|
||||
|
||||
# Load the class under test, the CliCommand definition.
|
||||
require 'inspec-resource-lister/cli_command'
|
||||
require "inspec-resource-lister/cli_command"
|
||||
|
||||
# Because InSpec is a Spec-style test suite, we're going to use Minitest::Spec
|
||||
# here, for familiar look and feel. However, this isn't InSpec (or RSpec) code.
|
||||
|
@ -20,11 +20,11 @@ describe InspecPlugins::ResourceLister::CliCommand do
|
|||
let(:cli_class) { InspecPlugins::ResourceLister::CliCommand }
|
||||
|
||||
# This is a Hash of Structs that tells us details of options for the 'core' subcommand.
|
||||
let(:core_options) { cli_class.all_commands['core'].options }
|
||||
let(:core_options) { cli_class.all_commands["core"].options }
|
||||
|
||||
# To group tests together, you can nest 'describe' in minitest/spec
|
||||
# (that is discouraged in InSpec control code.)
|
||||
describe 'the core command' do
|
||||
describe "the core command" do
|
||||
|
||||
# Some tests through here use minitest Expectations, which attach to all
|
||||
# Objects, and begin with 'must' (positive) or 'wont' (negative)
|
||||
|
|
|
@ -2,10 +2,10 @@
|
|||
# the inspec-resource-lister plugin is configured correctly.
|
||||
|
||||
# Include our test harness
|
||||
require_relative '../helper'
|
||||
require_relative "../helper"
|
||||
|
||||
# Load the class under test, the Plugin definition.
|
||||
require 'inspec-resource-lister/plugin'
|
||||
require "inspec-resource-lister/plugin"
|
||||
|
||||
# Because InSpec is a Spec-style test suite, we're going to use Minitest::Spec
|
||||
# here, for familiar look and feel. However, this isn't InSpec (or RSpec) code.
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
require 'yaml'
|
||||
require "yaml"
|
||||
|
||||
# Custom resource based on the InSpec resource DSL
|
||||
class GordonConfig < Inspec.resource(1)
|
||||
name 'gordon_config'
|
||||
name "gordon_config"
|
||||
|
||||
supports platform: 'unix'
|
||||
supports platform: 'windows'
|
||||
supports platform: "unix"
|
||||
supports platform: "windows"
|
||||
|
||||
desc "
|
||||
Gordon's resource description ...
|
||||
|
@ -21,7 +21,7 @@ class GordonConfig < Inspec.resource(1)
|
|||
# Load the configuration file on initialization
|
||||
def initialize
|
||||
@params = {}
|
||||
@path = '/tmp/gordon/config.yaml'
|
||||
@path = "/tmp/gordon/config.yaml"
|
||||
@file = inspec.file(@path)
|
||||
|
||||
unless @file.file?
|
||||
|
@ -32,9 +32,9 @@ class GordonConfig < Inspec.resource(1)
|
|||
begin
|
||||
@params = YAML.load(@file.content)
|
||||
# Add two extra matchers
|
||||
@params['file_size'] = @file.size
|
||||
@params['file_path'] = @path
|
||||
@params['ruby'] = 'RUBY IS HERE TO HELP ME!'
|
||||
@params["file_size"] = @file.size
|
||||
@params["file_path"] = @path
|
||||
@params["ruby"] = "RUBY IS HERE TO HELP ME!"
|
||||
rescue StandardError => e
|
||||
raise Inspec::Exceptions::ResourceSkipped, "#{@file}: #{e.message}"
|
||||
end
|
||||
|
@ -49,7 +49,7 @@ class GordonConfig < Inspec.resource(1)
|
|||
# Example matcher for the number of commas in the file
|
||||
def comma_count
|
||||
text = @file.content
|
||||
text.count(',')
|
||||
text.count(",")
|
||||
end
|
||||
|
||||
# Expose all parameters
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
source 'https://rubygems.org'
|
||||
gemspec name: 'inspec-bin'
|
||||
source "https://rubygems.org"
|
||||
gemspec name: "inspec-bin"
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
Encoding.default_external = Encoding::UTF_8
|
||||
Encoding.default_internal = Encoding::UTF_8
|
||||
|
||||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
|
||||
require 'inspec'
|
||||
require 'inspec/cli'
|
||||
require "inspec"
|
||||
require "inspec/cli"
|
||||
Inspec::InspecCLI.start(ARGV)
|
||||
|
|
|
@ -1,27 +1,27 @@
|
|||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
require 'inspec-bin/version'
|
||||
require "inspec-bin/version"
|
||||
|
||||
Gem::Specification.new do |spec|
|
||||
spec.name = 'inspec-bin'
|
||||
spec.name = "inspec-bin"
|
||||
spec.version = InspecBin::VERSION
|
||||
spec.authors = ['Chef InSpec Core Engineering ']
|
||||
spec.email = ['inspec@chef.io']
|
||||
spec.summary = 'Infrastructure and compliance testing.'
|
||||
spec.description = 'InSpec executable for inspec gem. Use of this executable may require accepting a license agreement.'
|
||||
spec.homepage = 'https://github.com/inspec/inspec/tree/master/inspec-bin'
|
||||
spec.license = 'Apache-2.0'
|
||||
spec.authors = ["Chef InSpec Core Engineering "]
|
||||
spec.email = ["inspec@chef.io"]
|
||||
spec.summary = "Infrastructure and compliance testing."
|
||||
spec.description = "InSpec executable for inspec gem. Use of this executable may require accepting a license agreement."
|
||||
spec.homepage = "https://github.com/inspec/inspec/tree/master/inspec-bin"
|
||||
spec.license = "Apache-2.0"
|
||||
|
||||
spec.require_paths = ['lib']
|
||||
spec.required_ruby_version = '>= 2.4'
|
||||
spec.require_paths = ["lib"]
|
||||
spec.required_ruby_version = ">= 2.4"
|
||||
|
||||
spec.add_dependency 'inspec', "= #{InspecBin::VERSION}"
|
||||
spec.add_development_dependency 'rake'
|
||||
spec.add_dependency "inspec", "= #{InspecBin::VERSION}"
|
||||
spec.add_development_dependency "rake"
|
||||
|
||||
spec.files = %w{README.md LICENSE Gemfile} + Dir.glob('*.gemspec') +
|
||||
Dir.glob('{lib,bin}/**/*', File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
|
||||
spec.files = %w{README.md LICENSE Gemfile} + Dir.glob("*.gemspec") +
|
||||
Dir.glob("{lib,bin}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
|
||||
|
||||
spec.bindir = 'bin'
|
||||
spec.bindir = "bin"
|
||||
spec.executables = %w{inspec}
|
||||
|
||||
end
|
||||
|
|
|
@ -1,30 +1,30 @@
|
|||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
require 'inspec-bin/version'
|
||||
require "inspec-bin/version"
|
||||
|
||||
# This is just link inspec-bin, but relies on inspec-core instead of inspec
|
||||
# inspec-core is a stripped-down version of the inspec gem with fewer exotic dependencies
|
||||
|
||||
Gem::Specification.new do |spec|
|
||||
spec.name = 'inspec-core-bin' # dallas multi-pass
|
||||
spec.name = "inspec-core-bin" # dallas multi-pass
|
||||
spec.version = InspecBin::VERSION
|
||||
spec.authors = ['Chef InSpec Core Engineering ']
|
||||
spec.email = ['inspec@chef.io']
|
||||
spec.summary = 'Infrastructure and compliance testing.'
|
||||
spec.description = 'InSpec executable for inspec-core gem. Use of this executable may require accepting a license agreement.'
|
||||
spec.homepage = 'https://github.com/inspec/inspec/tree/master/inspec-bin'
|
||||
spec.license = 'Apache-2.0'
|
||||
spec.authors = ["Chef InSpec Core Engineering "]
|
||||
spec.email = ["inspec@chef.io"]
|
||||
spec.summary = "Infrastructure and compliance testing."
|
||||
spec.description = "InSpec executable for inspec-core gem. Use of this executable may require accepting a license agreement."
|
||||
spec.homepage = "https://github.com/inspec/inspec/tree/master/inspec-bin"
|
||||
spec.license = "Apache-2.0"
|
||||
|
||||
spec.require_paths = ['lib']
|
||||
spec.required_ruby_version = '>= 2.4'
|
||||
spec.require_paths = ["lib"]
|
||||
spec.required_ruby_version = ">= 2.4"
|
||||
|
||||
spec.add_dependency 'inspec-core', "= #{InspecBin::VERSION}"
|
||||
spec.add_development_dependency 'rake'
|
||||
spec.add_dependency "inspec-core", "= #{InspecBin::VERSION}"
|
||||
spec.add_development_dependency "rake"
|
||||
|
||||
spec.files = %w{README.md LICENSE Gemfile} + ['inspec-core-bin.gemspec'] +
|
||||
Dir.glob('{lib,bin}/**/*', File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
|
||||
spec.files = %w{README.md LICENSE Gemfile} + ["inspec-core-bin.gemspec"] +
|
||||
Dir.glob("{lib,bin}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) }
|
||||
|
||||
spec.bindir = 'bin'
|
||||
spec.bindir = "bin"
|
||||
spec.executables = %w{inspec}
|
||||
|
||||
end
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# This file managed by automation - do not edit manually
|
||||
module InspecBin
|
||||
INSPECBIN_ROOT = File.expand_path('../..', __FILE__)
|
||||
VERSION = '4.5.1'.freeze
|
||||
INSPECBIN_ROOT = File.expand_path("../..", __FILE__)
|
||||
VERSION = "4.5.1".freeze
|
||||
end
|
||||
|
|
|
@ -1,46 +1,46 @@
|
|||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
require 'inspec/version'
|
||||
require "inspec/version"
|
||||
|
||||
Gem::Specification.new do |spec|
|
||||
spec.name = 'inspec-core'
|
||||
spec.name = "inspec-core"
|
||||
spec.version = Inspec::VERSION
|
||||
spec.authors = ['Dominik Richter']
|
||||
spec.email = ['dominik.richter@gmail.com']
|
||||
spec.summary = 'Just InSpec'
|
||||
spec.description = 'Core InSpec, local support only. See `inspec` for full support.'
|
||||
spec.homepage = 'https://github.com/chef/inspec'
|
||||
spec.license = 'Apache-2.0'
|
||||
spec.authors = ["Dominik Richter"]
|
||||
spec.email = ["dominik.richter@gmail.com"]
|
||||
spec.summary = "Just InSpec"
|
||||
spec.description = "Core InSpec, local support only. See `inspec` for full support."
|
||||
spec.homepage = "https://github.com/chef/inspec"
|
||||
spec.license = "Apache-2.0"
|
||||
|
||||
spec.files = %w{README.md LICENSE} + Dir.glob('{bin,lib,etc}/**/*', File::FNM_DOTMATCH)
|
||||
spec.files = %w{README.md LICENSE} + Dir.glob("{bin,lib,etc}/**/*", File::FNM_DOTMATCH)
|
||||
.reject { |f| File.directory?(f) || f =~ /aws|azure|gcp/ || f =~ %r{lib/plugins/.*/test/} }
|
||||
|
||||
spec.require_paths = ['lib']
|
||||
spec.require_paths = ["lib"]
|
||||
|
||||
spec.required_ruby_version = '>= 2.4'
|
||||
spec.required_ruby_version = ">= 2.4"
|
||||
|
||||
spec.add_dependency 'train-core', '~> 2.0'
|
||||
spec.add_dependency 'license-acceptance', '>= 0.2.13', '< 2.0'
|
||||
spec.add_dependency 'thor', '~> 0.20'
|
||||
spec.add_dependency 'json-schema', '~> 2.8'
|
||||
spec.add_dependency 'method_source', '~> 0.8'
|
||||
spec.add_dependency 'rubyzip', '~> 1.1'
|
||||
spec.add_dependency 'rspec', '~> 3'
|
||||
spec.add_dependency 'rspec-its', '~> 1.2'
|
||||
spec.add_dependency 'hashie', '~> 3.4'
|
||||
spec.add_dependency 'mixlib-log'
|
||||
spec.add_dependency 'pry', '~> 0'
|
||||
spec.add_dependency 'sslshake', '~> 1.2'
|
||||
spec.add_dependency 'parallel', '~> 1.9'
|
||||
spec.add_dependency 'faraday', '>=0.9.0'
|
||||
spec.add_dependency 'faraday_middleware', '~> 0.12.2'
|
||||
spec.add_dependency 'tomlrb', '~> 1.2'
|
||||
spec.add_dependency 'addressable', '~> 2.4'
|
||||
spec.add_dependency 'parslet', '~> 1.5'
|
||||
spec.add_dependency 'semverse'
|
||||
spec.add_dependency 'htmlentities'
|
||||
spec.add_dependency 'multipart-post'
|
||||
spec.add_dependency 'tty-table', '~> 0.10'
|
||||
spec.add_dependency 'tty-prompt', '~> 0.17'
|
||||
spec.add_dependency 'term-ansicolor'
|
||||
spec.add_dependency "train-core", "~> 2.0"
|
||||
spec.add_dependency "license-acceptance", ">= 0.2.13", "< 2.0"
|
||||
spec.add_dependency "thor", "~> 0.20"
|
||||
spec.add_dependency "json-schema", "~> 2.8"
|
||||
spec.add_dependency "method_source", "~> 0.8"
|
||||
spec.add_dependency "rubyzip", "~> 1.1"
|
||||
spec.add_dependency "rspec", "~> 3"
|
||||
spec.add_dependency "rspec-its", "~> 1.2"
|
||||
spec.add_dependency "hashie", "~> 3.4"
|
||||
spec.add_dependency "mixlib-log"
|
||||
spec.add_dependency "pry", "~> 0"
|
||||
spec.add_dependency "sslshake", "~> 1.2"
|
||||
spec.add_dependency "parallel", "~> 1.9"
|
||||
spec.add_dependency "faraday", ">=0.9.0"
|
||||
spec.add_dependency "faraday_middleware", "~> 0.12.2"
|
||||
spec.add_dependency "tomlrb", "~> 1.2"
|
||||
spec.add_dependency "addressable", "~> 2.4"
|
||||
spec.add_dependency "parslet", "~> 1.5"
|
||||
spec.add_dependency "semverse"
|
||||
spec.add_dependency "htmlentities"
|
||||
spec.add_dependency "multipart-post"
|
||||
spec.add_dependency "tty-table", "~> 0.10"
|
||||
spec.add_dependency "tty-prompt", "~> 0.17"
|
||||
spec.add_dependency "term-ansicolor"
|
||||
end
|
||||
|
|
|
@ -1,56 +1,56 @@
|
|||
lib = File.expand_path('../lib', __FILE__)
|
||||
lib = File.expand_path("../lib", __FILE__)
|
||||
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
||||
require 'inspec/version'
|
||||
require "inspec/version"
|
||||
|
||||
Gem::Specification.new do |spec|
|
||||
spec.name = 'inspec'
|
||||
spec.name = "inspec"
|
||||
spec.version = Inspec::VERSION
|
||||
spec.authors = ['Chef InSpec Team']
|
||||
spec.email = ['inspec@chef.io']
|
||||
spec.summary = 'Infrastructure and compliance testing.'
|
||||
spec.description = 'InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.'
|
||||
spec.homepage = 'https://github.com/inspec/inspec'
|
||||
spec.license = 'Apache-2.0'
|
||||
spec.authors = ["Chef InSpec Team"]
|
||||
spec.email = ["inspec@chef.io"]
|
||||
spec.summary = "Infrastructure and compliance testing."
|
||||
spec.description = "InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification."
|
||||
spec.homepage = "https://github.com/inspec/inspec"
|
||||
spec.license = "Apache-2.0"
|
||||
|
||||
# the gemfile and gemspec are necessary for appbundler so don't remove it
|
||||
spec.files = %w{Gemfile inspec.gemspec README.md LICENSE} + Dir.glob(
|
||||
'{bin,lib,etc}/**/*', File::FNM_DOTMATCH
|
||||
"{bin,lib,etc}/**/*", File::FNM_DOTMATCH
|
||||
).reject { |f| File.directory?(f) }
|
||||
|
||||
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
||||
.reject { |f| File.directory?(f) || f =~ %r{lib/plugins/.*/test/} }
|
||||
spec.require_paths = ['lib']
|
||||
spec.require_paths = ["lib"]
|
||||
|
||||
spec.required_ruby_version = '>= 2.4'
|
||||
spec.required_ruby_version = ">= 2.4"
|
||||
|
||||
spec.add_dependency 'train', '~> 2.0' # Inspec 4 must have train 2+
|
||||
spec.add_dependency "train", "~> 2.0" # Inspec 4 must have train 2+
|
||||
# Train plugins we ship with InSpec
|
||||
spec.add_dependency 'train-habitat', '~> 0.1'
|
||||
spec.add_dependency 'train-aws', '~> 0.1'
|
||||
spec.add_dependency "train-habitat", "~> 0.1"
|
||||
spec.add_dependency "train-aws", "~> 0.1"
|
||||
|
||||
# Implementation dependencies
|
||||
spec.add_dependency 'license-acceptance', '>= 0.2.13', '< 2.0'
|
||||
spec.add_dependency 'thor', '~> 0.20'
|
||||
spec.add_dependency 'json-schema', '~> 2.8'
|
||||
spec.add_dependency 'method_source', '~> 0.8'
|
||||
spec.add_dependency 'rubyzip', '~> 1.2', '>= 1.2.2'
|
||||
spec.add_dependency 'rspec', '~> 3'
|
||||
spec.add_dependency 'rspec-its', '~> 1.2'
|
||||
spec.add_dependency 'pry', '~> 0'
|
||||
spec.add_dependency 'hashie', '~> 3.4'
|
||||
spec.add_dependency 'mixlib-log'
|
||||
spec.add_dependency 'sslshake', '~> 1.2'
|
||||
spec.add_dependency 'parallel', '~> 1.9'
|
||||
spec.add_dependency 'faraday', '>=0.9.0'
|
||||
spec.add_dependency 'tty-table', '~> 0.10'
|
||||
spec.add_dependency 'tty-prompt', '~> 0.17'
|
||||
spec.add_dependency "license-acceptance", ">= 0.2.13", "< 2.0"
|
||||
spec.add_dependency "thor", "~> 0.20"
|
||||
spec.add_dependency "json-schema", "~> 2.8"
|
||||
spec.add_dependency "method_source", "~> 0.8"
|
||||
spec.add_dependency "rubyzip", "~> 1.2", ">= 1.2.2"
|
||||
spec.add_dependency "rspec", "~> 3"
|
||||
spec.add_dependency "rspec-its", "~> 1.2"
|
||||
spec.add_dependency "pry", "~> 0"
|
||||
spec.add_dependency "hashie", "~> 3.4"
|
||||
spec.add_dependency "mixlib-log"
|
||||
spec.add_dependency "sslshake", "~> 1.2"
|
||||
spec.add_dependency "parallel", "~> 1.9"
|
||||
spec.add_dependency "faraday", ">=0.9.0"
|
||||
spec.add_dependency "tty-table", "~> 0.10"
|
||||
spec.add_dependency "tty-prompt", "~> 0.17"
|
||||
# Used for Azure profile until integrated into train
|
||||
spec.add_dependency 'faraday_middleware', '~> 0.12.2'
|
||||
spec.add_dependency 'tomlrb', '~> 1.2'
|
||||
spec.add_dependency 'addressable', '~> 2.4'
|
||||
spec.add_dependency 'parslet', '~> 1.5'
|
||||
spec.add_dependency 'semverse'
|
||||
spec.add_dependency 'htmlentities'
|
||||
spec.add_dependency 'multipart-post'
|
||||
spec.add_dependency 'term-ansicolor'
|
||||
spec.add_dependency "faraday_middleware", "~> 0.12.2"
|
||||
spec.add_dependency "tomlrb", "~> 1.2"
|
||||
spec.add_dependency "addressable", "~> 2.4"
|
||||
spec.add_dependency "parslet", "~> 1.5"
|
||||
spec.add_dependency "semverse"
|
||||
spec.add_dependency "htmlentities"
|
||||
spec.add_dependency "multipart-post"
|
||||
spec.add_dependency "term-ansicolor"
|
||||
end
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
source 'https://www.rubygems.org'
|
||||
source "https://www.rubygems.org"
|
||||
|
||||
gem 'kitchen-docker'
|
||||
gem 'test-kitchen'
|
||||
gem "kitchen-docker"
|
||||
gem "test-kitchen"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file has been moved to the v2.0 plugins. This redirect allows for legacy use.
|
||||
# TODO: Remove in inspec 4.0
|
||||
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/api'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/api"
|
||||
|
||||
# Backport old namespace
|
||||
Compliance = InspecPlugins::Compliance unless defined?(Compliance)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file has been moved to the v2.0 plugins. This redirect allows for legacy use.
|
||||
# TODO: Remove in inspec 4.0
|
||||
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/configuration'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/configuration"
|
||||
|
||||
# Backport old namespace
|
||||
Compliance = InspecPlugins::Compliance unless defined?(Compliance)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file has been moved to the v2.0 plugins. This redirect allows for legacy use.
|
||||
# TODO: Remove in inspec 4.0
|
||||
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/http'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/http"
|
||||
|
||||
# Backport old namespace
|
||||
Compliance = InspecPlugins::Compliance unless defined?(Compliance)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file has been moved to the v2.0 plugins. This redirect allows for legacy use.
|
||||
# TODO: Remove in inspec 4.0
|
||||
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/support'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/support"
|
||||
|
||||
# Backport old namespace
|
||||
Compliance = InspecPlugins::Compliance unless defined?(Compliance)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file has been moved to the v2.0 plugins. This redirect allows for legacy use.
|
||||
# TODO: Remove in inspec 4.0
|
||||
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/target'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/target"
|
||||
|
||||
# Backport old namespace
|
||||
Compliance = InspecPlugins::Compliance unless defined?(Compliance)
|
||||
|
|
|
@ -2,8 +2,8 @@ libdir = File.dirname(__FILE__)
|
|||
$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
|
||||
|
||||
module Supermarket
|
||||
autoload :API, 'inspec-supermarket/api'
|
||||
autoload :API, "inspec-supermarket/api"
|
||||
end
|
||||
|
||||
require 'inspec-supermarket/cli'
|
||||
require 'inspec-supermarket/target'
|
||||
require "inspec-supermarket/cli"
|
||||
require "inspec-supermarket/target"
|
||||
|
|
|
@ -1,23 +1,23 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'net/http'
|
||||
require 'addressable/uri'
|
||||
require "net/http"
|
||||
require "addressable/uri"
|
||||
|
||||
module Supermarket
|
||||
class API
|
||||
SUPERMARKET_URL = 'https://supermarket.chef.io'
|
||||
SUPERMARKET_URL = "https://supermarket.chef.io"
|
||||
|
||||
# displays a list of profiles
|
||||
def self.profiles(supermarket_url = SUPERMARKET_URL)
|
||||
url = "#{supermarket_url}/api/v1/tools-search"
|
||||
_success, data = get(url, { type: 'compliance_profile', items: 100 })
|
||||
_success, data = get(url, { type: "compliance_profile", items: 100 })
|
||||
if !data.nil?
|
||||
profiles = JSON.parse(data)
|
||||
profiles['items'].map { |x|
|
||||
m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x['tool'])
|
||||
x['slug'] = m[:slug]
|
||||
profiles["items"].map do |x|
|
||||
m = %r{^#{supermarket_url}/api/v1/tools/(?<slug>[\w-]+)(/)?$}.match(x["tool"])
|
||||
x["slug"] = m[:slug]
|
||||
x
|
||||
}
|
||||
end
|
||||
else
|
||||
[]
|
||||
end
|
||||
|
@ -51,7 +51,7 @@ module Supermarket
|
|||
|
||||
# Tool name in Supermarket URL is downcased so we need to downcase
|
||||
tool = "#{supermarket_url}/api/v1/tools/#{tool_name.downcase}"
|
||||
supermarket_tool['tool_owner'] == tool_owner && supermarket_tool['tool'] == tool
|
||||
supermarket_tool["tool_owner"] == tool_owner && supermarket_tool["tool"] == tool
|
||||
end
|
||||
|
||||
def self.find(profile, supermarket_url = SUPERMARKET_URL)
|
||||
|
@ -77,7 +77,7 @@ module Supermarket
|
|||
|
||||
def self.send_request(uri, req)
|
||||
# send request
|
||||
res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
|
||||
res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == "https") do |http|
|
||||
http.request(req)
|
||||
end
|
||||
[res.is_a?(Net::HTTPSuccess), res.body]
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
require 'inspec/base_cli'
|
||||
require "inspec/base_cli"
|
||||
|
||||
module Supermarket
|
||||
class SupermarketCLI < Inspec::BaseCLI
|
||||
namespace 'supermarket'
|
||||
namespace "supermarket"
|
||||
|
||||
# TODO: find another solution, once https://github.com/erikhuda/thor/issues/261 is fixed
|
||||
def self.banner(command, _namespace = nil, _subcommand = false)
|
||||
|
@ -13,18 +13,18 @@ module Supermarket
|
|||
namespace
|
||||
end
|
||||
|
||||
desc 'profiles', 'list all available profiles in Chef Supermarket'
|
||||
desc "profiles", "list all available profiles in Chef Supermarket"
|
||||
def profiles
|
||||
# display profiles in format user/profile
|
||||
supermarket_profiles = Supermarket::API.profiles
|
||||
|
||||
headline('Available profiles:')
|
||||
supermarket_profiles.each { |p|
|
||||
headline("Available profiles:")
|
||||
supermarket_profiles.each do |p|
|
||||
li("#{p['tool_name']} #{mark_text(p['tool_owner'] + '/' + p['slug'])}")
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
desc 'exec PROFILE', 'execute a Supermarket profile'
|
||||
desc "exec PROFILE", "execute a Supermarket profile"
|
||||
exec_options
|
||||
def exec(*tests)
|
||||
o = config
|
||||
|
@ -32,7 +32,7 @@ module Supermarket
|
|||
configure_logger(o)
|
||||
|
||||
# iterate over tests and add compliance scheme
|
||||
tests = tests.map { |t| 'supermarket://' + t }
|
||||
tests = tests.map { |t| "supermarket://" + t }
|
||||
|
||||
runner = Inspec::Runner.new(o)
|
||||
tests.each { |target| runner.add_target(target) }
|
||||
|
@ -43,13 +43,13 @@ module Supermarket
|
|||
exit 1
|
||||
end
|
||||
|
||||
desc 'info PROFILE', 'display Supermarket profile details'
|
||||
desc "info PROFILE", "display Supermarket profile details"
|
||||
def info(profile)
|
||||
# check that the profile is available
|
||||
supermarket_profiles = Supermarket::API.profiles
|
||||
found = supermarket_profiles.select { |p|
|
||||
found = supermarket_profiles.select do |p|
|
||||
profile == "#{p['tool_owner']}/#{p['slug']}"
|
||||
}
|
||||
end
|
||||
|
||||
if found.empty?
|
||||
puts "#{mark_text(profile)} is not available on Supermarket"
|
||||
|
@ -67,5 +67,5 @@ module Supermarket
|
|||
end
|
||||
|
||||
# register the subcommand to InSpec CLI registry
|
||||
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, 'supermarket', 'supermarket SUBCOMMAND ...', 'Supermarket commands', {})
|
||||
Inspec::Plugins::CLI.add_subcommand(SupermarketCLI, "supermarket", "supermarket SUBCOMMAND ...", "Supermarket commands", {})
|
||||
end
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
require 'uri'
|
||||
require 'inspec/fetcher'
|
||||
require 'fetchers/url'
|
||||
require "uri"
|
||||
require "inspec/fetcher"
|
||||
require "fetchers/url"
|
||||
|
||||
# InSpec Target Helper for Supermarket
|
||||
module Supermarket
|
||||
class Fetcher < Inspec.fetcher(1)
|
||||
name 'supermarket'
|
||||
name "supermarket"
|
||||
priority 500
|
||||
|
||||
def self.resolve(target, opts = {})
|
||||
supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme == 'supermarket'
|
||||
supermarket_uri, supermarket_server = if target.is_a?(String) && URI(target).scheme == "supermarket"
|
||||
[target, Supermarket::API::SUPERMARKET_URL]
|
||||
elsif target.respond_to?(:key?) && target.key?(:supermarket)
|
||||
supermarket_server = target[:supermarket_url] || Supermarket::API::SUPERMARKET_URL
|
||||
|
@ -18,13 +18,13 @@ module Supermarket
|
|||
return nil unless supermarket_uri
|
||||
return nil unless Supermarket::API.exist?(supermarket_uri, supermarket_server)
|
||||
tool_info = Supermarket::API.find(supermarket_uri, supermarket_server)
|
||||
resolve_next(tool_info['tool_source_url'], opts)
|
||||
resolve_next(tool_info["tool_source_url"], opts)
|
||||
rescue URI::Error
|
||||
nil
|
||||
end
|
||||
|
||||
def to_s
|
||||
'Chef Compliance Profile Loader'
|
||||
"Chef Compliance Profile Loader"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
require 'tmpdir'
|
||||
require 'fileutils'
|
||||
require 'mixlib/shellout'
|
||||
require 'inspec/log'
|
||||
require "tmpdir"
|
||||
require "fileutils"
|
||||
require "mixlib/shellout"
|
||||
require "inspec/log"
|
||||
|
||||
module Fetchers
|
||||
#
|
||||
|
@ -24,12 +24,12 @@ module Fetchers
|
|||
# omnibus source for hints.
|
||||
#
|
||||
class Git < Inspec.fetcher(1)
|
||||
name 'git'
|
||||
name "git"
|
||||
priority 200
|
||||
|
||||
def self.resolve(target, opts = {})
|
||||
if target.is_a?(String)
|
||||
new(target, opts) if target.start_with?('git@') || target.end_with?('.git')
|
||||
new(target, opts) if target.start_with?("git@") || target.end_with?(".git")
|
||||
elsif target.respond_to?(:has_key?) && target.key?(:git)
|
||||
new(target[:git], opts.merge(target))
|
||||
end
|
||||
|
@ -53,7 +53,7 @@ module Fetchers
|
|||
Dir.mktmpdir do |tmpdir|
|
||||
checkout(tmpdir)
|
||||
Inspec::Log.debug("Checkout of #{resolved_ref} successful. Moving checkout to #{dir}")
|
||||
FileUtils.cp_r(tmpdir + '/.', @repo_directory)
|
||||
FileUtils.cp_r(tmpdir + "/.", @repo_directory)
|
||||
end
|
||||
end
|
||||
@repo_directory
|
||||
|
@ -81,7 +81,7 @@ module Fetchers
|
|||
elsif @tag
|
||||
resolve_ref(@tag)
|
||||
else
|
||||
resolve_ref('master')
|
||||
resolve_ref("master")
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -129,7 +129,7 @@ module Fetchers
|
|||
end
|
||||
|
||||
def cloned?
|
||||
File.directory?(File.join(@repo_directory, '.git'))
|
||||
File.directory?(File.join(@repo_directory, ".git"))
|
||||
end
|
||||
|
||||
def clone(dir = @repo_directory)
|
||||
|
@ -148,7 +148,7 @@ module Fetchers
|
|||
cmd.error!
|
||||
cmd.status
|
||||
rescue Errno::ENOENT
|
||||
raise 'To use git sources, you must have git installed.'
|
||||
raise "To use git sources, you must have git installed."
|
||||
end
|
||||
|
||||
def shellout(cmd, opts = {})
|
||||
|
@ -156,12 +156,12 @@ module Fetchers
|
|||
cmd = Mixlib::ShellOut.new(cmd, opts)
|
||||
cmd.run_command
|
||||
Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
|
||||
Inspec::Log.debug('External command: STDOUT BEGIN')
|
||||
Inspec::Log.debug("External command: STDOUT BEGIN")
|
||||
Inspec::Log.debug(cmd.stdout)
|
||||
Inspec::Log.debug('External command: STDOUT END')
|
||||
Inspec::Log.debug('External command: STDERR BEGIN')
|
||||
Inspec::Log.debug("External command: STDOUT END")
|
||||
Inspec::Log.debug("External command: STDERR BEGIN")
|
||||
Inspec::Log.debug(cmd.stderr)
|
||||
Inspec::Log.debug('External command: STDERR END')
|
||||
Inspec::Log.debug("External command: STDERR END")
|
||||
cmd
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
require 'openssl'
|
||||
require "openssl"
|
||||
|
||||
module Fetchers
|
||||
class Local < Inspec.fetcher(1)
|
||||
name 'local'
|
||||
name "local"
|
||||
priority 0
|
||||
|
||||
def self.resolve(target)
|
||||
|
@ -27,11 +27,11 @@ module Fetchers
|
|||
|
||||
def self.resolve_from_string(target)
|
||||
# Support "urls" in the form of file://
|
||||
if target.start_with?('file://')
|
||||
target = target.gsub(%r{^file://}, '')
|
||||
if target.start_with?("file://")
|
||||
target = target.gsub(%r{^file://}, "")
|
||||
else
|
||||
# support for windows paths
|
||||
target = target.tr('\\', '/')
|
||||
target = target.tr('\\', "/")
|
||||
end
|
||||
|
||||
target if File.exist?(File.expand_path(target))
|
||||
|
@ -101,7 +101,7 @@ module Fetchers
|
|||
end
|
||||
|
||||
def perform_shasum(target)
|
||||
@archive_shasum ||= OpenSSL::Digest::SHA256.digest(File.read(target)).unpack('H*')[0]
|
||||
@archive_shasum ||= OpenSSL::Digest::SHA256.digest(File.read(target)).unpack("H*")[0]
|
||||
end
|
||||
|
||||
def resolved_source
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
module Fetchers
|
||||
class Mock < Inspec.fetcher(1)
|
||||
name 'mock'
|
||||
name "mock"
|
||||
priority 0
|
||||
|
||||
def self.resolve(target)
|
||||
|
@ -25,7 +25,7 @@ module Fetchers
|
|||
end
|
||||
|
||||
def cache_key
|
||||
''
|
||||
""
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
require 'uri'
|
||||
require 'openssl'
|
||||
require 'tempfile'
|
||||
require 'open-uri'
|
||||
require "uri"
|
||||
require "openssl"
|
||||
require "tempfile"
|
||||
require "open-uri"
|
||||
|
||||
module Fetchers
|
||||
class Url < Inspec.fetcher(1)
|
||||
MIME_TYPES = {
|
||||
'application/x-zip-compressed' => '.zip',
|
||||
'application/zip' => '.zip',
|
||||
'application/x-gzip' => '.tar.gz',
|
||||
'application/gzip' => '.tar.gz',
|
||||
"application/x-zip-compressed" => ".zip",
|
||||
"application/zip" => ".zip",
|
||||
"application/x-gzip" => ".tar.gz",
|
||||
"application/gzip" => ".tar.gz",
|
||||
}.freeze
|
||||
|
||||
name 'url'
|
||||
name "url"
|
||||
priority 200
|
||||
|
||||
def self.resolve(target, opts = {})
|
||||
|
@ -27,7 +27,7 @@ module Fetchers
|
|||
|
||||
def self.resolve_from_string(target, opts, username = nil, password = nil)
|
||||
uri = URI.parse(target)
|
||||
return nil if uri.nil? or uri.scheme.nil?
|
||||
return nil if uri.nil? || uri.scheme.nil?
|
||||
return nil unless %{ http https }.include? uri.scheme
|
||||
target = transform(target)
|
||||
opts[:username] = username if username
|
||||
|
@ -62,11 +62,11 @@ module Fetchers
|
|||
# https://bitbucket.org/username/repo/commits/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc is transformed to
|
||||
# https://bitbucket.org/username/repo/get/95ce1f83d5bbe9eec34c5973f6894617e8d6d8cc.tar.gz
|
||||
|
||||
GITHUB_URL_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+?)(\.git)?(/)?$}
|
||||
GITHUB_URL_WITH_TREE_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+)/tree/(?<commit>[\w\.]+)(/)?$}
|
||||
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}
|
||||
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}
|
||||
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}
|
||||
GITHUB_URL_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+?)(\.git)?(/)?$}.freeze
|
||||
GITHUB_URL_WITH_TREE_REGEX = %r{^https?://(www\.)?github\.com/(?<user>[\w-]+)/(?<repo>[\w.-]+)/tree/(?<commit>[\w\.]+)(/)?$}.freeze
|
||||
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}.freeze
|
||||
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}.freeze
|
||||
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}.freeze
|
||||
|
||||
def self.transform(target)
|
||||
transformed_target = if m = GITHUB_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
|
@ -94,8 +94,8 @@ module Fetchers
|
|||
def initialize(url, opts)
|
||||
@target = url.to_s
|
||||
@target_uri = url.is_a?(URI) ? url : parse_uri(url)
|
||||
@insecure = opts['insecure']
|
||||
@token = opts['token']
|
||||
@insecure = opts["insecure"]
|
||||
@token = opts["token"]
|
||||
@config = opts
|
||||
@archive_path = nil
|
||||
@temp_archive_path = nil
|
||||
|
@ -126,23 +126,23 @@ module Fetchers
|
|||
|
||||
def sha256
|
||||
file = @archive_path || temp_archive_path
|
||||
OpenSSL::Digest::SHA256.digest(File.read(file)).unpack('H*')[0]
|
||||
OpenSSL::Digest::SHA256.digest(File.read(file)).unpack("H*")[0]
|
||||
end
|
||||
|
||||
def file_type_from_remote(remote)
|
||||
content_type = remote.meta['content-type']
|
||||
content_type = remote.meta["content-type"]
|
||||
file_type = MIME_TYPES[content_type]
|
||||
|
||||
if file_type.nil?
|
||||
Inspec::Log.warn("Unrecognized content type: #{content_type}. Assuming tar.gz")
|
||||
file_type = '.tar.gz'
|
||||
file_type = ".tar.gz"
|
||||
end
|
||||
|
||||
file_type
|
||||
end
|
||||
|
||||
def temp_archive_path
|
||||
@temp_archive_path ||= if @config['server_type'] == 'automate2'
|
||||
@temp_archive_path ||= if @config["server_type"] == "automate2"
|
||||
download_automate2_archive_to_temp
|
||||
else
|
||||
download_archive_to_temp
|
||||
|
@ -154,13 +154,13 @@ module Fetchers
|
|||
|
||||
Inspec::Log.debug("Fetching URL: #{@target}")
|
||||
json = {
|
||||
owner: @config['profile'][0],
|
||||
name: @config['profile'][1],
|
||||
version: @config['profile'][2],
|
||||
owner: @config["profile"][0],
|
||||
name: @config["profile"][1],
|
||||
version: @config["profile"][2],
|
||||
}.to_json
|
||||
|
||||
opts = http_opts
|
||||
opts[:use_ssl] = @target_uri.scheme == 'https'
|
||||
opts[:use_ssl] = @target_uri.scheme == "https"
|
||||
|
||||
if @insecure
|
||||
opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE
|
||||
|
@ -173,12 +173,12 @@ module Fetchers
|
|||
req.add_field(key, value)
|
||||
end
|
||||
req.body = json
|
||||
res = Net::HTTP.start(@target_uri.host, @target_uri.port, opts) { |http|
|
||||
res = Net::HTTP.start(@target_uri.host, @target_uri.port, opts) do |http|
|
||||
http.request(req)
|
||||
}
|
||||
end
|
||||
|
||||
@archive_type = '.tar.gz'
|
||||
archive = Tempfile.new(['inspec-dl-', @archive_type])
|
||||
@archive_type = ".tar.gz"
|
||||
archive = Tempfile.new(["inspec-dl-", @archive_type])
|
||||
archive.binmode
|
||||
archive.write(res.body)
|
||||
archive.rewind
|
||||
|
@ -193,7 +193,7 @@ module Fetchers
|
|||
Inspec::Log.debug("Fetching URL: #{@target}")
|
||||
remote = open_via_uri(@target)
|
||||
@archive_type = file_type_from_remote(remote) # side effect :(
|
||||
archive = Tempfile.new(['inspec-dl-', @archive_type])
|
||||
archive = Tempfile.new(["inspec-dl-", @archive_type])
|
||||
archive.binmode
|
||||
archive.write(remote.read)
|
||||
archive.rewind
|
||||
|
@ -207,7 +207,7 @@ module Fetchers
|
|||
|
||||
if opts[:http_basic_authentication]
|
||||
# OpenURI does not support userinfo so we need to remove it
|
||||
open(target.sub("#{@target_uri.userinfo}@", ''), opts)
|
||||
open(target.sub("#{@target_uri.userinfo}@", ""), opts)
|
||||
else
|
||||
open(target, opts)
|
||||
end
|
||||
|
@ -227,16 +227,16 @@ module Fetchers
|
|||
opts = {}
|
||||
opts[:ssl_verify_mode] = OpenSSL::SSL::VERIFY_NONE if @insecure
|
||||
|
||||
if @config['server_type'] =~ /automate/
|
||||
opts['chef-delivery-enterprise'] = @config['automate']['ent']
|
||||
if @config['automate']['token_type'] == 'dctoken'
|
||||
opts['x-data-collector-token'] = @config['token']
|
||||
if @config["server_type"] =~ /automate/
|
||||
opts["chef-delivery-enterprise"] = @config["automate"]["ent"]
|
||||
if @config["automate"]["token_type"] == "dctoken"
|
||||
opts["x-data-collector-token"] = @config["token"]
|
||||
else
|
||||
opts['chef-delivery-user'] = @config['user']
|
||||
opts['chef-delivery-token'] = @config['token']
|
||||
opts["chef-delivery-user"] = @config["user"]
|
||||
opts["chef-delivery-token"] = @config["token"]
|
||||
end
|
||||
elsif @token
|
||||
opts['Authorization'] = "Bearer #{@token}"
|
||||
opts["Authorization"] = "Bearer #{@token}"
|
||||
end
|
||||
|
||||
username = @config[:username] || @target_uri.user
|
||||
|
@ -260,8 +260,10 @@ module Fetchers
|
|||
true
|
||||
end
|
||||
end
|
||||
raise 'Unable to fetch profile - the following HTTP headers have no value: ' \
|
||||
"#{keys_missing_values.join(', ')}" unless keys_missing_values.empty?
|
||||
unless keys_missing_values.empty?
|
||||
raise "Unable to fetch profile - the following HTTP headers have no value: " \
|
||||
"#{keys_missing_values.join(', ')}"
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,29 +3,29 @@
|
|||
libdir = File.dirname(__FILE__)
|
||||
$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
|
||||
|
||||
require 'inspec/version'
|
||||
require 'inspec/exceptions'
|
||||
require 'inspec/utils/deprecation'
|
||||
require 'inspec/profile'
|
||||
require 'inspec/rule'
|
||||
require 'matchers/matchers'
|
||||
require 'inspec/runner'
|
||||
require 'inspec/shell'
|
||||
require 'inspec/formatters'
|
||||
require 'inspec/reporters'
|
||||
require 'inspec/input_registry'
|
||||
require 'inspec/rspec_extensions'
|
||||
require 'inspec/globals'
|
||||
require 'inspec/impact'
|
||||
require 'inspec/utils/telemetry'
|
||||
require 'inspec/utils/telemetry/global_methods'
|
||||
require "inspec/version"
|
||||
require "inspec/exceptions"
|
||||
require "inspec/utils/deprecation"
|
||||
require "inspec/profile"
|
||||
require "inspec/rule"
|
||||
require "matchers/matchers"
|
||||
require "inspec/runner"
|
||||
require "inspec/shell"
|
||||
require "inspec/formatters"
|
||||
require "inspec/reporters"
|
||||
require "inspec/input_registry"
|
||||
require "inspec/rspec_extensions"
|
||||
require "inspec/globals"
|
||||
require "inspec/impact"
|
||||
require "inspec/utils/telemetry"
|
||||
require "inspec/utils/telemetry/global_methods"
|
||||
|
||||
require 'inspec/plugin/v2'
|
||||
require 'inspec/plugin/v1'
|
||||
require "inspec/plugin/v2"
|
||||
require "inspec/plugin/v1"
|
||||
|
||||
# all utils that may be required by legacy plugins
|
||||
require 'inspec/base_cli'
|
||||
require 'inspec/fetcher'
|
||||
require 'inspec/source_reader'
|
||||
require 'inspec/resource'
|
||||
require 'inspec/resources'
|
||||
require "inspec/base_cli"
|
||||
require "inspec/fetcher"
|
||||
require "inspec/source_reader"
|
||||
require "inspec/resource"
|
||||
require "inspec/resources"
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
require 'rubygems/package'
|
||||
require "rubygems/package"
|
||||
|
||||
module Inspec::Archive
|
||||
class TarArchiveGenerator
|
||||
def archive(base_dir, files, archive)
|
||||
File.open(archive, 'wb') do |file|
|
||||
File.open(archive, "wb") do |file|
|
||||
Zlib::GzipWriter.wrap(file) do |gz|
|
||||
Gem::Package::TarWriter.new(gz) do |tar|
|
||||
files.each do |input_filename|
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
require 'rubygems'
|
||||
require 'zip'
|
||||
require 'pathname'
|
||||
require "rubygems"
|
||||
require "zip"
|
||||
require "pathname"
|
||||
|
||||
module Inspec::Archive
|
||||
class ZipArchiveGenerator
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# copyright: 2015, Dominik Richter
|
||||
|
||||
require 'train'
|
||||
require 'inspec/config'
|
||||
require "train"
|
||||
require "inspec/config"
|
||||
|
||||
module Inspec
|
||||
module Backend
|
||||
|
@ -25,7 +25,7 @@ module Inspec
|
|||
|
||||
# Ruby internal for printing a nice name for this class
|
||||
def to_s
|
||||
'Inspec::Backend::Class'
|
||||
"Inspec::Backend::Class"
|
||||
end
|
||||
|
||||
# Ruby internal for pretty-printing a summary for this class
|
||||
|
@ -54,15 +54,15 @@ module Inspec
|
|||
# Set caching settings. We always want to enable caching for
|
||||
# the Mock transport for testing.
|
||||
if config[:backend_cache] || config[:backend] == :mock
|
||||
Inspec::Log.debug 'Option backend_cache is enabled'
|
||||
Inspec::Log.debug "Option backend_cache is enabled"
|
||||
connection.enable_cache(:file)
|
||||
connection.enable_cache(:command)
|
||||
elsif config[:debug_shell]
|
||||
Inspec::Log.debug 'Option backend_cache is disabled'
|
||||
Inspec::Log.debug "Option backend_cache is disabled"
|
||||
connection.disable_cache(:file)
|
||||
connection.disable_cache(:command)
|
||||
else
|
||||
Inspec::Log.debug 'Option backend_cache is disabled'
|
||||
Inspec::Log.debug "Option backend_cache is disabled"
|
||||
connection.disable_cache(:file)
|
||||
connection.disable_cache(:command)
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
require 'thor'
|
||||
require 'inspec/log'
|
||||
require 'inspec/profile_vendor'
|
||||
require 'inspec/ui'
|
||||
require "thor"
|
||||
require "inspec/log"
|
||||
require "inspec/profile_vendor"
|
||||
require "inspec/ui"
|
||||
|
||||
# Allow end of options during array type parsing
|
||||
# https://github.com/erikhuda/thor/issues/631
|
||||
|
@ -30,107 +30,107 @@ module Inspec
|
|||
|
||||
def self.target_options # rubocop:disable MethodLength
|
||||
option :target, aliases: :t, type: :string,
|
||||
desc: 'Simple targeting option using URIs, e.g. ssh://user:pass@host:port'
|
||||
desc: "Simple targeting option using URIs, e.g. ssh://user:pass@host:port"
|
||||
option :backend, aliases: :b, type: :string,
|
||||
desc: 'Choose a backend: local, ssh, winrm, docker.'
|
||||
desc: "Choose a backend: local, ssh, winrm, docker."
|
||||
option :host, type: :string,
|
||||
desc: 'Specify a remote host which is tested.'
|
||||
desc: "Specify a remote host which is tested."
|
||||
option :port, aliases: :p, type: :numeric,
|
||||
desc: 'Specify the login port for a remote scan.'
|
||||
desc: "Specify the login port for a remote scan."
|
||||
option :user, type: :string,
|
||||
desc: 'The login user for a remote scan.'
|
||||
desc: "The login user for a remote scan."
|
||||
option :password, type: :string, lazy_default: -1,
|
||||
desc: 'Login password for a remote scan, if required.'
|
||||
desc: "Login password for a remote scan, if required."
|
||||
option :enable_password, type: :string, lazy_default: -1,
|
||||
desc: 'Password for enable mode on Cisco IOS devices.'
|
||||
desc: "Password for enable mode on Cisco IOS devices."
|
||||
option :key_files, aliases: :i, type: :array,
|
||||
desc: 'Login key or certificate file for a remote scan.'
|
||||
desc: "Login key or certificate file for a remote scan."
|
||||
option :path, type: :string,
|
||||
desc: 'Login path to use when connecting to the target (WinRM).'
|
||||
desc: "Login path to use when connecting to the target (WinRM)."
|
||||
option :sudo, type: :boolean,
|
||||
desc: 'Run scans with sudo. Only activates on Unix and non-root user.'
|
||||
desc: "Run scans with sudo. Only activates on Unix and non-root user."
|
||||
option :sudo_password, type: :string, lazy_default: -1,
|
||||
desc: 'Specify a sudo password, if it is required.'
|
||||
desc: "Specify a sudo password, if it is required."
|
||||
option :sudo_options, type: :string,
|
||||
desc: 'Additional sudo options for a remote scan.'
|
||||
desc: "Additional sudo options for a remote scan."
|
||||
option :sudo_command, type: :string,
|
||||
desc: 'Alternate command for sudo.'
|
||||
desc: "Alternate command for sudo."
|
||||
option :shell, type: :boolean,
|
||||
desc: 'Run scans in a subshell. Only activates on Unix.'
|
||||
desc: "Run scans in a subshell. Only activates on Unix."
|
||||
option :shell_options, type: :string,
|
||||
desc: 'Additional shell options.'
|
||||
desc: "Additional shell options."
|
||||
option :shell_command, type: :string,
|
||||
desc: 'Specify a particular shell to use.'
|
||||
desc: "Specify a particular shell to use."
|
||||
option :ssl, type: :boolean,
|
||||
desc: 'Use SSL for transport layer encryption (WinRM).'
|
||||
desc: "Use SSL for transport layer encryption (WinRM)."
|
||||
option :self_signed, type: :boolean,
|
||||
desc: 'Allow remote scans with self-signed certificates (WinRM).'
|
||||
option :winrm_transport, type: :string, default: 'negotiate',
|
||||
desc: 'Specify which transport to use, defaults to negotiate (WinRM).'
|
||||
desc: "Allow remote scans with self-signed certificates (WinRM)."
|
||||
option :winrm_transport, type: :string, default: "negotiate",
|
||||
desc: "Specify which transport to use, defaults to negotiate (WinRM)."
|
||||
option :winrm_disable_sspi, type: :boolean,
|
||||
desc: 'Whether to use disable sspi authentication, defaults to false (WinRM).'
|
||||
desc: "Whether to use disable sspi authentication, defaults to false (WinRM)."
|
||||
option :winrm_basic_auth, type: :boolean,
|
||||
desc: 'Whether to use basic authentication, defaults to false (WinRM).'
|
||||
desc: "Whether to use basic authentication, defaults to false (WinRM)."
|
||||
option :config, type: :string,
|
||||
desc: 'Read configuration from JSON file (`-` reads from stdin).'
|
||||
desc: "Read configuration from JSON file (`-` reads from stdin)."
|
||||
option :json_config, type: :string, hide: true
|
||||
option :proxy_command, type: :string,
|
||||
desc: 'Specifies the command to use to connect to the server'
|
||||
desc: "Specifies the command to use to connect to the server"
|
||||
option :bastion_host, type: :string,
|
||||
desc: 'Specifies the bastion host if applicable'
|
||||
desc: "Specifies the bastion host if applicable"
|
||||
option :bastion_user, type: :string,
|
||||
desc: 'Specifies the bastion user if applicable'
|
||||
desc: "Specifies the bastion user if applicable"
|
||||
option :bastion_port, type: :string,
|
||||
desc: 'Specifies the bastion port if applicable'
|
||||
desc: "Specifies the bastion port if applicable"
|
||||
option :insecure, type: :boolean, default: false,
|
||||
desc: 'Disable SSL verification on select targets'
|
||||
desc: "Disable SSL verification on select targets"
|
||||
option :target_id, type: :string,
|
||||
desc: 'Provide a ID which will be included on reports'
|
||||
desc: "Provide a ID which will be included on reports"
|
||||
end
|
||||
|
||||
def self.profile_options
|
||||
option :profiles_path, type: :string,
|
||||
desc: 'Folder which contains referenced profiles.'
|
||||
desc: "Folder which contains referenced profiles."
|
||||
option :vendor_cache, type: :string,
|
||||
desc: 'Use the given path for caching dependencies. (default: ~/.inspec/cache)'
|
||||
desc: "Use the given path for caching dependencies. (default: ~/.inspec/cache)"
|
||||
end
|
||||
|
||||
def self.exec_options
|
||||
target_options
|
||||
profile_options
|
||||
option :controls, type: :array,
|
||||
desc: 'A list of control names to run, or a list of /regexes/ to match against control names. Ignore all other tests.'
|
||||
desc: "A list of control names to run, or a list of /regexes/ to match against control names. Ignore all other tests."
|
||||
option :reporter, type: :array,
|
||||
banner: 'one two:/output/file/path',
|
||||
desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml'
|
||||
banner: "one two:/output/file/path",
|
||||
desc: "Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml"
|
||||
option :input_file, type: :array,
|
||||
desc: 'Load one or more input files, a YAML file with values for the profile to use'
|
||||
desc: "Load one or more input files, a YAML file with values for the profile to use"
|
||||
option :attrs, type: :array,
|
||||
desc: 'Legacy name for --input-file - deprecated.'
|
||||
desc: "Legacy name for --input-file - deprecated."
|
||||
option :create_lockfile, type: :boolean,
|
||||
desc: 'Write out a lockfile based on this execution (unless one already exists)'
|
||||
desc: "Write out a lockfile based on this execution (unless one already exists)"
|
||||
option :backend_cache, type: :boolean,
|
||||
desc: 'Allow caching for backend command output. (default: true)'
|
||||
desc: "Allow caching for backend command output. (default: true)"
|
||||
option :show_progress, type: :boolean,
|
||||
desc: 'Show progress while executing tests.'
|
||||
desc: "Show progress while executing tests."
|
||||
option :distinct_exit, type: :boolean, default: true,
|
||||
desc: 'Exit with code 101 if any tests fail, and 100 if any are skipped (default). If disabled, exit 0 on skips and 1 for failures.'
|
||||
desc: "Exit with code 101 if any tests fail, and 100 if any are skipped (default). If disabled, exit 0 on skips and 1 for failures."
|
||||
end
|
||||
|
||||
def self.format_platform_info(params: {}, indent: 0, color: 39)
|
||||
str = ''
|
||||
params.each { |item, info|
|
||||
str = ""
|
||||
params.each do |item, info|
|
||||
data = info
|
||||
|
||||
# Format Array for better output if applicable
|
||||
data = data.join(', ') if data.is_a?(Array)
|
||||
data = data.join(", ") if data.is_a?(Array)
|
||||
|
||||
# Do not output fields of data is missing ('unknown' is fine)
|
||||
next if data.nil?
|
||||
|
||||
data = "\e[1m\e[#{color}m#{data}\e[0m"
|
||||
str << format("#{' ' * indent}%-10s %s\n", item.to_s.capitalize + ':', data)
|
||||
}
|
||||
str << format("#{' ' * indent}%-10s %s\n", item.to_s.capitalize + ":", data)
|
||||
end
|
||||
str
|
||||
end
|
||||
|
||||
|
@ -189,12 +189,12 @@ module Inspec
|
|||
private
|
||||
|
||||
def suppress_log_output?(opts)
|
||||
return false if opts['reporter'].nil?
|
||||
match = %w{json json-min json-rspec json-automate junit html yaml documentation progress} & opts['reporter'].keys
|
||||
return false if opts["reporter"].nil?
|
||||
match = %w{json json-min json-rspec json-automate junit html yaml documentation progress} & opts["reporter"].keys
|
||||
unless match.empty?
|
||||
match.each do |m|
|
||||
# check to see if we are outputting to stdout
|
||||
return true if opts['reporter'][m]['stdout'] == true
|
||||
return true if opts["reporter"][m]["stdout"] == true
|
||||
end
|
||||
end
|
||||
false
|
||||
|
@ -216,7 +216,7 @@ module Inspec
|
|||
if valid.include?(level)
|
||||
l = level
|
||||
else
|
||||
l = 'info'
|
||||
l = "info"
|
||||
end
|
||||
|
||||
Logger.const_get(l.upcase)
|
||||
|
@ -237,7 +237,7 @@ module Inspec
|
|||
profile_vendor = Inspec::ProfileVendor.new(profile_path)
|
||||
|
||||
if (profile_vendor.cache_path.exist? || profile_vendor.lockfile.exist?) && !opts[:overwrite]
|
||||
puts 'Profile is already vendored. Use --overwrite.'
|
||||
puts "Profile is already vendored. Use --overwrite."
|
||||
return false
|
||||
end
|
||||
|
||||
|
@ -253,8 +253,8 @@ module Inspec
|
|||
# logging singleton Inspec::Log. Eventually it would be nice to
|
||||
# move internal debug logging to use this logging singleton.
|
||||
#
|
||||
loc = if o['log_location']
|
||||
o['log_location']
|
||||
loc = if o["log_location"]
|
||||
o["log_location"]
|
||||
elsif suppress_log_output?(o)
|
||||
$stderr
|
||||
else
|
||||
|
@ -262,14 +262,14 @@ module Inspec
|
|||
end
|
||||
|
||||
Inspec::Log.init(loc)
|
||||
Inspec::Log.level = get_log_level(o['log_level'])
|
||||
Inspec::Log.level = get_log_level(o["log_level"])
|
||||
|
||||
o[:logger] = Logger.new(loc)
|
||||
# output json if we have activated the json formatter
|
||||
if o['log-format'] == 'json'
|
||||
if o["log-format"] == "json"
|
||||
o[:logger].formatter = Logger::JSONFormatter.new
|
||||
end
|
||||
o[:logger].level = get_log_level(o['log_level'])
|
||||
o[:logger].level = get_log_level(o["log_level"])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/fetcher'
|
||||
require 'forwardable'
|
||||
require "inspec/fetcher"
|
||||
require "forwardable"
|
||||
|
||||
module Inspec
|
||||
class CachedFetcher
|
||||
|
|
|
@ -1,58 +1,58 @@
|
|||
# Copyright 2015 Dominik Richter
|
||||
|
||||
require 'logger'
|
||||
require 'thor'
|
||||
require 'json'
|
||||
require 'pp'
|
||||
require 'inspec/utils/json_log'
|
||||
require 'inspec/utils/latest_version'
|
||||
require 'inspec/base_cli'
|
||||
require 'inspec/plugin/v1'
|
||||
require 'inspec/plugin/v2'
|
||||
require 'inspec/runner_mock'
|
||||
require 'inspec/env_printer'
|
||||
require 'inspec/schema'
|
||||
require 'inspec/config'
|
||||
require 'inspec/dist'
|
||||
require "logger"
|
||||
require "thor"
|
||||
require "json"
|
||||
require "pp"
|
||||
require "inspec/utils/json_log"
|
||||
require "inspec/utils/latest_version"
|
||||
require "inspec/base_cli"
|
||||
require "inspec/plugin/v1"
|
||||
require "inspec/plugin/v2"
|
||||
require "inspec/runner_mock"
|
||||
require "inspec/env_printer"
|
||||
require "inspec/schema"
|
||||
require "inspec/config"
|
||||
require "inspec/dist"
|
||||
|
||||
class Inspec::InspecCLI < Inspec::BaseCLI
|
||||
class_option :log_level, aliases: :l, type: :string,
|
||||
desc: 'Set the log level: info (default), debug, warn, error'
|
||||
desc: "Set the log level: info (default), debug, warn, error"
|
||||
|
||||
class_option :log_location, type: :string,
|
||||
desc: 'Location to send diagnostic log messages to. (default: $stdout or Inspec::Log.error)'
|
||||
desc: "Location to send diagnostic log messages to. (default: $stdout or Inspec::Log.error)"
|
||||
|
||||
class_option :diagnose, type: :boolean,
|
||||
desc: 'Show diagnostics (versions, configurations)'
|
||||
desc: "Show diagnostics (versions, configurations)"
|
||||
|
||||
class_option :color, type: :boolean,
|
||||
desc: 'Use colors in output.'
|
||||
desc: "Use colors in output."
|
||||
|
||||
class_option :interactive, type: :boolean,
|
||||
desc: 'Allow or disable user interaction'
|
||||
desc: "Allow or disable user interaction"
|
||||
|
||||
class_option :disable_core_plugins, type: :string, banner: '', # Actually a boolean, but this suppresses the creation of a --no-disable...
|
||||
desc: 'Disable loading all plugins that are shipped in the lib/plugins directory of InSpec. Useful in development.'
|
||||
class_option :disable_core_plugins, type: :string, banner: "", # Actually a boolean, but this suppresses the creation of a --no-disable...
|
||||
desc: "Disable loading all plugins that are shipped in the lib/plugins directory of InSpec. Useful in development."
|
||||
|
||||
class_option :disable_user_plugins, type: :string, banner: '',
|
||||
desc: 'Disable loading all plugins that the user installed.'
|
||||
class_option :disable_user_plugins, type: :string, banner: "",
|
||||
desc: "Disable loading all plugins that the user installed."
|
||||
|
||||
class_option :enable_telemetry, type: :boolean,
|
||||
desc: 'Allow or disable telemetry', default: false
|
||||
desc: "Allow or disable telemetry", default: false
|
||||
|
||||
require 'license_acceptance/cli_flags/thor'
|
||||
require "license_acceptance/cli_flags/thor"
|
||||
include LicenseAcceptance::CLIFlags::Thor
|
||||
|
||||
desc 'json PATH', 'read all tests in PATH and generate a JSON summary'
|
||||
desc "json PATH", "read all tests in PATH and generate a JSON summary"
|
||||
option :output, aliases: :o, type: :string,
|
||||
desc: 'Save the created profile to a path'
|
||||
desc: "Save the created profile to a path"
|
||||
option :controls, type: :array,
|
||||
desc: 'A list of controls to include. Ignore all other tests.'
|
||||
desc: "A list of controls to include. Ignore all other tests."
|
||||
profile_options
|
||||
def json(target)
|
||||
o = config
|
||||
diagnose(o)
|
||||
o['log_location'] = $stderr
|
||||
o["log_location"] = $stderr
|
||||
configure_logger(o)
|
||||
|
||||
o[:backend] = Inspec::Backend.create(Inspec::Config.mock)
|
||||
|
@ -63,7 +63,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
info = profile.info
|
||||
# add in inspec version
|
||||
info[:generator] = {
|
||||
name: 'inspec',
|
||||
name: "inspec",
|
||||
version: Inspec::VERSION,
|
||||
}
|
||||
dst = o[:output].to_s
|
||||
|
@ -82,14 +82,14 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'check PATH', 'verify all tests at the specified PATH'
|
||||
desc "check PATH", "verify all tests at the specified PATH"
|
||||
option :format, type: :string
|
||||
profile_options
|
||||
def check(path) # rubocop:disable Metrics/AbcSize,Metrics/MethodLength
|
||||
o = config
|
||||
diagnose(o)
|
||||
o['log_location'] ||= STDERR if o['format'] == 'json'
|
||||
o['log_level'] ||= 'warn'
|
||||
o["log_location"] ||= STDERR if o["format"] == "json"
|
||||
o["log_level"] ||= "warn"
|
||||
configure_logger(o)
|
||||
|
||||
o[:backend] = Inspec::Backend.create(Inspec::Config.mock)
|
||||
|
@ -100,25 +100,25 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
profile = Inspec::Profile.for_target(path, o)
|
||||
result = profile.check
|
||||
|
||||
if o['format'] == 'json'
|
||||
if o["format"] == "json"
|
||||
puts JSON.generate(result)
|
||||
else
|
||||
%w{location profile controls timestamp valid}.each do |item|
|
||||
puts format('%-12s %s', item.to_s.capitalize + ':',
|
||||
puts format("%-12s %s", item.to_s.capitalize + ":",
|
||||
mark_text(result[:summary][item.to_sym]))
|
||||
end
|
||||
puts
|
||||
|
||||
if result[:errors].empty? and result[:warnings].empty?
|
||||
puts 'No errors or warnings'
|
||||
if result[:errors].empty? && result[:warnings].empty?
|
||||
puts "No errors or warnings"
|
||||
else
|
||||
red = "\033[31m"
|
||||
yellow = "\033[33m"
|
||||
rst = "\033[0m"
|
||||
|
||||
item_msg = lambda { |item|
|
||||
pos = [item[:file], item[:line], item[:column]].compact.join(':')
|
||||
pos.empty? ? item[:msg] : pos + ': ' + item[:msg]
|
||||
pos = [item[:file], item[:line], item[:column]].compact.join(":")
|
||||
pos.empty? ? item[:msg] : pos + ": " + item[:msg]
|
||||
}
|
||||
result[:errors].each do |item|
|
||||
puts "#{red} ✖ #{item_msg.call(item)}#{rst}"
|
||||
|
@ -128,7 +128,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
end
|
||||
|
||||
puts
|
||||
puts format('Summary: %s%d errors%s, %s%d warnings%s',
|
||||
puts format("Summary: %s%d errors%s, %s%d warnings%s",
|
||||
red, result[:errors].length, rst,
|
||||
yellow, result[:warnings].length, rst)
|
||||
end
|
||||
|
@ -138,9 +138,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'vendor PATH', 'Download all dependencies and generate a lockfile in a `vendor` directory'
|
||||
desc "vendor PATH", "Download all dependencies and generate a lockfile in a `vendor` directory"
|
||||
option :overwrite, type: :boolean, default: false,
|
||||
desc: 'Overwrite existing vendored dependencies and lockfile.'
|
||||
desc: "Overwrite existing vendored dependencies and lockfile."
|
||||
def vendor(path = nil)
|
||||
o = config
|
||||
configure_logger(o)
|
||||
|
@ -150,18 +150,18 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
vendor_deps(path, o)
|
||||
end
|
||||
|
||||
desc 'archive PATH', 'archive a profile to tar.gz (default) or zip'
|
||||
desc "archive PATH", "archive a profile to tar.gz (default) or zip"
|
||||
profile_options
|
||||
option :output, aliases: :o, type: :string,
|
||||
desc: 'Save the archive to a path'
|
||||
desc: "Save the archive to a path"
|
||||
option :zip, type: :boolean, default: false,
|
||||
desc: 'Generates a zip archive.'
|
||||
desc: "Generates a zip archive."
|
||||
option :tar, type: :boolean, default: false,
|
||||
desc: 'Generates a tar.gz archive.'
|
||||
desc: "Generates a tar.gz archive."
|
||||
option :overwrite, type: :boolean, default: false,
|
||||
desc: 'Overwrite existing archive.'
|
||||
desc: "Overwrite existing archive."
|
||||
option :ignore_errors, type: :boolean, default: false,
|
||||
desc: 'Ignore profile warnings.'
|
||||
desc: "Ignore profile warnings."
|
||||
def archive(path)
|
||||
o = config
|
||||
diagnose(o)
|
||||
|
@ -179,7 +179,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
result = profile.check
|
||||
|
||||
if result && !o[:ignore_errors] == false
|
||||
o[:logger].info 'Profile check failed. Please fix the profile before generating an archive.'
|
||||
o[:logger].info "Profile check failed. Please fix the profile before generating an archive."
|
||||
return exit 1
|
||||
end
|
||||
|
||||
|
@ -189,7 +189,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'exec LOCATIONS', 'run all test files at the specified LOCATIONS.'
|
||||
desc "exec LOCATIONS", "run all test files at the specified LOCATIONS."
|
||||
# TODO: find a way for Thor not to butcher the formatting of this
|
||||
long_desc <<~EOT
|
||||
Loads the given profile(s) and fetches their dependencies if needed. Then
|
||||
|
@ -279,17 +279,17 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'detect', 'detect the target OS'
|
||||
desc "detect", "detect the target OS"
|
||||
target_options
|
||||
option :format, type: :string
|
||||
def detect
|
||||
o = config
|
||||
o[:command] = 'platform.params'
|
||||
o[:command] = "platform.params"
|
||||
(_, res) = run_command(o)
|
||||
if o['format'] == 'json'
|
||||
if o["format"] == "json"
|
||||
puts res.to_json
|
||||
else
|
||||
headline('Platform Details')
|
||||
headline("Platform Details")
|
||||
puts Inspec::BaseCLI.format_platform_info(params: res, indent: 0, color: 36)
|
||||
end
|
||||
rescue ArgumentError, RuntimeError, Train::UserError => e
|
||||
|
@ -299,17 +299,17 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'shell', 'open an interactive debugging shell'
|
||||
desc "shell", "open an interactive debugging shell"
|
||||
target_options
|
||||
option :command, aliases: :c,
|
||||
desc: 'A single command string to run instead of launching the shell'
|
||||
desc: "A single command string to run instead of launching the shell"
|
||||
option :reporter, type: :array,
|
||||
banner: 'one two:/output/file/path',
|
||||
desc: 'Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit'
|
||||
banner: "one two:/output/file/path",
|
||||
desc: "Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit"
|
||||
option :depends, type: :array, default: [],
|
||||
desc: 'A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell'
|
||||
desc: "A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell"
|
||||
option :distinct_exit, type: :boolean, default: true,
|
||||
desc: 'Exit with code 100 if any tests fail, and 101 if any are skipped but none failed (default). If disabled, exit 0 on skips and 1 for failures.'
|
||||
desc: "Exit with code 100 if any tests fail, and 101 if any are skipped but none failed (default). If disabled, exit 0 on skips and 1 for failures."
|
||||
def shell_func
|
||||
o = config
|
||||
diagnose(o)
|
||||
|
@ -328,7 +328,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
exit res unless run_type == :ruby_eval
|
||||
|
||||
# No InSpec tests - just print evaluation output.
|
||||
res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if o['reporter']&.keys&.include?('json')
|
||||
res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if o["reporter"]&.keys&.include?("json")
|
||||
puts res
|
||||
exit 0
|
||||
rescue RuntimeError, Train::UserError => e
|
||||
|
@ -337,7 +337,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'env', 'Output shell-appropriate completion configuration'
|
||||
desc "env", "Output shell-appropriate completion configuration"
|
||||
def env(shell = nil)
|
||||
p = Inspec::EnvPrinter.new(self.class, shell)
|
||||
p.print_and_exit!
|
||||
|
@ -345,7 +345,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
pretty_handle_exception(e)
|
||||
end
|
||||
|
||||
desc 'schema NAME', 'print the JSON schema', hide: true
|
||||
desc "schema NAME", "print the JSON schema", hide: true
|
||||
def schema(name)
|
||||
puts Inspec::Schema.json(name)
|
||||
rescue StandardError => e
|
||||
|
@ -353,10 +353,10 @@ class Inspec::InspecCLI < Inspec::BaseCLI
|
|||
puts "Valid schemas are #{Inspec::Schema.names.join(', ')}"
|
||||
end
|
||||
|
||||
desc 'version', 'prints the version of this tool'
|
||||
desc "version", "prints the version of this tool"
|
||||
option :format, type: :string
|
||||
def version
|
||||
if config['format'] == 'json'
|
||||
if config["format"] == "json"
|
||||
v = { version: Inspec::VERSION }
|
||||
puts v.to_json
|
||||
else
|
||||
|
@ -386,25 +386,25 @@ end
|
|||
# Pre-Flight Code
|
||||
#=====================================================================#
|
||||
|
||||
help_commands = ['-h', '--help', 'help']
|
||||
version_commands = ['-v', '--version', 'version']
|
||||
help_commands = ["-h", "--help", "help"]
|
||||
version_commands = ["-v", "--version", "version"]
|
||||
commands_exempt_from_license_check = help_commands + version_commands
|
||||
|
||||
#---------------------------------------------------------------------#
|
||||
# EULA acceptance
|
||||
#---------------------------------------------------------------------#
|
||||
require 'license_acceptance/acceptor'
|
||||
require "license_acceptance/acceptor"
|
||||
begin
|
||||
if (commands_exempt_from_license_check & ARGV.map(&:downcase)).empty? && # Did they use a non-exempt command?
|
||||
!ARGV.empty? # Did they supply at least one command?
|
||||
LicenseAcceptance::Acceptor.check_and_persist(
|
||||
'inspec',
|
||||
"inspec",
|
||||
Inspec::VERSION,
|
||||
logger: Inspec::Log,
|
||||
logger: Inspec::Log
|
||||
)
|
||||
end
|
||||
rescue LicenseAcceptance::LicenseNotAcceptedError
|
||||
Inspec::Log.error 'InSpec cannot execute without accepting the license'
|
||||
Inspec::Log.error "InSpec cannot execute without accepting the license"
|
||||
Inspec::UI.new.exit(:license_not_accepted)
|
||||
end
|
||||
|
||||
|
@ -425,8 +425,8 @@ end
|
|||
#---------------------------------------------------------------------#
|
||||
begin
|
||||
# Load v2 plugins. Manually check for plugin disablement.
|
||||
omit_core = ARGV.delete('--disable-core-plugins')
|
||||
omit_user = ARGV.delete('--disable-user-plugins')
|
||||
omit_core = ARGV.delete("--disable-core-plugins")
|
||||
omit_user = ARGV.delete("--disable-user-plugins")
|
||||
v2_loader = Inspec::Plugin::V2::Loader.new(omit_core_plugins: omit_core, omit_user_plugins: omit_user)
|
||||
v2_loader.load_all
|
||||
v2_loader.exit_on_load_error
|
||||
|
@ -437,23 +437,23 @@ begin
|
|||
ctl.list.each { |x| ctl.load(x) }
|
||||
|
||||
# load v1 CLI plugins before the InSpec CLI has been started
|
||||
Inspec::Plugins::CLI.subcommands.each { |_subcommand, params|
|
||||
Inspec::Plugins::CLI.subcommands.each do |_subcommand, params|
|
||||
Inspec::InspecCLI.register(
|
||||
params[:klass],
|
||||
params[:subcommand_name],
|
||||
params[:usage],
|
||||
params[:description],
|
||||
params[:options],
|
||||
params[:options]
|
||||
)
|
||||
}
|
||||
end
|
||||
rescue Inspec::Plugin::V2::Exception => v2ex
|
||||
Inspec::Log.error v2ex.message
|
||||
|
||||
if ARGV.include?('--debug')
|
||||
if ARGV.include?("--debug")
|
||||
Inspec::Log.error v2ex.class.name
|
||||
Inspec::Log.error v2ex.backtrace.join("\n")
|
||||
else
|
||||
Inspec::Log.error 'Run again with --debug for a stacktrace.'
|
||||
Inspec::Log.error "Run again with --debug for a stacktrace."
|
||||
end
|
||||
exit 2
|
||||
end
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
# Represents InSpec configuration. Merges defaults, config file options,
|
||||
# and CLI arguments.
|
||||
|
||||
require 'pp'
|
||||
require 'stringio'
|
||||
require 'forwardable'
|
||||
require 'thor'
|
||||
require 'base64'
|
||||
require 'inspec/base_cli'
|
||||
require "pp"
|
||||
require "stringio"
|
||||
require "forwardable"
|
||||
require "thor"
|
||||
require "base64"
|
||||
require "inspec/base_cli"
|
||||
|
||||
module Inspec
|
||||
class Config
|
||||
|
@ -31,7 +31,7 @@ module Inspec
|
|||
|
||||
# This makes it easy to make a config with a mock backend.
|
||||
def self.mock(opts = {})
|
||||
Inspec::Config.new({ backend: :mock }.merge(opts), StringIO.new('{}'))
|
||||
Inspec::Config.new({ backend: :mock }.merge(opts), StringIO.new("{}"))
|
||||
end
|
||||
|
||||
# Use this to get a cached version of the config. This prevents you from
|
||||
|
@ -62,11 +62,11 @@ module Inspec
|
|||
return unless self[:diagnose]
|
||||
puts "InSpec version: #{Inspec::VERSION}"
|
||||
puts "Train version: #{Train::VERSION}"
|
||||
puts 'Command line configuration:'
|
||||
puts "Command line configuration:"
|
||||
pp @cli_opts
|
||||
puts 'JSON configuration file:'
|
||||
puts "JSON configuration file:"
|
||||
pp @cfg_file_contents
|
||||
puts 'Merged configuration:'
|
||||
puts "Merged configuration:"
|
||||
pp @merged_options
|
||||
puts
|
||||
end
|
||||
|
@ -74,7 +74,7 @@ module Inspec
|
|||
# return all telemetry options from config
|
||||
# @return [Hash]
|
||||
def telemetry_options
|
||||
final_options.select { |key, _| key.include?('telemetry') }
|
||||
final_options.select { |key, _| key.include?("telemetry") }
|
||||
end
|
||||
|
||||
#-----------------------------------------------------------------------#
|
||||
|
@ -131,7 +131,7 @@ module Inspec
|
|||
credentials.merge!(unprefixed_transport_options)
|
||||
|
||||
# If there are any prefixed options, merge them in, stripping the prefix.
|
||||
transport_prefix = transport_name.downcase.tr('-', '_') + '_'
|
||||
transport_prefix = transport_name.downcase.tr("-", "_") + "_"
|
||||
transport_options.each do |bare_option_name|
|
||||
prefixed_option_name = transport_prefix + bare_option_name.to_s
|
||||
if final_options.key?(prefixed_option_name)
|
||||
|
@ -150,7 +150,7 @@ module Inspec
|
|||
|
||||
# Default to local
|
||||
unless @final_options.key?(:target)
|
||||
credentials[:backend] = 'local'
|
||||
credentials[:backend] = "local"
|
||||
return
|
||||
end
|
||||
|
||||
|
@ -167,7 +167,7 @@ module Inspec
|
|||
credset_name = _utc_find_credset_name(credentials, transport_name)
|
||||
|
||||
if credset_name
|
||||
credset = @cfg_file_contents.dig('credentials', transport_name, credset_name)
|
||||
credset = @cfg_file_contents.dig("credentials", transport_name, credset_name)
|
||||
if credset
|
||||
credentials.merge!(credset)
|
||||
else
|
||||
|
@ -195,7 +195,7 @@ module Inspec
|
|||
|
||||
# Regardless of our situation, end up with a readable IO object
|
||||
def resolve_cfg_io(cli_opts, cfg_io)
|
||||
raise(ArgumentError, 'Inspec::Config must use an IO to read from') if cfg_io && !cfg_io.respond_to?(:read)
|
||||
raise(ArgumentError, "Inspec::Config must use an IO to read from") if cfg_io && !cfg_io.respond_to?(:read)
|
||||
cfg_io ||= check_for_piped_config(cli_opts)
|
||||
return cfg_io if cfg_io
|
||||
|
||||
|
@ -210,10 +210,10 @@ module Inspec
|
|||
Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
|
||||
|
||||
return nil unless cli_opt
|
||||
return nil unless cli_opt == '-'
|
||||
return nil unless cli_opt == "-"
|
||||
# This warning is here so that if a user invokes inspec with --config=-,
|
||||
# they will have an explanation for why it appears to hang.
|
||||
Inspec::Log.warn 'Reading JSON config from standard input' if STDIN.tty?
|
||||
Inspec::Log.warn "Reading JSON config from standard input" if STDIN.tty?
|
||||
STDIN
|
||||
end
|
||||
|
||||
|
@ -222,7 +222,7 @@ module Inspec
|
|||
Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
|
||||
|
||||
if path.nil?
|
||||
default_path = File.join(Inspec.config_dir, 'config.json')
|
||||
default_path = File.join(Inspec.config_dir, "config.json")
|
||||
path = default_path if File.exist?(default_path)
|
||||
elsif !File.exist?(path)
|
||||
raise ArgumentError, "Could not read configuration file at #{path}"
|
||||
|
@ -249,7 +249,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def file_version
|
||||
@cfg_file_contents['version'] || :legacy
|
||||
@cfg_file_contents["version"] || :legacy
|
||||
end
|
||||
|
||||
def legacy_file?
|
||||
|
@ -261,26 +261,26 @@ module Inspec
|
|||
# Assume everything in the file is a CLI option
|
||||
@cfg_file_contents
|
||||
else
|
||||
@cfg_file_contents['cli_options'] || {}
|
||||
@cfg_file_contents["cli_options"] || {}
|
||||
end
|
||||
end
|
||||
|
||||
def config_file_reporter_options
|
||||
# This is assumed to be top-level in both legacy and 1.1.
|
||||
# Technically, you could sneak it in the 1.1 cli opts area.
|
||||
@cfg_file_contents.key?('reporter') ? { 'reporter' => @cfg_file_contents['reporter'] } : {}
|
||||
@cfg_file_contents.key?("reporter") ? { "reporter" => @cfg_file_contents["reporter"] } : {}
|
||||
end
|
||||
|
||||
#-----------------------------------------------------------------------#
|
||||
# Validation
|
||||
#-----------------------------------------------------------------------#
|
||||
def validate_config_file_contents!
|
||||
version = @cfg_file_contents['version']
|
||||
version = @cfg_file_contents["version"]
|
||||
|
||||
# Assume legacy format, which is unconstrained
|
||||
return unless version
|
||||
|
||||
unless version == '1.1'
|
||||
unless version == "1.1"
|
||||
raise Inspec::ConfigError::Invalid, "Unsupported config file version '#{version}' - currently supported versions: 1.1"
|
||||
end
|
||||
|
||||
|
@ -296,23 +296,23 @@ module Inspec
|
|||
return if reporters.nil?
|
||||
# TODO: move this into a reporter plugin type system
|
||||
valid_types = [
|
||||
'automate',
|
||||
'cli',
|
||||
'documentation',
|
||||
'html',
|
||||
'json',
|
||||
'json-automate',
|
||||
'json-min',
|
||||
'json-rspec',
|
||||
'junit',
|
||||
'progress',
|
||||
'yaml',
|
||||
"automate",
|
||||
"cli",
|
||||
"documentation",
|
||||
"html",
|
||||
"json",
|
||||
"json-automate",
|
||||
"json-min",
|
||||
"json-rspec",
|
||||
"junit",
|
||||
"progress",
|
||||
"yaml",
|
||||
]
|
||||
|
||||
reporters.each do |reporter_name, reporter_config|
|
||||
raise NotImplementedError, "'#{reporter_name}' is not a valid reporter type." unless valid_types.include?(reporter_name)
|
||||
|
||||
next unless reporter_name == 'automate'
|
||||
next unless reporter_name == "automate"
|
||||
%w{token url}.each do |option|
|
||||
raise Inspec::ReporterError, "You must specify a automate #{option} via the config file." if reporter_config[option].nil?
|
||||
end
|
||||
|
@ -321,10 +321,10 @@ module Inspec
|
|||
# check to make sure we are only reporting one type to stdout
|
||||
stdout_reporters = 0
|
||||
reporters.each_value do |reporter_config|
|
||||
stdout_reporters += 1 if reporter_config['stdout'] == true
|
||||
stdout_reporters += 1 if reporter_config["stdout"] == true
|
||||
end
|
||||
|
||||
raise ArgumentError, 'The option --reporter can only have a single report outputting to stdout.' if stdout_reporters > 1
|
||||
raise ArgumentError, "The option --reporter can only have a single report outputting to stdout." if stdout_reporters > 1
|
||||
end
|
||||
|
||||
#-----------------------------------------------------------------------#
|
||||
|
@ -368,36 +368,36 @@ module Inspec
|
|||
|
||||
def finalize_parse_reporters(options) # rubocop:disable Metrics/AbcSize
|
||||
# default to cli report for ad-hoc runners
|
||||
options['reporter'] = ['cli'] if options['reporter'].nil?
|
||||
options["reporter"] = ["cli"] if options["reporter"].nil?
|
||||
|
||||
# parse out cli to proper report format
|
||||
if options['reporter'].is_a?(Array)
|
||||
if options["reporter"].is_a?(Array)
|
||||
reports = {}
|
||||
options['reporter'].each do |report|
|
||||
reporter_name, destination = report.split(':', 2)
|
||||
if destination.nil? || destination.strip == '-'
|
||||
reports[reporter_name] = { 'stdout' => true }
|
||||
options["reporter"].each do |report|
|
||||
reporter_name, destination = report.split(":", 2)
|
||||
if destination.nil? || destination.strip == "-"
|
||||
reports[reporter_name] = { "stdout" => true }
|
||||
else
|
||||
reports[reporter_name] = {
|
||||
'file' => destination,
|
||||
'stdout' => false,
|
||||
"file" => destination,
|
||||
"stdout" => false,
|
||||
}
|
||||
reports[reporter_name]['target_id'] = options['target_id'] if options['target_id']
|
||||
reports[reporter_name]["target_id"] = options["target_id"] if options["target_id"]
|
||||
end
|
||||
end
|
||||
options['reporter'] = reports
|
||||
options["reporter"] = reports
|
||||
end
|
||||
|
||||
# add in stdout if not specified
|
||||
if options['reporter'].is_a?(Hash)
|
||||
options['reporter'].each do |reporter_name, config|
|
||||
options['reporter'][reporter_name] = {} if config.nil?
|
||||
options['reporter'][reporter_name]['stdout'] = true if options['reporter'][reporter_name].empty?
|
||||
options['reporter'][reporter_name]['target_id'] = options['target_id'] if options['target_id']
|
||||
if options["reporter"].is_a?(Hash)
|
||||
options["reporter"].each do |reporter_name, config|
|
||||
options["reporter"][reporter_name] = {} if config.nil?
|
||||
options["reporter"][reporter_name]["stdout"] = true if options["reporter"][reporter_name].empty?
|
||||
options["reporter"][reporter_name]["target_id"] = options["target_id"] if options["target_id"]
|
||||
end
|
||||
end
|
||||
|
||||
validate_reporters!(options['reporter'])
|
||||
validate_reporters!(options["reporter"])
|
||||
options
|
||||
end
|
||||
|
||||
|
@ -408,38 +408,38 @@ module Inspec
|
|||
# whenever it is used, it requires a value. Handle options that were
|
||||
# defined in such a way and require a value here:
|
||||
%w{password sudo-password}.each do |option_name|
|
||||
snake_case_option_name = option_name.tr('-', '_').to_s
|
||||
snake_case_option_name = option_name.tr("-", "_").to_s
|
||||
next unless options[snake_case_option_name] == -1 # Thor sets -1 for missing value - see #1918
|
||||
raise ArgumentError, "Please provide a value for --#{option_name}. For example: --#{option_name}=hello."
|
||||
end
|
||||
|
||||
# Infer `--sudo` if using `--sudo-password` without `--sudo`
|
||||
if options['sudo_password'] && !options['sudo']
|
||||
options['sudo'] = true
|
||||
Inspec::Log.warn '`--sudo-password` used without `--sudo`. Adding `--sudo`.'
|
||||
if options["sudo_password"] && !options["sudo"]
|
||||
options["sudo"] = true
|
||||
Inspec::Log.warn "`--sudo-password` used without `--sudo`. Adding `--sudo`."
|
||||
end
|
||||
end
|
||||
|
||||
def finalize_compliance_login(options)
|
||||
# check for compliance settings
|
||||
# This is always a hash, comes from config file, not CLI opts
|
||||
if options.key?('compliance')
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/api'
|
||||
InspecPlugins::Compliance::API.login(options['compliance'])
|
||||
if options.key?("compliance")
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/api"
|
||||
InspecPlugins::Compliance::API.login(options["compliance"])
|
||||
end
|
||||
end
|
||||
|
||||
class Defaults
|
||||
DEFAULTS = {
|
||||
exec: {
|
||||
'reporter' => ['cli'],
|
||||
'show_progress' => false,
|
||||
'color' => true,
|
||||
'create_lockfile' => true,
|
||||
'backend_cache' => true,
|
||||
"reporter" => ["cli"],
|
||||
"show_progress" => false,
|
||||
"color" => true,
|
||||
"create_lockfile" => true,
|
||||
"backend_cache" => true,
|
||||
},
|
||||
shell: {
|
||||
'reporter' => ['cli'],
|
||||
"reporter" => ["cli"],
|
||||
},
|
||||
}.freeze
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
require 'inspec/dsl'
|
||||
require 'inspec/dsl_shared'
|
||||
require 'rspec/core/dsl'
|
||||
require "inspec/dsl"
|
||||
require "inspec/dsl_shared"
|
||||
require "rspec/core/dsl"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
@ -233,7 +233,7 @@ module Inspec
|
|||
|
||||
def block_location(block, alternate_caller)
|
||||
if block.nil?
|
||||
alternate_caller[/^(.+:\d+):in .+$/, 1] || 'unknown'
|
||||
alternate_caller[/^(.+:\d+):in .+$/, 1] || "unknown"
|
||||
else
|
||||
path, line = block.source_location
|
||||
"#{File.basename(path)}:#{line}"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'fileutils'
|
||||
require "fileutils"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
@ -17,7 +17,7 @@ module Inspec
|
|||
class Cache
|
||||
attr_reader :path
|
||||
def initialize(path = nil)
|
||||
@path = path || File.join(Inspec.config_dir, 'cache')
|
||||
@path = path || File.join(Inspec.config_dir, "cache")
|
||||
FileUtils.mkdir_p(@path) unless File.directory?(@path)
|
||||
end
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/dependencies/requirement'
|
||||
require 'inspec/dependencies/resolver'
|
||||
require "inspec/dependencies/requirement"
|
||||
require "inspec/dependencies/resolver"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'yaml'
|
||||
require "yaml"
|
||||
|
||||
module Inspec
|
||||
class Lockfile
|
||||
|
@ -8,15 +8,15 @@ module Inspec
|
|||
|
||||
def self.from_dependency_set(dep_set)
|
||||
lockfile_content = {
|
||||
'lockfile_version' => CURRENT_LOCKFILE_VERSION,
|
||||
'depends' => dep_set.to_array,
|
||||
"lockfile_version" => CURRENT_LOCKFILE_VERSION,
|
||||
"depends" => dep_set.to_array,
|
||||
}
|
||||
new(lockfile_content)
|
||||
end
|
||||
|
||||
def self.from_content(content)
|
||||
parsed_content = YAML.load(content)
|
||||
version = parsed_content['lockfile_version']
|
||||
version = parsed_content["lockfile_version"]
|
||||
raise "No lockfile_version set in #{path}!" if version.nil?
|
||||
validate_lockfile_version!(version.to_i)
|
||||
new(parsed_content)
|
||||
|
@ -50,15 +50,15 @@ module Inspec
|
|||
|
||||
attr_reader :version, :deps
|
||||
def initialize(lockfile_content_hash)
|
||||
version = lockfile_content_hash['lockfile_version']
|
||||
version = lockfile_content_hash["lockfile_version"]
|
||||
@version = version.to_i
|
||||
parse_content_hash(lockfile_content_hash)
|
||||
end
|
||||
|
||||
def to_yaml
|
||||
{
|
||||
'lockfile_version' => CURRENT_LOCKFILE_VERSION,
|
||||
'depends' => @deps.map { |i| stringify_keys(i) },
|
||||
"lockfile_version" => CURRENT_LOCKFILE_VERSION,
|
||||
"depends" => @deps.map { |i| stringify_keys(i) },
|
||||
}.to_yaml
|
||||
end
|
||||
|
||||
|
@ -84,7 +84,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def parse_content_hash_1(lockfile_content_hash)
|
||||
@deps = lockfile_content_hash['depends']&.map { |i| symbolize_keys(i) }
|
||||
@deps = lockfile_content_hash["depends"]&.map { |i| symbolize_keys(i) }
|
||||
end
|
||||
|
||||
def mutate_hash_keys_with(hash, fun)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/cached_fetcher'
|
||||
require 'semverse'
|
||||
require "inspec/cached_fetcher"
|
||||
require "semverse"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
@ -8,7 +8,7 @@ module Inspec
|
|||
#
|
||||
class Requirement
|
||||
def self.from_metadata(dep, cache, opts)
|
||||
raise 'Cannot load empty dependency.' if dep.nil? || dep.empty?
|
||||
raise "Cannot load empty dependency." if dep.nil? || dep.empty?
|
||||
|
||||
req_path = opts[:cwd]
|
||||
|
||||
|
@ -81,13 +81,13 @@ module Inspec
|
|||
|
||||
def to_hash
|
||||
h = {
|
||||
'name' => name,
|
||||
'resolved_source' => resolved_source,
|
||||
'version_constraints' => version_constraints,
|
||||
"name" => name,
|
||||
"resolved_source" => resolved_source,
|
||||
"version_constraints" => version_constraints,
|
||||
}
|
||||
|
||||
if !dependencies.empty?
|
||||
h['dependencies'] = dependencies.map(&:to_hash)
|
||||
h["dependencies"] = dependencies.map(&:to_hash)
|
||||
end
|
||||
|
||||
h
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/log'
|
||||
require 'inspec/errors'
|
||||
require "inspec/log"
|
||||
require "inspec/errors"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
@ -35,7 +35,7 @@ module Inspec
|
|||
deps.each do |dep|
|
||||
if seen_items_local.include?(dep.name)
|
||||
problem_cookbook = if top_level
|
||||
'the inspec.yml for this profile.'
|
||||
"the inspec.yml for this profile."
|
||||
else
|
||||
"the dependency information for #{path_string.split(' ').last}"
|
||||
end
|
||||
|
@ -47,7 +47,7 @@ module Inspec
|
|||
end
|
||||
|
||||
# Here deps is an Array of Inspec::Requirement
|
||||
def resolve(deps, top_level = true, seen_items = {}, path_string = '') # rubocop:disable Metrics/AbcSize
|
||||
def resolve(deps, top_level = true, seen_items = {}, path_string = "") # rubocop:disable Metrics/AbcSize
|
||||
graph = {}
|
||||
if top_level
|
||||
Inspec::Log.debug("Starting traversal of dependencies #{deps.map(&:to_s)}")
|
||||
|
@ -79,7 +79,7 @@ module Inspec
|
|||
end
|
||||
end
|
||||
|
||||
Inspec::Log.debug('Dependency traversal complete.') if top_level
|
||||
Inspec::Log.debug("Dependency traversal complete.") if top_level
|
||||
graph
|
||||
end
|
||||
end
|
||||
|
|
|
@ -13,11 +13,11 @@ module Inspec
|
|||
def one(&block)
|
||||
return unless block_given?
|
||||
instance_eval(&block)
|
||||
@action.call('describe.one', @checks, nil)
|
||||
@action.call("describe.one", @checks, nil)
|
||||
end
|
||||
|
||||
def describe(*args, &block)
|
||||
@checks.push(['describe', args, block])
|
||||
@checks.push(["describe", args, block])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -3,18 +3,18 @@
|
|||
module Inspec
|
||||
module Dist
|
||||
# When referencing a product directly, like InSpec
|
||||
PRODUCT_NAME = 'Chef InSpec'
|
||||
PRODUCT_NAME = "Chef InSpec"
|
||||
|
||||
# The inspec executable
|
||||
EXEC_NAME = 'inspec'
|
||||
EXEC_NAME = "inspec"
|
||||
|
||||
# The name of the server product
|
||||
SERVER_PRODUCT_NAME = 'Chef Server'
|
||||
SERVER_PRODUCT_NAME = "Chef Server"
|
||||
|
||||
# name of the automate product
|
||||
AUTOMATE_PRODUCT_NAME = 'Chef Automate'
|
||||
AUTOMATE_PRODUCT_NAME = "Chef Automate"
|
||||
|
||||
# name of the compliance product
|
||||
COMPLIANCE_PRODUCT_NAME = 'Chef Compliance'
|
||||
COMPLIANCE_PRODUCT_NAME = "Chef Compliance"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# copyright: 2015, Dominik Richter
|
||||
require 'inspec/log'
|
||||
require 'inspec/plugin/v2'
|
||||
require "inspec/log"
|
||||
require "inspec/plugin/v2"
|
||||
|
||||
module Inspec::DSL
|
||||
def require_controls(id, &block)
|
||||
|
@ -17,7 +17,7 @@ module Inspec::DSL
|
|||
alias include_rules include_controls
|
||||
|
||||
def require_resource(options = {})
|
||||
raise 'You must specify a specific resource name when calling require_resource()' if options[:resource].nil?
|
||||
raise "You must specify a specific resource name when calling require_resource()" if options[:resource].nil?
|
||||
|
||||
from_profile = options[:profile] || profile_name
|
||||
target_name = options[:as] || options[:resource]
|
||||
|
@ -81,7 +81,7 @@ module Inspec::DSL
|
|||
# remove all rules that were not registered
|
||||
context.all_rules.each do |r|
|
||||
id = Inspec::Rule.rule_id(r)
|
||||
fid = Inspec::Rule.profile_id(r) + '/' + id
|
||||
fid = Inspec::Rule.profile_id(r) + "/" + id
|
||||
unless include_ctx.rules[id] || include_ctx.rules[fid]
|
||||
context.remove_rule(fid)
|
||||
end
|
||||
|
|
|
@ -9,7 +9,7 @@ module Inspec
|
|||
alias __ruby_require require
|
||||
|
||||
def require(path)
|
||||
rbpath = path + '.rb'
|
||||
rbpath = path + ".rb"
|
||||
return __ruby_require(path) if !@require_loader.exists?(rbpath)
|
||||
return false if @require_loader.loaded?(rbpath)
|
||||
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
require 'inspec/shell_detector'
|
||||
require 'erb'
|
||||
require 'shellwords'
|
||||
require "inspec/shell_detector"
|
||||
require "erb"
|
||||
require "shellwords"
|
||||
|
||||
module Inspec
|
||||
class EnvPrinter
|
||||
attr_reader :shell
|
||||
|
||||
EVAL_COMMANDS = {
|
||||
'bash' => 'eval \"$(inspec env bash)\"',
|
||||
'fish' => 'inspec env fish > ~/.config/fish/completions/inspec.fish',
|
||||
'zsh' => 'eval \"$(inspec env zsh)\"',
|
||||
"bash" => 'eval \"$(inspec env bash)\"',
|
||||
"fish" => "inspec env fish > ~/.config/fish/completions/inspec.fish",
|
||||
"zsh" => 'eval \"$(inspec env zsh)\"',
|
||||
}.freeze
|
||||
|
||||
def initialize(command_class, shell = nil)
|
||||
|
@ -35,7 +35,7 @@ module Inspec
|
|||
private
|
||||
|
||||
def print_completion_for_shell
|
||||
erb = ERB.new(File.read(completion_template_path), nil, '-')
|
||||
erb = ERB.new(File.read(completion_template_path), nil, "-")
|
||||
puts erb.result(TemplateContext.new(@command_class).get_bindings)
|
||||
end
|
||||
|
||||
|
@ -48,7 +48,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def completion_dir
|
||||
File.join(File.dirname(__FILE__), 'completions')
|
||||
File.join(File.dirname(__FILE__), "completions")
|
||||
end
|
||||
|
||||
def completion_template_path
|
||||
|
@ -56,7 +56,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def shells_with_completions
|
||||
Dir.glob("#{completion_dir}/*.sh.erb").map { |f| File.basename(f, '.sh.erb') }
|
||||
Dir.glob("#{completion_dir}/*.sh.erb").map { |f| File.basename(f, ".sh.erb") }
|
||||
end
|
||||
|
||||
def print_usage_guidance
|
||||
|
@ -90,7 +90,7 @@ module Inspec
|
|||
|
||||
def exit_no_shell
|
||||
if @detected
|
||||
$stderr.puts '# Unable to automatically detect shell and no shell was provided.'
|
||||
$stderr.puts "# Unable to automatically detect shell and no shell was provided."
|
||||
end
|
||||
$stderr.puts <<~EOF
|
||||
#
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# copyright: 2016, Chef Software Inc.
|
||||
|
||||
require 'rspec/expectations'
|
||||
require "rspec/expectations"
|
||||
|
||||
module Inspec
|
||||
class Expect
|
||||
|
@ -22,11 +22,11 @@ module Inspec
|
|||
def example_group
|
||||
that = self
|
||||
|
||||
opts = { 'caller' => calls[0][3] } # TODO: this needs overhaul. no magic #s
|
||||
opts = { "caller" => calls[0][3] } # TODO: this needs overhaul. no magic #s
|
||||
if !calls[0][3].nil? && !calls[0][3].empty? &&
|
||||
(m = calls[0][3][0].match(/^([^:]*):(\d+):/))
|
||||
opts['file_path'] = m[0]
|
||||
opts['line_number'] = m[1]
|
||||
opts["file_path"] = m[0]
|
||||
opts["line_number"] = m[1]
|
||||
end
|
||||
|
||||
RSpec::Core::ExampleGroup.describe(that.value, opts) do
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/plugin/v1'
|
||||
require "inspec/plugin/v1"
|
||||
|
||||
module Inspec
|
||||
class FetcherRegistry < PluginRegistry
|
||||
|
@ -29,15 +29,15 @@ module Inspec
|
|||
|
||||
def self.fetcher(version)
|
||||
if version != 1
|
||||
raise 'Only fetcher version 1 is supported!'
|
||||
raise "Only fetcher version 1 is supported!"
|
||||
end
|
||||
Inspec::Plugins::Fetcher
|
||||
end
|
||||
end
|
||||
|
||||
require 'fetchers/local'
|
||||
require 'fetchers/url'
|
||||
require 'fetchers/git'
|
||||
require "fetchers/local"
|
||||
require "fetchers/url"
|
||||
require "fetchers/git"
|
||||
|
||||
# TODO: Remove in 4.0 when Compliance fetcher plugin is created
|
||||
require 'plugins/inspec-compliance/lib/inspec-compliance/api'
|
||||
require "plugins/inspec-compliance/lib/inspec-compliance/api"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
require 'rubygems/package'
|
||||
require 'zlib'
|
||||
require 'zip'
|
||||
require "rubygems/package"
|
||||
require "zlib"
|
||||
require "zip"
|
||||
|
||||
module Inspec
|
||||
class FileProvider
|
||||
|
@ -9,9 +9,9 @@ module Inspec
|
|||
MockProvider.new(path)
|
||||
elsif File.directory?(path)
|
||||
DirProvider.new(path)
|
||||
elsif File.exist?(path) && path.end_with?('.tar.gz', 'tgz')
|
||||
elsif File.exist?(path) && path.end_with?(".tar.gz", "tgz")
|
||||
TarProvider.new(path)
|
||||
elsif File.exist?(path) && path.end_with?('.zip')
|
||||
elsif File.exist?(path) && path.end_with?(".zip")
|
||||
ZipProvider.new(path)
|
||||
elsif File.exist?(path)
|
||||
DirProvider.new(path)
|
||||
|
@ -71,7 +71,7 @@ module Inspec
|
|||
@files = if File.file?(path)
|
||||
[path]
|
||||
else
|
||||
Dir[File.join(Shellwords.shellescape(path), '**', '*')]
|
||||
Dir[File.join(Shellwords.shellescape(path), "**", "*")]
|
||||
end
|
||||
@path = path
|
||||
end
|
||||
|
@ -98,13 +98,13 @@ module Inspec
|
|||
@files = []
|
||||
walk_zip(@path) do |io|
|
||||
while (entry = io.get_next_entry)
|
||||
name = entry.name.sub(%r{/+$}, '')
|
||||
@files.push(name) unless name.empty? || name.squeeze('/') =~ %r{\.{2}(?:/|\z)}
|
||||
name = entry.name.sub(%r{/+$}, "")
|
||||
@files.push(name) unless name.empty? || name.squeeze("/") =~ %r{\.{2}(?:/|\z)}
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def extract(destination_path = '.')
|
||||
def extract(destination_path = ".")
|
||||
FileUtils.mkdir_p(destination_path)
|
||||
|
||||
Zip::File.open(@path) do |archive|
|
||||
|
@ -155,17 +155,17 @@ module Inspec
|
|||
@files = tar.find_all(&:file?)
|
||||
|
||||
# delete all entries with no name
|
||||
@files = @files.find_all { |x| !x.full_name.empty? && x.full_name.squeeze('/') !~ %r{\.{2}(?:/|\z)} }
|
||||
@files = @files.find_all { |x| !x.full_name.empty? && x.full_name.squeeze("/") !~ %r{\.{2}(?:/|\z)} }
|
||||
|
||||
# delete all entries that have a PaxHeader
|
||||
@files = @files.delete_if { |x| x.full_name.include?('PaxHeader/') }
|
||||
@files = @files.delete_if { |x| x.full_name.include?("PaxHeader/") }
|
||||
|
||||
# replace all items of the array simply with the relative filename of the file
|
||||
@files.map! { |x| Pathname.new(x.full_name).relative_path_from(Pathname.new('.')).to_s }
|
||||
@files.map! { |x| Pathname.new(x.full_name).relative_path_from(Pathname.new(".")).to_s }
|
||||
end
|
||||
end
|
||||
|
||||
def extract(destination_path = '.')
|
||||
def extract(destination_path = ".")
|
||||
FileUtils.mkdir_p(destination_path)
|
||||
|
||||
walk_tar(@path) do |files|
|
||||
|
@ -178,7 +178,7 @@ module Inspec
|
|||
FileUtils.remove_entry(final_path) if File.exist?(final_path)
|
||||
|
||||
FileUtils.mkdir_p(File.dirname(final_path))
|
||||
File.open(final_path, 'wb') { |f| f.write(file.read) }
|
||||
File.open(final_path, "wb") { |f| f.write(file.read) }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -213,8 +213,8 @@ module Inspec
|
|||
|
||||
class RelativeFileProvider
|
||||
BLACKLIST_FILES = [
|
||||
'/pax_global_header',
|
||||
'pax_global_header',
|
||||
"/pax_global_header",
|
||||
"pax_global_header",
|
||||
].freeze
|
||||
|
||||
attr_reader :files
|
||||
|
@ -238,7 +238,7 @@ module Inspec
|
|||
.map { |x| x[prefix.length..-1] }
|
||||
.map do |x|
|
||||
path = Pathname.new(x)
|
||||
path.absolute? ? path.to_s : path.relative_path_from(Pathname.new('.')).to_s
|
||||
path.absolute? ? path.to_s : path.relative_path_from(Pathname.new(".")).to_s
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -258,7 +258,7 @@ module Inspec
|
|||
private
|
||||
|
||||
def get_prefix(fs)
|
||||
return '' if fs.empty?
|
||||
return "" if fs.empty?
|
||||
|
||||
# filter backlisted files
|
||||
fs -= BLACKLIST_FILES
|
||||
|
@ -287,15 +287,15 @@ module Inspec
|
|||
end
|
||||
|
||||
def get_files_prefix(fs)
|
||||
return '' if fs.empty?
|
||||
return "" if fs.empty?
|
||||
|
||||
file = fs[0]
|
||||
bn = File.basename(file)
|
||||
# no more prefixes
|
||||
return '' if bn == file
|
||||
return "" if bn == file
|
||||
|
||||
i = file.rindex(bn)
|
||||
pre = file[0..i-1]
|
||||
pre = file[0..i - 1]
|
||||
|
||||
rest = fs.find_all { |f| !f.start_with?(pre) }
|
||||
return pre if rest.empty?
|
||||
|
@ -303,8 +303,8 @@ module Inspec
|
|||
new_pre = get_prefix(rest)
|
||||
return new_pre if pre.start_with? new_pre
|
||||
# edge case: completely different prefixes; retry prefix detection
|
||||
a = File.dirname(pre + 'a')
|
||||
b = File.dirname(new_pre + 'b')
|
||||
a = File.dirname(pre + "a")
|
||||
b = File.dirname(new_pre + "b")
|
||||
get_prefix([a, b])
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
require 'inspec/formatters/base'
|
||||
require 'inspec/formatters/json_rspec'
|
||||
require 'inspec/formatters/show_progress'
|
||||
require "inspec/formatters/base"
|
||||
require "inspec/formatters/json_rspec"
|
||||
require "inspec/formatters/show_progress"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'rspec/core'
|
||||
require 'rspec/core/formatters/base_formatter'
|
||||
require "rspec/core"
|
||||
require "rspec/core/formatters/base_formatter"
|
||||
|
||||
module Inspec::Formatters
|
||||
class Base < RSpec::Core::Formatters::BaseFormatter
|
||||
|
@ -43,7 +43,7 @@ module Inspec::Formatters
|
|||
next unless e
|
||||
|
||||
if example.metadata[:sensitive]
|
||||
hash[:message] = '*** sensitive output suppressed ***'
|
||||
hash[:message] = "*** sensitive output suppressed ***"
|
||||
else
|
||||
hash[:message] = exception_message(e)
|
||||
end
|
||||
|
@ -101,9 +101,9 @@ module Inspec::Formatters
|
|||
|
||||
all_unique_controls.each do |control|
|
||||
next unless control[:results]
|
||||
if control[:results].any? { |r| r[:status] == 'failed' }
|
||||
if control[:results].any? { |r| r[:status] == "failed" }
|
||||
failed += 1
|
||||
elsif control[:results].any? { |r| r[:status] == 'skipped' }
|
||||
elsif control[:results].any? { |r| r[:status] == "skipped" }
|
||||
skipped += 1
|
||||
else
|
||||
passed += 1
|
||||
|
@ -162,8 +162,8 @@ module Inspec::Formatters
|
|||
res[:profile_id] = pid
|
||||
end
|
||||
|
||||
if res[:status] == 'pending'
|
||||
res[:status] = 'skipped'
|
||||
if res[:status] == "pending"
|
||||
res[:status] = "skipped"
|
||||
res[:skip_message] = example.metadata[:description]
|
||||
res[:resource] = example.metadata[:described_class].to_s
|
||||
end
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
module Inspec
|
||||
def self.config_dir
|
||||
ENV['INSPEC_CONFIG_DIR'] ? ENV['INSPEC_CONFIG_DIR'] : File.join(Dir.home, '.inspec')
|
||||
ENV["INSPEC_CONFIG_DIR"] ? ENV["INSPEC_CONFIG_DIR"] : File.join(Dir.home, ".inspec")
|
||||
end
|
||||
|
||||
def self.src_root
|
||||
File.expand_path(File.join(__FILE__, '..', '..', '..'))
|
||||
File.expand_path(File.join(__FILE__, "..", "..", ".."))
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
# Impact scores based off CVSS 3.0
|
||||
module Inspec::Impact
|
||||
IMPACT_SCORES = {
|
||||
'none' => 0.0,
|
||||
'low' => 0.1,
|
||||
'medium' => 0.4,
|
||||
'high' => 0.7,
|
||||
'critical' => 0.9,
|
||||
"none" => 0.0,
|
||||
"low" => 0.1,
|
||||
"medium" => 0.4,
|
||||
"high" => 0.7,
|
||||
"critical" => 0.9,
|
||||
}.freeze
|
||||
|
||||
def self.impact_from_string(value)
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
require 'forwardable'
|
||||
require 'singleton'
|
||||
require 'inspec/objects/input'
|
||||
require 'inspec/secrets'
|
||||
require 'inspec/exceptions'
|
||||
require "forwardable"
|
||||
require "singleton"
|
||||
require "inspec/objects/input"
|
||||
require "inspec/secrets"
|
||||
require "inspec/exceptions"
|
||||
|
||||
module Inspec
|
||||
# The InputRegistry's responsibilities include:
|
||||
|
@ -29,10 +29,10 @@ module Inspec
|
|||
# Upon creation, activate all input plugins
|
||||
activators = Inspec::Plugin::V2::Registry.instance.find_activators(plugin_type: :input)
|
||||
|
||||
@plugins = activators.map { |activator|
|
||||
@plugins = activators.map do |activator|
|
||||
activator.activate!
|
||||
activator.implementation_class.new
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
#-------------------------------------------------------------#
|
||||
|
@ -88,7 +88,7 @@ module Inspec
|
|||
action: :fetch,
|
||||
provider: plugin.class.plugin_name,
|
||||
priority: plugin.default_priority,
|
||||
hit: !response.nil?,
|
||||
hit: !response.nil?
|
||||
)
|
||||
evt.value = response unless response.nil?
|
||||
inputs_by_profile[profile_name][input_name].events << evt
|
||||
|
@ -149,7 +149,7 @@ module Inspec
|
|||
provider: :runner_api, # TODO: suss out if audit cookbook or kitchen-inspec or something unknown
|
||||
priority: 40,
|
||||
file: loc.path,
|
||||
line: loc.lineno,
|
||||
line: loc.lineno
|
||||
)
|
||||
find_or_register_input(input_name, profile_name, event: evt)
|
||||
end
|
||||
|
@ -169,7 +169,7 @@ module Inspec
|
|||
if data.nil?
|
||||
raise Inspec::Exceptions::SecretsBackendNotFound,
|
||||
"Cannot find parser for inputs file '#{path}'. " \
|
||||
'Check to make sure file has the appropriate extension.'
|
||||
"Check to make sure file has the appropriate extension."
|
||||
end
|
||||
|
||||
next if data.inputs.nil?
|
||||
|
@ -178,7 +178,7 @@ module Inspec
|
|||
value: input_value,
|
||||
provider: :cli_files,
|
||||
priority: 40,
|
||||
file: path,
|
||||
file: path
|
||||
# TODO: any way we could get a line number?
|
||||
)
|
||||
find_or_register_input(input_name, profile_name, event: evt)
|
||||
|
@ -190,13 +190,13 @@ module Inspec
|
|||
unless File.exist?(path)
|
||||
raise Inspec::Exceptions::InputsFileDoesNotExist,
|
||||
"Cannot find input file '#{path}'. " \
|
||||
'Check to make sure file exists.'
|
||||
"Check to make sure file exists."
|
||||
end
|
||||
|
||||
unless File.readable?(path)
|
||||
raise Inspec::Exceptions::InputsFileNotReadable,
|
||||
"Cannot read input file '#{path}'. " \
|
||||
'Check to make sure file is readable.'
|
||||
"Check to make sure file is readable."
|
||||
end
|
||||
|
||||
true
|
||||
|
@ -211,7 +211,7 @@ module Inspec
|
|||
profile_metadata_obj.params[:attributes].each do |input_orig|
|
||||
input_options = input_orig.dup
|
||||
input_name = input_options.delete(:name)
|
||||
input_options.merge!({ priority: 30, provider: :profile_metadata, file: File.join(profile_name, 'inspec.yml') })
|
||||
input_options.merge!({ priority: 30, provider: :profile_metadata, file: File.join(profile_name, "inspec.yml") })
|
||||
evt = Inspec::Input.infer_event(input_options)
|
||||
|
||||
# Profile metadata may set inputs in other profiles by naming them.
|
||||
|
@ -227,7 +227,7 @@ module Inspec
|
|||
event: evt)
|
||||
end
|
||||
elsif profile_metadata_obj.params.key?(:attributes)
|
||||
Inspec::Log.warn 'Inputs must be defined as an Array. Skipping current definition.'
|
||||
Inspec::Log.warn "Inputs must be defined as an Array. Skipping current definition."
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/plugin/v1/plugin_types/resource'
|
||||
require 'inspec/dsl_shared'
|
||||
require "inspec/plugin/v1/plugin_types/resource"
|
||||
require "inspec/dsl_shared"
|
||||
|
||||
module Inspec
|
||||
#
|
||||
|
@ -48,7 +48,7 @@ module Inspec
|
|||
# Provide the local binding for this context which is necessary for
|
||||
# calls to `require` to create all dependent objects in the correct
|
||||
# context.
|
||||
res.instance_variable_set('@inspec_binding', res.instance_eval('binding'))
|
||||
res.instance_variable_set("@inspec_binding", res.instance_eval("binding"))
|
||||
res
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'mixlib/log'
|
||||
require "mixlib/log"
|
||||
|
||||
module Inspec
|
||||
class Log
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
# Copyright 2015 Dominik Richter
|
||||
|
||||
require 'logger'
|
||||
require 'rubygems/version'
|
||||
require 'rubygems/requirement'
|
||||
require 'semverse'
|
||||
require 'erb'
|
||||
require "logger"
|
||||
require "rubygems/version"
|
||||
require "rubygems/requirement"
|
||||
require "semverse"
|
||||
require "erb"
|
||||
|
||||
require 'inspec/version'
|
||||
require 'inspec/utils/spdx'
|
||||
require "inspec/version"
|
||||
require "inspec/utils/spdx"
|
||||
|
||||
module Inspec
|
||||
# Extract metadata.rb information
|
||||
|
@ -20,7 +20,7 @@ module Inspec
|
|||
def initialize(ref, logger = nil)
|
||||
@ref = ref
|
||||
@logger = logger || Logger.new(nil)
|
||||
@content = ''
|
||||
@content = ""
|
||||
@params = {}
|
||||
@missing_methods = []
|
||||
end
|
||||
|
@ -80,12 +80,12 @@ module Inspec
|
|||
|
||||
if %r{[\/\\]} =~ params[:name]
|
||||
errors.push("The profile name (#{params[:name]}) contains a slash" \
|
||||
' which is not permitted. Please remove all slashes from `inspec.yml`.')
|
||||
" which is not permitted. Please remove all slashes from `inspec.yml`.")
|
||||
end
|
||||
|
||||
# if version is set, ensure it is correct
|
||||
if !params[:version].nil? && !valid_version?(params[:version])
|
||||
errors.push('Version needs to be in SemVer format')
|
||||
errors.push("Version needs to be in SemVer format")
|
||||
end
|
||||
|
||||
%w{title summary maintainer copyright license}.each do |field|
|
||||
|
@ -145,8 +145,8 @@ module Inspec
|
|||
x
|
||||
when Array
|
||||
logger.warn(
|
||||
'Failed to read supports entry that is an array. Please use '\
|
||||
'the `supports: {os-family: xyz}` syntax.',
|
||||
"Failed to read supports entry that is an array. Please use "\
|
||||
"the `supports: {os-family: xyz}` syntax."
|
||||
)
|
||||
nil
|
||||
when nil then nil
|
||||
|
@ -184,14 +184,14 @@ module Inspec
|
|||
# unit tests that look for warning sequences
|
||||
return if original_target.to_s.empty?
|
||||
metadata.params[:title] = "tests from #{original_target}"
|
||||
metadata.params[:name] = metadata.params[:title].gsub(%r{[\/\\]}, '.')
|
||||
metadata.params[:name] = metadata.params[:title].gsub(%r{[\/\\]}, ".")
|
||||
end
|
||||
|
||||
def self.finalize(metadata, profile_id, options, logger = nil)
|
||||
return nil if metadata.nil?
|
||||
param = metadata.params || {}
|
||||
options ||= {}
|
||||
param['version'] = param['version'].to_s unless param['version'].nil?
|
||||
param["version"] = param["version"].to_s unless param["version"].nil?
|
||||
metadata.params = symbolize_keys(param)
|
||||
metadata.params[:supports] = finalize_supports(metadata.params[:supports], logger)
|
||||
finalize_name(metadata, profile_id, options[:target])
|
||||
|
@ -217,9 +217,9 @@ module Inspec
|
|||
# NOTE there doesn't have to exist an actual file, it may come from an
|
||||
# archive (i.e., content)
|
||||
case File.basename(ref)
|
||||
when 'inspec.yml'
|
||||
when "inspec.yml"
|
||||
from_yaml(ref, content, profile_id, logger)
|
||||
when 'metadata.rb'
|
||||
when "metadata.rb"
|
||||
from_ruby(ref, content, profile_id, logger)
|
||||
else
|
||||
logger ||= Logger.new(nil)
|
||||
|
|
|
@ -2,16 +2,16 @@ module Inspec
|
|||
module MethodSource
|
||||
def self.code_at(location, source_reader)
|
||||
# TODO: logger for these cases
|
||||
return '' if location.nil? || location[:ref].nil? || location[:line].nil?
|
||||
return '' unless source_reader && source_reader.target
|
||||
return "" if location.nil? || location[:ref].nil? || location[:line].nil?
|
||||
return "" unless source_reader && source_reader.target
|
||||
|
||||
# TODO: Non-controls still need more detection
|
||||
ref = location[:ref]
|
||||
ref = ref.sub(source_reader.target.prefix, '')
|
||||
ref = ref.sub(source_reader.target.prefix, "")
|
||||
src = source_reader.tests[ref]
|
||||
return '' if src.nil?
|
||||
return "" if src.nil?
|
||||
|
||||
::MethodSource.expression_at(src.lines, location[:line]).force_encoding('utf-8')
|
||||
::MethodSource.expression_at(src.lines, location[:line]).force_encoding("utf-8")
|
||||
rescue SyntaxError => e
|
||||
raise ::MethodSource::SourceNotFoundError,
|
||||
"Could not parse source at #{location[:ref]}:#{location[:line]}: #{e.message}"
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
module Inspec
|
||||
autoload :Input, 'inspec/objects/input'
|
||||
autoload :Tag, 'inspec/objects/tag'
|
||||
autoload :Control, 'inspec/objects/control'
|
||||
autoload :Describe, 'inspec/objects/describe'
|
||||
autoload :EachLoop, 'inspec/objects/each_loop'
|
||||
autoload :List, 'inspec/objects/list'
|
||||
autoload :OrTest, 'inspec/objects/or_test'
|
||||
autoload :RubyHelper, 'inspec/objects/ruby_helper'
|
||||
autoload :Test, 'inspec/objects/test'
|
||||
autoload :Value, 'inspec/objects/value'
|
||||
autoload :Input, "inspec/objects/input"
|
||||
autoload :Tag, "inspec/objects/tag"
|
||||
autoload :Control, "inspec/objects/control"
|
||||
autoload :Describe, "inspec/objects/describe"
|
||||
autoload :EachLoop, "inspec/objects/each_loop"
|
||||
autoload :List, "inspec/objects/list"
|
||||
autoload :OrTest, "inspec/objects/or_test"
|
||||
autoload :RubyHelper, "inspec/objects/ruby_helper"
|
||||
autoload :Test, "inspec/objects/test"
|
||||
autoload :Value, "inspec/objects/value"
|
||||
end
|
||||
|
|
|
@ -32,7 +32,7 @@ module Inspec
|
|||
res.push " title #{title.inspect}" unless title.to_s.empty?
|
||||
descriptions.each do |label, text|
|
||||
if label == :default
|
||||
next if text.nil? or text == '' # don't render empty/nil desc
|
||||
next if text.nil? || (text == "") # don't render empty/nil desc
|
||||
res.push " desc #{prettyprint_text(text, 2)}"
|
||||
else
|
||||
res.push " desc #{label.to_s.inspect}, #{prettyprint_text(text, 2)}"
|
||||
|
@ -43,7 +43,7 @@ module Inspec
|
|||
refs.each { |t| res.push(" ref #{print_ref(t)}") }
|
||||
res.push " only_if { #{only_if} }" if only_if
|
||||
tests.each { |t| res.push(indent(t.to_ruby, 2)) }
|
||||
res.push 'end'
|
||||
res.push "end"
|
||||
res.join("\n")
|
||||
end
|
||||
|
||||
|
@ -52,7 +52,7 @@ module Inspec
|
|||
def print_ref(x)
|
||||
return x.inspect if x.is_a?(String)
|
||||
raise "Cannot process the ref: #{x}" unless x.is_a?(Hash)
|
||||
'('+x.inspect+')'
|
||||
"(" + x.inspect + ")"
|
||||
end
|
||||
|
||||
# Pretty-print a text block of InSpec code
|
||||
|
@ -63,13 +63,13 @@ module Inspec
|
|||
def prettyprint_text(s, depth)
|
||||
txt = s.to_s.inspect.gsub('\n', "\n")
|
||||
return txt if !txt.include?("\n")
|
||||
middle = indent(txt[1..-2], depth+2)
|
||||
txt[0] + "\n" + middle + "\n" + ' '*depth + txt[-1]
|
||||
middle = indent(txt[1..-2], depth + 2)
|
||||
txt[0] + "\n" + middle + "\n" + " " * depth + txt[-1]
|
||||
end
|
||||
|
||||
def indent(txt, d)
|
||||
dt = ' '*d
|
||||
dt + txt.gsub("\n", "\n"+dt)
|
||||
dt = " " * d
|
||||
dt + txt.gsub("\n", "\n" + dt)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -9,24 +9,24 @@ module Inspec
|
|||
end
|
||||
|
||||
def to_ruby
|
||||
itsy = 'it'
|
||||
itsy = "it"
|
||||
unless its.nil?
|
||||
if its.is_a? Array
|
||||
itsy = 'its(' + its.inspect + ')'
|
||||
itsy = "its(" + its.inspect + ")"
|
||||
else
|
||||
itsy = 'its(' + its.to_s.inspect + ')'
|
||||
itsy = "its(" + its.to_s.inspect + ")"
|
||||
end
|
||||
end
|
||||
naughty = negated ? '_not' : ''
|
||||
naughty = negated ? "_not" : ""
|
||||
xpect = if expectation.nil?
|
||||
''
|
||||
""
|
||||
elsif expectation.class == Regexp
|
||||
# without this, xpect values like / \/zones\// will not be parsed properly
|
||||
"(#{expectation.inspect})"
|
||||
else
|
||||
' ' + expectation.inspect
|
||||
" " + expectation.inspect
|
||||
end
|
||||
format('%s { should%s %s%s }', itsy, naughty, matcher, xpect)
|
||||
format("%s { should%s %s%s }", itsy, naughty, matcher, xpect)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -82,8 +82,8 @@ module Inspec
|
|||
vars += "\n" unless vars.empty?
|
||||
|
||||
objarr = @qualifier
|
||||
objarr = [['unknown object'.inspect]] if objarr.nil? || objarr.empty?
|
||||
obj = objarr.map { |q| ruby_qualifier(q) }.join('.')
|
||||
objarr = [["unknown object".inspect]] if objarr.nil? || objarr.empty?
|
||||
obj = objarr.map { |q| ruby_qualifier(q) }.join(".")
|
||||
|
||||
rbtests = tests.map(&:to_ruby).join("\n ")
|
||||
format("%sdescribe %s do\n %s\nend", vars, obj, rbtests)
|
||||
|
|
|
@ -10,7 +10,7 @@ module Inspec
|
|||
|
||||
def add_test(t = nil)
|
||||
t ||= Test.new
|
||||
t.qualifier[0] = ['entry']
|
||||
t.qualifier[0] = ["entry"]
|
||||
@tests.push(t)
|
||||
t
|
||||
end
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/utils/deprecation'
|
||||
require "inspec/utils/deprecation"
|
||||
|
||||
# For backwards compatibility during the rename (see #3802),
|
||||
# maintain the Inspec::Attribute namespace for people checking for
|
||||
|
@ -42,7 +42,7 @@ module Inspec
|
|||
properties.each do |prop_name, prop_value|
|
||||
if EVENT_PROPERTIES.include? prop_name
|
||||
# OK, save the property
|
||||
send((prop_name.to_s + '=').to_sym, prop_value)
|
||||
send((prop_name.to_s + "=").to_sym, prop_value)
|
||||
else
|
||||
raise "Unrecognized property to Input::Event: #{prop_name}"
|
||||
end
|
||||
|
@ -60,7 +60,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def diagnostic_string
|
||||
to_h.reject { |_, val| val.nil? }.to_a.map { |pair| "#{pair[0]}: '#{pair[1]}'" }.join(', ')
|
||||
to_h.reject { |_, val| val.nil? }.to_a.map { |pair| "#{pair[0]}: '#{pair[1]}'" }.join(", ")
|
||||
end
|
||||
|
||||
def to_h
|
||||
|
@ -71,7 +71,7 @@ module Inspec
|
|||
|
||||
def self.probe_stack
|
||||
frames = caller_locations(2, 40)
|
||||
frames.reject! { |f| f.path && f.path.include?('/lib/inspec/') }
|
||||
frames.reject! { |f| f.path && f.path.include?("/lib/inspec/") }
|
||||
frames.first
|
||||
end
|
||||
end
|
||||
|
@ -87,11 +87,13 @@ module Inspec
|
|||
@name = name
|
||||
|
||||
# output warn message if we are in a exec call
|
||||
if Inspec::BaseCLI.inspec_cli_command == :exec
|
||||
Inspec::Log.warn(
|
||||
"Input '#{@name}' does not have a value. "\
|
||||
"Use --input-file to provide a value for '#{@name}' or specify a "\
|
||||
"value with `attribute('#{@name}', value: 'somevalue', ...)`.",
|
||||
) if Inspec::BaseCLI.inspec_cli_command == :exec
|
||||
"value with `attribute('#{@name}', value: 'somevalue', ...)`."
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def method_missing(*_)
|
||||
|
@ -222,7 +224,7 @@ module Inspec
|
|||
provider: options[:provider] || :unknown,
|
||||
priority: options[:priority] || Inspec::Input::DEFAULT_PRIORITY_FOR_UNKNOWN_CALLER,
|
||||
file: location.path,
|
||||
line: location.lineno,
|
||||
line: location.lineno
|
||||
)
|
||||
|
||||
if options.key?(:default)
|
||||
|
@ -255,7 +257,7 @@ module Inspec
|
|||
action: :create,
|
||||
provider: options[:provider],
|
||||
file: loc.path,
|
||||
line: loc.lineno,
|
||||
line: loc.lineno
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -287,7 +289,7 @@ module Inspec
|
|||
priority: priority,
|
||||
value: new_value,
|
||||
file: location.path,
|
||||
line: location.lineno,
|
||||
line: location.lineno
|
||||
)
|
||||
enforce_type_restriction!
|
||||
|
||||
|
@ -318,7 +320,7 @@ module Inspec
|
|||
end
|
||||
|
||||
def ruby_var_identifier
|
||||
identifier || 'attr_' + name.downcase.strip.gsub(/\s+/, '-').gsub(/[^\w-]/, '')
|
||||
identifier || "attr_" + name.downcase.strip.gsub(/\s+/, "-").gsub(/[^\w-]/, "")
|
||||
end
|
||||
|
||||
def to_ruby
|
||||
|
@ -330,7 +332,7 @@ module Inspec
|
|||
# send the default: option as well. See #3759
|
||||
res.push " default: #{value.inspect}," unless value.to_s.empty?
|
||||
res.push " description: '#{description}'," unless description.to_s.empty?
|
||||
res.push '})'
|
||||
res.push "})"
|
||||
res.join("\n")
|
||||
end
|
||||
|
||||
|
@ -366,16 +368,16 @@ module Inspec
|
|||
return unless has_value?
|
||||
|
||||
type_req = type
|
||||
return if type_req == 'Any'
|
||||
return if type_req == "Any"
|
||||
|
||||
proposed_value = current_value
|
||||
|
||||
invalid_type = false
|
||||
if type_req == 'Regexp'
|
||||
if type_req == "Regexp"
|
||||
invalid_type = true if !valid_regexp?(proposed_value)
|
||||
elsif type_req == 'Numeric'
|
||||
elsif type_req == "Numeric"
|
||||
invalid_type = true if !valid_numeric?(proposed_value)
|
||||
elsif type_req == 'Boolean'
|
||||
elsif type_req == "Boolean"
|
||||
invalid_type = true if ![true, false].include?(proposed_value)
|
||||
elsif proposed_value.is_a?(Module.const_get(type_req)) == false
|
||||
# TODO: why is this case here?
|
||||
|
@ -396,8 +398,8 @@ module Inspec
|
|||
|
||||
type_req = type.capitalize
|
||||
abbreviations = {
|
||||
'Num' => 'Numeric',
|
||||
'Regex' => 'Regexp',
|
||||
"Num" => "Numeric",
|
||||
"Regex" => "Regexp",
|
||||
}
|
||||
type_req = abbreviations[type_req] if abbreviations.key?(type_req)
|
||||
if !VALID_TYPES.include?(type_req)
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
module Inspec
|
||||
class List < Value
|
||||
def map
|
||||
raise 'Inspec::List.map needs to be called with a block' unless block_given?
|
||||
raise "Inspec::List.map needs to be called with a block" unless block_given?
|
||||
t = List.new
|
||||
t.qualifier = [['x']]
|
||||
t.qualifier = [["x"]]
|
||||
yield(t)
|
||||
return if t.qualifier == [['x']]
|
||||
@qualifier.push(['map', "{ |x| #{t.to_ruby} }"])
|
||||
return if t.qualifier == [["x"]]
|
||||
@qualifier.push(["map", "{ |x| #{t.to_ruby} }"])
|
||||
self
|
||||
end
|
||||
end
|
||||
|
|
|
@ -18,10 +18,10 @@ module Inspec
|
|||
if @negated
|
||||
# We don't use the describe.one wrapper when negated because:
|
||||
# !(test1 || test2) same as (!test1 && !test2) where && is implicit in inspec
|
||||
all_tests = @tests.map { |test|
|
||||
all_tests = @tests.map do |test|
|
||||
test.negate!
|
||||
test
|
||||
}.map(&:to_ruby).join("\n")
|
||||
end.map(&:to_ruby).join("\n")
|
||||
|
||||
all_tests
|
||||
else
|
||||
|
|
|
@ -3,10 +3,10 @@ module Inspec
|
|||
def ruby_qualifier(q)
|
||||
if q.length <= 1
|
||||
q[0]
|
||||
elsif q[0] == 'map' && q.length == 2
|
||||
q[0] + ' ' + q[1]
|
||||
elsif q[0] == "map" && q.length == 2
|
||||
q[0] + " " + q[1]
|
||||
else
|
||||
q[0] + '(' + q[1..-1].map(&:inspect).join(', ') + ')'
|
||||
q[0] + "(" + q[1..-1].map(&:inspect).join(", ") + ")"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,17 +41,17 @@ module Inspec
|
|||
return nil if @qualifier.empty?
|
||||
|
||||
resource = @qualifier.length > 1 ? @qualifier[0..-2] : [@qualifier[0]]
|
||||
res = resource.map { |q| ruby_qualifier(q) }.join('.')
|
||||
res = resource.map { |q| ruby_qualifier(q) }.join(".")
|
||||
xres = nil
|
||||
|
||||
if @qualifier.length > 1
|
||||
last = @qualifier[-1]
|
||||
last_call = last.is_a?(Array) ? last[0].to_s : ''
|
||||
if last.length == 1 && last_call !~ /^to_.$/ && !last_call.include?('[') && !last_call.empty?
|
||||
last_call = last.is_a?(Array) ? last[0].to_s : ""
|
||||
if last.length == 1 && last_call !~ /^to_.$/ && !last_call.include?("[") && !last_call.empty?
|
||||
# this will go in its()
|
||||
xres = last_call
|
||||
else
|
||||
res += '.' + ruby_qualifier(last) unless last_call.empty?
|
||||
res += "." + ruby_qualifier(last) unless last_call.empty?
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -63,15 +63,15 @@ module Inspec
|
|||
vars = variables.map(&:to_ruby).join("\n")
|
||||
vars += "\n" unless vars.empty?
|
||||
res, xtra = describe_chain
|
||||
itsy = xtra.nil? ? 'it' : 'its(' + xtra.to_s.inspect + ')'
|
||||
naughty = @negated ? '_not' : ''
|
||||
itsy = xtra.nil? ? "it" : "its(" + xtra.to_s.inspect + ")"
|
||||
naughty = @negated ? "_not" : ""
|
||||
xpect = if !defined?(@expectation)
|
||||
''
|
||||
""
|
||||
elsif @expectation.class == Regexp
|
||||
# without this, xpect values like / \/zones\// will not be parsed properly
|
||||
"(#{@expectation.inspect})"
|
||||
elsif xpect != ''
|
||||
' ' + expectation.inspect
|
||||
elsif xpect != ""
|
||||
" " + expectation.inspect
|
||||
end
|
||||
format("%s%sdescribe %s do\n %s { should%s %s%s }\nend",
|
||||
only_if_clause, vars, res, itsy, naughty, matcher, xpect)
|
||||
|
|
|
@ -12,12 +12,12 @@ module Inspec
|
|||
end
|
||||
|
||||
def to_ruby
|
||||
res = @variable.nil? ? '' : "#{@variable} = "
|
||||
res + @qualifier.map { |x| ruby_qualifier(x) }.join('.')
|
||||
res = @variable.nil? ? "" : "#{@variable} = "
|
||||
res + @qualifier.map { |x| ruby_qualifier(x) }.join(".")
|
||||
end
|
||||
|
||||
def name_variable(cache = [])
|
||||
@variable = Array('a'..'z').find { |x| !cache.include?(x) }
|
||||
@variable = Array("a".."z").find { |x| !cache.include?(x) }
|
||||
cache.push(@variable)
|
||||
@variable
|
||||
end
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
require 'inspec/plugin/v1/plugins'
|
||||
require 'inspec/plugin/v1/registry'
|
||||
require "inspec/plugin/v1/plugins"
|
||||
require "inspec/plugin/v1/registry"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/plugin/v1/registry'
|
||||
require "inspec/plugin/v1/registry"
|
||||
|
||||
module Inspec
|
||||
module Plugins
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
require 'inspec/file_provider'
|
||||
require 'inspec/plugin/v1/registry'
|
||||
require "inspec/file_provider"
|
||||
require "inspec/plugin/v1/registry"
|
||||
|
||||
module Inspec
|
||||
module Plugins
|
||||
|
|
|
@ -41,7 +41,7 @@ module Inspec
|
|||
# Even tho this is defined as an instance method, it gets added to
|
||||
# Inspec::Plugins::Resource via `extend`, so this is actually a class defintion.
|
||||
def method_missing(method_name, *arguments, &block)
|
||||
require 'inspec/plugin/v2'
|
||||
require "inspec/plugin/v2"
|
||||
# Check to see if there is a resource_dsl plugin activator hook with the method name
|
||||
registry = Inspec::Plugin::V2::Registry.instance
|
||||
hook = registry.find_activators(plugin_type: :resource_dsl, activator_name: method_name).first
|
||||
|
@ -146,7 +146,7 @@ module Inspec
|
|||
|
||||
# Warn if a resource pack is overwriting a core resource.
|
||||
# Suppress warning if the resource is an AWS resource, see #3822
|
||||
if __resource_registry.key?(name) && !name.start_with?('aws_')
|
||||
if __resource_registry.key?(name) && !name.start_with?("aws_")
|
||||
Inspec::Log.warn("Overwriting resource #{name}. To reference a specific version of #{name} use the resource() method")
|
||||
end
|
||||
__resource_registry[name] = cl
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/plugin/v1/registry'
|
||||
require "inspec/plugin/v1/registry"
|
||||
|
||||
module Inspec
|
||||
module Plugins
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/plugin/v1/registry'
|
||||
require "inspec/plugin/v1/registry"
|
||||
|
||||
module Inspec
|
||||
module Plugins
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
require 'forwardable'
|
||||
require "forwardable"
|
||||
|
||||
module Inspec
|
||||
# Resource Plugins
|
||||
# NOTE: the autoloading here is rendered moot by the fact that
|
||||
# all core plugins are `require`'d by the base inspec.rb
|
||||
module Plugins
|
||||
autoload :Resource, 'inspec/plugin/v1/plugin_types/resource'
|
||||
autoload :CLI, 'inspec/plugin/v1/plugin_types/cli'
|
||||
autoload :Fetcher, 'inspec/plugin/v1/plugin_types/fetcher'
|
||||
autoload :SourceReader, 'inspec/plugin/v1/plugin_types/source_reader'
|
||||
autoload :Secret, 'inspec/plugin/v1/plugin_types/secret'
|
||||
autoload :Resource, "inspec/plugin/v1/plugin_types/resource"
|
||||
autoload :CLI, "inspec/plugin/v1/plugin_types/cli"
|
||||
autoload :Fetcher, "inspec/plugin/v1/plugin_types/fetcher"
|
||||
autoload :SourceReader, "inspec/plugin/v1/plugin_types/source_reader"
|
||||
autoload :Secret, "inspec/plugin/v1/plugin_types/secret"
|
||||
end
|
||||
|
||||
# PLEASE NOTE: The Plugin system is an internal mechanism for connecting
|
||||
|
@ -26,24 +26,24 @@ module Inspec
|
|||
@paths = []
|
||||
|
||||
# load plugins in the same gem installation
|
||||
lib_home = File.expand_path(File.join(__FILE__, '..', '..', '..', '..'))
|
||||
@paths += Dir[lib_home+'/inspec-*-*/lib/inspec-*rb']
|
||||
lib_home = File.expand_path(File.join(__FILE__, "..", "..", "..", ".."))
|
||||
@paths += Dir[lib_home + "/inspec-*-*/lib/inspec-*rb"]
|
||||
|
||||
# traverse out of inspec-vX.Y.Z/lib/inspec/plugins.rb
|
||||
@home = home || File.join(Inspec.config_dir, 'plugins')
|
||||
@paths += Dir[File.join(@home, '**{,/*/**}', '*.gemspec')]
|
||||
@home = home || File.join(Inspec.config_dir, "plugins")
|
||||
@paths += Dir[File.join(@home, "**{,/*/**}", "*.gemspec")]
|
||||
.map { |x| File.dirname(x) }
|
||||
.map { |x| Dir[File.join(x, 'lib', 'inspec-*.rb')] }
|
||||
.map { |x| Dir[File.join(x, "lib", "inspec-*.rb")] }
|
||||
.flatten
|
||||
|
||||
# load bundled plugins
|
||||
bundled_dir = File.expand_path(File.dirname(__FILE__))
|
||||
@paths += Dir[File.join(bundled_dir, '..', 'bundles', 'inspec-*.rb')].flatten
|
||||
@paths += Dir[File.join(bundled_dir, "..", "bundles", "inspec-*.rb")].flatten
|
||||
|
||||
# map paths to names
|
||||
@registry = Hash[@paths.map { |x|
|
||||
[File.basename(x, '.rb'), x]
|
||||
}]
|
||||
@registry = Hash[@paths.map do |x|
|
||||
[File.basename(x, ".rb"), x]
|
||||
end]
|
||||
end
|
||||
|
||||
def load(name)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'inspec/errors'
|
||||
require "inspec/errors"
|
||||
|
||||
module Inspec
|
||||
module Plugin
|
||||
|
@ -23,20 +23,20 @@ module Inspec
|
|||
end
|
||||
end
|
||||
|
||||
require 'inspec/globals'
|
||||
require 'inspec/plugin/v2/config_file'
|
||||
require 'inspec/plugin/v2/registry'
|
||||
require 'inspec/plugin/v2/loader'
|
||||
require 'inspec/plugin/v2/plugin_base'
|
||||
require "inspec/globals"
|
||||
require "inspec/plugin/v2/config_file"
|
||||
require "inspec/plugin/v2/registry"
|
||||
require "inspec/plugin/v2/loader"
|
||||
require "inspec/plugin/v2/plugin_base"
|
||||
|
||||
# Load all plugin type base classes
|
||||
Dir.glob(File.join(__dir__, 'v2', 'plugin_types', '*.rb')).each { |file| require file }
|
||||
Dir.glob(File.join(__dir__, "v2", "plugin_types", "*.rb")).each { |file| require file }
|
||||
|
||||
module Inspec
|
||||
# Provides the base class that plugin implementors should use.
|
||||
def self.plugin(version, plugin_type = nil)
|
||||
unless version == 2
|
||||
raise 'Only plugins version 2 is supported!'
|
||||
raise "Only plugins version 2 is supported!"
|
||||
end
|
||||
|
||||
return Inspec::Plugin::V2::PluginBase if plugin_type.nil?
|
||||
|
|
|
@ -6,7 +6,7 @@ module Inspec::Plugin::V2
|
|||
:activated?,
|
||||
:exception,
|
||||
:activation_proc,
|
||||
:implementation_class,
|
||||
:implementation_class
|
||||
) do
|
||||
def initialize(*)
|
||||
super
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
require 'json'
|
||||
require "json"
|
||||
|
||||
module Inspec::Plugin::V2
|
||||
# Represents the plugin config file on disk.
|
||||
|
@ -17,7 +17,7 @@ module Inspec::Plugin::V2
|
|||
# Returns the defaut path for a config file.
|
||||
# This respects ENV['INSPEC_CONFIG_DIR'].
|
||||
def self.default_path
|
||||
File.join(Inspec.config_dir, 'plugins.json')
|
||||
File.join(Inspec.config_dir, "plugins.json")
|
||||
end
|
||||
|
||||
# Implement Enumerable. All Enumerable methds act
|
||||
|
@ -40,7 +40,7 @@ module Inspec::Plugin::V2
|
|||
# Add an entry with full validation.
|
||||
def add_entry(proposed_entry)
|
||||
unless proposed_entry.keys.all? { |field| field.is_a? Symbol }
|
||||
raise Inspec::Plugin::V2::ConfigError, 'All keys to ConfigFile#add_entry must be symbols'
|
||||
raise Inspec::Plugin::V2::ConfigError, "All keys to ConfigFile#add_entry must be symbols"
|
||||
end
|
||||
|
||||
validate_entry(proposed_entry)
|
||||
|
@ -71,7 +71,7 @@ module Inspec::Plugin::V2
|
|||
|
||||
def blank_structure
|
||||
{
|
||||
plugins_config_version: '1.0.0',
|
||||
plugins_config_version: "1.0.0",
|
||||
plugins: [],
|
||||
}
|
||||
end
|
||||
|
@ -88,7 +88,7 @@ module Inspec::Plugin::V2
|
|||
raise Inspec::Plugin::V2::ConfigError, "Missing 'plugins_config_version' entry at #{path} - currently support versions: 1.0.0"
|
||||
end
|
||||
|
||||
unless @data[:plugins_config_version] == '1.0.0'
|
||||
unless @data[:plugins_config_version] == "1.0.0"
|
||||
raise Inspec::Plugin::V2::ConfigError, "Unsupported plugins.json file version #{@data[:plugins_config_version]} at #{path} - currently support versions: 1.0.0"
|
||||
end
|
||||
|
||||
|
@ -106,7 +106,7 @@ module Inspec::Plugin::V2
|
|||
validate_entry(plugin_entry)
|
||||
rescue Inspec::Plugin::V2::ConfigError => ex
|
||||
# append some context to the message
|
||||
raise Inspec::Plugin::V2::ConfigError, 'Malformed plugins.json file - ' + ex.message + " at index #{idx}"
|
||||
raise Inspec::Plugin::V2::ConfigError, "Malformed plugins.json file - " + ex.message + " at index #{idx}"
|
||||
end
|
||||
|
||||
# Check for duplicates
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue