Merge pull request #5508 from inspec/dependabot/bundler/chefstyle-tw-2.0.3

Update chefstyle requirement from ~> 1.7.1 to ~> 2.0.3
This commit is contained in:
Clinton Wolfe 2021-05-10 16:46:39 -04:00 committed by GitHub
commit af14795d22
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 163 additions and 164 deletions

View file

@ -28,7 +28,7 @@ group :omnibus do
end
group :test do
gem "chefstyle", "~> 1.7.1"
gem "chefstyle", "~> 2.0.3"
gem "concurrent-ruby", "~> 1.0"
gem "html-proofer", platforms: :ruby # do not attempt to run proofer on windows
gem "json_schemer", ">= 0.2.1", "< 0.2.19"

View file

@ -31,7 +31,7 @@ module Inspec::Fetcher
target = target.gsub(%r{^file://}, "")
else
# support for windows paths
target = target.tr('\\', "/")
target = target.tr("\\", "/")
end
target if File.exist?(File.expand_path(target))

View file

@ -58,7 +58,7 @@ module Inspec::Resources
end
def query(q) # rubocop:disable Metrics/PerceivedComplexity
escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '""').gsub(/\$/, '\\$')
escaped_query = q.gsub(/\\/, "\\\\").gsub(/"/, '""').gsub(/\$/, '\\$')
# surpress 'x rows affected' in SQLCMD with 'set nocount on;'
cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?

View file

@ -75,7 +75,7 @@ module Inspec::Resources
def create_mysql_cmd(q, db = "")
# TODO: simple escape, must be handled by a library
# that does this securely
escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
escaped_query = q.gsub(/\\/, "\\\\").gsub(/"/, '\\"').gsub(/\$/, '\\$')
# construct the query
command = "mysql"

View file

@ -117,7 +117,7 @@ module Inspec::Resources
if defined?(windows_paths["Python"]) && pipcmd.nil?
return nil if windows_paths["Pip"].nil?
pipdir = windows_paths["Python"].split('\\')
pipdir = windows_paths["Python"].split("\\")
# remove python.exe
pipdir.pop
pipcmd = pipdir.push("Scripts").push("pip.exe").join("/")

View file

@ -281,7 +281,7 @@ module Inspec::Resources
key = @options[:key]
return "" unless key
key.start_with?('\\') ? key : "\\#{key}"
key.start_with?("\\") ? key : "\\#{key}"
end
end

View file

@ -611,7 +611,7 @@ module Inspec::Resources
# @see https://msdn.microsoft.com/en-us/library/aa394153(v=vs.85).aspx
class WindowsUser < UserInfo
def parse_windows_account(username)
account = username.split('\\')
account = username.split("\\")
name = account.pop
domain = account.pop unless account.empty?
[name, domain]

View file

@ -243,7 +243,7 @@ module Inspec
# to provide access to local profiles that add resources.
@depends.each do |dep|
# support for windows paths
dep = dep.tr('\\', "/")
dep = dep.tr("\\", "/")
Inspec::Profile.for_path(dep, { profile_context: ctx }).load_libraries
end

View file

@ -52,13 +52,13 @@ class ErlangParser < Parslet::Parser
rule(:stringS) do
str("'") >> (
str('\\') >> any | str("'").absent? >> any
str("\\") >> any | str("'").absent? >> any
).repeat.as(:string) >> str("'") >> filler?
end
rule(:stringD) do
str('"') >> (
str('\\') >> any | str('"').absent? >> any
str("\\") >> any | str('"').absent? >> any
).repeat.as(:string) >> str('"') >> filler?
end

View file

@ -375,13 +375,13 @@ module FilterTable
methods_to_install_on_resource_class = @filter_methods + @custom_properties.keys
methods_to_install_on_resource_class.each do |method_name|
resource_class.send(:define_method, method_name) do |*args, &block|
begin
# self here is the resource instance
filter_table_instance = table_class.new(self, send(raw_data_fetcher_method_name), " with")
filter_table_instance.send(method_name, *args, &block)
rescue Inspec::Exceptions::ResourceFailed, Inspec::Exceptions::ResourceSkipped => e
FilterTable::ExceptionCatcher.new(resource_class, e)
end
# self here is the resource instance
filter_table_instance = table_class.new(self, send(raw_data_fetcher_method_name), " with")
filter_table_instance.send(method_name, *args, &block)
rescue Inspec::Exceptions::ResourceFailed, Inspec::Exceptions::ResourceSkipped => e
FilterTable::ExceptionCatcher.new(resource_class, e)
end
end
end

View file

@ -31,19 +31,19 @@ class NginxParser < Parslet::Parser
rule(:standard_value) do
((match(/[#;{'"]/).absent? >> any) >> (
str('\\') >> any | match('[#;{]|\s').absent? >> any
str("\\") >> any | match('[#;{]|\s').absent? >> any
).repeat).as(:value) >> space.repeat
end
rule(:single_quoted_value) do
str("'") >> (
str('\\') >> any | str("'").absent? >> any
str("\\") >> any | str("'").absent? >> any
).repeat.as(:value) >> str("'") >> space.repeat
end
rule(:double_quoted_value) do
str('"') >> (
str('\\') >> any | str('"').absent? >> any
str("\\") >> any | str('"').absent? >> any
).repeat.as(:value) >> str('"') >> space.repeat
end

View file

@ -36,12 +36,12 @@ class AwsCloudTrailTrail < Inspec.resource(1)
def delivered_logs_days_ago
query = { name: @trail_name }
catch_aws_errors do
begin
resp = BackendFactory.create(inspec_runner).get_trail_status(query).to_h
((Time.now - resp[:latest_cloud_watch_logs_delivery_time]) / (24 * 60 * 60)).to_i unless resp[:latest_cloud_watch_logs_delivery_time].nil?
rescue Aws::CloudTrail::Errors::TrailNotFoundException
nil
end
resp = BackendFactory.create(inspec_runner).get_trail_status(query).to_h
((Time.now - resp[:latest_cloud_watch_logs_delivery_time]) / (24 * 60 * 60)).to_i unless resp[:latest_cloud_watch_logs_delivery_time].nil?
rescue Aws::CloudTrail::Errors::TrailNotFoundException
nil
end
end

View file

@ -101,27 +101,27 @@ class AwsIamAccessKeys < Inspec.resource(1)
access_key_data = []
user_details.each_key do |username|
begin
user_keys = iam_client.list_access_keys(user_name: username)
.access_key_metadata
user_keys = user_keys.map do |metadata|
{
access_key_id: metadata.access_key_id,
username: username,
status: metadata.status,
create_date: metadata.create_date, # DateTime.parse(metadata.create_date),
}
end
# Copy in from user data
# Synthetics
user_keys.each do |key_info|
add_synthetic_fields(key_info, user_details[username])
end
access_key_data.concat(user_keys)
rescue Aws::IAM::Errors::NoSuchEntity # rubocop:disable Lint/HandleExceptions
# Swallow - a miss on search results should return an empty table
user_keys = iam_client.list_access_keys(user_name: username)
.access_key_metadata
user_keys = user_keys.map do |metadata|
{
access_key_id: metadata.access_key_id,
username: username,
status: metadata.status,
create_date: metadata.create_date, # DateTime.parse(metadata.create_date),
}
end
# Copy in from user data
# Synthetics
user_keys.each do |key_info|
add_synthetic_fields(key_info, user_details[username])
end
access_key_data.concat(user_keys)
rescue Aws::IAM::Errors::NoSuchEntity # rubocop:disable Lint/HandleExceptions
# Swallow - a miss on search results should return an empty table
end
access_key_data
end

View file

@ -20,19 +20,19 @@ class AwsIamPasswordPolicy < Inspec.resource(1)
# TODO: rewrite to avoid direct injection, match other resources, use AwsSingularResourceMixin
def initialize(conn = nil)
catch_aws_errors do
begin
if conn
# We're in a mocked unit test.
@policy = conn.iam_resource.account_password_policy
else
# Don't use the resource approach. It's a CRUD operation
# - if the policy does not exist, you get back a blank object to populate and save.
# Using the Client will throw an exception if no policy exists.
@policy = inspec_runner.backend.aws_client(Aws::IAM::Client).get_account_password_policy.password_policy
end
rescue Aws::IAM::Errors::NoSuchEntity
@policy = nil
if conn
# We're in a mocked unit test.
@policy = conn.iam_resource.account_password_policy
else
# Don't use the resource approach. It's a CRUD operation
# - if the policy does not exist, you get back a blank object to populate and save.
# Using the Client will throw an exception if no policy exists.
@policy = inspec_runner.backend.aws_client(Aws::IAM::Client).get_account_password_policy.password_policy
end
rescue Aws::IAM::Errors::NoSuchEntity
@policy = nil
end
end

View file

@ -56,30 +56,30 @@ class AwsKmsKey < Inspec.resource(1)
query = { key_id: @key_id }
catch_aws_errors do
begin
resp = backend.describe_key(query)
@exists = true
@key = resp.key_metadata.to_h
@key_id = @key[:key_id]
@arn = @key[:arn]
@creation_date = @key[:creation_date]
@enabled = @key[:enabled]
@description = @key[:description]
@key_usage = @key[:key_usage]
@key_state = @key[:key_state]
@deletion_date = @key[:deletion_date]
@valid_to = @key[:valid_to]
@external = @key[:origin] == "EXTERNAL"
@has_key_expiration = @key[:expiration_model] == "KEY_MATERIAL_EXPIRES"
@managed_by_aws = @key[:key_manager] == "AWS"
resp = backend.describe_key(query)
@exists = true
@key = resp.key_metadata.to_h
@key_id = @key[:key_id]
@arn = @key[:arn]
@creation_date = @key[:creation_date]
@enabled = @key[:enabled]
@description = @key[:description]
@key_usage = @key[:key_usage]
@key_state = @key[:key_state]
@deletion_date = @key[:deletion_date]
@valid_to = @key[:valid_to]
@external = @key[:origin] == "EXTERNAL"
@has_key_expiration = @key[:expiration_model] == "KEY_MATERIAL_EXPIRES"
@managed_by_aws = @key[:key_manager] == "AWS"
resp = backend.get_key_rotation_status(query)
@has_rotation_enabled = resp.key_rotation_enabled unless resp.empty?
rescue Aws::KMS::Errors::NotFoundException
@exists = false
return
resp = backend.get_key_rotation_status(query)
@has_rotation_enabled = resp.key_rotation_enabled unless resp.empty?
rescue Aws::KMS::Errors::NotFoundException
@exists = false
return
end
end
end

View file

@ -43,13 +43,13 @@ class AwsRdsInstance < Inspec.resource(1)
backend = BackendFactory.create(inspec_runner)
dsg_response = nil
catch_aws_errors do
begin
dsg_response = backend.describe_db_instances(db_instance_identifier: db_instance_identifier)
@exists = true
rescue Aws::RDS::Errors::DBInstanceNotFound
@exists = false
return
end
dsg_response = backend.describe_db_instances(db_instance_identifier: db_instance_identifier)
@exists = true
rescue Aws::RDS::Errors::DBInstanceNotFound
@exists = false
return
end
if dsg_response.db_instances.empty?

View file

@ -85,30 +85,29 @@ class AwsS3Bucket < Inspec.resource(1)
def fetch_bucket_policy
backend = BackendFactory.create(inspec_runner)
catch_aws_errors do
begin
# AWS SDK returns a StringIO, we have to read()
raw_policy = backend.get_bucket_policy(bucket: bucket_name).policy
return JSON.parse(raw_policy.read)["Statement"].map do |statement|
lowercase_hash = {}
statement.each_key { |k| lowercase_hash[k.downcase] = statement[k] }
@bucket_policy = OpenStruct.new(lowercase_hash)
end
rescue Aws::S3::Errors::NoSuchBucketPolicy
@bucket_policy = []
# AWS SDK returns a StringIO, we have to read()
raw_policy = backend.get_bucket_policy(bucket: bucket_name).policy
return JSON.parse(raw_policy.read)["Statement"].map do |statement|
lowercase_hash = {}
statement.each_key { |k| lowercase_hash[k.downcase] = statement[k] }
@bucket_policy = OpenStruct.new(lowercase_hash)
end
rescue Aws::S3::Errors::NoSuchBucketPolicy
@bucket_policy = []
end
end
def fetch_bucket_encryption_configuration
@has_default_encryption_enabled ||= catch_aws_errors do
begin
!BackendFactory.create(inspec_runner)
.get_bucket_encryption(bucket: bucket_name)
.server_side_encryption_configuration
.nil?
rescue Aws::S3::Errors::ServerSideEncryptionConfigurationNotFoundError
false
end
!BackendFactory.create(inspec_runner)
.get_bucket_encryption(bucket: bucket_name)
.server_side_encryption_configuration
.nil?
rescue Aws::S3::Errors::ServerSideEncryptionConfigurationNotFoundError
false
end
end

View file

@ -55,16 +55,16 @@ class AwsS3BucketObject < Inspec.resource(1)
def fetch_from_api
backend = BackendFactory.create(inspec_runner)
catch_aws_errors do
begin
# Just use get_object to detect if the bucket exists
backend.get_object(bucket: bucket_name, key: key)
rescue Aws::S3::Errors::NoSuchBucket
@exists = false
return
rescue Aws::S3::Errors::NoSuchKey
@exists = false
return
end
# Just use get_object to detect if the bucket exists
backend.get_object(bucket: bucket_name, key: key)
rescue Aws::S3::Errors::NoSuchBucket
@exists = false
return
rescue Aws::S3::Errors::NoSuchKey
@exists = false
return
end
@exists = true
end

View file

@ -53,19 +53,19 @@ class AwsSnsSubscription < Inspec.resource(1)
def fetch_from_api
backend = BackendFactory.create(inspec_runner)
catch_aws_errors do
begin
aws_response = backend.get_subscription_attributes(subscription_arn: @subscription_arn).attributes
@exists = true
@owner = aws_response["Owner"]
@raw_message_delivery = aws_response["RawMessageDelivery"].eql?("true")
@topic_arn = aws_response["TopicArn"]
@endpoint = aws_response["Endpoint"]
@protocol = aws_response["Protocol"]
@confirmation_was_authenticated = aws_response["ConfirmationWasAuthenticated"].eql?("true")
rescue Aws::SNS::Errors::NotFound
@exists = false
return
end
aws_response = backend.get_subscription_attributes(subscription_arn: @subscription_arn).attributes
@exists = true
@owner = aws_response["Owner"]
@raw_message_delivery = aws_response["RawMessageDelivery"].eql?("true")
@topic_arn = aws_response["TopicArn"]
@endpoint = aws_response["Endpoint"]
@protocol = aws_response["Protocol"]
@confirmation_was_authenticated = aws_response["ConfirmationWasAuthenticated"].eql?("true")
rescue Aws::SNS::Errors::NotFound
@exists = false
return
end
end

View file

@ -61,16 +61,16 @@ describe "inspec exec with json formatter" do
it "properly validates all (valid) unit tests against the schema" do
schema = JSONSchemer.schema(JSON.parse(inspec("schema exec-json").stdout))
all_profile_folders.first(1).each do |folder|
begin
out = inspec("exec " + folder + " --reporter json --no-create-lockfile")
# Ensure it parses properly
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
out = inspec("exec " + folder + " --reporter json --no-create-lockfile")
# Ensure it parses properly
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
end

View file

@ -37,16 +37,16 @@ describe "inspec exec" do
it "properly validates all (valid) unit tests against the schema" do
schema = JSONSchemer.schema(JSON.parse(inspec("schema exec-jsonmin").stdout))
all_profile_folders.first(1).each do |folder|
begin
out = inspec("exec " + folder + " --reporter json-min --no-create-lockfile")
# Ensure it parses properly; discard the result
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
out = inspec("exec " + folder + " --reporter json-min --no-create-lockfile")
# Ensure it parses properly; discard the result
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
end

View file

@ -196,16 +196,16 @@ describe "inspec json" do
it "properly validates all (valid) unit tests against the schema" do
schema = JSONSchemer.schema(JSON.parse(inspec("schema profile-json").stdout))
all_profile_folders.first(1).each do |folder|
begin
out = inspec("json " + folder)
# Ensure it parses properly; discard the result
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
out = inspec("json " + folder)
# Ensure it parses properly; discard the result
out = JSON.parse(out.stdout)
failures = schema.validate(out).to_a
_(failures).must_equal []
rescue JSON::ParserError
# We don't actually care about these; cannot validate if parsing fails!
nil
end
end
end

View file

@ -9,7 +9,7 @@ describe "inspec shell tests" do
describe "cmd" do
def assert_shell_c(code, exit_status, json = false, stderr = "")
json_suffix = " --reporter 'json'" if json
command = "shell -c '#{code.tr("'", '\\\'')}'#{json_suffix}"
command = "shell -c '#{code.tr("'", "\\'")}'#{json_suffix}"
# On darwin this value is:
# shell -c 'describe file(\"/Users/nickschwaderer/Documents/inspec/inspec/test/functional/inspec_shell_test.rb\") do it { should exist } end' --reporter 'json'"
# appears to break in windows.
@ -25,7 +25,7 @@ describe "inspec shell tests" do
def assert_shell_c_with_inputs(code, input_cmd, input, exit_status, json = false, stderr = "")
json_suffix = " --reporter 'json'" if json
command = "shell -c '#{code.tr("'", '\\\'')}'#{input_cmd} #{input}#{json_suffix}"
command = "shell -c '#{code.tr("'", "\\'")}'#{input_cmd} #{input}#{json_suffix}"
# On darwin this value is:
# shell -c 'describe file(\"/Users/nickschwaderer/Documents/inspec/inspec/test/functional/inspec_shell_test.rb\") do it { should exist } end' --reporter 'json'"
# appears to break in windows.
@ -226,7 +226,7 @@ describe "inspec shell tests" do
end
def do_shell(code, exit_status = 0, stderr = "")
cmd = "echo '#{code.tr("'", '\\\'')}' | #{exec_inspec} shell"
cmd = "echo '#{code.tr("'", "\\'")}' | #{exec_inspec} shell"
self.out = CMD.run_command(cmd)
assert_exit_code exit_status, out

View file

@ -40,7 +40,7 @@ describe "example inheritance profile" do
return unless is_windows?
prepare_examples("inheritance") do |dir|
dir_with_backslash = File.join(dir, '..\\', File.basename(dir))
dir_with_backslash = File.join(dir, "..\\", File.basename(dir))
out = inspec("vendor " + dir_with_backslash + " --overwrite")
_(File.exist?(File.join(dir, "vendor"))).must_equal true

View file

@ -37,7 +37,7 @@ describe "Inspec::Fetcher" do
it "is able to handle Windows paths" do
# simulate a local windows path
file = __FILE__
file.tr!("/", '\\')
file.tr!("/", "\\")
res = Inspec::Fetcher::Registry.resolve(file)
_(res).must_be_kind_of Inspec::Fetcher::Local
_(res.target).must_equal __FILE__

View file

@ -39,7 +39,7 @@ describe ErlangParser do
end
it "parses a root array with a single quoted string" do
_(parsestr('[\'st\\\'r\'].')).must_equal '{:array=>[{:string=>"st\\\\\'r"@2}]}'
_(parsestr("['st\\'r'].")).must_equal '{:array=>[{:string=>"st\\\\\'r"@2}]}'
end
it "parses a root array with an empty binary" do

View file

@ -47,7 +47,7 @@ describe FindFiles do
it "builds the correct command when an escaped single quote is used" do
inspec.expects(:command).with('sh -c "find /a/\\\'b/"').returns(result)
helper.find_files('/a/\\\'b/')
helper.find_files("/a/\\'b/")
end
it "builds the correct command when an escaped double quote is used" do