Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-12-18 09:03:12 +00:00
Code Issues Projects Releases Packages Wiki Activity
1565 commits 457 branches 1906 tags 76 MiB
Commit graph

816 commits

Author SHA1 Message Date
Jeremy W. Chalfant
2c5cb06990 superflous chomp 2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
b9ce468886 add AIX service support 2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
d855602efe use formmated lsof output to ensure accuracy and consistency across platforms 2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
aef7f6de39 sanity check and AIX tests 2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
bc503f080d rename etc_group to etc_group_spec and etc_group test success on AIX 2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
db43739951 AIX packages 2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
506b0ea996 fix rubocop complaint 2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
26afecf857 add aix user support 2016-01-14 23:00:09 -05:00
Mark Harrison
f5780b69a4 Correctly detect UDP ports on linux 
netstat on UDP lines doesn't display a port state (e.g. LISTEN), so make this
field optional when parsing the netstat line.
 2016-01-14 22:53:38 -05:00
Christoph Hartmann
454a7e466d bugfix: only skip regkey if required 2016-01-14 22:39:17 -05:00
Dominik Richter
375f65c903 casecmp == 0 if both entries are the same 2016-01-15 04:18:48 +01:00
Dominik Richter
4092691a78 lint 2016-01-15 04:07:25 +01:00
Stephan Renatus
5c17f8b643 regexp github url targets, add tests for Inspec::Targests::UrlHelper 
replacing occuring http:// with https:// is probably ok, github
redirects to https anyways
 2016-01-14 12:05:58 -05:00
Jacob McCann
f25ab3a373 Fix systemd service enabled check 2016-01-11 15:32:33 -06:00
Christoph Hartmann
ab88c23ab6 0.9.8 2016-01-11 12:48:36 -05:00
Stephan Renatus
ee62499fc0 bugfix: ignore supports when generating a profile's json representation 
without this, `inspec json PATH` does never contain rules != {}, because
of the usage of the mock backend
 2016-01-11 09:16:06 +01:00
Christoph Hartmann
a1ddbe4cf2 explicitly ignore supports for inspec check 2016-01-10 23:59:57 -05:00
Stephan Renatus
a26dbe146d fix reading profiles bug 
For reading the profiles metadata, we're using the train mock backend
through Inspec::Runner. The new `supports` feature never agrees with the
mock backend.

Now, it we figure out if this is a mock class and then just say that it
supports whatever we're asking for.

Tl;dr: there's probably a more beautiful solution to this.

Added a test case, but it fails -- while the command line interface
works fine.
 2016-01-07 15:16:49 -08:00
Stephan Renatus
3ce8cd7d16 support old "supports" field in metadata 
current compliance-profiles still have

```yaml
supports:
  - linux
```

and we might want to be a little backwards compatible, too.
 2016-01-05 22:50:56 +01:00
Dominik Richter
26c0cd0871 lint 2016-01-03 09:49:40 +01:00
Dominik Richter
8953278204 unfortunately Enumerator#last is not supported 2016-01-03 09:40:17 +01:00
Christoph Hartmann
e1d7d30919 add deprecation warning for serverspec users 2016-01-03 00:03:24 +01:00
Christoph Hartmann
a72ba94f10 handle mount results with multiple entries 2016-01-03 00:03:24 +01:00
Christoph Hartmann
9930773f37 restrict mount functionality to linux 2016-01-03 00:03:24 +01:00
Christoph Hartmann
a5acb03e49 add mount resource 2016-01-03 00:03:24 +01:00
Christoph Hartmann
772df929f6 implement be_mounted.with for file resources 2016-01-03 00:03:24 +01:00
Christoph Hartmann
19ed6be39f more fine-grained utils parser 2016-01-02 22:41:58 +01:00
Christoph Hartmann
3be9ea18cc use 1.8 syntax for dash key values to be compatible with older ruby versions 2016-01-02 22:29:31 +01:00
Christoph Hartmann
c11c36058a separate os check 2016-01-02 21:25:22 +01:00
Dominik Richter
d6f48d3534 catch empty support clause 2015-12-31 17:57:59 +01:00
Dominik Richter
af8e4e93ca add supports keyword to profiles 2015-12-31 17:54:13 +01:00
Dominik Richter
2e0da6e9e8 unify metadata resolution 2015-12-31 12:49:18 +01:00
Dominik Richter
3db2dd756d resolve metadata from profile targets 2015-12-31 12:49:18 +01:00
Dominik Richter
e7b7f166cf dry folder resolver 2015-12-31 12:49:18 +01:00
Dominik Richter
96c9794cbf bugfix: reload inspec DSL after loading libraries 2015-12-29 19:27:00 +01:00
Dominik Richter
526932584d fix metadata validation 2015-12-28 13:35:38 +01:00
Dominik Richter
cfa2b9a39c fix metadata reading and parsing 2015-12-28 13:16:09 +01:00
Dominik Richter
cdc95df5ca keep metadata checks in metadata.rb 2015-12-28 13:07:21 +01:00
Dominik Richter
aef0cabde8 fix method length in inspec.check 2015-12-28 13:01:27 +01:00
Christoph Hartmann
0ab46ff5b1 rename metadata.yml to inspec.yml 2015-12-28 12:53:42 +01:00
Christoph Hartmann
1d4295ee4d remove owner/name restriction 2015-12-28 12:53:42 +01:00
Christoph Hartmann
06c1265b38 add support for .tgz extension. Thanks @srenatus 2015-12-28 12:53:42 +01:00
Christoph Hartmann
31c8509092 lint profile implementation 2015-12-28 12:53:42 +01:00
Christoph Hartmann
27150e5341 feature: generate profile archive 2015-12-28 12:53:42 +01:00
Christoph Hartmann
9da0e32f3d bugfix: only add path to load path if the test is located on filesystem 2015-12-28 12:53:42 +01:00
Christoph Hartmann
ebe54efd67 feature: load tests from zip and tar.gz 2015-12-28 12:53:42 +01:00
Christoph Hartmann
43c778078c feature: add support for metadata.yml 2015-12-28 12:53:42 +01:00
Christoph Hartmann
9e8e64319e improvement: better detection of directory types 2015-12-28 12:53:42 +01:00
Christoph Hartmann
bb97044338 bugfix: fix profile check 2015-12-28 12:53:38 +01:00
Christoph Hartmann
9fda6d3e89 bugfix: use skip_control instead of skip_rule as default 2015-12-28 12:07:57 +01:00
Christoph Hartmann
e122e48ae5 change profile directory from 'test' to 'controls' 2015-12-28 12:07:57 +01:00
Dominik Richter
7473dea1f2 ignore auto-generated controls during verify check 2015-12-23 11:11:49 +01:00
Dominik Richter
b2e0fac625 change check errors on summary+title to warnings 2015-12-23 09:18:59 +01:00
Dominik Richter
d2509f745e reference correct fields from metadata in inspec check 2015-12-23 09:18:59 +01:00
Dominik Richter
25706b3612 0.9.7 2015-12-21 16:31:48 +01:00
Christoph Hartmann
ca33ac9288 Merge pull request #321 from jeremymv2/security_policy_fixes 
Fixing issue with security policy always returning nil
 2015-12-17 17:55:01 +01:00
Jeremy J. Miller
f1e8483cd8 Removed extra whitespace 2015-12-17 08:56:43 -05:00
Stephan Renatus
3a1dcb7669 teach cmp matcher octal tricks 2015-12-16 11:32:31 +01:00
Jeremy J. Miller
af55cb41d8 Added ensure block to always delete file 2015-12-15 14:40:57 -05:00
Jeremy J. Miller
652392918d Fixing issue with security policy always returning nil 2015-12-15 10:29:54 -05:00
Stephan Renatus
a5a780f920 reset rspec configuration when initializing Inspec::Runner 
fixes https://github.com/chef/kitchen-inspec/issues/15
 2015-12-15 14:00:53 +01:00
troyready
29f954f7f3 add release to el pkg version & catch missing linebreaks 
Package release info (e.g. '19.el7') is often required to determine if
a system has been properly patched.

Lines like the following from rpm are messing up the version returned
by the package resource:
"...\nVersion     : 1.8.6p3                           Vendor: Red Hat, Inc.\n..."
Correcting this with a new conditional check.
 2015-12-11 13:05:22 -08:00
Dominik Richter
cc67d8d4c0 0.9.6 2015-12-11 18:34:15 +01:00
Dominik Richter
494ed708d4 Merge pull request #318 from chef/chris-rock/cmp-matcher 
matcher for less-restrictive comparison
 2015-12-11 17:58:47 +01:00
Christoph Hartmann
0185751ff5 lint exception 2015-12-11 17:48:05 +01:00
Christoph Hartmann
52cd0b38d1 update style of float? detection 2015-12-11 17:26:46 +01:00
Christoph Hartmann
31f8863701 update failure message for cmp matcher 2015-12-11 17:19:28 +01:00
Christoph Hartmann
53728ee03a lint fix 2015-12-11 17:17:01 +01:00
Christoph Hartmann
9f0755be99 add new cmp matcher that eases the comparison for values 2015-12-11 17:02:48 +01:00
Christoph Hartmann
b2c457cf22 lint: remove redundant return 2015-12-11 15:39:49 +01:00
Christoph Hartmann
6badbf4dc9 bugfix: abort registry_key resource if the os is not supported 2015-12-11 15:39:49 +01:00
Christoph Hartmann
90e1eb9e39 bugfix: always ensure the script resource is properly initialized, even if the os is not supported 2015-12-11 15:39:49 +01:00
Christoph Hartmann
7422306ba7 lint fix 2015-12-11 14:34:28 +01:00
Christoph Hartmann
95c7ba8fe5 simplify prompt color setting 2015-12-11 14:29:31 +01:00
Christoph Hartmann
100df85b27 improve shell prompt and help 2015-12-11 14:03:36 +01:00
Stephan Renatus
652d51e9dc [resource/port] add port(addr, port) variant 2015-12-08 20:33:36 +01:00
Stephan Renatus
8532dd7034 [resource/port] change attribute names to plural, indicating arrays 
see discussion in #256
 2015-12-08 20:33:36 +01:00
Adam Leff
c146a76679 File permission checks should return false unless file exists 
Currently, #readable?, #writeable?, and #executable? will incorrectly
return true if the file does not exist.

In addition, I took the opportunity to refactor the File resource to
make it easier to write unit tests and supplied a full unit test
suite for this resource.
 2015-12-08 19:57:34 +01:00
Stephan Renatus
7a1cd660c3 [resources/processes] add users, states attribute; update docs 
processes('bash').user does not actually make much sense for a resource
that is a list -- different entries can belong to different users.
Analogous for processes('bash').state.

The attributes 'users' and 'states' expose the unique values
corresponding to that property of entries in the process list.

Fixes #295.
 2015-12-08 13:06:27 +01:00
Stephan Renatus
bf15c05f7f Merge pull request #299 from chef/chris-rock/os-resource 
support string and symbol for os resource
 2015-12-07 12:22:58 +01:00
Stephan Renatus
33f2fe3dde hide summary output when running interactively (inspec shell) 2015-12-07 11:12:41 +01:00
Stephan Renatus
17a80d32a9 remove second welcome 2015-12-07 11:12:41 +01:00
Stephan Renatus
c6fd8c5880 mention help [resource] 2015-12-07 11:12:41 +01:00
Christoph Hartmann
dcb09802d3 support string and symbol for os resource 2015-12-07 11:11:55 +01:00
Stephan Renatus
79f48afa6c [resources/apache_conf]: add tests, fix bug 
before, the resource would throw an exception when include_files
returned nil (i.e., [].flatten!)

added basic unit tests capturing the include_files behaviour
 2015-12-07 10:50:48 +01:00
Christoph Hartmann
7c393a1891 Merge pull request #291 from chef/sr/fix-find_files 
revert to old find_files interface
 2015-12-04 14:41:36 +01:00
Stephan Renatus
324ba14a6b fix optional type argument handling 2015-12-04 14:27:32 +01:00
Stephan Renatus
390e0fcca7 restore old find_files interface 
- fixes #276
- basic test for find_files
 2015-12-04 14:15:45 +01:00
Adam Leff
e0c356dae7 Adding support for Wind River Linux 
WRL is used as the OS on Cisco Nexus devices and acts like a Red
Hat variant. These changes add support for WRL.
 2015-12-03 17:41:11 -05:00
Christoph Hartmann
766fe47b87 add inline documentation 2015-12-01 10:56:47 +01:00
Christoph Hartmann
6a6cff1526 feature: add help command for resources 2015-12-01 10:56:47 +01:00
Christoph Hartmann
2c8a8ccb25 improvement: add etc_group support for centos and add integration test 2015-12-01 10:40:12 +01:00
Dominik Richter
762562b967 0.9.5 2015-11-25 15:43:31 +01:00
Dominik Richter
468159772f 0.9.4 2015-11-24 20:04:31 +01:00
Christoph Hartmann
a822dcee1a optimize code structure 2015-11-24 18:39:32 +01:00
Christoph Hartmann
0bd7f557d5 bugfix: do manual split of id result because we cannot use whitespace 2015-11-24 18:35:10 +01:00
Christoph Hartmann
be62b76dc2 improvement: add checks to ensure the requested file is available 2015-11-24 16:46:17 +01:00
Christoph Hartmann
60e2a3512f add init resource 2015-11-24 16:46:17 +01:00
Christoph Hartmann
0657525f4d lint json resource 2015-11-24 16:46:17 +01:00
Christoph Hartmann
62ecdf6a1f rewrite extraction of values 2015-11-24 16:46:17 +01:00