* Remove any "All Rights Reserved" references
InSpec is licensed and released under the Apache 2.0 license. This
change removes all reference to legacy code files that still had
any Copyright or License lines referring to "All Rights Reserved".
Signed-off-by: Adam Leff <adam@leff.co>
* fix functional tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
The resource itself only offers contents and params right now. It resolved
all include calls it can find and creates the aggregated config object.
This is limited in functionality. One last (set of) PR(s) is needed to
add an interface that makes querying this config file easier. It is due
to the file's inherent complexity that I want to explore which methods
are needed to be effective. In the meantime, this resource offers accessors
to the underlying data that are stable.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
For cleanliness and ease of testing, I've moved the logic that
parses the server version from the compliance config to a
separate method.
Signed-off-by: Adam Leff <adam@leff.co>
Net::HTTP does not gracefully handle HTTP options/headers
that have nil values. This updates Fetchers::Url to verify
that all headers we attempt to configure have non-nil,
non-empty values.
This originally surfaced via the audit cookbook with the
chef-automate fetcher in use without the data_collector
token being set.
Signed-off-by: Adam Leff <adam@leff.co>
* Adding toml resource
This adds a `toml` resource that inherits from the json resource and
behaves the same way as the JSON and YAML resources.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
* s/package/service/ on service unit test descriptions
Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>
* Add support for CoreOS to the service resource
Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>
* Remove some apparently unused test setup to remove some warnings.
* Initialize some instance variables before use to silence warnings.
* Remove an unused variable to remove a warning.
* Remove some indirection.
* Silence logger during tests.
* Check if an instance variable was defined before referencing to remove a warning.
* Define duplicated constant once in root rakefile.
* Initialize an instance variable to remove a warning.
* Remove PROJECT_DIR to reduce coupling.
Signed-off-by: Pete Higgins <pete@peterhiggins.org>
The is_automate_server_pre_080? and is_automate_server_080_and_later?
methods needed some fixing. The Compliance configuration could have
a "version" key that was not nil but was an empty hash, indicating
that it came from a pre-0.8.x Automate server. What we really need
to look for is config['version']['version'] being nil?.
Signed-off-by: Adam Leff <adam@leff.co>
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.:
```
> inspec exec examples/profile --password
ArgumentError: Please provide a value for --password. For example: --password=hello.
```
It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`.
Fixes: https://github.com/chef/inspec/issues/1901
As suggested: https://github.com/chef/inspec/pull/1904
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
`must_equal nil` will fail in MiniTest 6. Changing those to `must_be_nil`
quiets down all the warnings we currently see and preps us for Minitest 6.
Signed-off-by: Adam Leff <adam@leff.co>
* Add TCP reachability support on Linux for host resource
This enhances the `host` resource on Linux targets by using netcat
(if installed) to perform TCP reachability checks.
Signed-off-by: Adam Leff <adam@leff.co>
* documentation updates
Signed-off-by: Adam Leff <adam@leff.co>
* Appease rubocop
Signed-off-by: Adam Leff <adam@leff.co>
Generated duplicate messages due to the way that examples are aggregated in RSpec. Make sure we never show any duplicate test result messages, as they offer not value to any user.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
The Compliance::API.version method could potentially return
a hash containing no "version" key but would return an empty
hash upon any expected failure. Downstream callers of the
Compliance::API.version method were looking for a "version"
key to always be present when, in some cases, it would not be.
This change ensures that if a version is not available, there
is no "version" key in the hash, and downstream callers of this
method have been changed to check for nil instead of empty.
Signed-off-by: Adam Leff <adam@leff.co>
* add bitbucket repo url handling
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* backout changes to .gitignore
* adding unit tests for bitbucket url transformers
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* fixing some indents
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* fix some indents
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
Unsupported operating systems AND the mockloader when using inspec analysis tools may lead to powershell being called with the command being `nil`, because the resource skips during the initialize phase. Instead, propagate an empty string so that `command` has a valid input and then skip the resource.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
When attempting to parse the profile out of the target URL, we
were not raising an exception if we failed to do so. Such a situation
could arise if a user's inspec config.json is incorrect either due to
manual editing or failure to re-login after an upgrade past Automate
0.8.0.
This change provides a clear exception if this occurs and also adds
tests for the compliance_profile_name method.
Signed-off-by: Adam Leff <adam@leff.co>
The gem resource used to determine if a gem is installed based on the exit
status of the `gem` command, however that command will return zero
if the package was found or not. This patch checks to ensure that the
`gem list` command actually includes the gem name or is empty to
determine if the gem is in fact installed.
If the gem command returns something other than a `0` exit code, then
it'll skip the resource.
Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
This adds supports for connecting to MS SQL instances using Window
authentication rather than SQL authentication. By leaving either the
user or password parameters blank causes the sqlcmd to leave off the -U
and -P params. This will cause sqlcmd to authenticate as the current
Windows user.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
Inspired by #1640, this change cleans up the logic used when
reading in secrets files, provides clearer warnings when the
secrets files can't be parsed, and adds tests for those methods.
Signed-off-by: Adam Leff <adam@leff.co>
Switched the oracle_session resource to take an option hash and allow
for configuring hostname, DB_SID, and sqlplus binary path.
Added unit tests.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
The CLI formatter is not currently honoring the --no-color flag
when outputting CLI output. This change cleans up how we format
with color and properly support the flag for use cases where
color-encoding characters make the output difficult to use
(i.e. when someone redirects CLI output to a text file for
sharing with others).
Signed-off-by: Adam Leff <adam@leff.co>
Running `inspec exec` with --sudo locally produces unintended results
given that we cannot escalate local Ruby methods after we're already
running. --sudo is meant to only be used with remote targets. We do
not currently enforce that.
This change will print an error for the user if they attempt to use
--sudo with a local exec and exit non-zero.
Signed-off-by: Adam Leff <adam@leff.co>