On Windows, `inspec archive` would sometimes produce incorrect archive files. These would look fine, as tgz files, but would not execute correctly. This would lead to bewildering error messages like this one:
```
Unable to parse inspec.yml: line 1, control characters are not allowed
```
Fix it by treating the files as binary before writing them to get around any encoding issues, since the stream handler is a raw io object anyway.
Closely related to https://github.com/chef/inspec/pull/1906
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
On Windows, we ran into the problem that the execution of inherited profiles would (sometimes) not work. This was due to the use of `File.read` and `File.write` and handling inside the file provider, which works in most cases (especially *nix systems), but does not behave as expected on Windows. A better and more correct way of treating these files is via binary read and write mode, which changes the underlying encoding of both strings that are passed along.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Generated duplicate messages due to the way that examples are aggregated in RSpec. Make sure we never show any duplicate test result messages, as they offer not value to any user.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Having a dedicated downloads page will allow us to better communicate
different ways of downloading InSpec and also provide links to helpful
documentation.
Signed-off-by: Adam Leff <adam@leff.co>
The Compliance::API.version method could potentially return
a hash containing no "version" key but would return an empty
hash upon any expected failure. Downstream callers of the
Compliance::API.version method were looking for a "version"
key to always be present when, in some cases, it would not be.
This change ensures that if a version is not available, there
is no "version" key in the hash, and downstream callers of this
method have been changed to check for nil instead of empty.
Signed-off-by: Adam Leff <adam@leff.co>
* add bitbucket repo url handling
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* backout changes to .gitignore
* adding unit tests for bitbucket url transformers
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* fixing some indents
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
* fix some indents
Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
Calling the `digest` library directly unfortunately causes issues in FIPS 140-2 mode:
sha512.c(81): OpenSSL internal error, assertion failed: Low level API call to digest SHA512 forbidden in FIPS mode!
Switching to `OpenSSL` as the caller resolve these issues
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
In #1820 we made it so inspec would install the checked out source
version rather than the version from RubyGems.
This actually didn't work (though it wasn't apparent in a development
environment) because it used a relative path to bin/inspec that pointed
at /src/bin/inspec, which only exists if you're in a Habitat studio
started from the InSpec repo.
Revert back to getting the gem from RubyGems to avoid this problem and
have a working package.
Signed-off-by: Nathan L Smith <smith@chef.io>
A change made to how we generate the Gemfile during the Habitat build process
means we cannot have the PLAN_CONTEXT be the "habitat" directory but instead
need it to be the repo root itself.
Also changed to the preferred `hab pkg build` command instead of the original
`hab studio build` command.
Signed-off-by: Adam Leff <adam@leff.co>
When running `inspec exec` without the `target` option but against remote endpoints OR when executing it with the `localhost://` target AND having `--sudo` active it would abort the execution. `--target` is a helper to set the Train parameters for `backend`, `host`, `user`, `port`, and potentially `password`. The detection would fail on providing any of these separately without specifying `--target`. The same holds true for the `localhost` train backend or just `localhost://` target.
This type of detection has since moved to Train. The driving reason was to have this very useful check for localhost vs sudo run for any type of inspec (or for that matter: train) execution.
This PR depends on https://github.com/chef/train/pull/179 and the next release of train.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
