Commit graph

1378 commits

Author SHA1 Message Date
Victoria Jeffrey
47c6427082 print profile info before test results (inherited profiles) 2016-09-27 10:39:35 -04:00
Christoph Hartmann
6113bb82a8 1.0.0 2016-09-26 15:59:54 +02:00
Steven Danna
7aa4c6da8e Fix require_controls DSL method
Previous, require_controls was including all controls from the named
profile, despite the documented behavior being that it only includes
controls explicitly pulled in by the user.  The cause was two-fold:

1) A previous refactor meant that we weren't removing the rule from the
correct context, and

2) We weren't descending down the dependency tree when filtering rules.

This commit fixes the require_controls DSL method and adds a test to
help prevent future regressions.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-26 15:20:56 +02:00
Steven Danna
57ff8c5e3c
Fix minor typo in sys_info documentation
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-26 10:56:16 +01:00
Steven Danna
f23a0d1098
Bump lockfile version to 1.0
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-26 09:51:04 +01:00
Steven Danna
76ef897d80 Improve error messages from compliance fetcher
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-26 01:57:58 +02:00
Christoph Hartmann
2aab753d9b return empty array for known privileges 2016-09-26 01:48:59 +02:00
Christoph Hartmann
dab8ff5c13 replace wmi win32_useraccount with adsi users 2016-09-26 01:31:44 +02:00
Christoph Hartmann
3bc7fa3a39 remove whitespace 2016-09-26 01:29:18 +02:00
Michał Sochoń
cdf6f647ac Update parse_config.rb
Extend example section.
2016-09-25 14:02:40 +02:00
Christoph Hartmann
1768d952a4 1.0.0.beta3 2016-09-25 13:27:25 +02:00
Christoph Hartmann
3757ee2483 add variables to each loops 2016-09-23 18:32:47 +02:00
Alex Pop
13da437dcc Show skip_message and correct title 2016-09-23 07:47:21 +01:00
Christoph Hartmann
f7ec24a337 implement filter table for group/groups resource 2016-09-23 00:53:24 +02:00
Christoph Hartmann
71d119f88d fix minor typos in user resource 2016-09-23 00:31:32 +02:00
Steven Danna
50b27c4b32 Avoid spurious downloads during dependency management
Before, a URL based source might be downloaded multiple times during the
dependency fetching and lockfile creation. This commit tries to avoid
this by:

1) Memoizing data about the archive to avoid re-fetching the archive

2) Adding a CachedFetcher wrapper around the fetcher class to help
ensure that callers always consult the cache before fetching.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-22 18:36:00 +02:00
Christoph Hartmann
0e7c534ea7 1.0.0.beta2 2016-09-22 11:33:43 +02:00
Steven Danna
d29e8768ca Rename --no-write-lockfile to --no-create-lockfile
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-22 10:08:32 +02:00
Steven Danna
2f3a916080 Always write lockfiles for local top-level profiles
This commit threads through some state related to whether or not a
profile is "local", that is whether it is a directory on disk.  If it
is, we then write out the lockfile to disk.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-22 10:08:32 +02:00
Christoph Hartmann
70fa1dde73 Merge pull request #1113 from chef/ssd/customcache
Add `--cache` option to `inspec exec`
2016-09-21 15:19:18 +02:00
Steven Danna
2d28c786c3
Add --cache option to inspec exec
This allows users to run:

  inspec exec ./ --cache PATH

which will use `PATH` as the dir to retrieve and store remote
dependencies.  The hope is that this can eventually be used with
`inspec vendor PATH` to package up a profile for offline use.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-21 14:10:27 +01:00
Christoph Hartmann
85aae8d29f fix double-space in pip to_s resource 2016-09-21 12:02:36 +02:00
Steven Danna
8d63db9a2b
Change :shasum key to :sha256 for future upgrade
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-21 10:51:04 +01:00
Steven Danna
6814d6ad2b
Fail if a remote source content doesn't match lockfile
If a URL based source does not match the shasum recorded in the
lockfile, it likely means a new version has been pushed to the remote
source. In this case, we fail to help ensure that when using a lockfile
we always run the same code as when the lockfile was created.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-21 10:15:52 +01:00
Anirudh Gupta
a355af670f fixup! fixing the debian package manager - when the package is removed but not purged 2016-09-21 13:41:59 +05:30
Anirudh Gupta
024027a3a1 fixing the debian package manager - when the package is removed but not purged 2016-09-21 13:11:23 +05:30
Anirudh Gupta
1cfa3252ce making the examples in the code consistent with rst docs 2016-09-21 11:33:17 +05:30
Alex Pop
161386f50d Use parenthesis when passing regular expressions 2016-09-21 00:51:23 +02:00
David Pell
155995adfd In ApacheConf#include_files, check for abs paths
If the path is absolute, just use what was passed, otherwise build an
absolute path using `@conf_dir`.

Fixes #1013
2016-09-20 09:11:09 -04:00
Alex Pop
e1faebd527 Include code description in the output of failed controls 2016-09-20 10:10:08 +01:00
Alex Pop
624849d418 removed unsupported legacy login and replaced it with the current username/password login option. a bit of refactoring around error checking and error/success output content 2016-09-19 23:08:42 +02:00
Steven Danna
b2146d8758 Allow users to reference resources from dependencies
All resources from deps are added into the control_eval_context used by
the current profile. However, if there is a name conflict, the last
loaded resource wins. The new `require_resource` dsl method allows the
user to do the following:

    require_resource(profile: 'profile_name',
                     resource: 'other',
                    as: 'renamed')

    describe renamed do
      ...
    end

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-19 19:08:43 +02:00
Christoph Hartmann
1796b91846 1.0.0-beta1 2016-09-19 17:51:25 +02:00
Dominik Richter
6792550f8c adopt new json formatting 2016-09-19 13:45:03 +02:00
Victoria Jeffrey
ecac8ae9cb print profile summary and test summary 2016-09-18 21:53:16 -04:00
Dominik Richter
6234e9c1eb Merge pull request #1084 from chef/ap/ssl-hostname
ssl resource to use inspec.backend.hostname and require train 0.19.1
2016-09-16 14:05:28 +02:00
Christoph Hartmann
b4a3debeec 0.35.0 2016-09-16 12:00:07 +02:00
Alex Pop
8a470c16f1 ssl resource to use inspec.backend.hostname and require train 0.19.1 2016-09-16 10:41:22 +01:00
Steven Danna
be1a61f2e5 Process transitive dependencies from lock file
This is a regression introduced by the changes from string to symbol
keys in v0.34.0. It seems that our test cookbook that had a nested
dependency example wasn't actually wired up to run.

This adds a basic functional test and corrects the typo.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-15 09:41:40 +02:00
Christoph Hartmann
178156499f Merge pull request #1076 from chef/ssd/issue-1074
Ensure resources are visible inside its blocks
2016-09-14 17:48:26 +02:00
Steven Danna
8024eea8b7
Ensure resources are visible inside its blocks
The recent changes to provide isolated views of the available resources
was not extended to Rspec::ExampleGroups. This ensures that
ExampleGroups have access to the same resources as the enclosing
Inspec::Rule.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-14 16:27:59 +01:00
Steven Danna
f2e587f6d5
Skip controls from profile's that don't support the current platform
Any controls included from profiles that don't support our current
platform are now marked as skipped.

Fixes #1049
2016-09-14 09:57:53 +01:00
Steven Danna
8f10ee53c5 Provide inspec.yml shortcut syntax
- Allow users to elide the `name` attributes
- Assume a default source of supermarket

Fixes #1048

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-14 08:46:06 +02:00
Christoph Hartmann
ad2faecffd 0.34.1 2016-09-13 17:17:51 +02:00
Christoph Hartmann
60360f267d move force encoding to binary only, so that it does not affect the use of inspec in lib mode 2016-09-13 16:18:40 +02:00
Christoph Hartmann
b591f0c6ca 0.34.0 2016-09-12 19:36:09 +02:00
Christoph Hartmann
9c7d06c167 use simple config for security policy resource 2016-09-12 12:20:57 +02:00
Steven Danna
b48b9edae9
Improve duplicate and cycle detection in resolver
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-12 10:57:55 +01:00
Christoph Hartmann
a2143b8249 identify enabled/disabled accounts for windows 2016-09-12 11:40:25 +02:00
Steven Danna
1836e6daeb
Add Inspec::Fetcher#relative_target for compatibility
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-12 09:54:57 +01:00