Commit graph

4292 commits

Author SHA1 Message Date
Rony Xavier
7d2da0c199 nginx resource: audit the nginx binary and how it was compiled (#1958)
* nginx base resource

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xavier <rx294@gmail.com>
2017-09-13 08:15:09 -04:00
Chef Expeditor
dd1d0ca553 Bump version to 1.37.0 by Chef Expeditor 2017-09-11 15:37:45 +00:00
Adam Leff
10018139ef etc_fstab resource: test contents of the /etc/fstab file (#2131)
This commit/PR is to re-run the Expeditor actions for #2064 (changelog, automated build), etc.

While we would normally manually re-run the actions through our bot, the expeditor config
in the squashed commit for #2064 is not correct.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-11 11:37:40 -04:00
Adam Leff
dbf1d8a889 Fix merge_actions in expeditor config, add create_github_release (#2130)
merge_actions must now be an array rather than a hash. Also adding
the ability for Expeditor to create a GitHub Release entry when
an artifact is promoted to stable.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-11 11:28:09 -04:00
dromazmj
70548ab754 etc_fstab resource: test contents of the /etc/fstab file (#2064)
* Adding support for fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to docs of new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications to new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>
2017-09-11 15:55:03 +02:00
Jerry Aldrich III
a9d0d65c54 Add attributes file readability error handling (#2127)
* Add attributes file readability error handling

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-08 08:43:33 -04:00
Chef Expeditor
15d0a2244e Update CHANGELOG.md to reflect the promotion of 1.36.1 to stable 2017-09-07 17:49:10 +00:00
Tom Duffield
c1e5ed2c61 Update Expeditor config to meet 0.5.0 requirements (#2126)
Signed-off-by: Tom Duffield <tom@chef.io>
2017-09-06 18:14:33 -04:00
Chef Expeditor
29c80110a8 Bump version to 1.36.1 by Chef Expeditor 2017-09-06 12:22:38 +00:00
Adam Leff
be0939e111 Bump minor version (#2125)
The change in #2119 necessitates a minor bump.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-06 08:22:33 -04:00
Chef Expeditor
de2bd9aba3 Bump version to 1.35.5 by Chef Expeditor 2017-09-06 12:19:10 +00:00
Dominik Richter
19ab22f5e2 add nginx_conf accessors for http, servers, and locations (#2119)
* wip: extend nginx_conf for http+servers+locations

... well `http` entries really, but we couldnt just call it `https`.

the goal is to `nginx_conf.http` / `nginx_conf.servers` / `nginx_conf.locations` and then also have these calls cascaded down to simplify the access to these fields. the current pattern is rather tedious since we need to check for nil everywhere.

* add test for new nginx accessors

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add docs for nginx-conf

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* fix all incorrect NGINX spellings in docs

* prevent edge-cases where nginx params are nil

for location, http, and servers

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* more descriptive to_s for nginx servers

as suggested by @adamleff, thank you!

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add more descriptive to_s for nginx location

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-06 08:19:04 -04:00
Chef Expeditor
e2b528db20 Bump version to 1.35.4 by Chef Expeditor 2017-09-06 10:07:39 +00:00
Trevor Vaughan
fb011c1d10 Fix deep profile chaining (#2121)
Update to fix how multiple relative profile chaining functions.

Closes #2120

Signed-off-by: Trevor Vaughan <tvaughan@onyxpoint.com>
2017-09-06 12:06:55 +02:00
Adam Leff
8b8d240fe6 Remove test/resources directory, update README (#2124)
* Remove test/resources directory, update README

The test/resources directory is stale and no longer used. Rather, we
favor Test Kitchen-backed integration tests in test/integration.

This change removes the stale tests and updates the README accordingly.

Signed-off-by: Adam Leff <adam@leff.co>

* Remove resources tests from travis

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-06 12:05:25 +02:00
Chef Expeditor
dbb4311693 Bump version to 1.35.3 by Chef Expeditor 2017-09-05 12:37:41 +00:00
ChadScott
09b145122d Modify linux regular expression to handle process names with spaces (#2117)
* Modify linux regular expression to handle process names with spaces

Signed-off-by: Chad Scott <cscott@chadikins.com>

* Add mocks, tests, etc.

Signed-off-by: Chad Scott <cscott@chadikins.com>
2017-09-05 14:36:55 +02:00
Chef Expeditor
f3c3de241e Bump version to 1.35.2 by Chef Expeditor 2017-09-03 18:43:56 +00:00
Clinton Wolfe
f284962450 File Resource: add be_setgid, be_setuid, be_sticky matchers (#2104)
* Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* TDD Red for setgid/setuid/sticky File matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add documentation for file resource sgid, sticky, and suid matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add matchers to File for setgid, setuid, and sticky by aliasing existing predicates; TDD green

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop prefers alias to alias_method.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Lint before pushing, of course

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Correct spelling of setgid and setuid matchers in docs

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add be_setgid, be_setuid, be_sticky matcher integration tests for File.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here."

This reverts commit 42e672f3b1.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "TDD Red for setgid/setuid/sticky File matchers"

This reverts commit a4f891fc7e.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-09-03 20:43:13 +02:00
Adam Leff
1a651f1741 Correct docs for the file resource (#2115)
The current docs refer to a method called `link_target` which does not
exist. `link_path` provides the functionality.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-31 16:51:33 -04:00
Chef Expeditor
feb755933f Update CHANGELOG.md to reflect the promotion of 1.35.1 to stable 2017-08-31 18:45:48 +00:00
Mark Harrison
914fed115e Add with_toc_data option to markdown renderer (#2109)
This adds 'id="foo"' attributes to headers, which lets you link directly
to a specific section of the documentation.

Signed-off-by: Mark Harrison <mark@mivok.net>
2017-08-31 14:43:42 -04:00
Chef Expeditor
fd3dac23ce Bump version to 1.35.1 by Chef Expeditor 2017-08-31 13:55:32 +00:00
Adam Leff
4478172052 Bump to v1.35.x (#2112)
Changes since 1.34.1 include new features and enhancements, necessitating the bump

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-31 09:55:27 -04:00
Chef Expeditor
1e57537f54 Bump version to 1.34.10 by Chef Expeditor 2017-08-31 13:51:44 +00:00
dromazmj
cb5b475bb1 etc_hosts resource: test the contents of the /etc/hosts file (#2065)
Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
2017-08-31 09:51:39 -04:00
Chef Expeditor
e7b6c31e11 Bump version to 1.34.9 by Chef Expeditor 2017-08-31 07:56:18 +00:00
Jonathan Morley
3e7d47505c Add support for XML files (#2107)
* Add support for XML files

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>

* Use REXML instead of nokogiri

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>
2017-08-31 09:56:14 +02:00
Chef Expeditor
d0f2e49970 Bump version to 1.34.8 by Chef Expeditor 2017-08-31 07:53:50 +00:00
Adam Leff
e2fa0b5e73 port resource: support ss instead of netstat (#2110)
* port resource: support ss instead of netstat

`netstat` is officially deprecated and is replaced with `ss`. This PR
changes the port resource to use `ss` if it's available on the target
system.

Signed-off-by: Adam Leff <adam@leff.co>

* Disable Metrics/ClassLength cop on the LinuxPorts class

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-31 09:53:08 +02:00
Chef Expeditor
0f19e40d3b Bump version to 1.34.7 by Chef Expeditor 2017-08-30 20:04:28 +00:00
Anthony Shaw
d5f33f0b99 pip resource: support non-default pip locations, such as virtualenvs (#2097)
* Update pip resource for #516 allow user to set path to pip executable

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* support virtualenv path, pip file exec and better logic

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* add tests for the change to the pip path and resource

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* tests are case sensitive, although command line is not

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use a path verification method instead of a class method

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use guard clauses instead of conditionals

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* change the control flow to return nil when commands are not available

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* fix the return values when custom pip path is not valid

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* Refactor pip path detection to fix unit tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-30 22:04:22 +02:00
Chef Expeditor
d93f623934 Bump version to 1.34.6 by Chef Expeditor 2017-08-30 20:02:50 +00:00
Adam Leff
c383175417 Support mixed-case group entries (#2101)
* Support mixed-case group entries

The `group` resource downcased the input parameter unless the target
was a Windows node. However, it's completely legitimate for a Unix-y
node to have mixed case group and passwd entries.

This change does have the potential to break people that did not carefully
match their case when searching for a group, but we're currently blocking
people from using the group resource properly if they have mixed-case
entries.

Signed-off-by: Adam Leff <adam@leff.co>

* Fix unit tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-30 22:02:45 +02:00
Chef Expeditor
151199b5fc Bump version to 1.34.5 by Chef Expeditor 2017-08-30 18:22:05 +00:00
Mark Harrison
ef42e2efd0 Use stored http resource response (if any) (#2108)
Currently, if you check two properties of a http resource, such as
status and body, two different http requests are made to the server.
However, the response is already stored in an instance variable, so this
change just checks to see if a response is already available and uses it
rather than making another http request.

Signed-off-by: Mark Harrison <mark@mivok.net>
2017-08-30 20:21:59 +02:00
Chef Expeditor
75b9ee8c39 Bump version to 1.34.4 by Chef Expeditor 2017-08-29 05:11:57 +00:00
Jennifer Burns
3b2bf52b1d auditd_rules resource: fix get_keys error on lines that have no keys (#2103)
* Added line to fix bug when no key in file rule and updated test to validate bug fix

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated to consider corner case

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-08-29 07:11:14 +02:00
Chef Expeditor
7a41cec73f Bump version to 1.34.3 by Chef Expeditor 2017-08-25 20:21:54 +00:00
Kevin Formsma
94c2e8181c Add sensitive flag to resources to restrict logging output (#2017)
* Filter check output based on sensitive flag
-Updated check in formatters to filter check output during failures based on
sensitive metadata flag
-Added functional test of output filtering
-Updated documentation with blerb on usage
* Update output format for sensitive resources

Signed-off-by: Kevin Formsma <kevin.formsma@gmail.com>

* Update color output on new test

Update the color output to match the newly-expected non-color format if there are no tests that match.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-25 16:21:49 -04:00
Chef Expeditor
3c07341ea0 Bump version to 1.34.2 by Chef Expeditor 2017-08-25 20:13:48 +00:00
Jennifer Burns
2cef15aec3 aide_conf resource: test configuration of the AIDE file integrity tool (#2063)
* Added aide_conf resource and subsequent files

* Updated to match on all selection lines

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Changed to use CommentParser and fixed typo

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Fix typo in test file

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated to address PR feedback

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-08-25 22:13:43 +02:00
Chef Expeditor
f89ddcc832 Update CHANGELOG.md to reflect the promotion of 1.34.1 to stable 2017-08-24 18:58:14 +00:00
Adam Leff
c328336b01 Remove unnecessary entries from changelog (#2099)
Signed-off-by: Adam Leff <adam@leff.co>
2017-08-24 14:57:26 -04:00
Chef Expeditor
5440bb782e Bump version to 1.34.1 by Chef Expeditor 2017-08-23 14:32:42 +00:00
Adam Leff
4a89bf437e Bump minor version (#2096)
PR #2094 warrants a minor version bump

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-23 10:32:37 -04:00
Chef Expeditor
f0711066e7 Bump version to 1.33.15 by Chef Expeditor 2017-08-23 14:30:19 +00:00
Adam Leff
6029a4b43d Refine the profile/test summary output of the CLI formatter (#2094)
* Refine the profile/test summary output of the CLI formatter

* The "Profile Summary" is misleading as it's not a summary of profile
  success/failure but rather the controls within the profile(s). Altered
  the output to be clear. I still like calling it the "profile summary"
  but wanted to add clarity that the numbers are about the controls.

* Made the colorized output dynamic. The success/failure will only be
  green/red if there are controls/tests that fall into that category.
  That way we are not printing red failure text when there are no
  actual failures. Fixes #1752.

* Cleaned up some grammar issues. ("1 failure" vs "1 failures")

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-23 10:29:09 -04:00
Chef Expeditor
e9fecc027d Bump version to 1.33.14 by Chef Expeditor 2017-08-21 21:40:40 +00:00
Adam Leff
a8bc555214 Add slack notifications for Travis CI builds to master (#2092)
Signed-off-by: Adam Leff <adam@leff.co>
2017-08-21 23:40:36 +02:00