Christoph Hartmann
9c7d06c167
use simple config for security policy resource
2016-09-12 12:20:57 +02:00
Steven Danna
b48b9edae9
Improve duplicate and cycle detection in resolver
...
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-12 10:57:55 +01:00
Christoph Hartmann
a2143b8249
identify enabled/disabled accounts for windows
2016-09-12 11:40:25 +02:00
Steven Danna
85cbe713d7
Add GitFetcher and rework Fetchers+SourceReaders
...
This adds a new git fetcher. In doing so, it also refactors how the
fetchers work a bit to better support fetchers that need to resolve
user-provided sources to fully specified sources appropriate for a
lockfile.
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-09 14:14:36 +01:00
Steven Danna
3777f06927
Remove some warnings during the test run
2016-09-09 14:14:36 +01:00
Christoph Hartmann
e61f71143d
add unit tests
2016-09-09 12:43:03 +02:00
Christoph Hartmann
73f93c2756
fix powershell based unit tests
2016-09-05 13:36:48 +02:00
Steven Danna
9bb65bd60c
Use per-profile execution contexts for library loading
...
Previously, libraries were loaded by instance_eval'ing them against
the same execution context used for control files. All resources were
registered against a single global registry when the `name` dsl method
was invoked. To obtain seperation of resources, we would mutate the
instance variable holding the globale registry and then change it back
at the end.
Now, we instance_eval library files inside an anonymous class. This
class has its own version of `Inspec.resource` that returns another
class with the resource DSL method and the profile-specific resource
registry.
2016-09-04 20:55:20 +02:00
Steven Danna
5fdf659df1
Load all dependent libraries, even if include_context isn't called
...
The goal of these changes is to ensure that the libraries from
dependencies are loaded even if their controls are never included. To
facilitate this, we break up the loading into seperate steps, and move
the loading code into the Profile which has acceess to the dependency
information.
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-04 20:55:20 +02:00
Steven Danna
384ccb610c
Initial attempt at isolating resources between dependencies
...
Previously, all resources were loaded into a single resource registry.
Now, each profile context has a resource registry, when a profile's
library is loaded into the profile context, we update the
profile-context-specific resource registry. This local registry is
then used to populate the execution context that the rules are
evaluated in.
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-04 20:55:20 +02:00
Christoph Hartmann
a116406b4e
Merge pull request #1014 from jeremymv2/fix_apache_conf
...
Fix apache conf
2016-09-04 20:18:16 +02:00
Victoria Jeffrey
99ce09c4ac
fix inherited profile cli report
2016-09-04 18:28:01 +02:00
Jeremy J. Miller
d5b2e4bf53
removed testing artifact
2016-09-02 22:04:06 -04:00
Jeremy J. Miller
03cb244e84
removed superflous Listen 80
2016-09-02 22:02:47 -04:00
Jeremy J. Miller
c0d105671e
better description for tests
2016-09-02 22:00:12 -04:00
Jeremy J. Miller
1b92d15d8f
added unit tests
2016-09-02 21:55:28 -04:00
Victoria Jeffrey
5d5aa6354d
fix and add test
2016-09-01 20:39:52 -04:00
Steven Danna
3a6e610de9
Allow functional tests to pass on OSX
...
A few minor issues were causing 3 functional test failures on OS X.
These were not program errors but where rather the result of the
profiles under test assuming a linux environment.
Since many of the developers who will work on this project in the future
will be running OS X, let's ensure they can run the functional tests
easily.
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-26 15:25:59 +02:00
Christoph Hartmann
efb2e08a16
add tests for users with sid on windows
2016-08-26 09:40:24 +02:00
Christoph Hartmann
64a5a4d082
switch from os-hardening to ssh-hardening profile
2016-08-25 14:42:55 +02:00
Steven Danna
6034ece853
Initial control isolation support
...
The goal of this change is to provide an isolated view of the available
profiles when the user calls the include_controls or require_controls
APIs. Namely,
- A profile should only be able to reference profiles that are part of
its transitive dependency tree. That is, if the dependency tree for a
profile looks like the following:
A
|- B --> C
|
|- D --> E
Then profile B should only be able to see profile C and fail if it
tries to reference A, D, or E.
- The same profile should be include-able at different versions from
different parts of the tree without conflict. That is, if the
dependency tree for a profile looks like the following:
A
|- B --> C@1.0
|
|- D --> C@2.0
Then profile B should see the 1.0 version of C and profile D should
see the 2.0 profile C with respect to the included controls.
To achieve these goals we:
- Ensure that we construct ProfileContext objects with respect to the
correct dependencies in Inspec::DSL.
- Provide a method of accessing all transitively defined rules on a
ProfileContext without pushing all of the rules onto the same global
namespace.
This does not yet handle attributes or libraries.
2016-08-25 14:42:55 +02:00
Christoph Hartmann
1300900693
add unit test for local fetcher with windows path support
2016-08-24 16:23:27 +02:00
Annie Hedgpeth
fe5c7c49a4
Attempt at a bug fix to read backslashes as forward slashes in local fetcher
2016-08-24 15:11:20 +02:00
Christoph Hartmann
956d3b7292
add unit test for new package resource
2016-08-24 14:40:26 +02:00
Anirudh Gupta
4041f1898e
can check windows service startup mode now
2016-08-24 02:01:10 +05:30
Steven Danna
366e65b198
Add the start of tests for the Resolver class
...
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-23 14:50:12 +01:00
Christoph Hartmann
95029203cd
unique controls for dependency tests
2016-08-19 09:47:41 +02:00
Steven Danna
d779dd53ae
Move all dependency related classes into inspec/dependencies
...
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-19 09:47:40 +02:00
Steven Danna
2041a08aa2
Fetch deps based on urls
...
This extends the dependency feature to include support for url-based
dependencies. It takes some deviations from the current support for
URLs that we'll likely want to make more consistent.
By default, we store downloaded archives in the cache rather than the
unpacked archive. However, to facilitate debugging, we will prefer the
unpacked archive if we find it in the cache.
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-19 09:47:40 +02:00
Steven Danna
34ae3122e9
Fix recursive deps for path-based deps
...
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-18 16:02:16 +02:00
Christoph Hartmann
1d8f8bb3e3
restructure unit tests
2016-08-18 13:47:43 +02:00
Christoph Hartmann
c23263f3d0
handle xinetd config with only one entry
2016-08-16 17:23:22 +02:00
Steven Danna
b5cd64d16a
Ignore comment lines in /etc/passwd
...
Most passwd/shadow implementations treat lines that start with '#' as
comments. For example, the implementation in OS X:
if (buf[0] == '#') {
/* skip comments for Rhapsody. */
continue;
}
https://opensource.apple.com/source/remote_cmds/remote_cmds-41/rpc_yppasswdd.tproj/passwd.c
Fixes #725
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-16 10:54:52 +02:00
Victoria Jeffrey
6f198f539b
cleanup
2016-08-16 10:01:10 +02:00
Victoria Jeffrey
cf771ab967
ssh_config parse should be case insensitive
2016-08-16 10:01:10 +02:00
Alex Pop
353dcf10ec
make netstat default for getting ports and get only listening ones
2016-08-12 16:02:56 +01:00
Steven Danna
afddebaf3f
Add inspec env
command to configure shell tab-completion
...
This adds a new subcommand:
inspec env [SHELL]
which outputs a shell-appropriate completion script that the user can
source into their shell:
eval "$(inspec env SHELL)"
Currently, we provide completions for ZSH and Bash. The completion
scripts are generated from the data Thor collects.
If the user doesn't provide SHELL we attempt to detect what the user's
shell may be using a number of methods.
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-10 02:07:53 +01:00
Steven Danna
13ebea48e1
Allow port to be specified as a string
...
This allows the user to write:
describe port(22) do
it { should be_listening }
end
as well as
describe port('22') do
it { should be_listening }
end
without hitting an error.
Fixes #867
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-05 14:01:08 +02:00
Christoph Hartmann
d9a1a500d0
add params and content method to parse_config
2016-08-05 12:13:56 +02:00
Steven Danna
57d7275857
Update inspec for os[:family] change in Train
...
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-04 13:32:35 +01:00
Dominik Richter
c2f34932ad
add port resource for windows 2008
...
using `netstat -an`
2016-07-21 14:58:43 +02:00
Dominik Richter
c6644ebdfe
check service running by ActiveState
...
See http://unix.stackexchange.com/questions/159174/differences-between-inactive-vs-disabled-and-active-vs-enabled-services
2016-07-06 12:57:04 +02:00
Christoph Hartmann
9bdb01f1d5
improve wmi resource
2016-06-19 23:40:45 +02:00
Dominik Richter
f93084520f
introduce cli report formatter
2016-06-15 17:11:29 +02:00
Dominik Richter
2db8d83d56
support intra-libraries file referencing + loading
...
solves https://github.com/chef/inspec/issues/779
2016-06-03 22:54:35 +02:00
Dominik Richter
302a718b48
list arbitrary ports and query it
...
utilizing filter table to make port more flexible and useful.
2016-05-31 03:14:07 +02:00
Dominik Richter
02dae2c3c5
add simple style for filter table data
...
for quick flattening, filtering, and non-nil results. this also simplifies some interal calls and structure
2016-05-31 03:01:03 +02:00
Christoph Hartmann
e9ca7107b0
add tests for os resource
2016-05-31 00:01:26 +02:00
Dominik Richter
d6345ffd17
add resource to filter table blocks
...
i.e. get access to the original resource for more information and calls.
2016-05-30 23:31:14 +02:00
Anirudh Gupta
4a9d9a4757
fixed 'it' statements under file_test
2016-05-16 19:24:14 +05:30
Dominik Richter
67f7a5936c
catch corner-case with symbols on test-objects
2016-05-13 20:39:17 +02:00
Dominik Richter
603e3e21b3
fix construction of ruby objects on string and array handlers
2016-05-13 19:07:43 +02:00
Dominik Richter
dde4433933
use struct for processes list
...
we know all the fields + struct is fully compatible to the curren hash implementation
2016-05-13 11:22:56 +02:00
Alex Pop
2a9d9b5481
return empty array instead of nil to be .each friendly
2016-05-11 22:21:22 +01:00
Victoria Jeffrey
1811eb6666
Expose label for processes only on linux
2016-05-10 13:59:13 -04:00
Alex Pop
9ded3b8835
Provide service params as a mash, empty unless systemd for now
2016-05-09 14:54:09 +02:00
Dominik Richter
5d925b2851
api: make processes return integers for pid/vsz/rss
2016-05-06 16:49:21 +02:00
Alex Pop
c518b9edc2
expose systemd service properties via .info
2016-05-06 13:36:42 +02:00
Dominik Richter
b14495051a
prevent duplicate profile-loading
...
this happens when the profile is run (exec) and also interpreted (via profile.params). It will load 2 profile context calls (both via Runner) which in turn gets 2 rounds of interpreter+runner executions. This is an issue with auto-generated IDs, due to their random component, which changes in this case
2016-05-06 13:14:40 +02:00
Dominik Richter
20d08a63b5
inspec --format [json|fulljson|rspecjson] overhaul
...
Full rewrite of all formatters. Create a minimal JSON, a full JSON, and a fallback RSpec formatter. The latter is only needed for corner cases and should not really be used. The former 2 are for (1) running `inspec json` followed by `inspec exec` (`--format json`) and (2) running just `inspec exec --format fulljson`.
2016-05-06 13:14:40 +02:00
Dominik Richter
a809097d12
simplify full_id generation
2016-05-06 13:14:40 +02:00
Dominik Richter
fc718267c4
extend filter table to handle soft variable lookup
2016-05-04 15:27:58 +02:00
Dominik Richter
fb91b788a6
use filtertable with passwd resource
2016-05-04 15:27:58 +02:00
Alex Pop
f78afe0d75
Use only strings in resource examples, docs and tests
2016-05-03 23:27:18 +01:00
Anirudh Gupta
738ef69bcf
prefixed hpux to cmd file name
2016-05-03 21:38:39 +05:30
Anirudh Gupta
d839f218bf
hpux support for basic port properties
2016-05-03 14:30:59 +05:30
Alex Pop
56d856531b
support basename parameter and add tests
2016-04-29 13:40:32 -04:00
Dominik Richter
0c8e891ee1
add #entries to filter table + remodel configuration
2016-04-28 22:46:39 +02:00
Dominik Richter
048a1584b9
encapsulated filters
2016-04-28 22:46:39 +02:00
Dominik Richter
652f10ad9a
use Inspec::Filter in xinetd resource
2016-04-28 22:46:39 +02:00
Christoph Hartmann
ab9f5f9c1a
Merge pull request #682 from Anirudh-Gupta/hpux
...
Hpux
2016-04-27 06:29:05 -07:00
Anirudh Gupta
045d8c6572
added file permission by user check for hp-ux
2016-04-26 15:08:01 +05:30
Anirudh Gupta
1330e09df5
added file permission by user check for hp-ux
2016-04-26 14:53:28 +05:30
Christoph Hartmann
2242790528
Merge pull request #678 from Anirudh-Gupta/hpux
...
added hpux user and package resource support
2016-04-25 07:22:19 -05:00
Dominik Richter
d0760662ce
bugfix: restore pax_global_header fetcher filter
...
The original tests were deactivated. Reactivate and fix the implementation.
TODO: verify that this matches expectations
2016-04-24 02:38:22 -04:00
Dominik Richter
bc724c81ff
fix legacy supports call
...
as reported by Jeremy Miller and Alex Pop
2016-04-22 11:15:57 -04:00
Anirudh Gupta
75534fdaa5
added hpux user and package resource support
2016-04-21 14:01:56 +05:30
Dominik Richter
9da23f9cbc
remodel bash and shell wrappers
2016-04-18 11:48:42 -04:00
Dominik Richter
0631779412
configure command execution shells to sh/bash/zsh
2016-04-18 01:09:37 -04:00
Thomas Cate
0f8aff0b91
added default and per kernel checking
2016-04-17 10:46:35 -04:00
Thomas Cate
3051ead64d
added tests for grub_conf resource
2016-04-17 10:46:29 -04:00
Dominik Richter
f54195408f
simplify key symbolization in metadata
2016-04-16 18:47:59 -04:00
Dominik Richter
14995534cd
skip profiles if the platform isnt supported
2016-04-16 15:34:23 -04:00
Dominik Richter
a1188b26ce
add supports_runtime? to metadata
2016-04-16 15:25:59 -04:00
Jacob McCann
9dbf5354e5
Add 'static' value as enabled to systemd service enabled check
2016-04-13 14:44:28 -05:00
Dominik Richter
fb54c4ea24
api: inspec.yml supports now adds tests w/o running
...
Instead of just removing all tests because of OS support, supports now acts by adding all tests to the execution context, but doesnt actually execute them. Instead tests are set to skip before they get to the actual execution context
2016-04-06 11:28:52 +02:00
Dominik Richter
c55fb0b587
prevent only_ifs from getting overwritten
2016-04-06 10:46:36 +02:00
Dominik Richter
a72fee6623
add only_if for controls
2016-04-06 10:46:36 +02:00
Dominik Richter
c73afd4c1c
overhault rule/control internals
...
instead of keeping them as flat variables, prefix all internals with `__` to create consistency. Also add accessors on the class-level to expose these values in all rules. This way we keep all variable-names in one location and get some safety on access.
2016-04-06 10:46:36 +02:00
Dominik Richter
598e8be07f
don't remove controls with only_if
...
instead mark them as skipped, but don't just remove them.
This also introduced a number of tests around only_if on the global level
2016-04-06 10:15:53 +02:00
Dominik Richter
2cad553de8
add advanced passwd filters (experimental)
2016-03-31 02:03:20 +02:00
Alex Pop
3c3d711dfd
bugfix: fix rare inspec shell missing all resources
...
In some instances, when running inspec shell, you dont get any resources inside of it. i.e. `inspec shell` and then `os` will lead to
```ruby
NameError: undefined local variable or method `os' for
from (pry):1:in `add_content'
```
This is because of instance_eval loading withing the given source/line
information and not attaching to the profile context which actually has
all the resources. Fix it by making sure that inspec shell always
attaches to the profile context with resources by providing nil for
source and line information.
2016-03-24 20:37:46 +01:00
Christoph Hartmann
cd57b26bd0
wmi unit test
2016-03-20 11:53:56 +01:00
Christoph Hartmann
4c5a3ed412
add vbscript unit test
2016-03-19 19:04:31 +01:00
Christoph Hartmann
e8aa426846
add vbscript integration test
2016-03-19 19:04:31 +01:00
Christoph Hartmann
f50255486b
add support for addresses in port resource
2016-03-19 11:48:14 +01:00
Christoph Hartmann
32a065239c
update unit test, add integration test
2016-03-18 15:47:00 +01:00
Dominik Richter
76fe4483d4
feature: add tags and refs
2016-03-18 01:42:26 +01:00
Dominik Richter
b7e438eabc
add a mock fetcher
2016-03-17 23:37:09 +01:00
Dominik Richter
ca5f7b822b
add tests for resource plugin
2016-03-17 15:58:20 +01:00
Dominik Richter
387415859e
rename internal File
-> FileResource
2016-03-09 10:48:48 +01:00
Dominik Richter
ccf2694940
bugfix: inheritance of local profiles
2016-03-08 14:59:14 +01:00
Dominik Richter
e617f74bcd
filter xinetd fields by regex
2016-02-26 14:46:51 +01:00
Dominik Richter
4a39275fc0
add xinetd_conf resource
2016-02-26 13:19:16 +01:00
Dominik Richter
e9ffc85b53
test for empty global describe block
2016-02-25 14:30:27 +01:00
Dominik Richter
3ae50adae9
feature: conditional OR via describe.one
...
```
describe.one do
describe command("uname -r").stdout do
it { should_not match /x86_64/ }
end
describe test_sth_for_x64_processors do
...
end
end
```
2016-02-25 14:30:23 +01:00
Christoph Hartmann
ee7adc24ec
add unit tests
2016-02-22 18:24:16 +01:00
Stephan Renatus
2da97df5f0
test: read mock-archives in binary mode
...
this doesn't hurt in *nix, but makes tests pass on windows.
2016-02-22 13:47:33 +01:00
Stephan Renatus
c24a504cb6
tests: clarify kind_of's
2016-02-22 12:06:42 +01:00
Stephan Renatus
8d572934eb
tests: make this work on non-linux
2016-02-22 12:06:42 +01:00
Stephan Renatus
e67576b1cd
tests: make non-existant files explicit
2016-02-22 12:06:42 +01:00
Dominik Richter
33b2876d7c
fix tests and lint
2016-02-22 12:06:42 +01:00
Dominik Richter
d065794d96
remove old target interface
2016-02-22 12:06:42 +01:00
Dominik Richter
1e1e473cb0
replace target-helper with fetcher+reader
2016-02-22 11:24:35 +01:00
Dominik Richter
202a781f6a
fail on incorrect metadata of url download
2016-02-22 11:24:35 +01:00
Dominik Richter
c79d9f7777
add flat source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
c9d1272f49
add relative fetcher
...
This helps reduce any folder structures, weather on disk or in archives, to their relative root paths; i.e. ignore all file-prefixes that are given and go directly to the underlying files, relative to the common folders that contain it
2016-02-22 11:24:35 +01:00
Dominik Richter
f023d02bbb
add inspec source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
125ee53041
create source_reader plugin structure
2016-02-22 11:24:35 +01:00
Dominik Richter
d293550375
chain fetchers together
2016-02-22 11:24:35 +01:00
Dominik Richter
7b073fe153
add url fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
4e830ffc24
add tar fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
1c29667523
add zip fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
a83e29cc01
add local fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
1e096c7181
add shadow resource for /etc/shadow
2016-02-19 14:26:04 +01:00
Christoph Hartmann
3f6b89e24d
extend github url support
2016-02-19 09:12:25 +01:00
Dominik Richter
1fa957c8ca
ensure deprecated methods still work
2016-02-18 16:25:02 +01:00
Dominik Richter
83fcc35d2a
expose all fields + deprecate singular accessors
2016-02-18 16:10:42 +01:00
Christoph Hartmann
26276ca991
use ruby zip and tar for unit tests
2016-02-18 14:27:16 +01:00
Dominik Richter
b8cce5d3c7
create zip for test helper in ruby
...
The zip command is not always there. (e.g. i dont have it on my box). just use the available zip library
2016-02-18 14:25:55 +01:00
Dominik Richter
b872c04616
bugfix: url helper loading zip and tar
2016-02-18 14:25:55 +01:00
Dominik Richter
509088ba5d
share test helpers for loading profile archives
2016-02-18 14:25:55 +01:00
Dominik Richter
e354854fc9
bugfix: dont skip url target unit test
2016-02-18 14:25:55 +01:00
Dominik Richter
33f58b3348
add tests for runlevel testing
2016-02-14 18:37:20 +01:00
Dominik Richter
36cbafc438
add runlevel helper object to services
2016-02-14 18:23:58 +01:00
Dominik Richter
0934948a1a
support runlevels for system V + service matching
...
Bugfix: there were services that would get matched because of the way the regex was constructed, i.e. if the user inserted `.` or `*` or anything regexy. Even if the service only had part of the name you were interested in, it would match (e.g. `sshd` would find `my_sshdaemon`).
Apart from this, runlevels are now detected for SystemV. This is exposed in `#info`
2016-02-13 02:11:51 +01:00
Stephan Renatus
e184347c6d
iptables unit test: add comment examples
...
this is not broken; but it should stay not broken ;)
2016-02-10 09:57:32 +01:00
Stephan Renatus
4b6eced92a
auditd_rules: access by key, tests + documentation
2016-02-09 11:51:52 +01:00
Stephan Renatus
cd5f47ed33
auditd_rules: unit tests, meet the real world
2016-02-09 11:51:52 +01:00
Stephan Renatus
664561aa80
auditd_rules: status querying (old/new) and unit tests
...
TODO: unit tests for the legacy format
2016-02-09 11:51:52 +01:00
Stephan Renatus
b18936d704
move simple_config_test.rb to utils/
2016-02-09 11:51:52 +01:00
Stephan Renatus
57db5a9414
unit test FilterArray, make retrieved values unique
2016-02-09 11:51:52 +01:00
Stephan Renatus
4afb22565e
auditd_rules: teach old dog new tricks
2016-02-09 11:51:52 +01:00
Stephan Renatus
2afc29e48f
auditd_rules: stash legacy behaviour away
2016-02-09 11:51:52 +01:00
Dominik Richter
ac6d7fb76f
fix unit tests for winrm 1.6.1 command scheme
2016-02-09 11:05:36 +01:00
Dominik Richter
e56321f6c7
semantics: rename CLI plugins registry -> subcommands
...
Basically make sure everyone understands these are only subcommands. we might consider adding plugins for options or existing commands instead of new subcommands. this just ensures everyone knows what registry is for
2016-02-09 01:20:38 +01:00
Christoph Hartmann
b7a88dbd7a
fix linting and unit test
2016-02-05 16:57:51 +01:00
Christoph Hartmann
3d7ee9d95b
add unit test for cli plugin
2016-02-05 14:06:55 +01:00
Stephan Renatus
688709356c
upstart_service: add version mock for ubuntu
2016-02-05 13:49:18 +01:00
Christoph Hartmann
86ee6a1298
extend unit tests
2016-02-04 18:46:23 +01:00
Christoph Hartmann
d7cb5a9ae0
adapt unit tests
2016-02-04 18:05:40 +01:00
Christoph Hartmann
81de512fbf
fix order of logging messages
2016-02-03 22:20:02 +01:00
Stephan Renatus
828d6ad443
Inspec::Profile fix @metadata
2016-02-03 16:47:49 +01:00
Stephan Renatus
1c76d723ff
Update tests
2016-02-03 15:42:33 +01:00
Dominik Richter
34bc94d13f
mock resource operating systems for tests
2016-01-29 21:55:08 +01:00
Christoph Hartmann
62844eee0c
add unit tests
2016-01-28 18:30:38 +01:00
Christoph Hartmann
678ee2b473
parse port information on solaris 10 and 11 via netstat
2016-01-28 18:30:38 +01:00
Stephan Renatus
b69dac698b
resources/launchd_service: add test
...
indicating that parsing is broken for non-running enabled services
2016-01-25 16:29:08 +01:00
Dominik Richter
88d2b26387
bugfix: write given ID to metadata json
...
Whenever the user provides an ID under which the profile is scoped, write it out to JSON during generation.
2016-01-25 15:48:56 +01:00
Christoph Hartmann
b30720f926
Merge pull request #380 from chef/sr/service-override
...
add service overrides for picking specific service managers, add runit_service
2016-01-21 13:35:23 +01:00
Stephan Renatus
7a308806aa
unit tests: add systemd_service instance with overridden service_ctl
2016-01-21 11:41:48 +01:00
Dominik Richter
d10207caca
warn about legacy supports fields in metadata
...
I.e.: Prevent users from writing `supports: linux` and similar. These are deprecated and will be removed. Also improve the warning to indicate what the user should do instead. Finally add tests to make sure we get all these.
2016-01-21 11:05:26 +01:00
Dominik Richter
cac102aeac
add profile tests (non-legacy)
2016-01-20 21:57:23 +01:00
Stephan Renatus
5c0cdb31c9
*_service: add unit tests
...
NB I've just added default duplicates to one instance (i.e., there's
only one `systemd_service`), since there's no os-specific magic in them.
Also these tests only verify that the default choice is equivalent to
`service` on the tested distribution.
2016-01-20 15:54:36 +01:00
Stephan Renatus
0e410df69d
add *_service overrides, allowing for different control binaries
2016-01-20 15:33:18 +01:00
Dominik Richter
611487e956
clearly identify legacy profile tests and fix identification
2016-01-19 15:48:06 +01:00
Dominik Richter
8c464965c1
extract example group creation
...
and restore profile tests that had been completely mocked until now
2016-01-19 15:48:06 +01:00
Dominik Richter
dd2d93fd6f
completely separate rspec runner parts
2016-01-19 15:48:06 +01:00
Dominik Richter
4064e63df5
add tests for loading metadata yaml internals
2016-01-15 20:51:34 +01:00
Dominik Richter
acbc345321
make metadata.rb legacy mode consistent for supports
...
Before introducing InSpec profiles in https://github.com/chef/inspec/pull/252 we had `metadata.rb` keep all information. This included an undisclosed field called `supports`. However, this field was never actually used in practice. So for legacy profiles, this means that `supports` was ignored. In order to keep old profiles running in exactly the way they were before, ignore this field when reading from metadata.rb
2016-01-15 18:58:18 +01:00
Jeremy W. Chalfant
a2ea1da6e3
move all lsof to formmated output (-F)
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
b363e1d147
formatted lsof mockup
2016-01-14 23:03:24 -05:00
Mark Harrison
f5780b69a4
Correctly detect UDP ports on linux
...
netstat on UDP lines doesn't display a port state (e.g. LISTEN), so make this
field optional when parsing the netstat line.
2016-01-14 22:53:38 -05:00
Stephan Renatus
5c17f8b643
regexp github url targets, add tests for Inspec::Targests::UrlHelper
...
replacing occuring http:// with https:// is probably ok, github
redirects to https anyways
2016-01-14 12:05:58 -05:00
Jacob McCann
f25ab3a373
Fix systemd service enabled check
2016-01-11 15:32:33 -06:00
Christoph Hartmann
a1ddbe4cf2
explicitly ignore supports for inspec check
2016-01-10 23:59:57 -05:00
Stephan Renatus
a26dbe146d
fix reading profiles bug
...
For reading the profiles metadata, we're using the train mock backend
through Inspec::Runner. The new `supports` feature never agrees with the
mock backend.
Now, it we figure out if this is a mock class and then just say that it
supports whatever we're asking for.
Tl;dr: there's probably a more beautiful solution to this.
Added a test case, but it fails -- while the command line interface
works fine.
2016-01-07 15:16:49 -08:00
Christoph Hartmann
a72ba94f10
handle mount results with multiple entries
2016-01-03 00:03:24 +01:00
Christoph Hartmann
a5acb03e49
add mount
resource
2016-01-03 00:03:24 +01:00
Christoph Hartmann
c7b7eccb5d
update unit test for new parser
2016-01-03 00:03:24 +01:00
Christoph Hartmann
167aa6bdfb
add test for unsupported os
2016-01-02 21:27:40 +01:00
Dominik Richter
d6f48d3534
catch empty support clause
2015-12-31 17:57:59 +01:00
Dominik Richter
af8e4e93ca
add supports keyword to profiles
2015-12-31 17:54:13 +01:00
Dominik Richter
526932584d
fix metadata validation
2015-12-28 13:35:38 +01:00
Dominik Richter
7473dea1f2
ignore auto-generated controls during verify check
2015-12-23 11:11:49 +01:00
Dominik Richter
b2e0fac625
change check errors on summary+title to warnings
2015-12-23 09:18:59 +01:00
troyready
29f954f7f3
add release to el pkg version & catch missing linebreaks
...
Package release info (e.g. '19.el7') is often required to determine if
a system has been properly patched.
Lines like the following from rpm are messing up the version returned
by the package resource:
"...\nVersion : 1.8.6p3 Vendor: Red Hat, Inc.\n..."
Correcting this with a new conditional check.
2015-12-11 13:05:22 -08:00
Stephan Renatus
652d51e9dc
[resource/port] add port(addr, port)
variant
2015-12-08 20:33:36 +01:00
Stephan Renatus
8532dd7034
[resource/port] change attribute names to plural, indicating arrays
...
see discussion in #256
2015-12-08 20:33:36 +01:00
Adam Leff
c146a76679
File permission checks should return false unless file exists
...
Currently, #readable?, #writeable?, and #executable? will incorrectly
return true if the file does not exist.
In addition, I took the opportunity to refactor the File resource to
make it easier to write unit tests and supplied a full unit test
suite for this resource.
2015-12-08 19:57:34 +01:00
Stephan Renatus
7a1cd660c3
[resources/processes] add users, states attribute; update docs
...
processes('bash').user does not actually make much sense for a resource
that is a list -- different entries can belong to different users.
Analogous for processes('bash').state.
The attributes 'users' and 'states' expose the unique values
corresponding to that property of entries in the process list.
Fixes #295 .
2015-12-08 13:06:27 +01:00
Stephan Renatus
79f48afa6c
[resources/apache_conf]: add tests, fix bug
...
before, the resource would throw an exception when include_files
returned nil (i.e., [].flatten!)
added basic unit tests capturing the include_files behaviour
2015-12-07 10:50:48 +01:00
Christoph Hartmann
7c393a1891
Merge pull request #291 from chef/sr/fix-find_files
...
revert to old find_files interface
2015-12-04 14:41:36 +01:00
Stephan Renatus
324ba14a6b
fix optional type argument handling
2015-12-04 14:27:32 +01:00
Stephan Renatus
390e0fcca7
restore old find_files interface
...
- fixes #276
- basic test for find_files
2015-12-04 14:15:45 +01:00
Adam Leff
e0c356dae7
Adding support for Wind River Linux
...
WRL is used as the OS on Cisco Nexus devices and acts like a Red
Hat variant. These changes add support for WRL.
2015-12-03 17:41:11 -05:00
Christoph Hartmann
9231833cad
add unit tests for user resource that cover ldap groups
2015-11-24 18:35:10 +01:00
Christoph Hartmann
0531976a40
implement unit tests for ini resource
2015-11-24 16:46:17 +01:00
Seth Chisamore
beade346bf
Add Windows support to the os_env
resource
...
This change allows checks like:
```
describe os_env('PATH') do
its('split') { should include('C:\wix') }
end
```
2015-11-19 15:41:00 +01:00
Dominik Richter
d9ded1d38d
test for multiple computed calls to flat describe
2015-11-19 14:28:37 +01:00
Dominik Richter
3afd0d556d
fix typos
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-11-19 14:17:18 +01:00
Christoph Hartmann
27de925c2b
update mock command for registry key
2015-11-17 22:28:11 +01:00
Christoph Hartmann
38e982709e
update unit test
2015-11-17 22:28:11 +01:00
Dominik Richter
17ce88b63d
api: don't force root on os_env
2015-11-13 12:10:22 +01:00
Dominik Richter
8d682973b0
extend csv tests, remove dot-resolver
2015-10-27 15:58:02 +01:00
Dominik Richter
e0874b47b1
extend yaml tests, remove dot-resolver
2015-10-27 15:58:02 +01:00
Dominik Richter
a55e240a0f
extend json tests, remove dot-resolver
2015-10-27 15:58:02 +01:00
Dominik Richter
7779cdb469
add simple tests for profile
2015-10-27 02:29:11 +01:00
Dominik Richter
414bf6b1fa
bugfix: handle empty processes result
2015-10-26 16:49:26 +01:00
Dominik Richter
6dc0a3b638
rename inetd_config -> inetd_conf
...
be consistent with the filename
2015-10-26 16:21:51 +01:00
Dominik Richter
95242bf9c2
add content parser tests
2015-10-26 15:50:57 +01:00
Dominik Richter
b58a4b3f43
rename vulcanosec -> inspec
2015-10-26 12:34:15 +01:00
Christoph Hartmann
126ce88bce
fix unit tests
2015-10-26 12:16:38 +01:00
Dominik Richter
20dae26925
split methods for processing rules and checks after loading
2015-10-19 09:49:40 +02:00
Dominik Richter
d66f874e1c
feature: support expect keyword in rules
2015-10-18 19:14:22 +02:00
Dominik Richter
f2e955eb37
test: add tests for rule.describe
2015-10-18 19:11:56 +02:00
Dominik Richter
b38adfc6b2
test: add profile context tests
2015-10-18 19:11:56 +02:00
Dominik Richter
ec0931ef9c
test: group resource tests
2015-10-17 22:53:21 +02:00
Dominik Richter
be614e9056
migrate backend to Train project
2015-10-14 23:13:49 +02:00
Christoph Hartmann
7635a20756
flatten describe tests
2015-10-12 13:35:16 +02:00
Christoph Hartmann
7096b3cd9a
remove let in tests
2015-10-12 13:35:15 +02:00
Christoph Hartmann
dd2fb7938f
ease windows feature test
2015-10-12 13:35:15 +02:00
Christoph Hartmann
d666ce84a2
fix describe in unit tests
2015-10-12 13:35:15 +02:00
Christoph Hartmann
128eb4a7f6
add tests for iptables
2015-10-12 10:34:24 +02:00
Christoph Hartmann
9774ec7984
add test coverage for apt
2015-10-10 23:28:03 +02:00
Christoph Hartmann
2176039120
add linux tests for host
2015-10-09 19:27:29 +02:00
Christoph Hartmann
5a70133330
add mock files for host windows tests
2015-10-09 19:27:07 +02:00
Christoph Hartmann
80b38412e6
add tests for windows
2015-10-09 19:21:55 +02:00
Christoph Hartmann
3126a46b1e
add bridge unit tests for windows
2015-10-09 15:26:59 +02:00
Christoph Hartmann
74729f5779
add more unit test cases
2015-10-09 15:10:43 +02:00
Christoph Hartmann
b2ed180885
add bridge test for linux
2015-10-09 15:07:58 +02:00
Christoph Hartmann
9d92abf524
add windows support to network adapter
2015-10-08 13:01:50 +02:00
Christoph Hartmann
153c670952
introduce better network interface abstraction, add test cases
2015-10-08 13:01:50 +02:00
Christoph Hartmann
d2997400df
add author information
2015-10-07 18:45:08 +02:00
Christoph Hartmann
9c893c5653
add mock result for GetWin32 Group
2015-10-07 18:45:08 +02:00
Christoph Hartmann
737df5348a
add test coverage for group resource
2015-10-07 18:45:08 +02:00
Christoph Hartmann
537728b41b
test case where group or os is not available
2015-10-07 18:45:08 +02:00
Christoph Hartmann
c17be0438a
add unit tests for group resource
2015-10-07 18:45:07 +02:00
Christoph Hartmann
e57505739e
improvement: return gids in etc_group as integer
2015-10-07 18:45:07 +02:00
Christoph Hartmann
028e7f977e
filter comments in /etc/group
2015-10-07 18:45:07 +02:00
Christoph Hartmann
df9411e529
rename test from etcgroup
2015-10-07 18:45:07 +02:00
Christoph Hartmann
9295a60913
add test case for script resource
2015-10-07 13:13:37 +02:00
Christoph Hartmann
8fff2ee989
add author header
2015-10-06 18:55:44 +02:00
Christoph Hartmann
f38ce7d5f4
bugfix: fix error, where the winrm default path is not set properly by default
2015-10-05 15:35:02 +02:00
Christoph Hartmann
6b2064ad89
return password expiry information for linux
2015-10-05 11:50:49 +02:00
Christoph Hartmann
cab93a178a
add tests for user resource
2015-10-05 11:50:49 +02:00
Dominik Richter
369e61d0cd
feature: add path to target specification
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-03 23:39:09 +02:00
Christoph Hartmann
e139070923
increase test coverage for oneget
2015-10-03 13:27:20 +02:00
Dominik Richter
8b97bdbaa7
expose simpleconfig groups
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:18:09 +02:00
Dominik Richter
4d70aed6ee
add tests for simple config
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:14:38 +02:00
Dominik Richter
4e15e425a4
move darwin to bsd type
...
see: https://en.wikipedia.org/wiki/Darwin_%28operating_system%29#/media/File:Unix_timeline.en.svg
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 12:14:40 +02:00
Dominik Richter
4f0c0d7f21
add unit tests to os common detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:52:50 +02:00
Christoph Hartmann
a53b2d66c5
add comments
2015-09-25 12:58:34 +02:00
Christoph Hartmann
46fcb334da
bugfix: use debian 8 for systemd unit test
2015-09-25 12:58:26 +02:00
Christoph Hartmann
007d292890
rewrite systemv service implementation, read enabled services from rc
2015-09-25 12:58:03 +02:00
Christoph Hartmann
2901dde219
add systemv service unit tests
2015-09-25 12:54:19 +02:00
Christoph Hartmann
11ffdeddad
improvement: return nil, if no description for service is available
2015-09-25 12:54:08 +02:00
Christoph Hartmann
86cd56c5c3
add unit test for service resource on ubuntu 15.04
2015-09-25 12:53:55 +02:00
Christoph Hartmann
5be574693f
add unit tests for freebsd service resource
2015-09-25 12:53:40 +02:00
Christoph Hartmann
d5d517af0a
improve service handling for mac and add unit tests
2015-09-25 12:51:12 +02:00
Christoph Hartmann
36ad0dd5a0
add arch linux support for service resource
2015-09-25 12:48:57 +02:00
Christoph Hartmann
45081735ad
add debian 8 mock test for service resource
2015-09-25 12:48:48 +02:00
Christoph Hartmann
cb3d170ce6
add centos 7 unit mock for service resource
2015-09-25 12:48:21 +02:00
Christoph Hartmann
1936383120
add service unit tests for ubuntu 14.04
2015-09-25 11:52:33 +02:00
Christoph Hartmann
3e16791f52
bugfix: catch case in service resource, where the OS is not supported
2015-09-25 11:52:33 +02:00
Christoph Hartmann
cf8a75f233
improvement: make service tests os dependent
2015-09-25 11:52:33 +02:00
Christoph Hartmann
3807a7412c
add package unit test for windows
2015-09-23 23:30:31 +02:00
Christoph Hartmann
5151f42d7d
add package unit test for unsupported os
2015-09-23 23:30:31 +02:00
Christoph Hartmann
61143907c2
add versions to package unit tests
2015-09-23 23:30:31 +02:00
Christoph Hartmann
52e4459d61
rename pacman mock file
2015-09-23 23:30:31 +02:00
Christoph Hartmann
943eef4ef3
make package unit tests os dependent
2015-09-23 23:30:31 +02:00
Christoph Hartmann
672f196a76
update port tests
2015-09-23 23:15:40 +02:00
Christoph Hartmann
cd6dbd03a1
add sockstat mock result
2015-09-23 23:15:37 +02:00
Christoph Hartmann
d889f0b0b1
port resource support for FreeBSD
2015-09-23 23:08:54 +02:00
Christoph Hartmann
b47ec509fd
port resource support for Windows
2015-09-23 23:08:19 +02:00
Christoph Hartmann
4eeb84945c
port resource support for MacOS
2015-09-23 23:07:07 +02:00
Christoph Hartmann
c187230336
implement port resource for linux
2015-09-23 18:12:51 +02:00
Christoph Hartmann
bdb9a59264
simplify unit tests
2015-09-22 18:33:05 +02:00
Christoph Hartmann
39b697ccb7
implement os mock in unit tests
2015-09-22 18:31:21 +02:00
Christoph Hartmann
7155ca8f45
fix description with colon
2015-09-22 02:27:04 +02:00
Christoph Hartmann
4ea5a0bf97
fix description with colon
2015-09-22 02:27:04 +02:00
Christoph Hartmann
693d9cd0cf
add example.csv for unit test
2015-09-22 02:27:04 +02:00
Christoph Hartmann
5f7910a0cf
fix title
2015-09-22 02:27:04 +02:00
Christoph Hartmann
cf3dddf1a3
add csv support
2015-09-22 02:27:04 +02:00
Christoph Hartmann
b9d4fc6d8c
add yaml resource
2015-09-22 02:27:04 +02:00
Christoph Hartmann
0e43d4ca6a
add json resource
2015-09-22 02:27:04 +02:00
Dominik Richter
523263b4b6
simplify and extend tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:04 +02:00
Christoph Hartmann
8fc108bcd7
add tests
2015-09-22 02:27:04 +02:00
Christoph Hartmann
baee8daae8
add unit tests for windows feature
2015-09-22 02:27:03 +02:00
Dominik Richter
052143bdb8
adjust serverspec yum deprecation test
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
bb18ce52e2
update function+test calls from exists? -> exist?
2015-09-22 02:27:03 +02:00
Dominik Richter
38a77efb4a
fix failing tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Christoph Hartmann
9a6063c267
add resource test for windows
2015-09-22 02:26:59 +02:00
Christoph Hartmann
33f9dd8e87
add oneget resource
2015-09-22 02:17:21 +02:00
Dominik Richter
ddbaebae46
add mysql unit tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Christoph Hartmann
238f1b2016
add pip resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
bdb859b730
add npm resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
0171b2e2f2
add gem resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
02afd48576
add mock resources for package resource
2015-09-22 02:15:41 +02:00
Christoph Hartmann
9783751741
implement package resource
2015-09-22 02:15:41 +02:00
Dominik Richter
905f2a0a6f
remove duplicate key in test
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
305bb39668
add missing local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Christoph Hartmann
a7efec310b
implement yum resource
2015-09-22 01:10:56 +02:00
Christoph Hartmann
9554a4ac32
add audit_daemon resource test cases
2015-09-21 14:12:11 +02:00
Christoph Hartmann
90935e75e1
add unit test for audit_policy resource
2015-09-21 14:09:16 +02:00
Christoph Hartmann
888f8588fb
add unit test for registry_key resource
2015-09-21 14:08:27 +02:00
Christoph Hartmann
57ab2a816b
fix rubocop issues for bond unit test
2015-09-21 14:08:20 +02:00
Christoph Hartmann
ca2e0ed6cb
add unit tests for etc_group resource
2015-09-21 14:07:32 +02:00
Christoph Hartmann
fb3b4b1369
add unit test for inetd_conf
2015-09-21 14:05:42 +02:00
Christoph Hartmann
158e4ac1ab
add unit test for limits.conf
2015-09-21 14:03:24 +02:00
Christoph Hartmann
797d24c14a
add login_def resource unit test
2015-09-21 14:01:51 +02:00
Christoph Hartmann
faf7f44a42
add os_env unit test
2015-09-21 13:58:22 +02:00
Christoph Hartmann
0adf3314af
add ntp unit test
2015-09-21 13:57:42 +02:00
Christoph Hartmann
413267c322
add passwd unit test
2015-09-21 13:55:51 +02:00
Christoph Hartmann
1b643ae1da
implement security policy resource tests
2015-09-21 13:51:43 +02:00
Christoph Hartmann
08ad9704a7
move mock files to new sub-directory
2015-09-21 13:43:09 +02:00
Christoph Hartmann
03a7dd7176
implement unit test for processes resource
2015-09-21 13:43:09 +02:00
Christoph Hartmann
ae514959d2
add ssh unit tests
2015-09-21 13:38:54 +02:00
Christoph Hartmann
6a00ce8ebe
add utf-8 header to tests
2015-09-03 18:04:13 +02:00
Christoph Hartmann
abae94ba4e
improve test style
2015-09-03 18:03:51 +02:00
Christoph Hartmann
cf77e56118
add unit test for bond resource
2015-09-03 17:34:11 +02:00
Dominik Richter
f54fa6537a
use string for backend conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 14:56:08 +02:00
Dominik Richter
5ae3b13b38
use let instead of before
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 10:25:27 +02:00
Dominik Richter
199cb84ab3
not implemented only throws on missing methods
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 17:30:49 +02:00
Dominik Richter
1c2ab098f5
specify methods all backends must implement
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 11:53:25 +02:00
Dominik Richter
05b4167971
start backend and file tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:55:22 +02:00
Dominik Richter
32964c1e4e
tests for backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:19:23 +02:00