Dominik Richter
562f6ad732
add the Nginx parser
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-03 17:25:00 +02:00
Adam Leff
f14ed844a9
Merge pull request #1856 from chef/chris-rock/1828
...
Fix parameters to `find` commands
2017-05-31 14:35:32 -04:00
Christoph Hartmann
687f1a5827
update unit tests
...
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Christoph Hartmann
a6ef98c896
verifies that inspec.yml uses licenses in SPDX format
...
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Christoph Hartmann
57097ea2a9
fix #1828
...
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:20:42 -05:00
Dominik Richter
1dafe50bd9
rename SimpleConfig / parse_config / parse_config_file options
...
See https://github.com/chef/inspec/issues/1709
Fixes https://github.com/chef/inspec/issues/1709
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-04-26 23:18:40 +02:00
Dominik Richter
02e435b6d0
add rabbitmq config resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-04-12 20:51:12 +02:00
Adam Leff
ea7c0c493e
Provide a method-based accessor for SimpleConfig hashes
...
When SimpleConfig parses a config file that has sections, such as a mysqld
config file, the values within that section are returned via a Hash. However,
we do not provide an easy way to write tests for those deep hash values:
```
describe mysql_conf('/tmp/my.cnf') do
its('mysqld.expire_logs_days') { should cmp 10 }
end
MySQL Configuration
∅ undefined method `expire_logs_days' for #<Hash:0x007fe463795a00>
```
This change provides a method-based accessor for Hashes that are built via
SimpleConfig.
```
describe mysql_conf('/tmp/my.cnf') do
its('mysqld.expire_logs_days') { should cmp 10 }
end
MySQL Configuration
✔ mysqld.expire_logs_days should cmp == 10
```
Fixes #1541 by changing the way the attributes are fetched.
Signed-off-by: Adam Leff <adam@leff.co>
2017-03-15 14:49:16 -05:00
Adam Leff
4f2b66302d
Fix ObjectTraverser when accessing array values
...
When attempting to access array values via the `json` resource:
```
describe json('/tmp/test.json') do
its(['array',0]) { should eq "zero" }
end
```
... the resulting data would be an array of the size of the original array
with all the values replaced with nils:
```
expected: "zero"
got: [nil, nil, nil]
```
This was due to a bug in the ObjectTraverser mixin that mapped array values
back through `extract_value` rather than properly handling the passed-in
key(s). This worked fine for the specific data format created by the `csv`
resource but did not work `json` or any other resource that subclassed the
`JsonConfig` resource.
This change fixes the logic when dealing with an array when it's encountered,
and fixes up the `csv` resource with its own `value` method.
This change also adds tests for ObjectTraverser.
Signed-off-by: Adam Leff <adam@leff.co>
2017-03-15 11:35:55 +01:00
Makoto Nozaki
f913b56ffc
Avoid connection timeout of "inspec version" ( #1538 )
...
* Add open_timeout to NET::HTTP.start call
Signed-off-by: Makoto Nozaki <makoto.nozaki@twosigma.com>
* Code cleanup based on the discussion at #1538
Signed-off-by: Makoto Nozaki <makoto.nozaki@twosigma.com>
2017-03-06 09:23:42 -07:00
Joseph Benden
1fdecc6680
Add FreeBSD support for ZFS datasets and pools
...
The following new resources have been added; however, they
presently only support FreeBSD and similar.
* `zfs_dataset`: tests if a named ZFS dataset is present
and/or has certain properties.
* `zfs_pool`: tests if a named ZFS pool is present and/or
has certain properties.
Additionally, the `mount` resource has been reworked to
include support for FreeBSD; while the existing class
was renamed to LinuxMountParser.
Unit-tests were added for all of the above.
Signed-off-by: Joseph Benden <joe@benden.us>
2017-02-22 10:29:49 -07:00
Tom Duffield
1ea83f526c
Address rubocop violations
...
Signed-off-by: Tom Duffield <tom@chef.io>
2017-02-08 16:49:16 -06:00
Alex Pop
a3de32ad04
Fix xinetd parsing of services from the same file. Expose resource.protocols
...
Signed-off-by: Alex Pop <apop@chef.io>
2017-01-31 12:40:29 +00:00
Christoph Hartmann
f0cdad800f
display if inspec version is outdated
...
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-01-03 12:10:43 +01:00
Dominik Richter
441967510f
bugfix: support nil entries in filter table
2016-10-05 13:04:00 +02:00
Christoph Hartmann
c23263f3d0
handle xinetd config with only one entry
2016-08-16 17:23:22 +02:00
Steven Danna
b5cd64d16a
Ignore comment lines in /etc/passwd
...
Most passwd/shadow implementations treat lines that start with '#' as
comments. For example, the implementation in OS X:
if (buf[0] == '#') {
/* skip comments for Rhapsody. */
continue;
}
https://opensource.apple.com/source/remote_cmds/remote_cmds-41/rpc_yppasswdd.tproj/passwd.c
Fixes #725
Signed-off-by: Steven Danna <steve@chef.io>
2016-08-16 10:54:52 +02:00
Dominik Richter
70dd639471
move base_cli to lib/inspec
...
It is not a disconnected library, but a core component of inspec. Fix its location.
2016-07-26 20:11:25 +02:00
Dominik Richter
211a2e25fb
align inspec detect output
2016-06-16 13:00:09 +02:00
Dominik Richter
0fec9cca13
enhance cli output for inspec check
2016-06-16 13:00:09 +02:00
Dominik Richter
f93084520f
introduce cli report formatter
2016-06-15 17:11:29 +02:00
Christoph Hartmann
f1faf47112
introduce secrets backend
2016-06-14 02:49:47 +02:00
Dominik Richter
302a718b48
list arbitrary ports and query it
...
utilizing filter table to make port more flexible and useful.
2016-05-31 03:14:07 +02:00
Dominik Richter
02dae2c3c5
add simple style for filter table data
...
for quick flattening, filtering, and non-nil results. this also simplifies some interal calls and structure
2016-05-31 03:01:03 +02:00
Dominik Richter
d6345ffd17
add resource to filter table blocks
...
i.e. get access to the original resource for more information and calls.
2016-05-30 23:31:14 +02:00
Jeremy J. Miller
cfcc06a379
fix spelling
2016-05-15 11:04:23 -04:00
Jeremy J. Miller
9795879628
add sudo_command option
2016-05-15 07:22:18 -04:00
Dominik Richter
4d28fd8f31
remove inspec [exec|json|...] --id flag
2016-05-06 13:14:40 +02:00
Dominik Richter
67fccc1246
expose deprecated fields in passwd
2016-05-04 15:27:58 +02:00
Dominik Richter
fc718267c4
extend filter table to handle soft variable lookup
2016-05-04 15:27:58 +02:00
Dominik Richter
f30b6fb6f5
bugfix: handle train errors in inspec execution
2016-05-02 08:34:45 -04:00
Dominik Richter
6f612dc948
WIP add block support to where conditionals (1) passwd.users { != 2 } (2) add tests
2016-04-28 23:10:52 +02:00
Dominik Richter
0c8e891ee1
add #entries to filter table + remodel configuration
2016-04-28 22:46:39 +02:00
Dominik Richter
048a1584b9
encapsulated filters
2016-04-28 22:46:39 +02:00
Dominik Richter
d86161c616
add general filter utility for resources
2016-04-28 22:46:39 +02:00
Dominik Richter
01caf05020
add cmd for executing calls against the inspec api
2016-04-27 06:31:01 -07:00
Dominik Richter
9da23f9cbc
remodel bash and shell wrappers
2016-04-18 11:48:42 -04:00
Dominik Richter
14995534cd
skip profiles if the platform isnt supported
2016-04-16 15:34:23 -04:00
Christoph Hartmann
cd57b26bd0
wmi unit test
2016-03-20 11:53:56 +01:00
Christoph Hartmann
67251d2982
implement object traversal for wmi object, make namespace and filter optional
2016-03-20 11:53:56 +01:00
Dominik Richter
ccf2694940
bugfix: inheritance of local profiles
2016-03-08 14:59:14 +01:00
Dominik Richter
90f2212ed5
add color output + make default
2016-03-07 22:21:31 +01:00
Dominik Richter
b831b62a90
make controls selectable
2016-03-06 23:54:28 +01:00
Dominik Richter
f6bd7ed3b8
unify exec options
2016-03-06 15:07:12 +01:00
Dominik Richter
4a39275fc0
add xinetd_conf resource
2016-02-26 13:19:16 +01:00
Dominik Richter
33b2876d7c
fix tests and lint
2016-02-22 12:06:42 +01:00
Dominik Richter
e4c3c9370b
fix detection with new profile/runner scheme
2016-02-22 11:24:36 +01:00
Dominik Richter
1e1e473cb0
replace target-helper with fetcher+reader
2016-02-22 11:24:35 +01:00
Dominik Richter
1825fd1fef
separate reusable plugin registry with sorting
2016-02-22 11:24:35 +01:00
Dominik Richter
83fcc35d2a
expose all fields + deprecate singular accessors
2016-02-18 16:10:42 +01:00
Stephan Renatus
405b3e3fa4
rubocop fixes
2016-02-09 11:51:52 +01:00
Stephan Renatus
57db5a9414
unit test FilterArray, make retrieved values unique
2016-02-09 11:51:52 +01:00
Stephan Renatus
5270f21da9
move FilterArray to utils, add retrieving values
2016-02-09 11:51:52 +01:00
Dominik Richter
bb264897f4
wrap basecli in inspec module
...
Take care of a rare error which has Inspec undefined
2016-02-05 18:25:40 +01:00
Christoph Hartmann
b7a88dbd7a
fix linting and unit test
2016-02-05 16:57:51 +01:00
Christoph Hartmann
a55a4869d9
extract base cli class
2016-02-05 14:20:32 +01:00
Christoph Hartmann
826d059b19
optimize json logger for line delimited JSON
2016-02-04 16:38:57 +01:00
Christoph Hartmann
907a4e1f33
add json stream logger for inspec check
2016-02-04 16:38:57 +01:00
Stephan Renatus
ff682532cf
fix warning in #find_files[_or_error]
2016-02-01 16:32:47 +01:00
Christoph Hartmann
678ee2b473
parse port information on solaris 10 and 11 via netstat
2016-01-28 18:30:38 +01:00
Dominik Richter
4092691a78
lint
2016-01-15 04:07:25 +01:00
Christoph Hartmann
772df929f6
implement be_mounted.with
for file resources
2016-01-03 00:03:24 +01:00
Christoph Hartmann
19ed6be39f
more fine-grained utils parser
2016-01-02 22:41:58 +01:00
Stephan Renatus
324ba14a6b
fix optional type argument handling
2015-12-04 14:27:32 +01:00
Stephan Renatus
390e0fcca7
restore old find_files interface
...
- fixes #276
- basic test for find_files
2015-12-04 14:15:45 +01:00
Dominik Richter
6cbe3466fb
update rubocop 0.35.1
2015-11-13 01:03:15 +01:00
Dominik Richter
471a723b83
restore parse_passwd_line to be public, thanks @chris-rock
2015-10-26 17:16:05 +01:00
Dominik Richter
0ac3c412aa
bugfix: support empty content in simpleconfig
2015-10-26 16:16:42 +01:00
Dominik Richter
95242bf9c2
add content parser tests
2015-10-26 15:50:57 +01:00
Dominik Richter
b58a4b3f43
rename vulcanosec -> inspec
2015-10-26 12:34:15 +01:00
Dominik Richter
45f7057f30
lint
2015-10-26 04:39:16 +01:00
Christoph Hartmann
949496776e
move comment parser to utils
2015-10-07 18:45:07 +02:00
Christoph Hartmann
8fff2ee989
add author header
2015-10-06 18:55:44 +02:00
Christoph Hartmann
14c5c3f393
lint: remove whitespace
2015-10-05 12:28:28 +02:00
Christoph Hartmann
6b2064ad89
return password expiry information for linux
2015-10-05 11:50:49 +02:00
Christoph Hartmann
57676d88a1
externalize passwd parser
2015-10-05 11:42:20 +02:00
Christoph Hartmann
77f48cfcf3
move line-split to simple config
2015-10-05 11:42:20 +02:00
Dominik Richter
aa4593ff71
replace parseconfig with simpleconfig
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:19:55 +02:00
Dominik Richter
8b97bdbaa7
expose simpleconfig groups
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:18:09 +02:00
Dominik Richter
2d8b63cb22
feature: support simple config groups
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:00:38 +02:00
Dominik Richter
1076dcbd52
remove os_ prefix from detect json syntax
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-23 10:25:05 +02:00
Dominik Richter
7fb41cdbee
remove conditional or on release for detect util
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
e78fbf1b96
move windows OS detection to backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
94d748efd1
add os name to detect util
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
4852842bf6
feature: add hash utility for deep_merge
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
1345c1d017
update findfiles to work with new backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
f1cc7cbf9b
lint utils
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
753e7775ef
lint detect
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Christoph Hartmann
0e8651bf26
fix rubocop issues
2015-09-05 16:07:54 +02:00
Christoph Hartmann
36c9de7529
more rubocop fixes
2015-09-04 09:59:30 +02:00
Christoph Hartmann
bbbb8380ca
replace raise with fail
2015-09-03 23:24:42 +02:00
Christoph Hartmann
556bb5a0f0
remove empty lines
2015-09-03 23:20:53 +02:00
Christoph Hartmann
349d5bf9f1
harmonize method definition style
2015-09-03 20:43:58 +02:00
Christoph Hartmann
7bdcc00e94
add utf-8 header
2015-09-03 20:36:46 +02:00
Christoph Hartmann
5612752b82
use single quotes
2015-09-03 20:35:23 +02:00
Dominik Richter
b2e031c056
start serverspec migration
...
This project is inspired by Serverspec and all the wonderful contributions that went into it. Thank you all so much! We have used Serverspec as our audit base and have now a slightly different perspective. We hope to continue the spirit on this path. Hopefully both projects will find their way together.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:36:05 -07:00
Christoph Hartmann
3570295007
bugfix: remove debug message
2015-08-14 01:46:43 -07:00
Christoph Hartmann
6e7d2f6bcf
detect windows versions
2015-08-14 01:43:02 -07:00
Christoph Hartmann
e4de940dfe
improve windows detection
2015-08-14 00:49:31 -07:00
Dominik Richter
086d385fe0
add detect utility to get os info
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 17:18:17 -07:00