Dominik Richter
c73afd4c1c
overhault rule/control internals
...
instead of keeping them as flat variables, prefix all internals with `__` to create consistency. Also add accessors on the class-level to expose these values in all rules. This way we keep all variable-names in one location and get some safety on access.
2016-04-06 10:46:36 +02:00
Dominik Richter
598e8be07f
don't remove controls with only_if
...
instead mark them as skipped, but don't just remove them.
This also introduced a number of tests around only_if on the global level
2016-04-06 10:15:53 +02:00
Dominik Richter
0cffb21b97
0.17.1
2016-03-31 20:06:02 +01:00
Dominik Richter
8150a67e4a
add inspec objects (not exposed by default)
2016-03-31 19:50:44 +01:00
Dominik Richter
f845a16442
0.17.0
2016-03-31 14:23:07 +02:00
Christoph Hartmann
6fba237848
Merge pull request #580 from mulesoft-ops/amazon-linux-support
...
Amazon linux support for service resource
2016-03-31 09:55:36 +01:00
Dominik Richter
419b6a087c
add file uid and gid accessors
2016-03-31 02:23:30 +02:00
Dominik Richter
2cad553de8
add advanced passwd filters (experimental)
2016-03-31 02:03:20 +02:00
Joshua Bussdieker
7a185f02dc
Amazon linux support for service resource
2016-03-29 08:32:50 -07:00
Julian Tabel
bd594f3608
added apipath cli option to inspec compliance with default to /api
2016-03-29 10:49:48 +02:00
Christoph Hartmann
ca0506b6a3
eases the removal of leading and trailing whitespace for powershell and vbscript
2016-03-26 22:25:53 +01:00
Dominik Richter
41fb327e20
0.16.4
2016-03-25 14:25:44 +01:00
Dominik Richter
ee170cc526
support --controls for json
2016-03-25 01:58:59 +01:00
Stephan Renatus
be93f25e6e
inspec-compliance: url_encode profile names
2016-03-24 23:47:41 +01:00
Dominik Richter
856460054f
dont fail with stacktrace on connection errors
2016-03-24 23:24:58 +01:00
Alex Pop
3c3d711dfd
bugfix: fix rare inspec shell missing all resources
...
In some instances, when running inspec shell, you dont get any resources inside of it. i.e. `inspec shell` and then `os` will lead to
```ruby
NameError: undefined local variable or method `os' for
from (pry):1:in `add_content'
```
This is because of instance_eval loading withing the given source/line
information and not attaching to the profile context which actually has
all the resources. Fix it by making sure that inspec shell always
attaches to the profile context with resources by providing nil for
source and line information.
2016-03-24 20:37:46 +01:00
Stephan Renatus
d91bce0a20
0.16.3
2016-03-23 16:49:27 +01:00
Stephan Renatus
f19b3f632f
inspec-compliance: fix upload of profiles
2016-03-23 16:13:23 +01:00
Dominik Richter
8d524630c3
0.16.2
2016-03-22 20:30:21 +01:00
Dominik Richter
c5f0d11e4c
bugfix: dont crash on read_file contents in parse_config
2016-03-22 18:42:50 +01:00
Dominik Richter
cd031607c1
0.16.1
2016-03-22 12:57:45 +01:00
Christoph Hartmann
cd57b26bd0
wmi unit test
2016-03-20 11:53:56 +01:00
Christoph Hartmann
f97301882e
add namespace for wmi resource
2016-03-20 11:53:56 +01:00
Christoph Hartmann
67251d2982
implement object traversal for wmi object, make namespace and filter optional
2016-03-20 11:53:56 +01:00
Christoph Hartmann
d045927d28
add wmi resource
2016-03-20 11:53:56 +01:00
Christoph Hartmann
849c23d0aa
remove comments from ps script and remove tmp vb script after execution
2016-03-19 19:04:31 +01:00
Christoph Hartmann
6d53e43e7d
add vbscript resource
2016-03-19 19:04:31 +01:00
Christoph Hartmann
f50255486b
add support for addresses in port resource
2016-03-19 11:48:14 +01:00
Dominik Richter
eecf62643a
0.16.0
2016-03-19 11:13:32 +01:00
Dominik Richter
a9632d53d4
fix inspec shell and continuously test it
2016-03-19 09:13:23 +01:00
Christoph Hartmann
e2466d0dbb
rename script
to powershell
2016-03-18 15:41:54 +01:00
Dominik Richter
d41d6ef4e0
add metadata from profile to summary
2016-03-18 02:42:53 +01:00
Dominik Richter
040b2eac8e
add --format fulljson formatter
2016-03-18 02:42:53 +01:00
Dominik Richter
76fe4483d4
feature: add tags and refs
2016-03-18 01:42:26 +01:00
Dominik Richter
b7e438eabc
add a mock fetcher
2016-03-17 23:37:09 +01:00
Dominik Richter
c1d2da5bf3
ensure fetchers test against strings
2016-03-17 23:37:09 +01:00
Adam Leff
0acd926dbd
adding named resource registry classes
2016-03-17 15:58:20 +01:00
Dominik Richter
4676b5eedd
dont generate pretty json by default
...
we have jq for that!
2016-03-17 15:41:57 +01:00
Victoria Jeffrey
08616f50d0
Add title, description, code, and source_location to example metadata
2016-03-17 15:22:57 +01:00
Dominik Richter
16c3c00482
bugfix: prevent duplicate loading of library files
2016-03-17 14:43:52 +01:00
Dominik Richter
f7c2fa4392
functional tests for inspec detect + version + exec
2016-03-17 10:21:38 +01:00
Dominik Richter
0218f1f3ca
feature: --output on archive
2016-03-17 10:21:38 +01:00
Dominik Richter
e3991a2025
bugfix: inspec archive with profile path for inheritance
2016-03-16 20:32:02 +01:00
Dominik Richter
641572ec7f
move CLI components to lib/inspec/cli
...
This makes it easier for other applications to include this component. require from bin/inspec just doesnt behave (or needs workarounds)
2016-03-16 08:17:04 +01:00
Victoria Jeffrey
7f27c33e1f
add output stream to rspec configuration
2016-03-09 15:12:22 +01:00
Dominik Richter
f94330154e
0.15.0
2016-03-09 10:58:21 +01:00
Dominik Richter
24ffdf0478
descope calls to global File
...
This is just for simplicity. I expect other users to make the same mistake when using it, so I would rather our tests crash if we have this type of conflict again and prevent it in the first place. Renaming File to FileResource should take care of all important places
2016-03-09 10:48:54 +01:00
Dominik Richter
844580074d
rename internal OS
-> OSResource
2016-03-09 10:48:54 +01:00
Dominik Richter
387415859e
rename internal File
-> FileResource
2016-03-09 10:48:48 +01:00
Dominik Richter
9cb2bc5dec
Merge pull request #526 from chef/adamleff/resource-namespace
...
Placing all resources in the Inspec::Resources namespace
2016-03-09 10:29:11 +01:00
Adam Leff
577688a3a0
Placing all resources in the Inspec::Resources namespace
...
Many of the resources are named as a top-level class with a fairly generic class name, such as "OS". This causes an issue specifically with kitchen-google which depends on a gem which depends on the "os" gem which itself defines an OS class with a different superclass. This prevents users from using TK, Google Compute, and Inspec without this fix.
Some mocked commands had their digest changed as well due to the new indentation, specifically in the User and RegistryKey classes.
I strongly recommend viewing this diff with `git diff --ignore-space-change`
to see the *real* changes. :)
2016-03-08 13:40:16 -05:00
Dominik Richter
e89738c5f7
0.14.9
2016-03-08 17:52:55 +01:00
Dominik Richter
ccf2694940
bugfix: inheritance of local profiles
2016-03-08 14:59:14 +01:00
Dominik Richter
90f2212ed5
add color output + make default
2016-03-07 22:21:31 +01:00
Dominik Richter
b831b62a90
make controls selectable
2016-03-06 23:54:28 +01:00
Dominik Richter
f6bd7ed3b8
unify exec options
2016-03-06 15:07:12 +01:00
Dominik Richter
ae08fe2f84
0.14.8
2016-03-04 16:50:51 +01:00
Dominik Richter
903b0597d9
expose control impacts in json
2016-03-04 16:30:10 +01:00
Christoph Hartmann
53a2333c20
0.14.7
2016-03-01 21:33:03 +01:00
Christoph Hartmann
d4554771da
adds a insecure option for the compliance plugin to work with self-signed ssl
2016-03-01 20:51:23 +01:00
Christoph Hartmann
9605cfe3e8
0.14.6
2016-03-01 17:04:25 +01:00
Christoph Hartmann
bc2cde6b29
make supermarket command more robust
2016-03-01 13:26:36 +01:00
Alex Pop
051ac89376
make PROFILE required and update usage info
2016-03-01 10:27:22 +00:00
Christoph Hartmann
acdae94201
add missing supermarket loader
2016-02-29 19:28:53 +01:00
Christoph Hartmann
593df248b4
0.14.5
2016-02-29 13:47:55 +01:00
Dominik Richter
9449afcb3d
0.14.4
2016-02-26 17:42:06 +01:00
Dominik Richter
7cdb710e5e
dont crash on empty metadata during finalize
2016-02-26 16:56:36 +01:00
Dominik Richter
e617f74bcd
filter xinetd fields by regex
2016-02-26 14:46:51 +01:00
Dominik Richter
4a39275fc0
add xinetd_conf resource
2016-02-26 13:19:16 +01:00
Dominik Richter
3ae50adae9
feature: conditional OR via describe.one
...
```
describe.one do
describe command("uname -r").stdout do
it { should_not match /x86_64/ }
end
describe test_sth_for_x64_processors do
...
end
end
```
2016-02-25 14:30:23 +01:00
Dominik Richter
4020229914
bugfix: standalone describe without block
...
i.e. make sure it doesnt crash just because no block was given due to source/line detection.
also return the result of the rule's delegated describe call and not the rule itself to the outer method. this is for consistency (and the following commits)
2016-02-25 11:03:53 +01:00
Dominik Richter
78d119beaf
0.14.3
2016-02-24 17:11:41 +01:00
Dominik Richter
40b3af86f8
bugfix: catch fetcher.abs_path(nil)
2016-02-24 16:07:00 +01:00
Dominik Richter
b75ba7d345
throw fetcher and reader errors in profile detection
2016-02-24 15:55:47 +01:00
Christoph Hartmann
681f817992
enable cmp matcher to catch the case where expected is a number string, and actual is a number
2016-02-23 22:18:16 +01:00
Dominik Richter
47b0d97313
0.14.2
2016-02-22 21:20:56 +01:00
Christoph Hartmann
9ea68471e5
fix cc upload
2016-02-22 21:14:50 +01:00
Dominik Richter
926023de91
load plugins in the same gem installation
2016-02-22 21:01:07 +01:00
Christoph Hartmann
a31da47791
0.14.1
2016-02-22 18:47:37 +01:00
Christoph Hartmann
0c02a30dc5
ignore pax_global_header
as valid file
2016-02-22 18:16:07 +01:00
Dominik Richter
7c377a0ab0
0.14.0
2016-02-22 12:53:27 +01:00
Stephan Renatus
01d7d5bf8a
fetchers/tar: slight simplification
2016-02-22 12:06:42 +01:00
Stephan Renatus
356995bd7b
plugins/fetcher: remove attr_reader shadowing
2016-02-22 12:06:42 +01:00
Dominik Richter
33b2876d7c
fix tests and lint
2016-02-22 12:06:42 +01:00
Dominik Richter
d44af5dcc7
bugfix: dont set ID for profile params too early
2016-02-22 12:06:42 +01:00
Dominik Richter
37ec3cf6f2
migrate load-path hooking for legacy modes
2016-02-22 12:06:42 +01:00
Dominik Richter
d065794d96
remove old target interface
2016-02-22 12:06:42 +01:00
Dominik Richter
82195d82d6
make url fetcher less restrictive on file-endings
2016-02-22 12:06:42 +01:00
Dominik Richter
5cabb7d273
migrate inspec-supermarket target to fetcher
2016-02-22 12:06:37 +01:00
Dominik Richter
9c3f336d06
migrate inspec-compliance target to fetcher
2016-02-22 11:24:36 +01:00
Dominik Richter
e4c3c9370b
fix detection with new profile/runner scheme
2016-02-22 11:24:36 +01:00
Dominik Richter
07ae2afd3b
bugfix: generate archive in current folder
...
instead of e.g. the rubygems location somewhere on the system
2016-02-22 11:24:36 +01:00
Dominik Richter
1e1e473cb0
replace target-helper with fetcher+reader
2016-02-22 11:24:35 +01:00
Dominik Richter
202a781f6a
fail on incorrect metadata of url download
2016-02-22 11:24:35 +01:00
Dominik Richter
c79d9f7777
add flat source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
c9d1272f49
add relative fetcher
...
This helps reduce any folder structures, weather on disk or in archives, to their relative root paths; i.e. ignore all file-prefixes that are given and go directly to the underlying files, relative to the common folders that contain it
2016-02-22 11:24:35 +01:00
Dominik Richter
f023d02bbb
add inspec source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
125ee53041
create source_reader plugin structure
2016-02-22 11:24:35 +01:00
Dominik Richter
1825fd1fef
separate reusable plugin registry with sorting
2016-02-22 11:24:35 +01:00
Dominik Richter
d293550375
chain fetchers together
2016-02-22 11:24:35 +01:00
Dominik Richter
7b073fe153
add url fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
4e830ffc24
add tar fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
1c29667523
add zip fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
a83e29cc01
add local fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
27f7aa7796
create new fetcher system
2016-02-22 11:24:35 +01:00
Dominik Richter
ee82c3a2ff
bugfix: handle edge-cases in upstart service
...
e.g. when a service could not be found and command outputs become empty / matchers dont hit'
2016-02-22 09:52:16 +01:00
Dominik Richter
1147d30679
bugfix: make sure version is always a string
2016-02-22 09:26:48 +01:00
Dominik Richter
c7312be8ec
force encoding to utf-8
2016-02-22 05:18:41 +01:00
Christoph Hartmann
e466ec4e90
0.13.0
2016-02-19 14:50:03 +01:00
Dominik Richter
1e096c7181
add shadow resource for /etc/shadow
2016-02-19 14:26:04 +01:00
Christoph Hartmann
3f6b89e24d
extend github url support
2016-02-19 09:12:25 +01:00
Christoph Hartmann
3a2488cade
fix mime-type map
2016-02-19 09:11:38 +01:00
Christoph Hartmann
9e2dc30fb5
minor typo fix
2016-02-18 21:12:25 +01:00
Dominik Richter
1fa957c8ca
ensure deprecated methods still work
2016-02-18 16:25:02 +01:00
Dominik Richter
83fcc35d2a
expose all fields + deprecate singular accessors
2016-02-18 16:10:42 +01:00
Dominik Richter
d9427b3aac
add filter to passwd
2016-02-18 16:10:42 +01:00
Christoph Hartmann
26276ca991
use ruby zip and tar for unit tests
2016-02-18 14:27:16 +01:00
Dominik Richter
17d4e1dc3c
simplify url-construction of inspec-compliance
2016-02-18 14:25:55 +01:00
Dominik Richter
b872c04616
bugfix: url helper loading zip and tar
2016-02-18 14:25:55 +01:00
Dominik Richter
6bc57b2d92
bugfix: stop reading fro mzip when file is found
2016-02-18 14:25:55 +01:00
Dominik Richter
03bf732d82
add cmp for Arrays
2016-02-18 13:58:37 +01:00
Dominik Richter
2bbbb29a9b
simplify cmp matcher checks
2016-02-18 12:07:40 +01:00
Stephan Renatus
453cd420fb
fix service_ctl override logic
2016-02-17 12:55:09 +01:00
Stephan Renatus
d2469d9519
inspec-compliance: ensure file permissions when saving config
2016-02-17 10:46:06 +01:00
Dominik Richter
294db6744f
0.12.0
2016-02-15 11:54:14 +01:00
Christoph Hartmann
96d02ba4a2
add inspec profile as example
2016-02-14 21:27:40 +01:00
Christoph Hartmann
b967af3c89
rename generate to init
2016-02-14 21:26:37 +01:00
Christoph Hartmann
f281f9c351
implement generate cli command
2016-02-14 19:38:58 +01:00
Dominik Richter
36cbafc438
add runlevel helper object to services
2016-02-14 18:23:58 +01:00
Dominik Richter
0934948a1a
support runlevels for system V + service matching
...
Bugfix: there were services that would get matched because of the way the regex was constructed, i.e. if the user inserted `.` or `*` or anything regexy. Even if the service only had part of the name you were interested in, it would match (e.g. `sshd` would find `my_sshdaemon`).
Apart from this, runlevels are now detected for SystemV. This is exposed in `#info`
2016-02-13 02:11:51 +01:00
Dominik Richter
2426d30870
bugfix: verify the resolver type first
2016-02-11 15:40:35 +01:00
Dominik Richter
137bee74ca
add content resolver to dir helper
2016-02-10 23:46:55 +01:00
Dominik Richter
3efd0961f0
make sure archive resolvers return one file only
2016-02-10 22:49:51 +01:00
Dominik Richter
19a0a18db1
sync archive+tar+zip helpers to new dir-resolver
2016-02-10 22:30:13 +01:00
Dominik Richter
6bd757c585
improve documentation on target resolvers
2016-02-10 20:36:54 +01:00
Dominik Richter
d272024b01
rework resolver connection
...
I.e. we want to get access to the actual directory handler, with full exposure of the underlying directory resolver. e.g. Get the InspecProfileDirectory handler (which provides access to tests, metadata, libraries), but be able to get all data with that alone (e.g. an ArchiveHelper for ZIP which reads all files/folders from zip)
2016-02-10 20:36:43 +01:00
Dominik Richter
293b1a4c25
unify all directory resolvers
2016-02-10 12:20:28 +01:00
Dominik Richter
2d92e164c2
create plugin interface for directory resolvers
2016-02-10 11:15:08 +01:00
Stephan Renatus
ac2584f51d
iptables: strip lines if iptables -S
output
...
As it turns out, some of the lines on CentOS 6 had a trailing space in it.
Fixes #420 .
2016-02-10 09:57:32 +01:00
Stephan Renatus
cdad6e63c3
iptables: some simplifications
2016-02-10 09:57:32 +01:00
Dominik Richter
d55aeddbdf
0.11.0
2016-02-09 17:54:38 +01:00
Christoph Hartmann
0f14ebb1d1
simplify value extraction for apache resource without any magic
2016-02-09 17:35:33 +01:00
Christoph Hartmann
a3eda1fcee
implement method missing for apache_conf resource
2016-02-09 17:35:33 +01:00
Christoph Hartmann
796af68a69
Fix supermarket cli registration
2016-02-09 15:22:29 +01:00
Dominik Richter
971d651551
change version constraints
...
Move to a more mathematical representation of version numbers comparisons. The existing one is semantically correct, but may lead to slight confusion.
2016-02-09 11:51:52 +01:00
Stephan Renatus
e5b88fc486
auditd_rules: suppress warning for centos 5; improve docs wording
2016-02-09 11:51:52 +01:00
Stephan Renatus
405b3e3fa4
rubocop fixes
2016-02-09 11:51:52 +01:00
Stephan Renatus
4b6eced92a
auditd_rules: access by key, tests + documentation
2016-02-09 11:51:52 +01:00
Stephan Renatus
cd5f47ed33
auditd_rules: unit tests, meet the real world
2016-02-09 11:51:52 +01:00
Stephan Renatus
664561aa80
auditd_rules: status querying (old/new) and unit tests
...
TODO: unit tests for the legacy format
2016-02-09 11:51:52 +01:00
Stephan Renatus
57db5a9414
unit test FilterArray, make retrieved values unique
2016-02-09 11:51:52 +01:00
Stephan Renatus
5270f21da9
move FilterArray to utils, add retrieving values
2016-02-09 11:51:52 +01:00
Stephan Renatus
4afb22565e
auditd_rules: teach old dog new tricks
2016-02-09 11:51:52 +01:00
Stephan Renatus
2afc29e48f
auditd_rules: stash legacy behaviour away
2016-02-09 11:51:52 +01:00
Dominik Richter
0421b6dc1a
exit early
2016-02-09 11:04:50 +01:00
Dominik Richter
c966e94835
typos
2016-02-09 11:04:34 +01:00
Dominik Richter
e56321f6c7
semantics: rename CLI plugins registry -> subcommands
...
Basically make sure everyone understands these are only subcommands. we might consider adding plugins for options or existing commands instead of new subcommands. this just ensures everyone knows what registry is for
2016-02-09 01:20:38 +01:00
Dominik Richter
7ccf0fa364
avoid automatic plugin loading throughout the library
...
only load plugins through the binary, never through the library. This avoids issue we have in accidentally loading plugins in tests and integration work. They should only be loaded when users request them.
2016-02-09 00:55:02 +01:00
Dominik Richter
1ae0bc2e60
clarify the role of the plugin API at the moment
2016-02-09 00:25:25 +01:00
Christoph Hartmann
b33129fbf5
implement supermarket extension
2016-02-08 20:06:07 +01:00
Dominik Richter
dc028a3877
fix loading order of plugins
2016-02-07 23:47:10 +01:00
Christoph Hartmann
c6c9d0278c
0.10.1
2016-02-05 18:52:44 +01:00
Dominik Richter
bb264897f4
wrap basecli in inspec module
...
Take care of a rare error which has Inspec undefined
2016-02-05 18:25:40 +01:00
Christoph Hartmann
be7aa8f0c4
0.10.0
2016-02-05 17:18:07 +01:00
Christoph Hartmann
b7a88dbd7a
fix linting and unit test
2016-02-05 16:57:51 +01:00
Christoph Hartmann
f826c07af5
minor improvements
2016-02-05 14:55:12 +01:00
Christoph Hartmann
7e88f56917
move plugin to bundles
2016-02-05 14:48:55 +01:00
Christoph Hartmann
a55a4869d9
extract base cli class
2016-02-05 14:20:32 +01:00
Christoph Hartmann
7494854c60
implement profile upload
2016-02-05 14:18:05 +01:00
Christoph Hartmann
368f6ed56a
refactor compliance plugin
2016-02-05 14:18:05 +01:00
Christoph Hartmann
2cb3d6f90f
bugfix: rescue url error in url target helper
2016-02-05 14:15:57 +01:00
Christoph Hartmann
6c1b9fff9d
do not try to load a profile if we have no token available
2016-02-05 14:15:57 +01:00
Christoph Hartmann
7f57b12258
refactor cli
2016-02-05 14:15:57 +01:00
Christoph Hartmann
823e30e9cf
re-introduce compliance exec
2016-02-05 14:14:34 +01:00
Christoph Hartmann
0958327f06
improve url target helper, match github url with trailing /
2016-02-05 14:14:34 +01:00
Christoph Hartmann
6cf8ecf304
add target helper for compliance plugin, extract API methods from CLI
2016-02-05 14:14:34 +01:00
Christoph Hartmann
0b59dab9ea
initial version of compliance plugin
2016-02-05 14:13:22 +01:00
Christoph Hartmann
bab7eb1986
improve styling
2016-02-05 14:06:55 +01:00
Christoph Hartmann
589db0bcd0
add registry for cli plugins
2016-02-05 14:06:55 +01:00
Stephan Renatus
f63a8ad1d5
upstart_service: add version fallback, fix regexp
...
before this regexp change, a service called "running" (hello integration
tests) would always be "running" ;)
2016-02-05 13:49:18 +01:00
Christoph Hartmann
e6ff20f91e
add metadata warnings in structured hash
2016-02-04 18:46:11 +01:00
Christoph Hartmann
d7cb5a9ae0
adapt unit tests
2016-02-04 18:05:40 +01:00
Christoph Hartmann
ea63a39b40
improve code style
2016-02-04 17:01:38 +01:00
Christoph Hartmann
14a3100e41
simplify result value from profile check
2016-02-04 16:47:33 +01:00
Christoph Hartmann
7e19c5eec6
fix ignore errors option use in archive method
2016-02-04 16:41:59 +01:00
Christoph Hartmann
1796c3271b
generate hash output for check and use it in inspec cli
2016-02-04 16:41:14 +01:00
Christoph Hartmann
6b7e5818fb
expose source location in rule
2016-02-04 16:38:57 +01:00
Christoph Hartmann
d50b634879
bugfix: fix control tests
2016-02-04 16:38:57 +01:00
Christoph Hartmann
826d059b19
optimize json logger for line delimited JSON
2016-02-04 16:38:57 +01:00
Christoph Hartmann
907a4e1f33
add json stream logger for inspec check
2016-02-04 16:38:57 +01:00
Dominik Richter
ecb78e3a19
establish plugin loading dock
2016-02-04 14:43:51 +01:00
Stephan Renatus
e8c7452acf
Inspec::Profile: document that it always reads with ignore_supports
2016-02-03 16:47:52 +01:00
Stephan Renatus
828d6ad443
Inspec::Profile fix @metadata
2016-02-03 16:47:49 +01:00
Stephan Renatus
cc60fa1e23
tar/zip: return empty-string if an entry is empty; zip: return ref
2016-02-03 14:38:46 +01:00
Stephan Renatus
1510f330a9
read and return metadata from archives, too
...
Note that this adds `ref: some/where/in/tarball/file` to the file
contents hash; it wasn't there before but it may be useful for error
reporting nonetheless.
2016-02-03 14:38:46 +01:00
Stephan Renatus
f335865377
WIP: kill all the checks that fail with tarballs.
...
current output:
$ inspec check test/unit/mock/profiles/complete-profile.tgz
I, [2016-02-03T10:22:21.377650 #13207 ] INFO -- : Checking profile in test/unit/mock/profiles/complete-profile.tgz
I, [2016-02-03T10:22:21.377745 #13207 ] INFO -- : Found 1 rules.
I, [2016-02-03T10:22:21.377771 #13207 ] INFO -- : Rule definitions OK.
2016-02-03 14:38:46 +01:00
Stephan Renatus
889be88543
remove stray require
2016-02-03 14:04:55 +01:00
Stephan Renatus
79d171fb2c
rubocop
2016-02-03 14:04:55 +01:00
Stephan Renatus
45f0cbff03
inspec/rspec: decouple reporting and formatting
...
If reporting is requested, register a "reporting formatter", i.e.,
Inspec::RSpecReporter, that does the same things JsonFormatter does, but
suppresses output.
When the report is then requested, it returns the output hash that
JsonFormatter aggregates.
2016-02-03 14:04:55 +01:00
Stephan Renatus
6789e089d7
Inspec::Runner: provide a report
2016-02-03 14:04:55 +01:00
Stephan Renatus
ff682532cf
fix warning in #find_files[_or_error]
2016-02-01 16:32:47 +01:00
Dominik Richter
34bc94d13f
mock resource operating systems for tests
2016-01-29 21:55:08 +01:00
Dominik Richter
4c1b6f7509
remove os check exposure in file resource
2016-01-29 21:55:08 +01:00
Christoph Hartmann
9cfc69cf15
0.9.11
2016-01-29 18:34:12 +01:00
Stephan Renatus
6fbd28c2bb
runit_service: fix resource, improve integration tests
...
Turns out using `/usr/bin/yes` to imitate a daemon process is a TERRIBLE idea.
2016-01-29 17:03:05 +01:00
Christoph Hartmann
317b0cae9d
lint check in user resource
2016-01-28 21:11:13 +01:00
Christoph Hartmann
6ccfbe5e95
bugfix: use freebsd netstat parser instead of linux netstat parser for solaris
2016-01-28 21:08:52 +01:00
Christoph Hartmann
35899ebce6
optimize style in user resource
2016-01-28 18:30:39 +01:00
Christoph Hartmann
202190ea56
fix user resource unit test
2016-01-28 18:30:39 +01:00
Christoph Hartmann
ef3dbbb35c
improvement: make port parsing on solaris more reliable
2016-01-28 18:30:38 +01:00
Christoph Hartmann
678ee2b473
parse port information on solaris 10 and 11 via netstat
2016-01-28 18:30:38 +01:00
Christoph Hartmann
59f3214817
use id -a for solaris
2016-01-28 18:30:38 +01:00
Christoph Hartmann
bd1e5e4085
service resource for solaris 10 and 11
2016-01-28 18:30:38 +01:00
Christoph Hartmann
913191fb9e
package resource for solaris 10 and 11
2016-01-28 18:30:38 +01:00
Christoph Hartmann
dd59dd9a5a
use os.linux and os.windows where possible
2016-01-28 18:30:38 +01:00
Christoph Hartmann
a5f526b368
use freebsd file permission checks for solaris
2016-01-28 18:30:38 +01:00
Christoph Hartmann
2fd6aea357
extend etc_group support for all unix systems
2016-01-28 18:30:38 +01:00
Christoph Hartmann
058ec27d64
0.9.10
2016-01-25 17:45:43 +01:00
Stephan Renatus
56f22a1d2a
resource/postgres_session: add integration tests, change error handling
...
this makes it work (tested with default-ubuntu-1404), but doesn't
improve the error handling (i.e., the skip_resource doesn't really
prevent the failure)
2016-01-25 16:44:53 +01:00
Stephan Renatus
9821c4c754
resource/launchd_service: correctly match non-running services
2016-01-25 16:29:08 +01:00
Christoph Hartmann
5506319ad8
Merge pull request #389 from chef/dr/write-id-to-json
...
bugfix: write given ID to metadata json
2016-01-25 07:22:19 -08:00
Dominik Richter
88d2b26387
bugfix: write given ID to metadata json
...
Whenever the user provides an ID under which the profile is scoped, write it out to JSON during generation.
2016-01-25 15:48:56 +01:00
Christoph Hartmann
cc0db43813
optimize the error output for missing registry keys to nil
2016-01-25 13:55:47 +01:00
Christoph Hartmann
b30720f926
Merge pull request #380 from chef/sr/service-override
...
add service overrides for picking specific service managers, add runit_service
2016-01-21 13:35:23 +01:00
Stephan Renatus
ef77e01229
service resources: fix service_ctl default/override handling
2016-01-21 11:35:34 +01:00
Dominik Richter
d10207caca
warn about legacy supports fields in metadata
...
I.e.: Prevent users from writing `supports: linux` and similar. These are deprecated and will be removed. Also improve the warning to indicate what the user should do instead. Finally add tests to make sure we get all these.
2016-01-21 11:05:26 +01:00
Stephan Renatus
492c7f8146
runit_service: cleanup; fix "non-running-runit-service" test + recipe
2016-01-21 09:05:29 +01:00
Stephan Renatus
c761b8b40d
service resources: further simplifications, debian/centos handling
...
I've recovered the debian/centos special handling of the `service`
binary, although I doubt that it's necessary.
2016-01-21 08:22:04 +01:00
Dominik Richter
cac102aeac
add profile tests (non-legacy)
2016-01-20 21:57:23 +01:00
Stephan Renatus
3f39b35502
add runit_service resource, fix service_ctl handling
2016-01-20 17:54:16 +01:00
Stephan Renatus
709e4ca9e0
some code simplifications
2016-01-20 16:05:20 +01:00
Stephan Renatus
0e410df69d
add *_service overrides, allowing for different control binaries
2016-01-20 15:33:18 +01:00
Dominik Richter
20b138778e
bugfix: expose tests for docker unit-tests
2016-01-19 15:48:06 +01:00
Dominik Richter
c713a0af87
lint
2016-01-19 15:48:06 +01:00
Dominik Richter
22c6fa871d
add code docs to rspec runner
2016-01-19 15:48:06 +01:00
Dominik Richter
611487e956
clearly identify legacy profile tests and fix identification
2016-01-19 15:48:06 +01:00
Dominik Richter
8c464965c1
extract example group creation
...
and restore profile tests that had been completely mocked until now
2016-01-19 15:48:06 +01:00
Dominik Richter
dd2d93fd6f
completely separate rspec runner parts
2016-01-19 15:48:06 +01:00
Dominik Richter
21a92a0c4e
isolate rspec-dsl in profile context
2016-01-19 15:48:06 +01:00
Dominik Richter
b991dd03bb
flatten creation of profile context
2016-01-19 15:48:06 +01:00
Dominik Richter
21d9ae7e1d
move resource dsl creation to resource plugin
2016-01-19 15:48:06 +01:00
Jason Reed
1807c688b8
Fix typo
2016-01-19 09:07:24 -05:00
Dominik Richter
b0ffe684ab
freeze those versions
2016-01-15 21:41:20 +01:00
Christoph Hartmann
e9b94d55d1
0.9.9
2016-01-15 15:20:04 -05:00
Dominik Richter
acbc345321
make metadata.rb legacy mode consistent for supports
...
Before introducing InSpec profiles in https://github.com/chef/inspec/pull/252 we had `metadata.rb` keep all information. This included an undisclosed field called `supports`. However, this field was never actually used in practice. So for legacy profiles, this means that `supports` was ignored. In order to keep old profiles running in exactly the way they were before, ignore this field when reading from metadata.rb
2016-01-15 18:58:18 +01:00
Christoph Hartmann
b9978b5606
new rubocop fixes
2016-01-14 23:15:10 -05:00
Christoph Hartmann
46d85c2cbc
fail test if lsof is not available
2016-01-14 23:03:51 -05:00
Jeremy W. Chalfant
9e40e6d9f3
my rubocop is different
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
0681562fcd
rubocop is nuts
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
98a7e6303e
fix remaining rubocop complaints
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2fc8ba1b83
fix lint complaint
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2d8c892298
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
adbc5b8ef4
sanity check and AIX tests
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2e7ab9bad7
fix rubocop complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
388937e9b4
add aix user support
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
3b87e385d7
my rubocop is different
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
6cd801fbb9
rubocop is nuts
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
94a286929f
fix remaining rubocop complaints
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
420aef7cb9
fix lint complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
c8c676e1d6
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
f31a9f35b5
sanity check and AIX tests
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
5a6b1bbddf
fix rubocop complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
fbe79d1bc4
add aix user support
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
b167854c18
my rubocop is different
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
bbed0e7164
rubocop is nuts
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
88656c9ea8
fix remaining rubocop complaints
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
2aceba417c
fix lint complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
d5a7bad414
superflous chomp
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
b6649dd581
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
55d7faec8a
sanity check and AIX tests
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
a0bbb175c2
AIX packages
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
1d99afe623
fix rubocop complaint
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3168e4d100
add aix user support
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
d51d86e6d8
disable cops
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
6bdb06fbe9
move lsof parsing to seperate method
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
c982daaf6e
my rubocop is different
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3211071b9f
simplify lsof call
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
221d27423e
rubocop is nuts
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
f817840d38
fix remaining rubocop complaints
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3a90ea3a74
fix lint complaint
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
2c5cb06990
superflous chomp
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
b9ce468886
add AIX service support
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
d855602efe
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
aef7f6de39
sanity check and AIX tests
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
bc503f080d
rename etc_group to etc_group_spec and etc_group test success on AIX
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
db43739951
AIX packages
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
506b0ea996
fix rubocop complaint
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
26afecf857
add aix user support
2016-01-14 23:00:09 -05:00
Mark Harrison
f5780b69a4
Correctly detect UDP ports on linux
...
netstat on UDP lines doesn't display a port state (e.g. LISTEN), so make this
field optional when parsing the netstat line.
2016-01-14 22:53:38 -05:00
Christoph Hartmann
454a7e466d
bugfix: only skip regkey if required
2016-01-14 22:39:17 -05:00
Dominik Richter
375f65c903
casecmp == 0 if both entries are the same
2016-01-15 04:18:48 +01:00
Dominik Richter
4092691a78
lint
2016-01-15 04:07:25 +01:00
Stephan Renatus
5c17f8b643
regexp github url targets, add tests for Inspec::Targests::UrlHelper
...
replacing occuring http:// with https:// is probably ok, github
redirects to https anyways
2016-01-14 12:05:58 -05:00
Jacob McCann
f25ab3a373
Fix systemd service enabled check
2016-01-11 15:32:33 -06:00
Christoph Hartmann
ab88c23ab6
0.9.8
2016-01-11 12:48:36 -05:00
Stephan Renatus
ee62499fc0
bugfix: ignore supports when generating a profile's json representation
...
without this, `inspec json PATH` does never contain rules != {}, because
of the usage of the mock backend
2016-01-11 09:16:06 +01:00
Christoph Hartmann
a1ddbe4cf2
explicitly ignore supports for inspec check
2016-01-10 23:59:57 -05:00
Stephan Renatus
a26dbe146d
fix reading profiles bug
...
For reading the profiles metadata, we're using the train mock backend
through Inspec::Runner. The new `supports` feature never agrees with the
mock backend.
Now, it we figure out if this is a mock class and then just say that it
supports whatever we're asking for.
Tl;dr: there's probably a more beautiful solution to this.
Added a test case, but it fails -- while the command line interface
works fine.
2016-01-07 15:16:49 -08:00
Stephan Renatus
3ce8cd7d16
support old "supports" field in metadata
...
current compliance-profiles still have
```yaml
supports:
- linux
```
and we might want to be a little backwards compatible, too.
2016-01-05 22:50:56 +01:00
Dominik Richter
26c0cd0871
lint
2016-01-03 09:49:40 +01:00
Dominik Richter
8953278204
unfortunately Enumerator#last is not supported
2016-01-03 09:40:17 +01:00
Christoph Hartmann
e1d7d30919
add deprecation warning for serverspec users
2016-01-03 00:03:24 +01:00
Christoph Hartmann
a72ba94f10
handle mount results with multiple entries
2016-01-03 00:03:24 +01:00
Christoph Hartmann
9930773f37
restrict mount functionality to linux
2016-01-03 00:03:24 +01:00
Christoph Hartmann
a5acb03e49
add mount
resource
2016-01-03 00:03:24 +01:00
Christoph Hartmann
772df929f6
implement be_mounted.with
for file resources
2016-01-03 00:03:24 +01:00
Christoph Hartmann
19ed6be39f
more fine-grained utils parser
2016-01-02 22:41:58 +01:00
Christoph Hartmann
3be9ea18cc
use 1.8 syntax for dash key values to be compatible with older ruby versions
2016-01-02 22:29:31 +01:00
Christoph Hartmann
c11c36058a
separate os check
2016-01-02 21:25:22 +01:00
Dominik Richter
d6f48d3534
catch empty support clause
2015-12-31 17:57:59 +01:00
Dominik Richter
af8e4e93ca
add supports keyword to profiles
2015-12-31 17:54:13 +01:00
Dominik Richter
2e0da6e9e8
unify metadata resolution
2015-12-31 12:49:18 +01:00
Dominik Richter
3db2dd756d
resolve metadata from profile targets
2015-12-31 12:49:18 +01:00
Dominik Richter
e7b7f166cf
dry folder resolver
2015-12-31 12:49:18 +01:00
Dominik Richter
96c9794cbf
bugfix: reload inspec DSL after loading libraries
2015-12-29 19:27:00 +01:00
Dominik Richter
526932584d
fix metadata validation
2015-12-28 13:35:38 +01:00
Dominik Richter
cfa2b9a39c
fix metadata reading and parsing
2015-12-28 13:16:09 +01:00
Dominik Richter
cdc95df5ca
keep metadata checks in metadata.rb
2015-12-28 13:07:21 +01:00
Dominik Richter
aef0cabde8
fix method length in inspec.check
2015-12-28 13:01:27 +01:00
Christoph Hartmann
0ab46ff5b1
rename metadata.yml
to inspec.yml
2015-12-28 12:53:42 +01:00
Christoph Hartmann
1d4295ee4d
remove owner/name restriction
2015-12-28 12:53:42 +01:00
Christoph Hartmann
06c1265b38
add support for .tgz extension. Thanks @srenatus
2015-12-28 12:53:42 +01:00
Christoph Hartmann
31c8509092
lint profile implementation
2015-12-28 12:53:42 +01:00
Christoph Hartmann
27150e5341
feature: generate profile archive
2015-12-28 12:53:42 +01:00
Christoph Hartmann
9da0e32f3d
bugfix: only add path to load path if the test is located on filesystem
2015-12-28 12:53:42 +01:00
Christoph Hartmann
ebe54efd67
feature: load tests from zip and tar.gz
2015-12-28 12:53:42 +01:00
Christoph Hartmann
43c778078c
feature: add support for metadata.yml
2015-12-28 12:53:42 +01:00
Christoph Hartmann
9e8e64319e
improvement: better detection of directory types
2015-12-28 12:53:42 +01:00
Christoph Hartmann
bb97044338
bugfix: fix profile check
2015-12-28 12:53:38 +01:00
Christoph Hartmann
9fda6d3e89
bugfix: use skip_control
instead of skip_rule
as default
2015-12-28 12:07:57 +01:00
Christoph Hartmann
e122e48ae5
change profile directory from 'test' to 'controls'
2015-12-28 12:07:57 +01:00
Dominik Richter
7473dea1f2
ignore auto-generated controls during verify check
2015-12-23 11:11:49 +01:00
Dominik Richter
b2e0fac625
change check errors on summary+title to warnings
2015-12-23 09:18:59 +01:00
Dominik Richter
d2509f745e
reference correct fields from metadata in inspec check
2015-12-23 09:18:59 +01:00
Dominik Richter
25706b3612
0.9.7
2015-12-21 16:31:48 +01:00
Christoph Hartmann
ca33ac9288
Merge pull request #321 from jeremymv2/security_policy_fixes
...
Fixing issue with security policy always returning nil
2015-12-17 17:55:01 +01:00
Jeremy J. Miller
f1e8483cd8
Removed extra whitespace
2015-12-17 08:56:43 -05:00
Stephan Renatus
3a1dcb7669
teach cmp
matcher octal tricks
2015-12-16 11:32:31 +01:00
Jeremy J. Miller
af55cb41d8
Added ensure block to always delete file
2015-12-15 14:40:57 -05:00
Jeremy J. Miller
652392918d
Fixing issue with security policy always returning nil
2015-12-15 10:29:54 -05:00
Stephan Renatus
a5a780f920
reset rspec configuration when initializing Inspec::Runner
...
fixes https://github.com/chef/kitchen-inspec/issues/15
2015-12-15 14:00:53 +01:00
troyready
29f954f7f3
add release to el pkg version & catch missing linebreaks
...
Package release info (e.g. '19.el7') is often required to determine if
a system has been properly patched.
Lines like the following from rpm are messing up the version returned
by the package resource:
"...\nVersion : 1.8.6p3 Vendor: Red Hat, Inc.\n..."
Correcting this with a new conditional check.
2015-12-11 13:05:22 -08:00
Dominik Richter
cc67d8d4c0
0.9.6
2015-12-11 18:34:15 +01:00
Dominik Richter
494ed708d4
Merge pull request #318 from chef/chris-rock/cmp-matcher
...
matcher for less-restrictive comparison
2015-12-11 17:58:47 +01:00
Christoph Hartmann
0185751ff5
lint exception
2015-12-11 17:48:05 +01:00
Christoph Hartmann
52cd0b38d1
update style of float?
detection
2015-12-11 17:26:46 +01:00
Christoph Hartmann
31f8863701
update failure message for cmp
matcher
2015-12-11 17:19:28 +01:00
Christoph Hartmann
53728ee03a
lint fix
2015-12-11 17:17:01 +01:00
Christoph Hartmann
9f0755be99
add new cmp
matcher that eases the comparison for values
2015-12-11 17:02:48 +01:00
Christoph Hartmann
b2c457cf22
lint: remove redundant return
2015-12-11 15:39:49 +01:00
Christoph Hartmann
6badbf4dc9
bugfix: abort registry_key resource if the os is not supported
2015-12-11 15:39:49 +01:00
Christoph Hartmann
90e1eb9e39
bugfix: always ensure the script resource is properly initialized, even if the os is not supported
2015-12-11 15:39:49 +01:00
Christoph Hartmann
7422306ba7
lint fix
2015-12-11 14:34:28 +01:00
Christoph Hartmann
95c7ba8fe5
simplify prompt color setting
2015-12-11 14:29:31 +01:00
Christoph Hartmann
100df85b27
improve shell prompt and help
2015-12-11 14:03:36 +01:00
Stephan Renatus
652d51e9dc
[resource/port] add port(addr, port)
variant
2015-12-08 20:33:36 +01:00
Stephan Renatus
8532dd7034
[resource/port] change attribute names to plural, indicating arrays
...
see discussion in #256
2015-12-08 20:33:36 +01:00
Adam Leff
c146a76679
File permission checks should return false unless file exists
...
Currently, #readable?, #writeable?, and #executable? will incorrectly
return true if the file does not exist.
In addition, I took the opportunity to refactor the File resource to
make it easier to write unit tests and supplied a full unit test
suite for this resource.
2015-12-08 19:57:34 +01:00
Stephan Renatus
7a1cd660c3
[resources/processes] add users, states attribute; update docs
...
processes('bash').user does not actually make much sense for a resource
that is a list -- different entries can belong to different users.
Analogous for processes('bash').state.
The attributes 'users' and 'states' expose the unique values
corresponding to that property of entries in the process list.
Fixes #295 .
2015-12-08 13:06:27 +01:00
Stephan Renatus
bf15c05f7f
Merge pull request #299 from chef/chris-rock/os-resource
...
support string and symbol for os resource
2015-12-07 12:22:58 +01:00
Stephan Renatus
33f2fe3dde
hide summary output when running interactively (inspec shell)
2015-12-07 11:12:41 +01:00
Stephan Renatus
17a80d32a9
remove second welcome
2015-12-07 11:12:41 +01:00
Stephan Renatus
c6fd8c5880
mention help [resource]
2015-12-07 11:12:41 +01:00
Christoph Hartmann
dcb09802d3
support string and symbol for os resource
2015-12-07 11:11:55 +01:00
Stephan Renatus
79f48afa6c
[resources/apache_conf]: add tests, fix bug
...
before, the resource would throw an exception when include_files
returned nil (i.e., [].flatten!)
added basic unit tests capturing the include_files behaviour
2015-12-07 10:50:48 +01:00
Christoph Hartmann
7c393a1891
Merge pull request #291 from chef/sr/fix-find_files
...
revert to old find_files interface
2015-12-04 14:41:36 +01:00
Stephan Renatus
324ba14a6b
fix optional type argument handling
2015-12-04 14:27:32 +01:00
Stephan Renatus
390e0fcca7
restore old find_files interface
...
- fixes #276
- basic test for find_files
2015-12-04 14:15:45 +01:00
Adam Leff
e0c356dae7
Adding support for Wind River Linux
...
WRL is used as the OS on Cisco Nexus devices and acts like a Red
Hat variant. These changes add support for WRL.
2015-12-03 17:41:11 -05:00
Christoph Hartmann
766fe47b87
add inline documentation
2015-12-01 10:56:47 +01:00
Christoph Hartmann
6a6cff1526
feature: add help command for resources
2015-12-01 10:56:47 +01:00
Christoph Hartmann
2c8a8ccb25
improvement: add etc_group support for centos and add integration test
2015-12-01 10:40:12 +01:00
Dominik Richter
762562b967
0.9.5
2015-11-25 15:43:31 +01:00
Dominik Richter
468159772f
0.9.4
2015-11-24 20:04:31 +01:00
Christoph Hartmann
a822dcee1a
optimize code structure
2015-11-24 18:39:32 +01:00
Christoph Hartmann
0bd7f557d5
bugfix: do manual split of id result because we cannot use whitespace
2015-11-24 18:35:10 +01:00
Christoph Hartmann
be62b76dc2
improvement: add checks to ensure the requested file is available
2015-11-24 16:46:17 +01:00
Christoph Hartmann
60e2a3512f
add init resource
2015-11-24 16:46:17 +01:00
Christoph Hartmann
0657525f4d
lint json resource
2015-11-24 16:46:17 +01:00
Christoph Hartmann
62ecdf6a1f
rewrite extraction of values
2015-11-24 16:46:17 +01:00
Christoph Hartmann
b70ba447b2
simplify method returns
2015-11-24 10:41:46 +01:00
Christoph Hartmann
129395141b
bugfix: make registry_key case-insensitive for properties
2015-11-23 16:26:17 +01:00
Dominik Richter
75d8b9388b
0.9.3
2015-11-20 23:33:18 +01:00
Seth Chisamore
606f618fc7
ensure all test directories are on the runner $LOAD_PATH
...
This change builds on chef/kitchen-inspec#12 . All test directories should
be on the `$LOAD_PATH` when `Inspec::Runner` executes the test suites with
`RSpec::Core::Runner`. This will allow things like `require 'spec_helper'`
to work as expected.
2015-11-20 00:14:57 -05:00
Seth Chisamore
beade346bf
Add Windows support to the os_env
resource
...
This change allows checks like:
```
describe os_env('PATH') do
its('split') { should include('C:\wix') }
end
```
2015-11-19 15:41:00 +01:00
Dominik Richter
a04ff021c6
bugfix: support multiple computed calls to describe
...
fixes #246
2015-11-19 14:28:42 +01:00
Christoph Hartmann
b899430541
bugfix: add attribute reader to make the command accessible to script resource
2015-11-17 22:40:07 +01:00
Christoph Hartmann
cb95951e03
simplify script resource
2015-11-17 22:28:11 +01:00
Christoph Hartmann
cd35d82326
improvement: reimplement registry key resource
2015-11-17 22:28:11 +01:00
Christoph Hartmann
c6166e335b
lint: fix lint error
2015-11-17 12:29:33 +01:00
Christoph Hartmann
850af710b0
improvement: add v6 protocol detection, it netstat does not deliver the information
2015-11-17 12:15:49 +01:00
Christoph Hartmann
9e3dccbfa3
improvement: restrice rescue to URI parse error
2015-11-17 12:14:05 +01:00
Christoph Hartmann
a4c47e1cd7
bugfix: fix regular expression to leave port colon
2015-11-17 12:12:59 +01:00
Christoph Hartmann
0de7549a64
lint: remove trailing whitespace
2015-11-16 21:44:12 +01:00
Christoph Hartmann
7898c1d29c
improvement: optimize regular expression, catch parse errors and ignore header lines
2015-11-16 20:33:49 +01:00
Christoph Hartmann
83e6f46724
add centos support for port
2015-11-16 20:32:43 +01:00
Dominik Richter
17ce88b63d
api: don't force root on os_env
2015-11-13 12:10:22 +01:00
Dominik Richter
069075b48a
lint
2015-11-13 10:46:04 +01:00
Christoph Hartmann
7b179872bd
extend upstart implementation to support systemv services
2015-11-13 09:54:30 +01:00
Dominik Richter
6cbe3466fb
update rubocop 0.35.1
2015-11-13 01:03:15 +01:00
Dominik Richter
007594eef7
lint
2015-11-13 00:48:52 +01:00
Dominik Richter
b47409fd73
0.9.2
2015-11-05 18:40:24 +01:00
Dominik Richter
faa0b41803
bugfix: correct add_content call to new param structure
...
this was breaking inspec shell
2015-11-05 18:35:38 +01:00
Dominik Richter
b31501ab93
0.9.1
2015-11-04 00:51:16 +01:00
Dominik Richter
6c36720bd1
0.9.0
2015-11-03 03:04:57 +01:00
Dominik Richter
6e548364f4
bugfix: dont skip controls during json generation
2015-11-03 01:10:05 +01:00
Dominik Richter
ea66947b36
dont warn on command not existing on mock backend
2015-11-03 00:35:45 +01:00
Dominik Richter
6e8c4f02a1
fix typo
2015-11-03 00:35:45 +01:00
Christoph Hartmann
9d32bc7f81
improvement: fail properly if os is not supported
2015-11-02 22:58:20 +00:00
Christoph Hartmann
b1153685a4
bugfix: relax fail for command.exist? for inspec check command
2015-11-02 22:52:04 +00:00
Dominik Richter
7a07c02b4d
alias rule instead of recreating it
2015-11-02 22:43:20 +01:00
Dominik Richter
ccabe55608
api: change require/include_rules -> require/include_controls
2015-11-02 22:26:20 +01:00
Dominik Richter
f976730a27
api: make control the default keyword
2015-11-02 22:26:20 +01:00
Dominik Richter
9aec339d9f
disable class length metrics on profile context for now
2015-11-02 17:47:04 +01:00
Dominik Richter
de8437caa6
feature: introduce group title for files
2015-11-02 17:31:56 +01:00
Dominik Richter
93ee171dfa
bugfix: use full path when resolving files
2015-11-02 16:43:39 +01:00
Dominik Richter
31d42b0212
lint: ignore line length on runner for now
2015-11-02 15:06:48 +01:00
Dominik Richter
421d7ecaa9
feature: auto-load libraries in profiles
2015-11-02 15:06:48 +01:00
Dominik Richter
f410ee3dba
simplify folder resolver
2015-11-02 15:06:48 +01:00
Dominik Richter
22bf549e0b
api: change library loading from /lib -> /libraries
2015-11-02 15:06:48 +01:00
Christoph Hartmann
d470803c37
improve command.exist? for more operating systems
2015-11-02 12:06:42 +01:00
Dominik Richter
13a6538acf
temporarily disable rubocop metric on profile
2015-11-02 10:06:35 +01:00
Christoph Hartmann
ea47c5add8
use new internal structure for inspect check
2015-11-02 09:59:15 +01:00
Christoph Hartmann
4a676f55c3
remove dup method users, use usernames, fix example
2015-11-02 00:22:08 +01:00
Dominik Richter
d328919370
simplify resiliance
2015-11-01 23:48:29 +01:00
Christoph Hartmann
cdab39079a
improvement: make os_env command more robust
2015-11-01 23:22:01 +01:00
Christoph Hartmann
1be689b77e
remove exit_status and only call split if we have a string
2015-11-01 23:21:08 +01:00
Christoph Hartmann
324fa4881f
do not offer stderr method via os_env
2015-11-01 23:14:12 +01:00
Christoph Hartmann
1941606b9e
deactivate group policy for now
2015-11-01 22:39:30 +01:00
Christoph Hartmann
9e53556379
fix os_env example
2015-10-31 11:55:10 +01:00
Dominik Richter
24451469ca
api: method_missing doesnt resolve hashmaps
...
Since #its has its(pun) own way of handling calls with a dot-notation, the full call is never passed to the resource. For example:
```ruby
describe json('file') do
its('a.b.c') { should eq 123 }
end
```
This is resolved to calling `json('file').a.b.c` and thus doesnt work as an intended `json('file').send('a.b.c'). For now use
regular its-behavior of calling `json('file').params ... its(%w{a b c}) { should ... }`.
Its' behavior must be improved.
2015-10-27 16:35:43 +01:00
Dominik Richter
8daf8dfa86
lint
2015-10-27 03:07:38 +01:00
Dominik Richter
59a8ca6639
construct profile in legacy structure
...
This is a temporary commit to achieve compliance with other components. It will be overturned before the final release.
2015-10-27 02:29:11 +01:00
Dominik Richter
5720aa3294
bugfix: detect filename+line for all example blocks
2015-10-27 02:29:11 +01:00
Dominik Richter
32e5e3ec29
move to symbols-based fields in profile params
2015-10-27 02:29:11 +01:00
Christoph Hartmann
cdb30c356f
add apache base config
2015-10-27 02:20:29 +01:00
Dominik Richter
b280203d03
consistently set an empty logger in non-verbose mode
2015-10-26 18:27:46 +01:00
Dominik Richter
471a723b83
restore parse_passwd_line to be public, thanks @chris-rock
2015-10-26 17:16:05 +01:00
Dominik Richter
d5973d1189
bugfix: harmonize postgres session handling
2015-10-26 16:59:46 +01:00
Dominik Richter
e76b83a24e
bugfix: mysql conf and session handling
2015-10-26 16:58:42 +01:00
Dominik Richter
5485111907
bugfix: support missing conf path for postgres_conf
2015-10-26 16:50:49 +01:00
Dominik Richter
414bf6b1fa
bugfix: handle empty processes result
2015-10-26 16:49:26 +01:00
Dominik Richter
ec6d1e680a
support postgres_session resource
2015-10-26 16:47:45 +01:00
Dominik Richter
ee0e9fc7c1
mock outer dsl attributes method
2015-10-26 16:44:20 +01:00
Dominik Richter
1613add894
bugfix: group policy needs a name for init
2015-10-26 16:40:21 +01:00
Dominik Richter
6dc0a3b638
rename inetd_config -> inetd_conf
...
be consistent with the filename
2015-10-26 16:21:51 +01:00
Dominik Richter
0ac3c412aa
bugfix: support empty content in simpleconfig
2015-10-26 16:16:42 +01:00
Dominik Richter
03fe892899
bugfix: handle empty parseconfig options
2015-10-26 16:13:48 +01:00
Dominik Richter
69be6acae8
bugfix: fail on missing access to /etc/group
2015-10-26 16:11:28 +01:00
Dominik Richter
95242bf9c2
add content parser tests
2015-10-26 15:50:57 +01:00
Dominik Richter
9d1dcef469
bugfix: remove '/' prefix from folder
2015-10-26 13:06:44 +01:00
Dominik Richter
090281fb0b
lint
2015-10-26 12:34:35 +01:00
Dominik Richter
b58a4b3f43
rename vulcanosec -> inspec
2015-10-26 12:34:15 +01:00
Christoph Hartmann
4bcfc76f27
simplify auditd name
2015-10-26 12:15:29 +01:00
Dominik Richter
05eb8df687
lint
2015-10-26 12:09:43 +01:00
Dominik Richter
76f7282e2c
add yard header to profile#check
2015-10-26 12:07:03 +01:00
Dominik Richter
83082b2e7b
feature: bring back profile check
2015-10-26 11:58:41 +01:00
Dominik Richter
b0bef37b06
support chef audit folder structure
2015-10-26 11:53:09 +01:00
Dominik Richter
9c1f258707
dont fail on missing rule body source
2015-10-26 11:46:43 +01:00
Dominik Richter
9703f3c747
bugfix: provide source code for rules in json
2015-10-26 11:46:43 +01:00
Dominik Richter
80b8b319d9
api: auto-include library files for inspec profile
2015-10-26 11:46:43 +01:00
Dominik Richter
07e3d749be
skip empty file content
2015-10-26 11:46:43 +01:00
Dominik Richter
8f0c9c890e
bugfix: fix path prefix in folder resolution
2015-10-26 11:46:43 +01:00
Dominik Richter
73b7b3c99a
bugfix: point to metadata.rb instead of vmetadata.rb
2015-10-26 11:46:43 +01:00
Dominik Richter
45f7057f30
lint
2015-10-26 04:39:16 +01:00
Dominik Richter
c326e08739
remove old verify code
2015-10-26 00:35:18 +01:00
Dominik Richter
93b4db01ca
add rules to profile information
2015-10-26 00:35:18 +01:00
Dominik Richter
a62ce0e14b
create json from profile metadata
2015-10-26 00:35:18 +01:00
Christoph Hartmann
24e23f3db4
bugfix: fix regular expression for apt
2015-10-25 22:32:50 +01:00
Christoph Hartmann
b7777d265e
improve fail warning. thanks @arlimus
2015-10-25 21:47:27 +01:00
Christoph Hartmann
d75e16546c
improvement: file resource check precondition and add file permission check
2015-10-25 21:35:35 +01:00
Christoph Hartmann
98d5a40686
generalize matcher
2015-10-25 21:33:36 +01:00
Christoph Hartmann
3c76ed6e37
integration test for file
2015-10-24 11:15:53 +02:00
Christoph Hartmann
25783ea283
fail with warning, if users use contain matcher
2015-10-24 11:15:53 +02:00
Christoph Hartmann
a407e3b6ce
bugfix: parse " with apt urls
2015-10-24 11:15:52 +02:00
Christoph Hartmann
0bbb70302d
bugfix: fix kernel_module in combination with CentOS 5 & sudo
2015-10-23 13:57:37 +02:00
Christoph Hartmann
66a2be7f33
improvement: add complete linux support for kernel_module
2015-10-23 13:57:03 +02:00
Christoph Hartmann
4574c07954
improvement: support all linux os for kernel_parameter
2015-10-23 13:30:14 +02:00
Christoph Hartmann
c177a511fa
add opensuse support for user resource
2015-10-23 12:14:00 +02:00
Christoph Hartmann
20afebc1a6
improvement: support package for opensuse
2015-10-23 12:14:00 +02:00
Christoph Hartmann
022ec31529
bugfix: rpm does not return exit code if package is not available, work around that
2015-10-23 12:14:00 +02:00
Christoph Hartmann
86bdb9903b
bugfix: only return true and false for package installed?
2015-10-23 12:14:00 +02:00
Christoph Hartmann
773bd0e971
improvement: add opensuse support for service resource
2015-10-23 12:14:00 +02:00
Christoph Hartmann
28c497a492
bugfix: support for sudo and service on debian
2015-10-23 12:14:00 +02:00
Christoph Hartmann
807ee03e8b
bugfix: fix regular expression to detect services on freebsd
2015-10-23 12:14:00 +02:00
Christoph Hartmann
eca6476ced
bugfix: use absolute path for SysV service to work well with sudo on CentOS 5
2015-10-23 12:14:00 +02:00
Christoph Hartmann
836697585b
bugfix: Ubuntu 10.04 initctl does not support show-config
2015-10-23 12:14:00 +02:00
Christoph Hartmann
579e465b88
0.8.0
2015-10-21 21:49:07 +02:00
Christoph Hartmann
e3cc942f60
bugfix: always return false instead of nil in case a service could not be determined
2015-10-21 20:54:46 +02:00
Christoph Hartmann
3d2bca2eaf
add centos support to service resource
2015-10-21 20:54:46 +02:00
Christoph Hartmann
571de7fc68
fix typos in os skip message
2015-10-21 20:54:46 +02:00
Christoph Hartmann
17279f9ef8
add centos support
2015-10-21 20:54:46 +02:00
Christoph Hartmann
20bbb4c960
add more usage headers
2015-10-21 19:30:01 +02:00
Christoph Hartmann
035e39ee8c
simplify yum implementation
2015-10-20 19:57:00 +02:00
Dominik Richter
cea48ceb5a
remove leftover comments
2015-10-19 12:07:14 +02:00
Dominik Richter
20dae26925
split methods for processing rules and checks after loading
2015-10-19 09:49:40 +02:00
Dominik Richter
08707eb2d2
temporarily attach the dsl to all example objects
...
TODO: Remove this!! It is very dangerous to do this here. The goal of this is to make the audit DSL available to all describe blocks. Right now, these blocks are executed outside the scope of this run, thus not gaining ony of the DSL pieces. To circumvent this, the full DSL is attached to the examples
2015-10-18 19:50:12 +02:00
Dominik Richter
d66f874e1c
feature: support expect keyword in rules
2015-10-18 19:14:22 +02:00
Dominik Richter
2cebd3fc31
allow loading without file and line info
...
i.e. dynamic loading only
2015-10-18 19:11:56 +02:00
Dominik Richter
c6cc45c28e
bugfix: add rspec core dsl to profile context
2015-10-18 19:11:56 +02:00
Christoph Hartmann
89f003f61b
bugfix: add missing uri import
2015-10-17 19:33:52 +02:00
Dominik Richter
c01e1f2c74
lint: make sure variables are defined
2015-10-17 00:03:41 +02:00
Dominik Richter
df07e768d0
lint: replace obsolete URI.regexp
2015-10-17 00:03:37 +02:00
Dominik Richter
9224d5db58
bugfix: support ruby 1.9.3
2015-10-15 23:28:37 +02:00
Dominik Richter
56b88cba1d
create factory for backend creation
2015-10-15 22:42:06 +02:00
Dominik Richter
6a51a5be00
remove rake tasks for runner tests
...
they are now found in train
2015-10-15 14:36:34 +02:00
Dominik Richter
132019a6d9
move backend creation to profile context
...
keeping it in the runner will create conflicts with rspec runners
2015-10-14 23:44:15 +02:00
Dominik Richter
be614e9056
migrate backend to Train project
2015-10-14 23:13:49 +02:00
Christoph Hartmann
693af465f6
fix lint issue
2015-10-12 13:23:11 +02:00
Christoph Hartmann
03f07e1a3e
add to_s methods to resources, fixes #98
2015-10-12 13:01:58 +02:00
Christoph Hartmann
c5924b697c
0.7.0
2015-10-12 12:11:53 +02:00
Christoph Hartmann
f5448e919b
remove p
2015-10-12 11:10:32 +02:00
Christoph Hartmann
c1f105bab8
improve iptables resource
2015-10-12 10:34:24 +02:00
Christoph Hartmann
ac4f0de673
simple iptables implementation
2015-10-12 10:34:24 +02:00
Christoph Hartmann
6af966e08b
bugfix: return function if data is already cached
2015-10-12 00:18:58 +02:00
Christoph Hartmann
60618723ef
fix typo
2015-10-10 23:29:44 +02:00
Christoph Hartmann
abb10db376
add apt implementation
2015-10-10 23:28:03 +02:00
Dominik Richter
28fb05ad97
reduce exposure of context, use backend for os detect
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-10 23:15:05 +02:00
Christoph Hartmann
9904e65923
run os detection in proper context
2015-10-10 01:24:39 +02:00
Christoph Hartmann
22c39bdf62
expose profile context
2015-10-10 01:24:39 +02:00
Christoph Hartmann
f4ed4cf7f5
optimize ping on windows
2015-10-09 19:21:12 +02:00
Christoph Hartmann
38ac1ea931
host resource for linux and windows
2015-10-09 19:10:10 +02:00
Christoph Hartmann
6f1181bc27
add windows support for bridge
2015-10-09 15:26:31 +02:00
Christoph Hartmann
90cf62d88e
add bridge to available resources
2015-10-09 15:07:03 +02:00
Christoph Hartmann
337cd6aff8
implement bridge for linux
2015-10-09 15:06:10 +02:00
Dominik Richter
6aee38a23c
feature: add interactive shell
2015-10-08 23:24:14 +02:00
Christoph Hartmann
9d92abf524
add windows support to network adapter
2015-10-08 13:01:50 +02:00
Christoph Hartmann
153c670952
introduce better network interface abstraction, add test cases
2015-10-08 13:01:50 +02:00
Christoph Hartmann
932b34e8de
externalize linux handling in separate provider
2015-10-08 13:01:50 +02:00
Christoph Hartmann
4223d5b1ef
implement interface for linux
2015-10-08 13:01:50 +02:00
Dominik Richter
285c83ba06
lint: dont use undefined vars
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-08 11:27:18 +02:00
Dominik Richter
4176d1b227
improvement: add default print method to resources
2015-10-08 11:06:20 +02:00
Christoph Hartmann
93df1656b5
simplify os detection
2015-10-07 18:46:24 +02:00
Christoph Hartmann
2499fc72f9
improve etc_group parser, keep parsed data internally instead of raw data
2015-10-07 18:45:08 +02:00
Christoph Hartmann
d2997400df
add author information
2015-10-07 18:45:08 +02:00
Christoph Hartmann
94662bed12
improvement: identify groups case insensitive
2015-10-07 18:45:08 +02:00
Christoph Hartmann
b7739a84be
implement group resource for windows
2015-10-07 18:45:08 +02:00
Christoph Hartmann
9fb51b44a2
modify etc_group to return complete group info
2015-10-07 18:45:08 +02:00
Christoph Hartmann
537728b41b
test case where group or os is not available
2015-10-07 18:45:08 +02:00
Christoph Hartmann
8c5453a4da
implement group resource for linux/unix
2015-10-07 18:45:07 +02:00
Christoph Hartmann
e57505739e
improvement: return gids in etc_group as integer
2015-10-07 18:45:07 +02:00
Christoph Hartmann
3e9526d992
improvement: run etc_group on unix only
2015-10-07 18:45:07 +02:00
Christoph Hartmann
028e7f977e
filter comments in /etc/group
2015-10-07 18:45:07 +02:00
Christoph Hartmann
949496776e
move comment parser to utils
2015-10-07 18:45:07 +02:00
Christoph Hartmann
55e09963c8
improvement: expose os detector function in os resource
2015-10-07 18:28:34 +02:00
Christoph Hartmann
bcde1c6dc7
bugfix: fix typo
2015-10-07 18:27:58 +02:00
Christoph Hartmann
2e1c48bbd6
add windows family as helper function
2015-10-07 18:27:44 +02:00
Christoph Hartmann
01f0ae954c
support OS detection and helper methods in mock backend
2015-10-07 18:27:17 +02:00
Christoph Hartmann
c85d042f53
remove inherited methods
2015-10-07 13:15:04 +02:00
Christoph Hartmann
9295a60913
add test case for script resource
2015-10-07 13:13:37 +02:00
Christoph Hartmann
05bdb44bf2
switch user resource to use new script resource
2015-10-07 13:05:04 +02:00
Christoph Hartmann
67f6ae5be2
implement run script resource for windows
2015-10-07 13:04:40 +02:00
Christoph Hartmann
8fff2ee989
add author header
2015-10-06 18:55:44 +02:00
Dominik Richter
fa4581489f
ignore stderr on file content cat
...
reduced problems on CSH and others...
2015-10-06 15:49:19 +02:00
Dominik Richter
ba288cc86e
bugfix: ensure resource registry is available to backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-06 14:12:32 +02:00
Dominik Richter
3439a34d16
bugfix: expose path in file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-06 14:12:32 +02:00
Dominik Richter
5662bb7383
migrate transport runner tests
2015-10-06 00:06:13 +02:00
Dominik Richter
8005b52921
move backend creation out of runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-05 23:00:27 +02:00
Dominik Richter
56d8379fc9
move all resources to use the command resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-05 18:54:47 +02:00
Dominik Richter
76572df292
api: wrap transport and add resources to backend
...
What is currently available as `vulcano` inside resources (e.g. to call `vulcano.file(...)`, is now wrapped inside `vulcano.backend`. All other resources are now added to `vulcano.<RESOURCE>`, e.g. `vulcano.user`.
2015-10-05 18:48:07 +02:00
Dominik Richter
5912f0d3f1
feature: add resources to backend accessor
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-05 17:35:50 +02:00
Christoph Hartmann
f38ce7d5f4
bugfix: fix error, where the winrm default path is not set properly by default
2015-10-05 15:35:02 +02:00
Christoph Hartmann
d82eeb045e
bugfix: use account instead of user, otherwise we get a response that falsifies the existence of a user
2015-10-05 14:57:09 +02:00
Christoph Hartmann
c5fa98c8eb
bugfix: deal with non-array return values
2015-10-05 14:55:49 +02:00
Dominik Richter
5815dda5d0
api: simplify ssl configuration
...
* rename `--winrm-ssl` => `--ssl`, to be used by other transports as well
* rename `--winrm-self-signed` => `--self-signed`, to be used by other transports
2015-10-05 12:52:04 +02:00
Dominik Richter
6278e6924d
feature: support specinfra+winrms:// backend for quick ssl config
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-05 12:52:04 +02:00
Christoph Hartmann
14c5c3f393
lint: remove whitespace
2015-10-05 12:28:28 +02:00
Christoph Hartmann
bb0734f8f3
cache requests
2015-10-05 11:50:49 +02:00
Christoph Hartmann
6b2064ad89
return password expiry information for linux
2015-10-05 11:50:49 +02:00
Christoph Hartmann
5dfb54e389
improve error case handling in user resource
2015-10-05 11:50:49 +02:00
Christoph Hartmann
af8bca193a
add support to hash commands in mock backend
2015-10-05 11:50:49 +02:00
Christoph Hartmann
e0b66b1380
bugfix: shell and home detection for freebsd
2015-10-05 11:50:49 +02:00
Christoph Hartmann
cef7f7e785
implement home and shell for user resource on linux and freebsd
2015-10-05 11:50:49 +02:00
Christoph Hartmann
7bf78059d8
remove dub functions from passwd
2015-10-05 11:50:49 +02:00
Christoph Hartmann
57676d88a1
externalize passwd parser
2015-10-05 11:42:20 +02:00
Christoph Hartmann
535fc10b5d
rewrite passwd resource to extract parser
2015-10-05 11:42:20 +02:00
Christoph Hartmann
3ff4a5d769
improve verification that a user exists
2015-10-05 11:42:20 +02:00
Christoph Hartmann
70a57de90c
windows support for user resource
2015-10-05 11:42:20 +02:00
Christoph Hartmann
77f48cfcf3
move line-split to simple config
2015-10-05 11:42:20 +02:00
Christoph Hartmann
ceadaaca4a
add basic support for freebsd
2015-10-05 11:42:19 +02:00
Christoph Hartmann
4c43c88778
implement basic user resource for linux and mac
2015-10-05 11:42:19 +02:00
Dominik Richter
938d13a7dc
switch from open4 -> mixlib-shellout
2015-10-04 23:24:17 +02:00
Dominik Richter
fede3fb9fd
use target path in configuring specinfra winrm
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-03 23:56:46 +02:00
Dominik Richter
369e61d0cd
feature: add path to target specification
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-03 23:39:09 +02:00
Christoph Hartmann
b40ab55710
fix: rubucop lint
2015-10-03 14:02:34 +02:00
Christoph Hartmann
0a7dfce1e6
add author
2015-10-03 13:27:20 +02:00
Christoph Hartmann
47e0b38a10
bugfix: catch case where we retrieve an arrray
2015-10-03 13:27:20 +02:00
Christoph Hartmann
f387dbbb9e
improvement: skip oneget if it is not running on windows
2015-10-03 13:27:20 +02:00
Dominik Richter
7d27b62794
simplify key assignment in conf
2015-10-02 22:41:25 +02:00
Dominik Richter
5825b4d6d4
rename --key-file to --key on cli
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-10-02 22:21:35 +02:00
Delivery Server
92b82a3cbf
Merged change 24637cb4-1d10-4e45-b683-27d9e1ca9a4f
...
From review branch _reviews/master/bugfix-gem/3 into master
Signed-off-by: drichter <drichter@chef.io>
2015-10-02 15:37:59 +00:00
Christoph Hartmann
1eed6bcf11
use separate method to determine the pip command
2015-10-01 23:29:31 +02:00
Christoph Hartmann
54603e9545
optimize pip resource for windows
2015-10-01 23:26:56 +02:00
Christoph Hartmann
2a5736b8f9
bugfix: fix gem to string
2015-10-01 23:25:46 +02:00
Dominik Richter
ae10fefd15
fix warnings
2015-10-01 16:43:36 +02:00
Dominik Richter
12888c8dad
bugfix: centos detection in docker centos:7.1.1503
...
It doesnt post the expected information in /etc/redhat-release:
Derived from Red Hat Enterprise Linux 7.1 (Source)
Additionally in /etc/os-release:
NAME="CentOS Linux"
VERSION="7 (Core)"
...
Combine both files to fix the detection.
2015-09-30 13:44:24 +02:00
Dominik Richter
aa4593ff71
replace parseconfig with simpleconfig
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:19:55 +02:00
Dominik Richter
8b97bdbaa7
expose simpleconfig groups
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:18:09 +02:00
Dominik Richter
2d8b63cb22
feature: support simple config groups
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:00:38 +02:00
Dominik Richter
90de8763cf
wrap up linting
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 02:20:47 +02:00
Dominik Richter
dd46027195
bugfix: require yaml in resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 01:48:59 +02:00
Dominik Richter
212f11243b
simplify and fix stat handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 01:42:04 +02:00
Dominik Richter
28b3792325
let specinfra backend os support OSCommon methods
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-29 19:34:43 +02:00
Dominik Richter
3508201a5d
split out unix stat
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-29 19:18:48 +02:00
Dominik Richter
15d5cc7ca0
split up specinfra backend helper
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-29 15:27:58 +02:00
Dominik Richter
1e0405bf74
allow for empty config in target_config
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 13:03:05 +02:00
Dominik Richter
78d98388f8
add amazon scientific and xenserver to redhat distros in detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 12:46:46 +02:00
Dominik Richter
4e15e425a4
move darwin to bsd type
...
see: https://en.wikipedia.org/wiki/Darwin_%28operating_system%29#/media/File:Unix_timeline.en.svg
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 12:14:40 +02:00
Dominik Richter
4f0c0d7f21
add unit tests to os common detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:52:50 +02:00
Dominik Richter
c77a0a1c81
api: make mock backend quiet by default
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:27:19 +02:00
Dominik Richter
7019b1f659
generalize and simplify os detect methods
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:15:41 +02:00
Dominik Richter
2eb94f5e2e
be more explicit about detecting unix
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:06:38 +02:00
Dominik Richter
bc98b3330f
feature: add helpers for OS families
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-28 11:06:38 +02:00
Dominik Richter
093600b85f
split up os detection for linting
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 13:12:52 +02:00
Dominik Richter
d839cbc8f7
lint the profile context
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:41:13 +02:00
Dominik Richter
1efb61ab80
lint service
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Dominik Richter
d28c5a85fe
lint mysql
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Dominik Richter
9885e7683b
lint port resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Christoph Hartmann
94ac889ff2
fix robocop lint issues
2015-09-25 19:46:46 +02:00
Christoph Hartmann
7cea90ef3a
fix lint issues
2015-09-25 19:34:25 +02:00
Dominik Richter
3fe0c90733
overhaul rule structure
...
* rename VulcanoBaseRule -> Vulcano::Rule
* initialize rule inside the ProfileContext
* attach all resources to ProfileContext and all rules created within
* rename rule.rb -> dsl.rb, now only containing DSL information
* rename base_rule.rb -> rule.rb, now containing everything for rule
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 19:16:32 +02:00
Christoph Hartmann
ec7a743f21
Merge pull request #51 from chef/ssh-transport
...
Verify ssh transport backend
2015-09-25 15:06:00 +02:00
Dominik Richter
6d7a46a589
bugfix: do not allocate pty on ssh by default
...
PTY will effectively disable stderr output, so avoid it for now.
It will come up very soon when we get back to sudo; see if fifo or other solutions might be used. Stderr is important for accurate command execution...
For reference see this wonderful explanation:
http://unix.stackexchange.com/a/134169
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 13:25:57 +02:00
Christoph Hartmann
ea75b361a7
bugfix: systemd is default on debian 8
2015-09-25 12:58:17 +02:00
Christoph Hartmann
007d292890
rewrite systemv service implementation, read enabled services from rc
2015-09-25 12:58:03 +02:00
Christoph Hartmann
11ffdeddad
improvement: return nil, if no description for service is available
2015-09-25 12:54:08 +02:00
Christoph Hartmann
9ac2e6e00b
improvement: use onestatus instead of status for freebsd, return nil as service description for freebsd
2015-09-25 12:51:25 +02:00
Christoph Hartmann
d5d517af0a
improve service handling for mac and add unit tests
2015-09-25 12:51:12 +02:00
Christoph Hartmann
36ad0dd5a0
add arch linux support for service resource
2015-09-25 12:48:57 +02:00
Christoph Hartmann
f302ca7087
bugfix: fix regular expression to parse systemd results
2015-09-25 12:48:38 +02:00
Christoph Hartmann
cb3d170ce6
add centos 7 unit mock for service resource
2015-09-25 12:48:21 +02:00
Dominik Richter
c3d226e4a2
add os detection to ssh backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 12:37:37 +02:00
Dominik Richter
8fe3b8ad4d
add ssh configuration options
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 12:37:35 +02:00
Christoph Hartmann
2a3c3270b3
bugfix: use volcano.os instead of os
2015-09-25 11:52:33 +02:00
Christoph Hartmann
3e16791f52
bugfix: catch case in service resource, where the OS is not supported
2015-09-25 11:52:33 +02:00
Dominik Richter
a051224462
improvement: be explicit on specinfra file content handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 09:55:48 +02:00
Dominik Richter
773548551d
bugfix: specinfra file handling on bsd over ssh
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-25 01:16:39 +02:00
Dominik Richter
5ed71ef444
bugfix: error handling on file backend in specinfra
2015-09-24 22:46:02 +02:00
Dominik Richter
1e5fc59fa8
bugfix: handle selinux label (null)
...
Return nil instead of (null), as it is a special output of stat.
2015-09-24 10:36:21 +02:00
Dominik Richter
7a6675394c
bugfix: linux file dont return selinux label ?
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-24 10:36:21 +02:00
Dominik Richter
3ed1c29039
bugfix: linux file content for folder/missing
...
Dont return empty strings when reading a directory or if the path doesnt exist. Instead return nil.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-24 10:36:21 +02:00
Christoph Hartmann
5151f42d7d
add package unit test for unsupported os
2015-09-23 23:30:31 +02:00
Christoph Hartmann
af0591ab70
fix lint
2015-09-23 23:30:31 +02:00
Christoph Hartmann
a9c96dfbab
fix: resolve unit test errors for arch and centos
2015-09-23 23:30:31 +02:00
Christoph Hartmann
968ed7a576
add todos for windows
2015-09-23 23:15:40 +02:00
Christoph Hartmann
476ac63036
return more detailed protocol information: tcp, udp, tcp6, udp6
2015-09-23 23:15:40 +02:00
Christoph Hartmann
563785d8a6
return arrays, since a port may run on multiple interfaces
2015-09-23 23:15:40 +02:00
Christoph Hartmann
a7b0520289
simplify check if port is available
2015-09-23 23:15:40 +02:00
Dominik Richter
a3e5984763
simplify a few calls
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-23 23:15:40 +02:00
Christoph Hartmann
d889f0b0b1
port resource support for FreeBSD
2015-09-23 23:08:54 +02:00
Christoph Hartmann
b47ec509fd
port resource support for Windows
2015-09-23 23:08:19 +02:00
Christoph Hartmann
4eeb84945c
port resource support for MacOS
2015-09-23 23:07:07 +02:00
Christoph Hartmann
c187230336
implement port resource for linux
2015-09-23 18:12:51 +02:00
Christoph Hartmann
52f7ddd899
add comment windows version determination
2015-09-23 13:24:55 +02:00
Christoph Hartmann
18e420bb31
remove windows 2003 r2, shares the same version number as windows 2003, only distinguishes via build number
2015-09-23 13:23:03 +02:00
Dominik Richter
ab155f7db6
bugfix: windows server 2008 detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-23 10:38:46 +02:00
Dominik Richter
1076dcbd52
remove os_ prefix from detect json syntax
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-23 10:25:05 +02:00
Dominik Richter
7ccd88f1a2
improvement: os detection on unix
...
provided the platform family hint == "unix" run tests for all supported unix systems
also clarify the role of linux detection as the last step
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 19:43:11 +02:00
Dominik Richter
a9c129540b
bugfix: file common for linked_to? tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 19:43:11 +02:00
Dominik Richter
f472e8a5c0
expose os to docker backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 19:43:11 +02:00
Dominik Richter
fc14706a0a
expose link_path in file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 19:43:11 +02:00
Dominik Richter
5fec383788
bugfix: detect os via unames
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 16:25:17 +02:00
Dominik Richter
c3fa247e6a
bugfix: local file owner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 14:24:22 +02:00
Christoph Hartmann
6b3365682d
fix comment
2015-09-22 02:27:04 +02:00
Christoph Hartmann
7ccc8baa37
improvement: switch back from OpenStruct to Hash
2015-09-22 02:27:04 +02:00
Christoph Hartmann
cf3dddf1a3
add csv support
2015-09-22 02:27:04 +02:00
Christoph Hartmann
b9d4fc6d8c
add yaml resource
2015-09-22 02:27:04 +02:00
Christoph Hartmann
0e43d4ca6a
add json resource
2015-09-22 02:27:04 +02:00
Dominik Richter
6be9c6822d
fix issue with premature matching
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:04 +02:00
Christoph Hartmann
42a989606b
implement kernel_parameter resource
2015-09-22 02:27:04 +02:00
Christoph Hartmann
ef9471e86c
implement kernel_module resource
2015-09-22 02:27:04 +02:00
Dominik Richter
c56dee4d0f
implement fake os method for mock backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Christoph Hartmann
8b6fccee92
implement windows_feature resource
2015-09-22 02:27:03 +02:00
Dominik Richter
bb18ce52e2
update function+test calls from exists? -> exist?
2015-09-22 02:27:03 +02:00
Dominik Richter
366bc44d0d
rename command().exists? -> command().exist?
...
This is in line with Ruby 2.1 changes in renaming File and Dir exists? to exist?
See previous commit
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
0b7eb60028
File.exists? is deprecated in ruby 2.1
...
See:
http://ruby-doc.org/core-2.1.0/File.html#method-c-exists-3F
Same for Dir:
http://ruby-doc.org/core-2.1.0/Dir.html#method-c-exists-3F
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Christoph Hartmann
78fea3d3a2
support package for windows
2015-09-22 02:27:03 +02:00
Christoph Hartmann
f9501577e4
improve code style
2015-09-22 02:27:03 +02:00
Christoph Hartmann
5019664d4d
bugfix: catch cases, where no service is available
2015-09-22 02:27:03 +02:00
Dominik Richter
7fb41cdbee
remove conditional or on release for detect util
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
13f7429509
remove commented fedora code
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
e78fbf1b96
move windows OS detection to backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
94d748efd1
add os name to detect util
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
f0215a4380
specinfra backwards compatibility for darwin/osX
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
0ed2f1b535
fix inverted darwin detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Dominik Richter
ca753cdb83
feature: add os resource
2015-09-22 02:27:02 +02:00
Dominik Richter
50dd82e150
feature: OS detection
2015-09-22 02:27:02 +02:00
Christoph Hartmann
34889913b4
bugfix: fix simplified runner configuration
2015-09-22 02:27:02 +02:00
Dominik Richter
9de015ae2d
improvement: simplify runner configuration
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:02 +02:00
Christoph Hartmann
37783385d4
implement service for FreeBSD
2015-09-22 02:27:02 +02:00
Christoph Hartmann
e06eed2178
Merge pull request #19 from chef/improvements
...
Improvements
2015-09-22 02:27:01 +02:00
Dominik Richter
4965bfd36d
make installed? always return true/false
...
Dont return nil als a falsy result.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
38a77efb4a
fix failing tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
535bddd944
move out local file user/group name
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
bef9cbf3e7
prevent yum repo shortname matching to nil
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
4d7c11b980
lazy eval ssh config params
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
dcc790b8a9
simplify nested params retrieval
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
55a26cfba7
align pip resource with info handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
10926935e2
align oneget resource with info handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
f395ebf6df
lazy eval ntp conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
508a6889d1
align npm resource with info handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
fc9764aa36
lazy eval login.defs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
3508219428
lazy eval limits.conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
6a6c1fd7c8
lazy eval inetd conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
075313b10e
cache gem package results
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
bfad1e1509
lazy eval auditd conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Christoph Hartmann
341a4ba98d
improvement: simplify readability of nil checks
2015-09-22 02:27:01 +02:00
Christoph Hartmann
db81929dd7
minor style improvement
2015-09-22 02:27:01 +02:00
Christoph Hartmann
c081cfac82
improve reliability of method_missing
2015-09-22 02:27:01 +02:00
Christoph Hartmann
05dd53b5b4
improvement: skip package resource if not supported on OS
2015-09-22 02:27:00 +02:00
Dominik Richter
9608e2e29b
bugfix: specinfra selinux label handling
...
as specinfra doesnt work with respond_to?, just call the method and catch the error.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
a88304d030
remove method missing for yum resource
2015-09-22 02:27:00 +02:00
Dominik Richter
6c29580de0
enforce file content encoding to utf8
...
this is also in line with specinfra compatibility
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
046f3fe9e4
fix robocop issues
2015-09-22 02:27:00 +02:00
Dominik Richter
c06fe38981
bugfix: dont strip specinfra file content output
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
8113df6d44
bugfix: fix sysv implementation
2015-09-22 02:27:00 +02:00
Dominik Richter
61e7559489
fix bsd stat detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
2e46e0781a
bugfix: fix initctl matcher to detect enabled services
2015-09-22 02:27:00 +02:00
Dominik Richter
13ce808a90
bugfix: specinfra is missing methods for freebsd
...
Add getter for user/group/mode for freebsd, as specinfra will execute these calls but not return anything.
2015-09-22 02:27:00 +02:00
Christoph Hartmann
7806951051
add fedora support
2015-09-22 02:27:00 +02:00
Dominik Richter
a1a0e10c5a
extend linux file with bsd stat
...
TODO: we must start separating between the different UNIXes and maybe call this something better than LinuxFile, but for now: since most of the things will stay the same, add the bsd stat command as an alternative to the linux stat command and parse its output.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Dominik Richter
82f89aa1db
bugfix: dont fail on specinfra selinux_label on freebsd
...
the call shouldnt be made, but in case it is, dont just fail mit NoMethodError
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
2484623220
add comments
2015-09-22 02:26:59 +02:00
Christoph Hartmann
d2e110e183
add debian support and improve regex
2015-09-22 02:26:59 +02:00
Christoph Hartmann
7239c7ced5
add service implementation for systemv
2015-09-22 02:26:59 +02:00
Christoph Hartmann
eb8c9411c7
remove comments
2015-09-22 02:26:59 +02:00
Christoph Hartmann
05e95477e3
add support for macos in service resource
2015-09-22 02:26:59 +02:00
Christoph Hartmann
6b07372bb9
bugfix: handle nil for service info
2015-09-22 02:26:59 +02:00
Christoph Hartmann
1b5e6fa7af
select init system by os version for now
2015-09-22 02:26:59 +02:00
Christoph Hartmann
4479001763
add upstart implementation for service resource
2015-09-22 02:26:59 +02:00
Christoph Hartmann
b8d0edecfb
add systemd implementation for service
2015-09-22 02:26:59 +02:00
Christoph Hartmann
204e6f5021
skip resource, if os is not supported
2015-09-22 02:26:59 +02:00
Christoph Hartmann
9da4e7674e
use volcano.os
2015-09-22 02:26:59 +02:00
Christoph Hartmann
9aa0b1cf4a
rename service_info to info
2015-09-22 02:26:59 +02:00
Christoph Hartmann
21040b9b03
implement service resource for windows
2015-09-22 02:26:59 +02:00
Dominik Richter
f18381a7d3
return nil for specinfra content on directories
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:59 +02:00
Dominik Richter
7137a9625b
expose backend file path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:58 +02:00
Dominik Richter
d16f76c9ce
pull in selinux label on local backend runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:58 +02:00
Dominik Richter
b13a1b574d
let specinfra support empty block device content
2015-09-22 02:26:58 +02:00
Dominik Richter
7f19111b1b
bugfix: catch lstat errors on local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
ef9b299319
api: specinfra reports nil on non-existent files
...
Check the responses and make sure we dont blindly return eg: size=0 or group="" or user="" for files that dont exist.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
4aef4821cc
bugfix: target_type check for pipe
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
b8ae2ee7a3
api: specinfra content returns nil on block_device
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
d2ade9f247
bugfix: nil content on specinfra empty files
...
Only return nil for no content on specinfra files if the file actually has any content. ie. when we were not able to read the content then provide the answer of nil. if the file has no content, return an empty string. this leaves the error case where empty files cannot be read, which will not be signaled via content from specinfra.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
d8dea86e6e
api: return nil for md5/sha256/content empty
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
e0b89e6ae2
bugfix: return nil on file content read errors
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
2c00423c3e
read symlink destination file types
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
6f4f0b570c
inject specinfra backend helper into file
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
5f472d9735
use lstat for local backend to read symlinks
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
3e16407454
rename file link_target -> link_path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
60f9e643aa
api: specinfra mtime returns unix seconds
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
04a8cfddf4
ignore exit code on linux stat
...
For now: Since stat throws exit code 1 on selinux label checks if no selinux label (or system) is present, it would signal us to disregard results. However, the results are actually complete and can be fully used, with selinux_label becoming "?".
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
526518fabd
api: set specinfra product_version + file_version to nil
...
whenever the label is empty (typically on all *nix systems) set it to nil instead of ""
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
55bd535599
api: specinfra set selinux label to nil
...
Whenever the selinux label is empty, set it to nil instead of '?' or ''.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
534a9ce57a
bugfix: always return file stat
2015-09-22 02:17:29 +02:00
Dominik Richter
c86a68950a
improvement: add optimized local file module
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Christoph Hartmann
6e76dd689e
bugfix: set host for ssh config in specinfra
2015-09-22 02:17:28 +02:00
Dominik Richter
8f45afffcd
move up specinfra property detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Dominik Richter
48b25e893d
bugfix: specinfra re-detect backend os
...
By default it uses the currently running OS on initialization, instead of the OS configured via backend. Force its reinitialization by resetting all properties.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Christoph Hartmann
dfb330e7e8
use backend os detection in resources
2015-09-22 02:17:28 +02:00
Christoph Hartmann
7b5bbc8a5f
patch specinfra os detection
2015-09-22 02:17:28 +02:00
Christoph Hartmann
1bf94016a7
rename Command to Cmd
2015-09-22 02:17:28 +02:00
Christoph Hartmann
43d49a348f
bugfix: require specinfra backend
2015-09-22 02:17:28 +02:00
Dominik Richter
54b37b0b96
unify reporting on concurrent tests
...
Take control of the rspec runner loop and make sure all of our concurrent tests are executed in one reporting chain. It goes: Start reporting, concurrently run container+test+kill, stop and publish reporting.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Dominik Richter
c6f896cad3
run full docker test in parallel
...
With just one more issue left: the formatter is going to report multiple time, including spitting out errors multiple times. Also need to remove some of the custom formatting around the current state of containers.
As a bonus: This further improved testing speed (30% on the current environment) and will allow us to grow the supported platforms for tests easily.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
37ad8f9531
run test setup concurrently + only once
...
Instead of having RSpec re-run its world multiple times, run it only once with all tests.
Which leaves us with one more thing to solve: we want to start tests as soon as the container is up and they are set up. At the moment, the containers come up and are set up concurrently, including test registry, but the tests themselves are in simple sequence.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
eb2e18b75d
remove leftover includes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
945dee74cc
Merge pull request #10 from chef/oneget
...
add oneget resource
2015-09-22 02:17:27 +02:00
Christoph Hartmann
33f9dd8e87
add oneget resource
2015-09-22 02:17:21 +02:00
Christoph Hartmann
d0d9a66e4a
move user default settings to backend
2015-09-22 02:15:43 +02:00
Dominik Richter
3e02e622c5
bugfix: linux file stat parameters and mount
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Christoph Hartmann
51fff9104b
bugfix: use instance variable, include winrm
2015-09-22 02:15:43 +02:00
Christoph Hartmann
b03db74798
improvement: set default user at a later stage to support user@target
2015-09-22 02:15:43 +02:00
Dominik Richter
2db06783fb
update find_files for all other resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
165c08799f
bugfix: deep merge mysql conf parameters
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
4852842bf6
feature: add hash utility for deep_merge
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
58fa9bc6c7
update mysql_conf to work with new find_files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
1345c1d017
update findfiles to work with new backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
f1cc7cbf9b
lint utils
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
753e7775ef
lint detect
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
486c5fde1c
fix code complexity lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
0d5ee00ac5
reduce branch size complexity mysql (lint)
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
470c2ef920
wrap up core resource linting
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
903b9642e4
lint resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
74da29c3ed
lint vulcano lib files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
07cb7efe36
lint targets
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
46b300f409
finish linting backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
e5686ea4e2
lint backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
cfbd5ccfc0
lint plugins
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
6e01505414
lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
67b5ecc06e
bugfix: force PTY on SSH connection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
1570e8e7af
Merge pull request #4 from chef/docker
...
Start Docker + SSH backends
2015-09-22 02:15:41 +02:00
Dominik Richter
1359152fc6
add ssh channels to get command stdout/stderr/status
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
0a13817639
feature: add ssh backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
e3373679ec
feature: add docker container backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
238f1b2016
add pip resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
bdb859b730
add npm resource to verify gem packages
2015-09-22 02:15:41 +02:00
Dominik Richter
275039dead
more rubocop
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
0171b2e2f2
add gem resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
77815154eb
add the be_installed matcher
2015-09-22 02:15:41 +02:00
Christoph Hartmann
9783751741
implement package resource
2015-09-22 02:15:41 +02:00
Dominik Richter
a6c47a2e39
rubocop
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
dcdf8ea0e2
init linux_file owner class
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
a9bd476cb5
feature: configure specinfra backend
...
via target or backend config; set the backend to: specinfra+exec, specinfra+ssh, specinfra+winrm, specinfra+docker etc.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
03e6402f5c
use LinuxFile to get type information in specinfra backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
13bc7f4015
move linux file handling to separate class
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
686134e06b
bugfix: url handler crashing on handles?
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
0125bcace8
add call tracing to mock backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
0abef702fc
initialize @stat in local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
ecad431bc6
move mock_command into mock, out of helper
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
17386740c7
dont redefine classmethod on initialize
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
f1c454aae3
typo fix on @commands
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
cb5f2d4409
bugfix: inherit base methods
...
Don't redefine methods that aren't there yet. yes: ruby parses top down at at that point we don't have these methods yet anyway, so don't :send them to the class
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
32a6f01d1f
simplify mock backend association
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
ea91af6da1
lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
93a3bc8e58
dont reference backend in local command
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
1d1220983a
feature: local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Christoph Hartmann
a7efec310b
implement yum resource
2015-09-22 01:10:56 +02:00
Christoph Hartmann
7e9eb2920d
add usage header for audit resource
2015-09-21 14:12:34 +02:00
Christoph Hartmann
62d0b217f9
optimize comments for audit_policy resource
2015-09-21 14:09:43 +02:00
Christoph Hartmann
e57e5f3fd6
bugfix: use new volcano backend for registry key
2015-09-21 14:09:10 +02:00
Christoph Hartmann
92ff33cbba
improvement: use separate object to hold filter state, optimize users output
2015-09-21 14:07:58 +02:00
Christoph Hartmann
d40ab9a9ad
bugfix: set default path for inetd_conf
2015-09-21 14:06:01 +02:00
Christoph Hartmann
0d7d01efbd
bugfix: set default path for limits.conf
2015-09-21 14:04:02 +02:00
Christoph Hartmann
797d24c14a
add login_def resource unit test
2015-09-21 14:01:51 +02:00
Christoph Hartmann
9358ac3035
rename env.rb to os_env.rb
2015-09-21 13:58:47 +02:00
Christoph Hartmann
672f03a0dd
improve output of ntp resource for single value arrays
2015-09-21 13:58:03 +02:00
Christoph Hartmann
7295e4c16f
improve handling on uid data view
2015-09-21 13:56:08 +02:00
Christoph Hartmann
852e5ae627
improvement: remove class variables from security policy implementation
2015-09-21 13:52:49 +02:00
Christoph Hartmann
53eb3b6990
bugfix: escape string before regex, fix regular expression to identify key
2015-09-21 13:52:33 +02:00
Christoph Hartmann
e9e24a6bd5
use new volcano backend for security policy
2015-09-21 13:51:27 +02:00
Christoph Hartmann
f0ac64cf31
improvement: extend mock to support simulated cmds
2015-09-21 13:43:09 +02:00
Christoph Hartmann
cdf15b9dd1
bugfix: support multiple values in ssh config like 'HostKey', improve readability by extracting the first value from array, if we have only one value
2015-09-21 13:43:09 +02:00
Christoph Hartmann
0e8651bf26
fix rubocop issues
2015-09-05 16:07:54 +02:00
Christoph Hartmann
36c9de7529
more rubocop fixes
2015-09-04 09:59:30 +02:00
Christoph Hartmann
91ea24d538
replace :: with . syntax
2015-09-04 09:15:20 +02:00
Christoph Hartmann
bbbb8380ca
replace raise with fail
2015-09-03 23:24:42 +02:00
Christoph Hartmann
556bb5a0f0
remove empty lines
2015-09-03 23:20:53 +02:00
Christoph Hartmann
1773d20178
use single quotes
2015-09-03 23:18:28 +02:00
Christoph Hartmann
5c137a7ab1
remove redundant return
2015-09-03 20:45:37 +02:00
Christoph Hartmann
349d5bf9f1
harmonize method definition style
2015-09-03 20:43:58 +02:00
Christoph Hartmann
7bdcc00e94
add utf-8 header
2015-09-03 20:36:46 +02:00
Christoph Hartmann
5612752b82
use single quotes
2015-09-03 20:35:23 +02:00
Christoph Hartmann
a895d19f03
simplify mock file loading method
2015-09-03 17:53:38 +02:00
Christoph Hartmann
a206d0ef09
(re)add debug for mock backend
2015-09-03 17:51:08 +02:00
Christoph Hartmann
7db6941219
feature: add bond resource implementation
2015-09-03 17:34:11 +02:00
Christoph Hartmann
ceb68f94cf
feature: extend mock framework to support file mappings
2015-09-03 17:34:11 +02:00
Dominik Richter
c9fcb2913a
complete all file tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 16:17:52 +02:00
Dominik Richter
29a143a67f
remove file ctime
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 15:43:30 +02:00
Dominik Richter
708fa8485d
bugfix: reset specinfra backends between runs manually
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 15:32:33 +02:00
Dominik Richter
f54fa6537a
use string for backend conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 14:56:08 +02:00
Dominik Richter
f618fa391b
bugfix: specinfra file type detection
...
mask & tmask returns non-zero values, if some bits fit the file-type. this leads to overlapping results. make sure the mask result has the full mask present, then use it.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 14:14:57 +02:00
Dominik Richter
841198993d
runner conf must use string-keys
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 13:43:32 +02:00
Dominik Richter
18701752a7
improvement: make runner config map work with keys and string
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 12:56:40 +02:00
Dominik Richter
199cb84ab3
not implemented only throws on missing methods
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 17:30:49 +02:00
Dominik Richter
951f63c6c8
feature: configurable formatter for test exec
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 16:44:14 +02:00
Dominik Richter
1c2ab098f5
specify methods all backends must implement
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 11:53:25 +02:00
Dominik Richter
05b4167971
start backend and file tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:55:22 +02:00
Dominik Richter
32964c1e4e
tests for backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:19:23 +02:00
Dominik Richter
e08787d14e
move file interface + helpers to backend plugin
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 00:50:52 +02:00
Dominik Richter
f60b7580d5
complete specinfra file backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:48:50 +02:00
Dominik Richter
a64597594e
minor bugfixes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:11:34 +02:00
Dominik Richter
04db46f116
add aliases for target and backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 19:49:39 -07:00
Dominik Richter
601abe2579
rename backend reference @vulcano -> vulcano
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 19:33:15 -07:00
Dominik Richter
b2e031c056
start serverspec migration
...
This project is inspired by Serverspec and all the wonderful contributions that went into it. Thank you all so much! We have used Serverspec as our audit base and have now a slightly different perspective. We hope to continue the spirit on this path. Hopefully both projects will find their way together.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:36:05 -07:00
Dominik Richter
d292ed6ea5
migrate directory resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:24:34 -07:00
Dominik Richter
e5daa52064
fix ssh config path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:18:37 -07:00
Dominik Richter
1bbe67682e
start migrating file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:14:17 -07:00
Dominik Richter
50a5803427
rename is_file? -> file?
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:13:53 -07:00
Dominik Richter
431c27d4ab
migrate all specinfra backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:13:07 -07:00
Dominik Richter
40784c7c8e
safeguard against empty backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:31:36 -07:00
Dominik Richter
de27b3d8e9
move mock backend to new plugin structure
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:14:28 -07:00
Dominik Richter
a8ed53c337
move backend to new plugin structure
...
use the same structure as for resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:11:23 -07:00
Dominik Richter
df8a668d8c
combine resoure+resources -> resource.rb
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:08:17 -07:00
Dominik Richter
84102b89de
rename contents -> content
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 02:10:36 -07:00
Dominik Richter
5a8bcf2b93
migrate file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 00:44:16 -07:00
Dominik Richter
1d805aca2c
migrate group policy
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:09:35 -07:00
Dominik Richter
554accdedc
reimplement command resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:08:24 -07:00
Dominik Richter
e0459c4116
migrate all of audit
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:04:52 -07:00
Dominik Richter
2a8b8d3394
migrate env and apache conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 13:02:18 -07:00
Dominik Richter
dddc9daed0
migrated inetd config and etc group
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:52:59 -07:00
Dominik Richter
2103a4485b
migrate limits and login defs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:47:37 -07:00
Dominik Richter
8004d6f129
migrate all mysql resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:41:48 -07:00
Dominik Richter
1a45f32f0b
migrated all postgres resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:37:03 -07:00
Dominik Richter
83d846ac7f
migrate ntp conf and parse_config
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:32:17 -07:00
Dominik Richter
d9d67e943a
migrate passwd and processes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:27:35 -07:00
Dominik Richter
dc0f61a0ef
migrate registry_key + security_policy
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 11:52:22 -07:00
Dominik Richter
d7bcf6dfea
move resource plugin to vulcano/plugins
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 11:49:21 -07:00
Dominik Richter
2c2d2d8d27
rename resources -> tests in the context of runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 10:13:05 -07:00
Dominik Richter
3bf8037638
move to a simpler plugin structure
...
This has been inspired in its calling structure by the wonderful work done in Vagrant. Kudos to all contributors!
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 10:10:03 -07:00
Dominik Richter
9e7ea1ef5d
move ssh_conf to new structure
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 20:02:38 -07:00
Dominik Richter
90a2d45462
create new pluggable profile context
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:59:58 -07:00
Dominik Richter
a1af0ad24b
start mock backend and change backend mechanics
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:59:15 -07:00
Dominik Richter
7e1f9b8a15
move resources lib
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:58:07 -07:00
Dominik Richter
38a99c065a
0.6.1
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-24 14:25:29 -07:00
Dominik Richter
22ce1d4b0d
add docker backend support
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-24 10:35:03 -07:00
Christoph Hartmann
3570295007
bugfix: remove debug message
2015-08-14 01:46:43 -07:00
Christoph Hartmann
6e7d2f6bcf
detect windows versions
2015-08-14 01:43:02 -07:00
Christoph Hartmann
e4de940dfe
improve windows detection
2015-08-14 00:49:31 -07:00
Dominik Richter
8c82bca280
bugfix: skip resources with message
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 23:22:56 -07:00
Dominik Richter
1890ba9226
bugfix: correctly detect code line of block
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 22:51:53 -07:00
Dominik Richter
75c30d9892
bugfix: remove unnecessary only_if outer definition
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 22:36:50 -07:00
Dominik Richter
086d385fe0
add detect utility to get os info
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 17:18:17 -07:00
Dominik Richter
90ed1aed99
fix missing require winrm
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:45:32 -07:00
Dominik Richter
6360bf825f
fix wrong variable ref
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:39:12 -07:00
Dominik Richter
83432ccfb4
fix typo
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:31:47 -07:00
Dominik Richter
1a165bc886
change the default impact to 0.5
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:05:26 -07:00
Dominik Richter
225b49fbd2
0.6.0
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:47:29 -07:00
Dominik Richter
5875864f45
move zip and tar helpers
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:45:42 -07:00
Dominik Richter
7a59d9ce76
feature: start github uri reader
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:34:37 -07:00
Christoph Hartmann
9065eaa35c
add zip and tar helper
2015-08-12 21:14:48 -07:00
Dominik Richter
61794072e5
generalize folder handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 20:47:02 -07:00
Dominik Richter
9f0b6ebc46
add targets for chef-audit and serverspec
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:19:36 -07:00
Dominik Richter
6e4381f2d4
turn backend into a separate object
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:07:01 -07:00
Dominik Richter
9ba4fb1d00
add configurable targets and backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 18:48:17 -07:00
Dominik Richter
cecd86a119
improvement: unify ID generation for all tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:29:23 -07:00
Dominik Richter
7f67a088cb
feature: --target option for scans
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:05:32 -07:00
Dominik Richter
be1cead58e
improvement: always give a title to spec files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 16:27:32 -07:00
Dominik Richter
5b0f5252c6
shorten anonymous describe IDs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:17:18 -07:00
Dominik Richter
116a9b46d8
run multiple files by aggregating results
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:16:50 -07:00
Dominik Richter
360da9a7ba
feature: configure ssh+winrm targets on CLI-runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 14:19:44 -07:00
Dominik Richter
33043dd6a1
feature: run tests from cli
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 12:03:41 -07:00
Your Name
f6509b7f81
add method_source gem for getting source code
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-10 00:01:11 +00:00
Your Name
0108ab2c75
simplify ruby source block detection
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 20:31:51 +00:00
Your Name
39343367c2
feature: include rule code in json
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 18:29:59 +00:00
Dominik Richter
5e8af49561
runtime bugfixes
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 23:39:43 -07:00
Dominik Richter
61f5f95147
make sure etc group values in where clause are strings
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:49:55 -07:00
Dominik Richter
b72ba08c06
trip whitespace
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:37:58 -07:00
Dominik Richter
a48d032cec
double-check if data is read from conf apache/postgres/mysql
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:35:18 -07:00
Dominik Richter
df8be769af
skip apache conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:28:32 -07:00
Dominik Richter
9621b1c9e9
skip postgres+mysql conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:27:34 -07:00
Dominik Richter
93065b9dda
use FindFiles for postgres conf
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:17:07 -07:00
Dominik Richter
c733a577da
improvement: unify FindFiles
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:11:01 -07:00
Dominik Richter
e9ee17c176
bugfix: find included files on remote host
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:50:49 -07:00
Dominik Richter
178ca83a4b
specify inetd_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:34:24 -07:00
Dominik Richter
07edef95ad
flatten users of groups
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:56:14 -07:00
Dominik Richter
3682a8279d
make sure to get conditions as symbols
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:49:05 -07:00
Dominik Richter
e0b0b52af3
feature: etc_group with where-function overhaul
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:42:05 -07:00
Dominik Richter
53112f4156
move resource methods to respective library files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:40:08 -07:00
Dominik Richter
42c3f95b41
move local parseconfig resources to library file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:25:27 -07:00
Dominik Richter
6faf07aa7d
rename parse_config back to parse_config_file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:24:15 -07:00
Dominik Richter
1344fba629
configurable limits_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:52:55 +02:00
Dominik Richter
70a6130335
move ssh_config + sshd_config with paths to the resource file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:43:38 +02:00
Dominik Richter
cc28749adf
configurable paths for postgres + mysql confs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:38:52 +02:00
Dominik Richter
700e2bab26
feature: add mysql resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:31:57 +02:00
Dominik Richter
7e9c8fe289
bugfix: get comment_char for simple_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:52 +02:00
Dominik Richter
f2fed3fa6d
api: change default of multiple_values true -> false in SimpleConfig
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:02 +02:00
Dominik Richter
9bf968838c
rename conf_ssh -> ssh_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:22:25 +02:00
Dominik Richter
0c5a28431d
feature: postgres information based on OS
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:21:32 +02:00
Dominik Richter
f51e89d3b1
shorten mysql and postgres session resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-30 18:28:57 +02:00
Christoph Hartmann
378a98797e
rename config_file resource
2015-07-27 23:26:10 +02:00
Christoph Hartmann
44f5ecef77
add apache config parser
2015-07-27 23:26:10 +02:00
Dominik Richter
252a88c24f
improvement: warn on minor missing entries, error on major ones
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-27 17:31:17 +02:00
Christoph Hartmann
bd6a294ac5
bugfix: add toString method for resources
2015-07-26 22:45:44 +02:00
Christoph Hartmann
345d7fb5cb
improvement: parse config can be configured
2015-07-26 22:45:18 +02:00
Christoph Hartmann
d926a67596
feature: resource for ntp configuration
2015-07-26 22:44:33 +02:00
Christoph Hartmann
24e9210160
feature: resources for audit daemon
2015-07-26 22:44:01 +02:00
Christoph Hartmann
34b8ab5f2a
refactor audit policy
2015-07-26 22:43:24 +02:00
Christoph Hartmann
32c4575642
add inetd resource
2015-07-26 12:53:29 +02:00
Christoph Hartmann
17476fd634
add limits.conf resource
2015-07-26 12:30:46 +02:00
Christoph Hartmann
8e16decccd
refactor types
2015-07-26 12:30:12 +02:00
Dominik Richter
35d3ee6b19
bugfix: ensure pseudo pty on remote
...
This first came up when scanning a RHEL6 EC2 box. Serverspec throws this error when the channel doesn't support a stdin.
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-21 12:59:52 +02:00
Christoph Hartmann
5d4e44872c
remove puts
2015-07-16 01:51:26 +02:00
Christoph Hartmann
fe7758a9a6
remove puts
2015-07-16 01:48:09 +02:00
Christoph Hartmann
fd4bb5f467
bugfix: fix id
2015-07-16 01:40:37 +02:00
Christoph Hartmann
0268d44052
add types
2015-07-16 01:09:54 +02:00
Christoph Hartmann
db8ff02313
add logindef and parse_config type
2015-07-15 16:33:39 +02:00
Christoph Hartmann
4809c33f93
add duplicate check matcher for arrays
2015-07-15 15:16:28 +02:00
Christoph Hartmann
018601480d
add etc_group implementation
2015-07-15 15:16:10 +02:00
Christoph Hartmann
dc94f2c2b5
add description for passwd file format
2015-07-15 15:15:53 +02:00
Christoph Hartmann
37f0ea7d6a
update copyright header
2015-07-15 15:15:18 +02:00
Christoph Hartmann
6ab07121de
add line feed
2015-07-15 00:50:42 +02:00
Christoph Hartmann
f9867b4c8d
add helper matcher
2015-07-15 00:50:34 +02:00
Christoph Hartmann
dbbad50c09
add passwd extraction of passwords
2015-07-15 00:50:19 +02:00
Christoph Hartmann
8c17ab29a5
add passwd support
2015-07-15 00:47:17 +02:00
Christoph Hartmann
4ff1687f6e
add env support
2015-07-15 00:47:04 +02:00
Christoph Hartmann
d7d79d3d5b
bugfix: remove winrm timeout
2015-06-28 10:09:04 +02:00
Christoph Hartmann
a25925057e
bugfix: remove debug output
2015-06-28 00:07:02 +02:00
Christoph Hartmann
1e80a197c4
feature: switch winrm port based on protocol
2015-06-27 23:03:43 +02:00
Christoph Hartmann
5714395232
feature: add ssl support for winrm
2015-06-27 21:30:21 +02:00
Christoph Hartmann
f165e51e1f
return nil, if we haven't received a value
2015-06-27 21:29:57 +02:00
Dominik Richter
8dd5ad2979
bugfix: prevent entries in known hosts files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:49:54 +02:00
Dominik Richter
2e827fd699
bugfix: prevent any auth-method that is not configured + prevent interactive password login
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:47:45 +02:00
Dominik Richter
34bc6a387c
feature: add configurable profile_id field
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-25 17:45:46 +02:00
Dominik Richter
3440f6f69e
bugfix scope
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 18:21:09 +02:00
Dominik Richter
8d0976a4cc
bugfix: scoping for ubuntu's ruby version
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:57:07 +02:00
Dominik Richter
e832a1f2c8
bugfix: typo
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:27:05 +02:00
Dominik Richter
6b8cd1078a
bugfix: mysql dynamic describe
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:33:22 +02:00
Dominik Richter
b3495e9fc5
bugfix: mysql resouce skipping and checking
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:18:40 +02:00
Dominik Richter
40ed9799b7
feature: mysql config resource updated
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:51:44 +02:00
Dominik Richter
232de91d9a
feature: mysql resource with debian login + skipping policy
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:24:35 +02:00
Dominik Richter
ff0020ac73
bugfix: enforce utf-8 encoding
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 08:56:13 +02:00
Dominik Richter
1b9997b204
bugfix: work around embedded only_if conditionals
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:52:40 +02:00
Dominik Richter
8294641b1e
bugfix: allow json/check methods to run despite only_if in profile
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:36:38 +02:00
Dominik Richter
cb3e067a1f
feature: helper method to check if a default command exists
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:19:04 +02:00
Dominik Richter
5d5b945933
feature: only_if for profiles added
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:07:35 +02:00
Dominik Richter
cceefa54cf
add base resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 17:06:04 +02:00
Dominik Richter
7a721dba7e
feature: skip ssh config if file isn't readable/found
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:33:08 +02:00
Dominik Richter
8026915ce5
feature: support skipping rules via resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:32:42 +02:00
Dominik Richter
e0e7fb8996
bugfix: indicate that file resource is really working with paths
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 11:23:30 +02:00
Dominik Richter
9e79b49f43
improvement: file permission matchers add full description
2015-06-21 11:06:39 +02:00
Dominik Richter
b942a1a103
bugfix: run without profile ID defined
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 10:28:13 +02:00
Dominik Richter
1abfdae264
bugfix: use fully qualified profile IDs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 02:21:08 +02:00
Dominik Richter
1d6a0decad
make json-builder work again with new rule-tree
2015-06-20 01:41:48 +02:00
Dominik Richter
83dc0a6425
make check work again with new rule-tree
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 01:36:59 +02:00
Dominik Richter
5e83779fb4
api: separate name from title in metadata
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 01:04:05 +02:00
Dominik Richter
ef4471d20b
feature: allow to skip rules
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 00:20:44 +02:00
Dominik Richter
2e1106b933
feature: add rule hierarchy with include and require rules
...
include_rules 'vulcanosec/ssh'
this will include all rules defined in vulcanosec/ssh
require_rules 'vulcanosec/linux'
this will not include any rules yet, but you may choose what you want to pull in.
both have a block attached which will allow you to choose rules (for require_rules) and redefined/change existing rules as you like. small example:
require_rules 'vulcanosec/linux' do
rule fs-3 do
impact 1.0
end
end
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 00:00:53 +02:00
Dominik Richter
a6748e2418
load rules from a spec file into a profile context
2015-06-19 22:23:07 +02:00
Dominik Richter
7649d1459c
simplify global vs embedded rule handling
...
i.e. one executes directly, the other just registers. this change makes such a distinction much easier
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:52:57 +02:00
Dominik Richter
da71e1e826
move DSL helper methods out of local DSL space
...
to avoid potential collissions
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:43:04 +02:00
Dominik Richter
8181ee038e
move rule execution and ID-fixing out
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:17:56 +02:00
Dominik Richter
f64f15ee6b
make syntax binding to scope programmable
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 20:11:26 +02:00
Dominik Richter
2c912d2fbe
initialize vulcano module + version first
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 18:45:38 +02:00
Dominik Richter
e689afb4b8
improvement: split vulcano core library from verification
2015-06-19 16:45:36 +02:00
Dominik Richter
aebed6cb55
bugfix: only call rule blocks if they are given
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-19 16:32:11 +02:00
Dominik Richter
6f4a1fc092
move log out of bin/vulcano; it's not used there
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-19 15:06:44 +02:00
Dominik Richter
1b36802589
feature: include other rules
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-18 17:32:40 +02:00
Dominik Richter
243c7b9892
feature: sudo configuration
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-17 10:49:25 +02:00
Dominik Richter
1a05865d6e
feature: print number of rules checked
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-16 23:33:27 +02:00
Dominik Richter
1247dd7bc7
api: change check -> rule
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-16 23:30:08 +02:00
Dominik Richter
e86cd978eb
bugfix: create check structure with meta-info
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-12 12:32:10 +02:00
Dominik Richter
9f02a88e54
improvement: separate checking information from processing
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:53:25 +02:00
Dominik Richter
3013bdcc46
feature: add pry for development consoles
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:40:16 +02:00
Dominik Richter
c329b6743a
bugfix: add resources to rules
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:37:51 +02:00
Dominik Richter
0c0be4b09e
bugfix: don't evaluate nil impact
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:36:30 +02:00
Dominik Richter
b5fb4c46c0
improvement: print file which has error
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:26:29 +02:00
Dominik Richter
fb9d09af49
bugfix: gsub on empty desciption
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:23:36 +02:00
Dominik Richter
beee62fabd
improvement: separate specfile sanitize vs check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:21:03 +02:00
Dominik Richter
1833ff9aa0
bugfix: call lambda correctly
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:16:05 +02:00
Dominik Richter
5ba7fb0386
bugfix: recognize empty title as title==id
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:15:26 +02:00
Dominik Richter
4ab30252fb
feature: vulcano check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:03:12 +02:00
Dominik Richter
08035d7b61
bugfix: don't let dummy resources overwrite library files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 23:05:00 +02:00
Dominik Richter
7a022f9c0a
change json syntax to: map[string]check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 22:24:53 +02:00
Dominik Richter
e9d642fc61
feature: replace vcheck
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 21:41:54 +02:00
Dominik Richter
44d1f88dda
add version
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 19:49:55 +02:00
Dominik Richter
f56618f364
bugfix: cascade IDs to child describe-blocks (from :its)
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 19:20:16 +02:00
Dominik Richter
64d90c326f
feature: add rules with IDs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 17:09:02 +02:00
Dominik Richter
483c12edc7
feature: run specs on different port
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:30:50 +02:00
Dominik Richter
14eebb88e0
capitalize ssh conf name
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:30:38 +02:00
Dominik Richter
18277ddfad
bugfix: postgres connection error detection fixed
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:29:55 +02:00
Dominik Richter
21d604820a
feature: add windows resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:37:17 +02:00
Dominik Richter
e87af25d07
bugfix: ssh is simpleconf w/o multiassignemnt
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:55 +02:00
Dominik Richter
6875d373e8
feature: winrm specs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:34 +02:00
Dominik Richter
c1522ed98c
feature: multi-assignments for simpleconfig
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:18 +02:00
Dominik Richter
985552731a
import resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-09 22:01:23 +02:00