Running `inspec exec` with --sudo locally produces unintended results
given that we cannot escalate local Ruby methods after we're already
running. --sudo is meant to only be used with remote targets. We do
not currently enforce that.
This change will print an error for the user if they attempt to use
--sudo with a local exec and exit non-zero.
Signed-off-by: Adam Leff <adam@leff.co>
The file resource's `#content` method will return nil if the file
cannot be read for permissions issues. If you try to run a profile
that uses the `xinetd` resource without sudo privileges, InSpec
would try to call `#empty` on nil.
This change fixes this issue by checking for nil before checking
for emptiness.
Signed-off-by: Adam Leff <adam@leff.co>
RedCarpet table rendering was not enabled, and we need to treat
the resource names as code to avoid resources with two underscores
from being rendered as partial italics.
Signed-off-by: Adam Leff <adam@leff.co>
inspec.io is now hosted by Fastly which operates as a caching reverse
proxy. This change adds a Rake task that will flush the cache at Fastly
if the API key and Service ID are set in the appropriate environment
variables.
Flushing the cache is not required, so this will not error out if the
environment variables aren't provided; the cache will eventually clear
on its own. This will simply speed along the process as needed.
Signed-off-by: Adam Leff <adam@leff.co>
InSpec is "appbundled" into the ChefDK which means users can't
simply run `chef gem install inspec` and get an updated InSpec.
`appbundle-updater` exists to combat this and, when run, will
pull the source and install the gem using `rake install`.
In the appbundle-updater config, we'll want to exclude unnecessary
gems from getting installed, such as the "tests" group. Our Rakefile
doesn't work without the "tests" group being installed.
This change makes the Rakefile usuable when the "tests" gems aren't
available.
Signed-off-by: Adam Leff <adam@leff.co>
A new `help matchers` command will provide helpful examples on a few
of the standard matchers: be, cmp, include, etc.
I also cleaned up the formatting of the resources list and provided
better feedback if a user requests help for an unknown resource.
Resolves#1684
Signed-off-by: Adam Leff <adam@leff.co>
Instead of my favorite shortcut of `os.inspec` just finally add it as a global keyword.
Preparation for https://github.com/chef/inspec/issues/1396
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
This is always bothersome when debugging code and drilling down objects, since it will just a return a two-layer anonymous class with no help at all.
Instead print a nice name and even give a bit of information on pretty-printing (which pry does naturally)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Unindent has been misbehaving for control `desc`riptions by completely removing newlines. This is now fixed and the unindentation mechanism improved to behave as expected.
Removing empty lines at the beginning and end of string remains unchanged.
Tabs are not treated as multi-space indentations; supporting them as 8-space chars would require additional effort (please comment if this is important to you)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>