Commit graph

326 commits

Author SHA1 Message Date
mhackethal
86cf55382b filesystem: improve Windows support (#3606)
* Improve filesystem.rb to support windows

improve filesystem.rb to support windows.
Split into 2 classes LinuxFileSystemResource / WindowsFileSystemResource
Add filesystem to verify a FS-type ( currently not for linux because missing test server )
Size on Windows is converted to GB - discussion about this welcome

update to reflect also windows os

* Create get-wmiobject-filesystem
* Delete get-wmiobject-filesystem

* Fix the testing code for filesystem.
Change its 'filesystem' to 'type' according to recommendation from @miah
Signed-off-by: Markus Hackethal <mh@it31.de>
2018-11-19 13:32:59 -05:00
Fernando Alexandre
8b089ea1e1 Fixes #3546 (#3592)
* When pty is used not having --no-pager makes inspec hang during the test
* Updated tests

Signed-off-by: Jose Alexandre <jose.alexandre@worldfirst.com>
2018-11-13 14:33:08 -05:00
mrshanahan
cebe044a68 Update iis_site bindingInformation construction and add tests. (#3490) (#3492)
Signed-off-by: Matt Shanahan <mrshanahan11235@gmail.com>
2018-11-08 13:42:59 -05:00
James Stocks
7c58285eb6 New resource to work with Windows security identifiers (SIDs) (#3405)
* Resource for a Windows Security Identifier (SID)
* Integration tests for security_identifier resource
* Address rubocop violations
* Improve security_identifier from PR feedback
* Update security_identifier tests
* Improve security_identifier unit tests
* Fix unit tests fpr security_identifier resource
* More security_identifier unit tests
* Add docs page for security_identifier resource
* Fix issues with documentation
* Improve docs
Link to Microsoft reference page, and use their term 'trustee' instead of 'entity' where applicable.

* Change exists to exist
* Test appveyor file changes.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-10-19 09:01:00 -04:00
Jared Quick
cb12ada2fe
Move compliance to v2 plugin (#3423)
* Move compliance pluging to v2 system.
* Update kitchen-inspec to test.
* Add legacy require patsh.
* Fix unit test

Signed-off-by: Jared Quick <jquick@chef.io>
2018-10-04 14:31:39 -04:00
Jonathan Hartman
7451917223 Support finding larger processes on Busybox (#3446)
For larger processes, Busybox's ps displays the vsz and rss columns in
megabytes or gigabytes, with no option I've found to override the behavior.

This change updates the process regex to account for that and converts
the values to kilobytes so they can still be cast as integers.

Signed-off-by: Jonathan Hartman <j@hartman.io>
2018-10-04 14:06:17 -04:00
Jonathan Hartman
08e3b90f2b Support the Busybox variant of netstat in the port resource (#3425)
Signed-off-by: Jonathan Hartman <j@hartman.io>
2018-09-25 22:40:05 -04:00
Jared Quick
40e024fa97
Move habitat to v2 plugin. (#3404)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-09-18 13:10:07 -04:00
Clinton Wolfe
50ff9f6a24
Plugins: Add support for 'bundles' migration (#3384)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
Signed-off-by: Jared Quick <jquick@chef.io>
2018-09-18 00:00:54 -04:00
Jared Quick
1c12a544c7
Add string impact options for controls (#3359)
* Add impact class which contains all cvss scores.
* Add testing for impact changes.
* Change symbols to strings for impact.
* Update error messages to be more clear.
* Fix test with new sha

Signed-off-by: Jared Quick <jquick@chef.io>
2018-09-13 14:14:05 -04:00
Jerry Aldrich
9d031053ea Various improvements to vendor command (#3286)
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-09-06 23:28:08 -04:00
Josh Hudson
2d44b6e5e0 Cached profiles with Compliance Fetcher (#3221)
* Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles
* Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly.
* Declare @upstream_sha256 if target is a string
* Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize
* Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic
* Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url
* Revert changes to cached fetcher that are unnecessary after refactor
* Pacify the god of ruby syntax
* Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles
* Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256

Signed-off-by: Josh Hudson <jhudson@chef.io>
2018-08-28 09:11:38 -04:00
Vern Burton
a7ab4b8b5f Add cloudlinux under redhat family (#2935)
* adding cloudlinux into the mocker under the redhat family as it is found inside of train, and creating tests for cloudlinux that mirror the centos/redhat tests.
* adding cloudlinux under the select_service_mgmt method so that it can be matched.

Signed-off-by: Vern Burton <me@vernburton.com>
2018-08-22 15:58:38 -04:00
Robert Van Kleeck
5264cb5fdf add iis_app_pool resource (#2400)
* add iis_app_pool resource
* add sign off
* remove training whitespace
* code cleanup and simplify timeout checks
* add mock tests

Signed-off-by: Rob Van Kleeck <rvankleeck@salesforce.com>
2018-08-09 09:19:49 -04:00
Noel Georgi
9d3beb8d41 Adding docker plugin support (#3074)
* Fixing tests and squashing
* Updating as per some PR comments
* PR comments

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-08-09 08:20:32 -04:00
Noel Georgi
b93da53237 Escaping package names for windows packages (#3259)
* Escaping package names for windows packages
* Fixing missed package_name ref
* Updating Mock SHA
* Removing unwanted file
* Linting fix

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-08-02 14:40:14 -04:00
Jerry Aldrich
f2d64938b7 windows_feature resource: Add DISM support (#3224)
* windows_feature resource: Add DISM support

This modifies the `windows_feature` resource to fallback to DISM when
the `Get-WindowsFeature` command is not available.

* Allow specifying `:dism` or `:powershell`
* Replace stacktrace with smaller error message
* Add notes/todo about raise behavior
* Remove duplicated platform check

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-25 16:00:06 -04:00
Jerry Aldrich
c1d7b2cfa3 alpine resource: Fix small style issues (#3238)
* Constrain RuboCop disables to single method
* Add comment to Alpine package command
* Use single quotes for Alpine package command
* Change `it` statement to be readable

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-25 15:57:51 -04:00
Dan Webb
a0fffa5286 Add Alpine package provider (#3215)
- Add Alpine tests
- Stub apk grep command for alpine
- Resolve (disable for now) rubocop ABC/CyclomaticComplexity/PerceivedComplexity

Signed-off-by: Dan Webb <dan.webb@damacus.io>
2018-07-19 15:07:36 -04:00
Stanislav Voroniy
a16877f427 A number of bug fixes and new features for oracledb_session resource (#3170)
Signed-off-by: Stanislav Voroniy <stas@voroniy.com>
2018-07-09 13:57:45 -04:00
Jerry Aldrich
cf9ce1bfdc auditd resource: Add handling for sudo/no command (#3151)
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-06-20 21:27:53 -04:00
Jared Quick
06ff747cfc
Detect windows packages with trailing spaces. (#3106)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-01 10:39:26 -04:00
Dominik Richter
ebd1d36600 support local npm package searches (#3105)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-06-01 10:52:46 +02:00
Tor Magnus Rakvåg
34b393ed3c mssql_session default port and local_mode (#3031)
* set port default to nil, introduce local_mode
* raise instead of warning
* restore default port, allow explicit nil

Signed-off-by: Tor Magnus Rakvåg <tm@intility.no>
2018-05-31 13:47:28 -04:00
Tor Magnus Rakvåg
71ba5018d2 Enhance groups resource with members property (#3029)
* implement members property
* flatten groups entry, extract flatten helper
* lints
* more idiomatic spec, add example of members testing

Signed-off-by: Tor Magnus Rakvåg <tm@intility.no>
2018-05-31 13:37:44 -04:00
Julian C. Dunn
1046a77027 Remove unneeded "-a" from the RPM query for performance improvement (#3077)
Signed-off-by: Julian C. Dunn <jdunn@chef.io>
2018-05-31 12:11:41 -04:00
Jerry Aldrich
9e8724ca6e nginx_conf resource: Fix include paths with quotes (#2726)
* nginx_conf resource: Fix include paths with quotes
* Move quote removal to `NginxParser`
* Add parsers/tests for quotes in quotes

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-05-03 09:53:20 -04:00
Henry Muru Paenga
a9e3b8d8d0 Amazon linux service mgmt detection (#2970)
Signed-off-by: Henry Muru Paenga <meringu@gmail.com>
2018-04-19 13:00:39 -04:00
David Alexander
3b97e16b97 New Resource: Chocolatey Package (#2793)
* Adds chocolatey package resource
* Adds docs for chocolatey_package resource
* Differentiate chocolatey package from windows feature

Suggested by @frezbo

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2018-04-05 08:54:27 -04:00
Paul Welch
d3b90a7c9f Pw/pip windows bug (#2883)
* Add python check for pip resource

When checking pip resources, we should skip resource if python is not
installed or we will fail with an error when trying to parse the path.

* Check pip command on windows

On Windows, if pip has a newer version available, it adds an error
message to stderr. Now checking if both stderr and stdout on windows
have values. If so, assume pip package is installed.

* Clean up powershell query command

- Make it easier to read what the powershell command is doing
- Make it easier to read what the cmd_successful method lokos for

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-03-29 13:01:59 -04:00
Jerry Aldrich
2c4f041e9d powershell resource: Add support other OSs (#2894)
This adds `powershell` resource support for non-Windows OSs via `pwsh`
and Base64 encoded commands.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-29 11:57:15 -04:00
Omar J. Irizarry
ef8da475d3 registry_key resource was returning an incorrect value (#2871)
* registry_key resource was returning an incorrect value
when key value was greater than 2147483647
* added mock
* Fix issue with default reg key
(default) key was returning nil even when a value was present.

Signed-off-by: Omar Irizarry <irizarry_omar_j@network.lilly.com>
2018-03-26 15:44:31 -04:00
Trevor Bramble
bd8ef9d1d8
Remove obsolete mock (#2869)
This mock was a remenant of file reading tests that became obsolete with
the centralization of that code.

Signed-off-by: Trevor Bramble <tbramble@chef.io>
2018-03-22 14:06:53 -07:00
Trevor Bramble
be83af35c5
Revise /etc/hosts for correctness and clarity (#2863)
* Clean up test data, correct parse error handling
 * Use functional pipeline to avoid need for conditional clauses and clarify the intent of the comment parsing.
 * Extract magic strings to constants
 * Remove code and tests now covered by FileReader

Co-authored-by: Trevor Bramble <tbramble@chef.io>
Co-authored-by: Paul Welch <pwelch@chef.io>

Signed-off-by: Trevor Bramble <tbramble@chef.io>
2018-03-22 09:58:22 -07:00
João Vale
3e2450e703 Host resource: use bash over netcat in Linux (#2607)
* Add support to use bash in host resource

Netcat's presence is widely regarded as a security issue, and thus not
always available. This solution first tries to use bash builtins and
timeout (from coreutils), so is less likely to require installing
additional packages.

* Darwin UDP support in host resource
* Host: use netcat first if available

Signed-off-by: João Vale <jpvale@gmail.com>
2018-03-07 08:39:27 -05:00
Jerry Aldrich
e4e907624a iptables resource: Add support for other bin paths (#2783)
* iptables resource: Add support for other bin paths
* Use `%w{}` instead of `[]`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-06 08:56:15 -05:00
Christian Becker
b7687765f5 http resource: Support OPTIONS method (#2742)
Signed-off-by: Christian Becker <c.becker@mediaevent.services>
2018-02-27 12:59:53 -05:00
Jerry Aldrich
448eeb4637 package resource: Fix brew package detection (#2730)
* package resource: Fix `brew` package detection

This allows for package detection via `brew` to handle cases where a
particular package formula exists but is not installed.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-23 09:01:14 -05:00
Jared Quick
9930e40a76 Add new "reporter" system (replacement for "formatters"), support multiple reporters per run (#2464)
* Formatter and reporter refactor.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add exception and backtrace to json-min report.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add sha to json-min and include generator version for json profile.

Signed-off-by: Jared Quick <jquick@chef.io>

* Fix deprecated typo and add fallback for cli resource title.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update to build json report and clean up cli logic.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add tests for json reporter.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add cli suppress_log_output? and a fallback for invalid reporter type.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update suppress_log_output? to check if we are outputting to stdout.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update reporter cli optoins to work with json_config.

Signed-off-by: Jared Quick <jquick@chef.io>

* Refactor some safe-navigation and variable names.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add thor banner to show reporter file output syntax.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-08 10:06:58 +01:00
Jerry Aldrich
d96a6affa7 packages resource: Add architectures support (#2469)
This adds support for `architectures` to the `packages` resource.

Example:

```
describe packages(/compat-libstdc++-33/) do
  its('architectures') { should include 'x86_64' }
  its('architectures') { should include 'i686' }
end
```

This also adds documentation for the `packages` resource

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-01-25 23:57:34 -08:00
Vern Burton
55abdebdc9 filesystem resource: inspect linux filesystems (#2441)
* adding df resource

Signed-off-by: Vern Burton <me@vernburton.com>

* adding unit tests and required mocks for them, created integration test

Signed-off-by: Vern Burton <me@vernburton.com>

* cleaning up skip test to include only the filename and not full path

Signed-off-by: Vern Burton <me@vernburton.com>

* adding docs

Signed-off-by: Vern Burton <me@vernburton.com>

* size makes more sense than space

Signed-off-by: Vern Burton <me@vernburton.com>

* removing unneeded author lines

Signed-off-by: Vern Burton <me@vernburton.com>

* as the command changed, changing mock to the new sha

Signed-off-by: Vern Burton <me@vernburton.com>

* updating to address comments from #2441

* removing author lines
* using attr_reader functions
* using ruby string functions rather than pipe to sed
* adding os family detection
* using ResourceFailed as the pattern already existed for OS family detection
* using if for future case support for unix and unix-like (FreeBSD)

Signed-off-by: Vern Burton <me@vernburton.com>

* adding supports to resource metadata, and adding tests that show that resource says that it is not supported on windows/unix.

Signed-off-by: Vern Burton <me@vernburton.com>

* focusing on linux os family and removing logic for assumed future cases

Signed-off-by: Vern Burton <me@vernburton.com>

* changing df to filesystem

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-25 09:29:31 -05:00
Jerry Aldrich
98546984ae service resource: attempt a SysV fallback if SystemD unit file is not found (#2473)
* service resource: Fix no `.service` + systemd bug

This modifies the `enabled?` check to fallback to `sysv_service` in the
event that a `.service` file cannot be found.

For example: On Debian 8.7 the stock apache2 package does not deploy a
`.service` file but deploys a SysV style service. This causes
`systemctl is-enabled` to fail when the service is in fact enabled.

* Remove `cmd_stderr` and clean up `cmd_exit_1`
* Clean up `stderr` assignment using ternary
2018-01-23 12:34:47 -08:00
ViolentOr
3c7bace964 Update security_policy resource to return Names, not SIDs (#2462)
* Added possibility to translate SID to human-readable name (using 'translate_sid: true' switch)

Signed-off-by: ViolentOr <github@violentor.me>

* fixed errors

Signed-off-by: ViolentOr <github@violentor.me>

* changed pars to opts

* renameg temp variable

Signed-off-by: ViolentOr <github@violentor.me>

* Required tests added

Signed-off-by: ViolentOr <github@violentor.me>

* fixed mistype

Signed-off-by: ViolentOr <github@violentor.me>

* should not copy-paste.

Signed-off-by: ViolentOr <github@violentor.me>

* replaced empty call with empty file

Signed-off-by: ViolentOr <github@violentor.me>

* tests fixed.

Signed-off-by: ViolentOr <github@violentor.me>

* grouped command mocks related to the security_policy resource

Signed-off-by: ViolentOr <github@violentor.me>

* bacgitend -> backend

Signed-off-by: ViolentOr <github@violentor.me>
2018-01-23 12:31:57 -08:00
Matt Kulka
c067798fc5 Docker Swarm service resource (#2456)
This change adds the `docker_service` resource for Docker swarm mode services. This
branches off some of the common elements (id, exists) into a `DockerObject` module along
with a utility function for parsing the image/repo string. That function was implemented
separately by `docker_image` and `docker_container`, now with a third resource, it made
sense to consolidate that into an included module. I used the most comprehensive
implementation. Existing classes had to be slightly modified for the genericization.

Signed-off-by: Matt Kulka <mkulka@parchment.com>
2018-01-23 12:30:14 -08:00
Jerry Aldrich
944dfdc987 grub_conf resource: fix menuentry detection (#2408)
* Fix `grub_conf` menuentry detection

This does the following:
  - Corrects Grub2 bug where last entry was always selected
  - Adds support for specifying a Grub2 menu entry by name
  - Adds support for using `GRUB_DEFAULT=saved` with Grub2
  - Adds more Unit tests

* Add error if menuentry name cannot be extracted
* Add handling for missing/unreadable grubenv
* Add defensive code for failed menuentry extraction
2018-01-18 13:20:48 -08:00
Vern Burton
175c3e1189 xml resource: support fetching attributes (#2423)
* adding database.xml with attributes to files and mocking it in the helper.rb

Signed-off-by: Vern Burton <me@vernburton.com>

* adding logic to test class returned by XPATH and using functions from respective classes to fill a array for return, and unit and integration tests to ensure functionality

Signed-off-by: Vern Burton <me@vernburton.com>

* updating docs to show how attributes are used

Signed-off-by: Vern Burton <me@vernburton.com>

* 'and' instead of 'or' makes more sense

Signed-off-by: Vern Burton <me@vernburton.com>

* adding default else for capturing unknown classes from REXML

Signed-off-by: Vern Burton <me@vernburton.com>

* removing extra newline

Signed-off-by: Vern Burton <me@vernburton.com>

* adding fail case with enough information to debug in future case

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-16 14:26:39 -08:00
Vern Burton
712ba520ad mssql_session resource: add port parameter (#2429)
* adding SQL 2012 SP1 for mssql_session testing

Signed-off-by: Vern Burton <me@vernburton.com>

* updating SHA to match new commands with ports in them

Signed-off-by: Vern Burton <me@vernburton.com>

* adding port, and a default value and moving from skip_resource to resource_fail

Signed-off-by: Vern Burton <me@vernburton.com>

* adding new sha for custom host

Signed-off-by: Vern Burton <me@vernburton.com>

* adding tests for hostname and migrating test that passed port in host to a dedicated port test

Signed-off-by: Vern Burton <me@vernburton.com>

* adding integration test

Signed-off-by: Vern Burton <me@vernburton.com>

* removing services as appveyor does not have integration testing running so it would be a waste of time to enable it

Signed-off-by: Vern Burton <me@vernburton.com>

* mock instance command

Signed-off-by: Vern Burton <me@vernburton.com>

* making instance readable

Signed-off-by: Vern Burton <me@vernburton.com>

* adding instance test

Signed-off-by: Vern Burton <me@vernburton.com>

* moving to ResourceSkipped as ResourceFailed is targeted for a major release

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-16 14:04:00 -08:00
Jerry Aldrich
c2a65942d9 Add support for Darwin Directory Service groups (#2403)
* Add support for Darwin Directory Service groups

This allows users to verify groups added by Chef on OS X.

The current method that `UnixGroup` uses is to check the contents of
`/etc/group`, but OS X adds groups to Directory Service and not
`/etc/group`. This modifies the `group` resource on Darwin to use
`dscacheutil` to get group info.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Clean up `select_group_manager`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Clean up DarwinGroup `groups` method

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-12-20 16:57:45 +01:00
Miah Johnson
e33f4959e1 Allow crontab resource to read crontab at user specified paths. (#2328)
* add a emulated /etc/cron.d/crondotd file to the mocking system.

* test that we handle incoming paths correctly by rendering to_s.

* We take in both users and a path, so lets call that destination.

* To make the test pass we'll determine if we are dealing with a path or
a user and return the correct string.

* we will need the ability to determine if we are dealing with a path when either calling the crontab command or reading the file directly, so break that out into a path? method.

* remove author field.

* test contents of our crondotd file.

* we have to explicitly make @destination a String to use include?.

* when we get a path we use inspec.file to get conents, otherwise we run the crontab command.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add documentation for example usage with file path.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Make path? and path_or_user private methods

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add missing username filed to crondotd mock file

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Pass argument as a hash when testing file paths

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Expected results should include usernames when testing file paths

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add special string `@yearly` test to crondotd mock file

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to existing cron tests

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Rubocop says I need spaces after/before curly brackets

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to crondotd file tests and add @yearly test

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Modify initialize to take options hash and be backwards compatible.

Change initialize default argument to create a hash by default, though
it is still possible to pass in a 'user' string argument.

@user gets set with the argument value unless its a hash, in which case
it tries to set the value of the user key, otherwise it becomes nil.

@file gets set with the value of the path key, unless it doesn't exist
in which case it becomes nil.

All hash keys are symbolized to ensure consistent access.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Check if @path is nil to determine if we run crontab command or parse
file.

path? was removed as we're not overloading a @destination variable
anymore.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* if @user is nil assume current user otherwise crontab for @user

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Change to complete if rather than ternary.

We have three possible cases, current user, other user, or file path.
This accounts for all of them.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to the crontab FilterTable

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Remove path? and path_or_user

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Move crontab parsing to two methods, parse_user_crontab and
parse_system_crontab

Because a command in a crontab file could have spaces we must parse user
and system crontabs differently.

When we parse user crontabs the user field will either be nil, or the requested user.

Both user and path parsers handle special strings (@yearly, @weekly,
etc). And also account for position of user in these files (or adds it
in user case)

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Update examples with user: and path:

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add spaces after : in example docs

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Disable rubocop ClassLength check

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Moved rubocop ClassLength metric next to class instead of above the
module.

Remove unnecessary braces.

Add is_system_crontab? and is_user_crontab helper methods and use them.

Add tests to see if error conditions are raised when the resource is
invoked with missing parameters (user, or path), and on a unsupported
os.

Change initialize to group all hash functions together and raise errors
when user and path is unset. Also raise errors on unsupported operating
systems.

Change order of ternary and use is_system_crontab? rather than
@path.nil?

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2017-12-07 13:50:07 +01:00
Jared Quick
31578de5e4 Fix inspec appveyor test with the new local train transport (#2376)
* test appveyor with ruby#File

Signed-off-by: Jared Quick <jquick@chef.io>

* Update inspec train to version 0.31.1

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-06 15:18:38 -05:00
Jared Quick
4b1c1b041f security_policy resource: use PID for filename instead of random (#2368)
* Update security policy export to use pid instead of random.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update helper for the new train.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-04 15:31:06 -05:00
Jared Quick
3f14e467b3 Unique export file for security policy resource (#2350)
* Add a unique export for security policy resource.

Signed-off-by: Jared Quick <jquick@chef.io>

* Remove skip resource on empty policy file.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-11-29 15:16:40 +01:00
Adam Leff
98db74a466 http resource: properly support HEAD request with remote worker (#2340)
The existing method of adding `-X HEAD` to the curl command does not
work properly and can cause timeouts because curl doesn't properly
close the connection. The correct way is to use curl's own `--head`
flag.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-27 18:17:39 +01:00
Seth Chisamore
396752ba26 Add basic param handling to remote HTTP worker (#2286)
http resource: Add basic param handling to remote HTTP worker
2017-11-16 12:16:23 -05:00
malovdm1
923e4abf21 sqlplus credentials could contain special symbols and need to be escaped (#2308)
Signed-off-by: Dmytro Malovany <dmytro.malovannyy@gmail.com>
2017-11-15 21:49:09 +01:00
Brett Delle Grazie
0bb318c2dc http resource: supply max-time option using read_timeout and open_timeout (#2289)
Curl doesn't distinguish between them so need to use the sum of both as
the overall timeout.

fixes #2288

Signed-off-by: Brett Delle Grazie <brett.dellegrazie@gmail.com>
2017-11-09 11:11:19 +01:00
Seth Chisamore
af8443d1ea Use proper syntax in curl header option (#2285)
`curl` expects a valid header per RFC 2616 when using the
`-H`/`--header` option. RFC 2616 declares header field/values
should be separated using a colon (`:`):
https://tools.ietf.org/html/rfc2616#section-4.2

Signed-off-by: Seth Chisamore <schisamo@chef.io>
2017-11-03 14:28:54 -04:00
Wei He
71ed5ef964 service resource: properly search for SysV Init S files (#2274)
* bug fix: Service resource

Signed-off-by: Wing924 <weihe924stephen@gmail.com>

* fix test case

Signed-off-by: Wing924 <weihe924stephen@gmail.com>
2017-11-02 15:03:51 +01:00
Markus Grobelin
221db7e132 mount resource: fix for Device-/Sharenames and Mountpoints including … (#2257)
* mount resource: fix for Device-/Sharenames and Mountpoints including whitespaces

Device-/Sharenames and Mountpoints on Linux may include whitespaces (\040), e.g. /etc/fstab entry like:

```//fileserver.corp.internal/Research\040&\040Development /mnt/Research\040&\040Development cifs OTHER_OPTS```

... results in a mount line like:

```//fileserver.corp.internal/Research & Development on /mnt/Research & Development type cifs (OTHER_OPTS)```

The Linux mount command replaces \040 with whitspace automatically, so this should be tributed.

I used a control like this:

```
    describe mount('/mnt/Research & Development') do
      it { should be_mounted }
      its('device') { should eq  '//fileserver.corp.internal/Research & Development' }
    end
```

Before:

```
  ×  whitespaces-1: Mount with whitespace within sharename and mountpoint. (1 failed)
     ✔  Mount /mnt/Research & Development should be mounted
     ×  Mount /mnt/Research & Development device should eq "//fileserver.corp.internal/Research & Development"

     expected: "//fileserver.corp.internal/Research & Development"
          got: "//fileserver.corp.internal/Research"

     (compared using ==)
```

After:

```
  ✔  whitespaces-01: Mount with whitespace within sharename and mountpoint.
     ✔  Mount /mnt/Research & Development should be mounted
     ✔  Mount /mnt/Research & Development device should eq "//fileserver.corp.internal/Research & Development"
```

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mounts_with_whitespaces: make lint happy

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mount resource: added parentheses as suggested by https://github.com/chef/inspec/pull/2257/files

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mount resource: fix for Device-/Sharenames and Mountpoints including whitespaces
Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-11-01 12:01:21 +01:00
Markus Grobelin
2251270929 cran resource: check for R module installation (#2255)
* Added CRAN resource to check R modules

control 'cran-1' do
  impact 1.0
  desc '
    Ensure R module DBI is installed.
  '

  describe cpan('DBI') do
    it { should be_installed }
    its('version') { should cmp >= '3.0' }
  end
end

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* cran resource: made lint happy, added negative unit test, removed unused arg perl_lib_path

Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-10-25 16:14:29 +02:00
Markus Grobelin
c626dfdbd9 cpan resource: check for Perl module installation (#2254)
* Added CPAN resource to check Perl modules

control 'cpan-1' do
  impact 1.0
  desc '
    Ensure Perl modules DBI and DBD::Pg are installed.
  '

  describe cpan('DBI') do
    it { should be_installed }
  end

  describe cpan('DBD::Pg') do
    it { should be_installed }
    its('version') { should cmp >= '3.0' }
  end
end

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* cpan resource: fixed unit test for non-installed module

Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-10-25 16:01:26 +02:00
Adam Leff
8dc48533aa new resource: elasticsearch resource, test cluster/node state (#2261)
* new resource: elasticsearch resource, test cluster/node state

This is a new resource for testing an Elasticsearch cluster. It operates
by fetching the `_nodes` endpoint from a given Elasticsearch node and
collects data about each node in a cluster, even if there's only a
single node.

This work is based on inspiration from an initial PR #1956 submitted by
@rx294.

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Adam Leff <adam@leff.co>

* Reduce mock data on non-default tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-20 17:28:48 -04:00
Matt Ray
c21ce063ab Replace WMI query with PowerShell cmdlet "get-hotfix" (#2252)
Signed-off-by: Matt Ray <matthewhray@gmail.com>
2017-10-18 12:24:11 +01:00
username-is-already-taken2
fd558b63ac Corrected some unit test warnings (#2242)
Signed-off-by: username-is-already-taken2 <gary.bright@niu-solutions.com>
2017-10-17 14:49:26 +02:00
Adam Leff
5114173e50 Support PAX-formatted tar files, standardize file lists (#2225)
* Support PAX-formatted tar files, standardize file lists

When a tar file is generated in PAX format, the files have an additional
relative path prefix added to them. For example, instead of:

inspec.yml

... the file is listed as:

./inspec.yml

And the source reader plugin looks only for a "inspec.yml" file to
determine the profile format.

This change addresses this issue by normalizing the file paths in the
TarReader and accounting for the additional "./" prefix that may exist
whenever the tar file is walked looking for a file to read its content.

Signed-off-by: Adam Leff <adam@leff.co>

* Remove pax from unit test, will move to functional

Signed-off-by: Adam Leff <adam@leff.co>

* Add function test for the pax header tar file

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-10 10:36:57 +01:00
Keith Walters
2a8d6e0e91 Uses netstat to detect open ports on AIX (#2210)
* Uses netstat to detect open ports on AIX

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>

* Adds unit tests for AIX port resource

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
2017-10-10 10:54:18 +02:00
Adam Leff
939ee5ecfc processes resource: support busybox ps (#2222)
This change enhances the processes resource to support the busybox
ps command which is common on Alpine, for example. The way we
map ps fields to the structs needed by FilterTable have also been
refactored to be more flexible so we can support multiple formats
in the future.

Also, the processes resource now allows the grep argument to be optional
thus allowing a user to query all resources without passing in a
match-all regex.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-06 19:32:39 +02:00
Jared Quick
7bb7767dae Add nil check for sshd config file (#2217)
* Add nil check for sshd config file

This fixes #1778. There was a issue where if the user did not have read
permissions on /etc/ssh/sshd_config it would error out on the empty?
check. The fix here is to also look for nil on the file content. Along
with this I refactored the inspec file empty? check as it does not exist
and was also erroring during my testing.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add emptyfile test object and refactor tests

Signed-off-by: Jared Quick <jquick@chef.io>
2017-10-06 15:41:48 +02:00
Adam Leff
21ba43d6a5 http resource: properly execute tests on remote target (#2209)
Currently, the http resource always executes locally, even when scanning
a remote machine with `--target` which leads to undesireable behavior.

This change adds the ability to remotely execute tests with curl. This
behavior is currently opt-in with the `enable_remote_worker` flag, but
will become the default behavior in InSpec 2.0. Deprecation warnings
are emitted if the user is scanning a remote target but has not opted
in to the new behavior.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-04 22:44:09 +02:00
dromazmj
7fc7942ab1 firewalld resource: inspect the status and configuration of firewalld (#2074)
* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resourec - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource firewalld

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications to new resource - firewalld

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Changing firewalld_command method to prepend the command with 'firewall-cmd' to reduce code reuse.

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications made
	* installed? method now tells by checking if firewall-cmd is a command on the system
	* The firewalld_command method now strips the stdout of the return
	* added another test for testing multiple active zones

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing rake lint issue

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing match and returning boolean for seeing if firewalld is running

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing lint issues

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Empty commit to rerun.  Accidentally updated branch.

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Rerunning test, accidentally updated branch. needs sign off commit

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>
2017-09-27 14:05:35 +02:00
dromazmj
b23a58b573 etc_hosts_allow and etc_hosts_deny resources: test the content of the tcpwrappers configuration files (#2073)
* New Resource-combined etc_hosts_allow etc_hosts_deny

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
2017-09-25 13:49:04 -04:00
Matt Ray
e23249d635 windows_hotfix resource: test whether a Windows HotFix is installed (#2178)
* Add hotfix resource for Windows

Signed-off-by: Matt Ray <matthewhray@gmail.com>

* Renamed hotfix to windows_hotfix

Added additional unit test checking for KB that is not present on a box

Signed-off-by: Matt Ray <matthewhray@gmail.com>

* Integration test to spot-check for hotfixes

Queries the Windows operating system via Powershell for a list of all
installed hotfixes and spot-checks every 10th one with the
windows_hotfix resource. Checking hundreds is time-consuming. Also
checks to ensure a non-installed hotfix is not present.

Signed-off-by: Matt Ray <matthewhray@gmail.com>
2017-09-25 19:09:22 +02:00
Jerry Aldrich III
3d7244fb07 Add wildcard support to Utils::FindFiles (#2159)
Wildcards are evaluated prior to applying `sudo` permissions. This
means that running `sudo find /some/path/*.conf` will fail if the user
does not have read permissions on `/some/path/` because the wildcard
cannot expand before `sudo` is applied and `*.conf` isn't a file.

The solution for this is to run the command in a subshell that has the
proper permissions (e.g. `sudo sh -c 'find /some/path/*.conf'`).

This modifies `Utils::FindFiles` to use a subshell thus allowing
wildcard support.

This fixes #2157

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-23 09:17:34 +02:00
Jerry Aldrich III
cbcca9f39e Modify Upstart enabled check to use config file (#2163)
This modifies the enabled check for the `service` resource to use the
service's config file instead of `initctl show-config`.

`initctl show-config` does not accurately show the state of a service if
that service's config file is modified while the service is running.

This fixes #1834.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-21 12:21:34 -04:00
malovdm1
3e16a099c5 quote username and hostname in mssql_session (#2151)
Signed-off-by: Malovany, Dmytro (Ext) <dmytro.malovany@novartis.com>
2017-09-18 21:49:20 +02:00
Jerry Aldrich III
9773e1cd94 Add wildcard/multiple server support to nginx_conf resource (#2141)
* Add wildcard/multiple server support to nginx_conf

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* separate the merge function for maps in nginx_conf

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-15 16:37:57 -04:00
Adam Leff
7810051f0a package resource: assume a default Homebrew path (#2140)
* package resource: assume a default Homebrew path

Homebrew's `brew` script is installed to /usr/local/bin by default which
is usually not in a non-interactive PATH. We will now first check to see
if `brew` is in PATH, and if not, assume a default of `/usr/local/bin/brew`

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:41:09 -04:00
Rony Xavier
7d2da0c199 nginx resource: audit the nginx binary and how it was compiled (#1958)
* nginx base resource

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xavier <rx294@gmail.com>
2017-09-13 08:15:09 -04:00
dromazmj
70548ab754 etc_fstab resource: test contents of the /etc/fstab file (#2064)
* Adding support for fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to docs of new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications to new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>
2017-09-11 15:55:03 +02:00
dromazmj
cb5b475bb1 etc_hosts resource: test the contents of the /etc/hosts file (#2065)
Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
2017-08-31 09:51:39 -04:00
Jonathan Morley
3e7d47505c Add support for XML files (#2107)
* Add support for XML files

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>

* Use REXML instead of nokogiri

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>
2017-08-31 09:56:14 +02:00
Adam Leff
e2fa0b5e73 port resource: support ss instead of netstat (#2110)
* port resource: support ss instead of netstat

`netstat` is officially deprecated and is replaced with `ss`. This PR
changes the port resource to use `ss` if it's available on the target
system.

Signed-off-by: Adam Leff <adam@leff.co>

* Disable Metrics/ClassLength cop on the LinuxPorts class

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-31 09:53:08 +02:00
Anthony Shaw
d5f33f0b99 pip resource: support non-default pip locations, such as virtualenvs (#2097)
* Update pip resource for #516 allow user to set path to pip executable

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* support virtualenv path, pip file exec and better logic

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* add tests for the change to the pip path and resource

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* tests are case sensitive, although command line is not

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use a path verification method instead of a class method

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use guard clauses instead of conditionals

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* change the control flow to return nil when commands are not available

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* fix the return values when custom pip path is not valid

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* Refactor pip path detection to fix unit tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-30 22:04:22 +02:00
Jennifer Burns
2cef15aec3 aide_conf resource: test configuration of the AIDE file integrity tool (#2063)
* Added aide_conf resource and subsequent files

* Updated to match on all selection lines

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Changed to use CommentParser and fixed typo

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Fix typo in test file

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated to address PR feedback

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-08-25 22:13:43 +02:00
Adam Leff
367d42fb3a Properly handle held packages on dpkg-flavored OS (#2087)
* check the proper field for dpkg installation state fixes #2006

Signed-off-by: Mathieu Sauve-Frankel <msf@kisoku.net>

* Properly handle held packages on dpkg-flavored OS

InSpec was looking at the wrong field in `dpkg -s` output to determine
whether a package was installed or not. An installed, held package was
incorrectly reported as uninstalled.

This adds the proper unit tests and also adds a `be_held` matcher.

Thanks to @kisoku for the initial work in #2007.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-18 17:29:23 +02:00
Adam Leff
c467ca3d5a Add missing command mocks to fix tests after train 0.26.1 upgrade (#2069)
Train 0.26.1 fixes a bug where missing mocked commands would return
a zero exit code. This resulted in some unit tests failing due to
missing mocked commands.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-14 19:07:16 +02:00
Adam Leff
1ea06ac3ea Change host resource to use getent ahosts on Linux (#2002)
* Change host resource to use getent ahosts on Linux

In InSpec 1.31, we changed the `host` resource to use `dig` instead of `getent
hosts` for name resolution because `getent hosts` does not return all entries
(only the first v6 entry if it exists, then the first v4 entry) and we wanted to
keep the Darwin and Linux implementation as close as possible. Unfortunately,
this affected users' ability to do resolution checks for entried stored in their
/etc/hosts file.

This change goes back to using `getent` for Linux and changes to `getent ahosts`
which returns both v4 and v6 records. Additionally, the Darwin provider's dig
implementation was reordered to return v4 addresses before v6 addresses to be
consistent with how `getent ahosts` returns records.

Signed-off-by: Adam Leff <adam@leff.co>

* Update unit tests for resolve_with_getent with proper output

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-11 21:32:52 +02:00
Adam Leff
c280e9a816 Fix host resolution on Darwin, use dig wherever possible (#1986)
* Fix host resolution on Darwin, use dig wherever possible

The `host` and `dig` commands do not return non-zero if a query returns NXDOMAIN
or NOERROR, but the DarwinHostProvider was expecting it when deciding whether to
fall back to IPv4 if a IPv6 query failed. Therefore, the `host` resource would
not function properly when resolving hostnames on Darwin. The logic has been
changed to use `dig` short output and query for both v6 and v4 addresses.

Additionally, the LinuxHostProvider has been modified to prefer `dig` if it's
available to keep behavior similar between Darwin and Linux whenever possible.
This has the added benefit of providing v6 and v4 resolution if possible where
`getent hosts` only returns v6 if v6 records exist.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-05 10:45:30 -04:00
Aaron Lippold
cc7ed38d09 kernel_module resource: added blacklisting, enabled, disabled, docs and unit tests (#1798)
* Fix up methods, add command mock, do string matching in ruby instead of command

Fixes #1643
Fixes #1673

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-05 11:41:44 +02:00
Aaron Lippold
224935e9cf New postgres_hba_conf resource (#1964)
* Created pg_hba_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Created pg_hba_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Corrections

* updated to parse auth-options

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* updated `conf_path` instance var to `conf_file` for consistancy.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* pg_hba_conf - updated the parse_line method
added test and doc files

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated few bugs on pg_hba_conf
updated test files and docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Made updates based on the reccomendations

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* PR commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* PR Commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Update Gemfile.lock

* PR Commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated doc file for postgres_hba_conf resource to use
'cmp' matcher instead of 'eq'

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Made requested changes, except for SimpleConfig - will address that later.

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-03 20:13:51 +02:00
Aaron Lippold
57864f1488 New postgres_ident_conf resource (#1963)
* Initial commit of pg_ident_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Initial commit of pg_ident_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Small updates to organization of code

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xaiver <rx294@nyu.edu>

* updated `conf_path` instance var to `conf_file` since we are returning
a file.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Updated few bugs on pg_ident_conf
added test files and docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Added OS check

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock file

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* added windows mock file

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Changed resource name from pg_ident_conf to postgres_ident_conf

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Completed corrections reccomended on PR

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* removed copyright information

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-03 20:01:40 +02:00
Christoph Hartmann
0839be50d6 oracle_session and mssql_session improvement (#1857)
* improve database parsing
* support sqlcli
* ensure headers are downcast
* externalize database helper
* use password as argument
* feedback from @adamleff
* inline docs update + linting
* stay backwards compatible
* implement tests
2017-06-29 11:01:32 -04:00
Jerry Aldrich III
cc6f1e90ca Add rpm_dbpath support to the package resource (#1960)
Signed-off-by: Jerry Aldrich III <jerry@chef.io>
2017-06-28 03:21:15 -07:00
Christoph Hartmann
8f247673e5 optimize for docker 1.13 (#1966)
Ensure docker resource works with docker 1.13+
2017-06-26 15:45:03 -04:00
Dominik Richter
56549aed82 add nginx_conf resource (#1889)
The resource itself only offers contents and params right now. It resolved
all include calls it can find and creates the aggregated config object.

This is limited in functionality. One last (set of) PR(s) is needed to
add an interface that makes querying this config file easier. It is due
to the file's inherent complexity that I want to explore which methods
are needed to be effective. In the meantime, this resource offers accessors
to the underlying data that are stable.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-26 06:37:41 -07:00
Nolan Davidson
52cc27dd06 Adding toml resource (#1924)
* Adding toml resource

This adds a `toml` resource that inherits from the json resource and
behaves the same way as the JSON and YAML resources.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-06-15 16:54:12 -04:00
Kristian Vlaardingerbroek
ced4ca1858 Add support for CoreOS to the service resource (#1928)
* s/package/service/ on service unit test descriptions

Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>

* Add support for CoreOS to the service resource

Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>
2017-06-15 13:19:58 -04:00
pete higgins
89e30f8d31 Reduce warnings (#1917)
* Remove some apparently unused test setup to remove some warnings.
* Initialize some instance variables before use to silence warnings.
* Remove an unused variable to remove a warning.
* Remove some indirection.
* Silence logger during tests.
* Check if an instance variable was defined before referencing to remove a warning.
* Define duplicated constant once in root rakefile.
* Initialize an instance variable to remove a warning.
* Remove PROJECT_DIR to reduce coupling.

Signed-off-by: Pete Higgins <pete@peterhiggins.org>
2017-06-15 12:10:47 -04:00
Adam Leff
12a495c631 Add TCP reachability support on Linux for host resource (#1915)
* Add TCP reachability support on Linux for host resource

This enhances the `host` resource on Linux targets by using netcat
(if installed) to perform TCP reachability checks.

Signed-off-by: Adam Leff <adam@leff.co>

* documentation updates

Signed-off-by: Adam Leff <adam@leff.co>

* Appease rubocop

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-09 18:18:51 +02:00
Juan Carlos Castillo Cano
1c98ff13f6 Support special cases for crontab resource
Signed-off-by: Juan Carlos Castillo Cano <jccastillocano@gmail.com>
2017-06-06 15:12:12 +02:00