Commit graph

3970 commits

Author SHA1 Message Date
Adam Leff
0cbedb1579
[www] Resurrect global message, promote ChefConf and NYC Meetup
The global message was removed during the redesign. Adding it back
to promote ChefConf. Also adding the upcoming NYC meetup to the
front screen.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 17:09:56 -04:00
Ryan Larson
0e187f6117 Feature/fix ability to pass in supermarket url (#1595)
* Enable customization of supermarket_url

It looks like this was originally supposed to work, but at some point
the default value was put in the method body rather than in the method
parameters.

This change allows you to configure the supermarket_url in test kitchen
like so:

```
verifier:
  inspec_tests:
  - name: linux-hardening
    supermarket: som3guy/apache-disa-stig
    supermarket_url: https://my.supermarket.com
```

Signed-off-by: Ryan Larson <ryan.mango.larson@gmail.com>
2017-03-29 12:42:24 -04:00
Dominik Richter
af7dffaa38 Merge pull request #1593 from chef/adamleff/yum-fix
Yum resource fix for non-existent repos and repo info
2017-03-29 10:54:02 +02:00
Adam Leff
7df9674e42 Remove method_missing, provide methods for repo metadata
Instead of method_missing, methods for each output item from
`yum repolist` are provided.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:42:25 +02:00
Adam Leff
1cf80737ad Yum resource fix for non-existent repos and repo info
If a repo did not exist, running matchers against it (such as `exist`)
were failing due to a bug in `#to_s` when fetching the repo name. The
`info` method would return nil and we'd still try to treat it as a hash.

This change ensures that info is always a hash, possibly empty if the
repo doesn't exist, and uses the repo name provided by the user rather
than shortening it to be consistent with our other resources which don't
manipulate the user input in the formatter.

Also added a method_missing to allow users to interrogate repo options,
such as baseurl or gpgcheck.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:42:25 +02:00
Dominik Richter
d44c363a98 Merge pull request #1594 from chef/adamleff/vendor-before-habitat-build
Support vendored profiles in Habitat-packaged profiles
2017-03-29 10:33:21 +02:00
Adam Leff
96d18435a4 Update CLI output, adjust tests
The CLI output for the vendoring of profiles has been updated slightly
to be more clear, and the functional tests have been modified to match
as well.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Adam Leff
e1c664272e Break out profile vendor activities into separate class
Per PR feedback, `Inspec::ProfileVendor` is created to centralize
the logic and data of vendoring profile dependencies. The `BaseCLI`
class and the `Habitat::Profile` class have been modified to use it

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Adam Leff
8269d0da9e Support vendored profiles in Habitat-packaged profiles
This change adds support in Habitat-packaged profiles for
profiles that depend on other profiles. When `inspec habitat
profile create` or `inspec habitat profile upload` is run,
it will see if the profile's dependencies have been vendored
yet, and if not, it will vendor them before creating the
habitat artifact.

For the git and URL fetchers, more explicit creation of the
target directories for the vendored profiles is done. This
is implicitly done via normal CLI interactions a user may
go through, but in our case, we want to ensure those directories
are there before the fetchers try to write out content.

By adding this support, we also fix a bug experienced in Habitat
where a profile that was packaged before an `inspec exec` was run
for the profile would cause a failure in Habitat. This is caused
by `inspec exec` doing a vendor of the dependencies if necessary
and generating the inspec.lock file. In Habitat, the package dir
is not writable by the hab user and InSpec would fail to run due
to an inability to write out an inspec.lock.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Dominik Richter
279f07cb1e Merge pull request #1603 from chef/adamleff/bad-ipv6-address
Fix port resource for invalid IP address in netstat output
2017-03-29 08:44:02 +02:00
Adam Leff
8e693a4ad9 Fix port resource for invalid IP address in netstat output
Netstat will sometimes output an IPv6 address that is not
formatted correctly; the address is either truncated or uses
or implies the `::` shorthand notation twice. This yields an
invalid IPv6 address and causes IPAddr.new to choke.

This change guards against invalid IP addresses and ensures they
do not end up in the port resource's entries list.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 08:33:50 +02:00
Dominik Richter
f30c0d8087 Merge pull request #1601 from chef/adamleff/remove-puts
Remove errant puts in inspec habitat CLI command
2017-03-29 07:57:14 +02:00
Adam Leff
90b0ce08c5 Remove errant puts in inspec habitat CLI command
Left a `puts` behind during some testing that made its way into
a PR. Removing it!

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-28 22:57:08 +02:00
Dominik Richter
c9b1b280ae Merge pull request #1599 from chef/adamleff/ruby-2.1
Require Ruby 2.1
2017-03-28 22:55:23 +02:00
Dominik Richter
873dbb4469 Merge pull request #1600 from chef/adamleff/habitat-docs
Add docs for habitat CLI commands
2017-03-28 22:54:11 +02:00
Adam Leff
5a12cddc9c
Add docs for habitat CLI commands
Adding a dedicated page for the InSpec/Habitat integration which
explains what it is, and details the commands a user needs to use
the integration.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-28 13:59:38 -04:00
Adam Leff
073fd99637 Require Ruby 2.1
InSpec now depends on nokogiri which has a dependency of Ruby 2.1 or
later. If someone tries to `gem install inspec` using Ruby 2.0, it
will fail on the nokogiri dependency rather than InSpec itself.

Additionally, Ruby 2.0 is already EOL.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-27 12:59:56 -04:00
Adam Leff
3f32dbe2d0 Merge pull request #1596 from nvwls/gem-binary
Extend `gem` to take an optional `gem_binary`
2017-03-27 12:54:40 -04:00
joe.nuspl
1ab80ea052 Extend gem to take an optional gem_binary
Allows one to test whether gems are installed into an omnibus environment.

Signed-off-by: Joe Nuspl <nuspl@nvwls.com>
2017-03-24 22:28:42 -07:00
Adam Leff
73e3bfda7a Merge pull request #1544 from chef/adamleff/hash-values-in-simpleconfig
Provide a method-based accessor for SimpleConfig hashes
2017-03-22 15:46:58 -04:00
Christoph Hartmann
7c11ff9280 add tag object (#1590)
* add tag object

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>

* add tests for to_hash function in tag

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 13:41:44 -04:00
Adam Leff
8a63e9d12c Merge pull request #1591 from chef/adamleff/www-fixup
Fixing www/docs rake tasks
2017-03-22 13:39:06 -04:00
Adam Leff
65c95d243e Fixing www/docs rake tasks
This is a follow-up to #1585. The website-related Rake tasks have been
moved to a www-specific Rakefile which can be found in the www/
directory. Any web-release-related gems have been moved to the www
Gemfile as well.

This also included modifying the docs rake tasks to be path-
independent as they currently expect that Rake is being run from the
root of the repo.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-22 12:21:03 -04:00
Christoph Hartmann
9de56d25f7 Merge pull request #1589 from mr-exz/yaml-bug-file-name
Support YAML attributes files ending in .yaml
2017-03-22 14:36:26 +01:00
Adam Leff
730de65e36 Merge pull request #1567 from chef/chris-rock/x509
x509_certificate and key_rsa resource
2017-03-22 07:30:19 -04:00
Christoph Hartmann
a96059a3eb x509 integration tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 11:44:33 +01:00
Christoph Hartmann
d2f000e435 refactor x509 resources and rsa key
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 11:44:32 +01:00
Richard Nixon
f66f0b3a18 Initial support for x509_certificate and rsa_key
* Includes unit tests
* Includes 2 new resources
* Includes documentation

Signed-off-by: Richard Nixon <richard.nixon@btinternet.com>
2017-03-22 10:00:48 +01:00
Christoph Hartmann
2d9d7aa106 Merge pull request #1564 from chef/dr/schema
implement JSON schema for `inspec exec` json outputs
2017-03-22 09:52:47 +01:00
Dominik Richter
738bae0db8 add inspec json schema validation to functional tests
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-03-22 09:42:36 +01:00
Dominik Richter
c620cbf69e add inspec min json generator 2017-03-22 09:42:36 +01:00
Dominik Richter
55daa24cbc add json schema and generator 2017-03-22 09:42:36 +01:00
Christoph Hartmann
57c6b39612 Merge pull request #1587 from chef/adamleff/fix-nokogiri-for-habitat
Fix Habitat plan for nokogiri support
2017-03-22 09:40:59 +01:00
mr.exz
38c9648eb4 add fix
Signed-off-by: mr.exz <root@exzec.ru>
2017-03-22 08:17:18 +03:00
Adam Leff
4dae0bead8 Fix Habitat plan for nokogiri support
Nokogiri is failing to build in the habitat artifact due to the lack
of libxml2 and libxslt. This brings them in as dependencies and also
properly configures bundler to use them.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 17:51:59 -04:00
Adam Leff
12bd580199 Merge pull request #1585 from chef/adamleff/move-simulator-to-www-gemfile
Move simulator gems to www
2017-03-21 16:50:18 -04:00
Adam Leff
199cb160ea Move simulator gems to www
The simulator gems are not necessary for building InSpec, only the website.
This is currently causing issues in the Jenkins infrastructure due to
a downstream dependency of github-markup.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 16:11:56 -04:00
Adam Leff
ddc0036f40 Merge pull request #1583 from chef/adamleff/1.17.0
release 1.17.0
2017-03-21 15:11:34 -04:00
Adam Leff
66095722c8 release 1.17.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 15:00:26 -04:00
Christoph Hartmann
b0702dd587 Merge pull request #1579 from chef/adamleff/fix-s3-cache
Fix omnibus configuration
2017-03-20 23:19:26 +01:00
Adam Leff
a49467e779 Fix omnibus configuration
The latest omnibus master expects certain settings to be enabled for
S3 caching to work, and our omnibus.rb wasn't set up properly. Also
aligning some of our settings to chef/chef's settings which we know
to work properly.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-20 17:50:16 -04:00
Christoph Hartmann
c11e4d2944 Merge pull request #1576 from jkerry/fixing_nokogiri
moving the nokogiri reference into the gemspec file
2017-03-20 13:39:32 +01:00
John Kerry
d4a0ae4549 removing an unnecessary require of the rspec junit formatter
Signed-off-by: John Kerry <john@kerryhouse.net>
2017-03-19 22:07:19 -04:00
John Kerry
dd9ec61199 moving the nokogiri reference into the gemspec file
Signed-off-by: John Kerry <john@kerryhouse.net>
2017-03-19 21:56:14 -04:00
mr.exz
4647664d56 solve #1569 2017-03-19 00:00:49 +03:00
Adam Leff
ea7c0c493e Provide a method-based accessor for SimpleConfig hashes
When SimpleConfig parses a config file that has sections, such as a mysqld
config file, the values within that section are returned via a Hash. However,
we do not provide an easy way to write tests for those deep hash values:

```
describe mysql_conf('/tmp/my.cnf') do
  its('mysqld.expire_logs_days') { should cmp 10 }
end

  MySQL Configuration
     ∅  undefined method `expire_logs_days' for #<Hash:0x007fe463795a00>
```

This change provides a method-based accessor for Hashes that are built via
SimpleConfig.

```
describe mysql_conf('/tmp/my.cnf') do
  its('mysqld.expire_logs_days') { should cmp 10 }
end

  MySQL Configuration
     ✔  mysqld.expire_logs_days should cmp == 10
```

Fixes #1541 by changing the way the attributes are fetched.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-15 14:49:16 -05:00
Adam Leff
bf36c0a7a7 Merge pull request #1555 from nvtkaszpir/patch-1
Update file.md with example how to test symlinked files
2017-03-15 09:00:32 -05:00
Christoph Hartmann
56986d1bdb Merge pull request #1561 from chef/adamleff/fix-object-traverser-for-arrays
Fix ObjectTraverser when accessing array values
2017-03-15 11:41:27 +01:00
Adam Leff
4f2b66302d Fix ObjectTraverser when accessing array values
When attempting to access array values via the `json` resource:

```
describe json('/tmp/test.json') do
      its(['array',0]) { should eq "zero" }
end
```

... the resulting data would be an array of the size of the original array
with all the values replaced with nils:

```
     expected: "zero"
          got: [nil, nil, nil]
```

This was due to a bug in the ObjectTraverser mixin that mapped array values
back through `extract_value` rather than properly handling the passed-in
key(s). This worked fine for the specific data format created by the `csv`
resource but did not work `json` or any other resource that subclassed the
`JsonConfig` resource.

This change fixes the logic when dealing with an array when it's encountered,
and fixes up the `csv` resource with its own `value` method.

This change also adds tests for ObjectTraverser.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-15 11:35:55 +01:00
Michał Sochoń
7a935a204e Update file.md with example how to test symlinked files.
Added detailed example why and how.
Updated with suggestions from Adam Leff.

Signed-off-by: Michał Sochoń <kaszpir@gmail.com>
2017-03-15 07:53:14 +01:00