* Add support for XML files
Signed-off-by: Morley, Jonathan <jmorley@cvent.com>
* Use REXML instead of nokogiri
Signed-off-by: Morley, Jonathan <jmorley@cvent.com>
* port resource: support ss instead of netstat
`netstat` is officially deprecated and is replaced with `ss`. This PR
changes the port resource to use `ss` if it's available on the target
system.
Signed-off-by: Adam Leff <adam@leff.co>
* Disable Metrics/ClassLength cop on the LinuxPorts class
Signed-off-by: Adam Leff <adam@leff.co>
* Update pip resource for #516 allow user to set path to pip executable
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* support virtualenv path, pip file exec and better logic
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* add tests for the change to the pip path and resource
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* tests are case sensitive, although command line is not
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* use a path verification method instead of a class method
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* use guard clauses instead of conditionals
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* change the control flow to return nil when commands are not available
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* fix the return values when custom pip path is not valid
Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>
* Refactor pip path detection to fix unit tests
Signed-off-by: Adam Leff <adam@leff.co>
* Support mixed-case group entries
The `group` resource downcased the input parameter unless the target
was a Windows node. However, it's completely legitimate for a Unix-y
node to have mixed case group and passwd entries.
This change does have the potential to break people that did not carefully
match their case when searching for a group, but we're currently blocking
people from using the group resource properly if they have mixed-case
entries.
Signed-off-by: Adam Leff <adam@leff.co>
* Fix unit tests
Signed-off-by: Adam Leff <adam@leff.co>
Currently, if you check two properties of a http resource, such as
status and body, two different http requests are made to the server.
However, the response is already stored in an instance variable, so this
change just checks to see if a response is already available and uses it
rather than making another http request.
Signed-off-by: Mark Harrison <mark@mivok.net>
* Added line to fix bug when no key in file rule and updated test to validate bug fix
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Updated to consider corner case
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Filter check output based on sensitive flag
-Updated check in formatters to filter check output during failures based on
sensitive metadata flag
-Added functional test of output filtering
-Updated documentation with blerb on usage
* Update output format for sensitive resources
Signed-off-by: Kevin Formsma <kevin.formsma@gmail.com>
* Update color output on new test
Update the color output to match the newly-expected non-color format if there are no tests that match.
Signed-off-by: Adam Leff <adam@leff.co>
* Added aide_conf resource and subsequent files
* Updated to match on all selection lines
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Changed to use CommentParser and fixed typo
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Fix typo in test file
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Updated to address PR feedback
Signed-off-by: Jennifer Burns <jburns@mitre.org>
* Refine the profile/test summary output of the CLI formatter
* The "Profile Summary" is misleading as it's not a summary of profile
success/failure but rather the controls within the profile(s). Altered
the output to be clear. I still like calling it the "profile summary"
but wanted to add clarity that the numbers are about the controls.
* Made the colorized output dynamic. The success/failure will only be
green/red if there are controls/tests that fall into that category.
That way we are not printing red failure text when there are no
actual failures. Fixes#1752.
* Cleaned up some grammar issues. ("1 failure" vs "1 failures")
Signed-off-by: Adam Leff <adam@leff.co>
Due to a case-sensitivity issue on our bug GitHub label, bug fixes were not
going into the right changelog category. Manually fixing.
Signed-off-by: Adam Leff <adam@leff.co>
* check the proper field for dpkg installation state fixes#2006
Signed-off-by: Mathieu Sauve-Frankel <msf@kisoku.net>
* Properly handle held packages on dpkg-flavored OS
InSpec was looking at the wrong field in `dpkg -s` output to determine
whether a package was installed or not. An installed, held package was
incorrectly reported as uninstalled.
This adds the proper unit tests and also adds a `be_held` matcher.
Thanks to @kisoku for the initial work in #2007.
Signed-off-by: Adam Leff <adam@leff.co>
* Publish rubygem via expeditor
When InSpec is promoted to the `stable` channel, Expeditor will take care of the gem publishing!
Signed-off-by: Adam Leff <adam@leff.co>
With last weeks tag fix, `ourorg/container` ended up having its `repo` reported as `container`.
With this it'll be `ourorg/container` again.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
Reuse blog post content on profile inheritance for web site
based on feedback from colleagues and community members.
Signed-off-by: Adam Leff <adam@leff.co>
No reason to keep the Gemfile.lock in the www directory under source
control. It adds extra steps to the www release process after an InSpec
release because the release process will fail of the git working tree
is not clean (and since the www Rake tasks rely on InSpec stuff, the
Gemfile.lock will be perpetually out of date).
Signed-off-by: Adam Leff <adam@leff.co>
This will allow for four different changelog categories (in addition to the default)
that will be used based on PR label.
Signed-off-by: Adam Leff <adam@leff.co>