Commit graph

3491 commits

Author SHA1 Message Date
supergicko
e3c695e8e9 Adding SNI utilization to ssl resource
SSL resource now adds the servername option in client hello,
utilizing the the great work of @adamcaudill to support
SNI in sslshake [1]

[1] https://github.com/arlimus/sslshake/pull/5

Signed-off-by: Christoph Kappel <kappel.christoph@gmail.com>
2017-04-07 09:34:44 +02:00
Christoph Hartmann
90b985a7c1 fix #1268 and allows registry key resource with leading backslash
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-04-06 23:30:10 +02:00
Dominik Richter
7562138248 Merge pull request #1623 from chef/adamleff/http-resource-warning
[www] Add warning to the http resource documentation
2017-04-05 16:41:08 +02:00
Adam Leff
70eaa3fe73 Merge pull request #1628 from chef/adamleff/release-1.19.1
Releasing v1.19.1
2017-04-04 15:22:47 -04:00
Adam Leff
24ab12e5b5
Releasing v1.19.1
Signed-off-by: Adam Leff <adam@leff.co>
2017-04-04 15:22:16 -04:00
Adam Leff
79824d897a Merge pull request #1627 from chef/adamleff/loosen-addressable-pin
Loosen addressable version pin
2017-04-04 15:13:39 -04:00
Adam Leff
39c05765ff
Loosen addressable version pin
The version of addressable that was pinned in the gemspec was
too new and conflicted with some of chef's dependencies. Loosening
it will allow us to include InSpec in the chef omnibus packages.

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-04 14:51:19 -04:00
Adam Leff
c5ad8972ec Merge pull request #1626 from chef/adamleff/release-1.19.0
Releasing v1.19.0
2017-04-04 11:07:03 -04:00
Adam Leff
5a2a20dc3e
Releasing v1.19.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-04-04 11:06:16 -04:00
Doc Walker
692e660140 Fix #1617 Add dh_params resource (#1618)
* Fix #1617 Add dh_params resource

Signed-off-by: Doc Walker <4-20ma@wvfans.net>
2017-04-04 10:34:09 -04:00
Adam Leff
5e94600eb3 Merge pull request #1621 from chef/adamleff/replace-nokogiri
Replace Nokogiri with REXML in the JUnit formatter
2017-04-03 17:24:17 -04:00
Adam Leff
6b49303136
Add warning to the http resource documentation
Currently, the `http` resource only operates on the node on which
`inspec exec` is run, even if the user uses the `--target` flag.
This has caused some confusion in the community.

Until this can be fixed, this change adds a warning to the documentation.

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-03 17:21:15 -04:00
Adam Leff
9c20098603 Merge pull request #1622 from chef/adamleff/ssl-docs-fix
Fix protocols matcher text on ssl resource docs
2017-04-03 16:15:00 -04:00
Adam Leff
fba3c68281
Fix protocols matcher text on ssl resource docs
The `protocols` matcher section on the `ssl` resource
doc page fell victim to some copy/paste. This change
updates the text to the correct description.

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-03 15:21:08 -04:00
Adam Leff
73d46f9c49
Replace Nokogiri with REXML in the JUnit formatter
In #1454, we welcomed a newly-revamped JUnit formatter which has
a dependency on Nokogiri. Unfortunately, this had led us to problems
getting InSpec included in Chef omnibus builds (see chef/chef#5937)
because Chef is using Ruby 2.4.1 and the Nokogiri maintainers have
not yet released a windows binary gem that supports Ruby 2.4.x.
This has led to breaking builds in Chef's CI platform and would
block the acceptance of chef/chef#5937.

This change replaces Nokogiri use with REXML instead. While REXML
can be slower than Nokogiri, it does not require native extensions
and is supported on all Chef platforms.

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-03 14:51:48 -04:00
Adam Leff
68a930f141 Merge pull request #1406 from carldjohnston/apache_conf-symlinks
Allow apache_conf to include symlinked configuration files
2017-04-03 10:38:22 -04:00
Adam Leff
b5e089c78a Merge pull request #1619 from lucky-sideburn/master
obvious fix in README.md
2017-04-03 10:35:13 -04:00
Eugenio Marzo
55729c81aa fix README.md 2017-04-03 14:30:20 +02:00
Dominik Richter
8688082df2 Merge pull request #1611 from chef/adamleff/fix-www-release-rake
[www] Fixing rake www:release task
2017-03-31 16:40:14 +02:00
Adam Leff
beadeff679
[www] Fixing rake www:release task
After moving the www tasks into the www directory, the release
task needed to be updated to run certain commands from the repo
root such that the newly-built web content was in the repo root
of the gh-pages branch, rather than the www/ directory.

Also updating the www Gemfile.lock with the new inspec release.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-30 14:52:10 -04:00
Adam Leff
1dd3066feb Merge pull request #1607 from chef/adamleff/fix-global-message
[www] Resurrect global message, promote ChefConf and NYC Meetup
2017-03-30 14:02:44 -04:00
Adam Leff
1dcc68be46 Merge pull request #1610 from chef/adamleff/release-1.18.0
Release v1.18.0
2017-03-30 11:26:53 -04:00
Adam Leff
76420432e0
Release v1.18.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-03-30 11:25:58 -04:00
Adam Leff
0cbedb1579
[www] Resurrect global message, promote ChefConf and NYC Meetup
The global message was removed during the redesign. Adding it back
to promote ChefConf. Also adding the upcoming NYC meetup to the
front screen.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 17:09:56 -04:00
Ryan Larson
0e187f6117 Feature/fix ability to pass in supermarket url (#1595)
* Enable customization of supermarket_url

It looks like this was originally supposed to work, but at some point
the default value was put in the method body rather than in the method
parameters.

This change allows you to configure the supermarket_url in test kitchen
like so:

```
verifier:
  inspec_tests:
  - name: linux-hardening
    supermarket: som3guy/apache-disa-stig
    supermarket_url: https://my.supermarket.com
```

Signed-off-by: Ryan Larson <ryan.mango.larson@gmail.com>
2017-03-29 12:42:24 -04:00
Dominik Richter
af7dffaa38 Merge pull request #1593 from chef/adamleff/yum-fix
Yum resource fix for non-existent repos and repo info
2017-03-29 10:54:02 +02:00
Adam Leff
7df9674e42 Remove method_missing, provide methods for repo metadata
Instead of method_missing, methods for each output item from
`yum repolist` are provided.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:42:25 +02:00
Adam Leff
1cf80737ad Yum resource fix for non-existent repos and repo info
If a repo did not exist, running matchers against it (such as `exist`)
were failing due to a bug in `#to_s` when fetching the repo name. The
`info` method would return nil and we'd still try to treat it as a hash.

This change ensures that info is always a hash, possibly empty if the
repo doesn't exist, and uses the repo name provided by the user rather
than shortening it to be consistent with our other resources which don't
manipulate the user input in the formatter.

Also added a method_missing to allow users to interrogate repo options,
such as baseurl or gpgcheck.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:42:25 +02:00
Dominik Richter
d44c363a98 Merge pull request #1594 from chef/adamleff/vendor-before-habitat-build
Support vendored profiles in Habitat-packaged profiles
2017-03-29 10:33:21 +02:00
Adam Leff
96d18435a4 Update CLI output, adjust tests
The CLI output for the vendoring of profiles has been updated slightly
to be more clear, and the functional tests have been modified to match
as well.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Adam Leff
e1c664272e Break out profile vendor activities into separate class
Per PR feedback, `Inspec::ProfileVendor` is created to centralize
the logic and data of vendoring profile dependencies. The `BaseCLI`
class and the `Habitat::Profile` class have been modified to use it

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Adam Leff
8269d0da9e Support vendored profiles in Habitat-packaged profiles
This change adds support in Habitat-packaged profiles for
profiles that depend on other profiles. When `inspec habitat
profile create` or `inspec habitat profile upload` is run,
it will see if the profile's dependencies have been vendored
yet, and if not, it will vendor them before creating the
habitat artifact.

For the git and URL fetchers, more explicit creation of the
target directories for the vendored profiles is done. This
is implicitly done via normal CLI interactions a user may
go through, but in our case, we want to ensure those directories
are there before the fetchers try to write out content.

By adding this support, we also fix a bug experienced in Habitat
where a profile that was packaged before an `inspec exec` was run
for the profile would cause a failure in Habitat. This is caused
by `inspec exec` doing a vendor of the dependencies if necessary
and generating the inspec.lock file. In Habitat, the package dir
is not writable by the hab user and InSpec would fail to run due
to an inability to write out an inspec.lock.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Dominik Richter
279f07cb1e Merge pull request #1603 from chef/adamleff/bad-ipv6-address
Fix port resource for invalid IP address in netstat output
2017-03-29 08:44:02 +02:00
Adam Leff
8e693a4ad9 Fix port resource for invalid IP address in netstat output
Netstat will sometimes output an IPv6 address that is not
formatted correctly; the address is either truncated or uses
or implies the `::` shorthand notation twice. This yields an
invalid IPv6 address and causes IPAddr.new to choke.

This change guards against invalid IP addresses and ensures they
do not end up in the port resource's entries list.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 08:33:50 +02:00
Dominik Richter
f30c0d8087 Merge pull request #1601 from chef/adamleff/remove-puts
Remove errant puts in inspec habitat CLI command
2017-03-29 07:57:14 +02:00
Adam Leff
90b0ce08c5 Remove errant puts in inspec habitat CLI command
Left a `puts` behind during some testing that made its way into
a PR. Removing it!

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-28 22:57:08 +02:00
Dominik Richter
c9b1b280ae Merge pull request #1599 from chef/adamleff/ruby-2.1
Require Ruby 2.1
2017-03-28 22:55:23 +02:00
Dominik Richter
873dbb4469 Merge pull request #1600 from chef/adamleff/habitat-docs
Add docs for habitat CLI commands
2017-03-28 22:54:11 +02:00
Adam Leff
5a12cddc9c
Add docs for habitat CLI commands
Adding a dedicated page for the InSpec/Habitat integration which
explains what it is, and details the commands a user needs to use
the integration.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-28 13:59:38 -04:00
Adam Leff
073fd99637 Require Ruby 2.1
InSpec now depends on nokogiri which has a dependency of Ruby 2.1 or
later. If someone tries to `gem install inspec` using Ruby 2.0, it
will fail on the nokogiri dependency rather than InSpec itself.

Additionally, Ruby 2.0 is already EOL.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-27 12:59:56 -04:00
Adam Leff
3f32dbe2d0 Merge pull request #1596 from nvwls/gem-binary
Extend `gem` to take an optional `gem_binary`
2017-03-27 12:54:40 -04:00
joe.nuspl
1ab80ea052 Extend gem to take an optional gem_binary
Allows one to test whether gems are installed into an omnibus environment.

Signed-off-by: Joe Nuspl <nuspl@nvwls.com>
2017-03-24 22:28:42 -07:00
Adam Leff
73e3bfda7a Merge pull request #1544 from chef/adamleff/hash-values-in-simpleconfig
Provide a method-based accessor for SimpleConfig hashes
2017-03-22 15:46:58 -04:00
Christoph Hartmann
7c11ff9280 add tag object (#1590)
* add tag object

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>

* add tests for to_hash function in tag

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 13:41:44 -04:00
Adam Leff
8a63e9d12c Merge pull request #1591 from chef/adamleff/www-fixup
Fixing www/docs rake tasks
2017-03-22 13:39:06 -04:00
Adam Leff
65c95d243e Fixing www/docs rake tasks
This is a follow-up to #1585. The website-related Rake tasks have been
moved to a www-specific Rakefile which can be found in the www/
directory. Any web-release-related gems have been moved to the www
Gemfile as well.

This also included modifying the docs rake tasks to be path-
independent as they currently expect that Rake is being run from the
root of the repo.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-22 12:21:03 -04:00
Christoph Hartmann
9de56d25f7 Merge pull request #1589 from mr-exz/yaml-bug-file-name
Support YAML attributes files ending in .yaml
2017-03-22 14:36:26 +01:00
Adam Leff
730de65e36 Merge pull request #1567 from chef/chris-rock/x509
x509_certificate and key_rsa resource
2017-03-22 07:30:19 -04:00
Christoph Hartmann
a96059a3eb x509 integration tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 11:44:33 +01:00
Christoph Hartmann
d2f000e435 refactor x509 resources and rsa key
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-03-22 11:44:32 +01:00