Commit graph

5576 commits

Author SHA1 Message Date
Thomas Cate
fca83c6bb2 add example for checking last permissions octet (#2152)
* add example for checking last permissions octet

Signed-off-by: Thomas Cate <tcate@chef.io>

* Correctly describe the last permissions bit for file resource

Signed-off-by: Thomas Cate <tcate@chef.io>
2017-09-25 09:52:04 -04:00
Chef Expeditor
cab161c185 Bump version to 1.38.7 by Chef Expeditor 2017-09-23 07:27:12 +00:00
Adam Leff
d029f7f58c Properly return postgres query errors on failure (#2179)
When using the `query` method in the `postgres_session` resource, if
the query fails, the `query` method attempts to call `skip_resource`
with an error message. Not only does the `skip_resource` not properly
work, but it also returns a `String` object back to the test which is
probably going to try and call the `output` method on it to run the test.

This results in an error like this:

```
  Can't read
     ∅  undefined method `output' for "output":String
```

This change returns the full psql output as a Lines object to the
user, including stderr, so they can at least get the error in their
test output and avoids undefined method errors.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-23 09:27:05 +02:00
Chef Expeditor
75e1331618 Bump version to 1.38.6 by Chef Expeditor 2017-09-23 07:17:42 +00:00
Jerry Aldrich III
3d7244fb07 Add wildcard support to Utils::FindFiles (#2159)
Wildcards are evaluated prior to applying `sudo` permissions. This
means that running `sudo find /some/path/*.conf` will fail if the user
does not have read permissions on `/some/path/` because the wildcard
cannot expand before `sudo` is applied and `*.conf` isn't a file.

The solution for this is to run the command in a subshell that has the
proper permissions (e.g. `sudo sh -c 'find /some/path/*.conf'`).

This modifies `Utils::FindFiles` to use a subshell thus allowing
wildcard support.

This fixes #2157

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-23 09:17:34 +02:00
Chef Expeditor
bdb80591e3 Bump version to 1.38.5 by Chef Expeditor 2017-09-23 07:16:31 +00:00
Jerry Aldrich III
125e0915b2 Modify DirProvider to allow special characters (#2174)
This modifies `Inspec::DirProvider` to allow special characters in the
file glob by escaping those characters via `Shellwords.shellescape`.

This fixes #2111 (`inspec check` on path with special characters)

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-23 09:16:25 +02:00
Chef Expeditor
9f06ba0b0b Bump version to 1.38.4 by Chef Expeditor 2017-09-22 12:57:56 +00:00
Dominik Richter
e2004a436f forgiving default attributes (#2177)
* forgiving default attributes

When default attributes arent specified provide one that is much more forgiving.
See this https://github.com/chef/inspec/issues/2176

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-22 08:57:51 -04:00
Chef Expeditor
d2a47fa9fb Bump version to 1.38.3 by Chef Expeditor 2017-09-21 19:55:27 +00:00
Adam Leff
453bb50aaa Update changelog for v1.38.2 release (#2173)
An expeditor issue caused some version strings to not get updated.
Taking the opportunity to clean it up for before today's release.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 15:55:18 -04:00
Chef Expeditor
42fc9d70ca Bump version to 1.38.2 by Chef Expeditor 2017-09-21 16:21:39 +00:00
Jerry Aldrich III
cbcca9f39e Modify Upstart enabled check to use config file (#2163)
This modifies the enabled check for the `service` resource to use the
service's config file instead of `initctl show-config`.

`initctl show-config` does not accurately show the state of a service if
that service's config file is modified while the service is running.

This fixes #1834.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-21 12:21:34 -04:00
Chef Expeditor
2947532601 Bump version to 1.38.1 by Chef Expeditor 2017-09-21 16:18:23 +00:00
Adam Leff
e400b8dd4c Support false for attribute value (#2168)
The logic in `Inspec::Attribute` prohibited the use of `false` (FalseClass) as
a valid attribute. If the attribute value supplied was `false`, then it would fall
back to the default value.

This change properly allows the use of `false` as a value, adds the initial tests
for Inspec::Attribute, and also uses better attr_writer semantics for writing/storing
the value.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 12:17:44 -04:00
Chef Expeditor
4a71140052 Bump version to 1.38.0 by Chef Expeditor 2017-09-21 16:06:05 +00:00
Adam Leff
69eedf2c60 Bump minor version to v1.38 (#2172)
Some changes since 1.37.6 warrant a minor bump.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 12:06:00 -04:00
Chef Expeditor
96b9527e46 Bump version to 1.37.13 by Chef Expeditor 2017-09-21 16:00:24 +00:00
Adam Leff
0b3aaee692 Update method in which Pry hooks are removed (#2170)
* Update method in which Pry hooks are removed

Pry 0.11 removed the clear_all method for removing all hooks. This change
updates the way we clear hooks for the events we care about.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 12:00:18 -04:00
Chef Expeditor
a614cc9598 Bump version to 1.37.12 by Chef Expeditor 2017-09-19 16:27:04 +00:00
Adam Leff
adf25ae783 Support array syntax for registry_key resource (#2160)
Users cannot query for registry keys that have periods in them because of
how rspec-its works. This change enables Array-style syntax for the
registry_key resource so users can use that as a workaround.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-19 18:26:53 +02:00
Chef Expeditor
e57977612e Bump version to 1.37.11 by Chef Expeditor 2017-09-18 19:49:26 +00:00
malovdm1
3e16a099c5 quote username and hostname in mssql_session (#2151)
Signed-off-by: Malovany, Dmytro (Ext) <dmytro.malovany@novartis.com>
2017-09-18 21:49:20 +02:00
Chef Expeditor
7ca1380ef9 Bump version to 1.37.10 by Chef Expeditor 2017-09-18 19:48:11 +00:00
Adam Leff
5297dc6ede Add deprecation warning to auditd_rules resource (#2156)
The auditd_rules resource has been replaced by the auditd resource.
We are planning on removing the auditd_rules resource in InSpec 2.0.
This change will provide a warning to any user using the old resource.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-18 21:48:04 +02:00
Chef Expeditor
c6703af02c Bump version to 1.37.9 by Chef Expeditor 2017-09-18 19:47:26 +00:00
Jennifer Burns
ec18dce62b auditd resource: test active auditd configuration against the audit daemon (#2133)
* Added auditd resource and documentation.

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Added unit tests for auditd resource and updated auditd_rules_test to match new entries in auditctl

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Removed all legacy code for audit < 2.3. Removed parens to create consistency.

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated method names and removed unnecessary content based on review

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-09-18 21:47:18 +02:00
Chef Expeditor
85c02112b5 Bump version to 1.37.8 by Chef Expeditor 2017-09-15 20:38:05 +00:00
Jerry Aldrich III
9773e1cd94 Add wildcard/multiple server support to nginx_conf resource (#2141)
* Add wildcard/multiple server support to nginx_conf

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* separate the merge function for maps in nginx_conf

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-15 16:37:57 -04:00
Chef Expeditor
48b0e6a667 Bump version to 1.37.7 by Chef Expeditor 2017-09-14 19:16:35 +00:00
Adam Leff
79ad513a39 Build and tag docker image via Expeditor (#2144)
* Build and tag docker image via Expeditor

In order to provide Docker images of all unstable, current, and stable
builds of InSpec, and to avoid having to manually publish Docker images
each time we release InSpec, Expeditor will now take care of this for us.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-14 15:16:29 -04:00
Chef Expeditor
25687fedad Update CHANGELOG.md to reflect the promotion of 1.37.6 to stable 2017-09-14 18:27:00 +00:00
Adam Leff
0049471cf1 Clarify changelog for #2149 (#2150)
Signed-off-by: Adam Leff <adam@leff.co>
2017-09-14 13:12:08 -04:00
Chef Expeditor
4c6877f766 Bump version to 1.37.6 by Chef Expeditor 2017-09-14 17:09:04 +00:00
Adam Leff
2c37d1a578 Bump Ruby to 2.3.5 (#2149)
https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-3-5-released/

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-14 13:08:55 -04:00
Adam Leff
20ad2ba65e Update PR 2131 to 2064 in Changelog (#2146)
2131 was actually a re-run of PR 2064. Updating changelog for correct attribution.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 18:04:38 -04:00
Chef Expeditor
c02e359fa2 Bump version to 1.37.5 by Chef Expeditor 2017-09-13 21:52:54 +00:00
Alex Pop
cf6fdd09af Show versions for inspec compliance profiles (#2143)
Signed-off-by: Alex Pop <apop@chef.io>
2017-09-13 17:52:45 -04:00
Chef Expeditor
be7f5ccde1 Bump version to 1.37.4 by Chef Expeditor 2017-09-13 20:53:43 +00:00
Alex Pop
35becd7e0f Support profile versions for automate profiles storage (#2128)
* Support profile versions for automate profiles storage

Signed-off-by: Alex Pop <apop@chef.io>

* Add unit tests for inspec-compliance bundle

Signed-off-by: Alex Pop <apop@chef.io>

* Refactor target_url method, fix tests, fix rubocop errors

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 16:53:36 -04:00
Chef Expeditor
18d9b74301 Bump version to 1.37.3 by Chef Expeditor 2017-09-13 12:41:17 +00:00
Adam Leff
7810051f0a package resource: assume a default Homebrew path (#2140)
* package resource: assume a default Homebrew path

Homebrew's `brew` script is installed to /usr/local/bin by default which
is usually not in a non-interactive PATH. We will now first check to see
if `brew` is in PATH, and if not, assume a default of `/usr/local/bin/brew`

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:41:09 -04:00
Chef Expeditor
9fa47f1a9e Bump version to 1.37.2 by Chef Expeditor 2017-09-13 12:16:58 +00:00
Adam Leff
d4790f7f5a Ignore linked container names when parsing docker containers (#2134)
* Ignore linked container names when parsing docker containers

If a container is linked to another container, the normal `docker ps` output
does not include this information. However, when pulling the `.Names` field
with `docker ps --format`, the linked container is listed in the name. This
is confusing for users trying to use InSpec to audit a container.

This change strips any linked container names from the actual container name.

Signed-off-by: Adam Leff <adam@leff.co>

* Linked container names aren't guaranteed to be last depending on how they were linked

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:16:53 -04:00
Adam Leff
7a3706a023 Add clarifying docs for mysql_conf resource (#2138)
The docs did not include examples for querying settings set within a named section.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:16:35 -04:00
Chef Expeditor
48f3cdc644 Bump version to 1.37.1 by Chef Expeditor 2017-09-13 12:15:15 +00:00
Rony Xavier
7d2da0c199 nginx resource: audit the nginx binary and how it was compiled (#1958)
* nginx base resource

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xavier <rx294@gmail.com>
2017-09-13 08:15:09 -04:00
Chef Expeditor
dd1d0ca553 Bump version to 1.37.0 by Chef Expeditor 2017-09-11 15:37:45 +00:00
Adam Leff
10018139ef etc_fstab resource: test contents of the /etc/fstab file (#2131)
This commit/PR is to re-run the Expeditor actions for #2064 (changelog, automated build), etc.

While we would normally manually re-run the actions through our bot, the expeditor config
in the squashed commit for #2064 is not correct.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-11 11:37:40 -04:00
Adam Leff
dbf1d8a889 Fix merge_actions in expeditor config, add create_github_release (#2130)
merge_actions must now be an array rather than a hash. Also adding
the ability for Expeditor to create a GitHub Release entry when
an artifact is promoted to stable.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-11 11:28:09 -04:00