* Update security policy export to use pid instead of random.
Signed-off-by: Jared Quick <jquick@chef.io>
* Update helper for the new train.
Signed-off-by: Jared Quick <jquick@chef.io>
When supplying a docker image that contains a registry with a port number,
such as `localhost:5000/chef/inspec:1.46.3`, the docker_image resource
was unable to locate the image in question due to incorrect parsing
of the repository and tag.
Signed-off-by: Adam Leff <adam@leff.co>
When the JSON resource (and those that subclass off of it) were modified
to properly throw exceptions in the event of failure, this caused the
`params` method to return nil instead of what it used to be, an empty
hash.
This is fine in the case of a describe block, but it's not okay when used
outside of a describe, as it will cause users trying to pluck from the
hash to throw a dreaded-and-unhelpful NilClass error.
This change pre-populates the params to be an empty hash, and if the
read/parse steps fail, it will still be one.
Signed-off-by: Adam Leff <adam@leff.co>
* Add a unique export for security policy resource.
Signed-off-by: Jared Quick <jquick@chef.io>
* Remove skip resource on empty policy file.
Signed-off-by: Jared Quick <jquick@chef.io>
* Allow skipping/failing resources in FilterTable
`FilterTable` is commonly used in the class body of a resource and is
evaluated during an `instance_eval`. This means that if you raise an
exception (e.g. SkipResource) it will halt `inspec exec` and
`inspec check`.
This adds an `ExceptionCatcher` class that will postpone evaluation
until test execution.
This allows `inspec check` and `inspec exec` to perform as intended when
skipping/failing a resource in `FilterTable`
Huge thanks to @adamleff for providing the starting code/ideas!
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Comment why `ExceptionCatcher` doesn't raise
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Remove `accessor` from `ExceptionCatcher`
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Return the existing ExceptionCatcher object rather than creating new
Signed-off-by: Adam Leff <adam@leff.co>
* Modifies test for failing WMI string interpolation
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
* Fixes#2260 (WMI string interpolation)
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
* Fixes#2343 (Windows file permissions regression)
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
* Updates docs with missing info on `be_allowed()` matcher
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
The pinned version of Rubocop in some of the TK examples' Gemfiles
was a very old version with known vulnerabilities. Since these are just
examples and have no Rake tasks that rely on them, I removed rubocop
outright from the example Gemfiles.
Signed-off-by: Adam Leff <adam@leff.co>
The existing method of adding `-X HEAD` to the curl command does not
work properly and can cause timeouts because curl doesn't properly
close the connection. The correct way is to use curl's own `--head`
flag.
Signed-off-by: Adam Leff <adam@leff.co>
* remove second end in first describe example, because of wrong syntax
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
* correct style of the examples
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
* json resource (et. al.): allow inspec check to succeed when using command
When using the `json` resource (or any of the resources that subclass
JsonConfig), `inspec check` would fail if the content was supplied with
the `command` option. This is because the `command` resource is mocked
and an empty string would be returned for `stdout`. That content would
be blindly passed to the `parse` method would which raise an exception
and cause `inspec check` to fail.
This change refactors JsonConfig to be a bit cleaner and use some helper
methods. Additionally, we use the new Exceptions to properly raise errors
which are naturally caught by Inspec::Profile, etc.
Signed-off-by: Adam Leff <adam@leff.co>
* Make `resource_base_name` method private
Signed-off-by: Adam Leff <adam@leff.co>
In the CONTRIBUTING.md doc, corrects the link to the issue template used
in the description of issues/PRs.
Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
* Bump Rubocop to 0.49.1
This change bumps Rubocop to 0.49.1. There have been a lot of changes
since 0.39.0 and this PR is hopefully a nice compromise of turning off
certain cops and updating our codebase to take advantage of new Ruby
2.3 methods and operators.
Signed-off-by: Adam Leff <adam@leff.co>
* Set end-of-line format to line-feed only, avoid Windows-related CRLF issues
Signed-off-by: Adam Leff <adam@leff.co>
It appears that the Appveyor images changed recently and the Ruby
installs for all version (2.2, 2.3, and 2.4) already include Bundler
installed. Attempting to install it will hang the tests at an
interactive prompt asking if you want to override the install, and
--force'ing the install causes path issues and Rubygems won't be able
to activate the gem.
Removing the bundler install appears to solve the problem nicely.
Signed-off-by: Adam Leff <adam@leff.co>
PR #2311 updated the Rubocop engine to use Ruby 2.3 to evaluate, and
the default behavior is to no longer require `.freeze` to be added
to string literals that are treated like constants. This caused the
pattern match used in the Expeditor version update script to no longer
work.
Also manually fixing the `lib/inspec/version.rb` file to be correct.
Signed-off-by: Adam Leff <adam@leff.co>
* Require Ruby 2.3 and later
Ruby 2.1 is EOL, and Ruby 2.2 is on security fixes only. This moves
InSpec to support the current "normal maintenance" versions of Ruby
like Chef does and also bumps the versions used in Travis tests.
Signed-off-by: Adam Leff <adam@leff.co>
* Remove Ruby 2.2 from appveyor
Signed-off-by: Adam Leff <adam@leff.co>