Christoph Hartmann
2d64face12
0.25.0
2016-06-14 03:16:40 +02:00
Christoph Hartmann
f1faf47112
introduce secrets backend
2016-06-14 02:49:47 +02:00
Christoph Hartmann
c7a49056c4
feature: attribute handling
2016-06-14 02:49:03 +02:00
Dominik Richter
c9403a8d7b
0.24.0
2016-06-03 23:06:51 +02:00
Dominik Richter
2db8d83d56
support intra-libraries file referencing + loading
...
solves https://github.com/chef/inspec/issues/779
2016-06-03 22:54:35 +02:00
Christoph Hartmann
d19dd89c1e
0.23.0
2016-05-31 09:57:15 +02:00
Dominik Richter
302a718b48
list arbitrary ports and query it
...
utilizing filter table to make port more flexible and useful.
2016-05-31 03:14:07 +02:00
Dominik Richter
02dae2c3c5
add simple style for filter table data
...
for quick flattening, filtering, and non-nil results. this also simplifies some interal calls and structure
2016-05-31 03:01:03 +02:00
Christoph Hartmann
9e753a5dbc
add helper methods for os resource
2016-05-31 00:01:26 +02:00
Dominik Richter
d6345ffd17
add resource to filter table blocks
...
i.e. get access to the original resource for more information and calls.
2016-05-30 23:31:14 +02:00
Christoph Hartmann
ebf9b95356
0.22.1
2016-05-18 19:04:04 +02:00
Dominik Richter
b54b4309da
fix reporter/formatter disagreements
...
reporters didnt stick to the formatters that were configured but looked for an old json one. this MR ensures that the formatter that is configured is pulled out to generate the report
2016-05-18 18:25:41 +02:00
Christoph Hartmann
820a942fa3
0.22.0
2016-05-16 20:12:52 +02:00
Christoph Hartmann
7515b488fd
Merge pull request #754 from jeremymv2/sudo_command
...
add sudo_command option
2016-05-16 15:32:29 +02:00
Anirudh Gupta
c9dbbfd5dc
modification in command resource example
2016-05-16 11:53:21 +05:30
Jeremy J. Miller
cfcc06a379
fix spelling
2016-05-15 11:04:23 -04:00
Jeremy J. Miller
9795879628
add sudo_command option
2016-05-15 07:22:18 -04:00
Dominik Richter
00921d9f97
0.21.6
2016-05-13 20:51:32 +02:00
Dominik Richter
67f7a5936c
catch corner-case with symbols on test-objects
2016-05-13 20:39:17 +02:00
Alex Pop
4241cbf7ce
can-t go in else when nil either
2016-05-13 19:22:09 +01:00
Alex Pop
6a9f015527
prevent nil.include?
2016-05-13 19:03:33 +01:00
Dominik Richter
4152101679
0.21.5
2016-05-13 19:29:46 +02:00
Dominik Richter
603e3e21b3
fix construction of ruby objects on string and array handlers
2016-05-13 19:07:43 +02:00
Dominik Richter
b837f8c8ec
0.21.4
2016-05-13 12:58:35 +02:00
Dominik Richter
2323ec52d2
add polyfill for ruby 1.9.3. struct
2016-05-13 11:57:06 +02:00
Dominik Richter
dde4433933
use struct for processes list
...
we know all the fields + struct is fully compatible to the curren hash implementation
2016-05-13 11:22:56 +02:00
Christoph Hartmann
987c42ed99
0.21.3
2016-05-12 00:27:30 +02:00
Christoph Hartmann
f3b41ccea9
deprecate arrray matcher
2016-05-12 00:14:54 +02:00
Christoph Hartmann
1f470971d2
Revert "Add all_match to matchers"
...
This reverts commit 29cf4522e4
.
2016-05-11 23:47:24 +02:00
Christoph Hartmann
48d8694789
Revert "fix contain_match, add none_match"
...
This reverts commit 54b397f3a5
.
2016-05-11 23:47:24 +02:00
Christoph Hartmann
5939e5b2f9
Merge pull request #739 from chef/ap/port-not-nil
...
Return empty array instead of nil for port methods
2016-05-11 23:32:43 +02:00
Alex Pop
2a9d9b5481
return empty array instead of nil to be .each friendly
2016-05-11 22:21:22 +01:00
Christoph Hartmann
03b1ecfac5
Merge pull request #735 from tpcwang/escape-windows-osenv
...
Escape os_env command on Windows to handle env variables containing parentheses.
2016-05-11 23:09:34 +02:00
Christoph Hartmann
21a91f964c
0.21.2
2016-05-11 14:16:24 +02:00
Alex Pop
54b397f3a5
fix contain_match, add none_match
...
update matchers doc and add more integration tests
allow non-string data types and non-arrays
2016-05-11 12:47:36 +01:00
tpcwang
c8d2991589
Escape os_env command on Windows to handle env variables containing parentheses.
...
Update the mock file to match the new command
2016-05-11 01:09:06 -07:00
Christoph Hartmann
7e514c8735
0.21.1
2016-05-10 22:43:34 +02:00
Christoph Hartmann
9fd9f8aa69
Merge pull request #733 from chef/vj/add-label-for-processes
...
Expose label for processes only on linux
2016-05-10 22:39:02 +02:00
Victoria Jeffrey
1811eb6666
Expose label for processes only on linux
2016-05-10 13:59:13 -04:00
Victoria Jeffrey
29cf4522e4
Add all_match to matchers
2016-05-10 10:00:55 -04:00
Christoph Hartmann
1c2fd97a39
fix: remove non-existent class
2016-05-10 13:18:33 +02:00
Christoph Hartmann
a83088edea
0.21.0
2016-05-10 11:09:57 +02:00
Alex Pop
91b83b45a5
remove redundant space when missing expectation
2016-05-09 15:20:29 +01:00
Alex Pop
9ded3b8835
Provide service params as a mash, empty unless systemd for now
2016-05-09 14:54:09 +02:00
Christoph Hartmann
d2a8ba0022
add human-readable output for detect, as well as a --format json
2016-05-09 13:24:49 +02:00
Dominik Richter
5d925b2851
api: make processes return integers for pid/vsz/rss
2016-05-06 16:49:21 +02:00
Alex Pop
9a83814f35
update mount example with include
2016-05-06 14:27:42 +01:00
Christoph Hartmann
6e93a13000
show error if user is not logged in to compliance server
2016-05-06 13:47:22 +02:00
Alex Pop
c518b9edc2
expose systemd service properties via .info
2016-05-06 13:36:42 +02:00
Christoph Hartmann
8258d111ef
rename json to minijson and fulljson to json
2016-05-06 13:27:42 +02:00
Dominik Richter
b14495051a
prevent duplicate profile-loading
...
this happens when the profile is run (exec) and also interpreted (via profile.params). It will load 2 profile context calls (both via Runner) which in turn gets 2 rounds of interpreter+runner executions. This is an issue with auto-generated IDs, due to their random component, which changes in this case
2016-05-06 13:14:40 +02:00
Dominik Richter
20d08a63b5
inspec --format [json|fulljson|rspecjson] overhaul
...
Full rewrite of all formatters. Create a minimal JSON, a full JSON, and a fallback RSpec formatter. The latter is only needed for corner cases and should not really be used. The former 2 are for (1) running `inspec json` followed by `inspec exec` (`--format json`) and (2) running just `inspec exec --format fulljson`.
2016-05-06 13:14:40 +02:00
Dominik Richter
a809097d12
simplify full_id generation
2016-05-06 13:14:40 +02:00
Dominik Richter
8ba859fe92
remove legacy global DSL code
2016-05-06 13:14:40 +02:00
Dominik Richter
4d28fd8f31
remove inspec [exec|json|...] --id flag
2016-05-06 13:14:40 +02:00
Dominik Richter
b9543241eb
export #tests() from OrTest object
...
make these inner tests accessible
2016-05-06 02:10:33 +02:00
Dominik Richter
67fccc1246
expose deprecated fields in passwd
2016-05-04 15:27:58 +02:00
Dominik Richter
fc718267c4
extend filter table to handle soft variable lookup
2016-05-04 15:27:58 +02:00
Dominik Richter
fb91b788a6
use filtertable with passwd resource
2016-05-04 15:27:58 +02:00
Alex Pop
f78afe0d75
Use only strings in resource examples, docs and tests
2016-05-03 23:27:18 +01:00
Victoria Jeffrey
33e35a1e94
use strings instead of symbols
2016-05-03 15:39:34 -04:00
Anirudh Gupta
738ef69bcf
prefixed hpux to cmd file name
2016-05-03 21:38:39 +05:30
Anirudh Gupta
d839f218bf
hpux support for basic port properties
2016-05-03 14:30:59 +05:30
Dominik Richter
f30b6fb6f5
bugfix: handle train errors in inspec execution
2016-05-02 08:34:45 -04:00
Alex Pop
e24772e4b7
releasing 0.20.1
2016-04-30 02:02:29 +01:00
Alex Pop
56d856531b
support basename parameter and add tests
2016-04-29 13:40:32 -04:00
Dominik Richter
6b5b592c03
0.20.0
2016-04-29 09:13:10 -04:00
Dominik Richter
8ee6a14bc5
validate target backend
2016-04-28 20:44:36 -04:00
Dominik Richter
83b4dfbf4d
use the source_path instead of path for file internal reporting
2016-04-28 20:11:21 -04:00
Dominik Richter
3e8974d243
update to new train interface
2016-04-28 19:55:34 -04:00
Alex Pop
3ab53e940d
make file resource follow links and provide method to get to the original link object
2016-04-28 19:55:34 -04:00
Christoph Hartmann
46f38b51d0
add integration tests for compliance plugin
2016-04-29 01:12:53 +02:00
Christoph Hartmann
8678ab6625
fix compliance plugin
2016-04-29 00:39:25 +02:00
Dominik Richter
6f612dc948
WIP add block support to where conditionals (1) passwd.users { != 2 } (2) add tests
2016-04-28 23:10:52 +02:00
Dominik Richter
0c8e891ee1
add #entries to filter table + remodel configuration
2016-04-28 22:46:39 +02:00
Dominik Richter
048a1584b9
encapsulated filters
2016-04-28 22:46:39 +02:00
Dominik Richter
652f10ad9a
use Inspec::Filter in xinetd resource
2016-04-28 22:46:39 +02:00
Dominik Richter
d86161c616
add general filter utility for resources
2016-04-28 22:46:39 +02:00
Dominik Richter
01caf05020
add cmd for executing calls against the inspec api
2016-04-27 06:31:01 -07:00
Christoph Hartmann
ab9f5f9c1a
Merge pull request #682 from Anirudh-Gupta/hpux
...
Hpux
2016-04-27 06:29:05 -07:00
Anirudh Gupta
1330e09df5
added file permission by user check for hp-ux
2016-04-26 14:53:28 +05:30
Christoph Hartmann
2242790528
Merge pull request #678 from Anirudh-Gupta/hpux
...
added hpux user and package resource support
2016-04-25 07:22:19 -05:00
Dominik Richter
d0760662ce
bugfix: restore pax_global_header fetcher filter
...
The original tests were deactivated. Reactivate and fix the implementation.
TODO: verify that this matches expectations
2016-04-24 02:38:22 -04:00
Alex Pop
ce7b06da35
releasing inspec 0.19.3
2016-04-22 17:13:04 +01:00
Dominik Richter
bc724c81ff
fix legacy supports call
...
as reported by Jeremy Miller and Alex Pop
2016-04-22 11:15:57 -04:00
Anirudh Gupta
75534fdaa5
added hpux user and package resource support
2016-04-21 14:01:56 +05:30
Dominik Richter
3778f7968e
v0.19.2
2016-04-21 02:30:42 -04:00
Alex Pop
1254bce74f
keeping rubocop happy
2016-04-20 12:03:20 -04:00
Alex Pop
0b1c37362b
fix indenting for loops and or
2016-04-20 12:03:20 -04:00
Alex Pop
9f156bb36b
update file resource example to use cmd matcher for better failure output in octal
2016-04-20 11:57:34 -04:00
Alex Pop
7a3b4736b8
fix the shadow password example now that cmp can handle arrays
2016-04-20 11:57:34 -04:00
Alex Pop
b38e71b6f2
allow integers to be cmp regexed
2016-04-20 11:57:31 -04:00
Dominik Richter
9b199c9223
add regexp to cmp matcher
...
i.e. `123 should { cmp /2+/ }`
2016-04-20 11:57:31 -04:00
Dominik Richter
07f17a3f8d
bugfix: fix formatting of cmp expectations
...
E.g. for regex it will print a very cryptic `(?-mix:123)` for `/123/` instead of the pure regex
2016-04-20 02:11:00 -04:00
Dominik Richter
9da23f9cbc
remodel bash and shell wrappers
2016-04-18 11:48:42 -04:00
Stephan Renatus
f7272f746c
0.19.1
2016-04-18 11:39:52 +02:00
Dominik Richter
0631779412
configure command execution shells to sh/bash/zsh
2016-04-18 01:09:37 -04:00
Dominik Richter
fa6143d6d4
be descriptive on shadow.entries
...
When used in combination: `shadow[.filter(...)].entries.each { |entry| ... }`, these entries would not be very descriptive at all. You would basically only retrieve the full filter chain e.g. 20 times, without any information about what entry you are currently looking at. This fixes it, by providing the entry identified by the user name
2016-04-17 19:12:14 -04:00
Dominik Richter
0cb03e8726
bugfix: print cmp expectations
2016-04-17 18:50:21 -04:00
Dominik Richter
53f855e681
0.19.0
2016-04-17 14:19:37 -04:00
Thomas Cate
e6d98968c9
first pass at working legacy-grub/grub2 config
2016-04-17 10:46:35 -04:00
Thomas Cate
0f8aff0b91
added default and per kernel checking
2016-04-17 10:46:35 -04:00
Thomas Cate
3051ead64d
added tests for grub_conf resource
2016-04-17 10:46:29 -04:00
Thomas Cate
19333f0ece
handle unsupported OSs
2016-04-17 10:46:29 -04:00
Thomas Cate
1b1690a3e3
improve examples
2016-04-17 10:46:29 -04:00
Thomas Cate
3559ba4aeb
convert single entry arrays to strings
2016-04-17 10:46:24 -04:00
Thomas Cate
fc811518e8
remove troubleshooting output
2016-04-17 10:45:22 -04:00
Thomas Cate
96536db318
first pass at a grub_config resource
2016-04-17 10:45:22 -04:00
Dominik Richter
2a0ccbfd76
fail on unsupported os/platform
2016-04-17 00:04:37 -04:00
Dominik Richter
ebd094fbb0
bugfix: rspec world handling on rspec 3.5
...
This accessor is designed to work with rspec 3.0 - 3.5 (and potentially up).
2016-04-16 20:33:01 -04:00
Christoph Hartmann
27357c8630
update documentation for json resource
2016-04-16 20:16:32 -04:00
Dominik Richter
f54195408f
simplify key symbolization in metadata
2016-04-16 18:47:59 -04:00
Dominik Richter
14995534cd
skip profiles if the platform isnt supported
2016-04-16 15:34:23 -04:00
Dominik Richter
a1188b26ce
add supports_runtime? to metadata
2016-04-16 15:25:59 -04:00
Dominik Richter
5d58fa267b
feature: cmp < / > / <= / >= / == / != sth
matcher
2016-04-15 19:19:15 -04:00
Alex Pop
dec217a8ce
prevent its(:to_i) from generated tests
2016-04-15 01:03:39 -04:00
Satish Puranam
07315ce5d2
Cleanup code meet lint guidelines
2016-04-14 13:39:03 -04:00
Satish Puranam
b0bc88f637
Cleanup, remove redundant checking of os family
2016-04-13 19:08:14 -04:00
Satish Puranam
81029274e2
Add support suse 11 to service resource
2016-04-13 18:24:26 -04:00
Christoph Hartmann
3007aef248
add function tests for compliance
command
2016-04-13 16:55:14 -04:00
Christoph Hartmann
07c359431f
fix: make the plugin compatible with all versions of chef compliance
2016-04-13 16:27:57 -04:00
Christoph Hartmann
01bec4cd1e
merge cli commands login, api_token and token to login
2016-04-13 16:27:57 -04:00
Stephan Renatus
54db2625eb
inspec-compliance: restore compat with pre-1.0
2016-04-13 16:27:57 -04:00
Stephan Renatus
71e1372b5e
fix rubocop
2016-04-13 16:27:57 -04:00
Stephan Renatus
4004dfbb3c
inspec-compliance: update README
2016-04-13 16:27:57 -04:00
Stephan Renatus
7b740a2f9d
inspec-compliance: style
2016-04-13 16:27:57 -04:00
Stephan Renatus
e0bd2bb595
inspec-compliance: work with compliance 1.0
2016-04-13 16:27:57 -04:00
Jacob McCann
9dbf5354e5
Add 'static' value as enabled to systemd service enabled check
2016-04-13 14:44:28 -05:00
Dominik Richter
046e6ce501
bugfix: non-profile execution with json formatter
2016-04-11 11:17:26 -04:00
Dominik Richter
9f8fe7f4b0
0.18.0
2016-04-09 16:10:13 +02:00
Dominik Richter
fb54c4ea24
api: inspec.yml supports now adds tests w/o running
...
Instead of just removing all tests because of OS support, supports now acts by adding all tests to the execution context, but doesnt actually execute them. Instead tests are set to skip before they get to the actual execution context
2016-04-06 11:28:52 +02:00
Dominik Richter
c55fb0b587
prevent only_ifs from getting overwritten
2016-04-06 10:46:36 +02:00
Dominik Richter
a72fee6623
add only_if for controls
2016-04-06 10:46:36 +02:00
Dominik Richter
c73afd4c1c
overhault rule/control internals
...
instead of keeping them as flat variables, prefix all internals with `__` to create consistency. Also add accessors on the class-level to expose these values in all rules. This way we keep all variable-names in one location and get some safety on access.
2016-04-06 10:46:36 +02:00
Dominik Richter
598e8be07f
don't remove controls with only_if
...
instead mark them as skipped, but don't just remove them.
This also introduced a number of tests around only_if on the global level
2016-04-06 10:15:53 +02:00
Dominik Richter
0cffb21b97
0.17.1
2016-03-31 20:06:02 +01:00
Dominik Richter
8150a67e4a
add inspec objects (not exposed by default)
2016-03-31 19:50:44 +01:00
Dominik Richter
f845a16442
0.17.0
2016-03-31 14:23:07 +02:00
Christoph Hartmann
6fba237848
Merge pull request #580 from mulesoft-ops/amazon-linux-support
...
Amazon linux support for service resource
2016-03-31 09:55:36 +01:00
Dominik Richter
419b6a087c
add file uid and gid accessors
2016-03-31 02:23:30 +02:00
Dominik Richter
2cad553de8
add advanced passwd filters (experimental)
2016-03-31 02:03:20 +02:00
Joshua Bussdieker
7a185f02dc
Amazon linux support for service resource
2016-03-29 08:32:50 -07:00
Julian Tabel
bd594f3608
added apipath cli option to inspec compliance with default to /api
2016-03-29 10:49:48 +02:00
Christoph Hartmann
ca0506b6a3
eases the removal of leading and trailing whitespace for powershell and vbscript
2016-03-26 22:25:53 +01:00
Dominik Richter
41fb327e20
0.16.4
2016-03-25 14:25:44 +01:00
Dominik Richter
ee170cc526
support --controls for json
2016-03-25 01:58:59 +01:00
Stephan Renatus
be93f25e6e
inspec-compliance: url_encode profile names
2016-03-24 23:47:41 +01:00
Dominik Richter
856460054f
dont fail with stacktrace on connection errors
2016-03-24 23:24:58 +01:00
Alex Pop
3c3d711dfd
bugfix: fix rare inspec shell missing all resources
...
In some instances, when running inspec shell, you dont get any resources inside of it. i.e. `inspec shell` and then `os` will lead to
```ruby
NameError: undefined local variable or method `os' for
from (pry):1:in `add_content'
```
This is because of instance_eval loading withing the given source/line
information and not attaching to the profile context which actually has
all the resources. Fix it by making sure that inspec shell always
attaches to the profile context with resources by providing nil for
source and line information.
2016-03-24 20:37:46 +01:00
Stephan Renatus
d91bce0a20
0.16.3
2016-03-23 16:49:27 +01:00
Stephan Renatus
f19b3f632f
inspec-compliance: fix upload of profiles
2016-03-23 16:13:23 +01:00
Dominik Richter
8d524630c3
0.16.2
2016-03-22 20:30:21 +01:00
Dominik Richter
c5f0d11e4c
bugfix: dont crash on read_file contents in parse_config
2016-03-22 18:42:50 +01:00
Dominik Richter
cd031607c1
0.16.1
2016-03-22 12:57:45 +01:00
Christoph Hartmann
cd57b26bd0
wmi unit test
2016-03-20 11:53:56 +01:00
Christoph Hartmann
f97301882e
add namespace for wmi resource
2016-03-20 11:53:56 +01:00
Christoph Hartmann
67251d2982
implement object traversal for wmi object, make namespace and filter optional
2016-03-20 11:53:56 +01:00
Christoph Hartmann
d045927d28
add wmi resource
2016-03-20 11:53:56 +01:00
Christoph Hartmann
849c23d0aa
remove comments from ps script and remove tmp vb script after execution
2016-03-19 19:04:31 +01:00
Christoph Hartmann
6d53e43e7d
add vbscript resource
2016-03-19 19:04:31 +01:00
Christoph Hartmann
f50255486b
add support for addresses in port resource
2016-03-19 11:48:14 +01:00
Dominik Richter
eecf62643a
0.16.0
2016-03-19 11:13:32 +01:00
Dominik Richter
a9632d53d4
fix inspec shell and continuously test it
2016-03-19 09:13:23 +01:00
Christoph Hartmann
e2466d0dbb
rename script
to powershell
2016-03-18 15:41:54 +01:00
Dominik Richter
d41d6ef4e0
add metadata from profile to summary
2016-03-18 02:42:53 +01:00
Dominik Richter
040b2eac8e
add --format fulljson formatter
2016-03-18 02:42:53 +01:00
Dominik Richter
76fe4483d4
feature: add tags and refs
2016-03-18 01:42:26 +01:00
Dominik Richter
b7e438eabc
add a mock fetcher
2016-03-17 23:37:09 +01:00
Dominik Richter
c1d2da5bf3
ensure fetchers test against strings
2016-03-17 23:37:09 +01:00
Adam Leff
0acd926dbd
adding named resource registry classes
2016-03-17 15:58:20 +01:00
Dominik Richter
4676b5eedd
dont generate pretty json by default
...
we have jq for that!
2016-03-17 15:41:57 +01:00
Victoria Jeffrey
08616f50d0
Add title, description, code, and source_location to example metadata
2016-03-17 15:22:57 +01:00
Dominik Richter
16c3c00482
bugfix: prevent duplicate loading of library files
2016-03-17 14:43:52 +01:00
Dominik Richter
f7c2fa4392
functional tests for inspec detect + version + exec
2016-03-17 10:21:38 +01:00
Dominik Richter
0218f1f3ca
feature: --output on archive
2016-03-17 10:21:38 +01:00
Dominik Richter
e3991a2025
bugfix: inspec archive with profile path for inheritance
2016-03-16 20:32:02 +01:00
Dominik Richter
641572ec7f
move CLI components to lib/inspec/cli
...
This makes it easier for other applications to include this component. require from bin/inspec just doesnt behave (or needs workarounds)
2016-03-16 08:17:04 +01:00
Victoria Jeffrey
7f27c33e1f
add output stream to rspec configuration
2016-03-09 15:12:22 +01:00
Dominik Richter
f94330154e
0.15.0
2016-03-09 10:58:21 +01:00
Dominik Richter
24ffdf0478
descope calls to global File
...
This is just for simplicity. I expect other users to make the same mistake when using it, so I would rather our tests crash if we have this type of conflict again and prevent it in the first place. Renaming File to FileResource should take care of all important places
2016-03-09 10:48:54 +01:00
Dominik Richter
844580074d
rename internal OS
-> OSResource
2016-03-09 10:48:54 +01:00
Dominik Richter
387415859e
rename internal File
-> FileResource
2016-03-09 10:48:48 +01:00
Dominik Richter
9cb2bc5dec
Merge pull request #526 from chef/adamleff/resource-namespace
...
Placing all resources in the Inspec::Resources namespace
2016-03-09 10:29:11 +01:00
Adam Leff
577688a3a0
Placing all resources in the Inspec::Resources namespace
...
Many of the resources are named as a top-level class with a fairly generic class name, such as "OS". This causes an issue specifically with kitchen-google which depends on a gem which depends on the "os" gem which itself defines an OS class with a different superclass. This prevents users from using TK, Google Compute, and Inspec without this fix.
Some mocked commands had their digest changed as well due to the new indentation, specifically in the User and RegistryKey classes.
I strongly recommend viewing this diff with `git diff --ignore-space-change`
to see the *real* changes. :)
2016-03-08 13:40:16 -05:00
Dominik Richter
e89738c5f7
0.14.9
2016-03-08 17:52:55 +01:00
Dominik Richter
ccf2694940
bugfix: inheritance of local profiles
2016-03-08 14:59:14 +01:00
Dominik Richter
90f2212ed5
add color output + make default
2016-03-07 22:21:31 +01:00
Dominik Richter
b831b62a90
make controls selectable
2016-03-06 23:54:28 +01:00
Dominik Richter
f6bd7ed3b8
unify exec options
2016-03-06 15:07:12 +01:00
Dominik Richter
ae08fe2f84
0.14.8
2016-03-04 16:50:51 +01:00
Dominik Richter
903b0597d9
expose control impacts in json
2016-03-04 16:30:10 +01:00
Christoph Hartmann
53a2333c20
0.14.7
2016-03-01 21:33:03 +01:00
Christoph Hartmann
d4554771da
adds a insecure option for the compliance plugin to work with self-signed ssl
2016-03-01 20:51:23 +01:00
Christoph Hartmann
9605cfe3e8
0.14.6
2016-03-01 17:04:25 +01:00
Christoph Hartmann
bc2cde6b29
make supermarket command more robust
2016-03-01 13:26:36 +01:00
Alex Pop
051ac89376
make PROFILE required and update usage info
2016-03-01 10:27:22 +00:00
Christoph Hartmann
acdae94201
add missing supermarket loader
2016-02-29 19:28:53 +01:00
Christoph Hartmann
593df248b4
0.14.5
2016-02-29 13:47:55 +01:00
Dominik Richter
9449afcb3d
0.14.4
2016-02-26 17:42:06 +01:00
Dominik Richter
7cdb710e5e
dont crash on empty metadata during finalize
2016-02-26 16:56:36 +01:00
Dominik Richter
e617f74bcd
filter xinetd fields by regex
2016-02-26 14:46:51 +01:00
Dominik Richter
4a39275fc0
add xinetd_conf resource
2016-02-26 13:19:16 +01:00
Dominik Richter
3ae50adae9
feature: conditional OR via describe.one
...
```
describe.one do
describe command("uname -r").stdout do
it { should_not match /x86_64/ }
end
describe test_sth_for_x64_processors do
...
end
end
```
2016-02-25 14:30:23 +01:00
Dominik Richter
4020229914
bugfix: standalone describe without block
...
i.e. make sure it doesnt crash just because no block was given due to source/line detection.
also return the result of the rule's delegated describe call and not the rule itself to the outer method. this is for consistency (and the following commits)
2016-02-25 11:03:53 +01:00
Dominik Richter
78d119beaf
0.14.3
2016-02-24 17:11:41 +01:00
Dominik Richter
40b3af86f8
bugfix: catch fetcher.abs_path(nil)
2016-02-24 16:07:00 +01:00
Dominik Richter
b75ba7d345
throw fetcher and reader errors in profile detection
2016-02-24 15:55:47 +01:00
Christoph Hartmann
681f817992
enable cmp matcher to catch the case where expected is a number string, and actual is a number
2016-02-23 22:18:16 +01:00
Dominik Richter
47b0d97313
0.14.2
2016-02-22 21:20:56 +01:00
Christoph Hartmann
9ea68471e5
fix cc upload
2016-02-22 21:14:50 +01:00
Dominik Richter
926023de91
load plugins in the same gem installation
2016-02-22 21:01:07 +01:00
Christoph Hartmann
a31da47791
0.14.1
2016-02-22 18:47:37 +01:00
Christoph Hartmann
0c02a30dc5
ignore pax_global_header
as valid file
2016-02-22 18:16:07 +01:00
Dominik Richter
7c377a0ab0
0.14.0
2016-02-22 12:53:27 +01:00
Stephan Renatus
01d7d5bf8a
fetchers/tar: slight simplification
2016-02-22 12:06:42 +01:00
Stephan Renatus
356995bd7b
plugins/fetcher: remove attr_reader shadowing
2016-02-22 12:06:42 +01:00
Dominik Richter
33b2876d7c
fix tests and lint
2016-02-22 12:06:42 +01:00
Dominik Richter
d44af5dcc7
bugfix: dont set ID for profile params too early
2016-02-22 12:06:42 +01:00
Dominik Richter
37ec3cf6f2
migrate load-path hooking for legacy modes
2016-02-22 12:06:42 +01:00
Dominik Richter
d065794d96
remove old target interface
2016-02-22 12:06:42 +01:00
Dominik Richter
82195d82d6
make url fetcher less restrictive on file-endings
2016-02-22 12:06:42 +01:00
Dominik Richter
5cabb7d273
migrate inspec-supermarket target to fetcher
2016-02-22 12:06:37 +01:00
Dominik Richter
9c3f336d06
migrate inspec-compliance target to fetcher
2016-02-22 11:24:36 +01:00
Dominik Richter
e4c3c9370b
fix detection with new profile/runner scheme
2016-02-22 11:24:36 +01:00
Dominik Richter
07ae2afd3b
bugfix: generate archive in current folder
...
instead of e.g. the rubygems location somewhere on the system
2016-02-22 11:24:36 +01:00
Dominik Richter
1e1e473cb0
replace target-helper with fetcher+reader
2016-02-22 11:24:35 +01:00
Dominik Richter
202a781f6a
fail on incorrect metadata of url download
2016-02-22 11:24:35 +01:00
Dominik Richter
c79d9f7777
add flat source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
c9d1272f49
add relative fetcher
...
This helps reduce any folder structures, weather on disk or in archives, to their relative root paths; i.e. ignore all file-prefixes that are given and go directly to the underlying files, relative to the common folders that contain it
2016-02-22 11:24:35 +01:00
Dominik Richter
f023d02bbb
add inspec source reader
2016-02-22 11:24:35 +01:00
Dominik Richter
125ee53041
create source_reader plugin structure
2016-02-22 11:24:35 +01:00
Dominik Richter
1825fd1fef
separate reusable plugin registry with sorting
2016-02-22 11:24:35 +01:00
Dominik Richter
d293550375
chain fetchers together
2016-02-22 11:24:35 +01:00
Dominik Richter
7b073fe153
add url fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
4e830ffc24
add tar fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
1c29667523
add zip fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
a83e29cc01
add local fetcher
2016-02-22 11:24:35 +01:00
Dominik Richter
27f7aa7796
create new fetcher system
2016-02-22 11:24:35 +01:00
Dominik Richter
ee82c3a2ff
bugfix: handle edge-cases in upstart service
...
e.g. when a service could not be found and command outputs become empty / matchers dont hit'
2016-02-22 09:52:16 +01:00
Dominik Richter
1147d30679
bugfix: make sure version is always a string
2016-02-22 09:26:48 +01:00
Dominik Richter
c7312be8ec
force encoding to utf-8
2016-02-22 05:18:41 +01:00
Christoph Hartmann
e466ec4e90
0.13.0
2016-02-19 14:50:03 +01:00
Dominik Richter
1e096c7181
add shadow resource for /etc/shadow
2016-02-19 14:26:04 +01:00
Christoph Hartmann
3f6b89e24d
extend github url support
2016-02-19 09:12:25 +01:00
Christoph Hartmann
3a2488cade
fix mime-type map
2016-02-19 09:11:38 +01:00
Christoph Hartmann
9e2dc30fb5
minor typo fix
2016-02-18 21:12:25 +01:00
Dominik Richter
1fa957c8ca
ensure deprecated methods still work
2016-02-18 16:25:02 +01:00
Dominik Richter
83fcc35d2a
expose all fields + deprecate singular accessors
2016-02-18 16:10:42 +01:00
Dominik Richter
d9427b3aac
add filter to passwd
2016-02-18 16:10:42 +01:00
Christoph Hartmann
26276ca991
use ruby zip and tar for unit tests
2016-02-18 14:27:16 +01:00
Dominik Richter
17d4e1dc3c
simplify url-construction of inspec-compliance
2016-02-18 14:25:55 +01:00
Dominik Richter
b872c04616
bugfix: url helper loading zip and tar
2016-02-18 14:25:55 +01:00
Dominik Richter
6bc57b2d92
bugfix: stop reading fro mzip when file is found
2016-02-18 14:25:55 +01:00
Dominik Richter
03bf732d82
add cmp for Arrays
2016-02-18 13:58:37 +01:00
Dominik Richter
2bbbb29a9b
simplify cmp matcher checks
2016-02-18 12:07:40 +01:00
Stephan Renatus
453cd420fb
fix service_ctl override logic
2016-02-17 12:55:09 +01:00
Stephan Renatus
d2469d9519
inspec-compliance: ensure file permissions when saving config
2016-02-17 10:46:06 +01:00
Dominik Richter
294db6744f
0.12.0
2016-02-15 11:54:14 +01:00
Christoph Hartmann
96d02ba4a2
add inspec profile as example
2016-02-14 21:27:40 +01:00
Christoph Hartmann
b967af3c89
rename generate to init
2016-02-14 21:26:37 +01:00
Christoph Hartmann
f281f9c351
implement generate cli command
2016-02-14 19:38:58 +01:00
Dominik Richter
36cbafc438
add runlevel helper object to services
2016-02-14 18:23:58 +01:00
Dominik Richter
0934948a1a
support runlevels for system V + service matching
...
Bugfix: there were services that would get matched because of the way the regex was constructed, i.e. if the user inserted `.` or `*` or anything regexy. Even if the service only had part of the name you were interested in, it would match (e.g. `sshd` would find `my_sshdaemon`).
Apart from this, runlevels are now detected for SystemV. This is exposed in `#info`
2016-02-13 02:11:51 +01:00
Dominik Richter
2426d30870
bugfix: verify the resolver type first
2016-02-11 15:40:35 +01:00
Dominik Richter
137bee74ca
add content resolver to dir helper
2016-02-10 23:46:55 +01:00
Dominik Richter
3efd0961f0
make sure archive resolvers return one file only
2016-02-10 22:49:51 +01:00
Dominik Richter
19a0a18db1
sync archive+tar+zip helpers to new dir-resolver
2016-02-10 22:30:13 +01:00
Dominik Richter
6bd757c585
improve documentation on target resolvers
2016-02-10 20:36:54 +01:00
Dominik Richter
d272024b01
rework resolver connection
...
I.e. we want to get access to the actual directory handler, with full exposure of the underlying directory resolver. e.g. Get the InspecProfileDirectory handler (which provides access to tests, metadata, libraries), but be able to get all data with that alone (e.g. an ArchiveHelper for ZIP which reads all files/folders from zip)
2016-02-10 20:36:43 +01:00
Dominik Richter
293b1a4c25
unify all directory resolvers
2016-02-10 12:20:28 +01:00
Dominik Richter
2d92e164c2
create plugin interface for directory resolvers
2016-02-10 11:15:08 +01:00
Stephan Renatus
ac2584f51d
iptables: strip lines if iptables -S
output
...
As it turns out, some of the lines on CentOS 6 had a trailing space in it.
Fixes #420 .
2016-02-10 09:57:32 +01:00
Stephan Renatus
cdad6e63c3
iptables: some simplifications
2016-02-10 09:57:32 +01:00
Dominik Richter
d55aeddbdf
0.11.0
2016-02-09 17:54:38 +01:00
Christoph Hartmann
0f14ebb1d1
simplify value extraction for apache resource without any magic
2016-02-09 17:35:33 +01:00
Christoph Hartmann
a3eda1fcee
implement method missing for apache_conf resource
2016-02-09 17:35:33 +01:00
Christoph Hartmann
796af68a69
Fix supermarket cli registration
2016-02-09 15:22:29 +01:00
Dominik Richter
971d651551
change version constraints
...
Move to a more mathematical representation of version numbers comparisons. The existing one is semantically correct, but may lead to slight confusion.
2016-02-09 11:51:52 +01:00
Stephan Renatus
e5b88fc486
auditd_rules: suppress warning for centos 5; improve docs wording
2016-02-09 11:51:52 +01:00
Stephan Renatus
405b3e3fa4
rubocop fixes
2016-02-09 11:51:52 +01:00
Stephan Renatus
4b6eced92a
auditd_rules: access by key, tests + documentation
2016-02-09 11:51:52 +01:00
Stephan Renatus
cd5f47ed33
auditd_rules: unit tests, meet the real world
2016-02-09 11:51:52 +01:00
Stephan Renatus
664561aa80
auditd_rules: status querying (old/new) and unit tests
...
TODO: unit tests for the legacy format
2016-02-09 11:51:52 +01:00
Stephan Renatus
57db5a9414
unit test FilterArray, make retrieved values unique
2016-02-09 11:51:52 +01:00
Stephan Renatus
5270f21da9
move FilterArray to utils, add retrieving values
2016-02-09 11:51:52 +01:00
Stephan Renatus
4afb22565e
auditd_rules: teach old dog new tricks
2016-02-09 11:51:52 +01:00
Stephan Renatus
2afc29e48f
auditd_rules: stash legacy behaviour away
2016-02-09 11:51:52 +01:00
Dominik Richter
0421b6dc1a
exit early
2016-02-09 11:04:50 +01:00
Dominik Richter
c966e94835
typos
2016-02-09 11:04:34 +01:00
Dominik Richter
e56321f6c7
semantics: rename CLI plugins registry -> subcommands
...
Basically make sure everyone understands these are only subcommands. we might consider adding plugins for options or existing commands instead of new subcommands. this just ensures everyone knows what registry is for
2016-02-09 01:20:38 +01:00
Dominik Richter
7ccf0fa364
avoid automatic plugin loading throughout the library
...
only load plugins through the binary, never through the library. This avoids issue we have in accidentally loading plugins in tests and integration work. They should only be loaded when users request them.
2016-02-09 00:55:02 +01:00
Dominik Richter
1ae0bc2e60
clarify the role of the plugin API at the moment
2016-02-09 00:25:25 +01:00
Christoph Hartmann
b33129fbf5
implement supermarket extension
2016-02-08 20:06:07 +01:00
Dominik Richter
dc028a3877
fix loading order of plugins
2016-02-07 23:47:10 +01:00
Christoph Hartmann
c6c9d0278c
0.10.1
2016-02-05 18:52:44 +01:00
Dominik Richter
bb264897f4
wrap basecli in inspec module
...
Take care of a rare error which has Inspec undefined
2016-02-05 18:25:40 +01:00
Christoph Hartmann
be7aa8f0c4
0.10.0
2016-02-05 17:18:07 +01:00
Christoph Hartmann
b7a88dbd7a
fix linting and unit test
2016-02-05 16:57:51 +01:00
Christoph Hartmann
f826c07af5
minor improvements
2016-02-05 14:55:12 +01:00
Christoph Hartmann
7e88f56917
move plugin to bundles
2016-02-05 14:48:55 +01:00
Christoph Hartmann
a55a4869d9
extract base cli class
2016-02-05 14:20:32 +01:00
Christoph Hartmann
7494854c60
implement profile upload
2016-02-05 14:18:05 +01:00
Christoph Hartmann
368f6ed56a
refactor compliance plugin
2016-02-05 14:18:05 +01:00
Christoph Hartmann
2cb3d6f90f
bugfix: rescue url error in url target helper
2016-02-05 14:15:57 +01:00
Christoph Hartmann
6c1b9fff9d
do not try to load a profile if we have no token available
2016-02-05 14:15:57 +01:00
Christoph Hartmann
7f57b12258
refactor cli
2016-02-05 14:15:57 +01:00
Christoph Hartmann
823e30e9cf
re-introduce compliance exec
2016-02-05 14:14:34 +01:00
Christoph Hartmann
0958327f06
improve url target helper, match github url with trailing /
2016-02-05 14:14:34 +01:00
Christoph Hartmann
6cf8ecf304
add target helper for compliance plugin, extract API methods from CLI
2016-02-05 14:14:34 +01:00
Christoph Hartmann
0b59dab9ea
initial version of compliance plugin
2016-02-05 14:13:22 +01:00
Christoph Hartmann
bab7eb1986
improve styling
2016-02-05 14:06:55 +01:00
Christoph Hartmann
589db0bcd0
add registry for cli plugins
2016-02-05 14:06:55 +01:00
Stephan Renatus
f63a8ad1d5
upstart_service: add version fallback, fix regexp
...
before this regexp change, a service called "running" (hello integration
tests) would always be "running" ;)
2016-02-05 13:49:18 +01:00
Christoph Hartmann
e6ff20f91e
add metadata warnings in structured hash
2016-02-04 18:46:11 +01:00
Christoph Hartmann
d7cb5a9ae0
adapt unit tests
2016-02-04 18:05:40 +01:00
Christoph Hartmann
ea63a39b40
improve code style
2016-02-04 17:01:38 +01:00
Christoph Hartmann
14a3100e41
simplify result value from profile check
2016-02-04 16:47:33 +01:00
Christoph Hartmann
7e19c5eec6
fix ignore errors option use in archive method
2016-02-04 16:41:59 +01:00
Christoph Hartmann
1796c3271b
generate hash output for check and use it in inspec cli
2016-02-04 16:41:14 +01:00
Christoph Hartmann
6b7e5818fb
expose source location in rule
2016-02-04 16:38:57 +01:00
Christoph Hartmann
d50b634879
bugfix: fix control tests
2016-02-04 16:38:57 +01:00
Christoph Hartmann
826d059b19
optimize json logger for line delimited JSON
2016-02-04 16:38:57 +01:00
Christoph Hartmann
907a4e1f33
add json stream logger for inspec check
2016-02-04 16:38:57 +01:00
Dominik Richter
ecb78e3a19
establish plugin loading dock
2016-02-04 14:43:51 +01:00
Stephan Renatus
e8c7452acf
Inspec::Profile: document that it always reads with ignore_supports
2016-02-03 16:47:52 +01:00
Stephan Renatus
828d6ad443
Inspec::Profile fix @metadata
2016-02-03 16:47:49 +01:00
Stephan Renatus
cc60fa1e23
tar/zip: return empty-string if an entry is empty; zip: return ref
2016-02-03 14:38:46 +01:00
Stephan Renatus
1510f330a9
read and return metadata from archives, too
...
Note that this adds `ref: some/where/in/tarball/file` to the file
contents hash; it wasn't there before but it may be useful for error
reporting nonetheless.
2016-02-03 14:38:46 +01:00
Stephan Renatus
f335865377
WIP: kill all the checks that fail with tarballs.
...
current output:
$ inspec check test/unit/mock/profiles/complete-profile.tgz
I, [2016-02-03T10:22:21.377650 #13207 ] INFO -- : Checking profile in test/unit/mock/profiles/complete-profile.tgz
I, [2016-02-03T10:22:21.377745 #13207 ] INFO -- : Found 1 rules.
I, [2016-02-03T10:22:21.377771 #13207 ] INFO -- : Rule definitions OK.
2016-02-03 14:38:46 +01:00
Stephan Renatus
889be88543
remove stray require
2016-02-03 14:04:55 +01:00
Stephan Renatus
79d171fb2c
rubocop
2016-02-03 14:04:55 +01:00
Stephan Renatus
45f0cbff03
inspec/rspec: decouple reporting and formatting
...
If reporting is requested, register a "reporting formatter", i.e.,
Inspec::RSpecReporter, that does the same things JsonFormatter does, but
suppresses output.
When the report is then requested, it returns the output hash that
JsonFormatter aggregates.
2016-02-03 14:04:55 +01:00
Stephan Renatus
6789e089d7
Inspec::Runner: provide a report
2016-02-03 14:04:55 +01:00
Stephan Renatus
ff682532cf
fix warning in #find_files[_or_error]
2016-02-01 16:32:47 +01:00
Dominik Richter
34bc94d13f
mock resource operating systems for tests
2016-01-29 21:55:08 +01:00
Dominik Richter
4c1b6f7509
remove os check exposure in file resource
2016-01-29 21:55:08 +01:00
Christoph Hartmann
9cfc69cf15
0.9.11
2016-01-29 18:34:12 +01:00
Stephan Renatus
6fbd28c2bb
runit_service: fix resource, improve integration tests
...
Turns out using `/usr/bin/yes` to imitate a daemon process is a TERRIBLE idea.
2016-01-29 17:03:05 +01:00
Christoph Hartmann
317b0cae9d
lint check in user resource
2016-01-28 21:11:13 +01:00
Christoph Hartmann
6ccfbe5e95
bugfix: use freebsd netstat parser instead of linux netstat parser for solaris
2016-01-28 21:08:52 +01:00
Christoph Hartmann
35899ebce6
optimize style in user resource
2016-01-28 18:30:39 +01:00
Christoph Hartmann
202190ea56
fix user resource unit test
2016-01-28 18:30:39 +01:00
Christoph Hartmann
ef3dbbb35c
improvement: make port parsing on solaris more reliable
2016-01-28 18:30:38 +01:00
Christoph Hartmann
678ee2b473
parse port information on solaris 10 and 11 via netstat
2016-01-28 18:30:38 +01:00
Christoph Hartmann
59f3214817
use id -a for solaris
2016-01-28 18:30:38 +01:00
Christoph Hartmann
bd1e5e4085
service resource for solaris 10 and 11
2016-01-28 18:30:38 +01:00
Christoph Hartmann
913191fb9e
package resource for solaris 10 and 11
2016-01-28 18:30:38 +01:00
Christoph Hartmann
dd59dd9a5a
use os.linux and os.windows where possible
2016-01-28 18:30:38 +01:00
Christoph Hartmann
a5f526b368
use freebsd file permission checks for solaris
2016-01-28 18:30:38 +01:00
Christoph Hartmann
2fd6aea357
extend etc_group support for all unix systems
2016-01-28 18:30:38 +01:00
Christoph Hartmann
058ec27d64
0.9.10
2016-01-25 17:45:43 +01:00
Stephan Renatus
56f22a1d2a
resource/postgres_session: add integration tests, change error handling
...
this makes it work (tested with default-ubuntu-1404), but doesn't
improve the error handling (i.e., the skip_resource doesn't really
prevent the failure)
2016-01-25 16:44:53 +01:00
Stephan Renatus
9821c4c754
resource/launchd_service: correctly match non-running services
2016-01-25 16:29:08 +01:00
Christoph Hartmann
5506319ad8
Merge pull request #389 from chef/dr/write-id-to-json
...
bugfix: write given ID to metadata json
2016-01-25 07:22:19 -08:00
Dominik Richter
88d2b26387
bugfix: write given ID to metadata json
...
Whenever the user provides an ID under which the profile is scoped, write it out to JSON during generation.
2016-01-25 15:48:56 +01:00
Christoph Hartmann
cc0db43813
optimize the error output for missing registry keys to nil
2016-01-25 13:55:47 +01:00
Christoph Hartmann
b30720f926
Merge pull request #380 from chef/sr/service-override
...
add service overrides for picking specific service managers, add runit_service
2016-01-21 13:35:23 +01:00
Stephan Renatus
ef77e01229
service resources: fix service_ctl default/override handling
2016-01-21 11:35:34 +01:00
Dominik Richter
d10207caca
warn about legacy supports fields in metadata
...
I.e.: Prevent users from writing `supports: linux` and similar. These are deprecated and will be removed. Also improve the warning to indicate what the user should do instead. Finally add tests to make sure we get all these.
2016-01-21 11:05:26 +01:00
Stephan Renatus
492c7f8146
runit_service: cleanup; fix "non-running-runit-service" test + recipe
2016-01-21 09:05:29 +01:00
Stephan Renatus
c761b8b40d
service resources: further simplifications, debian/centos handling
...
I've recovered the debian/centos special handling of the `service`
binary, although I doubt that it's necessary.
2016-01-21 08:22:04 +01:00
Dominik Richter
cac102aeac
add profile tests (non-legacy)
2016-01-20 21:57:23 +01:00
Stephan Renatus
3f39b35502
add runit_service resource, fix service_ctl handling
2016-01-20 17:54:16 +01:00
Stephan Renatus
709e4ca9e0
some code simplifications
2016-01-20 16:05:20 +01:00
Stephan Renatus
0e410df69d
add *_service overrides, allowing for different control binaries
2016-01-20 15:33:18 +01:00
Dominik Richter
20b138778e
bugfix: expose tests for docker unit-tests
2016-01-19 15:48:06 +01:00
Dominik Richter
c713a0af87
lint
2016-01-19 15:48:06 +01:00
Dominik Richter
22c6fa871d
add code docs to rspec runner
2016-01-19 15:48:06 +01:00
Dominik Richter
611487e956
clearly identify legacy profile tests and fix identification
2016-01-19 15:48:06 +01:00
Dominik Richter
8c464965c1
extract example group creation
...
and restore profile tests that had been completely mocked until now
2016-01-19 15:48:06 +01:00
Dominik Richter
dd2d93fd6f
completely separate rspec runner parts
2016-01-19 15:48:06 +01:00
Dominik Richter
21a92a0c4e
isolate rspec-dsl in profile context
2016-01-19 15:48:06 +01:00
Dominik Richter
b991dd03bb
flatten creation of profile context
2016-01-19 15:48:06 +01:00
Dominik Richter
21d9ae7e1d
move resource dsl creation to resource plugin
2016-01-19 15:48:06 +01:00
Jason Reed
1807c688b8
Fix typo
2016-01-19 09:07:24 -05:00
Dominik Richter
b0ffe684ab
freeze those versions
2016-01-15 21:41:20 +01:00
Christoph Hartmann
e9b94d55d1
0.9.9
2016-01-15 15:20:04 -05:00
Dominik Richter
acbc345321
make metadata.rb legacy mode consistent for supports
...
Before introducing InSpec profiles in https://github.com/chef/inspec/pull/252 we had `metadata.rb` keep all information. This included an undisclosed field called `supports`. However, this field was never actually used in practice. So for legacy profiles, this means that `supports` was ignored. In order to keep old profiles running in exactly the way they were before, ignore this field when reading from metadata.rb
2016-01-15 18:58:18 +01:00
Christoph Hartmann
b9978b5606
new rubocop fixes
2016-01-14 23:15:10 -05:00
Christoph Hartmann
46d85c2cbc
fail test if lsof is not available
2016-01-14 23:03:51 -05:00
Jeremy W. Chalfant
9e40e6d9f3
my rubocop is different
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
0681562fcd
rubocop is nuts
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
98a7e6303e
fix remaining rubocop complaints
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2fc8ba1b83
fix lint complaint
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2d8c892298
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
adbc5b8ef4
sanity check and AIX tests
2016-01-14 23:03:26 -05:00
Jeremy W. Chalfant
2e7ab9bad7
fix rubocop complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
388937e9b4
add aix user support
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
3b87e385d7
my rubocop is different
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
6cd801fbb9
rubocop is nuts
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
94a286929f
fix remaining rubocop complaints
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
420aef7cb9
fix lint complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
c8c676e1d6
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
f31a9f35b5
sanity check and AIX tests
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
5a6b1bbddf
fix rubocop complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
fbe79d1bc4
add aix user support
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
b167854c18
my rubocop is different
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
bbed0e7164
rubocop is nuts
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
88656c9ea8
fix remaining rubocop complaints
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
2aceba417c
fix lint complaint
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
d5a7bad414
superflous chomp
2016-01-14 23:03:25 -05:00
Jeremy W. Chalfant
b6649dd581
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
55d7faec8a
sanity check and AIX tests
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
a0bbb175c2
AIX packages
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
1d99afe623
fix rubocop complaint
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3168e4d100
add aix user support
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
d51d86e6d8
disable cops
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
6bdb06fbe9
move lsof parsing to seperate method
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
c982daaf6e
my rubocop is different
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3211071b9f
simplify lsof call
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
221d27423e
rubocop is nuts
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
f817840d38
fix remaining rubocop complaints
2016-01-14 23:03:24 -05:00
Jeremy W. Chalfant
3a90ea3a74
fix lint complaint
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
2c5cb06990
superflous chomp
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
b9ce468886
add AIX service support
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
d855602efe
use formmated lsof output to ensure accuracy and consistency across platforms
2016-01-14 23:03:23 -05:00
Jeremy W. Chalfant
aef7f6de39
sanity check and AIX tests
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
bc503f080d
rename etc_group to etc_group_spec and etc_group test success on AIX
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
db43739951
AIX packages
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
506b0ea996
fix rubocop complaint
2016-01-14 23:00:10 -05:00
Jeremy W. Chalfant
26afecf857
add aix user support
2016-01-14 23:00:09 -05:00
Mark Harrison
f5780b69a4
Correctly detect UDP ports on linux
...
netstat on UDP lines doesn't display a port state (e.g. LISTEN), so make this
field optional when parsing the netstat line.
2016-01-14 22:53:38 -05:00
Christoph Hartmann
454a7e466d
bugfix: only skip regkey if required
2016-01-14 22:39:17 -05:00
Dominik Richter
375f65c903
casecmp == 0 if both entries are the same
2016-01-15 04:18:48 +01:00
Dominik Richter
4092691a78
lint
2016-01-15 04:07:25 +01:00
Stephan Renatus
5c17f8b643
regexp github url targets, add tests for Inspec::Targests::UrlHelper
...
replacing occuring http:// with https:// is probably ok, github
redirects to https anyways
2016-01-14 12:05:58 -05:00
Jacob McCann
f25ab3a373
Fix systemd service enabled check
2016-01-11 15:32:33 -06:00
Christoph Hartmann
ab88c23ab6
0.9.8
2016-01-11 12:48:36 -05:00
Stephan Renatus
ee62499fc0
bugfix: ignore supports when generating a profile's json representation
...
without this, `inspec json PATH` does never contain rules != {}, because
of the usage of the mock backend
2016-01-11 09:16:06 +01:00
Christoph Hartmann
a1ddbe4cf2
explicitly ignore supports for inspec check
2016-01-10 23:59:57 -05:00
Stephan Renatus
a26dbe146d
fix reading profiles bug
...
For reading the profiles metadata, we're using the train mock backend
through Inspec::Runner. The new `supports` feature never agrees with the
mock backend.
Now, it we figure out if this is a mock class and then just say that it
supports whatever we're asking for.
Tl;dr: there's probably a more beautiful solution to this.
Added a test case, but it fails -- while the command line interface
works fine.
2016-01-07 15:16:49 -08:00
Stephan Renatus
3ce8cd7d16
support old "supports" field in metadata
...
current compliance-profiles still have
```yaml
supports:
- linux
```
and we might want to be a little backwards compatible, too.
2016-01-05 22:50:56 +01:00
Dominik Richter
26c0cd0871
lint
2016-01-03 09:49:40 +01:00
Dominik Richter
8953278204
unfortunately Enumerator#last is not supported
2016-01-03 09:40:17 +01:00
Christoph Hartmann
e1d7d30919
add deprecation warning for serverspec users
2016-01-03 00:03:24 +01:00
Christoph Hartmann
a72ba94f10
handle mount results with multiple entries
2016-01-03 00:03:24 +01:00
Christoph Hartmann
9930773f37
restrict mount functionality to linux
2016-01-03 00:03:24 +01:00
Christoph Hartmann
a5acb03e49
add mount
resource
2016-01-03 00:03:24 +01:00
Christoph Hartmann
772df929f6
implement be_mounted.with
for file resources
2016-01-03 00:03:24 +01:00
Christoph Hartmann
19ed6be39f
more fine-grained utils parser
2016-01-02 22:41:58 +01:00
Christoph Hartmann
3be9ea18cc
use 1.8 syntax for dash key values to be compatible with older ruby versions
2016-01-02 22:29:31 +01:00
Christoph Hartmann
c11c36058a
separate os check
2016-01-02 21:25:22 +01:00
Dominik Richter
d6f48d3534
catch empty support clause
2015-12-31 17:57:59 +01:00
Dominik Richter
af8e4e93ca
add supports keyword to profiles
2015-12-31 17:54:13 +01:00
Dominik Richter
2e0da6e9e8
unify metadata resolution
2015-12-31 12:49:18 +01:00
Dominik Richter
3db2dd756d
resolve metadata from profile targets
2015-12-31 12:49:18 +01:00
Dominik Richter
e7b7f166cf
dry folder resolver
2015-12-31 12:49:18 +01:00
Dominik Richter
96c9794cbf
bugfix: reload inspec DSL after loading libraries
2015-12-29 19:27:00 +01:00
Dominik Richter
526932584d
fix metadata validation
2015-12-28 13:35:38 +01:00
Dominik Richter
cfa2b9a39c
fix metadata reading and parsing
2015-12-28 13:16:09 +01:00
Dominik Richter
cdc95df5ca
keep metadata checks in metadata.rb
2015-12-28 13:07:21 +01:00
Dominik Richter
aef0cabde8
fix method length in inspec.check
2015-12-28 13:01:27 +01:00
Christoph Hartmann
0ab46ff5b1
rename metadata.yml
to inspec.yml
2015-12-28 12:53:42 +01:00
Christoph Hartmann
1d4295ee4d
remove owner/name restriction
2015-12-28 12:53:42 +01:00
Christoph Hartmann
06c1265b38
add support for .tgz extension. Thanks @srenatus
2015-12-28 12:53:42 +01:00
Christoph Hartmann
31c8509092
lint profile implementation
2015-12-28 12:53:42 +01:00
Christoph Hartmann
27150e5341
feature: generate profile archive
2015-12-28 12:53:42 +01:00
Christoph Hartmann
9da0e32f3d
bugfix: only add path to load path if the test is located on filesystem
2015-12-28 12:53:42 +01:00
Christoph Hartmann
ebe54efd67
feature: load tests from zip and tar.gz
2015-12-28 12:53:42 +01:00
Christoph Hartmann
43c778078c
feature: add support for metadata.yml
2015-12-28 12:53:42 +01:00
Christoph Hartmann
9e8e64319e
improvement: better detection of directory types
2015-12-28 12:53:42 +01:00
Christoph Hartmann
bb97044338
bugfix: fix profile check
2015-12-28 12:53:38 +01:00
Christoph Hartmann
9fda6d3e89
bugfix: use skip_control
instead of skip_rule
as default
2015-12-28 12:07:57 +01:00
Christoph Hartmann
e122e48ae5
change profile directory from 'test' to 'controls'
2015-12-28 12:07:57 +01:00
Dominik Richter
7473dea1f2
ignore auto-generated controls during verify check
2015-12-23 11:11:49 +01:00
Dominik Richter
b2e0fac625
change check errors on summary+title to warnings
2015-12-23 09:18:59 +01:00
Dominik Richter
d2509f745e
reference correct fields from metadata in inspec check
2015-12-23 09:18:59 +01:00
Dominik Richter
25706b3612
0.9.7
2015-12-21 16:31:48 +01:00
Christoph Hartmann
ca33ac9288
Merge pull request #321 from jeremymv2/security_policy_fixes
...
Fixing issue with security policy always returning nil
2015-12-17 17:55:01 +01:00
Jeremy J. Miller
f1e8483cd8
Removed extra whitespace
2015-12-17 08:56:43 -05:00
Stephan Renatus
3a1dcb7669
teach cmp
matcher octal tricks
2015-12-16 11:32:31 +01:00
Jeremy J. Miller
af55cb41d8
Added ensure block to always delete file
2015-12-15 14:40:57 -05:00
Jeremy J. Miller
652392918d
Fixing issue with security policy always returning nil
2015-12-15 10:29:54 -05:00
Stephan Renatus
a5a780f920
reset rspec configuration when initializing Inspec::Runner
...
fixes https://github.com/chef/kitchen-inspec/issues/15
2015-12-15 14:00:53 +01:00
troyready
29f954f7f3
add release to el pkg version & catch missing linebreaks
...
Package release info (e.g. '19.el7') is often required to determine if
a system has been properly patched.
Lines like the following from rpm are messing up the version returned
by the package resource:
"...\nVersion : 1.8.6p3 Vendor: Red Hat, Inc.\n..."
Correcting this with a new conditional check.
2015-12-11 13:05:22 -08:00
Dominik Richter
cc67d8d4c0
0.9.6
2015-12-11 18:34:15 +01:00
Dominik Richter
494ed708d4
Merge pull request #318 from chef/chris-rock/cmp-matcher
...
matcher for less-restrictive comparison
2015-12-11 17:58:47 +01:00
Christoph Hartmann
0185751ff5
lint exception
2015-12-11 17:48:05 +01:00
Christoph Hartmann
52cd0b38d1
update style of float?
detection
2015-12-11 17:26:46 +01:00
Christoph Hartmann
31f8863701
update failure message for cmp
matcher
2015-12-11 17:19:28 +01:00
Christoph Hartmann
53728ee03a
lint fix
2015-12-11 17:17:01 +01:00
Christoph Hartmann
9f0755be99
add new cmp
matcher that eases the comparison for values
2015-12-11 17:02:48 +01:00
Christoph Hartmann
b2c457cf22
lint: remove redundant return
2015-12-11 15:39:49 +01:00
Christoph Hartmann
6badbf4dc9
bugfix: abort registry_key resource if the os is not supported
2015-12-11 15:39:49 +01:00
Christoph Hartmann
90e1eb9e39
bugfix: always ensure the script resource is properly initialized, even if the os is not supported
2015-12-11 15:39:49 +01:00
Christoph Hartmann
7422306ba7
lint fix
2015-12-11 14:34:28 +01:00
Christoph Hartmann
95c7ba8fe5
simplify prompt color setting
2015-12-11 14:29:31 +01:00
Christoph Hartmann
100df85b27
improve shell prompt and help
2015-12-11 14:03:36 +01:00
Stephan Renatus
652d51e9dc
[resource/port] add port(addr, port)
variant
2015-12-08 20:33:36 +01:00
Stephan Renatus
8532dd7034
[resource/port] change attribute names to plural, indicating arrays
...
see discussion in #256
2015-12-08 20:33:36 +01:00
Adam Leff
c146a76679
File permission checks should return false unless file exists
...
Currently, #readable?, #writeable?, and #executable? will incorrectly
return true if the file does not exist.
In addition, I took the opportunity to refactor the File resource to
make it easier to write unit tests and supplied a full unit test
suite for this resource.
2015-12-08 19:57:34 +01:00
Stephan Renatus
7a1cd660c3
[resources/processes] add users, states attribute; update docs
...
processes('bash').user does not actually make much sense for a resource
that is a list -- different entries can belong to different users.
Analogous for processes('bash').state.
The attributes 'users' and 'states' expose the unique values
corresponding to that property of entries in the process list.
Fixes #295 .
2015-12-08 13:06:27 +01:00
Stephan Renatus
bf15c05f7f
Merge pull request #299 from chef/chris-rock/os-resource
...
support string and symbol for os resource
2015-12-07 12:22:58 +01:00
Stephan Renatus
33f2fe3dde
hide summary output when running interactively (inspec shell)
2015-12-07 11:12:41 +01:00
Stephan Renatus
17a80d32a9
remove second welcome
2015-12-07 11:12:41 +01:00
Stephan Renatus
c6fd8c5880
mention help [resource]
2015-12-07 11:12:41 +01:00
Christoph Hartmann
dcb09802d3
support string and symbol for os resource
2015-12-07 11:11:55 +01:00
Stephan Renatus
79f48afa6c
[resources/apache_conf]: add tests, fix bug
...
before, the resource would throw an exception when include_files
returned nil (i.e., [].flatten!)
added basic unit tests capturing the include_files behaviour
2015-12-07 10:50:48 +01:00
Christoph Hartmann
7c393a1891
Merge pull request #291 from chef/sr/fix-find_files
...
revert to old find_files interface
2015-12-04 14:41:36 +01:00
Stephan Renatus
324ba14a6b
fix optional type argument handling
2015-12-04 14:27:32 +01:00
Stephan Renatus
390e0fcca7
restore old find_files interface
...
- fixes #276
- basic test for find_files
2015-12-04 14:15:45 +01:00
Adam Leff
e0c356dae7
Adding support for Wind River Linux
...
WRL is used as the OS on Cisco Nexus devices and acts like a Red
Hat variant. These changes add support for WRL.
2015-12-03 17:41:11 -05:00
Christoph Hartmann
766fe47b87
add inline documentation
2015-12-01 10:56:47 +01:00
Christoph Hartmann
6a6cff1526
feature: add help command for resources
2015-12-01 10:56:47 +01:00
Christoph Hartmann
2c8a8ccb25
improvement: add etc_group support for centos and add integration test
2015-12-01 10:40:12 +01:00
Dominik Richter
762562b967
0.9.5
2015-11-25 15:43:31 +01:00
Dominik Richter
468159772f
0.9.4
2015-11-24 20:04:31 +01:00
Christoph Hartmann
a822dcee1a
optimize code structure
2015-11-24 18:39:32 +01:00
Christoph Hartmann
0bd7f557d5
bugfix: do manual split of id result because we cannot use whitespace
2015-11-24 18:35:10 +01:00
Christoph Hartmann
be62b76dc2
improvement: add checks to ensure the requested file is available
2015-11-24 16:46:17 +01:00
Christoph Hartmann
60e2a3512f
add init resource
2015-11-24 16:46:17 +01:00
Christoph Hartmann
0657525f4d
lint json resource
2015-11-24 16:46:17 +01:00
Christoph Hartmann
62ecdf6a1f
rewrite extraction of values
2015-11-24 16:46:17 +01:00
Christoph Hartmann
b70ba447b2
simplify method returns
2015-11-24 10:41:46 +01:00
Christoph Hartmann
129395141b
bugfix: make registry_key case-insensitive for properties
2015-11-23 16:26:17 +01:00
Dominik Richter
75d8b9388b
0.9.3
2015-11-20 23:33:18 +01:00
Seth Chisamore
606f618fc7
ensure all test directories are on the runner $LOAD_PATH
...
This change builds on chef/kitchen-inspec#12 . All test directories should
be on the `$LOAD_PATH` when `Inspec::Runner` executes the test suites with
`RSpec::Core::Runner`. This will allow things like `require 'spec_helper'`
to work as expected.
2015-11-20 00:14:57 -05:00
Seth Chisamore
beade346bf
Add Windows support to the os_env
resource
...
This change allows checks like:
```
describe os_env('PATH') do
its('split') { should include('C:\wix') }
end
```
2015-11-19 15:41:00 +01:00
Dominik Richter
a04ff021c6
bugfix: support multiple computed calls to describe
...
fixes #246
2015-11-19 14:28:42 +01:00
Christoph Hartmann
b899430541
bugfix: add attribute reader to make the command accessible to script resource
2015-11-17 22:40:07 +01:00
Christoph Hartmann
cb95951e03
simplify script resource
2015-11-17 22:28:11 +01:00
Christoph Hartmann
cd35d82326
improvement: reimplement registry key resource
2015-11-17 22:28:11 +01:00
Christoph Hartmann
c6166e335b
lint: fix lint error
2015-11-17 12:29:33 +01:00
Christoph Hartmann
850af710b0
improvement: add v6 protocol detection, it netstat does not deliver the information
2015-11-17 12:15:49 +01:00
Christoph Hartmann
9e3dccbfa3
improvement: restrice rescue to URI parse error
2015-11-17 12:14:05 +01:00
Christoph Hartmann
a4c47e1cd7
bugfix: fix regular expression to leave port colon
2015-11-17 12:12:59 +01:00
Christoph Hartmann
0de7549a64
lint: remove trailing whitespace
2015-11-16 21:44:12 +01:00
Christoph Hartmann
7898c1d29c
improvement: optimize regular expression, catch parse errors and ignore header lines
2015-11-16 20:33:49 +01:00
Christoph Hartmann
83e6f46724
add centos support for port
2015-11-16 20:32:43 +01:00
Dominik Richter
17ce88b63d
api: don't force root on os_env
2015-11-13 12:10:22 +01:00
Dominik Richter
069075b48a
lint
2015-11-13 10:46:04 +01:00
Christoph Hartmann
7b179872bd
extend upstart implementation to support systemv services
2015-11-13 09:54:30 +01:00
Dominik Richter
6cbe3466fb
update rubocop 0.35.1
2015-11-13 01:03:15 +01:00
Dominik Richter
007594eef7
lint
2015-11-13 00:48:52 +01:00
Dominik Richter
b47409fd73
0.9.2
2015-11-05 18:40:24 +01:00
Dominik Richter
faa0b41803
bugfix: correct add_content call to new param structure
...
this was breaking inspec shell
2015-11-05 18:35:38 +01:00
Dominik Richter
b31501ab93
0.9.1
2015-11-04 00:51:16 +01:00
Dominik Richter
6c36720bd1
0.9.0
2015-11-03 03:04:57 +01:00
Dominik Richter
6e548364f4
bugfix: dont skip controls during json generation
2015-11-03 01:10:05 +01:00
Dominik Richter
ea66947b36
dont warn on command not existing on mock backend
2015-11-03 00:35:45 +01:00
Dominik Richter
6e8c4f02a1
fix typo
2015-11-03 00:35:45 +01:00
Christoph Hartmann
9d32bc7f81
improvement: fail properly if os is not supported
2015-11-02 22:58:20 +00:00
Christoph Hartmann
b1153685a4
bugfix: relax fail for command.exist? for inspec check command
2015-11-02 22:52:04 +00:00
Dominik Richter
7a07c02b4d
alias rule instead of recreating it
2015-11-02 22:43:20 +01:00
Dominik Richter
ccabe55608
api: change require/include_rules -> require/include_controls
2015-11-02 22:26:20 +01:00
Dominik Richter
f976730a27
api: make control the default keyword
2015-11-02 22:26:20 +01:00
Dominik Richter
9aec339d9f
disable class length metrics on profile context for now
2015-11-02 17:47:04 +01:00
Dominik Richter
de8437caa6
feature: introduce group title for files
2015-11-02 17:31:56 +01:00
Dominik Richter
93ee171dfa
bugfix: use full path when resolving files
2015-11-02 16:43:39 +01:00
Dominik Richter
31d42b0212
lint: ignore line length on runner for now
2015-11-02 15:06:48 +01:00