When running `inspec exec` without the `target` option but against remote endpoints OR when executing it with the `localhost://` target AND having `--sudo` active it would abort the execution. `--target` is a helper to set the Train parameters for `backend`, `host`, `user`, `port`, and potentially `password`. The detection would fail on providing any of these separately without specifying `--target`. The same holds true for the `localhost` train backend or just `localhost://` target.
This type of detection has since moved to Train. The driving reason was to have this very useful check for localhost vs sudo run for any type of inspec (or for that matter: train) execution.
This PR depends on https://github.com/chef/train/pull/179 and the next release of train.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Unsupported operating systems AND the mockloader when using inspec analysis tools may lead to powershell being called with the command being `nil`, because the resource skips during the initialize phase. Instead, propagate an empty string so that `command` has a valid input and then skip the resource.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs.
Fixes#1473
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Due to habitat-sh/habitat#2395, we shouldn't try to log stderr output
to a file for now. While this makes for a less-than-awesome UX, it's
better than a process locking up due to a buffer filling up!
This change redirects stderr from InSpec to stdout and adds some
helpful troubleshooting messages. Should InSpec be able to generate
unique exit codes for when controls fail (vs. a Ruby eval failure)
then we can fix this up some more, too.
Signed-off-by: Adam Leff <adam@leff.co>
The `interface` resource currently refers to methods that don't
yet exist. Fixing the docs for now and will add the features
later.
Signed-off-by: Adam Leff <adam@leff.co>
When attempting to parse the profile out of the target URL, we
were not raising an exception if we failed to do so. Such a situation
could arise if a user's inspec config.json is incorrect either due to
manual editing or failure to re-login after an upgrade past Automate
0.8.0.
This change provides a clear exception if this occurs and also adds
tests for the compliance_profile_name method.
Signed-off-by: Adam Leff <adam@leff.co>
Postgres configuration doesnt always include absolute paths. When using relative paths it will fail!
Also: We treat the include as either a string or an array; when the first condition succeeds and you get a string and the second fails you get a array => ruby tries to add a string with an array and fails. This is now fixed as well.
Fixes: https://github.com/chef/inspec/issues/1780
Fixes: https://github.com/chef/inspec/issues/1738
Signed-off-by: Aaron Lippold <lippold@gmail.com>
The gem resource used to determine if a gem is installed based on the exit
status of the `gem` command, however that command will return zero
if the package was found or not. This patch checks to ensure that the
`gem list` command actually includes the gem name or is empty to
determine if the gem is in fact installed.
If the gem command returns something other than a `0` exit code, then
it'll skip the resource.
Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
This adds supports for connecting to MS SQL instances using Window
authentication rather than SQL authentication. By leaving either the
user or password parameters blank causes the sqlcmd to leave off the -U
and -P params. This will cause sqlcmd to authenticate as the current
Windows user.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
Inspired by #1640, this change cleans up the logic used when
reading in secrets files, provides clearer warnings when the
secrets files can't be parsed, and adds tests for those methods.
Signed-off-by: Adam Leff <adam@leff.co>
Switched the oracle_session resource to take an option hash and allow
for configuring hostname, DB_SID, and sqlplus binary path.
Added unit tests.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
Since the command to enable them is different, also make that change in
the output based on the shell used.
Signed-off-by: Nathan L Smith <smith@chef.io>
