Commit graph

105 commits

Author SHA1 Message Date
Dominik Richter
bac360475f bugfix: dev-sec/ssl-benchmark -> ssl-baseline
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-09 10:58:07 +02:00
Adam Leff
04c43c6834
Make the --no-color flag work for inspec exec
The CLI formatter is not currently honoring the --no-color flag
when outputting CLI output. This change cleans up how we format
with color and properly support the flag for use cases where
color-encoding characters make the output difficult to use
(i.e. when someone redirects CLI output to a text file for
sharing with others).

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-02 09:52:01 -05:00
Adam Leff
6ed5379134 Error and exit when using --sudo locally
Running `inspec exec` with --sudo locally produces unintended results
given that we cannot escalate local Ruby methods after we're already
running. --sudo is meant to only be used with remote targets. We do
not currently enforce that.

This change will print an error for the user if they attempt to use
--sudo with a local exec and exit non-zero.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-02 12:41:02 +02:00
Adam Leff
a1769cc01b
Update inspec.io references in docs/code
The website is now at https://www.inspec.io - updating all inspec.io
references accordingly. :)

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-27 18:05:51 -04:00
Adam Leff
42797b4231 Add matchers help to shell, clean up help output
A new `help matchers` command will provide helpful examples on a few
of the standard matchers: be, cmp, include, etc.

I also cleaned up the formatting of the resources list and provided
better feedback if a user requests help for an unknown resource.

Resolves #1684

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-27 01:16:39 +02:00
Christoph Hartmann
effd0dd9f8 harmonize compliance profiles view with supermarket views (#1654)
* harmonize profiles view with supermarket plugin

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-04-13 11:24:17 -04:00
Adam Leff
73d46f9c49
Replace Nokogiri with REXML in the JUnit formatter
In #1454, we welcomed a newly-revamped JUnit formatter which has
a dependency on Nokogiri. Unfortunately, this had led us to problems
getting InSpec included in Chef omnibus builds (see chef/chef#5937)
because Chef is using Ruby 2.4.1 and the Nokogiri maintainers have
not yet released a windows binary gem that supports Ruby 2.4.x.
This has led to breaking builds in Chef's CI platform and would
block the acceptance of chef/chef#5937.

This change replaces Nokogiri use with REXML instead. While REXML
can be slower than Nokogiri, it does not require native extensions
and is supported on all Chef platforms.

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-03 14:51:48 -04:00
Adam Leff
96d18435a4 Update CLI output, adjust tests
The CLI output for the vendoring of profiles has been updated slightly
to be more clear, and the functional tests have been modified to match
as well.

Signed-off-by: Adam Leff <adam@leff.co>
2017-03-29 10:22:20 +02:00
Dominik Richter
738bae0db8 add inspec json schema validation to functional tests
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-03-22 09:42:36 +01:00
Adam Leff
19f114deea Merge pull request #1454 from jkerry/FunctionalJUnitReporter
Functional JUnit reporter
2017-02-27 12:00:36 -05:00
jkerry
927a12c574 resolving old junit unit tests with the new format. Adding a skipped test node as a result 2017-02-25 00:44:23 -05:00
Adam Leff
91396d2029 Merge pull request #1488 from chef/adamleff/fix-multiple-flat-profiles
Generate default profile names, fix bug when using multiple flat profiles
2017-02-24 16:59:31 -05:00
Adam Leff
bc7db89d70 Provide target info on shell invocation
When in inspec shell, you need to type the `help` command to find out info
about your target system. This info would be super helpful right out of the
gate so users have confidence that they're targeting the correct system.

The target info is still available via the `help` command as it always has
been, as well.

Signed-off-by: Adam Leff <adam@leff.co>
2017-02-14 14:46:47 +01:00
Adam Leff
d0bc085412 Generate default profile names, fix bug when using two-or-more flat profiles
When running InSpec with multiple profiles, and two or more of the profiles
are read in using the "Flat" SourceReader (i.e. they are not actual profiles
with a metadata file like inspec.yml, but rather just a folder containing
.rb files with controls and tests in them), InSpec would throw a NilClass
error when building the necessary objects for the formatter.

The cause was in `#profile_contains_example` in the formatter code which
checks to see if the profile name is the same as the profile_id in the given
example. However, if both of those were nil, it would potentially match the
wrong Flat-read profile.

This change fixes this in two ways: refusing to match if the profile name
or example profile ID is nil, and adding a default name to a profile if
it doesn't have a title or name. This will solve the matching issue and also
clean up the formatter output so users can more easily tell what tests
are from which profile/path.

Signed-off-by: Adam Leff <adam@leff.co>
2017-02-13 13:07:41 -05:00
Christoph Hartmann
c2d92d8e86 use new devsec baseline
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-01-25 20:22:38 +01:00
Christoph Hartmann
ab097ef8d1 update functional tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-01-03 11:06:05 +01:00
Franklin Webber
4695c9e7be Fixes for functional tests and better displaying dep. profiles
* Fixes an issue when specifying no profile
* Fixes an issue when displaying a profile that has included/required profiels
* Fixes an issue when specifying profiles with only metadata
* Fixes formatting for spacing to ensure it adheres to previous alignment
* Fixes issue with the Control object and the rolling up of failed
  and skipped examples.

Signed-off-by: Franklin Webber <franklin@chef.io>
2016-12-14 13:34:53 -06:00
Lee Briggs
02530310cd Updating tests for profile versions
Signed-off-by: Lee Briggs <lbriggs@apptio.com>
2016-12-14 16:20:27 +00:00
Christoph Hartmann
1472fd4bff deactivate functional tests until logging is reintroduced
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-12-02 19:52:34 +01:00
Victoria Jeffrey
bdf5eae15e Extend inspec compliance cli to support automate backend
Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io>
2016-11-30 13:27:50 +01:00
Christoph Hartmann
db4ce72407 merge json tests for vendored profiles
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-30 11:17:17 +01:00
Christoph Hartmann
826c9fd4c8 add functional tests for tar lockfile reading
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-30 00:37:47 +01:00
Christoph Hartmann
8808c57cae Extend functional tests for vending based on feedback from @alexpop
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-29 23:40:42 +01:00
Christoph Hartmann
5bfc9745e3 move default cache creation to profile implementation
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-29 14:28:03 +01:00
Christoph Hartmann
ded7d4c3c4 Merge pull request #1304 from jkerry/AddJUnitFormatterSupport
Adding JUnit formatter support
2016-11-25 11:33:45 -07:00
hannah-radish
91fe22f044 Replaced Colors for output
Signed-off-by: hannah-radish <hannah@radish-life.com>
2016-11-23 20:19:18 -07:00
hannah-radish
ebb3bc729a Introduce new (awesome) CLI icons for results
Signed-off-by: Hannah Maddy hannah@radish-life.com
2016-11-23 20:06:17 -07:00
jkerry
944040fcf9 adding functional tests for the junit rspec formatter
Signed-off-by: jkerry <john@kerryhouse.net>
2016-11-22 14:45:34 -05:00
jkerry
3ee2808e08 Adding the initial top-level functional tests for inspec result junit xml
Signed-off-by: jkerry <john@kerryhouse.net>
2016-11-21 08:06:46 -05:00
Christoph Hartmann
fef4f9447b add functional tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-09 11:49:51 -06:00
Christoph Hartmann
66449cae32 add functional tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-09 09:12:10 -06:00
Christoph Hartmann
4b22400012 update functional tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-11-04 18:01:28 +01:00
Dave Parfitt
51378d326b adds profile signing/verification
Signed-off-by: Dave Parfitt <dparfitt@chef.io>
2016-10-27 14:44:10 +02:00
Alex Pop
5d51b7a0aa dot inspect actual value to match the expected string one 2016-10-13 07:13:51 -07:00
Alex Pop
6719cf544d add tests for cmp output 2016-10-10 05:40:22 -07:00
Victoria Jeffrey
47c6427082 print profile info before test results (inherited profiles) 2016-09-27 10:39:35 -04:00
Steven Danna
7aa4c6da8e Fix require_controls DSL method
Previous, require_controls was including all controls from the named
profile, despite the documented behavior being that it only includes
controls explicitly pulled in by the user.  The cause was two-fold:

1) A previous refactor meant that we weren't removing the rule from the
correct context, and

2) We weren't descending down the dependency tree when filtering rules.

This commit fixes the require_controls DSL method and adds a test to
help prevent future regressions.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-26 15:20:56 +02:00
Alex Pop
13da437dcc Show skip_message and correct title 2016-09-23 07:47:21 +01:00
Steven Danna
d29e8768ca Rename --no-write-lockfile to --no-create-lockfile
Signed-off-by: Steven Danna <steve@chef.io>
2016-09-22 10:08:32 +02:00
Steven Danna
2f3a916080 Always write lockfiles for local top-level profiles
This commit threads through some state related to whether or not a
profile is "local", that is whether it is a directory on disk.  If it
is, we then write out the lockfile to disk.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-22 10:08:32 +02:00
Alex Pop
e1faebd527 Include code description in the output of failed controls 2016-09-20 10:10:08 +01:00
Steven Danna
b2146d8758 Allow users to reference resources from dependencies
All resources from deps are added into the control_eval_context used by
the current profile. However, if there is a name conflict, the last
loaded resource wins. The new `require_resource` dsl method allows the
user to do the following:

    require_resource(profile: 'profile_name',
                     resource: 'other',
                    as: 'renamed')

    describe renamed do
      ...
    end

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-19 19:08:43 +02:00
Dominik Richter
6792550f8c adopt new json formatting 2016-09-19 13:45:03 +02:00
Dominik Richter
38f2680cf4 static keys in all json 2016-09-19 12:00:14 +02:00
Victoria Jeffrey
ecac8ae9cb print profile summary and test summary 2016-09-18 21:53:16 -04:00
Steven Danna
be1a61f2e5 Process transitive dependencies from lock file
This is a regression introduced by the changes from string to symbol
keys in v0.34.0. It seems that our test cookbook that had a nested
dependency example wasn't actually wired up to run.

This adds a basic functional test and corrects the typo.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-15 09:41:40 +02:00
Steven Danna
7fbb768fc7 Don't gpg-sign commits during tests
If you have gpg singing globally enabled, the tests would ask you for
your gpg pin.  This is not fun.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-14 17:50:37 +02:00
Steven Danna
f2e587f6d5
Skip controls from profile's that don't support the current platform
Any controls included from profiles that don't support our current
platform are now marked as skipped.

Fixes #1049
2016-09-14 09:57:53 +01:00
Steven Danna
8f10ee53c5 Provide inspec.yml shortcut syntax
- Allow users to elide the `name` attributes
- Assume a default source of supermarket

Fixes #1048

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-14 08:46:06 +02:00
Steven Danna
85cbe713d7
Add GitFetcher and rework Fetchers+SourceReaders
This adds a new git fetcher. In doing so, it also refactors how the
fetchers work a bit to better support fetchers that need to resolve
user-provided sources to fully specified sources appropriate for a
lockfile.

Signed-off-by: Steven Danna <steve@chef.io>
2016-09-09 14:14:36 +01:00