Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-24 05:33:17 +00:00
Code Issues Projects Releases Packages Wiki Activity
2027 commits 453 branches 1898 tags 74 MiB
Commit graph

1045 commits

Author SHA1 Message Date
Dominik Richter
e89738c5f7 0.14.9 2016-03-08 17:52:55 +01:00
Dominik Richter
ccf2694940 bugfix: inheritance of local profiles 2016-03-08 14:59:14 +01:00
Dominik Richter
90f2212ed5 add color output + make default 2016-03-07 22:21:31 +01:00
Dominik Richter
b831b62a90 make controls selectable 2016-03-06 23:54:28 +01:00
Dominik Richter
f6bd7ed3b8 unify exec options 2016-03-06 15:07:12 +01:00
Dominik Richter
ae08fe2f84 0.14.8 2016-03-04 16:50:51 +01:00
Dominik Richter
903b0597d9 expose control impacts in json 2016-03-04 16:30:10 +01:00
Christoph Hartmann
53a2333c20 0.14.7 2016-03-01 21:33:03 +01:00
Christoph Hartmann
d4554771da adds a insecure option for the compliance plugin to work with self-signed ssl 2016-03-01 20:51:23 +01:00
Christoph Hartmann
9605cfe3e8 0.14.6 2016-03-01 17:04:25 +01:00
Christoph Hartmann
bc2cde6b29 make supermarket command more robust 2016-03-01 13:26:36 +01:00
Alex Pop
051ac89376 make PROFILE required and update usage info 2016-03-01 10:27:22 +00:00
Christoph Hartmann
acdae94201 add missing supermarket loader 2016-02-29 19:28:53 +01:00
Christoph Hartmann
593df248b4 0.14.5 2016-02-29 13:47:55 +01:00
Dominik Richter
9449afcb3d 0.14.4 2016-02-26 17:42:06 +01:00
Dominik Richter
7cdb710e5e dont crash on empty metadata during finalize 2016-02-26 16:56:36 +01:00
Dominik Richter
e617f74bcd filter xinetd fields by regex 2016-02-26 14:46:51 +01:00
Dominik Richter
4a39275fc0 add xinetd_conf resource 2016-02-26 13:19:16 +01:00
Dominik Richter
3ae50adae9 feature: conditional OR via describe.one 
```
describe.one do
  describe command("uname -r").stdout do
    it { should_not match /x86_64/ }
  end
  describe test_sth_for_x64_processors do
    ...
  end
end
```
 2016-02-25 14:30:23 +01:00
Dominik Richter
4020229914 bugfix: standalone describe without block 
i.e. make sure it doesnt crash just because no block was given due to source/line detection.

also return the result of the rule's delegated describe call and not the rule itself to the outer method. this is for consistency (and the following commits)
 2016-02-25 11:03:53 +01:00
Dominik Richter
78d119beaf 0.14.3 2016-02-24 17:11:41 +01:00
Dominik Richter
40b3af86f8 bugfix: catch fetcher.abs_path(nil) 2016-02-24 16:07:00 +01:00
Dominik Richter
b75ba7d345 throw fetcher and reader errors in profile detection 2016-02-24 15:55:47 +01:00
Christoph Hartmann
681f817992 enable cmp matcher to catch the case where expected is a number string, and actual is a number 2016-02-23 22:18:16 +01:00
Dominik Richter
47b0d97313 0.14.2 2016-02-22 21:20:56 +01:00
Christoph Hartmann
9ea68471e5 fix cc upload 2016-02-22 21:14:50 +01:00
Dominik Richter
926023de91 load plugins in the same gem installation 2016-02-22 21:01:07 +01:00
Christoph Hartmann
a31da47791 0.14.1 2016-02-22 18:47:37 +01:00
Christoph Hartmann
0c02a30dc5 ignore pax_global_header as valid file 2016-02-22 18:16:07 +01:00
Dominik Richter
7c377a0ab0 0.14.0 2016-02-22 12:53:27 +01:00
Stephan Renatus
01d7d5bf8a fetchers/tar: slight simplification 2016-02-22 12:06:42 +01:00
Stephan Renatus
356995bd7b plugins/fetcher: remove attr_reader shadowing 2016-02-22 12:06:42 +01:00
Dominik Richter
33b2876d7c fix tests and lint 2016-02-22 12:06:42 +01:00
Dominik Richter
d44af5dcc7 bugfix: dont set ID for profile params too early 2016-02-22 12:06:42 +01:00
Dominik Richter
37ec3cf6f2 migrate load-path hooking for legacy modes 2016-02-22 12:06:42 +01:00
Dominik Richter
d065794d96 remove old target interface 2016-02-22 12:06:42 +01:00
Dominik Richter
82195d82d6 make url fetcher less restrictive on file-endings 2016-02-22 12:06:42 +01:00
Dominik Richter
5cabb7d273 migrate inspec-supermarket target to fetcher 2016-02-22 12:06:37 +01:00
Dominik Richter
9c3f336d06 migrate inspec-compliance target to fetcher 2016-02-22 11:24:36 +01:00
Dominik Richter
e4c3c9370b fix detection with new profile/runner scheme 2016-02-22 11:24:36 +01:00
Dominik Richter
07ae2afd3b bugfix: generate archive in current folder 
instead of e.g. the rubygems location somewhere on the system
 2016-02-22 11:24:36 +01:00
Dominik Richter
1e1e473cb0 replace target-helper with fetcher+reader 2016-02-22 11:24:35 +01:00
Dominik Richter
202a781f6a fail on incorrect metadata of url download 2016-02-22 11:24:35 +01:00
Dominik Richter
c79d9f7777 add flat source reader 2016-02-22 11:24:35 +01:00
Dominik Richter
c9d1272f49 add relative fetcher 
This helps reduce any folder structures, weather on disk or in archives, to their relative root paths; i.e. ignore all file-prefixes that are given and go directly to the underlying files, relative to the common folders that contain it
 2016-02-22 11:24:35 +01:00
Dominik Richter
f023d02bbb add inspec source reader 2016-02-22 11:24:35 +01:00
Dominik Richter
125ee53041 create source_reader plugin structure 2016-02-22 11:24:35 +01:00
Dominik Richter
1825fd1fef separate reusable plugin registry with sorting 2016-02-22 11:24:35 +01:00
Dominik Richter
d293550375 chain fetchers together 2016-02-22 11:24:35 +01:00
Dominik Richter
7b073fe153 add url fetcher 2016-02-22 11:24:35 +01:00
Dominik Richter
4e830ffc24 add tar fetcher 2016-02-22 11:24:35 +01:00
Dominik Richter
1c29667523 add zip fetcher 2016-02-22 11:24:35 +01:00
Dominik Richter
a83e29cc01 add local fetcher 2016-02-22 11:24:35 +01:00
Dominik Richter
27f7aa7796 create new fetcher system 2016-02-22 11:24:35 +01:00
Dominik Richter
ee82c3a2ff bugfix: handle edge-cases in upstart service 
e.g. when a service could not be found and command outputs become empty / matchers dont hit'
 2016-02-22 09:52:16 +01:00
Dominik Richter
1147d30679 bugfix: make sure version is always a string 2016-02-22 09:26:48 +01:00
Dominik Richter
c7312be8ec force encoding to utf-8 2016-02-22 05:18:41 +01:00
Christoph Hartmann
e466ec4e90 0.13.0 2016-02-19 14:50:03 +01:00
Dominik Richter
1e096c7181 add shadow resource for /etc/shadow 2016-02-19 14:26:04 +01:00
Christoph Hartmann
3f6b89e24d extend github url support 2016-02-19 09:12:25 +01:00
Christoph Hartmann
3a2488cade fix mime-type map 2016-02-19 09:11:38 +01:00
Christoph Hartmann
9e2dc30fb5 minor typo fix 2016-02-18 21:12:25 +01:00
Dominik Richter
1fa957c8ca ensure deprecated methods still work 2016-02-18 16:25:02 +01:00
Dominik Richter
83fcc35d2a expose all fields + deprecate singular accessors 2016-02-18 16:10:42 +01:00
Dominik Richter
d9427b3aac add filter to passwd 2016-02-18 16:10:42 +01:00
Christoph Hartmann
26276ca991 use ruby zip and tar for unit tests 2016-02-18 14:27:16 +01:00
Dominik Richter
17d4e1dc3c simplify url-construction of inspec-compliance 2016-02-18 14:25:55 +01:00
Dominik Richter
b872c04616 bugfix: url helper loading zip and tar 2016-02-18 14:25:55 +01:00
Dominik Richter
6bc57b2d92 bugfix: stop reading fro mzip when file is found 2016-02-18 14:25:55 +01:00
Dominik Richter
03bf732d82 add cmp for Arrays 2016-02-18 13:58:37 +01:00
Dominik Richter
2bbbb29a9b simplify cmp matcher checks 2016-02-18 12:07:40 +01:00
Stephan Renatus
453cd420fb fix service_ctl override logic 2016-02-17 12:55:09 +01:00
Stephan Renatus
d2469d9519 inspec-compliance: ensure file permissions when saving config 2016-02-17 10:46:06 +01:00
Dominik Richter
294db6744f 0.12.0 2016-02-15 11:54:14 +01:00
Christoph Hartmann
96d02ba4a2 add inspec profile as example 2016-02-14 21:27:40 +01:00
Christoph Hartmann
b967af3c89 rename generate to init 2016-02-14 21:26:37 +01:00
Christoph Hartmann
f281f9c351 implement generate cli command 2016-02-14 19:38:58 +01:00
Dominik Richter
36cbafc438 add runlevel helper object to services 2016-02-14 18:23:58 +01:00
Dominik Richter
0934948a1a support runlevels for system V + service matching 
Bugfix: there were services that would get matched because of the way the regex was constructed, i.e. if the user inserted `.` or `*` or anything regexy. Even if the service only had part of the name you were interested in, it would match (e.g. `sshd` would find `my_sshdaemon`).

Apart from this, runlevels are now detected for SystemV. This is exposed in `#info`
 2016-02-13 02:11:51 +01:00
Dominik Richter
2426d30870 bugfix: verify the resolver type first 2016-02-11 15:40:35 +01:00
Dominik Richter
137bee74ca add content resolver to dir helper 2016-02-10 23:46:55 +01:00
Dominik Richter
3efd0961f0 make sure archive resolvers return one file only 2016-02-10 22:49:51 +01:00
Dominik Richter
19a0a18db1 sync archive+tar+zip helpers to new dir-resolver 2016-02-10 22:30:13 +01:00
Dominik Richter
6bd757c585 improve documentation on target resolvers 2016-02-10 20:36:54 +01:00
Dominik Richter
d272024b01 rework resolver connection 
I.e. we want to get access to the actual directory handler, with full exposure of the underlying directory resolver. e.g. Get the InspecProfileDirectory handler (which provides access to tests, metadata, libraries), but be able to get all data with that alone (e.g. an ArchiveHelper for ZIP which reads all files/folders from zip)
 2016-02-10 20:36:43 +01:00
Dominik Richter
293b1a4c25 unify all directory resolvers 2016-02-10 12:20:28 +01:00
Dominik Richter
2d92e164c2 create plugin interface for directory resolvers 2016-02-10 11:15:08 +01:00
Stephan Renatus
ac2584f51d iptables: strip lines if iptables -S output 
As it turns out, some of the lines on CentOS 6 had a trailing space in it.

Fixes #420.
 2016-02-10 09:57:32 +01:00
Stephan Renatus
cdad6e63c3 iptables: some simplifications 2016-02-10 09:57:32 +01:00
Dominik Richter
d55aeddbdf 0.11.0 2016-02-09 17:54:38 +01:00
Christoph Hartmann
0f14ebb1d1 simplify value extraction for apache resource without any magic 2016-02-09 17:35:33 +01:00
Christoph Hartmann
a3eda1fcee implement method missing for apache_conf resource 2016-02-09 17:35:33 +01:00
Christoph Hartmann
796af68a69 Fix supermarket cli registration 2016-02-09 15:22:29 +01:00
Dominik Richter
971d651551 change version constraints 
Move to a more mathematical representation of version numbers comparisons. The existing one is semantically correct, but may lead to slight confusion.
 2016-02-09 11:51:52 +01:00
Stephan Renatus
e5b88fc486 auditd_rules: suppress warning for centos 5; improve docs wording 2016-02-09 11:51:52 +01:00
Stephan Renatus
405b3e3fa4 rubocop fixes 2016-02-09 11:51:52 +01:00
Stephan Renatus
4b6eced92a auditd_rules: access by key, tests + documentation 2016-02-09 11:51:52 +01:00
Stephan Renatus
cd5f47ed33 auditd_rules: unit tests, meet the real world 2016-02-09 11:51:52 +01:00
Stephan Renatus
664561aa80 auditd_rules: status querying (old/new) and unit tests 
TODO: unit tests for the legacy format
 2016-02-09 11:51:52 +01:00
Stephan Renatus
57db5a9414 unit test FilterArray, make retrieved values unique 2016-02-09 11:51:52 +01:00