This PR adds 5 closely related plugin types, which allow a plugin to implement new DSL methods / keywords. The mechanism to activate the plugins are all very similar - basically, in a particular location in the code, `method_missing` is implemented, and is used to activate the particular type of DSL being requested.
4 of the DSL plugin types relate to code that could appear in a profile control file.
* outer_profile_dsl plugins allow you to extend the code in profile Ruby files that appear outside `control` or `describe` blocks.
* control_dsl plugins allow you to extend the code within `control` blocks.
* describe_dsl plugins allow you to extend the code within `describe` blocks.
* test_dsl plugins allow you to extend the code within `it`/`its` blocks.
Finally, the `resource_dsl` plugin allows you to extend the code used within custom resources.
Basic unit tests are provided to prove that the plugin types are properly defined.
A simple plugin fixture defining DSL hooks (based on favorite foods) is included, and is exercised through a set of functional tests.
The plugin developer docs are updated to describe the 5 DSLs.
*Note*: Implementing a plugin using any of the DSL plugin types is experimental. The contexts that are exposed to the DSL methods are private and poorly documented. The InSpec project does not claim the APIs used by these plugin types are covered by SemVer. Plugin authors are encouraged to pin tightly to the `inspec` gem in their gemspecs.
Motivation for this plugin comes from the desire to allow passionate community members to implement things like "2 out of 3" tests, example groups, improved serverspec compatibility, "they/their" and other "fluency" changes, as well as make it possible for future work by the InSpec team to be implemented as a core plugin, rather than a direct change to the main codebase.
* add aws_eks_cluster
Signed-off-by: Timothy van Zadelhoff
timothy.inspec@theothersolution.nl
* disable ABC check on fetch_from_api
Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl>
* add status predicates
* Change docs for status attribute
Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl>
* Add integration tests
Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl>
* Adjust EKS build code to almost work
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* EKS only uses private subnets - integration tests pass
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Correct AWS Exception class for resource search miss in unit test
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Update unit test to reflect AWS resource-standard miss behavior, returning nil for most properties
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Update package.rb to solve issue #3361
Update the windows package search regex.
According to issue #3361
* Update package.rb
Fix trailing spaces
* Update helper.rb
update sha for get-item-package. To fix the issue #3361
Signed-off-by: markus hackethal <mh@it31.de>
* Improve filesystem.rb to support windows
improve filesystem.rb to support windows.
Split into 2 classes LinuxFileSystemResource / WindowsFileSystemResource
Add filesystem to verify a FS-type ( currently not for linux because missing test server )
Size on Windows is converted to GB - discussion about this welcome
update to reflect also windows os
* Create get-wmiobject-filesystem
* Delete get-wmiobject-filesystem
* Fix the testing code for filesystem.
Change its 'filesystem' to 'type' according to recommendation from @miah
Signed-off-by: Markus Hackethal <mh@it31.de>
* Revert "Silence RSpec 'should' Warning (#3560)"
This reverts commit 7c611a4c24.
* Add comment with link to reverted fix
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Add run_inspec_process, with JSON handling, to functional helper
* Add ability to run a plugin to functional helper
* CWD fix for run_inspec_process
* Add support for running a plugin within a functional test
* Move plugin functional helper code to main func helper file
* FuncHelper: Do not send reporter or lock options if command is not exec
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* unit tests for plugin conf file class, all skip
* File path stuff works
* Validation works
* Add works
* Added remove_entry
* Save works - ready to refactor others
* Rework Loader to use ConfigFile
* Modify loader and installer to use the config file class
* linting
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* When pty is used not having --no-pager makes inspec hang during the test
* Updated tests
Signed-off-by: Jose Alexandre <jose.alexandre@worldfirst.com>
* add security-group to security-group rules
* update docs
* Add integration tests for security-group to security-group rules
* rubocop fix
* Add one security group rule, with position.
* make control fit description
Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl
* Add support for `git@` and HTTP basic auth
This adds support for the following:
```
inspec exec git@github.com:private/example_profile
inspec exec https://username:token@github.com/private/example_profile
inspec exec https://username:password@webserver/private/example_profile
```
This also uses the Git fetcher when the URL ends in `.git`. Example:
```
git config credential.helper cache
git ls-remote https://github.com/private/example_profile.git
inspec exec https://github.com/private/example_profile.git
```
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Add documentation for `inspec exec` usage
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Add tests for Git fetcher and `inspec exec`
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Add `opts` to branch of Git fetcher resolve logic
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Modify Git example comments
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Force `parse_uri` to attempt a parse
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
* Allow add_test to accept negation
This will allow for negated tests to be generated with add_tests.
* Fix rubocop violation
* Add optional options hash
Signed-off-by: Rachel Rice <rrice@chef.io>
Methods like…
* `count()` return `Integer` values
* `boolean()` return `TrueClass`/`FalseClass` values
* `concat()` return `String` values
…but threw exceptions because those types weren't supported.
This adds support to the `xml` resource, and adds tests to verify some of those examples.
Signed-off-by: Mark Hughes <greenantdotcom@users.noreply.github.com>
* Failing functional test for RSpec should deprecation
* Configure RSpec to allow .should calls
* Remove cruft from test files where we needed to filter deprecation warning
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Fixes (some) ruby warnings related to functional tests
* Removes unneeded `Dir.tmpdir` from test
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
* ✓ adds additional checks for vendored profiles
This PR adds additional checks to verify if:
- inspec.yml and inspec.lock dependencies are out-of-sync
- complains about a missing lock file if we have dependencies defined
* skip if legacy profile path is used
* Fix unit tests.
* Force static sha256 for lock files and protect from unnamed depends.
* Add vendor profiles for checks. Windows downloads with different sha256.
* Adding inspec init profile for GCP.
* Adding final newline, thanks rubocop.
* Ensure README headings are at the same level.
* Move OS-specific default profile to new location
* Enforce os-platform restriction on default profile template
* Use profile templates in subdirs.
* Updates to address PR feedback after rebasing from #3491.
* Alter test setup to properly use YAML
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Resource for a Windows Security Identifier (SID)
* Integration tests for security_identifier resource
* Address rubocop violations
* Improve security_identifier from PR feedback
* Update security_identifier tests
* Improve security_identifier unit tests
* Fix unit tests fpr security_identifier resource
* More security_identifier unit tests
* Add docs page for security_identifier resource
* Fix issues with documentation
* Improve docs
Link to Microsoft reference page, and use their term 'trustee' instead of 'entity' where applicable.
* Change exists to exist
* Test appveyor file changes.
Signed-off-by: Jared Quick <jquick@chef.io>
* Add missing tests for groups resource, document members propery, and assorted fixes.
Update existing documentation for group resource.
Add documentation for groups resource.
Update group resource tests to test members property.
Change groups resource members property to have simple style. (this
ensures members is a single array)
remove deprecated have_gid propery.
change `if !` to `unless`
Remove early return from members method. This prevented members from
working correctly on any OS other than Windows.
Add missing tests for the groups resource.
remove tests for has_gid
Signed-off-by: Miah Johnson <miah@chia-pet.org>
* Fix comments
Signed-off-by: Jared Quick <jquick@chef.io>
* Allow strings or symbols to be used interchangeably in filtertable criteria; improve error message
* rubocop
* Update test count
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
* Remove deprecated yumrepo. (#3435)
* Remove deprecations for cli `--format` and metadata.rb (#3452)
* Remove deprecated database_helpers stderr/stdout methods.
Update deprecation text for processes/apache.
* Remove deprecations for `--format` and metadata.rb
Remove deprecated `format` code.
Remove deprecated code test and change json-config format test to use
reporter.
Remove deprecated metadata.rb code
Remove deprecation notice for old supports syntax.
Deprecate metadata.rb from source_reader
Remove rubocop disables as they are no longer required for this code block.
Remove deprecated legacy metadata.rb mock profiles.
Remove deprecated metadata.rb profile tests.
Remove deprecated yumrepo test.
* Allow inspec-3.0 branch to be tested.
* Allow appveyor to test inspec-3.0 branch
* Change runner tests to use reporter rather than format.
Remove deprecated `supports: linux` tests.
* Remove skip from inherited profiles from showing up in reporting (breaking change) (#3332)
* Skip loading dependency profiles if they are unsupported on the current
platform.
Skip loading dependencies if they are unsupported on the current
platform.
Wrap our log and next in a conditional checking if the platform is
supported.
Change a `if !` into a `unless`
Check if the backend is a Train Mock Connection and if so say that the
profile does support the platform.
While iterating through tests being loaded skip when the platform is
unsupported.
We now log a WARN when a profile is skipped due to unsupported platform,
so lets check that.
Modified existing test to log that there are 0 skipped tests, instead of
2.
Add functional test that loads profile-support-skip with a json reporter
to check that our controls are not loaded and that stderr contains our
warning.
* Rather than iterating through each test return before recursion if the platform is
unsupported.
* Resolve tests using a supported platform different from testing platform
Add a control to `test/unit/mock/profiles/complete-profile` that would
work on any OS with a Internet connection. This allows the profile
to execute on any OS with success. `filesystem_spec.rb` was a control
that would only work on Linux and some BSD's.
We want profile tests to consistently work across development and testing
platforms, and not get 'skipped' in some cases. Travis-CI tests on Linux,
Inspec Dev team uses Linux and MacOS, Appveyor tests on Windows
Also Updated `file_provider_test.rb` for `complete-profile` content changes.
If you `MockLoader.load_profile` on a unsupported platform you might not
hit the usual skip. Lets handle situations where the tests array in
Profile#load_checks_params could be nil.
* Use safe navigation rather than checking if tests is nil.
Update tests to point to unsupported_inspec and account for WARN changes.
Make unsupported_inspec profile support os-family 'unsupported_inspec'
* Fix skip bug when using include/require controls. (#3487)
* Fix skip bug when using include/require controls.
* fix test and feedback.
* Remove need for UUID detection for Automate report (#3507)
* Add json metadata for skipped profiles (#3495)
* Add skip metadata to json reports
* Unify skip messages.
* Update with status field.
* Add testing.
* Fix tests.
* lint
* Add skip exit codes for profile skips.
* Update website for 3.0 launch
Add `plugins` to sidebar.
Change 2.0 -> 3.0 in slim files.
Update 3.0 features list.
* Fix comments
* Update float to numeric.
* Change Float to numeric.
* updated feature list and impact doc
* Change "What's new in InSpec 3.0" -> "Announcing InSpec 3.0"
* Bump VERSION to 3.0.0 (#3511)
* Remove 3.0 testing checks.
* Fix azure link.