Commit graph

3399 commits

Author SHA1 Message Date
Jared Quick
6120497db1
Convert legacy supports to their platform counterparts (#3333)
* Convert legacy supports to their platform counterparts.
* Fix rubocop lint.
* Update json schema for platform supports.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-30 09:11:55 -04:00
Chef Expeditor
6e48478701 Bump version to 2.2.73 by Chef Expeditor
Obvious fix; these changes are the result of automation not creative thinking.
2018-08-29 17:32:31 +00:00
Noel Georgi
0d951e1fd1 fix skip message not being passed for merge (#3329)
* fix skip message not being passed for merge
* Fix calling method twice

Signed-off-by: Noel Georgi <git@frezbo.com>
2018-08-29 13:32:22 -04:00
Chef Expeditor
4e60ecb0f0 Bump version to 2.2.72 by Chef Expeditor
Obvious fix; these changes are the result of automation not creative thinking.
2018-08-28 19:53:27 +00:00
Chef Expeditor
39d60b1d0c Bump version to 2.2.71 by Chef Expeditor 2018-08-28 13:11:51 +00:00
Josh Hudson
2d44b6e5e0 Cached profiles with Compliance Fetcher (#3221)
* Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles
* Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly.
* Declare @upstream_sha256 if target is a string
* Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize
* Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic
* Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url
* Revert changes to cached fetcher that are unnecessary after refactor
* Pacify the god of ruby syntax
* Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles
* Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256

Signed-off-by: Josh Hudson <jhudson@chef.io>
2018-08-28 09:11:38 -04:00
Chef Expeditor
36319d0f04 Bump version to 2.2.70 by Chef Expeditor 2018-08-23 21:04:21 +00:00
Chef Expeditor
43570ad409 Bump version to 2.2.69 by Chef Expeditor 2018-08-23 17:54:40 +00:00
Chef Expeditor
19f8ffc0f0 Bump version to 2.2.68 by Chef Expeditor 2018-08-23 17:51:11 +00:00
Chef Expeditor
ac1484ca0d Bump version to 2.2.67 by Chef Expeditor 2018-08-23 17:47:40 +00:00
Jerry Aldrich
7098631d3e Infer --sudo when --sudo-password is used (#3313)
This does the following:
  - Adds `--sudo` if using `--sudo-password`
  - Warns the user if using `--sudo-password` without `--sudo`
  - Adds unit tests for `Inspec::BaseCLI#opts`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-08-23 13:47:26 -04:00
Noel Georgi
741ad8a2fb Fix skip hash being passed instead of boolean value (#3323)
Fixes: https://github.com/inspec/inspec/issues/3322

Signed-off-by: Noel Georgi <git@frezbo.com>
2018-08-23 13:47:10 -04:00
Chef Expeditor
74525d82bc Bump version to 2.2.66 by Chef Expeditor 2018-08-23 17:44:00 +00:00
Jared Quick
9f3e1c33a8
Suppress logs for json-automate reporter (#3324)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-23 13:43:48 -04:00
Chef Expeditor
0767ffc6f5 Bump version to 2.2.65 by Chef Expeditor 2018-08-22 19:58:47 +00:00
Vern Burton
a7ab4b8b5f Add cloudlinux under redhat family (#2935)
* adding cloudlinux into the mocker under the redhat family as it is found inside of train, and creating tests for cloudlinux that mirror the centos/redhat tests.
* adding cloudlinux under the select_service_mgmt method so that it can be matched.

Signed-off-by: Vern Burton <me@vernburton.com>
2018-08-22 15:58:38 -04:00
Chef Expeditor
a88f929e27 Bump version to 2.2.64 by Chef Expeditor 2018-08-17 15:08:31 +00:00
Kris Shannon
53e5814f74 Allow apache_conf include files to be empty (#3294)
In the `read_file` method we can call `read_file_content` with the second
argument `true` to avoid skipping on an empty file.

We will still skip the control if the main configuration file is empty
as there is still an explicit call to `read_file_content` without this
argument in the `read_content` method.

Signed-off-by: Kris Shannon <k.shannon@amaze.com.au>
2018-08-16 20:22:55 -04:00
Clinton Wolfe
d24e0f0ec9 Plugins V2 API: CLI Command Plugin Type, Again (#3296)
Plugins V2 API: CLI Command Plugin Type

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-08-16 20:22:28 -04:00
Clinton Wolfe
811318f2f8 Plugins API v2: Loader, Base API, and Test Harness (#3278)
* Functional tests for userdir option
* Accepts --config-dir CLI option
* Actually loads a config file from the config dir, more cases to test
* Able to load config and verify contents from config-dir
* Functional tests to ensure precedence for config options
* Enable setting config dir via env var
* .inspec, not .inspec.d
* Begin converting PluginCtl to PluginLoader/Registry
* Able to load and partially validate the plugins.json file
* More work on the plugin loader
* Break the world, move next gen stuff to plugin/
* Be sure to require base cli in bundled plugins
* Move test file
* Revert changes to v1 plugin, so we can have a separate one
* Checkpoint commit
* Move v2 plugin work to v2 area
* Move plugins v1 code into an isolated directory
* rubocop fixes
* Rip out the stuff about a user-dir config file, just use a plugin file
* Two psuedocode test file
* Working base API, moock plugin type, and loader.
* Adjust load path to be more welcoming
* Silence circular depencency warning, which was breaking a unit test
* Linting
* Fix plugin type registry, add tests to cover
* Feedback from Jerry

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-08-16 18:16:32 -04:00
Chef Expeditor
1bd6ab08e5 Bump version to 2.2.63 by Chef Expeditor 2018-08-15 00:08:09 +00:00
Jared Quick
34ac059972
Allow the jsonAutomate report to be executed from cli (#3285)
* Allow the jsonMerged report to be executed from cli.
* Renamed reporter to json-automate and added in comments.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-14 20:07:59 -04:00
Chef Expeditor
f18bcc34ee Bump version to 2.2.62 by Chef Expeditor 2018-08-10 16:39:10 +00:00
Miah Johnson
3a9ed68c72
Merge pull request #3267 from inspec/miah/3158-3
Update `only_if` to allow user specified messages.
2018-08-10 09:38:55 -07:00
Miah Johnson
6823d7287d Create a new variable 'msg' to store the message string returned when
skipped.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-08-09 13:00:57 -07:00
Miah Johnson
e710b5b633 Remove conditional checks for true and reverse if conditional on
Inline if_false_message into test.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-08-09 12:12:47 -07:00
Chef Expeditor
a83ae6ac5d Bump version to 2.2.61 by Chef Expeditor 2018-08-09 13:24:46 +00:00
Chef Expeditor
6c30858ff1 Bump version to 2.2.60 by Chef Expeditor 2018-08-09 13:21:34 +00:00
Robert Van Kleeck
5264cb5fdf add iis_app_pool resource (#2400)
* add iis_app_pool resource
* add sign off
* remove training whitespace
* code cleanup and simplify timeout checks
* add mock tests

Signed-off-by: Rob Van Kleeck <rvankleeck@salesforce.com>
2018-08-09 09:19:49 -04:00
Henry Muru Paenga
f605051f53 Add new resource: aws_ecs_cluster (#3213)
Signed-off-by: Henry Muru Paenga <meringu@gmail.com>
2018-08-09 09:19:27 -04:00
Chef Expeditor
447732f43c Bump version to 2.2.59 by Chef Expeditor 2018-08-09 13:18:23 +00:00
Jared Quick
71003cd564
Error cleanly if a reporter errors while rendering (#3280)
* Error cleanly if a reporter error while rendering.
* Add functional test for automate reporter.
* Remove authors.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-09 09:18:10 -04:00
Chef Expeditor
ac596dc015 Bump version to 2.2.58 by Chef Expeditor 2018-08-09 12:20:39 +00:00
Noel Georgi
9d3beb8d41 Adding docker plugin support (#3074)
* Fixing tests and squashing
* Updating as per some PR comments
* PR comments

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-08-09 08:20:32 -04:00
Chef Expeditor
b872e9135a Bump version to 2.2.57 by Chef Expeditor 2018-08-09 12:16:11 +00:00
Ksenia
d2ae5c0d68 Fix issue#3269. Add 17 hexadecimal characters support aws_route_table (#3277)
Add support in aws_route_table to allow 17 hexadecimal characters
2018-08-09 08:16:03 -04:00
Miah Johnson
782be81807 Allow passing a message to set_skip_rule. Previously, the value passed
to set_skip_rule could be a boolean, or a message. Now value should
always be a boolean, and if a message is needed one can be passed and
will be set.
Allow only_if to take a message during control_eval DSL.
Add test for only_if(message).

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-08-07 11:37:59 -07:00
Chef Expeditor
5ce44b4d4b Bump version to 2.2.56 by Chef Expeditor 2018-08-07 16:12:51 +00:00
pete higgins
4ed7362f0c Enable inspec archive, check, and json to run as unpriveleged user (#3263)
* Add --vendor-cache flag for archive, check, and json commands.
* Remove unused ignore_supports flag for Inspec::Runner.

This flag was only set in two code paths that did not call
Inspec::Runner so setting it did not have any effect.

Signed-off-by: Pete Higgins <pete@peterhiggins.org>
2018-08-07 12:12:41 -04:00
Miah Johnson
2057ccbe5a Correct rubocop issue
Set {:result} on skip_rule instance variable.
check for msg[:result]

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-08-06 14:03:34 -07:00
Chef Expeditor
66bd4942f9 Bump version to 2.2.55 by Chef Expeditor 2018-08-03 14:07:26 +00:00
Jared Quick
73a40139a6 Add a merged json report for A2 (#3261)
* Provide a json_merge report used by A2 that merges all child profiles.

Signed-off-by: Jared Quick <jquick@chef.io>

* Merge profile controls from child up until we find something usable.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add testng for json_merged report.

Signed-off-by: Jared Quick <jquick@chef.io>

* Push the profile population to be later in the report.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-03 16:07:01 +02:00
Chef Expeditor
94428711ec Bump version to 2.2.54 by Chef Expeditor 2018-08-02 18:42:23 +00:00
Noel Georgi
b93da53237 Escaping package names for windows packages (#3259)
* Escaping package names for windows packages
* Fixing missed package_name ref
* Updating Mock SHA
* Removing unwanted file
* Linting fix

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-08-02 14:40:14 -04:00
Chef Expeditor
1c1b967d48 Bump version to 2.2.53 by Chef Expeditor 2018-08-02 18:39:23 +00:00
Jared Quick
6e59ef176b
Populate report code for merged controls (#3264)
* Populate the code section for all profiles where we merge controls.
* Fix rubocop issues.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-08-02 14:39:11 -04:00
Chef Expeditor
2ca2994cd6 Bump version to 2.2.52 by Chef Expeditor 2018-08-02 18:30:03 +00:00
Chef Expeditor
342c55d224 Bump version to 2.2.51 by Chef Expeditor 2018-08-02 15:44:03 +00:00
Miah Johnson
ca1746debb This commit updates only_if to allow a user to specify a message to say
why it was skipped. If the user does not supply a message the default
message is used.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-08-01 15:14:58 -07:00
Chef Expeditor
fa45c7d12c Bump version to 2.2.50 by Chef Expeditor 2018-07-26 18:13:45 +00:00
Bill (William) O'Neill
b349e7ae1d Since /proc/xen is an empty dir in Amazon Linux, inspec falsely detects docker instances as platform='xen' (#3243)
* Since /proc/xen is an empty dir in Amazon Linux, inspec falsely detects docker instances as platform='xen'
* Remove unnecessary rubocop comment

Signed-off-by: Bill ONeill <woneill@pobox.com>
2018-07-26 14:13:33 -04:00
Chef Expeditor
cc2acc1524 Bump version to 2.2.49 by Chef Expeditor 2018-07-26 17:49:34 +00:00
devoptimist
05da909ba1 Fix for profile version not being included in the compliance upload cli exist check (#3252)
Signed-off-by: devoptimist <sbrown@chef.io>
2018-07-26 13:49:23 -04:00
Chef Expeditor
aadc7fe97a Bump version to 2.2.48 by Chef Expeditor 2018-07-25 20:14:26 +00:00
Chef Expeditor
4c8d2a168e Bump version to 2.2.47 by Chef Expeditor 2018-07-25 20:10:54 +00:00
Chef Expeditor
2cdf3c61d4 Bump version to 2.2.46 by Chef Expeditor 2018-07-25 20:05:30 +00:00
Chef Expeditor
f2edb7a285 Bump version to 2.2.45 by Chef Expeditor 2018-07-25 20:01:53 +00:00
Jerry Aldrich
f2d64938b7 windows_feature resource: Add DISM support (#3224)
* windows_feature resource: Add DISM support

This modifies the `windows_feature` resource to fallback to DISM when
the `Get-WindowsFeature` command is not available.

* Allow specifying `:dism` or `:powershell`
* Replace stacktrace with smaller error message
* Add notes/todo about raise behavior
* Remove duplicated platform check

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-25 16:00:06 -04:00
Jerry Aldrich
2245bba021 cli: Downcase supermarket tool name to match URL (#3242)
* cli: Downcase supermarket tool name to match URL

This downcases the user provided tool name. Without this fetching the
profile will fail because the Supermarket API downcases in the URL.

* Add another downcase
* Add handling for `supermarket://owner_but_no_name`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-25 15:59:19 -04:00
Jerry Aldrich
c1d7b2cfa3 alpine resource: Fix small style issues (#3238)
* Constrain RuboCop disables to single method
* Add comment to Alpine package command
* Use single quotes for Alpine package command
* Change `it` statement to be readable

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-25 15:57:51 -04:00
Chef Expeditor
c647ac9469 Bump version to 2.2.44 by Chef Expeditor 2018-07-25 19:57:27 +00:00
James Stocks
fb0a8989db Add extra fault checking to git fetcher (#3239)
Raise with the stderr from `git ls-remote` if stderr is not empty.
This is useful when inspec runs in CI and you do not have direct control/troublshooting options.

Signed-off-by: James Stocks <jstocks@chef.io>
2018-07-25 15:57:03 -04:00
Chef Expeditor
3c0abf7774 Bump version to 2.2.43 by Chef Expeditor 2018-07-25 17:08:23 +00:00
Chef Expeditor
b8928aca74 Bump version to 2.2.42 by Chef Expeditor 2018-07-23 08:45:31 +00:00
Chef Expeditor
9d36e1b61a Bump version to 2.2.41 by Chef Expeditor 2018-07-19 19:07:50 +00:00
Dan Webb
a0fffa5286 Add Alpine package provider (#3215)
- Add Alpine tests
- Stub apk grep command for alpine
- Resolve (disable for now) rubocop ABC/CyclomaticComplexity/PerceivedComplexity

Signed-off-by: Dan Webb <dan.webb@damacus.io>
2018-07-19 15:07:36 -04:00
James Stocks
ca833afacf Generate describe code for an array of strings (#3227)
Context:
When testing a Windows registry key with a period character in it e.g. `explorer.exe` it is not possible to use `its("explorer.exe")` because the period would be interpreted as method chaining.
In this case, you must instead use `its(["explorer", "exe"])`
See https://github.com/inspec/inspec/issues/1281

This commit fixes `to_ruby`in `Inspec::Describe` so that it produces an array in the generated Inspec code instead of a string.

Signed-off-by: James Stocks <jstocks@chef.io>
2018-07-19 15:00:21 -04:00
Chef Expeditor
9581176633 Bump version to 2.2.40 by Chef Expeditor 2018-07-19 12:17:08 +00:00
Miah Johnson
bfd569fe99 Ensure resources fail that target something that isn't supported (#3231)
* Use fail_resource rather than skip_resource when the platform is not
supported by the resource.

* Update tests to handle failing on unsupported platforms.
Update functional tests.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-07-19 08:16:54 -04:00
Chef Expeditor
60177faa24 Bump version to 2.2.39 by Chef Expeditor 2018-07-18 20:55:41 +00:00
Chef Expeditor
d95ccadac7 Bump version to 2.2.38 by Chef Expeditor 2018-07-17 15:42:47 +00:00
Clinton Wolfe
02cb93ec23 Refactor 'inspec init profile' into a reusable component. (#3214)
* Refactor 'inspec init profile' into a reusable component.

base_cli.rb had several methods used internally, these are exposed so
lib/bundles/inspec-init/profile.rb can act as a library for anything
that needs to create new Inspec profiles programatically

* Move output methods to be public instance methods; and make Init::Profile into a working renderer.  Functional tests pass but could use some refactoring to be easier to use.
* Refactor, renaming vars to be clearer
* Move puts and exit calls into basecli
* Add comment about simplified ERB rendering in ruby 2.5.0+

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-07-17 11:42:36 -04:00
Chef Expeditor
fee139bafb Bump version to 2.2.37 by Chef Expeditor 2018-07-16 12:21:12 +00:00
Jerry Aldrich
706493f2f3 command resource: Allow redacting #to_s (#3207)
* command resource: Allow redacting `#to_s`
* Respond to feedback

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-16 08:20:57 -04:00
Chef Expeditor
409a71b28e Bump version to 2.2.36 by Chef Expeditor 2018-07-13 19:54:25 +00:00
Chef Expeditor
54a9b7a97e Bump version to 2.2.35 by Chef Expeditor 2018-07-09 17:57:56 +00:00
Stanislav Voroniy
a16877f427 A number of bug fixes and new features for oracledb_session resource (#3170)
Signed-off-by: Stanislav Voroniy <stas@voroniy.com>
2018-07-09 13:57:45 -04:00
Chef Expeditor
1eb31e1c31 Bump version to 2.2.34 by Chef Expeditor 2018-07-05 20:39:09 +00:00
Stanislav Voroniy
4112085ff7 fix for apache_conf to handle quoted Includes (#3193)
Signed-off-by: Stanislav Voroniy <stas@voroniy.com>
2018-07-05 16:38:58 -04:00
Chef Expeditor
eb40d23fb0 Bump version to 2.2.33 by Chef Expeditor 2018-07-05 19:44:41 +00:00
Clinton Wolfe
92e96ebedb Accept regexes for --controls option to inspec exec (#3179)
* Functional tests for regex control selection
* Implementation for regex-based control filtering

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-07-05 15:44:30 -04:00
Chef Expeditor
dc0c8b7cc0 Bump version to 2.2.32 by Chef Expeditor 2018-07-05 19:37:28 +00:00
Miah Johnson
a084187b21 When a profile is created with init, the last item after a / is the (#3175)
profile name. eg "with/slash" would result in a profile created in the
"with" directory named "slash"

Add test for inspec init, and updated other for new output.

Clean up profiles created during testing and place them in temporary
directories.

Describe our test a bit better.
Check that the profile was created in the right location.
Check that the profile is named correctly.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-07-05 15:37:18 -04:00
Noel Georgi
6fe13ce1eb Updating inspec with bastion options (#3180)
* Updating inspec with bastion options as per https://github.com/inspec/train/pull/310
* Updating train pin
* Adding --password to pass the test
* Revert "Updating train pin"
* PR changes

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-07-05 15:37:04 -04:00
Chef Expeditor
b94eec74fe Bump version to 2.2.31 by Chef Expeditor 2018-07-05 18:54:11 +00:00
Jerry Aldrich
b4c5475f26 cli: Add --insecure option for exec and shell (#3195)
* cli: Add `--insecure` option to `exec` and `shell`
* Move `--insecure` to target options

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-07-05 14:53:58 -04:00
Chef Expeditor
3fb1108c4d Bump version to 2.2.30 by Chef Expeditor 2018-07-05 18:20:25 +00:00
Chef Expeditor
30acc75ea5 Bump version to 2.2.29 by Chef Expeditor 2018-07-05 17:55:05 +00:00
Chef Expeditor
58bc7b78a5 Bump version to 2.2.28 by Chef Expeditor 2018-07-05 13:12:30 +00:00
Jared Quick
b31427673c
Update the node platform info to warn if we cannot find something. (#3186)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-07-05 09:12:18 -04:00
Chef Expeditor
311b906227 Bump version to 2.2.27 by Chef Expeditor 2018-06-29 12:43:45 +00:00
Clinton Wolfe
2ac5581d32 Document exit codes for 'inspec exec' and add --no-distinct-exit option (#3178)
* Add long description to inspec exec command, mentioning exit codes
* Modify website doc builder code to use long description if available
* Functional test for --distinct-exit flag
* Implement --distinct-exit option
* Inspec shell also needs the option

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-29 08:43:34 -04:00
Chef Expeditor
f09d115296 Bump version to 2.2.26 by Chef Expeditor 2018-06-26 19:14:36 +00:00
Clinton Wolfe
8683c54510 Update core resources with filtertable API changes (#3117)
* Search and replace filtertable methods to use new names, and rely on automatic methods
* Remove spurious exists? matchers - see https://relishapp.com/rspec/rspec-expectations/docs/built-in-matchers/exist-matcher
* Revert removing exists? - we'll do it on a separate PR
* Gah, didn't save before resolving conflict
* Add back name column on aws cloudtrail trails

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-26 15:14:21 -04:00
Chef Expeditor
d59f432986 Bump version to 2.2.25 by Chef Expeditor 2018-06-26 17:04:45 +00:00
Jared Quick
52694d4031 Add parent_profile field in json output (#3164)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-26 13:04:31 -04:00
Chef Expeditor
f9017b8467 Bump version to 2.2.24 by Chef Expeditor 2018-06-26 11:57:21 +00:00
Chef Expeditor
b85da4fb27 Bump version to 2.2.23 by Chef Expeditor 2018-06-26 11:54:00 +00:00
Chef Expeditor
639267adab Bump version to 2.2.22 by Chef Expeditor 2018-06-26 11:50:32 +00:00
Jerry Aldrich
737df411ef apache_conf resource: Strip quotes from values (#3142)
* apache_conf resource: Strip quotes from values
* Update regex to capture all vars between quotes
* Change `x` and `y` to proper variable names

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-06-26 07:48:48 -04:00
Clinton Wolfe
1d976921e3 Detect inspec-core mode and do not attempt to load cloud resources (#3163)
* Do not load AWS resources if SDK version mismatches
* Detect if we are running ins inspec-core mode, and do not attempt loading AWS or Azure if so.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-26 07:47:33 -04:00
Chef Expeditor
e680896f19 Bump version to 2.2.21 by Chef Expeditor 2018-06-26 11:47:11 +00:00
Colin Hebert
7deed13425 Add support for shallow link paths (#3168)
* Add support for shallow link paths
* Improve documentation of the

Signed-off-by: Colin Hebert <hebert.colin@gmail.com>
2018-06-26 07:47:00 -04:00
Chef Expeditor
0a0a7b7fe9 Bump version to 2.2.20 by Chef Expeditor 2018-06-21 18:20:07 +00:00
Clinton Wolfe
44c0fd2e4f
Accept symbols and downcased criteria in aws_iam_policy have_statement matcher (#3129)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-21 14:19:56 -04:00
Chef Expeditor
03b6dd8324 Bump version to 2.2.19 by Chef Expeditor 2018-06-21 17:38:00 +00:00
Jared Quick
12890408bb
Fix control merging when overriding child controls (#3155)
* Fix the control merging issues when overriding child controls.
* Fix rubocop issue and vendor compression.
* Add in lock file for vendor profile

Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-21 13:37:47 -04:00
Chef Expeditor
8f7c118d6b Bump version to 2.2.18 by Chef Expeditor 2018-06-21 01:28:08 +00:00
Jerry Aldrich
cf9ce1bfdc auditd resource: Add handling for sudo/no command (#3151)
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-06-20 21:27:53 -04:00
Chef Expeditor
4d3113c47e Bump version to 2.2.17 by Chef Expeditor 2018-06-19 12:54:26 +00:00
Jeremy Miller
6a0bf8b24d updated skip message to reflect accurate version of audit support (#3153)
Signed-off-by: Jeremy J. Miller <jm@chef.io>
2018-06-19 08:54:15 -04:00
Chef Expeditor
8eb559b293 Bump version to 2.2.16 by Chef Expeditor 2018-06-15 12:44:29 +00:00
Christoph Hartmann
b2e0bccea8 deprecate azure_generic_resource (#3132)
* deprecate azure_generic_resource

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2018-06-15 08:44:19 -04:00
Chef Expeditor
7fa616a2ed Bump version to 2.2.15 by Chef Expeditor 2018-06-14 19:26:14 +00:00
Chef Expeditor
6fc288ebb7 Bump version to 2.2.14 by Chef Expeditor 2018-06-14 18:05:35 +00:00
Jared Quick
7db83446ba
Add insecure option to the automate report json (#3124)
* Add insecure option to the automate report json.
* Add in automate and compliance json documentation.
* Fix typo.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-14 14:05:21 -04:00
Chef Expeditor
a4ad7dd809 Bump version to 2.2.13 by Chef Expeditor 2018-06-14 17:42:13 +00:00
Clinton Wolfe
7aa60852e6 Add list properties back to shadow (#3140)
* Un-deprecate plural properties on shadow; deprecate the singular versions
* Update filtertable interface to current
* A weak attempt at making the docs coherent
* Doc feedback per Jerry

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-14 13:42:00 -04:00
Chef Expeditor
b329b08aa6 Bump version to 2.2.12 by Chef Expeditor 2018-06-11 15:26:05 +00:00
Chef Expeditor
28fae56501 Bump version to 2.2.11 by Chef Expeditor 2018-06-11 12:12:59 +00:00
Jerry Aldrich
0b46fe1ac6 Translate auditd -s RHEL output to match CentOS (#3114)
This translates the output of `auditctl -s` on RHEL to match CentOS.

This is based on the details from issue #3113. I could not find a test
box that would give me the output to match what was reported.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-06-11 08:12:44 -04:00
Chef Expeditor
b354be0342 Bump version to 2.2.10 by Chef Expeditor 2018-06-08 01:32:24 +00:00
Chef Expeditor
630d83a5c2 Bump version to 2.2.9 by Chef Expeditor 2018-06-07 22:48:19 +00:00
Chef Expeditor
728dd4098c Bump version to 2.2.8 by Chef Expeditor 2018-06-07 19:06:27 +00:00
Clinton Wolfe
6f46d52242
Add aws_elb and aws_elbs resources (#3079)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-07 15:06:05 -04:00
Chef Expeditor
500688ae24 Bump version to 2.2.7 by Chef Expeditor 2018-06-07 18:42:00 +00:00
Miah Johnson
ab32446213 Adds a aws_flow_log resource with unit and integration testing. (#2906)
Signed-off-by: Miah Johnson <miah@chia-pet.org>
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-07 14:41:46 -04:00
Chef Expeditor
e834d91d19 Bump version to 2.2.6 by Chef Expeditor 2018-06-06 18:15:32 +00:00
Chef Expeditor
e48de7cb79 Bump version to 2.2.5 by Chef Expeditor 2018-06-06 18:11:02 +00:00
Chef Expeditor
ce37657cce Bump version to 2.2.4 by Chef Expeditor 2018-06-06 16:14:38 +00:00
Samuel Boucher
27995f37e8 Update junit reporter to add failures attribute (#3086)
Signed-off-by: Samuel Boucher <boucher.samuel.c@gmail.com>
2018-06-06 12:14:24 -04:00
Chef Expeditor
cd44ce6775 Bump version to 2.2.3 by Chef Expeditor 2018-06-06 15:57:02 +00:00
Jared Quick
06e1aa5379 Allow custom resources to access all other resources (#3108)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-06 11:56:51 -04:00
Chef Expeditor
b1fa538521 Bump version to 2.2.2 by Chef Expeditor 2018-06-06 02:35:24 +00:00
Clinton Wolfe
f9dd82f2f6
Add common methods to FilterTable automatically (#3104)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-05 22:35:09 -04:00
Chef Expeditor
f19352c211 Bump version to 2.2.1 by Chef Expeditor 2018-06-05 21:33:07 +00:00
Clinton Wolfe
ca6556e0fe
Add lazy-loading to FilterTable (#3093)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-05 17:32:52 -04:00
Chef Expeditor
10183aca1a Bump version to 2.2.0 by Chef Expeditor 2018-06-05 04:46:47 +00:00
Clinton Wolfe
4cd6cc07cc
Two fixes to FilterTable where criteria handling (#3045)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-05 00:46:32 -04:00
Chef Expeditor
87ce26f50b Bump version to 2.1.88 by Chef Expeditor 2018-06-05 00:21:12 +00:00
Clinton Wolfe
8c274daaa9
Refactor: Perform internal rename and add comments to FilterTable (#3047)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-06-04 20:20:59 -04:00
Chef Expeditor
8f57ec7824 Bump version to 2.1.87 by Chef Expeditor 2018-06-04 22:52:57 +00:00
Chef Expeditor
9f5614e041 Bump version to 2.1.86 by Chef Expeditor 2018-06-01 14:39:41 +00:00
Jared Quick
06ff747cfc
Detect windows packages with trailing spaces. (#3106)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-06-01 10:39:26 -04:00
Chef Expeditor
d187f0d010 Bump version to 2.1.85 by Chef Expeditor 2018-06-01 08:52:57 +00:00
Dominik Richter
ebd1d36600 support local npm package searches (#3105)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-06-01 10:52:46 +02:00
Chef Expeditor
b70910255f Bump version to 2.1.84 by Chef Expeditor 2018-05-31 21:12:05 +00:00
Jared Quick
924349b88b Fix the git fetcher to vendor correctly (#3097)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-31 13:53:14 -04:00
Noel Georgi
4888f4216a Fixing wrong attribute reference for rspec output (#3080)
Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-05-31 13:47:59 -04:00
Tor Magnus Rakvåg
34b393ed3c mssql_session default port and local_mode (#3031)
* set port default to nil, introduce local_mode
* raise instead of warning
* restore default port, allow explicit nil

Signed-off-by: Tor Magnus Rakvåg <tm@intility.no>
2018-05-31 13:47:28 -04:00
Noel Georgi
317a6d1953 Adding YAML reporter (#3081)
* Adding YAML reporter
* Updating yaml o/p
* Removing comment
* Adding UT for YAML reporter, adding missing reporters
* This PR takes care of the following:
 - Fixes the YAML reporter UT
 - Adds the report method to YAML reporter to support code example as in #3085
 - Disables the cyclomatic complexity Metric for reporter

Signed-off-by: Noel Georgi <18496730+frezbo@users.noreply.github.com>
2018-05-31 13:42:09 -04:00
Tor Magnus Rakvåg
71ba5018d2 Enhance groups resource with members property (#3029)
* implement members property
* flatten groups entry, extract flatten helper
* lints
* more idiomatic spec, add example of members testing

Signed-off-by: Tor Magnus Rakvåg <tm@intility.no>
2018-05-31 13:37:44 -04:00
Tor Magnus Rakvåg
367f91ea31 handle nil properties in iis_site (#3040)
* return nil instead of trying to index into nil
* fix typo
* add spec for deleted site

Signed-off-by: Tor Magnus Rakvåg <tm@intility.no>
2018-05-31 13:36:15 -04:00
Julian C. Dunn
1046a77027 Remove unneeded "-a" from the RPM query for performance improvement (#3077)
Signed-off-by: Julian C. Dunn <jdunn@chef.io>
2018-05-31 12:11:41 -04:00
Chef Expeditor
82e7eba197 Bump version to 2.1.83 by Chef Expeditor 2018-05-18 00:05:16 +00:00
Chef Expeditor
e77d96c957 Bump version to 2.1.82 by Chef Expeditor 2018-05-17 21:58:43 +00:00
Chef Expeditor
02097f2383 Bump version to 2.1.81 by Chef Expeditor 2018-05-17 18:41:09 +00:00
Chef Expeditor
c2d7caa9c6 Bump version to 2.1.80 by Chef Expeditor 2018-05-17 13:33:05 +00:00
Chef Expeditor
72ac8ea8bf Bump version to 2.1.79 by Chef Expeditor 2018-05-17 13:24:52 +00:00
Jared Quick
7e95bb2765 Add job_uuid passthrough for automate report. (#3064)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-17 15:24:38 +02:00
Chef Expeditor
19f2c45bf8 Bump version to 2.1.78 by Chef Expeditor 2018-05-16 19:20:41 +00:00
Chef Expeditor
a9f5aff7aa Bump version to 2.1.77 by Chef Expeditor 2018-05-16 19:04:42 +00:00
Chef Expeditor
9b44cd933d Bump version to 2.1.76 by Chef Expeditor 2018-05-16 18:07:47 +00:00
Chef Expeditor
6328f0a9b5 Bump version to 2.1.75 by Chef Expeditor 2018-05-16 17:33:28 +00:00
Jared Quick
da203a258b Add a passthrough for report_uuid in 'automate' reporter (#3057)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-16 13:33:17 -04:00
Chef Expeditor
7ee4177baa Bump version to 2.1.74 by Chef Expeditor 2018-05-16 17:21:33 +00:00
Chef Expeditor
f6ccfc9da7 Bump version to 2.1.73 by Chef Expeditor 2018-05-16 17:17:08 +00:00
Clinton Wolfe
a765afdbe6 Turns out we were deleting the hash args in the validation loop without dup'ing (#3044)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-05-16 13:16:57 -04:00
Chef Expeditor
e34dd65f58 Bump version to 2.1.72 by Chef Expeditor 2018-05-10 18:54:47 +00:00
Clinton Wolfe
af72574b34 Skeletal aws_ec2_instances resource (#3023)
* Add integration and unit tests for aws_ec2_instances
* Basic docs for aws_ec2_instances
* Add basic aws_ec2_instances resource

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-05-10 14:54:33 -04:00
Chef Expeditor
d1bc01f7d2 Bump version to 2.1.71 by Chef Expeditor 2018-05-10 18:49:59 +00:00
Chef Expeditor
cf1030c645 Bump version to 2.1.70 by Chef Expeditor 2018-05-10 17:53:49 +00:00
Jared Quick
08867e2f46 Include the profile dependency data in json reporter - 2.x release (#3033)
* Add depends section back to json profiles.
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-10 13:53:37 -04:00
Chef Expeditor
5d5f85b1a3 Bump version to 2.1.69 by Chef Expeditor 2018-05-09 19:16:01 +00:00
Chef Expeditor
71940514e4 Bump version to 2.1.68 by Chef Expeditor 2018-05-04 16:25:53 +00:00
Jared Quick
dabb1aa142
Fix the A2 vendoring with depends on the A2 server. (#3022)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-04 12:25:40 -04:00
Chef Expeditor
c4444cc1d9 Bump version to 2.1.67 by Chef Expeditor 2018-05-03 18:08:04 +00:00
Jared Quick
54c1ed62f9
Add A2 support for profile compliance depends. (#3014)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-03 14:07:53 -04:00
Jared Quick
7a11c51297
Fix the A2 compliance ssl flag (#3011)
* Fix the A2 compliance ssl flag.
* Add a2 fetcher tests.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-05-03 14:07:38 -04:00
Chef Expeditor
a905dc8133 Bump version to 2.1.66 by Chef Expeditor 2018-05-03 14:53:55 +00:00
Chef Expeditor
a5a7ddd538 Bump version to 2.1.65 by Chef Expeditor 2018-05-03 14:30:15 +00:00
Miah Johnson
67bbbb6ecf Split inspec into a core gem. (#3008)
* Split inspec into a core gem.
* Include inspec-core.gemspec, not inspec.gemspec.
* Only load aws and azure when the gems are installed.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-05-03 10:30:01 -04:00
Chef Expeditor
dd63d10a10 Bump version to 2.1.64 by Chef Expeditor 2018-05-03 13:57:50 +00:00
Jeremy
1407e681fc #2810 - Add check if aws s3 bucket is encrypted. (#2937)
* Add check if aws s3 bucket is encrypted.
Required terraform aws provider >= 1.6
Fix indentation issue in aws_s3_bucket.rb

* Implement most changes recommended by @TrevorBramble, and refactored other methods to align with recommendations (except Terraform nitpick; preference is to keep coding style consistent until full refactor).

Signed-off-by: Jeremy Phillips <github@uranusbytes.com>
2018-05-03 09:55:29 -04:00
Chef Expeditor
9c7192cb47 Bump version to 2.1.63 by Chef Expeditor 2018-05-03 13:53:30 +00:00
Jerry Aldrich
9e8724ca6e nginx_conf resource: Fix include paths with quotes (#2726)
* nginx_conf resource: Fix include paths with quotes
* Move quote removal to `NginxParser`
* Add parsers/tests for quotes in quotes

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-05-03 09:53:20 -04:00
Chef Expeditor
d4dc1bad69 Bump version to 2.1.62 by Chef Expeditor 2018-05-02 14:20:09 +00:00
James Stocks
b42bfeb77d cmp should recognise a string being a negative int (#3007)
Signed-off-by: James Stocks <jstocks@chef.io>
2018-05-02 10:19:57 -04:00
Chef Expeditor
91a92abf4b Bump version to 2.1.61 by Chef Expeditor 2018-04-29 18:00:24 +00:00
Chef Expeditor
7442804687 Bump version to 2.1.60 by Chef Expeditor 2018-04-27 14:57:25 +00:00
Chef Expeditor
e817dbc7bb Bump version to 2.1.59 by Chef Expeditor 2018-04-26 19:44:28 +00:00
Clinton Wolfe
1a00853cd8
Catch exceptions in control blocks and fail the control (#2987)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-26 15:44:16 -04:00
Chef Expeditor
39f9503915 Bump version to 2.1.58 by Chef Expeditor 2018-04-26 19:10:26 +00:00
Omar J. Irizarry
2495fd8196 extend os_env resource to select between Machine and User vars on Windows (#2945)
Signed-off-by: Omar J Irizarry <irizarry_omar_j@network.lilly.com>
2018-04-26 15:10:14 -04:00
Chef Expeditor
befbf5308c Bump version to 2.1.57 by Chef Expeditor 2018-04-26 16:29:23 +00:00
Christoph Hartmann
6b0c67e485 Fix case where res is nil in etc_group for inspec check (#2984)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2018-04-26 12:29:12 -04:00
Chef Expeditor
1466fd3c96 Bump version to 2.1.56 by Chef Expeditor 2018-04-26 15:54:30 +00:00
David Alexander
72925a7145 Makes JSON resource enumerable, despite method_missing magic (#2910)
Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2018-04-26 11:54:16 -04:00
Chef Expeditor
29573f7c37 Bump version to 2.1.55 by Chef Expeditor 2018-04-26 12:53:57 +00:00
Miah Johnson
709647c7c7 The #to_s method should return the @path rather than a hardcoded /etc/shadow. (#2978)
Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-04-26 08:53:42 -04:00
Chef Expeditor
a3f4833069 Bump version to 2.1.54 by Expeditor 2018-04-19 17:51:21 +00:00
Chef Expeditor
bbaf315ce1 Bump version to 2.1.53 by Expeditor 2018-04-19 17:09:35 +00:00
Clinton Wolfe
8934352935 Make names for AWS Config service objects optional (#2928)
* Update tests and docs to assume one recorder per region
* Config recorder supports singleton fetch
* Docs and tests for singleton mode delivery_channel
* Implementation for singleton delivery channel, and some other code cleanup
* Implement some feedback, and fix a bug in traversing the struct in looking for empty results

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-19 13:08:16 -04:00
Chef Expeditor
3ef40016cc Bump version to 2.1.52 by Expeditor 2018-04-19 17:06:29 +00:00
Chef Expeditor
6428abfd4e Bump version to 2.1.51 by Expeditor 2018-04-19 17:03:38 +00:00
Jared Quick
33fc15582a
Add A2 support to the inspec-compliance toolset (#2963)
* Add A2 support to the inspec-compliance toolset.
* Add json-config option for login.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-04-19 13:01:54 -04:00
Chef Expeditor
768dde71a7 Bump version to 2.1.50 by Expeditor 2018-04-19 17:00:54 +00:00
Henry Muru Paenga
a9e3b8d8d0 Amazon linux service mgmt detection (#2970)
Signed-off-by: Henry Muru Paenga <meringu@gmail.com>
2018-04-19 13:00:39 -04:00
Chef Expeditor
6d3ffb610d Bump version to 2.1.49 by Expeditor 2018-04-19 16:55:20 +00:00
Chef Expeditor
1a1f973471 Bump version to 2.1.48 by Expeditor 2018-04-17 17:24:41 +00:00
Clinton Wolfe
73b7b6942c
Inline and attached policies for aws_iam_user and aws_iam_users (#2947)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-17 13:22:28 -04:00
Chef Expeditor
a0a10e672c Bump version to 2.1.47 by Expeditor 2018-04-17 17:21:41 +00:00
Clinton Wolfe
146b60556d
Policy statement search: don't stacktrace on missing field (#2962)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-17 13:21:29 -04:00
Chef Expeditor
2e2346ff0c Bump version to 2.1.46 by Expeditor 2018-04-17 15:42:47 +00:00
Chef Expeditor
8426659bf2 Bump version to 2.1.45 by Expeditor 2018-04-16 14:04:13 +00:00
Clinton Wolfe
6853f232fa aws_iam_policy statement search fix for degenerate policies (#2958)
* Bug replication tests, unit and integration
* Fixes statement_count
* Fixes statement_count and have_statement
* rubocop trim whitespace

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-16 10:04:00 -04:00
Chef Expeditor
4931c5ace8 Bump version to 2.1.44 by Expeditor 2018-04-13 21:26:06 +00:00
Nathan Haneysmith
1c58202dbc updating output for aws_iam_role to match other AWS resources (#2960)
Signed-off-by: Nathan Haneysmith <nathan@chef.io>
2018-04-13 17:25:53 -04:00
Chef Expeditor
b0cd9316d5 Bump version to 2.1.43 by Expeditor 2018-04-12 21:58:07 +00:00
Jerry Aldrich
096481363d powershell resource: Add support line for Unix (#2952)
This allows the `powershell` resource to work on Linux/Unix/OSX

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-04-12 17:57:56 -04:00
Chef Expeditor
c82424b1cc Bump version to 2.1.42 by Expeditor 2018-04-12 20:18:49 +00:00
Jerry Aldrich
e33619264f Add Cisco IOS enable_password support (#2905)
* Add IOS transport and `enable_password` support
* Remove Cisco IOS connection swap (moving to Train)
* Pin to Train 1.4.0

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-04-12 16:18:34 -04:00
Chef Expeditor
9940dec0d7 Bump version to 2.1.41 by Expeditor 2018-04-12 20:15:19 +00:00
Omar J. Irizarry
a278ae921b Require a key attribute for the key_rsa resource (#2891)
Bug Fix #2865
* Defining an attribute without a default value generates a stacktrace
* Fix string quotes
* Moved logic out of the initilize method.
* Refactoring for better clarity.
* Fixing trailing white spaces
Signed-off-by: Omar J Irizarry <irizarry_omar_j@network.lilly.com>
2018-04-12 16:15:04 -04:00
Chef Expeditor
0c3bec2634 Bump version to 2.1.40 by Expeditor 2018-04-12 19:49:07 +00:00
Clinton Wolfe
745ff32c80 Basic fields for aws_vpcs (#2930)
* Update singular implementation to avoid use of inner object
* Update docs and tests for 3 new filters and properties on aws_vpcs
* Implement new filters and properties; one failing test due to odd FilterTable behavior
* changes to avoid bug 2929

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-12 15:48:55 -04:00
Chef Expeditor
b0f34ffd21 Bump version to 2.1.39 by Expeditor 2018-04-12 19:37:36 +00:00
Miah Johnson
b40e553f15 Ensure @params in shadow resource always has a valid value. (#2939)
* Add tests for method chained shadow resource with readable and
unreadable shadow files.

Ensure @params always has a safe value, otherwise we may stacktrace when
unable to read /etc/shadow and invoked with method chaining.

* Wrap deprecation notices with a proc/must_output to clean up test
output.

Added some missing newlines.

Catch deprecation notice on `lines`.

* Resolve the majority of the issues pointed out by @tbramble.

Deprecate `lines`; its really only used internally but it was 'exposed'
through tests and who knows if there is external use. `lines` is not
documented as a property at least..

`#set_params` is much better now =)

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-04-12 15:37:22 -04:00
Bj Maldonado
eff4de6784 Fixed Docs asking for instead of (#2933)
Signed-off-by: Bj Maldonado <bj@maldonado.io>
2018-04-12 15:26:32 -04:00
Chef Expeditor
b0ce734035 Bump version to 2.1.38 by Expeditor 2018-04-12 18:31:16 +00:00
Clinton Wolfe
7130a77c06
Policy Statement Search capability for aws_iam_policy (#2918)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-12 14:31:02 -04:00
Chef Expeditor
c83b887785 Bump version to 2.1.37 by Expeditor 2018-04-12 13:59:49 +00:00
Piotr Gospodarek
41c3dfccfe Add target attribute to test results for JUnit reporter. (#2839)
Signed-off-by: Piotr Gospodarek <pgospodarek@outlook.com>
2018-04-12 09:59:34 -04:00
Chef Expeditor
7173a8f66c Bump version to 2.1.36 by Expeditor 2018-04-11 19:13:49 +00:00
Chef Expeditor
eb3ae2aca4 Bump version to 2.1.35 by Expeditor 2018-04-11 19:11:14 +00:00
Trevor Bramble
6bfe741625 Add warning when returning DEFAULT_ATTRIBUTE (#2934)
When the anonymous DEFAULT_ATTRIBUTE class is used, log a warning.

We now pass in the attribute name to that class so it can be used in the
log message.

Signed-off-by: Trevor Bramble <tbramble@chef.io>
2018-04-11 15:11:01 -04:00
Chef Expeditor
ed625d22a1 Bump version to 2.1.34 by Expeditor 2018-04-11 08:24:58 +00:00
Chef Expeditor
1153d226d9 Bump version to 2.1.33 by Expeditor 2018-04-06 18:22:35 +00:00
Clinton Wolfe
4200fdd779 AWS Security Group Rules properties and matchers (#2876)
Provides low-, and mid-level properties and matchers for examining rules on aws_security_group.

* Second draft of docs for SG rules interface; need to clarify semantics of reject
* First cut at unit tests
* Cleanup test fixtures
* Implementation for allow, with plausible unit tests
* Doc updates based on reality
* Add integration tests; move allow to allow_ / out; several docs updates
* Add be_open_to_the_world and be_open_to_the_world_on_port
* Update docs to reflect adding allow_only
* Update docs to reflect use of position to allow multiple rules with 'only'
* Implement allow_only with unit tests; still need integration tests
* Add integration tests for allow_only

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-04-06 14:22:25 -04:00
Chef Expeditor
4a80cf936e Bump version to 2.1.32 by Expeditor 2018-04-06 18:07:42 +00:00
Matthew Dromazos
b5a0007851 aws_cloudtrail_trail feature: test how many days ago logs were delivered (#2887)
* * Adds new property to test how many days ago the CloudTrail delivered logs to the CloudWatch Logs.

* * Changes query for selected cloud trail in unit test
* Changes uses Time.now explicitly instead of making a variable in the unit test

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-06 14:04:57 -04:00
Chef Expeditor
8fa93587c0 Bump version to 2.1.31 by Expeditor 2018-04-06 18:04:28 +00:00
Matthew Dromazos
74076bc44a aws_iam_group feature: test users in an iam group (#2888)
* Adds new property to test the users in an aws_iam_group
* Adds terraform code to add the recall_hit user to the administrator group

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-06 14:04:13 -04:00
Chef Expeditor
c9be74ba86 Bump version to 2.1.30 by Expeditor 2018-04-05 16:52:28 +00:00
Matthew Dromazos
c04a98c9f8 New Skeletal Resource aws_route_tables (#2643)
* Initial commit of skeletal resource aws_route_tables
* Fixes issues with documentation
* Renames route table terraform resources to be more conventional
* Removes tags terraform resources
* Changes aws_route_table and aws_route_tables integration tests to use new terraform names
* Removes unneeded data given in unit tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-05 12:51:22 -04:00
Chef Expeditor
2b1259c994 Bump version to 2.1.29 by Expeditor 2018-04-05 16:49:41 +00:00
Matthew Dromazos
0df67fc7d0 New Skeletal Resource aws_s3_buckets (#2653)
* Initial commit of skeletal resource aws_s3_buckets
* Add fixes to documents
* Removes property 'creation_date' for there is no use case as of right now
* Rebases on master and moves aws_s3_buckets integration test to the correct location
* Adds test on unit test for false exists

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-04-05 12:49:30 -04:00
Chef Expeditor
6a87b6e0db Bump version to 2.1.28 by Expeditor 2018-04-05 12:56:08 +00:00
David Alexander
3b97e16b97 New Resource: Chocolatey Package (#2793)
* Adds chocolatey package resource
* Adds docs for chocolatey_package resource
* Differentiate chocolatey package from windows feature

Suggested by @frezbo

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2018-04-05 08:54:27 -04:00
Chef Expeditor
3acbb47287 Bump version to 2.1.27 by Expeditor 2018-04-05 12:53:31 +00:00
Jared Quick
b246cf7d21
Add automate reporter (#2902)
* Add automate reporter.
* Add ssl flag for automate post.
* Rename ssl flag.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-04-05 08:51:51 -04:00
Chef Expeditor
d5aac39de1 Bump version to 2.1.26 by Expeditor 2018-04-05 12:50:59 +00:00
Chef Expeditor
cd745f8b9b Bump version to 2.1.25 by Expeditor 2018-04-05 12:35:30 +00:00
Zakhar Kleyman
bcff97a087 add systemd service for amazon linux 2 (#2901)
* add systemd service for amazon linux 2
* inverse systemd/upstart logic for amazon service detection

Signed-off-by: Zakhar Kleyman <zakhar.kleyman@mongodb.com>
2018-04-05 08:35:20 -04:00
Chef Expeditor
46188051fa Bump version to 2.1.24 by Expeditor 2018-04-03 15:09:25 +00:00
Gary
a42cb799fa Added desc to steer people to correct resource (#2908)
Signed-off-by: DigitalGaz <digitalgaz@hotmail.com>
2018-04-03 11:09:13 -04:00
Chef Expeditor
4186d871bf Bump version to 2.1.23 by Expeditor 2018-04-03 13:17:59 +00:00
Chef Expeditor
16273c27b8 Bump version to 2.1.22 by Expeditor 2018-04-03 13:14:04 +00:00
Paul Welch
27203110cd Add AWS hardware MFA matcher (#2892)
* Add AWS hardware MFA matcher
Adding a hardware as well as a virtual MFA matcher for aws_iam_root_user
resource

* Add New AWS Root Matcher Docs
- Add documentation for new root MFA matchers
- Fix logic for checking MFA devices from feedback on PR

* Add Integration tests for MFA matchers
- Add integration tests for virtual and hardware MFA matchers
- Clean up logic for has_virtual_mfa_enabled? method

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-04-03 09:13:52 -04:00
Chef Expeditor
4e13564ea0 Bump version to 2.1.21 by Expeditor 2018-03-29 17:02:13 +00:00
Paul Welch
d3b90a7c9f Pw/pip windows bug (#2883)
* Add python check for pip resource

When checking pip resources, we should skip resource if python is not
installed or we will fail with an error when trying to parse the path.

* Check pip command on windows

On Windows, if pip has a newer version available, it adds an error
message to stderr. Now checking if both stderr and stdout on windows
have values. If so, assume pip package is installed.

* Clean up powershell query command

- Make it easier to read what the powershell command is doing
- Make it easier to read what the cmd_successful method lokos for

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-03-29 13:01:59 -04:00
Chef Expeditor
9d5e638d8e Bump version to 2.1.20 by Expeditor 2018-03-29 16:53:22 +00:00
Chef Expeditor
698a61d9fb Bump version to 2.1.19 by Expeditor 2018-03-29 16:50:51 +00:00
Trevor Bramble
a40f857e2b Change route_table_id regexp for correctness (#2885)
Without the terminating character ($), it just accepted any characters
at all after the initial matching set.

Also add some tests to assure we're raising appropriately.

Co-authored-by: Trevor Bramble <tbramble@chef.io>
Co-authored-by: Joshua Padgett <jpadgett@chef.io>

Signed-off-by: Trevor Bramble <tbramble@chef.io>
2018-03-29 12:50:40 -04:00
Chef Expeditor
57c36790a3 Bump version to 2.1.18 by Expeditor 2018-03-29 15:57:29 +00:00
Jerry Aldrich
2c4f041e9d powershell resource: Add support other OSs (#2894)
This adds `powershell` resource support for non-Windows OSs via `pwsh`
and Base64 encoded commands.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-29 11:57:15 -04:00
Chef Expeditor
63e1dc0633 Bump version to 2.1.17 by Expeditor 2018-03-28 15:27:25 +00:00
Chef Expeditor
643ea50bd8 Bump version to 2.1.16 by Expeditor 2018-03-28 15:24:51 +00:00
Mo Shark
fc3f1708c4 Porting over the singular rds resource from the aws-inspec git repo (#2866)
Signed-off-by: HackerShark <melsharkawi@mitre.org>
2018-03-28 11:23:44 -04:00
Chef Expeditor
578ad09cd7 Bump version to 2.1.15 by Expeditor 2018-03-28 15:22:17 +00:00
eramoto
53a53820cf Mitigate trivial warning output on test (#2872)
* Mitigate trivial warning on test by initializing
Also fixes passing a ambiguous argument.
* Mitigate trivial warning by removing redundant method

Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
2018-03-28 11:22:01 -04:00
Chef Expeditor
a5ff79d308 Bump version to 2.1.14 by Expeditor 2018-03-26 19:44:43 +00:00
Omar J. Irizarry
ef8da475d3 registry_key resource was returning an incorrect value (#2871)
* registry_key resource was returning an incorrect value
when key value was greater than 2147483647
* added mock
* Fix issue with default reg key
(default) key was returning nil even when a value was present.

Signed-off-by: Omar Irizarry <irizarry_omar_j@network.lilly.com>
2018-03-26 15:44:31 -04:00
Chef Expeditor
347ff48d51 Bump version to 2.1.13 by Expeditor 2018-03-26 18:28:22 +00:00
Chef Expeditor
5d73d42d8c Bump version to 2.1.12 by Expeditor 2018-03-26 18:03:39 +00:00
Matthew Dromazos
0cbe5b60e5 New Skeletal Resource aws_config_delivery_channel (#2641)
* Initial commit of new skeletal resource aws_config_delivery_channel
* Changes delivery_frequency to be an integer and names delivery_frequency_in_hours
* Adds more documentation and clarifies descriptions
* Wraps API call in the aws_catch_errors function
* Changes config bucket name to use dashes instead of underscores
* Updates on master and changes directory location of build and integration files
* Fix integration tests to only create one ConfigRecorder

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-26 14:03:23 -04:00
Chef Expeditor
30e7e74245 Bump version to 2.1.11 by Expeditor 2018-03-23 12:29:58 +00:00
Matthew Dromazos
603bef6f29 New Skeletal Resource aws_kms_key (#2746)
* Initial commit of skeletal resource aws_kms_key
* * Adds comments to rerun travis
* * Clarifies some parts of the doc.
* Changes matcher have_aws_key_manager to manged_by_aws
* Fixes copypasta
* Adds clarification to property names
* Fixes rescueing exceptions from the api
* raises exceptions in the unit tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-23 08:29:45 -04:00
Chef Expeditor
473a260279 Bump version to 2.1.10 by Expeditor 2018-03-22 21:07:04 +00:00
Chef Expeditor
81201fa988 Bump version to 2.1.9 by Expeditor 2018-03-22 18:53:06 +00:00
Christian Becker
15ab5ba9de Added support for proxy_command (#2385)
NOTE This is just a simple wrapper which relies on the underlying support being added to train: https://github.com/chef/train/pull/227

Signed-off-by: Christian Becker <c.becker@mediaevent.services>
2018-03-22 14:52:54 -04:00
Chef Expeditor
4321ecb603 Bump version to 2.1.8 by Expeditor 2018-03-22 17:38:55 +00:00
Matthew Dromazos
9077a7b17b New Skeletal Resource aws_sns_subscription (#2697)
* Initial commit of skeletal resource aws_sns_subscription
* Fixes errors in documentation
* Clarifies documentation
* Wraps calls to aws api in catch_aws_errors metho
* Fixes integration tests

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-22 13:38:40 -04:00
Chef Expeditor
eb5302074a Bump version to 2.1.7 by Expeditor 2018-03-22 16:59:20 +00:00
Trevor Bramble
be83af35c5
Revise /etc/hosts for correctness and clarity (#2863)
* Clean up test data, correct parse error handling
 * Use functional pipeline to avoid need for conditional clauses and clarify the intent of the comment parsing.
 * Extract magic strings to constants
 * Remove code and tests now covered by FileReader

Co-authored-by: Trevor Bramble <tbramble@chef.io>
Co-authored-by: Paul Welch <pwelch@chef.io>

Signed-off-by: Trevor Bramble <tbramble@chef.io>
2018-03-22 09:58:22 -07:00
Chef Expeditor
b568a1bce9 Bump version to 2.1.6 by Expeditor 2018-03-22 16:56:46 +00:00
Matthew Dromazos
1bb565c708 New Skeletal Resource aws_sns_topics (#2696)
* Initial commit of skeletal resource aws_sns_topics
* Adds clarification in documentation
* Adds functionality for calling the next token returned from aws api.
* Wraps api calls in the catch_aws_errs method

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-22 12:55:23 -04:00
Chef Expeditor
007e23af5b Bump version to 2.1.5 by Expeditor 2018-03-22 12:25:57 +00:00
eramoto
c7e87ca3e3 Unify method in which file content is read across all resources (#2359)
* Create file-check functionality into utility file

There are the similar issues as PR #2302. Almost resources return false
positives when a file does not exist or is not read.

* Replace to file-check functionality
* Fix dh_params and x509_certificate resources

If a file is empty, OpenSSL::PKey::DH and OpenSSL::X509::Certificate have
raised an exception and have skipped the inspection. Thus x509_certificate
and dh_params resources are not allowed to read a empty file.

* to_s of shadow expects filters is not nil
* Remove workaround of sshd_config

Removes the workaround of sshd_config since Travis CI fails due to a bug
of dev-sec/ssh-baseline and the PR #100 will fix it.

* Use init block variable in methods

Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
2018-03-22 08:25:45 -04:00
Chef Expeditor
8d8edea7f3 Bump version to 2.1.4 by Expeditor 2018-03-21 17:53:35 +00:00
Paul Welch
dc9ea8d1d2 Correct support platform for audit_policy (#2850)
Audity Policy resource is only used on the windows platform and
was incorrectly set to unix.

Fixes #2829

Co-authored-by: Trevor Bramble <tbramble@chef.io>
Co-authored-by: Paul Welch <pwelch@chef.io>

Signed-off-by: Paul Welch <pwelch@chef.io>
2018-03-21 13:53:24 -04:00
Chef Expeditor
8fa49b8428 Bump version to 2.1.3 by Expeditor 2018-03-21 17:47:19 +00:00
Jared Quick
4f6aa79cb8 Remove supports for generic resources. (#2848)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-03-21 10:45:23 -07:00
Chef Expeditor
716078c786 Bump version to 2.1.2 by Expeditor 2018-03-21 17:44:42 +00:00
eramoto
a687479e6c Fix typo in some docs (#2841)
Also includes fixes such as PostgreSQL, TCPMUX, and etc.

Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
2018-03-20 08:43:30 -04:00
Chef Expeditor
58d2b01d3f Bump version to 2.1.1 by Expeditor 2018-03-19 17:10:30 +00:00
Matthew Dromazos
555de72912 Skelatal resource: aws_s3_bucket_object (#2620)
* Initial commit of new resource
* Makes changes to docs to match changes to the resources.
* Adds clarifications in docs and changes it to be an erb file.
* Simplifies some unit tests
* Wraps calls to the api in a aws_catch_errors method
* Removes provisioner terraform code

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-03-19 13:10:17 -04:00
Chef Expeditor
74b8a5ea5a Bump version to 2.1.0 by Expeditor 2018-03-15 19:08:42 +00:00
Jared Quick
fafa681f5c
Set backend cache to defualt true. (#2827)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-03-15 15:08:34 -04:00
Chef Expeditor
f988d52b8d Bump version to 2.0.49 by Expeditor 2018-03-14 13:36:00 +00:00
Chef Expeditor
3a64dffb7d Bump version to 2.0.48 by Expeditor 2018-03-12 13:02:51 +00:00
Jerry Aldrich
439fcb5993 Write version_constraints as an array for inspec.lock (#2619)
* Modify version constraints to be an Array

This will allow both old and new versions of InSpec to parse the
`inspec.lock` correctly.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-12 09:02:37 -04:00
Chef Expeditor
c3064f0b0d Bump version to 2.0.47 by Expeditor 2018-03-09 13:41:35 +00:00
Tom Hodder
eeeeda18d8 quote password when generating mysql command string (#2685)
* quote password when generating mysql command string
* added a test for mysql_session, added shellwords escaping to mysql_session resource
* changed the name of the escape method
* clarified test conditions

Signed-off-by: Tom Hodder <tom@limepepper.co.uk>
2018-03-09 08:41:21 -05:00
Chef Expeditor
50772a67ef Bump version to 2.0.46 by Expeditor 2018-03-09 04:22:48 +00:00
Chef Expeditor
4d510f9c3c Bump version to 2.0.45 by Expeditor 2018-03-08 22:26:21 +00:00
Miah Johnson
75f39e74f2 Refine deprecated methods to be consisten with supported fields in (#2801)
shadow file.

After much thought the deprecations from #2642 were for the wrong methods.

Plural method names feel much more natural when working with this
resource because you can have more than a single result.

Consider a match like `shadow.user(/^www/)`, this could return multiple
users, so `shadow.users` feels more natural here.

The problem is that the fields we're matching in the shadow file itself
are singular. Each entry is for a user, which has a password, and some
other fields. A user never has `passwords` in the shadow file, only a
`password`.

This is made more obvious when you use the `filter` method.

When we use this filter: `shadow.filter(min_days: 20, max_days: 30)` we
are matching fields in the shadow file and not using our matcher
methods. This means that if there is a discrepancy between our matcher
methods, and the shadow fields the user could end up confused. Like I did =)

This PR changes:

Changed matchers to match shadow fields.
Updated documentation to reflect changes.
Updated tests to reflect changes.
Re-add `filter` method, and add a test for it.
Renamed variable for FilterTable to be less confusing.
Renamed query argument for methods to be consistent.
Cleanup docs based on comments from @jerryaldrichiii
Make Rubocop happy <3

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-03-08 17:26:08 -05:00
Chef Expeditor
e3a3b00859 Bump version to 2.0.44 by Expeditor 2018-03-08 21:02:04 +00:00
Miah Johnson
5fee525be8 Remove os checks from initialize as this is provided by platform (#2797)
Removes skip_resource and raise .. if InSpec.os stuff from initialize as this is covered by platform support.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-03-08 16:01:50 -05:00
Chef Expeditor
c42d8c12ad Bump version to 2.0.43 by Expeditor 2018-03-08 20:46:11 +00:00
Jared Quick
a9127d3f6c
Create reporter directory if it does not exist. (#2798)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-03-08 15:45:59 -05:00
Chef Expeditor
9a46d5a97b Bump version to 2.0.42 by Expeditor 2018-03-08 20:38:28 +00:00
Noel Georgi
4c54e3fdd9 Added the missing variable reference (#2794)
Signed-off-by: Noel Georgi <noel.georgi@reancloud.com>
2018-03-08 15:38:14 -05:00
Chef Expeditor
4d6e35b0b5 Bump version to 2.0.41 by Expeditor 2018-03-08 04:04:39 +00:00
Wei He
a3898db2fe Fix http with connection error (#2770)
* fix: http resource handle connection failed (ex. port is not open)
* add test case

Signed-off-by: Wing924 <weihe924stephen@gmail.com>
2018-03-07 23:04:26 -05:00
Chef Expeditor
18675ae326 Bump version to 2.0.40 by Expeditor 2018-03-07 15:09:33 +00:00
Christoph Hartmann
3d87d75c5a
return 1 as exit code for commands that are not available (#2792)
* return 1 as exit code for commands that are not available

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>

* update tests

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2018-03-07 16:09:22 +01:00
Chef Expeditor
9dca812689 Bump version to 2.0.39 by Expeditor 2018-03-07 14:31:45 +00:00
Miah Johnson
f6db0e345a Update shadow resource to use FilterTable (#2642)
* Change shadow resource to use FilterTable rather than custom filter
implementation.

Add tests for singluar aliased methods and other minor changes to work
with FilterTable output.
Coverage is at 100%

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* merge master

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2018-03-07 15:31:30 +01:00
Chef Expeditor
acd20e8aea Bump version to 2.0.38 by Expeditor 2018-03-07 13:39:37 +00:00
João Vale
3e2450e703 Host resource: use bash over netcat in Linux (#2607)
* Add support to use bash in host resource

Netcat's presence is widely regarded as a security issue, and thus not
always available. This solution first tries to use bash builtins and
timeout (from coreutils), so is less likely to require installing
additional packages.

* Darwin UDP support in host resource
* Host: use netcat first if available

Signed-off-by: João Vale <jpvale@gmail.com>
2018-03-07 08:39:27 -05:00
Chef Expeditor
b8d165d13f Bump version to 2.0.37 by Expeditor 2018-03-06 13:56:27 +00:00
Jerry Aldrich
e4e907624a iptables resource: Add support for other bin paths (#2783)
* iptables resource: Add support for other bin paths
* Use `%w{}` instead of `[]`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-06 08:56:15 -05:00
Chef Expeditor
fad22481b8 Bump version to 2.0.36 by Expeditor 2018-03-02 18:51:06 +00:00
Chef Expeditor
a6852a6f5a Bump version to 2.0.35 by Expeditor 2018-03-02 18:45:29 +00:00
Clinton Wolfe
d0e6d2eb72 AWS API Pagination fixes (#2762)
* Add pagination support to aws_iam_groups
* Add pagination support to aws_iam_policy
* Add pagination to aws_iam_policies
* Adds pagination to aws_iam_access_keys
* Adds pagination to aws_kms_keys

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-03-02 13:45:17 -05:00
Chef Expeditor
1e5c3d4d0d Bump version to 2.0.34 by Expeditor 2018-03-02 14:14:17 +00:00
Richard Nixon
47e4c578e0 Fix aws-iam-users pagination (#2761)
* Fix aws-iam-users pagination

PROBLEM: aws-iam-users resource only retrieves 100 records due to pagination
in the AWS IAM list_users function.

FIX: Iterate over all the pages using the AWS pagination variables `marker`
and `is_truncated`

Signed-off-by: Richard Nixon <richard.nixon@btinternet.com>
2018-03-02 09:14:05 -05:00
Chef Expeditor
3e5a8c110a Bump version to 2.0.33 by Expeditor 2018-03-02 14:03:11 +00:00
Jerry Aldrich
3da8fd1e98 command resource: Add exist? for Alpine Linux (#2768)
This allows `command('foo').exist?` to work on Alpine Linux.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-03-02 09:02:58 -05:00
Chef Expeditor
f7e8266e6a Bump version to 2.0.32 by Expeditor 2018-03-01 19:30:20 +00:00
Noel Georgi
dd033fbf1b mssql_session - Handling cases where the data is nil (#2752)
* Fixing bug where the row data returned is nil

Signed-off-by: Noel Georgi <noel.georgi@reancloud.com>
2018-03-01 14:30:07 -05:00
Chef Expeditor
087a9e5776 Bump version to 2.0.31 by Expeditor 2018-03-01 14:20:30 +00:00
Chef Expeditor
e38d4b762b Bump version to 2.0.30 by Expeditor 2018-02-28 19:23:09 +00:00
Jerry Aldrich
4631306ef1 virtualization_resource: Fix NoMethodError on nil:NilClass (#2603)
* Move instance variable to avoid `NoMethodError`

Methods for `role` and `system` properties are dynamically generated and
return values from the `@virtualization_data` Mash. Therefor, we must
ensure `@virtualization_data` exists before calling these methods.

* Move supports logic to `supports platform: linux`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-28 14:22:55 -05:00
Chef Expeditor
48958a8924 Bump version to 2.0.29 by Expeditor 2018-02-28 18:47:22 +00:00
Chef Expeditor
af38fa7c56 Bump version to 2.0.28 by Expeditor 2018-02-27 18:15:21 +00:00
Matthew Dromazos
4394c5efc8 New Resource aws_config_recorder (#2635)
* Initial commit of new resource
* Removes deprecated matcher in example
* Adds a new terraform file for config resources
* Fixes and clarifies documentation
* Wraps calls to api in catch_aws_errors method
* Changes the names of two matchers

Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
2018-02-27 13:15:04 -05:00
Chef Expeditor
4e6b3bb1ba Bump version to 2.0.27 by Expeditor 2018-02-27 18:00:09 +00:00
Christian Becker
b7687765f5 http resource: Support OPTIONS method (#2742)
Signed-off-by: Christian Becker <c.becker@mediaevent.services>
2018-02-27 12:59:53 -05:00
Chef Expeditor
6d479db798 Bump version to 2.0.26 by Expeditor 2018-02-26 21:51:03 +00:00
Jared Quick
62cb6bb846
Make sure we have a proper exit code and report data. (#2747)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-26 16:50:51 -05:00
Chef Expeditor
8079bde6eb Bump version to 2.0.25 by Expeditor 2018-02-26 21:37:48 +00:00
Chef Expeditor
9f07f0899d Bump version to 2.0.24 by Expeditor 2018-02-26 16:10:21 +00:00
Chef Expeditor
17b0fbb981 Bump version to 2.0.23 by Expeditor 2018-02-26 16:01:37 +00:00
Jared Quick
20a0b0e025
Fix inspec check to work with platforms (#2737)
* Fix inspec check to work with platforms.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-26 11:01:23 -05:00
Julian C. Dunn
b9d06d7413 Fix infrastructure code example and typo in parse_config_file reference (#2708)
* Fix infrastructure code example and typo in parse_config_file reference.

Signed-off-by: Julian C. Dunn <jdunn@chef.io>
2018-02-23 16:57:59 -05:00
Chef Expeditor
527595472b Bump version to 2.0.22 by Expeditor 2018-02-23 20:29:06 +00:00
Chef Expeditor
30ff651cbf Bump version to 2.0.21 by Expeditor 2018-02-23 14:01:26 +00:00
Jerry Aldrich
448eeb4637 package resource: Fix brew package detection (#2730)
* package resource: Fix `brew` package detection

This allows for package detection via `brew` to handle cases where a
particular package formula exists but is not installed.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-23 09:01:14 -05:00
Chef Expeditor
b746c355ae Bump version to 2.0.20 by Expeditor 2018-02-22 15:45:34 +00:00
Chef Expeditor
84b187328e Bump version to 2.0.19 by Expeditor 2018-02-22 00:45:47 +00:00
Chef Expeditor
ef0efb8a97 Bump version to 2.0.18 by Expeditor 2018-02-22 00:43:06 +00:00
Chef Expeditor
d9e000a1cc Bump version to 2.0.17 by Expeditor 2018-02-20 12:37:34 +00:00
Jared Quick
378e7c5048
Update shell detect to work with platforms (#2712)
* Update shell to use the same detect logic as cli detect.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-20 07:37:23 -05:00
Chef Expeditor
0b3b5f7dc3 Bump version to 2.0.16 by Expeditor 2018-02-20 01:04:28 +00:00
Chef Expeditor
ec61b4d7ed Bump version to 2.0.15 by Expeditor 2018-02-20 00:57:29 +00:00
Chef Expeditor
9b374a92d3 Bump version to 2.0.14 by Expeditor 2018-02-19 21:14:13 +00:00
Chef Expeditor
def4f56e40 Bump version to 2.0.13 by Expeditor 2018-02-19 20:24:14 +00:00
Franklin Webber
b9efb1d999 Fixes the deprecation warning text for report and output. (#2694)
* Fixes the deprecation warning text for report and output.

Remove an extra 'is being' from the 'is being is being'

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-02-19 11:52:56 -05:00
Chef Expeditor
2f40fc8eb7 Bump version to 2.0.12 by Expeditor 2018-02-19 14:26:58 +00:00
Miah Johnson
7b23fa479c Add correct supports platform to resources. (#2674)
* Add correct `supports platform` to resources.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Remove 'os_family' and update platforms to specify what they did.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add esx and cisco to generic resources.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-19 15:26:49 +01:00
Franklin Webber
8416c07a81 Updates the year to 2018 (#2686)
The year for the generator should match the current year.

Signed-off-by: Franklin Webber <franklin@chef.io>
2018-02-18 09:16:15 -05:00
Chef Expeditor
9f906f8a21 Bump version to 2.0.11 by Expeditor 2018-02-18 11:17:12 +00:00
Jared Quick
97dd0546c0 Fix legacy reporter output to file (#2667)
* Fix legacy reporter output.

Signed-off-by: Jared Quick <jquick@chef.io>

* Wrap test in a proc to catch warnings.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add output deprecation.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-18 12:17:00 +01:00
Chef Expeditor
db78ab4858 Bump version to 2.0.10 by Expeditor 2018-02-18 11:12:53 +00:00
Chef Expeditor
1458790696 Bump version to 2.0.9 by Expeditor 2018-02-17 21:47:08 +00:00
Chef Expeditor
e4e4724285 Bump version to 2.0.8 by Expeditor 2018-02-17 18:27:21 +00:00
Chef Expeditor
4a6f947fb1 Bump version to 2.0.7 by Expeditor 2018-02-17 15:51:40 +00:00
Jared Quick
2a8bd673b1 Capture ArgumentErrors from aws. (#2673)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-17 16:50:35 +01:00
Chef Expeditor
310fe5009f Bump version to 2.0.6 by Expeditor 2018-02-17 15:50:04 +00:00
Jared Quick
457a33a2b3 Fix bundle exec calls (#2670)
* Fix bundle exec calls and add test.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add exit check for supermarket exec.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-17 16:49:52 +01:00
Chef Expeditor
5179eabccf Bump version to 2.0.5 by Expeditor 2018-02-17 00:39:49 +00:00
Chef Expeditor
f641fdcff3 Bump version to 2.0.4 by Expeditor 2018-02-16 21:47:27 +00:00
Chef Expeditor
d91c41a21a Bump version to 2.0.3 by Expeditor 2018-02-16 20:32:54 +00:00
Chef Expeditor
4e51288de6 Bump version to 2.0.2 by Expeditor 2018-02-16 20:16:05 +00:00
Jared Quick
db96ee9e85
Prevent resources from loading if supports check fails (#2665)
* Prevent resources from loading if supports fail.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-16 15:15:53 -05:00
Chef Expeditor
75934b4f7f Bump version to 2.0.1 by Expeditor 2018-02-15 21:57:36 +00:00
Jared Quick
fc990346f2
Merge pull request #2655 from chef/release-2.0
Add in release-2.0 changes to master
2018-02-15 16:57:25 -05:00
Jared Quick
6e5d0ff6de
Bump version to 2.0.0 (#2652)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-15 14:55:52 -05:00
Clinton Wolfe
6c0422fbf0
Improvements and matcher renaming on aws_iam_password_policy (#2638)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-14 15:59:57 -05:00
Clinton Wolfe
33787124a7 Two deprecations in aws_ec2_instance (#2637)
* Drop deprecation warning for old name of aws_ec2

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-14 15:08:34 -05:00
Jerry Aldrich
e77b99235f Update inspec detect to support APIs/Families (#2634)
This does the following to `inspec detect`:
  - Modifies it to use the `platform` resource
  - Changes the output to mention Platform and show the family hierarchy
  - Changes the JSON output by changing `family` to `families`
  - Adds better error messaging (no more stacktraces!)
  - Adds support for APIs such as AWS/Azure
  - Hides Arch from API platforms (not applicable)

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-14 15:06:39 -05:00
Clinton Wolfe
4f341acfbc
Catch cloud exceptions and document connection info (#2636)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-14 14:15:20 -05:00
Jared Quick
59fd0e8775
Update reporter with breaking inspec 2.0 changes. (#2487)
* Update reporter with breaking inspec 2.0 changes.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-14 11:54:20 -05:00
Jared Quick
fde895f74a Merge branch 'master' into release-2.0 2018-02-13 15:11:53 -05:00
Jerry Aldrich
9ebd807ea4 http resource: Make remote worker the default (#2520)
* http resource: Make remote worker the default

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-13 12:42:16 -05:00
Chef Expeditor
c0093b9b9b Bump version to 1.51.20 by Expeditor 2018-02-13 17:40:34 +00:00
Jerry Aldrich
7f0a39a76a package resource: Fix Windows package detection (#2624)
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-13 12:40:20 -05:00
Clinton Wolfe
469369fa32 Capture ResourceNotFound exception from LMF (#2623)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-13 09:47:12 -05:00
Chef Expeditor
30e120c81d Bump version to 1.51.19 by Expeditor 2018-02-13 14:04:41 +00:00
Chef Expeditor
9fa456eb89 Bump version to 1.51.18 by Expeditor 2018-02-12 18:34:35 +00:00
Jared Quick
f3ee680429 Add hidden json fields to schema and add tests. (#2618)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-12 19:34:22 +01:00
Chef Expeditor
3dca4d2ee8 Bump version to 1.51.17 by Expeditor 2018-02-12 18:30:09 +00:00
Jared Quick
f5f9873bfd Allow ad-hoc runners to use rspec formats. (#2621)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-12 19:29:54 +01:00
Chef Expeditor
56387c96d0 Bump version to 1.51.16 by Expeditor 2018-02-12 15:23:47 +00:00
Jared Quick
da7b7e8549
Force a default reporter for ad-hoc runners (#2610)
* Force a default reporter for ad-hoc runners if not set.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-12 10:23:34 -05:00
Chef Expeditor
20a46d1a40 Bump version to 1.51.15 by Expeditor 2018-02-09 18:49:41 +00:00
Jared Quick
69f6e4e735 Remove ending newline from json reports.
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-09 13:15:18 -05:00
Jared Quick
b5b0713fe2 Fix json-config format not overriding reporter.
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-09 11:51:49 -05:00
Jared Quick
145604549b This fixes the audit issue expecting a report hash output.
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-09 10:59:39 -05:00
Clinton Wolfe
ded1394e8b Add resource support declarations for Azure
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-09 10:22:56 -05:00
Clinton Wolfe
2708a73e11 Merge branch 'aws-core-onramp' into aws-merge 2018-02-09 00:56:28 -05:00
Chef Expeditor
1cbcd27138 Bump version to 1.51.14 by Expeditor 2018-02-08 22:04:59 +00:00
Chef Expeditor
ebf6c39f2f Bump version to 1.51.13 by Expeditor 2018-02-08 21:51:15 +00:00
Chef Expeditor
35f3388f34 Bump version to 1.51.12 by Expeditor 2018-02-08 21:49:41 +00:00
Chef Expeditor
5a9f3d90c0 Bump version to 1.51.11 by Expeditor 2018-02-08 21:48:14 +00:00
Chef Expeditor
bc88d30d46 Bump version to 1.51.10 by Expeditor 2018-02-08 21:46:43 +00:00
Chef Expeditor
06ff68d097 Bump version to 1.51.9 by Expeditor 2018-02-08 21:45:11 +00:00
Chef Expeditor
1a5bc25eb6 Bump version to 1.51.8 by Expeditor 2018-02-08 21:43:38 +00:00
Chef Expeditor
6b5ad4ab92 Bump version to 1.51.7 by Expeditor 2018-02-08 21:41:24 +00:00
Clinton Wolfe
dfc73a52f0 Merge branch 'release-2.0' into aws-merge-release-merge-try
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-08 10:44:11 -05:00
Clinton Wolfe
6aaab8691c Merge branch 'aws-merge-prep' into aws-merge
Includes train aws:// targeting and some new resources

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-08 10:09:57 -05:00
Jared Quick
9bc0a5a32f Merge branch 'master' into release-2.0 2018-02-08 09:48:23 -05:00
Clinton Wolfe
532f42df89 Move files to locations for core - inspec AWS PR 219 and other new resources
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-08 09:36:20 -05:00
Clinton Wolfe
16fe52b084 Rearrange AWS files for merge into core
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-08 09:24:15 -05:00
Jerry Aldrich
84817366a1 Remove deprecations for InSpec 2.0 (#2506)
* Add `release-2.0` target branch to AppVeyor/Travis (#2510)

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* simpleconfig: Remove deprecated config keys

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* cli (exec): Remove `--cache` command line argument

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* platform: Remove lowercase os name protection

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `contain_legacy_plus` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `contain_match` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `with_version` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `belong_to_group` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `belong_to_primary_group` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* matcher: Remove `contain` matcher

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* passwd: Remove deprecated properties

This removes:
  - `passwd.count`
  - `passwd.username`
  - `passwd.usernames`
  - `passwd.uid`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* auditd_rules: Remove in favor of `auditd` resource

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* cli: Remove `login_automate` command

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove `resource_skipped` message method

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-02-08 11:05:21 +01:00
Chef Expeditor
b1801a2219 Bump version to 1.51.6 by Expeditor 2018-02-08 09:07:11 +00:00
Jared Quick
9930e40a76 Add new "reporter" system (replacement for "formatters"), support multiple reporters per run (#2464)
* Formatter and reporter refactor.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add exception and backtrace to json-min report.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add sha to json-min and include generator version for json profile.

Signed-off-by: Jared Quick <jquick@chef.io>

* Fix deprecated typo and add fallback for cli resource title.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update to build json report and clean up cli logic.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add tests for json reporter.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add cli suppress_log_output? and a fallback for invalid reporter type.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update suppress_log_output? to check if we are outputting to stdout.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update reporter cli optoins to work with json_config.

Signed-off-by: Jared Quick <jquick@chef.io>

* Refactor some safe-navigation and variable names.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add thor banner to show reporter file output syntax.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-08 10:06:58 +01:00
Clinton Wolfe
b46bd350ed Modify train integration to support aws:// targeting in core
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-07 23:21:28 -05:00
Jared Quick
42779e91a7 Setup azure resources into inspec.
Signed-off-by: Jared Quick <jquick@chef.io>
2018-02-07 16:05:58 -05:00
Clinton Wolfe
aec79551ff Rubocop
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-07 12:29:01 -05:00
Clinton Wolfe
d15a21b85f Use dedicated AWS resource loading file. Always load FilterTable.
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-07 12:11:10 -05:00
Clinton Wolfe
67713f99e4 Rely on core resource loader to load AWS support facilities
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-07 12:10:07 -05:00
Clinton Wolfe
f7a11ee2df Merge branch 'aws-merge-prep' into aws-merge
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-07 09:53:21 -05:00
Jared Quick
e0ab84b11a Merge branch 'jq/azure_merge' of /Users/jquick/Chef/inspec-azure into jq/merge_inspec_azure 2018-02-06 13:23:54 -05:00
Chef Expeditor
5a5afb11e2 Bump version to 1.51.5 by Expeditor 2018-02-06 14:10:02 +00:00
Clinton Wolfe
f425a70f79 Rearrange AWS files for merge into core
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-02-05 15:58:51 -05:00
Kimberly Garmoe
7dc72c7491 Edits to audit_policy resource language (#2498)
Signed-off-by: kagarmoe <kgarmoe@chef.io>
2018-01-31 07:24:57 -05:00
Chef Expeditor
898dc78b48 Bump version to 1.51.4 by Expeditor 2018-01-31 12:02:06 +00:00
Chef Expeditor
1b6979d362 Bump version to 1.51.3 by Expeditor 2018-01-31 10:16:30 +00:00
Adam Leff
689fe34cc9 apache resource: document and deprecate (#2494)
* Docs for apache resource

Signed-off-by: kgarmoe <kgarmoe@chef.io>

* Add deprecation warning to apache docs and resource, and clean up examples.

Signed-off-by: Adam Leff <adam@leff.co>

* Update apache_conf resource to remove dependency on apache resource

Signed-off-by: Adam Leff <adam@leff.co>

* Make conf_dir method public

Signed-off-by: Adam Leff <adam@leff.co>

* Removes unnecessary aide_conf commit, pulled in from e25f0a45

Signed-off-by: Adam Leff <adam@leff.co>

* Switch to Pathname to calculate conf_dir

Needed to avoid Windows adding `C:\` in unit tests when calling
File.expand_path.

Signed-off-by: Adam Leff <adam@leff.co>
2018-01-31 11:16:15 +01:00
Chef Expeditor
19782770db Bump version to 1.51.2 by Expeditor 2018-01-30 15:33:11 +00:00
Dominik Richter
42ffd874de add Inspec::Describe for abstract describe state (#2010)
Unlike `Inspec::Test` this supports having multiple tests within one block that describes a resource. This has now been seen as an optimization problem where a resource may be computed once and tested multiple times with `it` and `its` within the body.

If successful, it requires a follow-up to deprecated Inspec::Test and remove it for 2.0 completely with a recommendation to use Inspec::Describe.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-01-30 16:32:56 +01:00
Chef Expeditor
f57e2050ca Bump version to 1.51.1 by Expeditor 2018-01-26 07:57:45 +00:00
Jerry Aldrich
d96a6affa7 packages resource: Add architectures support (#2469)
This adds support for `architectures` to the `packages` resource.

Example:

```
describe packages(/compat-libstdc++-33/) do
  its('architectures') { should include 'x86_64' }
  its('architectures') { should include 'i686' }
end
```

This also adds documentation for the `packages` resource

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-01-25 23:57:34 -08:00
Chef Expeditor
1d2ecdb884 Bump version to 1.51.0 by Expeditor 2018-01-25 14:29:44 +00:00
Vern Burton
55abdebdc9 filesystem resource: inspect linux filesystems (#2441)
* adding df resource

Signed-off-by: Vern Burton <me@vernburton.com>

* adding unit tests and required mocks for them, created integration test

Signed-off-by: Vern Burton <me@vernburton.com>

* cleaning up skip test to include only the filename and not full path

Signed-off-by: Vern Burton <me@vernburton.com>

* adding docs

Signed-off-by: Vern Burton <me@vernburton.com>

* size makes more sense than space

Signed-off-by: Vern Burton <me@vernburton.com>

* removing unneeded author lines

Signed-off-by: Vern Burton <me@vernburton.com>

* as the command changed, changing mock to the new sha

Signed-off-by: Vern Burton <me@vernburton.com>

* updating to address comments from #2441

* removing author lines
* using attr_reader functions
* using ruby string functions rather than pipe to sed
* adding os family detection
* using ResourceFailed as the pattern already existed for OS family detection
* using if for future case support for unix and unix-like (FreeBSD)

Signed-off-by: Vern Burton <me@vernburton.com>

* adding supports to resource metadata, and adding tests that show that resource says that it is not supported on windows/unix.

Signed-off-by: Vern Burton <me@vernburton.com>

* focusing on linux os family and removing logic for assumed future cases

Signed-off-by: Vern Burton <me@vernburton.com>

* changing df to filesystem

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-25 09:29:31 -05:00
Chef Expeditor
3993975797 Bump version to 1.50.6 by Expeditor 2018-01-23 20:35:01 +00:00
Jerry Aldrich
98546984ae service resource: attempt a SysV fallback if SystemD unit file is not found (#2473)
* service resource: Fix no `.service` + systemd bug

This modifies the `enabled?` check to fallback to `sysv_service` in the
event that a `.service` file cannot be found.

For example: On Debian 8.7 the stock apache2 package does not deploy a
`.service` file but deploys a SysV style service. This causes
`systemctl is-enabled` to fail when the service is in fact enabled.

* Remove `cmd_stderr` and clean up `cmd_exit_1`
* Clean up `stderr` assignment using ternary
2018-01-23 12:34:47 -08:00
Chef Expeditor
acf9ce379d Bump version to 1.50.5 by Expeditor 2018-01-23 20:32:33 +00:00
ViolentOr
3c7bace964 Update security_policy resource to return Names, not SIDs (#2462)
* Added possibility to translate SID to human-readable name (using 'translate_sid: true' switch)

Signed-off-by: ViolentOr <github@violentor.me>

* fixed errors

Signed-off-by: ViolentOr <github@violentor.me>

* changed pars to opts

* renameg temp variable

Signed-off-by: ViolentOr <github@violentor.me>

* Required tests added

Signed-off-by: ViolentOr <github@violentor.me>

* fixed mistype

Signed-off-by: ViolentOr <github@violentor.me>

* should not copy-paste.

Signed-off-by: ViolentOr <github@violentor.me>

* replaced empty call with empty file

Signed-off-by: ViolentOr <github@violentor.me>

* tests fixed.

Signed-off-by: ViolentOr <github@violentor.me>

* grouped command mocks related to the security_policy resource

Signed-off-by: ViolentOr <github@violentor.me>

* bacgitend -> backend

Signed-off-by: ViolentOr <github@violentor.me>
2018-01-23 12:31:57 -08:00
Chef Expeditor
6fba1c1997 Bump version to 1.50.4 by Expeditor 2018-01-23 20:30:26 +00:00
Matt Kulka
c067798fc5 Docker Swarm service resource (#2456)
This change adds the `docker_service` resource for Docker swarm mode services. This
branches off some of the common elements (id, exists) into a `DockerObject` module along
with a utility function for parsing the image/repo string. That function was implemented
separately by `docker_image` and `docker_container`, now with a third resource, it made
sense to consolidate that into an included module. I used the most comprehensive
implementation. Existing classes had to be slightly modified for the genericization.

Signed-off-by: Matt Kulka <mkulka@parchment.com>
2018-01-23 12:30:14 -08:00
Chef Expeditor
c8dc5a615a Bump version to 1.50.3 by Expeditor 2018-01-22 21:17:50 +00:00
Clinton Wolfe
0d5f6e0a7e Sort library files before loading them so load order is predictable (#2475)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-01-22 14:17:39 -07:00
Chef Expeditor
1ec706721d Bump version to 1.50.2 by Expeditor 2018-01-18 21:21:47 +00:00
Jerry Aldrich
944dfdc987 grub_conf resource: fix menuentry detection (#2408)
* Fix `grub_conf` menuentry detection

This does the following:
  - Corrects Grub2 bug where last entry was always selected
  - Adds support for specifying a Grub2 menu entry by name
  - Adds support for using `GRUB_DEFAULT=saved` with Grub2
  - Adds more Unit tests

* Add error if menuentry name cannot be extracted
* Add handling for missing/unreadable grubenv
* Add defensive code for failed menuentry extraction
2018-01-18 13:20:48 -08:00
Chef Expeditor
22436061d4 Bump version to 1.50.1 by Expeditor 2018-01-17 18:29:22 +00:00
Chef Expeditor
d53450ed1d Bump version to 1.50.0 by Expeditor 2018-01-17 18:12:10 +00:00
Chef Expeditor
ae97fbee86 Bump version to 1.49.10 by Expeditor 2018-01-16 22:31:30 +00:00
Adam Leff
6be9f32448 http resource: make header keys case insensitive (#2457)
* http resource: make header keys case insensitive

HTTP header keys are currently case-sensitive, and the local and remote
workers currently store the keys in different formats due to the
different tools generating them.

This change ensures the ability to fetch headers by key is
case-insensitive and adds a deprecation to inform the user that future
fetches should use all lowercase.

Signed-off-by: Adam Leff <adam@leff.co>

* Remove deprecation treatment

HTTP header keys are case insensitive anyways. There's no reason to make
things harder for our users.

Signed-off-by: Adam Leff <adam@leff.co>
2018-01-16 14:30:35 -08:00
Chef Expeditor
1c7ea3357f Bump version to 1.49.9 by Expeditor 2018-01-16 22:30:00 +00:00
Chef Expeditor
943b810c85 Bump version to 1.49.8 by Expeditor 2018-01-16 22:28:28 +00:00
Jerry Aldrich
7bbe99bbbd package resource: fix NilClass errors on arch linux (#2437)
* Fix `nil:NilClass` error for `package` resource

This modifies `.info` to return `{}` in cases where the package manager
cannot be determined. This matches the behavior of `@pkgman.info`.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Change `must_be_empty` to `must_equal({})`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-01-16 14:27:31 -08:00
Chef Expeditor
61a012bd8d Bump version to 1.49.7 by Expeditor 2018-01-16 22:26:53 +00:00
Vern Burton
175c3e1189 xml resource: support fetching attributes (#2423)
* adding database.xml with attributes to files and mocking it in the helper.rb

Signed-off-by: Vern Burton <me@vernburton.com>

* adding logic to test class returned by XPATH and using functions from respective classes to fill a array for return, and unit and integration tests to ensure functionality

Signed-off-by: Vern Burton <me@vernburton.com>

* updating docs to show how attributes are used

Signed-off-by: Vern Burton <me@vernburton.com>

* 'and' instead of 'or' makes more sense

Signed-off-by: Vern Burton <me@vernburton.com>

* adding default else for capturing unknown classes from REXML

Signed-off-by: Vern Burton <me@vernburton.com>

* removing extra newline

Signed-off-by: Vern Burton <me@vernburton.com>

* adding fail case with enough information to debug in future case

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-16 14:26:39 -08:00
Chef Expeditor
b11f7ea2b2 Bump version to 1.49.6 by Expeditor 2018-01-16 22:21:10 +00:00
Vern Burton
9b4a276e9f firewalld resource: prepend rule string only when necessary (#2430)
* adding control statement to add rule in front of string as long as it doesn't already contain rule.

Correcting resource name in firewalld from etc_hosts_deny

adding tests for both branches of the statement created in firewalld

Signed-off-by: Vern Burton <me@vernburton.com>

* moving to unless with a start_with

Signed-off-by: Vern Burton <me@vernburton.com>

* adding documentation that states that it is not needed to add `rule` string

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-16 14:20:58 -08:00
Chef Expeditor
9b2f9f6d4c Bump version to 1.49.5 by Expeditor 2018-01-16 22:04:55 +00:00
Vern Burton
712ba520ad mssql_session resource: add port parameter (#2429)
* adding SQL 2012 SP1 for mssql_session testing

Signed-off-by: Vern Burton <me@vernburton.com>

* updating SHA to match new commands with ports in them

Signed-off-by: Vern Burton <me@vernburton.com>

* adding port, and a default value and moving from skip_resource to resource_fail

Signed-off-by: Vern Burton <me@vernburton.com>

* adding new sha for custom host

Signed-off-by: Vern Burton <me@vernburton.com>

* adding tests for hostname and migrating test that passed port in host to a dedicated port test

Signed-off-by: Vern Burton <me@vernburton.com>

* adding integration test

Signed-off-by: Vern Burton <me@vernburton.com>

* removing services as appveyor does not have integration testing running so it would be a waste of time to enable it

Signed-off-by: Vern Burton <me@vernburton.com>

* mock instance command

Signed-off-by: Vern Burton <me@vernburton.com>

* making instance readable

Signed-off-by: Vern Burton <me@vernburton.com>

* adding instance test

Signed-off-by: Vern Burton <me@vernburton.com>

* moving to ResourceSkipped as ResourceFailed is targeted for a major release

Signed-off-by: Vern Burton <me@vernburton.com>
2018-01-16 14:04:00 -08:00
Chef Expeditor
971a5a1122 Bump version to 1.49.4 by Expeditor 2018-01-05 20:18:35 +00:00
Jared Quick
04859ee01d Update the inspec support check to warn to stderr. (#2446)
Signed-off-by: Jared Quick <jquick@chef.io>
2018-01-05 21:17:37 +01:00
Chef Expeditor
cd978deb38 Bump version to 1.49.3 by Expeditor 2018-01-05 20:17:05 +00:00
Jerry Aldrich
8a037b6196 Fix package manager detection on Arch Linux (#2436)
Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-01-05 21:16:54 +01:00
Chef Expeditor
5e0f7fd599 Bump version to 1.49.2 by Expeditor 2018-01-04 19:39:16 +00:00
Dominik Richter
be9ece65b9 load local dependencies in inspec shell (#2438)
* add --depends to inspec shell

for loading dependencies from local folders. mainly used for development.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* lint

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* depends is not defined...

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* much nicer description for --depends

kudos @adamleff

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add documentation for inspec shell --depends

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-01-04 14:39:01 -05:00
Chef Expeditor
81d763ec0e Bump version to 1.49.1 by Expeditor 2018-01-04 19:15:12 +00:00
Jared Quick
839ab3eef4 Deprecate and warn when comparing against OS name with capitals/spaces (#2397)
* Testing train downcase platform names.
* Added NameCleaned tests and fixed some formatting.
* Clean up tests with helper method.
* Update to new gemfile and platform resource.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-01-04 14:15:02 -05:00
Chef Expeditor
330d522577 Bump version to 1.49.0 by Expeditor 2018-01-04 18:24:00 +00:00
Chef Expeditor
76b581ad24 Bump version to 1.48.14 by Expeditor 2018-01-03 17:10:49 +00:00
Jerry Aldrich
972f3a6486 Modify inspec json to use check_mode (#2435)
This modifies `inspec json` to make it not evaluate code inside of
`only_if` blocks.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2018-01-03 09:10:35 -08:00
Chef Expeditor
c4d678a1df Bump version to 1.48.13 by Expeditor 2018-01-02 20:41:17 +00:00
Dominik Richter
f1f2900866
bugfix: dependency chaining in libraries (#2428)
* WIP require chaining

* add a tiny comment

* reapply fix doh

* add a deprecation warning

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* lint

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* remove deprecation warning for require in control files

as discussed with Adam Leff

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add tests for regular ruby gem require in libs

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-01-02 12:41:01 -08:00
Chef Expeditor
b71517ee4b Bump version to 1.48.12 by Expeditor 2018-01-02 19:04:28 +00:00
Jared Quick
10dc5621fb Add platform resource and platform supports (#2393)
* Add platform resource and platform supports.

Signed-off-by: Jared Quick <jquick@chef.io>

* Cache platform and inspec checks and implement inspec_version.

Signed-off-by: Jared Quick <jquick@chef.io>

* Deprecate current inspec support in favor of inspec_version.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update resource/profile skip messages.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update load_resource to use platform instead of os.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update platform example.

Signed-off-by: Jared Quick <jquick@chef.io>
2018-01-02 11:04:13 -08:00
Chef Expeditor
2a187530e5 Bump version to 1.48.11 by Expeditor 2018-01-02 18:12:44 +00:00
Chef Expeditor
db9b593998 Bump version to 1.48.10 by Expeditor 2018-01-02 17:27:45 +00:00
Chef Expeditor
c68043d041 Bump version to 1.48.9 by Expeditor 2017-12-22 16:07:58 +00:00
Miah Johnson
685ba1bc1e Update apache_conf regular expression to exclude whitespace. (#2416)
* Update apache_conf test to check for ServerAlias values.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add ServerAlias key and values to mock apache conf which includes
trailing whitespace.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Updated test to reflect all ServerAlias values being put into a single
array item. This is expected as we do not override the key_values
default setting of '1' when passing the raw configuration to
SimpleConfig.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Update the regular expression to include a conditional with positive
lookahead that checks if the line ends with one or more spaces. If the
lookahead succeeds we non-greedily capture, and when it fails we
greedily capture.

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2017-12-22 17:07:46 +01:00
Chef Expeditor
d86ebee7bd Bump version to 1.48.8 by Expeditor 2017-12-22 14:03:35 +00:00
Eammon Hanlon
f6c7bffe78 Add bonding mode matcher to bond resource (#2414)
* Add mode method to test the value of Bonding Mode

Signed-off-by: Eammon Hanlon <eammon.hanlon@microsoft.com>

* Add test for bonding mode in bond unit test

Signed-off-by: Eammon Hanlon <eammon.hanlon@microsoft.com>

* Add documentation on mode matcher for bond resource

Signed-off-by: Eammon Hanlon <eammon.hanlon@microsoft.com>

* Update example for 'Test parameters for bond0'

Signed-off-by: Eammon Hanlon <eammon.hanlon@microsoft.com>
2017-12-22 15:02:40 +01:00
Chef Expeditor
b5b2e38b28 Bump version to 1.48.7 by Expeditor 2017-12-22 14:01:30 +00:00
Jerry Aldrich
a3c993fe18 Fix OWCA detection for compliance login (#2401)
* Add handling for OWCA login via `compliance login`

OpsWorks Chef Automate currently returns a 200 for the
`/compliance/version` endpoint and redirects to the Chef Manage page.

This adds support to `inspec compliance login` to accept this as valid
behavior and continue with the login.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add test case for 200 response but no Chef Manage

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add debug info and split `determine_server_type`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Appease RuboCop

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove forced returns from `determine_server_type`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add `false` code path for non-200/non-401 response

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Reword debug messages

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-12-22 15:01:18 +01:00
Chef Expeditor
1d0eebcadd Bump version to 1.48.6 by Expeditor 2017-12-22 13:58:31 +00:00
David Alexander
3fd310a505 Adds Synchronize permission to windows ACL stuff (#2399)
Obvious fix

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-12-22 14:58:19 +01:00
Chef Expeditor
9b3c54d493 Bump version to 1.48.5 by Expeditor 2017-12-21 13:21:10 +00:00
Dominik Richter
2f506b3c70 bugfix: default attributes for nil and false (#2410)
Traditionally those would translated DEFAULT_ATTRIBUTE. but that was wrong, it should have been nil or false or whatever the user supplied.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-12-21 14:20:59 +01:00
Chef Expeditor
6c82d3c56f Bump version to 1.48.4 by Expeditor 2017-12-20 15:57:58 +00:00
Jerry Aldrich
c2a65942d9 Add support for Darwin Directory Service groups (#2403)
* Add support for Darwin Directory Service groups

This allows users to verify groups added by Chef on OS X.

The current method that `UnixGroup` uses is to check the contents of
`/etc/group`, but OS X adds groups to Directory Service and not
`/etc/group`. This modifies the `group` resource on Darwin to use
`dscacheutil` to get group info.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Clean up `select_group_manager`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Clean up DarwinGroup `groups` method

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-12-20 16:57:45 +01:00
Chef Expeditor
f434558f93 Bump version to 1.48.3 by Expeditor 2017-12-15 18:52:53 +00:00
Jerry Aldrich
b17be1a73c Enhance package resource error handling (#2388)
* Enhance `package` resource error handling

This does the following:
  - Modifies `info` to return an empty hash instead of `nil`
  - Adds a failure case if package name is not specified
  - Adds a skip case if no package manager can be found
  - Changes `skip_resource` to use the `ResourceSkipped` exception
  - Raises an error if JSON parsing fails for Windows/MacOS/Darwin

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Make RuboCop happy

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Change missing argument behavior

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove unnecessary boolean check

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-12-15 19:52:41 +01:00
Clinton Wolfe
e317fff2ed
Move files under lib back to libraries
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-12-14 23:41:12 -05:00
Russell Seymour
cdbe8c1016 Create azure_generic_resource
* Rewrite of Inspec Azure Resource pack to allow the testing of _any_ value Azure reosurce.
Closes #36
Closes #37

This fixes #56 so that it works with the latest version of the SDK. In fact it will only work to version >= 0.15

Signed-off-by: Russell Seymour <russell.seymour@turtlesystems.co.uk>
2017-12-12 13:20:22 -05:00
Chef Expeditor
6000c4ba67 Bump version to 1.48.2 by Expeditor 2017-12-12 16:29:14 +00:00
Jared Quick
7c7fab9fb0 Replace exec --cache with --vendor-cache (#2390)
* Move cache cli command to vendor-cache.

Signed-off-by: Jared Quick <jquick@chef.io>

* Rename DEPRECATION to DEPRECATED for cache flag.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-12 17:28:07 +01:00
Adam Leff
470582a84e xml resource: update docs with alternate syntax for keys with periods (#2389)
Signed-off-by: Adam Leff <adam@leff.co>
2017-12-12 16:31:50 +01:00
Chef Expeditor
68a934b03b Bump version to 1.48.1 by Expeditor 2017-12-11 20:08:10 +00:00
Adam Leff
a18441f86e Rubocop: disable GuardClause and ClassLength (#2382)
Neither of these cops is helping us write good code, and GuardClause
specifically is actually contributing to us writing sometimes-unclear
code. Disabling both of these cops and removing all unnecessary disable
decorators in the codebase.

Signed-off-by: Adam Leff <adam@leff.co>
2017-12-07 20:22:55 +01:00
Chef Expeditor
952b5c152d Bump version to 1.48.0 by Expeditor 2017-12-07 18:21:21 +00:00
Chef Expeditor
8750589b8f Bump version to 1.47.8 by Expeditor 2017-12-07 15:45:37 +00:00
Chef Expeditor
6560fb1bde Bump version to 1.47.7 by Expeditor 2017-12-07 15:45:04 +00:00
Chef Expeditor
b0e74a6d56 Bump version to 1.47.6 by Expeditor 2017-12-07 15:44:15 +00:00
Miah Johnson
e33f4959e1 Allow crontab resource to read crontab at user specified paths. (#2328)
* add a emulated /etc/cron.d/crondotd file to the mocking system.

* test that we handle incoming paths correctly by rendering to_s.

* We take in both users and a path, so lets call that destination.

* To make the test pass we'll determine if we are dealing with a path or
a user and return the correct string.

* we will need the ability to determine if we are dealing with a path when either calling the crontab command or reading the file directly, so break that out into a path? method.

* remove author field.

* test contents of our crondotd file.

* we have to explicitly make @destination a String to use include?.

* when we get a path we use inspec.file to get conents, otherwise we run the crontab command.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add documentation for example usage with file path.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Make path? and path_or_user private methods

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add missing username filed to crondotd mock file

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Pass argument as a hash when testing file paths

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Expected results should include usernames when testing file paths

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add special string `@yearly` test to crondotd mock file

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to existing cron tests

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Rubocop says I need spaces after/before curly brackets

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to crondotd file tests and add @yearly test

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Modify initialize to take options hash and be backwards compatible.

Change initialize default argument to create a hash by default, though
it is still possible to pass in a 'user' string argument.

@user gets set with the argument value unless its a hash, in which case
it tries to set the value of the user key, otherwise it becomes nil.

@file gets set with the value of the path key, unless it doesn't exist
in which case it becomes nil.

All hash keys are symbolized to ensure consistent access.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Check if @path is nil to determine if we run crontab command or parse
file.

path? was removed as we're not overloading a @destination variable
anymore.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* if @user is nil assume current user otherwise crontab for @user

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Change to complete if rather than ternary.

We have three possible cases, current user, other user, or file path.
This accounts for all of them.

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add user to the crontab FilterTable

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Remove path? and path_or_user

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Move crontab parsing to two methods, parse_user_crontab and
parse_system_crontab

Because a command in a crontab file could have spaces we must parse user
and system crontabs differently.

When we parse user crontabs the user field will either be nil, or the requested user.

Both user and path parsers handle special strings (@yearly, @weekly,
etc). And also account for position of user in these files (or adds it
in user case)

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Update examples with user: and path:

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Add spaces after : in example docs

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Disable rubocop ClassLength check

Signed-off-by: Miah Johnson <miah@chia-pet.org>

* Moved rubocop ClassLength metric next to class instead of above the
module.

Remove unnecessary braces.

Add is_system_crontab? and is_user_crontab helper methods and use them.

Add tests to see if error conditions are raised when the resource is
invoked with missing parameters (user, or path), and on a unsupported
os.

Change initialize to group all hash functions together and raise errors
when user and path is unset. Also raise errors on unsupported operating
systems.

Change order of ternary and use is_system_crontab? rather than
@path.nil?

Signed-off-by: Miah Johnson <miah@chia-pet.org>
2017-12-07 13:50:07 +01:00
Jared Quick
72af4a96f1 Update default cli options to be per command. (#2378)
Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-07 13:19:36 +01:00
Chef Expeditor
628d778b05 Bump version to 1.47.5 by Expeditor 2017-12-06 21:22:22 +00:00
Jared Quick
4c592f49c1 Resolve merge issue with json-config vs thor defaults (#2377)
* Add debug for caching and fix cli merge bug.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update options merge to take cli options over json.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-06 22:22:11 +01:00
Chef Expeditor
4ccdf5bb89 Bump version to 1.47.4 by Expeditor 2017-12-06 20:18:55 +00:00
Chef Expeditor
e0d5306502 Bump version to 1.47.3 by Expeditor 2017-12-05 13:21:42 +00:00
Jared Quick
578577f79a Update command resource to check for mock backend. (#2353)
Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-05 14:21:31 +01:00
Chef Expeditor
0248d80557 Bump version to 1.47.2 by Expeditor 2017-12-05 13:13:54 +00:00
Jerry Aldrich III
49d36de0f3 Allow inspec check to ignore only_if (#2250)
* Allow `inspec check` to ignore `only_if`

When using `inspec check` a mock Train backend is created. This means
that the following would raise an error because `os.name` is `nil`

```
only_if { os.name.include?('anything') }
```

Since `inspec check` isn't concerned with the evaluation of `only_if`
this skips those checks if the block given raises an error.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove unnecessary `e` in rescue

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Modify implementation to use `check_mode`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Move `check_mode` concept to the Profile scope

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Fix lint after rubocop upgrade

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add comment for mocked ControlEvalContext options

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-12-05 14:13:41 +01:00
Chef Expeditor
817a215b77 Bump version to 1.47.1 by Expeditor 2017-12-05 12:07:42 +00:00
Jared Quick
0dc0e3b457 Update rspec cli control summary to not uniq fails. (#2362)
Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-05 13:07:31 +01:00
Chef Expeditor
f983b92d16 Bump version to 1.47.0 by Expeditor 2017-12-04 21:40:29 +00:00
Jared Quick
d49f4e3fe1 Enable caching for backend calls (#2309)
* Enable caching for command and file calls to train
* Moved transport conn to connection and refactored tests
* Update caching flag to use train caching.
* Move caching flag to cli option.
* Add backed cache default from thor.
* Add hard disable for cache option and remove all cache from debug shell.
* Add comment to caching settings conditional.
* Force file cache on when caching enabled.
* Update gemspec for train 0.30.0.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-04 16:40:14 -05:00
Chef Expeditor
ceabe4b94a Bump version to 1.46.7 by Expeditor 2017-12-04 20:31:17 +00:00
Jared Quick
4b1c1b041f security_policy resource: use PID for filename instead of random (#2368)
* Update security policy export to use pid instead of random.

Signed-off-by: Jared Quick <jquick@chef.io>

* Update helper for the new train.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-12-04 15:31:06 -05:00
Clinton Wolfe
2955aabf7f DRY up AWS resource implementation and test backend implementations (#121)
* Standardize requires in unit tests

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Standardize requires in resources

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Move AWS connection hook into non-resource library area

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add an AWS resource mixin, pushing constructor out to it

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Push resource param name recognition into mixin

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Push exists predicate up to mixin

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rename base.rb to be resource_mixin for clarity

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Separate the backend from its factory, and push it out into a class mixin

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Push BackendFactory up into the resource mixin

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* De-linting

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Remove aws_conn require from LMF and CloudWatch Alarm filters

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Use resource mixin for Cloudwatch Alarm

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rework LMF to use the resource mixin

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Remove SDK load from connection.rb; that happens in aws.rb now

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Mixin should default to allowing empty resource params

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Update LMF to enforce params being required

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-12-04 19:32:13 +01:00
Chef Expeditor
0aac3b13ad Bump version to 1.46.6 by Expeditor 2017-12-04 16:59:41 +00:00
eramoto
6a16a3ef99 Fix example in key_rsa.rb (#2364)
key_rsa resource: fix inline shell documentation help, wrong resource name used in examples
2017-12-04 11:59:30 -05:00
Chef Expeditor
ffc699c4d9 Bump version to 1.46.5 by Expeditor 2017-12-01 09:24:25 +00:00
Adam Leff
3ffaee91c2 docker_image resource: properly handle registries in image strings (#2356)
When supplying a docker image that contains a registry with a port number,
such as `localhost:5000/chef/inspec:1.46.3`, the docker_image resource
was unable to locate the image in question due to incorrect parsing
of the repository and tag.

Signed-off-by: Adam Leff <adam@leff.co>
2017-12-01 10:24:15 +01:00
Chef Expeditor
222d4b6aac Bump version to 1.46.4 by Expeditor 2017-11-29 21:31:20 +00:00
Adam Leff
12fec238f7
json resource: ensure params is not nil in even of read/parse failure (#2354)
When the JSON resource (and those that subclass off of it) were modified
to properly throw exceptions in the event of failure, this caused the
`params` method to return nil instead of what it used to be, an empty
hash.

This is fine in the case of a describe block, but it's not okay when used
outside of a describe, as it will cause users trying to pluck from the
hash to throw a dreaded-and-unhelpful NilClass error.

This change pre-populates the params to be an empty hash, and if the
read/parse steps fail, it will still be one.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-29 16:31:06 -05:00
Chef Expeditor
a3954dec1b Bump version to 1.46.3 by Expeditor 2017-11-29 14:16:49 +00:00
Jared Quick
3f14e467b3 Unique export file for security policy resource (#2350)
* Add a unique export for security policy resource.

Signed-off-by: Jared Quick <jquick@chef.io>

* Remove skip resource on empty policy file.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-11-29 15:16:40 +01:00
Chef Expeditor
ed98bb4b77 Bump version to 1.46.2 by Expeditor 2017-11-29 12:32:53 +00:00
Jerry Aldrich III
71057675de Allow skipping/failing resources in FilterTable (#2349)
* Allow skipping/failing resources in FilterTable

`FilterTable` is commonly used in the class body of a resource and is
evaluated during an `instance_eval`. This means that if you raise an
exception (e.g. SkipResource) it will halt `inspec exec` and
`inspec check`.

This adds an `ExceptionCatcher` class that will postpone evaluation
until test execution.

This allows `inspec check` and `inspec exec` to perform as intended when
skipping/failing a resource in `FilterTable`

Huge thanks to @adamleff for providing the starting code/ideas!

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Comment why `ExceptionCatcher` doesn't raise

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove `accessor` from `ExceptionCatcher`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Return the existing ExceptionCatcher object rather than creating new

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-29 07:32:40 -05:00
Chef Expeditor
24f695a311 Bump version to 1.46.1 by Expeditor 2017-11-29 11:02:12 +00:00
David Alexander
beb326a15a wmi resource: properly escape quotes in WMI query (#2342)
* Modifies test for failing WMI string interpolation

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Fixes #2260 (WMI string interpolation)

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-11-29 12:01:44 +01:00
Chef Expeditor
30fd2b669b Bump version to 1.46.0 by Expeditor 2017-11-28 13:45:11 +00:00
Christoph Hartmann
9cdf03ac4b allow override of attribute identifier and support default values different from strings (#2347)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-11-28 08:45:02 -05:00
Chef Expeditor
3f3655963d Bump version to 1.45.17 by Expeditor 2017-11-28 08:19:03 +00:00
David Alexander
71b90f1b22 file resource: fix NilClass error when using advanced windows permissions (#2344)
* Fixes #2343 (Windows file permissions regression)

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Updates docs with missing info on `be_allowed()` matcher

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-11-28 09:18:49 +01:00
Chef Expeditor
a268669220 Bump version to 1.45.16 by Expeditor 2017-11-27 17:17:48 +00:00
Adam Leff
98db74a466 http resource: properly support HEAD request with remote worker (#2340)
The existing method of adding `-X HEAD` to the curl command does not
work properly and can cause timeouts because curl doesn't properly
close the connection. The correct way is to use curl's own `--head`
flag.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-27 18:17:39 +01:00
Chef Expeditor
ed12dc7548 Bump version to 1.45.15 by Expeditor 2017-11-27 16:39:29 +00:00
Patrick Münch
7d95ce8300 correct the grub path for rhel 7 based os in grub_conf resource (#2332)
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
2017-11-27 11:39:20 -05:00
Chef Expeditor
0fef0feea7 Bump version to 1.45.14 by Expeditor 2017-11-27 16:13:11 +00:00
Adam Leff
6c3ab70dd1
json resource (et. al.): allow inspec check to succeed when using command (#2317)
* json resource (et. al.): allow inspec check to succeed when using command

When using the `json` resource (or any of the resources that subclass
JsonConfig), `inspec check` would fail if the content was supplied with
the `command` option. This is because the `command` resource is mocked
and an empty string would be returned for `stdout`. That content would
be blindly passed to the `parse` method would which raise an exception
and cause `inspec check` to fail.

This change refactors JsonConfig to be a bit cleaner and use some helper
methods. Additionally, we use the new Exceptions to properly raise errors
which are naturally caught by Inspec::Profile, etc.

Signed-off-by: Adam Leff <adam@leff.co>

* Make `resource_base_name` method private

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-27 11:13:02 -05:00
Chef Expeditor
b402742cad Bump version to 1.45.13 by Expeditor 2017-11-21 19:04:32 +00:00
Chef Expeditor
3a99baaf31 Bump version to 1.45.12 by Expeditor 2017-11-21 07:49:51 +00:00
Adam Leff
4b9acb4800 Bump Rubocop to 0.49.1 (#2323)
* Bump Rubocop to 0.49.1

This change bumps Rubocop to 0.49.1. There have been a lot of changes
since 0.39.0 and this PR is hopefully a nice compromise of turning off
certain cops and updating our codebase to take advantage of new Ruby
2.3 methods and operators.

Signed-off-by: Adam Leff <adam@leff.co>

* Set end-of-line format to line-feed only, avoid Windows-related CRLF issues

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-21 08:49:41 +01:00
Chef Expeditor
b9b502a48d Bump version to 1.45.11 by Expeditor 2017-11-20 18:11:52 +00:00
Chef Expeditor
03099d51dc Bump version to 1.45.10 by Expeditor 2017-11-17 20:56:44 +00:00
Chef Expeditor
77fe944f23 Bump version to 1.45.9 by Expeditor 2017-11-16 17:17:17 +00:00
Seth Chisamore
396752ba26 Add basic param handling to remote HTTP worker (#2286)
http resource: Add basic param handling to remote HTTP worker
2017-11-16 12:16:23 -05:00
Adam Leff
6ccc8aad26
Update expeditor version-update script (#2312)
PR #2311 updated the Rubocop engine to use Ruby 2.3 to evaluate, and
the default behavior is to no longer require `.freeze` to be added
to string literals that are treated like constants. This caused the
pattern match used in the Expeditor version update script to no longer
work.

Also manually fixing the `lib/inspec/version.rb` file to be correct.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-16 11:59:00 -05:00
Adam Leff
dde4a116d6
Update Rubocop to TargetRubyVersion 2.3 (#2311)
Bumps the Rubocop engine to use 2.3 and addresses the big changes
between 2.0 and 2.3.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-16 11:26:19 -05:00
Chef Expeditor
832c66087a Bump version to 1.45.7 by Expeditor 2017-11-16 15:02:47 +00:00
Chef Expeditor
e4ef2dbf11 Bump version to 1.45.6 by Expeditor 2017-11-15 20:56:50 +00:00
eramoto
986c8818d3 xinetd_conf resource: fix false positives with config file or directory doesn't exist (#2302)
xinetd_conf resource: fix false positives when config file or directory doesn't exist
2017-11-15 15:56:39 -05:00
Chef Expeditor
e403dd6e9f Bump version to 1.45.5 by Expeditor 2017-11-15 20:49:24 +00:00
malovdm1
923e4abf21 sqlplus credentials could contain special symbols and need to be escaped (#2308)
Signed-off-by: Dmytro Malovany <dmytro.malovannyy@gmail.com>
2017-11-15 21:49:09 +01:00
Chef Expeditor
c5130621f3 Bump version to 1.45.4 by Expeditor 2017-11-14 04:05:43 +00:00
Adam Leff
c91553c6f8 Allow resource skip exceptions outside initialize methods (#2307)
PR #2235 allowed for resources to raise skip and fail exceptions and
the RSpec formatters would do the right thing. These work inside
initialize methods but not in any other method in the resource.

This change modifies the formatter to honor the ResourceSkipped
exception properly. The ResourceFailed exception needs no additional
handling as RSpec properly handles any exception thrown.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 05:05:31 +01:00
Chef Expeditor
377797023e Bump version to 1.45.3 by Expeditor 2017-11-14 04:04:02 +00:00
eramoto
f9ee7596f5 Fix gid filtering for etc_group resource (#2297)
'etc_group' resource stores 'gid' as integer but the 'where' method
compares 'gid' as string.
By this fix, the 'where' method always converts the stored data to string
when comparing. And it can also look for groups without members.

Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
2017-11-14 05:03:50 +01:00
Chef Expeditor
99f1631d9e Bump version to 1.45.2 by Expeditor 2017-11-14 04:02:03 +00:00
Chef Expeditor
4f1e9eced6 Bump version to 1.45.1 by Expeditor 2017-11-14 03:41:49 +00:00
Adam Leff
6875e80bd8
Fix classname in JUnit formatter (#2283)
* Fix classname in JUnit formatter

The JUnit formatter currently incorrectly uses `class` instead of
`classname` as an attribute.

Signed-off-by: Adam Leff <adam@leff.co>

* Prefixing classname with profile name, fix functional tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-13 22:41:37 -05:00
Chef Expeditor
4840eb087e Bump version to 1.45.0 by Expeditor 2017-11-13 21:02:41 +00:00
Chef Expeditor
d8aea65849 Bump version to 1.44.9 by Expeditor 2017-11-13 17:06:14 +00:00
Wei He
f20748c88f fix port resource (parse_ss_line) (#2305)
Signed-off-by: Wing924 <weihe924stephen@gmail.com>
2017-11-13 18:06:01 +01:00
Chef Expeditor
7e6c4128c5 Bump version to 1.44.8 by Expeditor 2017-11-09 11:33:08 +00:00
Clinton Wolfe
656423d7f2 Issue warning during check if profile name contains slash (#2231)
* Add failing unit test for deprecation warning on profiles with slashes in their name

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Issue warning during validation if name contains a slash

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Slug profile names generated from target paths to prevent breaking unit tests

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop whinges

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Update functional test watching for default profile name

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Make deprecation warning more descriptive

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop whinges

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Set title with original test path if no profile name or title provided

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop whinges

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-11-09 12:32:54 +01:00
Chef Expeditor
2c75f048e4 Bump version to 1.44.7 by Expeditor 2017-11-09 11:29:53 +00:00
Adam Leff
86079ca3c7 Properly compare profile version strings as SemVer (#2280)
When configuring a profile dependency, if the dependent profile had a
hyphen in it, it would not properly match the default version constraint
of `>= 0`. This is because a hyphen indicates the version is a pre-release
version and proper version matching would require the constraint to also
be listed with a pre-release version string.

The proper solution is to use the `+` character instead which indicates
a build number, which is what the hyphen was meant to convey. In the
meantime, this change properly compares version strings as SemVer and
also adds tests.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-09 12:29:41 +01:00
Chef Expeditor
8d555bd160 Bump version to 1.44.6 by Expeditor 2017-11-09 11:25:20 +00:00
Chef Expeditor
6a01aa0038 Bump version to 1.44.5 by Expeditor 2017-11-09 10:11:29 +00:00
Brett Delle Grazie
0bb318c2dc http resource: supply max-time option using read_timeout and open_timeout (#2289)
Curl doesn't distinguish between them so need to use the sum of both as
the overall timeout.

fixes #2288

Signed-off-by: Brett Delle Grazie <brett.dellegrazie@gmail.com>
2017-11-09 11:11:19 +01:00
Chef Expeditor
3b143633aa Bump version to 1.44.4 by Expeditor 2017-11-09 10:10:07 +00:00
Chef Expeditor
13a93ebd32 Bump version to 1.44.3 by Expeditor 2017-11-08 17:43:28 +00:00
Adam Leff
0a11280444
nginx resource: support quoted identifiers (#2292)
An nginx config may contain configuration settings that are quoted, such
as a map entry:

"~^\/opcache-api" 1;

The `nginx_conf` resource was failing to properly parse these.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-08 12:42:37 -05:00
Chef Expeditor
690b1df805 Bump version to 1.44.2 by Expeditor 2017-11-08 10:41:11 +00:00
Adam Leff
9e9025c138 Switch to tomlrb for TOML parsing (#2295)
The `toml` gem has a very strict version dependency on an old version
of parslet. This change switches us to use `tomlrb` instead which has
no direct dependencies. This will allow us to bump up to a later version
of parslet that has better error handling and insight into parser errors.

Signed-off-by: Adam Leff <adam@leff.co>
2017-11-08 11:41:00 +01:00
Chef Expeditor
9440ce6321 Bump version to 1.44.1 by Expeditor 2017-11-07 19:02:06 +00:00
Dominik Richter
eb729c4034 allow users to specify user/namespace when fetching profiles from Chef Automate (#2275)
* allow users to configure the profiles namespace

By default it uses the username of the user that is logged into the system. However, the user can now specify the `--user` on the cli to list profiles from a user other than his own domain.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* allow users to provide owner for profile listing and uploading

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>

* use config only

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-11-07 14:01:55 -05:00
Chef Expeditor
c2ec4b9545 Bump version to 1.44.0 by Expeditor 2017-11-06 18:29:02 +00:00
Jerry Aldrich III
43b71ff132 Add non-halting exception support to resources (#2235)
* Add non-halting exception support to resources

This adds two `Inspec::Exceptions` that can be used within resources to
either skip or fail a test without halting execution.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-11-06 13:28:53 -05:00
Chef Expeditor
0961e07d73 Bump version to 1.43.10 by Expeditor 2017-11-03 20:24:06 +00:00
Chef Expeditor
356939443c Bump version to 1.43.9 by Expeditor 2017-11-03 18:29:08 +00:00
Seth Chisamore
af8443d1ea Use proper syntax in curl header option (#2285)
`curl` expects a valid header per RFC 2616 when using the
`-H`/`--header` option. RFC 2616 declares header field/values
should be separated using a colon (`:`):
https://tools.ietf.org/html/rfc2616#section-4.2

Signed-off-by: Seth Chisamore <schisamo@chef.io>
2017-11-03 14:28:54 -04:00
Chef Expeditor
d3d44bf285 Bump version to 1.43.8 by Expeditor 2017-11-02 14:04:06 +00:00
Wei He
71ed5ef964 service resource: properly search for SysV Init S files (#2274)
* bug fix: Service resource

Signed-off-by: Wing924 <weihe924stephen@gmail.com>

* fix test case

Signed-off-by: Wing924 <weihe924stephen@gmail.com>
2017-11-02 15:03:51 +01:00
Chef Expeditor
e44de521b6 Bump version to 1.43.7 by Expeditor 2017-11-01 11:01:33 +00:00
Markus Grobelin
221db7e132 mount resource: fix for Device-/Sharenames and Mountpoints including … (#2257)
* mount resource: fix for Device-/Sharenames and Mountpoints including whitespaces

Device-/Sharenames and Mountpoints on Linux may include whitespaces (\040), e.g. /etc/fstab entry like:

```//fileserver.corp.internal/Research\040&\040Development /mnt/Research\040&\040Development cifs OTHER_OPTS```

... results in a mount line like:

```//fileserver.corp.internal/Research & Development on /mnt/Research & Development type cifs (OTHER_OPTS)```

The Linux mount command replaces \040 with whitspace automatically, so this should be tributed.

I used a control like this:

```
    describe mount('/mnt/Research & Development') do
      it { should be_mounted }
      its('device') { should eq  '//fileserver.corp.internal/Research & Development' }
    end
```

Before:

```
  ×  whitespaces-1: Mount with whitespace within sharename and mountpoint. (1 failed)
     ✔  Mount /mnt/Research & Development should be mounted
     ×  Mount /mnt/Research & Development device should eq "//fileserver.corp.internal/Research & Development"

     expected: "//fileserver.corp.internal/Research & Development"
          got: "//fileserver.corp.internal/Research"

     (compared using ==)
```

After:

```
  ✔  whitespaces-01: Mount with whitespace within sharename and mountpoint.
     ✔  Mount /mnt/Research & Development should be mounted
     ✔  Mount /mnt/Research & Development device should eq "//fileserver.corp.internal/Research & Development"
```

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mounts_with_whitespaces: make lint happy

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mount resource: added parentheses as suggested by https://github.com/chef/inspec/pull/2257/files

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* mount resource: fix for Device-/Sharenames and Mountpoints including whitespaces
Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-11-01 12:01:21 +01:00
Chef Expeditor
5d8384f767 Bump version to 1.43.6 by Expeditor 2017-10-27 08:33:04 +00:00
Jerry Aldrich III
94a79b2fc7 Force https scheme for inspec compliance login (#2268)
This allows a user to specify an Automate server without prepending
`https://`. Without this, anything using the `url` fetcher will fail
because `open` doesn't interpret the argument as a URL.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-10-27 10:32:52 +02:00
Chef Expeditor
e2f0b0c751 Bump version to 1.43.5 by Expeditor 2017-10-26 15:32:56 +00:00
Jerry Aldrich III
91403d8c81 Add Chef Automate support to inspec compliance login (#2203)
* Merge `login` and `login_automate` commands

This provides a single interface for logging into either Chef Automate
or Chef Compliance servers. Server type is evaluated at run time via
HTTP responses from designated endpoints.

This also moves the login logic from `Compliance::ComplianceCLI` to a
separate set of modules in `Compliance::API`. This removes logic from
Thor and allows for more in depth Unit testing.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove empty line below class definition

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add message to `raise CannotDetermineServerType`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Refactor `token_info` assignment

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove unnecessary rubocop disable

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Modify `Login` module namespacing

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Remove mentions of login_automate and --usertoken

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Modify `determine_server_type` to return a symbol

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add support for `login_automate` and `--usertoken`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Fix encoding typo

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Address PR feedback

This does the following:
  - Moves `CannotDetermineServerType` error to `.login`
  - Changes methods that store configuration to return the configuration
  - Moves user output to one location in `.login`
  - Makes other small improvements

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-10-26 17:32:47 +02:00
Chef Expeditor
274b1a53e5 Bump version to 1.43.4 by Expeditor 2017-10-25 14:14:42 +00:00
Markus Grobelin
2251270929 cran resource: check for R module installation (#2255)
* Added CRAN resource to check R modules

control 'cran-1' do
  impact 1.0
  desc '
    Ensure R module DBI is installed.
  '

  describe cpan('DBI') do
    it { should be_installed }
    its('version') { should cmp >= '3.0' }
  end
end

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* cran resource: made lint happy, added negative unit test, removed unused arg perl_lib_path

Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-10-25 16:14:29 +02:00
Chef Expeditor
90ca9528aa Bump version to 1.43.3 by Expeditor 2017-10-25 14:01:36 +00:00
Markus Grobelin
c626dfdbd9 cpan resource: check for Perl module installation (#2254)
* Added CPAN resource to check Perl modules

control 'cpan-1' do
  impact 1.0
  desc '
    Ensure Perl modules DBI and DBD::Pg are installed.
  '

  describe cpan('DBI') do
    it { should be_installed }
  end

  describe cpan('DBD::Pg') do
    it { should be_installed }
    its('version') { should cmp >= '3.0' }
  end
end

Signed-off-by: Markus Grobelin <grobi@koppzu.de>

* cpan resource: fixed unit test for non-installed module

Signed-off-by: Markus Grobelin <grobi@koppzu.de>
2017-10-25 16:01:26 +02:00
Chef Expeditor
69a629c726 Bump version to 1.43.2 by Expeditor 2017-10-24 21:50:32 +00:00
Dominik Richter
39d743b12e Include ref when writing out inspec control objects (#2259)
* support ref for inspec control objects

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* lint

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-10-24 17:50:23 -04:00
Chef Expeditor
b2597cecfa Bump version to 1.43.1 by Expeditor 2017-10-24 20:23:08 +00:00
Jerry Aldrich III
a4cd589b93 Fix regression regarding profile upload (#2264)
Fix regression when uploading compliance profiles
2017-10-24 16:22:57 -04:00
Chef Expeditor
f43178dde8 Bump version to 1.43.0 by Expeditor 2017-10-20 21:28:57 +00:00
Adam Leff
8dc48533aa new resource: elasticsearch resource, test cluster/node state (#2261)
* new resource: elasticsearch resource, test cluster/node state

This is a new resource for testing an Elasticsearch cluster. It operates
by fetching the `_nodes` endpoint from a given Elasticsearch node and
collects data about each node in a cluster, even if there's only a
single node.

This work is based on inspiration from an initial PR #1956 submitted by
@rx294.

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Adam Leff <adam@leff.co>

* Reduce mock data on non-default tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-20 17:28:48 -04:00
Chef Expeditor
69dd8d16ec Bump version to 1.42.3 by Chef Expeditor 2017-10-18 11:24:18 +00:00
Matt Ray
c21ce063ab Replace WMI query with PowerShell cmdlet "get-hotfix" (#2252)
Signed-off-by: Matt Ray <matthewhray@gmail.com>
2017-10-18 12:24:11 +01:00
Chef Expeditor
63b8fb3b8f Bump version to 1.42.2 by Chef Expeditor 2017-10-17 15:30:46 +00:00
Sebastian Gumprich
9f9715b90b Update postgres.rb (#2248)
Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
2017-10-17 16:30:35 +01:00
Chef Expeditor
0652112129 Bump version to 1.42.1 by Chef Expeditor 2017-10-17 13:02:00 +00:00
David Alexander
6ed4068fd1 Extend Windows ACL matchers (#1744)
* Adds alias for 'ListDirectory' permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Works with Ruby array of permissions as long as possible

Converts to PowerShell array just before use.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Abstracts user-provided permissions to router method

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds FullControl as a specifiable permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds specific permission 'modify'

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Fixes #1743

Limits Windows' broad "read" permission to if it can read all of the
above, instead of just the first:

- File contents
- File attributes
- File extended attributes
- File permissions

This better aligns with how Windows names the permissions.

  'read' -> Read instead of 'read' -> ReadData

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* 'Execute' Windows ACL has alias of 'Traverse'

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds 'Delete' permission

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds `should allow('perm').by_user('me')` matcher

Provides hooks for later use with Windows ACL matching

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Adds remaining Windows ACL hooks

Skips ReadAndExecute on intentionally since it just aliases the combo of
2 permissions into one new one.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* [Rubocop] Reduces ABC / Cyclomatic complexity

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Reduces global scope with `allows()` -> `be_allowed()`

RSpec inferred matchers work nicely here. This changes the `by_user()`
and `by()` chained matchers to just be an options hash on the underlying
`allowed?()` method.

Signed-off-by: David Alexander <opensource@thelonelyghost.com>

* Fixes integration tests with rename `allows()` -> `be_allowed()`

Signed-off-by: David Alexander <opensource@thelonelyghost.com>
2017-10-17 15:01:51 +02:00
Chef Expeditor
e5ce31fcc7 Bump version to 1.42.0 by Chef Expeditor 2017-10-17 12:53:49 +00:00
Adam Leff
3c3cb741ff Add inspec habitat profile setup command (#2239)
Introduces a new `inspec habitat profile setup` command
which will set up an existing profile repository with all
the files necessary to build a Habitat package. This will
prime a repository to be used by the Habitat Builder service.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-17 14:53:41 +02:00
Chef Expeditor
56becc1231 Bump version to 1.41.10 by Chef Expeditor 2017-10-17 12:52:46 +00:00
username-is-already-taken2
dbd50c327e revised the esc chars within mark def (#2234)
Signed-off-by: username-is-already-taken2 <digitalgaz@hotmail.com>
2017-10-17 14:52:12 +02:00
Chef Expeditor
af65cf1281 Bump version to 1.41.9 by Chef Expeditor 2017-10-17 12:50:07 +00:00
Chef Expeditor
ed0d087e15 Bump version to 1.41.8 by Chef Expeditor 2017-10-17 12:47:40 +00:00
Jerry Aldrich III
62dc14a09c Fix only_if behavior when used outside controls (#2216)
* Fix `only_if` behavior when used outside controls

This renames `@skip_profile` to `@skip_file` and modifies the scope of
`only_if` (used outside of a control) to only apply to the control file
that contains it instead of the entire profile.

This does this by exposing `@skip_file` from the control context so that
it can be set back to `false` between loading control files in the
profile context.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Modify `get_checks` to accept a rule index

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Modify `only_if` to work regardless of location

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Disable Cyclomatic/Perceived Complexity in Rubocop

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* Add comment for `skip_file` in `load_control_file`

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-10-17 14:47:30 +02:00
Chef Expeditor
2f8cfd7a04 Bump version to 1.41.7 by Chef Expeditor 2017-10-17 12:45:46 +00:00
narkaTee
4f005d8510 Fix port ressource ss line parsing (#2243)
Fixes the 'ss -tulpen' command parsing when multiple processes use the
same fd.

Signed-off-by: Jan Ullrich <narkat@gmail.com>
2017-10-17 14:45:37 +02:00
Chef Expeditor
824e58dfbc Bump version to 1.41.6 by Chef Expeditor 2017-10-16 16:19:43 +00:00
Anton Markelov
09a2f677d5 add missed 'html' to 'format' option explanation (#2244)
Signed-off-by: Anton Markelov <doublic@gmail.com>
2017-10-16 17:19:36 +01:00
Chef Expeditor
78c2a55945 Bump version to 1.41.5 by Chef Expeditor 2017-10-12 10:30:40 +00:00
J Burns
58eae32688 etc_fstab resource: properly namespace the resource, add nfs_file_systems documentation (#2190)
* Updated nfs_file_systems example in docs

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-10-12 11:30:33 +01:00
Chef Expeditor
ed25975c2c Bump version to 1.41.4 by Chef Expeditor 2017-10-12 06:45:45 +00:00
Chef Expeditor
97b03b0bcf Bump version to 1.41.3 by Chef Expeditor 2017-10-11 13:31:54 +00:00
Nathen Harvey
05ac2724ec Update the profile tempate (#2238)
* Remove a broken link.

Signed-off-by: Nathen Harvey <nharvey@chef.io>

* It is now 2017

While the content in this file was actually written in 2015, this
example is meant to be overwritten and is generated by the user in the
current year.

Signed-off-by: Nathen Harvey <nharvey@chef.io>
2017-10-11 14:31:44 +01:00
Chef Expeditor
ca19ef5570 Bump version to 1.41.2 by Chef Expeditor 2017-10-10 09:37:06 +00:00
Adam Leff
5114173e50 Support PAX-formatted tar files, standardize file lists (#2225)
* Support PAX-formatted tar files, standardize file lists

When a tar file is generated in PAX format, the files have an additional
relative path prefix added to them. For example, instead of:

inspec.yml

... the file is listed as:

./inspec.yml

And the source reader plugin looks only for a "inspec.yml" file to
determine the profile format.

This change addresses this issue by normalizing the file paths in the
TarReader and accounting for the additional "./" prefix that may exist
whenever the tar file is walked looking for a file to read its content.

Signed-off-by: Adam Leff <adam@leff.co>

* Remove pax from unit test, will move to functional

Signed-off-by: Adam Leff <adam@leff.co>

* Add function test for the pax header tar file

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-10 10:36:57 +01:00
Chef Expeditor
4cf7c89460 Bump version to 1.41.1 by Chef Expeditor 2017-10-10 08:54:23 +00:00
Keith Walters
2a8d6e0e91 Uses netstat to detect open ports on AIX (#2210)
* Uses netstat to detect open ports on AIX

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>

* Adds unit tests for AIX port resource

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
2017-10-10 10:54:18 +02:00
Chef Expeditor
ae486e50d2 Bump version to 1.41.0 by Chef Expeditor 2017-10-09 10:56:24 +00:00
Russell Seymour
a2289bfcbe Updated so that the credentials file is only interogated if it exists (#42)
* Updated so that the credentials file is only interogated if it exists
Fixes #39

Signed-off-by: Russell Seymour <russell.seymour@turtlesystems.co.uk>

* Made change to set credentials to nil as requested

Signed-off-by: Russell Seymour <russell.seymour@turtlesystems.co.uk>
2017-10-09 12:54:42 +02:00
Seth Thoenen
fc43e87ee2 Fix issue where tests would fail if public DNS settings are not set (#38)
Signed-off-by: Seth Thoenen <seththoenen@gmail.com>
2017-10-08 23:08:23 +02:00
Christoph Hartmann
c7adc529b2 deactivate rubocop testing for unspecific exception handling (#50)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-10-08 22:56:52 +02:00
Daniel Sanabria
b1254926cd Using newer arm sdk version (#44)
Some object methods have been deprecated in v0.11.0 of the arm sdks.
This commit fixes the get_resources method by using the new resources
object instance method. We are also updating the Gemfile accordingly.

Signed-off-by: sanabriad <sanabria.d@gmail.com>
2017-10-08 22:43:46 +02:00
Chef Expeditor
952dd09a29 Bump version to 1.40.13 by Chef Expeditor 2017-10-07 10:28:14 +00:00
Adam Leff
cbf58c7afa Enhance cmp matcher to work with symbols, fix file documentation (#2224)
* Enhance cmp matcher to work with symbols

The `cmp` matcher will now stringify symbol actual values if the
expected value was passed in as a string. This will help with the file
resource `type` method where Train returns the file type as a symbol.

Signed-off-by: Adam Leff <adam@leff.co>

* Fix documentation for file type character_device

Signed-off-by: Adam Leff <adam@leff.co>

* Fix docs for block_device

Signed-off-by: Adam Leff <adam@leff.co>

* Fix file mtime docs

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-07 12:28:07 +02:00
Chef Expeditor
c716790972 Bump version to 1.40.12 by Chef Expeditor 2017-10-06 17:38:29 +00:00
Jared Quick
f9e0aaadba ssl resource: properly raise error when unable to determine if port is enabled (#2205)
* Move raise condition for host into enabled method

This is related to #1205. This will fix the ssl resource for now until
we redo the exceptions. Still looking around the code and need to build
some unit tests for the ssl resource.

My fix here is to move the raise condition till later in the flow,
specifically the enabled? method. This lets the raise get caught
accordingly without killing the other tests.

Signed-off-by: Jared Quick <jquick@chef.io>

* Remove authors from ssl resource test

Signed-off-by: Jared Quick <jquick@chef.io>
2017-10-06 19:38:22 +02:00
Chef Expeditor
fe506037c6 Bump version to 1.40.11 by Chef Expeditor 2017-10-06 17:36:25 +00:00
Adam Leff
a54bc98087 Fix loading profile files when executing multiple profiles (#2223)
When running `inspec exec` with multiple profiles, such as:

inspec exec profile1 profile2

... profile1 control calls to `inspec.profile.file` will incorrectly
try to pull files from profile2 because the RuntimeProfile object
is stored on the backend object, and we share the backend object.

This change ensures each profile has a unique backend object to ensure
the RuntimeProfile instance is not overwritten.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-06 19:36:13 +02:00
Chef Expeditor
b740c27163 Bump version to 1.40.10 by Chef Expeditor 2017-10-06 17:32:49 +00:00
Adam Leff
939ee5ecfc processes resource: support busybox ps (#2222)
This change enhances the processes resource to support the busybox
ps command which is common on Alpine, for example. The way we
map ps fields to the structs needed by FilterTable have also been
refactored to be more flexible so we can support multiple formats
in the future.

Also, the processes resource now allows the grep argument to be optional
thus allowing a user to query all resources without passing in a
match-all regex.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-06 19:32:39 +02:00
Chef Expeditor
999d115fb8 Bump version to 1.40.9 by Chef Expeditor 2017-10-06 17:32:26 +00:00
Jared Quick
3d346e779d Update shell resource help to return what is defined (#2219)
This fixes #1664. I refactored the help of the resource to build the
output depending on what is available.

Signed-off-by: Jared Quick <jquick@chef.io>
2017-10-06 19:32:16 +02:00
Chef Expeditor
70ae199949 Bump version to 1.40.8 by Chef Expeditor 2017-10-06 17:24:37 +00:00
Adam Leff
9d8c53cf31 Support symbol keys in ObjectTraverser (#2221)
As detected in #2036, it is not possible to extract values from
a YAML file if the key is a symbol. This change refactors ObjectTraverser
to support symbol keys before attempting to stringify them.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-06 19:24:31 +02:00
Chef Expeditor
b9fc73c42a Bump version to 1.40.7 by Chef Expeditor 2017-10-06 13:41:55 +00:00
Jared Quick
7bb7767dae Add nil check for sshd config file (#2217)
* Add nil check for sshd config file

This fixes #1778. There was a issue where if the user did not have read
permissions on /etc/ssh/sshd_config it would error out on the empty?
check. The fix here is to also look for nil on the file content. Along
with this I refactored the inspec file empty? check as it does not exist
and was also erroring during my testing.

Signed-off-by: Jared Quick <jquick@chef.io>

* Add emptyfile test object and refactor tests

Signed-off-by: Jared Quick <jquick@chef.io>
2017-10-06 15:41:48 +02:00
Chef Expeditor
3d04127385 Bump version to 1.40.6 by Chef Expeditor 2017-10-05 23:18:54 +00:00
Chef Expeditor
6a395a0233 Bump version to 1.40.5 by Chef Expeditor 2017-10-04 20:44:17 +00:00
Adam Leff
21ba43d6a5 http resource: properly execute tests on remote target (#2209)
Currently, the http resource always executes locally, even when scanning
a remote machine with `--target` which leads to undesireable behavior.

This change adds the ability to remotely execute tests with curl. This
behavior is currently opt-in with the `enable_remote_worker` flag, but
will become the default behavior in InSpec 2.0. Deprecation warnings
are emitted if the user is scanning a remote target but has not opted
in to the new behavior.

Signed-off-by: Adam Leff <adam@leff.co>
2017-10-04 22:44:09 +02:00
Chef Expeditor
4f091da9fa Bump version to 1.40.4 by Chef Expeditor 2017-10-04 20:43:26 +00:00
Chef Expeditor
400aac9350 Bump version to 1.40.3 by Chef Expeditor 2017-10-04 20:43:01 +00:00
Jared Quick
01d97498d1 Add output for port/protocol for host resource. (#2202)
* Added output for port/protocol for host resource.

Signed-off-by: Jared Quick <jquick@chef.io>

* refactor with explicit return

This fixes #2085. Port and protocol are now shown in output of the host
resource if defined.

Signed-off-by: Jared Quick <jquick@chef.io>

* refactor with string building return

Signed-off-by: Jared Quick <jquick@chef.io>
2017-10-04 22:42:56 +02:00
Chef Expeditor
d373487a05 Bump version to 1.40.2 by Chef Expeditor 2017-10-04 20:42:12 +00:00
Craig Barrett
67b123c4fd add bsd platform family to etc_hosts resource (#2192)
Signed-off-by: Craig Barrett <craig.barrett@outreach.io>
2017-10-04 22:42:05 +02:00
Chef Expeditor
fb52fd8770 Bump version to 1.40.1 by Chef Expeditor 2017-10-03 21:25:35 +00:00
Chef Expeditor
e181c1730c Bump version to 1.40.0 by Chef Expeditor 2017-09-27 12:05:42 +00:00
dromazmj
7fc7942ab1 firewalld resource: inspect the status and configuration of firewalld (#2074)
* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resourec - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - firewalld

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource firewalld

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications to new resource - firewalld

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Changing firewalld_command method to prepend the command with 'firewall-cmd' to reduce code reuse.

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications made
	* installed? method now tells by checking if firewall-cmd is a command on the system
	* The firewalld_command method now strips the stdout of the return
	* added another test for testing multiple active zones

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing rake lint issue

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing match and returning boolean for seeing if firewalld is running

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Fixing lint issues

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Empty commit to rerun.  Accidentally updated branch.

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Rerunning test, accidentally updated branch. needs sign off commit

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>
2017-09-27 14:05:35 +02:00
Chef Expeditor
b4ed4c4a98 Bump version to 1.39.1 by Chef Expeditor 2017-09-25 21:21:24 +00:00
Chef Expeditor
e263582f86 Bump version to 1.39.0 by Chef Expeditor 2017-09-25 17:49:13 +00:00
dromazmj
b23a58b573 etc_hosts_allow and etc_hosts_deny resources: test the content of the tcpwrappers configuration files (#2073)
* New Resource-combined etc_hosts_allow etc_hosts_deny

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
2017-09-25 13:49:04 -04:00
Chef Expeditor
67d5d167d5 Bump version to 1.38.9 by Chef Expeditor 2017-09-25 17:09:30 +00:00
Matt Ray
e23249d635 windows_hotfix resource: test whether a Windows HotFix is installed (#2178)
* Add hotfix resource for Windows

Signed-off-by: Matt Ray <matthewhray@gmail.com>

* Renamed hotfix to windows_hotfix

Added additional unit test checking for KB that is not present on a box

Signed-off-by: Matt Ray <matthewhray@gmail.com>

* Integration test to spot-check for hotfixes

Queries the Windows operating system via Powershell for a list of all
installed hotfixes and spot-checks every 10th one with the
windows_hotfix resource. Checking hundreds is time-consuming. Also
checks to ensure a non-installed hotfix is not present.

Signed-off-by: Matt Ray <matthewhray@gmail.com>
2017-09-25 19:09:22 +02:00
Chef Expeditor
6722e03c94 Bump version to 1.38.8 by Chef Expeditor 2017-09-25 15:11:57 +00:00
Chef Expeditor
cab161c185 Bump version to 1.38.7 by Chef Expeditor 2017-09-23 07:27:12 +00:00
Adam Leff
d029f7f58c Properly return postgres query errors on failure (#2179)
When using the `query` method in the `postgres_session` resource, if
the query fails, the `query` method attempts to call `skip_resource`
with an error message. Not only does the `skip_resource` not properly
work, but it also returns a `String` object back to the test which is
probably going to try and call the `output` method on it to run the test.

This results in an error like this:

```
  Can't read
     ∅  undefined method `output' for "output":String
```

This change returns the full psql output as a Lines object to the
user, including stderr, so they can at least get the error in their
test output and avoids undefined method errors.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-23 09:27:05 +02:00
Chef Expeditor
75e1331618 Bump version to 1.38.6 by Chef Expeditor 2017-09-23 07:17:42 +00:00
Jerry Aldrich III
3d7244fb07 Add wildcard support to Utils::FindFiles (#2159)
Wildcards are evaluated prior to applying `sudo` permissions. This
means that running `sudo find /some/path/*.conf` will fail if the user
does not have read permissions on `/some/path/` because the wildcard
cannot expand before `sudo` is applied and `*.conf` isn't a file.

The solution for this is to run the command in a subshell that has the
proper permissions (e.g. `sudo sh -c 'find /some/path/*.conf'`).

This modifies `Utils::FindFiles` to use a subshell thus allowing
wildcard support.

This fixes #2157

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-23 09:17:34 +02:00
Chef Expeditor
bdb80591e3 Bump version to 1.38.5 by Chef Expeditor 2017-09-23 07:16:31 +00:00
Jerry Aldrich III
125e0915b2 Modify DirProvider to allow special characters (#2174)
This modifies `Inspec::DirProvider` to allow special characters in the
file glob by escaping those characters via `Shellwords.shellescape`.

This fixes #2111 (`inspec check` on path with special characters)

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-23 09:16:25 +02:00
Chef Expeditor
9f06ba0b0b Bump version to 1.38.4 by Chef Expeditor 2017-09-22 12:57:56 +00:00
Dominik Richter
e2004a436f forgiving default attributes (#2177)
* forgiving default attributes

When default attributes arent specified provide one that is much more forgiving.
See this https://github.com/chef/inspec/issues/2176

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-22 08:57:51 -04:00
Chef Expeditor
d2a47fa9fb Bump version to 1.38.3 by Chef Expeditor 2017-09-21 19:55:27 +00:00
Chef Expeditor
42fc9d70ca Bump version to 1.38.2 by Chef Expeditor 2017-09-21 16:21:39 +00:00
Jerry Aldrich III
cbcca9f39e Modify Upstart enabled check to use config file (#2163)
This modifies the enabled check for the `service` resource to use the
service's config file instead of `initctl show-config`.

`initctl show-config` does not accurately show the state of a service if
that service's config file is modified while the service is running.

This fixes #1834.

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-21 12:21:34 -04:00
Chef Expeditor
2947532601 Bump version to 1.38.1 by Chef Expeditor 2017-09-21 16:18:23 +00:00
Adam Leff
e400b8dd4c Support false for attribute value (#2168)
The logic in `Inspec::Attribute` prohibited the use of `false` (FalseClass) as
a valid attribute. If the attribute value supplied was `false`, then it would fall
back to the default value.

This change properly allows the use of `false` as a value, adds the initial tests
for Inspec::Attribute, and also uses better attr_writer semantics for writing/storing
the value.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 12:17:44 -04:00
Chef Expeditor
4a71140052 Bump version to 1.38.0 by Chef Expeditor 2017-09-21 16:06:05 +00:00
Chef Expeditor
96b9527e46 Bump version to 1.37.13 by Chef Expeditor 2017-09-21 16:00:24 +00:00
Adam Leff
0b3aaee692 Update method in which Pry hooks are removed (#2170)
* Update method in which Pry hooks are removed

Pry 0.11 removed the clear_all method for removing all hooks. This change
updates the way we clear hooks for the events we care about.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-21 12:00:18 -04:00
Chef Expeditor
a614cc9598 Bump version to 1.37.12 by Chef Expeditor 2017-09-19 16:27:04 +00:00
Adam Leff
adf25ae783 Support array syntax for registry_key resource (#2160)
Users cannot query for registry keys that have periods in them because of
how rspec-its works. This change enables Array-style syntax for the
registry_key resource so users can use that as a workaround.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-19 18:26:53 +02:00
Chef Expeditor
e57977612e Bump version to 1.37.11 by Chef Expeditor 2017-09-18 19:49:26 +00:00
malovdm1
3e16a099c5 quote username and hostname in mssql_session (#2151)
Signed-off-by: Malovany, Dmytro (Ext) <dmytro.malovany@novartis.com>
2017-09-18 21:49:20 +02:00
Chef Expeditor
7ca1380ef9 Bump version to 1.37.10 by Chef Expeditor 2017-09-18 19:48:11 +00:00
Adam Leff
5297dc6ede Add deprecation warning to auditd_rules resource (#2156)
The auditd_rules resource has been replaced by the auditd resource.
We are planning on removing the auditd_rules resource in InSpec 2.0.
This change will provide a warning to any user using the old resource.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-18 21:48:04 +02:00
Chef Expeditor
c6703af02c Bump version to 1.37.9 by Chef Expeditor 2017-09-18 19:47:26 +00:00
Jennifer Burns
ec18dce62b auditd resource: test active auditd configuration against the audit daemon (#2133)
* Added auditd resource and documentation.

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Added unit tests for auditd resource and updated auditd_rules_test to match new entries in auditctl

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Removed all legacy code for audit < 2.3. Removed parens to create consistency.

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated method names and removed unnecessary content based on review

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-09-18 21:47:18 +02:00
Chef Expeditor
85c02112b5 Bump version to 1.37.8 by Chef Expeditor 2017-09-15 20:38:05 +00:00
Jerry Aldrich III
9773e1cd94 Add wildcard/multiple server support to nginx_conf resource (#2141)
* Add wildcard/multiple server support to nginx_conf

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>

* separate the merge function for maps in nginx_conf

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-15 16:37:57 -04:00
Chef Expeditor
48b0e6a667 Bump version to 1.37.7 by Chef Expeditor 2017-09-14 19:16:35 +00:00
Chef Expeditor
4c6877f766 Bump version to 1.37.6 by Chef Expeditor 2017-09-14 17:09:04 +00:00
Chef Expeditor
c02e359fa2 Bump version to 1.37.5 by Chef Expeditor 2017-09-13 21:52:54 +00:00
Alex Pop
cf6fdd09af Show versions for inspec compliance profiles (#2143)
Signed-off-by: Alex Pop <apop@chef.io>
2017-09-13 17:52:45 -04:00
Chef Expeditor
be7f5ccde1 Bump version to 1.37.4 by Chef Expeditor 2017-09-13 20:53:43 +00:00
Alex Pop
35becd7e0f Support profile versions for automate profiles storage (#2128)
* Support profile versions for automate profiles storage

Signed-off-by: Alex Pop <apop@chef.io>

* Add unit tests for inspec-compliance bundle

Signed-off-by: Alex Pop <apop@chef.io>

* Refactor target_url method, fix tests, fix rubocop errors

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 16:53:36 -04:00
Chef Expeditor
18d9b74301 Bump version to 1.37.3 by Chef Expeditor 2017-09-13 12:41:17 +00:00
Adam Leff
7810051f0a package resource: assume a default Homebrew path (#2140)
* package resource: assume a default Homebrew path

Homebrew's `brew` script is installed to /usr/local/bin by default which
is usually not in a non-interactive PATH. We will now first check to see
if `brew` is in PATH, and if not, assume a default of `/usr/local/bin/brew`

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:41:09 -04:00
Chef Expeditor
9fa47f1a9e Bump version to 1.37.2 by Chef Expeditor 2017-09-13 12:16:58 +00:00
Adam Leff
d4790f7f5a Ignore linked container names when parsing docker containers (#2134)
* Ignore linked container names when parsing docker containers

If a container is linked to another container, the normal `docker ps` output
does not include this information. However, when pulling the `.Names` field
with `docker ps --format`, the linked container is listed in the name. This
is confusing for users trying to use InSpec to audit a container.

This change strips any linked container names from the actual container name.

Signed-off-by: Adam Leff <adam@leff.co>

* Linked container names aren't guaranteed to be last depending on how they were linked

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:16:53 -04:00
Adam Leff
7a3706a023 Add clarifying docs for mysql_conf resource (#2138)
The docs did not include examples for querying settings set within a named section.

Signed-off-by: Adam Leff <adam@leff.co>
2017-09-13 08:16:35 -04:00
Chef Expeditor
48f3cdc644 Bump version to 1.37.1 by Chef Expeditor 2017-09-13 12:15:15 +00:00
Rony Xavier
7d2da0c199 nginx resource: audit the nginx binary and how it was compiled (#1958)
* nginx base resource

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xavier <rx294@gmail.com>
2017-09-13 08:15:09 -04:00
Chef Expeditor
dd1d0ca553 Bump version to 1.37.0 by Chef Expeditor 2017-09-11 15:37:45 +00:00
dromazmj
70548ab754 etc_fstab resource: test contents of the /etc/fstab file (#2064)
* Adding support for fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* New Resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to new resource - etc_fstab

Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>

* Modifications to docs of new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>

* Modifications to new resource etc_fstab

Signed-off-by: dromazmj <dromazmj@dukes.jmu.edu>
2017-09-11 15:55:03 +02:00
Jerry Aldrich III
a9d0d65c54 Add attributes file readability error handling (#2127)
* Add attributes file readability error handling

Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
2017-09-08 08:43:33 -04:00
Chef Expeditor
29c80110a8 Bump version to 1.36.1 by Chef Expeditor 2017-09-06 12:22:38 +00:00
Chef Expeditor
de2bd9aba3 Bump version to 1.35.5 by Chef Expeditor 2017-09-06 12:19:10 +00:00
Dominik Richter
19ab22f5e2 add nginx_conf accessors for http, servers, and locations (#2119)
* wip: extend nginx_conf for http+servers+locations

... well `http` entries really, but we couldnt just call it `https`.

the goal is to `nginx_conf.http` / `nginx_conf.servers` / `nginx_conf.locations` and then also have these calls cascaded down to simplify the access to these fields. the current pattern is rather tedious since we need to check for nil everywhere.

* add test for new nginx accessors

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add docs for nginx-conf

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* fix all incorrect NGINX spellings in docs

* prevent edge-cases where nginx params are nil

for location, http, and servers

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* more descriptive to_s for nginx servers

as suggested by @adamleff, thank you!

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* add more descriptive to_s for nginx location

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-09-06 08:19:04 -04:00
Chef Expeditor
e2b528db20 Bump version to 1.35.4 by Chef Expeditor 2017-09-06 10:07:39 +00:00
Trevor Vaughan
fb011c1d10 Fix deep profile chaining (#2121)
Update to fix how multiple relative profile chaining functions.

Closes #2120

Signed-off-by: Trevor Vaughan <tvaughan@onyxpoint.com>
2017-09-06 12:06:55 +02:00
Chef Expeditor
dbb4311693 Bump version to 1.35.3 by Chef Expeditor 2017-09-05 12:37:41 +00:00
ChadScott
09b145122d Modify linux regular expression to handle process names with spaces (#2117)
* Modify linux regular expression to handle process names with spaces

Signed-off-by: Chad Scott <cscott@chadikins.com>

* Add mocks, tests, etc.

Signed-off-by: Chad Scott <cscott@chadikins.com>
2017-09-05 14:36:55 +02:00
Chef Expeditor
f3c3de241e Bump version to 1.35.2 by Chef Expeditor 2017-09-03 18:43:56 +00:00
Clinton Wolfe
f284962450 File Resource: add be_setgid, be_setuid, be_sticky matchers (#2104)
* Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* TDD Red for setgid/setuid/sticky File matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add documentation for file resource sgid, sticky, and suid matchers

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add matchers to File for setgid, setuid, and sticky by aliasing existing predicates; TDD green

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Rubocop prefers alias to alias_method.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Lint before pushing, of course

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Correct spelling of setgid and setuid matchers in docs

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Add be_setgid, be_setuid, be_sticky matcher integration tests for File.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "Provisioner script to setup resource tests for setgid/setuid/sticky bit tests.  This appears to be the correct mechanism per docker_run, but I don't see any other provisioner scripts, so I suspect there is a different Chef-internal mechanism at play here."

This reverts commit 42e672f3b1.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

* Revert "TDD Red for setgid/setuid/sticky File matchers"

This reverts commit a4f891fc7e.

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2017-09-03 20:43:13 +02:00
Chef Expeditor
fd3dac23ce Bump version to 1.35.1 by Chef Expeditor 2017-08-31 13:55:32 +00:00
Chef Expeditor
1e57537f54 Bump version to 1.34.10 by Chef Expeditor 2017-08-31 13:51:44 +00:00
dromazmj
cb5b475bb1 etc_hosts resource: test the contents of the /etc/hosts file (#2065)
Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
2017-08-31 09:51:39 -04:00
Chef Expeditor
e7b6c31e11 Bump version to 1.34.9 by Chef Expeditor 2017-08-31 07:56:18 +00:00
Jonathan Morley
3e7d47505c Add support for XML files (#2107)
* Add support for XML files

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>

* Use REXML instead of nokogiri

Signed-off-by: Morley, Jonathan <jmorley@cvent.com>
2017-08-31 09:56:14 +02:00
Chef Expeditor
d0f2e49970 Bump version to 1.34.8 by Chef Expeditor 2017-08-31 07:53:50 +00:00
Adam Leff
e2fa0b5e73 port resource: support ss instead of netstat (#2110)
* port resource: support ss instead of netstat

`netstat` is officially deprecated and is replaced with `ss`. This PR
changes the port resource to use `ss` if it's available on the target
system.

Signed-off-by: Adam Leff <adam@leff.co>

* Disable Metrics/ClassLength cop on the LinuxPorts class

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-31 09:53:08 +02:00
Chef Expeditor
0f19e40d3b Bump version to 1.34.7 by Chef Expeditor 2017-08-30 20:04:28 +00:00
Anthony Shaw
d5f33f0b99 pip resource: support non-default pip locations, such as virtualenvs (#2097)
* Update pip resource for #516 allow user to set path to pip executable

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* support virtualenv path, pip file exec and better logic

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* add tests for the change to the pip path and resource

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* tests are case sensitive, although command line is not

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use a path verification method instead of a class method

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* use guard clauses instead of conditionals

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* change the control flow to return nil when commands are not available

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* fix the return values when custom pip path is not valid

Signed-off-by: Anthony Shaw <anthonyshaw@apache.org>

* Refactor pip path detection to fix unit tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-30 22:04:22 +02:00
Chef Expeditor
d93f623934 Bump version to 1.34.6 by Chef Expeditor 2017-08-30 20:02:50 +00:00
Adam Leff
c383175417 Support mixed-case group entries (#2101)
* Support mixed-case group entries

The `group` resource downcased the input parameter unless the target
was a Windows node. However, it's completely legitimate for a Unix-y
node to have mixed case group and passwd entries.

This change does have the potential to break people that did not carefully
match their case when searching for a group, but we're currently blocking
people from using the group resource properly if they have mixed-case
entries.

Signed-off-by: Adam Leff <adam@leff.co>

* Fix unit tests

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-30 22:02:45 +02:00
Chef Expeditor
151199b5fc Bump version to 1.34.5 by Chef Expeditor 2017-08-30 18:22:05 +00:00
Mark Harrison
ef42e2efd0 Use stored http resource response (if any) (#2108)
Currently, if you check two properties of a http resource, such as
status and body, two different http requests are made to the server.
However, the response is already stored in an instance variable, so this
change just checks to see if a response is already available and uses it
rather than making another http request.

Signed-off-by: Mark Harrison <mark@mivok.net>
2017-08-30 20:21:59 +02:00
Chef Expeditor
75b9ee8c39 Bump version to 1.34.4 by Chef Expeditor 2017-08-29 05:11:57 +00:00
Jennifer Burns
3b2bf52b1d auditd_rules resource: fix get_keys error on lines that have no keys (#2103)
* Added line to fix bug when no key in file rule and updated test to validate bug fix

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated to consider corner case

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-08-29 07:11:14 +02:00
Chef Expeditor
7a41cec73f Bump version to 1.34.3 by Chef Expeditor 2017-08-25 20:21:54 +00:00
Kevin Formsma
94c2e8181c Add sensitive flag to resources to restrict logging output (#2017)
* Filter check output based on sensitive flag
-Updated check in formatters to filter check output during failures based on
sensitive metadata flag
-Added functional test of output filtering
-Updated documentation with blerb on usage
* Update output format for sensitive resources

Signed-off-by: Kevin Formsma <kevin.formsma@gmail.com>

* Update color output on new test

Update the color output to match the newly-expected non-color format if there are no tests that match.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-25 16:21:49 -04:00
Chef Expeditor
3c07341ea0 Bump version to 1.34.2 by Chef Expeditor 2017-08-25 20:13:48 +00:00
Jennifer Burns
2cef15aec3 aide_conf resource: test configuration of the AIDE file integrity tool (#2063)
* Added aide_conf resource and subsequent files

* Updated to match on all selection lines

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Changed to use CommentParser and fixed typo

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Fix typo in test file

Signed-off-by: Jennifer Burns <jburns@mitre.org>

* Updated to address PR feedback

Signed-off-by: Jennifer Burns <jburns@mitre.org>
2017-08-25 22:13:43 +02:00
Chef Expeditor
5440bb782e Bump version to 1.34.1 by Chef Expeditor 2017-08-23 14:32:42 +00:00
Chef Expeditor
f0711066e7 Bump version to 1.33.15 by Chef Expeditor 2017-08-23 14:30:19 +00:00
Adam Leff
6029a4b43d Refine the profile/test summary output of the CLI formatter (#2094)
* Refine the profile/test summary output of the CLI formatter

* The "Profile Summary" is misleading as it's not a summary of profile
  success/failure but rather the controls within the profile(s). Altered
  the output to be clear. I still like calling it the "profile summary"
  but wanted to add clarity that the numbers are about the controls.

* Made the colorized output dynamic. The success/failure will only be
  green/red if there are controls/tests that fall into that category.
  That way we are not printing red failure text when there are no
  actual failures. Fixes #1752.

* Cleaned up some grammar issues. ("1 failure" vs "1 failures")

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-23 10:29:09 -04:00
Chef Expeditor
e9fecc027d Bump version to 1.33.14 by Chef Expeditor 2017-08-21 21:40:40 +00:00
Chef Expeditor
d8da929ffe Bump version to 1.33.13 by Chef Expeditor 2017-08-21 13:36:27 +00:00
Chef Expeditor
6e806110e0 Bump version to 1.33.12 by Chef Expeditor 2017-08-18 15:35:36 +00:00
Chef Expeditor
4c2d85674b Bump version to 1.33.11 by Chef Expeditor 2017-08-18 15:29:28 +00:00
Adam Leff
367d42fb3a Properly handle held packages on dpkg-flavored OS (#2087)
* check the proper field for dpkg installation state fixes #2006

Signed-off-by: Mathieu Sauve-Frankel <msf@kisoku.net>

* Properly handle held packages on dpkg-flavored OS

InSpec was looking at the wrong field in `dpkg -s` output to determine
whether a package was installed or not. An installed, held package was
incorrectly reported as uninstalled.

This adds the proper unit tests and also adds a `be_held` matcher.

Thanks to @kisoku for the initial work in #2007.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-18 17:29:23 +02:00
Chef Expeditor
443f1bf106 Bump version to 1.33.10 by Chef Expeditor 2017-08-17 14:48:51 +00:00
Stephan Renatus
bd165471e8 [docker_container] fix repo property (#2083)
With last weeks tag fix, `ourorg/container` ended up having its `repo` reported as `container`.
With this it'll be `ourorg/container` again.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-08-17 16:48:46 +02:00
Chef Expeditor
4ce6e91544 Bump version to 1.33.9 by Chef Expeditor 2017-08-17 14:08:59 +00:00
Chef Expeditor
b28cc5ab35 Bump version to 1.33.8 by Chef Expeditor 2017-08-15 19:39:12 +00:00
Christoph Hartmann
4a3511b6ce fix case where skip is called for os_env (#2078)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-08-15 21:32:21 +02:00
Chef Expeditor
48e20dbd1a Bump version to 1.33.7 by Chef Expeditor 2017-08-15 18:43:03 +00:00
Chef Expeditor
45e7a85ebb Bump version to 1.33.6 by Chef Expeditor 2017-08-15 17:46:20 +00:00
Christoph Hartmann
1a904ea7a5 Moves logic from os_env from initialize phase to runtime phase (#2072)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-08-15 13:46:13 -04:00
Chef Expeditor
e6f89664bb Bump version to 1.33.5 by Chef Expeditor 2017-08-15 03:37:23 +00:00
Christoph Hartmann
b1aba69661 add mock support for os_env resource (#2070)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-08-15 05:37:19 +02:00
Chef Expeditor
d60d95cec3 Bump version to 1.33.4 by Chef Expeditor 2017-08-14 18:57:56 +00:00
Christoph Hartmann
427f3e9ac7 Set the default cli tool for oracle db to sqlplus, during execution we will catch this missing cli but it prevents inspec check from failing if sqlplus is not available (#2057)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-08-14 14:57:51 -04:00
Chef Expeditor
5252c7452f Bump version to 1.33.3 by Chef Expeditor 2017-08-14 17:07:20 +00:00
Chef Expeditor
9fa932ba46 Bump version to 1.33.2 by Chef Expeditor 2017-08-14 13:03:52 +00:00
Christoph Hartmann
69cf0514f2 In mock setups like inspec check the command resource was executed since inspec.os.name was “” instead of unknown. I changed to nil to catch that case. (#2056)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-08-14 09:03:47 -04:00
Chef Expeditor
59c6c73572 Bump version to 1.33.1 by Chef Expeditor 2017-08-10 14:35:07 +00:00
Chef Expeditor
7f84e904fa Bump version to 1.32.3 by Chef Expeditor 2017-08-10 12:57:51 +00:00
Matt Kulka
0fc870de30 Fix docker_container.tag to properly fetch from image name (#2052)
Fixes #2051

Images with repos containing port numbers will have multiple colons.

Signed-off-by: Matt Kulka <mkulka@parchment.com>
2017-08-10 14:57:45 +02:00
Chef Expeditor
f579733205 Bump version to 1.32.2 by Chef Expeditor 2017-08-07 14:07:32 +00:00
Rony Xavier
041f64a87f New 'be_in' matcher for matching against values in a list (#2022)
* New matcher 'be_in'
Fixes #2018

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* small fixes to wording.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Added code to use be_in for with the following use case:
describe nginx do
   its(module_list) { should be_in AUTHORIZED_MODULE_LIST }
end
Fixes #2018

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updates to the matcher
Fixes #2018

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added tests for the be_in matcher

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Requested updates completed

Signed-off-by: Rony Xavier <rx294@nyu.edu>
2017-08-07 16:05:22 +02:00
Chef Expeditor
d7a254a4e5 Bump version to 1.32.1 by Chef Expeditor 2017-08-03 18:19:40 +00:00
Chef Expeditor
ff72d54011 Bump version to 1.31.8 by Chef Expeditor 2017-08-02 14:44:02 +00:00
Chef Expeditor
91eb48e21f Bump version to 1.31.7 by Chef Expeditor 2017-08-02 13:29:31 +00:00
Simonas
da75f268bc Fix issue when xinetd.conf does not end in newline (#2040)
Add a newline symbol to the end of the parsed input.

Sample hexdump of a file deployed by xinetd cookbook:

$ hexdump -C /var/chef/cache/cookbooks/xinetd/templates/default/xinetd.conf.erb | tail -2
000000b0  72 20 2f 65 74 63 2f 78  69 6e 65 74 64 2e 64     |r /etc/xinetd.d|
000000bf

Signed-off-by: Simonas Kareiva <simonas@5grupe.lt>
2017-08-02 15:29:26 +02:00
Chef Expeditor
4ae34928ca Bump version to 1.31.6 by Chef Expeditor 2017-07-29 04:22:29 +00:00
Chef Expeditor
6949e9a8fb Bump version to 1.31.5 by Chef Expeditor 2017-07-27 22:41:47 +00:00
Chef Expeditor
6c6c2cbb1f Bump version to 1.31.4 by Chef Expeditor 2017-07-24 20:02:49 +00:00
Chef Expeditor
1acd8ad014 Bump version to 1.31.3 by Chef Expeditor 2017-07-24 16:37:17 +00:00
Dominik Richter
a4bd38915c bugfix: empty file strings from archive readers (#2027)
* bugfix: empty file strings from archive readers

Empty files in archives are sometimes possible (we just ran into this with TGZ), but is never a valid file to extract. So remove it and discount it altogether. Changed structure to support testing of these global calls.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>

* lint and rebuild

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-07-24 09:37:13 -07:00
Chef Expeditor
885a7e90ca Bump version to 1.31.2 by Chef Expeditor 2017-07-24 16:11:30 +00:00
Nicolas
332842ee48 Fix https://github.com/chef/inspec/issues/2019 (#2020)
Signed-off-by: Nicolas Rodriguez <nicoladmin@free.fr>
2017-07-18 08:28:56 -07:00
Adam Leff
9580732814 Source reader should not hand back files with nil contents (#2003)
If a profile has a data files directory that looks like this:

```
files/platforms/one/data.json
files/platforms/two/data.json
files/platforms/three/data.json
```

... the source reader will return the directories in the list of files but with
nil contents. This causes an issue when Inspec::Profile tries to create a sha256
checksum of the profile contents only to try to cast nil to a string when
building the null-delimited profile contents string.

Files that are empty will have an empty string as its contents, so it's safe to
assume that file entries with nil contents are actually a directory and have no
affect on the profile's checksum. Therefore, this change will eliminate any file
entries in responses from the source readers where the contents are nil.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-11 21:33:55 +02:00
Adam Leff
1ea06ac3ea Change host resource to use getent ahosts on Linux (#2002)
* Change host resource to use getent ahosts on Linux

In InSpec 1.31, we changed the `host` resource to use `dig` instead of `getent
hosts` for name resolution because `getent hosts` does not return all entries
(only the first v6 entry if it exists, then the first v4 entry) and we wanted to
keep the Darwin and Linux implementation as close as possible. Unfortunately,
this affected users' ability to do resolution checks for entried stored in their
/etc/hosts file.

This change goes back to using `getent` for Linux and changes to `getent ahosts`
which returns both v4 and v6 records. Additionally, the Darwin provider's dig
implementation was reordered to return v4 addresses before v6 addresses to be
consistent with how `getent ahosts` returns records.

Signed-off-by: Adam Leff <adam@leff.co>

* Update unit tests for resolve_with_getent with proper output

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-11 21:32:52 +02:00
Adam Leff
c29648a623 Release v1.31.1 (#1996)
Signed-off-by: Adam Leff <adam@leff.co>
2017-07-06 16:29:20 -04:00
Adam Leff
1fdea330d3 host resource: fix netcat detection (#1995)
The logic used to determine whether a viable netcat binary exists is wrong and
prevents Linux hosts from doing TCP reachability checks.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-06 16:23:57 -04:00
Adam Leff
dd3457537e Release v1.31.0 (#1994)
Signed-off-by: Adam Leff <adam@leff.co>
2017-07-06 14:07:16 -04:00
Adam Leff
3916d7aca2 Fix formatter when two profiles have the same name (#1991)
* Fix formatter when two profiles have the same name

In the event that an InSpec runner has two profiles that are named the same
(such as when InSpec generates a profile for the Flat source reader, and Test
Kitchen is running concurrently), InSpec could hand back a profile that does not
contain the example. This leads to nil control data and ugly NilClass errors
when TK runs concurrently.

This change modifies the method that finds the profile by control to not only
match on profile name but also match on example ID.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-06 13:30:37 -04:00
Adam Leff
7bba235014 Add support for ncat in host resource for CoreOS (#1993)
CoreOS is considered a member of the Linux family, and the `host` resource tries
to use `nc` on Linux hosts to test TCP reachability. Unfortunately, `nc` is not
available on CoreOS, but `ncat` is.

This change attempts to use `nc` first, then `ncat` if it's available.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-06 13:19:16 -04:00
Adam Leff
c280e9a816 Fix host resolution on Darwin, use dig wherever possible (#1986)
* Fix host resolution on Darwin, use dig wherever possible

The `host` and `dig` commands do not return non-zero if a query returns NXDOMAIN
or NOERROR, but the DarwinHostProvider was expecting it when deciding whether to
fall back to IPv4 if a IPv6 query failed. Therefore, the `host` resource would
not function properly when resolving hostnames on Darwin. The logic has been
changed to use `dig` short output and query for both v6 and v4 addresses.

Additionally, the LinuxHostProvider has been modified to prefer `dig` if it's
available to keep behavior similar between Darwin and Linux whenever possible.
This has the added benefit of providing v6 and v4 resolution if possible where
`getent hosts` only returns v6 if v6 records exist.

Signed-off-by: Adam Leff <adam@leff.co>
2017-07-05 10:45:30 -04:00
Aaron Lippold
cc7ed38d09 kernel_module resource: added blacklisting, enabled, disabled, docs and unit tests (#1798)
* Fix up methods, add command mock, do string matching in ruby instead of command

Fixes #1643
Fixes #1673

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-05 11:41:44 +02:00
Aaron Lippold
224935e9cf New postgres_hba_conf resource (#1964)
* Created pg_hba_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Created pg_hba_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Corrections

* updated to parse auth-options

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* updated `conf_path` instance var to `conf_file` for consistancy.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* pg_hba_conf - updated the parse_line method
added test and doc files

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated few bugs on pg_hba_conf
updated test files and docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Made updates based on the reccomendations

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* PR commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* PR Commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Update Gemfile.lock

* PR Commit

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated doc file for postgres_hba_conf resource to use
'cmp' matcher instead of 'eq'

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Made requested changes, except for SimpleConfig - will address that later.

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-03 20:13:51 +02:00
Aaron Lippold
57864f1488 New postgres_ident_conf resource (#1963)
* Initial commit of pg_ident_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Initial commit of pg_ident_conf resource

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Small updates to organization of code

Signed-off-by: Aaron Lippold <lippold@gmail.com>
Signed-off-by: Rony Xaiver <rx294@nyu.edu>

* updated `conf_path` instance var to `conf_file` since we are returning
a file.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Updated few bugs on pg_ident_conf
added test files and docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Updated docs

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Added OS check

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock file

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Added mock folders

Signed-off-by: Rony Xavier <rx294@nyu.edu>
Signed-off-by: Aaron Lippold <lippold@gmail.com>

* added windows mock file

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* Changed resource name from pg_ident_conf to postgres_ident_conf

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* Completed corrections reccomended on PR

Signed-off-by: Rony Xavier <rx294@nyu.edu>

* removed copyright information

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-03 20:01:40 +02:00
Aaron Lippold
1b58763aff updated postgres_session resource properly escape queries (#1939)
* fixed a small courner case in the error detection - error: vs error
fixed resource to use 'shellwords' module to escape the query
requested chances in method architecture for testing
added unit tests

Fixes: #1814

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* updated resource and tests with requested review changes

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* removed unneeded call to `escaped_query` in the `create_sql_cmd`.

Signed-off-by: Aaron Lippold <lippold@gmail.com>

* removed license info

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-07-03 08:10:27 +02:00
Adam Leff
0d74a7dc50 Release v1.30.0 (#1978)
Signed-off-by: Adam Leff <adam@leff.co>
2017-06-29 15:19:16 -04:00
Christoph Hartmann
0839be50d6 oracle_session and mssql_session improvement (#1857)
* improve database parsing
* support sqlcli
* ensure headers are downcast
* externalize database helper
* use password as argument
* feedback from @adamleff
* inline docs update + linting
* stay backwards compatible
* implement tests
2017-06-29 11:01:32 -04:00
Adam Leff
a6582bea9b Remove any "All Rights Reserved" references (#1969)
* Remove any "All Rights Reserved" references

InSpec is licensed and released under the Apache 2.0 license. This
change removes all reference to legacy code files that still had
any Copyright or License lines referring to "All Rights Reserved".

Signed-off-by: Adam Leff <adam@leff.co>

* fix functional tests

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-06-28 04:14:19 -07:00
Jerry Aldrich III
cc6f1e90ca Add rpm_dbpath support to the package resource (#1960)
Signed-off-by: Jerry Aldrich III <jerry@chef.io>
2017-06-28 03:21:15 -07:00
Christoph Hartmann
50e762e492 fix mysql resource (#1971)
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-06-27 12:26:47 +02:00
Christoph Hartmann
8f247673e5 optimize for docker 1.13 (#1966)
Ensure docker resource works with docker 1.13+
2017-06-26 15:45:03 -04:00
Aaron Lippold
d6d9a58489 Small typo in the postgres.rb resource with a call to (#1962)
version_from_dir.

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-06-26 12:23:39 -04:00
Dominik Richter
56549aed82 add nginx_conf resource (#1889)
The resource itself only offers contents and params right now. It resolved
all include calls it can find and creates the aggregated config object.

This is limited in functionality. One last (set of) PR(s) is needed to
add an interface that makes querying this config file easier. It is due
to the file's inherent complexity that I want to explore which methods
are needed to be effective. In the meantime, this resource offers accessors
to the underlying data that are stable.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-26 06:37:41 -07:00
Christoph Hartmann
9ac36bca30 make postgres resource working in mock runner (for inspec check) (#1961)
* make postgres resource working in mock runner (for inspec check)

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>

* keep nil for empty states

Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-06-26 15:16:09 +02:00
Aaron Lippold
3bb98fa1e8 Fixes the postgres_conf parsing of complex paramerters (#1938)
Fixes #1671

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-06-23 08:31:27 -07:00
Adam Leff
f7c8c646a9 Extract Compliance::API version parsing to separate method (#1931)
For cleanliness and ease of testing, I've moved the logic that
parses the server version from the compliance config to a
separate method.

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-23 08:29:50 -07:00
Richard Shade
1fbd4b57a2 Mysql socket (#1933)
* showing how to shellout in docs

Signed-off-by: Richard Shade <rshade@rightscale.com>

* adding basic example

Signed-off-by: Richard Shade <rshade@rightscale.com>

* cleanup

Signed-off-by: Richard Shade <rshade@rightscale.com>

* adding in mysql socket, as this doesn't work with non-default installs

Signed-off-by: Richard Shade <rshade@rightscale.com>

* updating per peer review to make socket not a req, and adding port

Signed-off-by: Richard Shade <rshade@rightscale.com>

* updating docs

Signed-off-by: Richard Shade <rshade@rightscale.com>
2017-06-23 08:28:15 -07:00
Adam Leff
b4f772546b Fix directory resource output and exists check (#1950)
* Fix to_s on directory resource

The `to_s` method on the `directory` resource is not defined
in the correct class, leading `directory` resources to be printed
as the parent resource (`file`) instead.

Signed-off-by: Adam Leff <adam@leff.co>

* Directory existence should check to see if it's a directory

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-23 07:44:15 -07:00
Adam Leff
81e617e1ad Release v1.29.0 (#1955)
Signed-off-by: Adam Leff <adam@leff.co>
2017-06-22 15:16:19 -04:00
Adam Leff
1601b23e8d Don't send HTTP headers that have nil values (#1948)
Net::HTTP does not gracefully handle HTTP options/headers
that have nil values. This updates Fetchers::Url to verify
that all headers we attempt to configure have non-nil,
non-empty values.

This originally surfaced via the audit cookbook with the
chef-automate fetcher in use without the data_collector
token being set.

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-21 19:09:13 -05:00
Dominik Richter
3f68835c74 reject nil as a command input (#1863)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-19 11:07:36 -04:00
Aaron Lippold
e9371b2624 small typo in the resource with exist? function. (#1937)
Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-06-19 14:28:35 +02:00
Adam Leff
e6256a6c24 Release v1.28.1 (#1935)
Signed-off-by: Adam Leff <adam@leff.co>
2017-06-16 12:45:15 -04:00
Nolan Davidson
52cc27dd06 Adding toml resource (#1924)
* Adding toml resource

This adds a `toml` resource that inherits from the json resource and
behaves the same way as the JSON and YAML resources.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-06-15 16:54:12 -04:00
Adam Leff
3d4f1f8d39 Release 1.28.0 (#1930)
Signed-off-by: Adam Leff <adam@leff.co>
2017-06-15 14:52:03 -04:00
Justin Moy
45f3b8113c Host resource ping method should return stdout (#1927)
* Host resource ping method should return stdout

Signed-off-by: Justin Moy <justin.moy@sendgrid.com>

* output connection_output and socket_output

Signed-off-by: Justin Moy <justin.moy@sendgrid.com>

* lint

Signed-off-by: Justin Moy <justin.moy@sendgrid.com>

* remove output from method names / hash keys

Signed-off-by: Justin Moy <justin.moy@sendgrid.com>
2017-06-15 14:01:16 -04:00
Kristian Vlaardingerbroek
ced4ca1858 Add support for CoreOS to the service resource (#1928)
* s/package/service/ on service unit test descriptions

Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>

* Add support for CoreOS to the service resource

Signed-off-by: Kristian Vlaardingerbroek <kvlaardingerbroek@schubergphilis.com>
2017-06-15 13:19:58 -04:00
pete higgins
89e30f8d31 Reduce warnings (#1917)
* Remove some apparently unused test setup to remove some warnings.
* Initialize some instance variables before use to silence warnings.
* Remove an unused variable to remove a warning.
* Remove some indirection.
* Silence logger during tests.
* Check if an instance variable was defined before referencing to remove a warning.
* Define duplicated constant once in root rakefile.
* Initialize an instance variable to remove a warning.
* Remove PROJECT_DIR to reduce coupling.

Signed-off-by: Pete Higgins <pete@peterhiggins.org>
2017-06-15 12:10:47 -04:00
Justin Schuhmann
a69cd1efee Adds support for iis_app InSpec testing (#1905)
Signed-off-by: Justin Schuhmann <jmschu02@gmail.com>
2017-06-15 11:13:07 +02:00
Adam Leff
6668bf15ea Fix detection of Automate pre-0.8.x in Compliance::API (#1922)
The is_automate_server_pre_080? and is_automate_server_080_and_later?
methods needed some fixing. The Compliance configuration could have
a "version" key that was not nil but was an empty hash, indicating
that it came from a pre-0.8.x Automate server. What we really need
to look for is config['version']['version'] being nil?.

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-13 10:05:09 +02:00
Dominik Richter
9e3706aabe bugfix: enforce option values where needed (#1918)
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.:

```
> inspec exec examples/profile --password
ArgumentError: Please provide a value for --password. For example: --password=hello.
```

It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`.

Fixes: https://github.com/chef/inspec/issues/1901
As suggested: https://github.com/chef/inspec/pull/1904

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-12 17:33:16 -04:00
Dominik Richter
d48b2d4096 bugfix: reading tgz files with binread (#1920)
This is currently failing because both `alias` and `alias_method` create method imprints in the FileProvider. This leads to a failure where the TarProvider assumes it doesn't implement `binread`, which in fact it does, since it just calls `read`.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-12 13:00:19 +02:00
Adam Leff
12a495c631 Add TCP reachability support on Linux for host resource (#1915)
* Add TCP reachability support on Linux for host resource

This enhances the `host` resource on Linux targets by using netcat
(if installed) to perform TCP reachability checks.

Signed-off-by: Adam Leff <adam@leff.co>

* documentation updates

Signed-off-by: Adam Leff <adam@leff.co>

* Appease rubocop

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-09 18:18:51 +02:00
Dominik Richter
3c1df959c5 bugfix: inspec archive for tgz files on windows (#1907)
On Windows, `inspec archive` would sometimes produce incorrect archive files. These would look fine, as tgz files, but would not execute correctly. This would lead to bewildering error messages like this one:

```
Unable to parse inspec.yml: line 1, control characters are not allowed
```

Fix it by treating the files as binary before writing them to get around any encoding issues, since the stream handler is a raw io object anyway.

Closely related to https://github.com/chef/inspec/pull/1906

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-08 10:19:21 +02:00
Dominik Richter
ffdce8ab5f bugfix: reading binary profile data on windows (#1906)
On Windows, we ran into the problem that the execution of inherited profiles would (sometimes) not work. This was due to the use of `File.read` and `File.write` and handling inside the file provider, which works in most cases (especially *nix systems), but does not behave as expected on Windows. A better and more correct way of treating these files is via binary read and write mode, which changes the underlying encoding of both strings that are passed along.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-08 10:19:09 +02:00
Takaaki Furukawa
4f34e3eb83 Add support for virtualization resource (#1803)
* Add support for virtualization resource

Signed-off-by: Takaaki Furukawa <takaaki.frkw@gmail.com>

* Add some methods and documentation

Signed-off-by: Takaaki Furukawa <takaaki.frkw@gmail.com>

* Refactor collect_data_linux method

Signed-off-by: Takaaki Furukawa <takaaki.frkw@gmail.com>

* Remove unnecessary hash from virtualization resource and update examples

Signed-off-by: Takaaki Furukawa <takaaki.frkw@gmail.com>
2017-06-07 14:10:29 +02:00
Dominik Richter
d051c8bdf1 bugfix: remove duplicate message in describe.one blocks
Generated duplicate messages due to the way that examples are aggregated in RSpec. Make sure we never show any duplicate test result messages, as they offer not value to any user.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-07 01:27:47 +02:00
Adam Leff
170fca3908
Release v1.27.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-06-06 11:46:54 -04:00
Dominik Richter
1c6fa01190 Merge pull request #1758 from aaronlippold/al/postgres-version-fix
funtion to get pgsql version, exposed version, cluster and fixed session
2017-06-06 15:38:27 +02:00
Juan Carlos Castillo Cano
1c98ff13f6 Support special cases for crontab resource
Signed-off-by: Juan Carlos Castillo Cano <jccastillocano@gmail.com>
2017-06-06 15:12:12 +02:00
Adam Leff
dda24b9f98 Fix compliance uploads when version is not present
The Compliance::API.version method could potentially return
a hash containing no "version" key but would return an empty
hash upon any expected failure. Downstream callers of the
Compliance::API.version method were looking for a "version"
key to always be present when, in some cases, it would not be.

This change ensures that if a version is not available, there
is no "version" key in the hash, and downstream callers of this
method have been changed to check for nil instead of empty.

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-06 14:49:25 +02:00
Dominik Richter
5fd558f247 Merge pull request #1850 from username-is-already-taken2/gb/fix_1839
Fix command exists check on Windows with full paths
2017-06-06 14:46:41 +02:00
Dominik Richter
871c6266c9 Merge pull request #1878 from username-is-already-taken2/gb/update_processes
Add windows support to the `processes` resource
2017-06-06 14:42:14 +02:00
Adam Leff
587cdf5bee Merge pull request #1860 from chef/ap/contain_duplicates_deprecation
Commenting the `contain_duplicates` deprecation until we have a good alternative
2017-06-06 08:05:09 -04:00
Adam Leff
5f58450ccd
Remove commented-out deprecation warning
We can add it back in when we have a better solution and we actually
want to deprecate it.

Signed-off-by: Adam Leff <adam@leff.co>
2017-06-06 07:25:04 -04:00
username-is-already-taken2
9d9baeb09f Added windows support to the processes resource
Signed-off-by: username-is-already-taken2 <digitalgaz@hotmail.com>
2017-06-05 23:41:02 +01:00
stubblyhead
ba0a1ea7a7 add bitbucket repo url handling (#1866)
* add bitbucket repo url handling

Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>

* backout changes to .gitignore

* adding unit tests for bitbucket url transformers

Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>

* fixing some indents

Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>

* fix some indents

Signed-off-by: Mike Stevenson <Mike.Stevenson@us.logicalis.com>
2017-06-05 16:02:56 +02:00
Aaron Lippold
3c02de9e46 funtion to get pgsql version, exposed version, cluster and fixed session
included requested /var/lib/postgresql/data to cover #1673 as well

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-06-03 18:27:52 -04:00
Dominik Richter
562f6ad732 add the Nginx parser
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-03 17:25:00 +02:00
Dominik Richter
7d1f16d9bf support FIPS 140-2 compliant digest calls
Calling the `digest` library directly unfortunately causes issues in FIPS 140-2 mode:

    sha512.c(81): OpenSSL internal error, assertion failed: Low level API call to digest SHA512 forbidden in FIPS mode!

Switching to `OpenSSL` as the caller resolve these issues

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-06-03 02:17:24 +02:00
Christoph Hartmann
be2453def6 Merge pull request #1875 from ndobson/fixrefreshtoken
Fix version method call for refresh token
2017-05-31 22:05:20 -05:00
Adam Leff
b7cc6c31b7 Merge pull request #1869 from seththoenen/fix-host-windows
Add warningaction to test-netconnection
2017-05-31 15:42:38 -04:00
Adam Leff
f14ed844a9 Merge pull request #1856 from chef/chris-rock/1828
Fix parameters to `find` commands
2017-05-31 14:35:32 -04:00
Nick Dobson
7a4ff97863 Fix version method call
Signed-off-by: Nick Dobson <nick.dobson@me.com>
2017-05-31 10:44:14 -05:00
Christoph Hartmann
687f1a5827 update unit tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Christoph Hartmann
a6ef98c896 verifies that inspec.yml uses licenses in SPDX format
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Christoph Hartmann
57097ea2a9 fix #1828
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:20:42 -05:00
Aaron Lippold
eacae80649 small syntax fix to interface resource.
addresses #1828

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-05-31 00:20:42 -05:00
Christoph Hartmann
7498a74a82 1.26.0
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-30 23:38:38 -05:00
Dominik Richter
e0e5aee6a4 bugfix: sudo-detection for target execution
When running `inspec exec` without the `target` option but against remote endpoints OR when executing it with the `localhost://` target AND having `--sudo` active it would abort the execution. `--target` is a helper to set the Train parameters for `backend`, `host`, `user`, `port`, and potentially `password`. The detection would fail on providing any of these separately without specifying `--target`. The same holds true for the `localhost` train backend or just `localhost://` target.

This type of detection has since moved to Train. The driving reason was to have this very useful check for localhost vs sudo run for any type of inspec (or for that matter: train) execution.

This PR depends on https://github.com/chef/train/pull/179 and the next release of train.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 18:15:44 -05:00
Christoph Hartmann
1f647e1100 Merge pull request #1865 from chef/dr/unsupported-os-powershell
bugfix: do not send nil to command on unsupported OS
2017-05-30 18:14:44 -05:00
Seth Thoenen
868f4872fe Add warningaction to test-netconnection
Signed-off-by: Seth Thoenen <seththoenen@gmail.com>
2017-05-30 15:28:04 -05:00
Dominik Richter
ba149a9e1a bugfix: do not send nil to command on unsupported OS
Unsupported operating systems AND the mockloader when using inspec analysis tools may lead to powershell being called with the command being `nil`, because the resource skips during the initialize phase. Instead, propagate an empty string so that `command` has a valid input and then skip the resource.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 12:36:32 -04:00
Dominik Richter
a0e8be2568 bugfix: non-url servers with compliance login
Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs.

Fixes #1473

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 12:04:21 -04:00
username-is-already-taken2
b423e300ef Amended command.rb to resolve issue 1839
Signed-off-by: username-is-already-taken2 <gary.bright@niu-solutions.com>
2017-05-30 14:56:31 +01:00
Alex Pop
3171f46c7d Commenting out the contain_duplicates deprecation until we have a good alternative.
Signed-off-by: Alex Pop <apop@chef.io>
2017-05-30 13:41:44 +01:00
Adam Leff
266f061b9e Habitat Profiles: redirect stderr to stdout
Due to habitat-sh/habitat#2395, we shouldn't try to log stderr output
to a file for now. While this makes for a less-than-awesome UX, it's
better than a process locking up due to a buffer filling up!

This change redirects stderr from InSpec to stdout and adds some
helpful troubleshooting messages. Should InSpec be able to generate
unique exit codes for when controls fail (vs. a Ruby eval failure)
then we can fix this up some more, too.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 15:31:26 -04:00
Adam Leff
9182ba8574 Update interface resource docs
The `interface` resource currently refers to methods that don't
yet exist. Fixing the docs for now and will add the features
later.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 15:20:50 -04:00
Seth Chisamore
798aebf672 Bump default timeouts for http resource
This changes the default read and open timeouts to be 60 seconds which
matches the defaults for `Net::HTTP` backend which Faraday uses by
default:
https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#read_timeout-attribute-method
https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#open_timeout-attribute-method

The current timeout values are too small which causes tests to be
flakey.

Signed-off-by: Seth Chisamore <schisamo@chef.io>
2017-05-29 15:07:49 -04:00
Christoph Hartmann
45afca2e98 Merge pull request #1844 from cattywampus/cattywampus/gem-not-installed
Fix assert that a gem is not installed
2017-05-29 15:06:36 -04:00
Dominik Richter
b1419b84bf Merge pull request #1851 from username-is-already-taken2/gb/patch_1571
Amended the processes resource to skip on windows
2017-05-28 10:35:29 -04:00
Christoph Hartmann
da0b98f4d2 Merge pull request #1852 from aaronlippold/dr/postgres
bugfix: postgres relative path includes
2017-05-27 19:35:22 -04:00
Adam Leff
88581ae3dd
Raise exception if profile target URL cannot be parsed
When attempting to parse the profile out of the target URL, we
were not raising an exception if we failed to do so. Such a situation
could arise if a user's inspec config.json is incorrect either due to
manual editing or failure to re-login after an upgrade past Automate
0.8.0.

This change provides a clear exception if this occurs and also adds
tests for the compliance_profile_name method.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-26 14:30:37 -05:00
Aaron Lippold
dbd3b5c23d bugfix: postgres relative path includes
Postgres configuration doesnt always include absolute paths. When using relative paths it will fail!

Also: We treat the include as either a string or an array; when the first condition succeeds and you get a string and the second fails you get a array => ruby tries to add a string with an array and fails. This is now fixed as well.

Fixes: https://github.com/chef/inspec/issues/1780
Fixes: https://github.com/chef/inspec/issues/1738

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-05-26 14:49:24 -04:00
username-is-already-taken2
f1057ac754 Amended the process resource to skip on windows
Signed-off-by: username-is-already-taken2 <gary.bright@niu-solutions.com>
2017-05-26 16:33:30 +01:00
gbright
b17f0de7cf Amended to resolve issue 1839
Signed-off-by: username-is-already-taken2 <gary.bright@niu-solutions.com>
2017-05-25 21:02:01 +01:00
Keith Walters
215ef38ee9 Fix installed? check for gem resource
The gem resource used to determine if a gem is installed based on the exit
status of the `gem` command, however that command will return zero
if the package was found or not. This patch checks to ensure that the
`gem list` command actually includes the gem name or is empty to
determine if the gem is in fact installed.

If the gem command returns something other than a `0` exit code, then
it'll skip the resource.

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
2017-05-22 15:34:01 -05:00
Adam Leff
e06359fc40
Release 1.25.1
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-19 21:22:30 -04:00
Adam Leff
81bfdf2d55
Fix is_automate_server_080_and_later? call
Method name was incorrect (missing `?`) and also was missing
the required config parameter.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-19 21:07:58 -04:00
Seth Thomas
9f30fe1726 Fixing typo on method name
Signed-off-by: Seth Thomas <sthomas@chef.io>
2017-05-19 19:58:46 -04:00
Christoph Hartmann
b0ab35d941
throw an error during inspec check if the version is not correct
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-18 09:13:37 -04:00
Adam Leff
87e3c6c3a9
Release InSpec 1.25.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-17 13:36:15 -04:00
Christoph Hartmann
1aa223c99b return version as json
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-17 15:21:40 +02:00
Christoph Hartmann
5cc288d5df support new automate 0.8.0
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-17 15:02:08 +02:00
Christoph Hartmann
8b015f521a Merge pull request #1816 from chef/dr/source
bugfix: read source code if profile is in tgz/zip
2017-05-16 13:32:13 +02:00
Dominik Richter
b23c197202 bugfix: read source code if profile is in tgz/zip
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-16 13:19:25 +02:00
Adam Leff
6ebb62dc10 Merge pull request #1727 from elliott-davis/fix_postgres_resource
Update postgresql conf resource to accept include_dir as a string as well as an array
2017-05-15 22:03:23 -04:00
Adam Leff
162b0d8cb8
Release v1.24.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-11 14:46:20 -04:00
Adam Leff
a5e5cc0dec Merge pull request #1714 from aaronlippold/postgres-session-update
updated the psql command so that it does not print the headers and ex…
2017-05-11 14:34:05 -04:00
echohack
b5d0012679 minor ui fix
Signed-off-by: echohack <echohack@users.noreply.github.com>
2017-05-11 11:10:01 -07:00
Aaron Lippold
684d81d4c2 psql doesn't print headers + extra output + cconfigurable host + docs
Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-05-11 08:58:55 -04:00
Dominik Richter
d44b751603 add sha256 checksum to json
Fixes https://github.com/chef/inspec/issues/1658

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-11 09:52:28 +02:00
Adam Leff
2fef5202fa Merge pull request #1791 from elliott-davis/elliott/fixup_hab_plan
Update hab exporter to use inspec in path over calling to hab sup
2017-05-10 07:38:56 -04:00
Dominik Richter
169268740d add platform info to json formatter
As part of https://github.com/chef/inspec/issues/1661

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-10 10:13:18 +02:00
Elliott Davis
31645968e2 Update hab exporter to use inspec in path over calling to hab sup
Signed-off-by: Elliott Davis <edavis@chef.io>
2017-05-09 20:09:33 -05:00
Dominik Richter
39d35dd99f Merge pull request #1779 from aaronlippold/al/mysql-session-update
Al/mysql session update
2017-05-09 21:28:17 +02:00
Aaron Lippold
8bad7d896f updated to have feature parity with other sql resources
Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-05-09 14:56:05 -04:00
Nolan Davidson
8f0756812c Add support for Windows auth in mssql_resourcet
This adds supports for connecting to MS SQL instances using Window
authentication rather than SQL authentication.  By leaving either the
user or password parameters blank causes the sqlcmd to leave off the -U
and -P params.  This will cause sqlcmd to authenticate as the current
Windows user.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-09 17:17:07 +02:00
Adam Leff
a21bdc4a04 Handle parse errors for attrs/secrets
Inspired by #1640, this change cleans up the logic used when
reading in secrets files, provides clearer warnings when the
secrets files can't be parsed, and adds tests for those methods.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-09 13:44:33 +02:00
Dominik Richter
00682eb2d2 Merge pull request #1751 from nsdavidson/add-oracle-session
Add an oracle_session resource
2017-05-09 13:21:53 +02:00
Nolan Davidson
ba6745444e Renaming oracle_session to oracledb_session
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-05 13:11:07 -04:00
Nolan Davidson
55beed4bc8 Resolving rubucop issues
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-05 10:11:53 -04:00
Nolan Davidson
fbe7b8ddf8 Refactor to options hash and add unit tests
Switched the oracle_session resource to take an option hash and allow
for configuring hostname, DB_SID, and sqlplus binary path.

Added unit tests.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-05 09:29:38 -04:00
Adam Leff
eef4a574d8
Release v1.23.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-04 15:08:53 -04:00
Nathan L Smith
e3c62ec0dc Add command-line completions for fish shell
Since the command to enable them is different, also make that change in
the output based on the shell used.

Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-04 11:42:13 -05:00
Dominik Richter
5d1765c9bb add inspec.profile.file(...) for profile files
Fixes https://github.com/chef/inspec/issues/1396

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-03 20:39:27 +02:00
Christoph Hartmann
3b8801116f Merge pull request #1749 from chef/adamleff/fix-no-color
Make the --no-color flag work for inspec exec
2017-05-02 22:07:40 +02:00
Christoph Hartmann
735b505ecc Merge pull request #1735 from chef/rhass/hab-fixes
Habitat profile bug fixes and improvements
2017-05-02 20:27:38 +02:00
Nolan Davidson
57731e1e50 Changing oracle_session back to using escaped query.
Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-02 11:03:45 -04:00
Adam Leff
04c43c6834
Make the --no-color flag work for inspec exec
The CLI formatter is not currently honoring the --no-color flag
when outputting CLI output. This change cleans up how we format
with color and properly support the flag for use cases where
color-encoding characters make the output difficult to use
(i.e. when someone redirects CLI output to a text file for
sharing with others).

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-02 09:52:01 -05:00
Nolan Davidson
9cd69ce4af Add an oracle_session resource
This adds an oracle_session resource similar to the existing resource
for MySQL and MSSQL.  It assumes the sqlplus tool is installed and in
the path of the user InSpec connects as.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2017-05-02 10:50:20 -04:00
Adam Leff
6ed5379134 Error and exit when using --sudo locally
Running `inspec exec` with --sudo locally produces unintended results
given that we cannot escalate local Ruby methods after we're already
running. --sudo is meant to only be used with remote targets. We do
not currently enforce that.

This change will print an error for the user if they attempt to use
--sudo with a local exec and exit non-zero.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-02 12:41:02 +02:00
Dominik Richter
0651a36346 Merge pull request #1746 from chef/adamleff/fix-xinetd
Fix xinetd resource failing when file cannot be read
2017-05-02 11:43:31 +02:00
Adam Leff
bc2458bf5a
Fix YAML resource documentation
The `yaml` resource documentation was missing many clues that users
need to successfully use the resource.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-01 16:16:00 -05:00
Adam Leff
6819940067
Fix xinetd resource failing when file cannot be read
The file resource's `#content` method will return nil if the file
cannot be read for permissions issues. If you try to run a profile
that uses the `xinetd` resource without sudo privileges, InSpec
would try to call `#empty` on nil.

This change fixes this issue by checking for nil before checking
for emptiness.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-01 15:59:07 -05:00
Ryan Hass
99ebae186b Fix exit status check in hab run hook generator.
The exit status would never return "InSpec run completed successfully"
since the value of $RC was always an integer which never was prefixed
with an "x". This checks the return directly since we currently do not
have any complex logic which warrants the need to check different
return status values where a prefixed return code is necessary.

Signed-off-by: Ryan Hass <rhass@users.noreply.github.com>
2017-04-28 11:54:13 -07:00
Ryan Hass
4622de7a28 Update habitat plan and hook generators
* Fixed bug with install step where profile would include the .hart
  files from previous builds.
* Updated the generated plan to support plan.sh syntax changes in
  habitat 0.21.0 and later by removing the `pkg_source` and the
  `do_download`, `do_verify`, and `do_unpack` overrides.
* Updated the generate run hook to leverage habitat to perform most of
  the origin, package name, and path variable interpolations.

Signed-off-by: Ryan Hass <rhass@users.noreply.github.com>
2017-04-28 09:31:11 -07:00
Christoph Hartmann
ed137ae052 Merge pull request #1737 from chef/dr/deprecation-messages
rename old deprecations that were meant for 1.0
2017-04-28 12:40:13 +02:00
Dominik Richter
144dede6eb rename old deprecations that were meant for 1.0
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-04-28 12:09:24 +02:00
Adam Leff
a1769cc01b
Update inspec.io references in docs/code
The website is now at https://www.inspec.io - updating all inspec.io
references accordingly. :)

Signed-off-by: Adam Leff <adam@leff.co>
2017-04-27 18:05:51 -04:00