Commit graph

3683 commits

Author SHA1 Message Date
Adam Leff
e254f79392 Merge pull request #1858 from chef/chris-rock/spdx
verifies that inspec.yml uses licenses in SPDX format
2017-05-31 14:28:18 -04:00
Dominik Richter
199ad03318 Merge pull request #1874 from chef/adamleff/remove-chefconf-banner
Removing ChefConf banner from website
2017-05-31 08:39:21 -04:00
Adam Leff
efc6623168
Removing ChefConf banner from website
ChefConf 2017 has come and gone... time to remove
the banner.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-31 07:38:23 -04:00
Christoph Hartmann
687f1a5827 update unit tests
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Christoph Hartmann
a6ef98c896 verifies that inspec.yml uses licenses in SPDX format
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-31 00:21:05 -05:00
Dominik Richter
3f7b049981 Merge pull request #1871 from chef/1.26.0
1.26.0
2017-05-31 01:06:12 -04:00
Christoph Hartmann
7498a74a82 1.26.0
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-30 23:38:38 -05:00
Dominik Richter
72f4d4be89 Merge pull request #1873 from chef/dr/fix-sudo-test
bugfix: adjust localhost+sudo test output to train update
2017-05-31 00:27:20 -04:00
Christoph Hartmann
91d95c878b update chef version for openssl cookbook
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-30 23:09:21 -05:00
Dominik Richter
84fe398e49 bugfix: adjust localhost+sudo test output to train update
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 22:40:05 -05:00
Christoph Hartmann
2dd05857cf Merge pull request #1870 from chef/dr/sudo-fx
bugfix: sudo-detection for target execution
2017-05-30 18:24:49 -05:00
Dominik Richter
e0e5aee6a4 bugfix: sudo-detection for target execution
When running `inspec exec` without the `target` option but against remote endpoints OR when executing it with the `localhost://` target AND having `--sudo` active it would abort the execution. `--target` is a helper to set the Train parameters for `backend`, `host`, `user`, `port`, and potentially `password`. The detection would fail on providing any of these separately without specifying `--target`. The same holds true for the `localhost` train backend or just `localhost://` target.

This type of detection has since moved to Train. The driving reason was to have this very useful check for localhost vs sudo run for any type of inspec (or for that matter: train) execution.

This PR depends on https://github.com/chef/train/pull/179 and the next release of train.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 18:15:44 -05:00
Christoph Hartmann
1f647e1100 Merge pull request #1865 from chef/dr/unsupported-os-powershell
bugfix: do not send nil to command on unsupported OS
2017-05-30 18:14:44 -05:00
Christoph Hartmann
58ec231868 Merge pull request #1861 from chef/dr/uri-fix
bugfix: non-url servers with compliance login
2017-05-30 18:13:28 -05:00
Dominik Richter
ba149a9e1a bugfix: do not send nil to command on unsupported OS
Unsupported operating systems AND the mockloader when using inspec analysis tools may lead to powershell being called with the command being `nil`, because the resource skips during the initialize phase. Instead, propagate an empty string so that `command` has a valid input and then skip the resource.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 12:36:32 -04:00
Dominik Richter
a0e8be2568 bugfix: non-url servers with compliance login
Non-url URIs may have lead to broader crashes than initially fixed. Overwrite all URL resolvers in the plugin to work with these non-schema URLs.

Fixes #1473

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2017-05-30 12:04:21 -04:00
Christoph Hartmann
58baf5f378 Merge pull request #1838 from chef/adamleff/fix-docs-task
Allow docs Rake task to be run from outside www dir
2017-05-29 16:14:25 -04:00
Adam Leff
24e2ffb7e0 Allow docs Rake task to be run from outside www dir
The docs Rake task requires classes defined in the "shared"
Rake tasks file. However, only the www Rakefile includes the
"shared" tasks file.

Since the "docs" Rake task is what needs it, I'm adding a require
there to ensure it works from outside the www directory.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 16:00:19 -04:00
Christoph Hartmann
e87350da88 Merge pull request #1820 from chef/nls/hab-updates
Improvements to Habitat plan
2017-05-29 15:57:43 -04:00
Nathan L Smith
6324a6d289 Improvements to Habitat plan
These are kind of all over the place, but should improve things:

* Use the new `pkg_version` mechanism to set the version, and fail if
  the VERSION file is not present
* Use inspec.io for the upstream url
* Remove pkg_source and it's associated callbacks; they aren't required
  any more
* Alphabetize the deps list
* Remove duplicate coreutils from build deps
* Move environment variable setting to `do_prepare`
* Delete all binstubs in bin that aren't inspec
* Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the
  developer's Gemfile
* Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582)
* Use install instead of cp to drop off Gemfile.lock
* Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile
* Disable `do_strip` to decrease build time and because we don't need it

Works for me on Habitat 0.23.

Since all the "building" is done now in `do_install`, it would be
possible to define a `do_check` that runs `inspec exec` on profiles to
verify inspec is working by running inspec.

Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-29 15:41:26 -04:00
Christoph Hartmann
5038b29616 Merge pull request #1826 from chef/adamleff/no-more-stderr
Habitat Profiles: redirect stderr to stdout
2017-05-29 15:40:44 -04:00
Adam Leff
266f061b9e Habitat Profiles: redirect stderr to stdout
Due to habitat-sh/habitat#2395, we shouldn't try to log stderr output
to a file for now. While this makes for a less-than-awesome UX, it's
better than a process locking up due to a buffer filling up!

This change redirects stderr from InSpec to stdout and adds some
helpful troubleshooting messages. Should InSpec be able to generate
unique exit codes for when controls fail (vs. a Ruby eval failure)
then we can fix this up some more, too.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 15:31:26 -04:00
Christoph Hartmann
93f1c55782 Merge pull request #1833 from chef/adamleff/fix-interface-docs
Update interface resource docs
2017-05-29 15:30:53 -04:00
Adam Leff
333c7f15aa Updating docs to show the interface name is required
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 15:20:50 -04:00
Adam Leff
9182ba8574 Update interface resource docs
The `interface` resource currently refers to methods that don't
yet exist. Fixing the docs for now and will add the features
later.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-29 15:20:50 -04:00
Christoph Hartmann
c9a7f65386 Merge pull request #1835 from chef/schisamo/http-resource-default-timeouts
Bump default timeouts for `http` resource
2017-05-29 15:20:11 -04:00
Seth Chisamore
798aebf672 Bump default timeouts for http resource
This changes the default read and open timeouts to be 60 seconds which
matches the defaults for `Net::HTTP` backend which Faraday uses by
default:
https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#read_timeout-attribute-method
https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#open_timeout-attribute-method

The current timeout values are too small which causes tests to be
flakey.

Signed-off-by: Seth Chisamore <schisamo@chef.io>
2017-05-29 15:07:49 -04:00
Christoph Hartmann
45afca2e98 Merge pull request #1844 from cattywampus/cattywampus/gem-not-installed
Fix assert that a gem is not installed
2017-05-29 15:06:36 -04:00
Dominik Richter
b1419b84bf Merge pull request #1851 from username-is-already-taken2/gb/patch_1571
Amended the processes resource to skip on windows
2017-05-28 10:35:29 -04:00
Christoph Hartmann
da0b98f4d2 Merge pull request #1852 from aaronlippold/dr/postgres
bugfix: postgres relative path includes
2017-05-27 19:35:22 -04:00
Dominik Richter
9b959b15f3 Merge pull request #1853 from chef/adamleff/raise-if-profile-url-is-bad
Raise exception if profile target URL cannot be parsed
2017-05-26 17:24:52 -05:00
Adam Leff
88581ae3dd
Raise exception if profile target URL cannot be parsed
When attempting to parse the profile out of the target URL, we
were not raising an exception if we failed to do so. Such a situation
could arise if a user's inspec config.json is incorrect either due to
manual editing or failure to re-login after an upgrade past Automate
0.8.0.

This change provides a clear exception if this occurs and also adds
tests for the compliance_profile_name method.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-26 14:30:37 -05:00
Aaron Lippold
dbd3b5c23d bugfix: postgres relative path includes
Postgres configuration doesnt always include absolute paths. When using relative paths it will fail!

Also: We treat the include as either a string or an array; when the first condition succeeds and you get a string and the second fails you get a array => ruby tries to add a string with an array and fails. This is now fixed as well.

Fixes: https://github.com/chef/inspec/issues/1780
Fixes: https://github.com/chef/inspec/issues/1738

Signed-off-by: Aaron Lippold <lippold@gmail.com>
2017-05-26 14:49:24 -04:00
username-is-already-taken2
f1057ac754 Amended the process resource to skip on windows
Signed-off-by: username-is-already-taken2 <gary.bright@niu-solutions.com>
2017-05-26 16:33:30 +01:00
Keith Walters
215ef38ee9 Fix installed? check for gem resource
The gem resource used to determine if a gem is installed based on the exit
status of the `gem` command, however that command will return zero
if the package was found or not. This patch checks to ensure that the
`gem list` command actually includes the gem name or is empty to
determine if the gem is in fact installed.

If the gem command returns something other than a `0` exit code, then
it'll skip the resource.

Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
2017-05-22 15:34:01 -05:00
Adam Leff
9e71c94b83 Merge pull request #1842 from chef/adamleff/release-1.25.1
Release 1.25.1
2017-05-19 21:23:12 -04:00
Adam Leff
e06359fc40
Release 1.25.1
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-19 21:22:30 -04:00
Adam Leff
91d51b371a Merge pull request #1841 from chef/fix-method
Fixing typo on method name
2017-05-19 21:19:27 -04:00
Adam Leff
81bfdf2d55
Fix is_automate_server_080_and_later? call
Method name was incorrect (missing `?`) and also was missing
the required config parameter.

Signed-off-by: Adam Leff <adam@leff.co>
2017-05-19 21:07:58 -04:00
Seth Thomas
9f30fe1726 Fixing typo on method name
Signed-off-by: Seth Thomas <sthomas@chef.io>
2017-05-19 19:58:46 -04:00
Adam Leff
6c53188e85 Merge pull request #1832 from chef/chris-rock/version-error
throw an error during inspec check if the version is not correct
2017-05-18 09:30:33 -04:00
Christoph Hartmann
b0ab35d941
throw an error during inspec check if the version is not correct
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-18 09:13:37 -04:00
Adam Leff
35dda621d7 Merge pull request #1824 from chef/adamleff/release-1.25.0
Release InSpec 1.25.0
2017-05-17 13:37:11 -04:00
Adam Leff
87e3c6c3a9
Release InSpec 1.25.0
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-17 13:36:15 -04:00
Adam Leff
60825a3ec2 Merge pull request #1822 from chef/chris-rock/version-as-json
return version as json
2017-05-17 09:53:49 -04:00
Adam Leff
0d91fefd6a
Added functional tests for inspec version --format json
Signed-off-by: Adam Leff <adam@leff.co>
2017-05-17 09:41:38 -04:00
Christoph Hartmann
1aa223c99b return version as json
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-17 15:21:40 +02:00
Christoph Hartmann
3140eeae35 Merge pull request #1819 from chef/chris-rock/compliance-plugin
support new automate compliance backend
2017-05-17 15:15:56 +02:00
Christoph Hartmann
5cc288d5df support new automate 0.8.0
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-17 15:02:08 +02:00
Christoph Hartmann
8b015f521a Merge pull request #1816 from chef/dr/source
bugfix: read source code if profile is in tgz/zip
2017-05-16 13:32:13 +02:00