-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat/updates cinc inspec v4 #85
Feat/updates cinc inspec v4 #85
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@deric4 those changes are great. Thank you
@deric4 Can you please sign-off your commits? |
Signed-off-by: Deric Miguel <dmiguel@logicworks.net>
3a44f0b
to
f86419f
Compare
Gemfile
Outdated
group :tools do | ||
gem 'github_changelog_generator', '~> 1.12.0' | ||
source 'https://packagecloud.io/cinc-project/stable' do | ||
gem "chef-config" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We still need to fix the robucop issues as reported by travis https://travis-ci.org/github/dev-sec/cis-dil-benchmark/builds/717146821?utm_source=github_status&utm_medium=notification
Offenses:
488
489Gemfile:3:48: C: Style/HashSyntax: Use the new Ruby 1.9 hash syntax.
490gem 'github_changelog_generator', '~> 1.12.0', :source => 'https://rubygems.org/'
491 ^^^^^^^^^^
492Gemfile:4:13: C: Style/HashSyntax: Use the new Ruby 1.9 hash syntax.
493gem 'rake', :source => 'https://rubygems.org/'
494 ^^^^^^^^^^
495Gemfile:5:16: C: Style/HashSyntax: Use the new Ruby 1.9 hash syntax.
496gem 'rubocop', :source => 'https://rubygems.org/'
497 ^^^^^^^^^^
498Gemfile:6:16: C: Style/HashSyntax: Use the new Ruby 1.9 hash syntax.
499gem 'unf_ext', :source => 'https://rubygems.org/'
500 ^^^^^^^^^^
501Gemfile:9:7: C: Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
502 gem "chef-config"
503 ^^^^^^^^^^^^^
504Gemfile:10:7: C: Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
505 gem "chef-utils"
506 ^^^^^^^^^^^^
507Gemfile:11:7: C: Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
508 gem "cinc-auditor-bin"
509 ^^^^^^^^^^^^^^^^^^
510Gemfile:12:7: C: Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
511 gem "inspec"
512 ^^^^^^^^
513Gemfile:13:7: C: Style/StringLiterals: Prefer single-quoted strings when you don't need string interpolation or special symbols.
514 gem "inspec-core"
515 ^^^^^^^^^^^^^
@chris-rock ya! sorry about that! thought i had that configured. I've been hacking around with the Gemfile and make sure dependencies are correct. If the |
So far we have not used cinc-auditor and Inspec in parallel. We planned to switch to cinc-auditor but have not done the switch for the profiles yet. PRs are welcome to switch the profiles to cinc-auditor I am not sure which specific issue you face with the profile vendoring. In general, we do not vendor profiles for dev-sec development. |
Signed-off-by: Deric Miguel <dmiguel@logicworks.net>
Ok, was just curious if anything else could be added to the rake file. For example, installing a plugin with Inspec: $ which inspec
/usr/local/bin/inspec
$ inspec version
4.21.3
$ inspec plugin install inspec-iggy
Fetching inspec-iggy-0.8.0.gem
inspec-iggy plugin, version 0.8.0, installed from rubygems.org will cause my previously working cinc-auditor to fail: bundle exec cinc-auditor version
[2020-08-11T22:46:54-07:00] ERROR: Could not load plugin inspec-iggy: Unable to resolve dependency: user requested 'inspec-iggy (> 0)'
[2020-08-11T22:46:56-07:00] ERROR: Errors were encountered while loading plugins...
[2020-08-11T22:46:56-07:00] ERROR: Plugin name: inspec-iggy
[2020-08-11T22:46:56-07:00] ERROR: Error: Unable to resolve dependency: user requested 'inspec-iggy (> 0)'
[2020-08-11T22:46:56-07:00] ERROR: Run again with --debug for a stacktrace. running $ bundle exec cinc-auditor version
4.22.8 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is so cool what you did there !! For me, it is good to merge and give it a try.
updates to use cinc-auditor v4
able to run
bundle exec rake lint
andbundle exec rake test:check
and reports output in json formatExample
rake test:check
output