inspec

package

v0.0.0-...-0490640 Latest Latest Go to latest Published: May 16, 2019 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/athmakuru/chef-automate

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func Archive(profilePath string, outputPath string) error
func Detect(target *TargetConfig, timeout time.Duration, env map[string]string) (*OSInfo, *Error)
func Json(profilePath string) ([]byte, error)
func PrettyPrintJSON(b []byte) ([]byte, error)
type Attribute
type CheckMessage
type CheckResult
- func Check(profilePath string) (CheckResult, error)
- func (results *CheckResult) ToJSON() ([]byte, error)
type Control
- func (control *Control) ImpactName() string
- func (control *Control) Status() string
type Dependency
type Error
- func NewInspecError(typ string, message string) *Error
- func Scan(paths []string, target *TargetConfig, timeout time.Duration, ...) ([]byte, []byte, *Error)
type Group
type Metadata
- func (yml *Metadata) Parse(data []byte) error
- func (yml *Metadata) ParseJSON(data []byte) error
type OSInfo
type Platform
type Profile
- func (profile *Profile) FromJSON(content []byte) error
- func (profile *Profile) ToJSON() ([]byte, error)
type Report
- func (report *Report) ToJSON() ([]byte, error)
type Reporter
type Result
type Secrets
type SourceLocation
type Support
type TargetBaseConfig
type TargetConfig

Constants ¶

View Source

const (
	ResultStatusPassed  string = "passed"
	ResultStatusSkipped string = "skipped"
	ResultStatusFailed  string = "failed"
)

View Source

const (
	BackendSSH        = "ssh"
	BackendSSM        = "ssm"
	BackendWinRm      = "winrm"
	BackendSSMWindows = "ssm:windows"
	BackendAZ         = "az-run-command"
	BackendAZWindows  = "az-run-command:windows"
	BashScript        = "bash"
	PowershellScript  = "powershell"
)

View Source

const AUTH_FAILED = "authentication failed"

View Source

const CONN_REFUSED = "connection refused"

View Source

const CONN_TIMEOUT = "connection timed out"

View Source

const CRITICAL = "critical"

View Source

const INVALID_OUTPUT = "invalid output"

View Source

const INVALID_PARAM = "invalid parameter"

View Source

const MAJOR = "major"

View Source

const MINOR = "minor"

control impact names

View Source

const NO_CREDS_PROVIDED = "no credentials provided"

View Source

const NO_SUDO = "no sudo"

View Source

const RESPONSE_ERROR = "response error"

View Source

const SUDO_PW_REQUIRED = "sudo password required"

View Source

const UNKNOWN_ERROR = "unknown error"

View Source

const UNREACHABLE_HOST = "unreachable host"

View Source

const UNSUPPORTED_OS = "unsupported OS"

View Source

const WRONG_SUDO_PW = "wrong sudo password"

Variables ¶

View Source

var BackendCache bool

BackendCache used for configuring inspec exec command, passed in via config flag

View Source

var TmpDir string

TmpDir is used for setting the location of the /tmp dir to be used by inspec for caching

Functions ¶

func Archive ¶

func Archive(profilePath string, outputPath string) error

Archives a directory to a TAR.GZ

func Detect ¶

func Detect(target *TargetConfig, timeout time.Duration, env map[string]string) (*OSInfo, *Error)

Detect retrieves a target's operating system and returns connection errors if there were any.

func Json ¶

func Json(profilePath string) ([]byte, error)

func PrettyPrintJSON ¶

func PrettyPrintJSON(b []byte) ([]byte, error)

PrettyPrintJSON does just what one would imagine. Use your imagination.

Types ¶

type Attribute ¶

type Attribute struct {
	Name    string `json:"name"`
	Options struct {
		Description string           `json:"description"`
		Default     *json.RawMessage `json:"default"` // type varies and can be string and int
	} `json:"options,omitempty"`
}

type CheckMessage ¶

type CheckMessage struct {
	File      string `json:"file,omitempty"`
	Line      *int   `json:"line,omitempty"`
	Column    *int   `json:"column,omitempty"`
	ControlId string `json:"control_id,omitempty"`
	Msg       string `json:"msg"`
}

type CheckResult ¶

type CheckResult struct {
	Summary struct {
		Valid     bool   `json:"valid"`
		Timestamp string `json:"timestamp"`
		Location  string `json:"location"`
		Controls  int    `json:"controls"`
	} `json:"summary"`
	Errors   []CheckMessage `json:"errors"`
	Warnings []CheckMessage `json:"warnings"`
}

func Check ¶

func Check(profilePath string) (CheckResult, error)

func (*CheckResult) ToJSON ¶

func (results *CheckResult) ToJSON() ([]byte, error)

ToJSON is a simple helper convert Metadata into a json string

type Control ¶

type Control struct {
	ID             string                       `json:"id"`
	Code           string                       `json:"code"`
	Desc           string                       `json:"desc"`
	Impact         float32                      `json:"impact"`
	Title          string                       `json:"title"`
	SourceLocation *reportingapi.SourceLocation `json:"source_location"`
	Refs           *json.RawMessage             `json:"refs"`
	Tags           *json.RawMessage             `json:"tags"`
	Results        []*reportingapi.Result       `json:"results,omitempty"`
}

func (*Control) ImpactName ¶

func (control *Control) ImpactName() string

ImpactName returns a human readable name for the impact

func (*Control) Status ¶

func (control *Control) Status() string

Status calculates the overall status of all controls based on all results

type Dependency ¶

type Dependency struct {
	Name        string `yaml:"name" json:"name"`
	URL         string `yaml:"url,omitempty" json:"url,omitempty"`
	Path        string `yaml:"path,omitempty" json:"path,omitempty"`
	Git         string `yaml:"git,omitempty" json:"git,omitempty"`
	Branch      string `yaml:"branch,omitempty" json:"branch,omitempty"`
	Tag         string `yaml:"tag,omitempty" json:"tag,omitempty"`
	Commit      string `yaml:"commit,omitempty" json:"commit,omitempty"`
	Version     string `yaml:"version,omitempty" json:"version,omitempty"`
	Supermarket string `yaml:"supermarket,omitempty" json:"supermarket,omitempty"`
	Github      string `yaml:"github,omitempty" json:"github,omitempty"`
	Compliance  string `yaml:"compliance,omitempty" json:"compliance,omitempty"`
	Status      string `yaml:"status,omitempty" json:"status,omitempty"`
	SkipMessage string `yaml:"skip_message,omitempty" json:"skip_message,omitempty"`
}

see https://github.com/chef/inspec/blob/master/docs/profiles.md

type Error ¶

type Error struct {
	Type    string `json:"error"`
	Message string `json:"message"`
}

Error describes a failing connection and provides a type for each error as well as a simple message to explain it in a human-readable form.

func NewInspecError ¶

func NewInspecError(typ string, message string) *Error

NewInspecError creates an Error

func Scan ¶

func Scan(paths []string, target *TargetConfig, timeout time.Duration, env map[string]string) ([]byte, []byte, *Error)

Scan a target node with all specified profiles

type Group ¶

type Group struct {
	ID       string   `json:"id"`
	Title    *string  `json:"title"` //this needs to be a string pointer as in inspec, this is stored as null instead of ""
	Controls []string `json:"controls"`
}

type Metadata ¶

type Metadata struct {
	Name            string              `yaml:"name" json:"name"`
	Title           string              `yaml:"title"  json:"title"`
	Maintainer      string              `yaml:"maintainer" json:"maintainer"`
	Copyright       string              `yaml:"copyright" json:"copyright"`
	Copyright_Email string              `yaml:"copyright_email" json:"copyright_email"`
	License         string              `yaml:"license" json:"license"`
	Summary         string              `yaml:"summary" json:"summary"`
	Version         string              `yaml:"version" json:"version"`
	Supports        []map[string]string `yaml:"supports" json:"supports"`
	Dependencies    []Dependency        `yaml:"depends" json:"depends"`
	LatestVersion   string              `json:"latest_version,omitempty"`
	Sha256          string              `json:"sha256"`
}

func (*Metadata) Parse ¶

func (yml *Metadata) Parse(data []byte) error

Parse takes a yml byte array and parses the content into Metadata

func (*Metadata) ParseJSON ¶

func (yml *Metadata) ParseJSON(data []byte) error

ParseJSON takes a json byte representation and parses the content into Metadata

type OSInfo ¶

type OSInfo struct {
	OSArch     string   `json:"arch"`
	OSFamilies []string `json:"families"`
	OSName     string   `json:"name"`
	OSRelease  string   `json:"release"`
}

OSInfo contains simple information on a target operating system

type Platform ¶

type Platform struct {
	Name    string `json:"name"`
	Release string `json:"release"`
}

type Profile ¶

type Profile struct {
	Name           string                     `json:"name"`
	Title          string                     `json:"title"`
	Version        string                     `json:"version"`
	Summary        string                     `json:"summary"`
	Maintainer     string                     `json:"maintainer"`
	License        string                     `json:"license"`
	Copyright      string                     `json:"copyright"`
	CopyrightEmail string                     `json:"copyright_email"`
	Controls       []Control                  `json:"controls"`
	Supports       []map[string]string        `json:"supports"`
	Attributes     []*Attribute               `json:"attributes"`
	Dependencies   []*reportingapi.Dependency `json:"depends,omitempty"`
	Sha256         string                     `json:"sha256"`
	Groups         []*reportingapi.Group      `json:"groups"`
	Status         string                     `json:"status,omitempty"`
	SkipMessage    string                     `json:"skip_message,omitempty"`
}

func (*Profile) FromJSON ¶

func (profile *Profile) FromJSON(content []byte) error

FromJSON turns a profile in JSON format in Profile struct

func (*Profile) ToJSON ¶

func (profile *Profile) ToJSON() ([]byte, error)

ToJSON is a simple helper convert Metadata into a json string

type Report ¶

type Report struct {
	ID            string    `json:"id"`
	InSpecVersion string    `json:"version"`
	Profiles      []Profile `json:"profiles"`
	Platform      Platform  `json:"platform"`
	Statistics    struct {
		Duration float32 `json:"duration"`
	} `json:"statistics"`
}

func (*Report) ToJSON ¶

func (report *Report) ToJSON() ([]byte, error)

ToJSON is a simple helper convert Metadata into a json string

type Reporter ¶

type Reporter struct {
	Url         string `json:"url,omitempty"`
	Token       string `json:"token,omitempty"`
	NodeID      string `json:"node_uuid,omitempty"`
	NodeName    string `json:"node_name,omitempty"`
	Environment string `json:"environment,omitempty"`
	ReportUUID  string `json:"report_uuid,omitempty"`
	JobUUID     string `json:"job_uuid,omitempty"`
}

type Result ¶

type Result struct {
	Status      string  `json:"status"`
	CodeDesc    string  `json:"code_desc"`
	RunTime     float32 `json:"run_time"`
	StartTime   string  `json:"start_time,omitempty"`
	Message     string  `json:"message,omitempty"`
	SkipMessage string  `json:"skip_message,omitempty"`
}

type Secrets ¶

type Secrets struct {
	User              string   `json:"user,omitempty"`
	Password          string   `json:"password,omitempty"`
	KeyFiles          []string `json:"key_files,omitempty"`
	SudoPassword      string   `json:"sudo_password,omitempty"`
	SudoOptions       string   `json:"sudo_options,omitempty"`
	AwsUser           string   `json:"aws_user,omitempty"`
	AwsPassword       string   `json:"aws_password,omitempty"`
	AzureClientID     string   `json:"azure_client_id,omitempty"`
	AzureClientSecret string   `json:"azure_client_secret,omitempty"`
	AzureTenantID     string   `json:"azure_tenant_id,omitempty"`
	GcpCredsJson      string   `json:"gcp_creds_json,omitempty"`
	AwsSessionToken   string   `json:"aws_session_token,omitempty"`
}

type SourceLocation ¶

type SourceLocation struct {
	Ref  string `json:"ref"`
	Line int    `json:"line"`
}

type Support ¶

type Support struct {
	OSName        string `yaml:"os-name,omitempty" json:"os-name,omitempty"`
	OSFamily      string `yaml:"os-family,omitempty" json:"os-family,omitempty"`
	Release       string `yaml:"release,omitempty" json:"release,omitempty"`
	InSpecVersion string `yaml:"inspec,omitempty" json:"inspec,omitempty"`
	Platform      string `yaml:"platform,omitempty" json:"platform,omitempty"`
}

Support is part of Metadata, holding information about the supported platform

type TargetBaseConfig ¶

type TargetBaseConfig struct {
	Backend        string              `json:"backend,omitempty"`
	Hostname       string              `json:"host,omitempty"`
	Port           int                 `json:"port,omitempty"`
	LoginPath      string              `json:"login_path,omitempty"` // winrm
	Sudo           bool                `json:"sudo,omitempty"`
	Format         string              `json:"format,omitempty"`
	Reporter       map[string]Reporter `json:"reporter,omitempty"`
	Ssl            bool                `json:"ssl,omitempty"`
	SslSelfSigned  bool                `json:"self_signed,omitempty"`
	BackendCache   bool                `json:"backend_cache,omitempty"`
	Region         string              `json:"region,omitempty"`
	SubscriptionId string              `json:"subscription_id,omitempty"`
	AttributesJson *json.RawMessage    `json:"attributes,omitempty"`
}

type TargetConfig ¶

type TargetConfig struct {
	TargetBaseConfig
	Secrets
	SecretsArr []*Secrets `json:"creds_arr,omitempty"`
}

TargetConfig is inspec's JSON config options

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL