Class: Inspec::BaseCLI
- Inherits:
-
Thor
- Object
- Thor
- Inspec::BaseCLI
- Defined in:
- lib/inspec/plugin/v2/plugin_types/cli.rb,
lib/inspec/base_cli.rb
Overview
The InSpec load order has this file being loaded before ‘inspec/base_cli` can finish being loaded. So, we must define Inspec::BaseCLI here first to avoid a NameError below.
Direct Known Subclasses
InspecCLI, Plugin::V2::PluginType::CliCommand, Supermarket::SupermarketCLI
Class Attribute Summary collapse
-
.inspec_cli_command ⇒ Object
Returns the value of attribute inspec_cli_command.
Class Method Summary collapse
-
.check_license! ⇒ Object
EULA acceptance.
- .exec_options ⇒ Object
- .exit_on_failure? ⇒ Boolean
- .format_platform_info(params: {}, indent: 0, color: 39) ⇒ Object
- .profile_options ⇒ Object
- .start(given_args = ARGV, config = {}) ⇒ Object
-
.target_options ⇒ Object
rubocop:disable MethodLength.
Class Attribute Details
.inspec_cli_command ⇒ Object
Returns the value of attribute inspec_cli_command.
27 28 29 |
# File 'lib/inspec/base_cli.rb', line 27 def inspec_cli_command @inspec_cli_command end |
Class Method Details
.check_license! ⇒ Object
EULA acceptance
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/inspec/base_cli.rb', line 37 def self.check_license! allowed_commands = ["-h", "--help", "help", "-v", "--version", "version"] require "license_acceptance/acceptor" begin if (allowed_commands & ARGV.map(&:downcase)).empty? && # Did they use a non-exempt command? !ARGV.empty? # Did they supply at least one command? LicenseAcceptance::Acceptor.check_and_persist( Inspec::Dist::EXEC_NAME, Inspec::VERSION, logger: Inspec::Log ) end rescue LicenseAcceptance::LicenseNotAcceptedError Inspec::Log.error "#{Inspec::Dist::PRODUCT_NAME} cannot execute without accepting the license" Inspec::UI.new.exit(:license_not_accepted) end end |
.exec_options ⇒ Object
128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 |
# File 'lib/inspec/base_cli.rb', line 128 def self. option :controls, type: :array, desc: "A list of control names to run, or a list of /regexes/ to match against control names. Ignore all other tests." option :reporter, type: :array, banner: "one two:/output/file/path", desc: "Enable one or more output reporters: cli, documentation, html, progress, json, json-min, json-rspec, junit, yaml" option :input, type: :array, banner: "name1=value1 name2=value2", desc: "Specify one or more inputs directly on the command line, as --input NAME=VALUE" option :input_file, type: :array, desc: "Load one or more input files, a YAML file with values for the profile to use" option :attrs, type: :array, desc: "Legacy name for --input-file - deprecated." option :create_lockfile, type: :boolean, desc: "Write out a lockfile based on this execution (unless one already exists)" option :backend_cache, type: :boolean, desc: "Allow caching for backend command output. (default: true)" option :show_progress, type: :boolean, desc: "Show progress while executing tests." option :distinct_exit, type: :boolean, default: true, desc: "Exit with code 101 if any tests fail, and 100 if any are skipped (default). If disabled, exit 0 on skips and 1 for failures." end |
.exit_on_failure? ⇒ Boolean
57 58 59 |
# File 'lib/inspec/base_cli.rb', line 57 def self.exit_on_failure? true end |
.format_platform_info(params: {}, indent: 0, color: 39) ⇒ Object
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/inspec/base_cli.rb', line 152 def self.format_platform_info(params: {}, indent: 0, color: 39) str = "" params.each do |item, info| data = info # Format Array for better output if applicable data = data.join(", ") if data.is_a?(Array) # Do not output fields of data is missing ('unknown' is fine) next if data.nil? data = "\e[1m\e[#{color}m#{data}\e[0m" str << format("#{" " * indent}%-10s %s\n", item.to_s.capitalize + ":", data) end str end |
.profile_options ⇒ Object
121 122 123 124 125 126 |
# File 'lib/inspec/base_cli.rb', line 121 def self. option :profiles_path, type: :string, desc: "Folder which contains referenced profiles." option :vendor_cache, type: :string, desc: "Use the given path for caching dependencies. (default: ~/.inspec/cache)" end |
.start(given_args = ARGV, config = {}) ⇒ Object
30 31 32 33 34 |
# File 'lib/inspec/base_cli.rb', line 30 def self.start(given_args = ARGV, config = {}) check_license! if config[:enforce_license] || config[:enforce_license].nil? super(given_args, config) end |
.target_options ⇒ Object
rubocop:disable MethodLength
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/inspec/base_cli.rb', line 61 def self. # rubocop:disable MethodLength option :target, aliases: :t, type: :string, desc: "Simple targeting option using URIs, e.g. ssh://user:pass@host:port" option :backend, aliases: :b, type: :string, desc: "Choose a backend: local, ssh, winrm, docker." option :host, type: :string, desc: "Specify a remote host which is tested." option :port, aliases: :p, type: :numeric, desc: "Specify the login port for a remote scan." option :user, type: :string, desc: "The login user for a remote scan." option :password, type: :string, lazy_default: -1, desc: "Login password for a remote scan, if required." option :enable_password, type: :string, lazy_default: -1, desc: "Password for enable mode on Cisco IOS devices." option :key_files, aliases: :i, type: :array, desc: "Login key or certificate file for a remote scan." option :path, type: :string, desc: "Login path to use when connecting to the target (WinRM)." option :sudo, type: :boolean, desc: "Run scans with sudo. Only activates on Unix and non-root user." option :sudo_password, type: :string, lazy_default: -1, desc: "Specify a sudo password, if it is required." option :sudo_options, type: :string, desc: "Additional sudo options for a remote scan." option :sudo_command, type: :string, desc: "Alternate command for sudo." option :shell, type: :boolean, desc: "Run scans in a subshell. Only activates on Unix." option :shell_options, type: :string, desc: "Additional shell options." option :shell_command, type: :string, desc: "Specify a particular shell to use." option :ssl, type: :boolean, desc: "Use SSL for transport layer encryption (WinRM)." option :self_signed, type: :boolean, desc: "Allow remote scans with self-signed certificates (WinRM)." option :winrm_transport, type: :string, default: "negotiate", desc: "Specify which transport to use, defaults to negotiate (WinRM)." option :winrm_disable_sspi, type: :boolean, desc: "Whether to use disable sspi authentication, defaults to false (WinRM)." option :winrm_basic_auth, type: :boolean, desc: "Whether to use basic authentication, defaults to false (WinRM)." option :config, type: :string, desc: "Read configuration from JSON file (`-` reads from stdin)." option :json_config, type: :string, hide: true option :proxy_command, type: :string, desc: "Specifies the command to use to connect to the server" option :bastion_host, type: :string, desc: "Specifies the bastion host if applicable" option :bastion_user, type: :string, desc: "Specifies the bastion user if applicable" option :bastion_port, type: :string, desc: "Specifies the bastion port if applicable" option :insecure, type: :boolean, default: false, desc: "Disable SSL verification on select targets" option :target_id, type: :string, desc: "Provide a ID which will be included on reports" end |