mssql_session resource: add port parameter

lib/resources/mssql_session.rb

@@ -25,26 +25,27 @@ class MssqlSession < Inspec.resource(1)
 
       # Passing no credentials to mssql_session forces it to use Windows authentication
       sql_windows_auth = mssql_session
-      describe sql.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
+      describe sql_windows_auth.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
         its('value') { should_not be_empty }
         its('value') { should cmp == 1 }
       end
     "
 
-    attr_reader :user, :password, :host
+    attr_reader :user, :password, :host, :port, :instance
     def initialize(opts = {})
       @user = opts[:user]
       @password = opts[:password] || opts[:pass]
       if opts[:pass]
         warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
       end
       @host = opts[:host] || 'localhost'
+      @port = opts[:port] || '1433'
       @instance = opts[:instance]
 
       # check if sqlcmd is available
-      return skip_resource('sqlcmd is missing') if !inspec.command('sqlcmd').exist?
+      raise Inspec::Exceptions::ResourceSkipped, 'sqlcmd is missing' unless inspec.command('sqlcmd').exist?
       # check that database is reachable
-      return skip_resource("Can't connect to the MS SQL Server.") if !test_connection
+      raise Inspec::Exceptions::ResourceSkipped, "Can't connect to the MS SQL Server." unless test_connection
     end
 
     def query(q)
@@ -53,9 +54,9 @@ def query(q)
       cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
       cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
       if @instance.nil?
-        cmd_string += " -S '#{@host}'"
+        cmd_string += " -S '#{@host},#{@port}'"
       else
-        cmd_string += " -S '#{@host}\\#{@instance}'"
+        cmd_string += " -S '#{@host},#{@port}\\#{@instance}'"
       end
       cmd = inspec.command(cmd_string)
       out = cmd.stdout + "\n" + cmd.stderr

test/helper.rb

@@ -415,8 +415,10 @@ def md.directory?
       %q(psql --version | awk '{ print $NF }' | awk -F. '{ print $1"."$2 }') => cmd.call('psql-version'),
       # mssql tests
       "bash -c 'type \"sqlcmd\"'" => cmd.call('mssql-sqlcmd'),
-      "4b550bb227058ac5851aa0bc946be794ee46489610f17842700136cf8bb5a0e9" => cmd.call('mssql-getdate'),
-      "aeb859a4ae4288df230916075c0de28781a2b215f41d64ed1ea9c3fd633140fa" => cmd.call('mssql-result'),
+      "cb0efcd12206e9690c21ac631a72be9dd87678aa048e6dae16b8e9353ab6dd64" => cmd.call('mssql-getdate'),
+      "e8bece33e9d550af1fc81a5bc1c72b647b3810db3e567ee9f30feb81f4e3b700" => cmd.call('mssql-getdate'),
+      "53d201ff1cfb8867b79200177b8e2e99dedb700c5fbe15e43820011d7e8b941f" => cmd.call('mssql-getdate'),
+      "7d1a7a0f2bd1e7da9a6904e1f28981146ec01a0323623e12a8579d30a3960a79" => cmd.call('mssql-result'),
       "5c2bc0f0568d11451d6cf83aff02ee3d47211265b52b6c5d45f8e57290b35082" => cmd.call('mssql-getdate'),
       # oracle
       "bash -c 'type \"sqlplus\"'" => cmd.call('oracle-cmd'),

test/integration/default/controls/mssql_session_spec.rb

@@ -0,0 +1,12 @@
+# encoding: utf-8
+
+# the following test will query the MSSQL database for the Server Property of IsIntegratedSecurityOnly which should be
+# 0 which means that it is using both Windows Authentication and SQL Server Authentication.
+# @see https://docs.microsoft.com/en-us/sql/t-sql/functions/serverproperty-transact-sql
+if os.windows?
+  sql_windows_auth = mssql_session(user: 'sa', pass: 'Password12!', instance: 'SQL2012SP1')
+  describe sql_windows_auth.query("SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";").row(0).column('login_mode') do
+    its('value') { should_not be_empty }
+    its('value') { should cmp == 1 }
+  end
+end

test/unit/resources/mssql_session_test.rb

@@ -5,18 +5,37 @@
 require 'helper'
 
 describe 'Inspec::Resources::MssqlSession' do
-  it 'verify mssql_session configuration' do
-    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'localhost')
+  it 'verify default mssql_session configuration' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password')
     _(resource.user).must_equal 'sa'
     _(resource.password).must_equal 'yourStrong(!)Password'
     _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1433'
+  end
+
+  it 'verify mssql_session configuration with custom hostname' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'inspec.domain.tld')
+    _(resource.user).must_equal 'sa'
+    _(resource.password).must_equal 'yourStrong(!)Password'
+    _(resource.host).must_equal 'inspec.domain.tld'
+    _(resource.port).must_equal '1433'
+  end
+
+  it 'verify mssql_session configuration with custom instance' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', instance: 'SQL2012INSPEC')
+    _(resource.user).must_equal 'sa'
+    _(resource.password).must_equal 'yourStrong(!)Password'
+    _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1433'
+    _(resource.instance).must_equal 'SQL2012INSPEC'
   end
 
   it 'verify mssql_session configuration with custom sqlserver port and user in domain' do
-    resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost,1533')
+    resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost', port: '1533')
     _(resource.user).must_equal 'DOMAIN\sa'
     _(resource.password).must_equal 'yourStrong(!)Password'
-    _(resource.host).must_equal 'localhost,1533'
+    _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1533'
   end
 
   it 'run a SQL query' do