RubyGems - inspec-core - Versions diffs - 2.1.67 - Mend

inspec-core 2.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (412) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +3136 -0
data/Gemfile +56 -0
data/LICENSE +14 -0
data/MAINTAINERS.md +33 -0
data/MAINTAINERS.toml +52 -0
data/README.md +453 -0
data/bin/inspec +12 -0
data/docs/.gitignore +2 -0
data/docs/README.md +40 -0
data/docs/dev/control-eval.md +62 -0
data/docs/dsl_inspec.md +258 -0
data/docs/dsl_resource.md +100 -0
data/docs/glossary.md +99 -0
data/docs/habitat.md +192 -0
data/docs/inspec_and_friends.md +114 -0
data/docs/matchers.md +169 -0
data/docs/migration.md +293 -0
data/docs/platforms.md +119 -0
data/docs/plugin_kitchen_inspec.md +50 -0
data/docs/profiles.md +378 -0
data/docs/reporters.md +105 -0
data/docs/resources/aide_conf.md.erb +76 -0
data/docs/resources/apache.md.erb +67 -0
data/docs/resources/apache_conf.md.erb +68 -0
data/docs/resources/apt.md.erb +71 -0
data/docs/resources/audit_policy.md.erb +47 -0
data/docs/resources/auditd.md.erb +79 -0
data/docs/resources/auditd_conf.md.erb +68 -0
data/docs/resources/bash.md.erb +75 -0
data/docs/resources/bond.md.erb +90 -0
data/docs/resources/bridge.md.erb +57 -0
data/docs/resources/bsd_service.md.erb +67 -0
data/docs/resources/chocolatey_package.md.erb +58 -0
data/docs/resources/command.md.erb +138 -0
data/docs/resources/cpan.md.erb +79 -0
data/docs/resources/cran.md.erb +64 -0
data/docs/resources/crontab.md.erb +89 -0
data/docs/resources/csv.md.erb +54 -0
data/docs/resources/dh_params.md.erb +205 -0
data/docs/resources/directory.md.erb +30 -0
data/docs/resources/docker.md.erb +219 -0
data/docs/resources/docker_container.md.erb +103 -0
data/docs/resources/docker_image.md.erb +94 -0
data/docs/resources/docker_service.md.erb +114 -0
data/docs/resources/elasticsearch.md.erb +242 -0
data/docs/resources/etc_fstab.md.erb +125 -0
data/docs/resources/etc_group.md.erb +75 -0
data/docs/resources/etc_hosts.md.erb +78 -0
data/docs/resources/etc_hosts_allow.md.erb +74 -0
data/docs/resources/etc_hosts_deny.md.erb +74 -0
data/docs/resources/file.md.erb +526 -0
data/docs/resources/filesystem.md.erb +41 -0
data/docs/resources/firewalld.md.erb +107 -0
data/docs/resources/gem.md.erb +79 -0
data/docs/resources/group.md.erb +61 -0
data/docs/resources/grub_conf.md.erb +101 -0
data/docs/resources/host.md.erb +86 -0
data/docs/resources/http.md.erb +197 -0
data/docs/resources/iis_app.md.erb +122 -0
data/docs/resources/iis_site.md.erb +135 -0
data/docs/resources/inetd_conf.md.erb +94 -0
data/docs/resources/ini.md.erb +76 -0
data/docs/resources/interface.md.erb +58 -0
data/docs/resources/iptables.md.erb +64 -0
data/docs/resources/json.md.erb +63 -0
data/docs/resources/kernel_module.md.erb +120 -0
data/docs/resources/kernel_parameter.md.erb +53 -0
data/docs/resources/key_rsa.md.erb +85 -0
data/docs/resources/launchd_service.md.erb +57 -0
data/docs/resources/limits_conf.md.erb +75 -0
data/docs/resources/login_defs.md.erb +71 -0
data/docs/resources/mount.md.erb +69 -0
data/docs/resources/mssql_session.md.erb +60 -0
data/docs/resources/mysql_conf.md.erb +99 -0
data/docs/resources/mysql_session.md.erb +74 -0
data/docs/resources/nginx.md.erb +79 -0
data/docs/resources/nginx_conf.md.erb +138 -0
data/docs/resources/npm.md.erb +60 -0
data/docs/resources/ntp_conf.md.erb +60 -0
data/docs/resources/oneget.md.erb +53 -0
data/docs/resources/oracledb_session.md.erb +52 -0
data/docs/resources/os.md.erb +141 -0
data/docs/resources/os_env.md.erb +91 -0
data/docs/resources/package.md.erb +120 -0
data/docs/resources/packages.md.erb +67 -0
data/docs/resources/parse_config.md.erb +103 -0
data/docs/resources/parse_config_file.md.erb +138 -0
data/docs/resources/passwd.md.erb +141 -0
data/docs/resources/pip.md.erb +67 -0
data/docs/resources/port.md.erb +137 -0
data/docs/resources/postgres_conf.md.erb +79 -0
data/docs/resources/postgres_hba_conf.md.erb +93 -0
data/docs/resources/postgres_ident_conf.md.erb +76 -0
data/docs/resources/postgres_session.md.erb +69 -0
data/docs/resources/powershell.md.erb +102 -0
data/docs/resources/processes.md.erb +109 -0
data/docs/resources/rabbitmq_config.md.erb +41 -0
data/docs/resources/registry_key.md.erb +158 -0
data/docs/resources/runit_service.md.erb +57 -0
data/docs/resources/security_policy.md.erb +47 -0
data/docs/resources/service.md.erb +121 -0
data/docs/resources/shadow.md.erb +146 -0
data/docs/resources/ssh_config.md.erb +73 -0
data/docs/resources/sshd_config.md.erb +83 -0
data/docs/resources/ssl.md.erb +119 -0
data/docs/resources/sys_info.md.erb +42 -0
data/docs/resources/systemd_service.md.erb +57 -0
data/docs/resources/sysv_service.md.erb +57 -0
data/docs/resources/upstart_service.md.erb +57 -0
data/docs/resources/user.md.erb +140 -0
data/docs/resources/users.md.erb +127 -0
data/docs/resources/vbscript.md.erb +55 -0
data/docs/resources/virtualization.md.erb +57 -0
data/docs/resources/windows_feature.md.erb +47 -0
data/docs/resources/windows_hotfix.md.erb +53 -0
data/docs/resources/windows_task.md.erb +95 -0
data/docs/resources/wmi.md.erb +81 -0
data/docs/resources/x509_certificate.md.erb +151 -0
data/docs/resources/xinetd_conf.md.erb +156 -0
data/docs/resources/xml.md.erb +85 -0
data/docs/resources/yaml.md.erb +69 -0
data/docs/resources/yum.md.erb +98 -0
data/docs/resources/zfs_dataset.md.erb +53 -0
data/docs/resources/zfs_pool.md.erb +47 -0
data/docs/ruby_usage.md +203 -0
data/docs/shared/matcher_be.md.erb +1 -0
data/docs/shared/matcher_cmp.md.erb +43 -0
data/docs/shared/matcher_eq.md.erb +3 -0
data/docs/shared/matcher_include.md.erb +1 -0
data/docs/shared/matcher_match.md.erb +1 -0
data/docs/shell.md +217 -0
data/examples/README.md +8 -0
data/examples/inheritance/README.md +65 -0
data/examples/inheritance/controls/example.rb +14 -0
data/examples/inheritance/inspec.yml +15 -0
data/examples/kitchen-ansible/.kitchen.yml +25 -0
data/examples/kitchen-ansible/Gemfile +19 -0
data/examples/kitchen-ansible/README.md +53 -0
data/examples/kitchen-ansible/files/nginx.repo +6 -0
data/examples/kitchen-ansible/tasks/main.yml +16 -0
data/examples/kitchen-ansible/test/integration/default/default.yml +5 -0
data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-chef/.kitchen.yml +20 -0
data/examples/kitchen-chef/Berksfile +3 -0
data/examples/kitchen-chef/Gemfile +19 -0
data/examples/kitchen-chef/README.md +27 -0
data/examples/kitchen-chef/metadata.rb +7 -0
data/examples/kitchen-chef/recipes/default.rb +6 -0
data/examples/kitchen-chef/recipes/nginx.rb +30 -0
data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-puppet/.kitchen.yml +23 -0
data/examples/kitchen-puppet/Gemfile +20 -0
data/examples/kitchen-puppet/Puppetfile +25 -0
data/examples/kitchen-puppet/README.md +53 -0
data/examples/kitchen-puppet/manifests/site.pp +33 -0
data/examples/kitchen-puppet/metadata.json +11 -0
data/examples/kitchen-puppet/modules/.gitkeep +0 -0
data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -0
data/examples/meta-profile/README.md +37 -0
data/examples/meta-profile/controls/example.rb +13 -0
data/examples/meta-profile/inspec.yml +13 -0
data/examples/profile-attribute.yml +2 -0
data/examples/profile-attribute/README.md +14 -0
data/examples/profile-attribute/controls/example.rb +11 -0
data/examples/profile-attribute/inspec.yml +8 -0
data/examples/profile-sensitive/README.md +29 -0
data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -0
data/examples/profile-sensitive/controls/sensitive.rb +9 -0
data/examples/profile-sensitive/inspec.yml +8 -0
data/examples/profile/README.md +48 -0
data/examples/profile/controls/example.rb +23 -0
data/examples/profile/controls/gordon.rb +36 -0
data/examples/profile/controls/meta.rb +34 -0
data/examples/profile/inspec.yml +10 -0
data/examples/profile/libraries/gordon_config.rb +59 -0
data/inspec-core.gemspec +43 -0
data/lib/bundles/README.md +3 -0
data/lib/bundles/inspec-artifact.rb +7 -0
data/lib/bundles/inspec-artifact/README.md +1 -0
data/lib/bundles/inspec-artifact/cli.rb +277 -0
data/lib/bundles/inspec-compliance.rb +16 -0
data/lib/bundles/inspec-compliance/.kitchen.yml +20 -0
data/lib/bundles/inspec-compliance/README.md +193 -0
data/lib/bundles/inspec-compliance/api.rb +360 -0
data/lib/bundles/inspec-compliance/api/login.rb +193 -0
data/lib/bundles/inspec-compliance/bootstrap.sh +41 -0
data/lib/bundles/inspec-compliance/cli.rb +260 -0
data/lib/bundles/inspec-compliance/configuration.rb +103 -0
data/lib/bundles/inspec-compliance/http.rb +125 -0
data/lib/bundles/inspec-compliance/images/cc-token.png +0 -0
data/lib/bundles/inspec-compliance/support.rb +36 -0
data/lib/bundles/inspec-compliance/target.rb +106 -0
data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -0
data/lib/bundles/inspec-habitat.rb +12 -0
data/lib/bundles/inspec-habitat/cli.rb +36 -0
data/lib/bundles/inspec-habitat/log.rb +10 -0
data/lib/bundles/inspec-habitat/profile.rb +391 -0
data/lib/bundles/inspec-init.rb +8 -0
data/lib/bundles/inspec-init/README.md +31 -0
data/lib/bundles/inspec-init/cli.rb +97 -0
data/lib/bundles/inspec-init/templates/profile/README.md +3 -0
data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -0
data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -0
data/lib/bundles/inspec-init/templates/profile/libraries/.gitkeep +0 -0
data/lib/bundles/inspec-supermarket.rb +13 -0
data/lib/bundles/inspec-supermarket/README.md +45 -0
data/lib/bundles/inspec-supermarket/api.rb +84 -0
data/lib/bundles/inspec-supermarket/cli.rb +73 -0
data/lib/bundles/inspec-supermarket/target.rb +34 -0
data/lib/fetchers/git.rb +163 -0
data/lib/fetchers/local.rb +74 -0
data/lib/fetchers/mock.rb +35 -0
data/lib/fetchers/url.rb +247 -0
data/lib/inspec.rb +24 -0
data/lib/inspec/archive/tar.rb +29 -0
data/lib/inspec/archive/zip.rb +19 -0
data/lib/inspec/backend.rb +93 -0
data/lib/inspec/base_cli.rb +368 -0
data/lib/inspec/cached_fetcher.rb +66 -0
data/lib/inspec/cli.rb +292 -0
data/lib/inspec/completions/bash.sh.erb +45 -0
data/lib/inspec/completions/fish.sh.erb +34 -0
data/lib/inspec/completions/zsh.sh.erb +61 -0
data/lib/inspec/control_eval_context.rb +179 -0
data/lib/inspec/dependencies/cache.rb +72 -0
data/lib/inspec/dependencies/dependency_set.rb +92 -0
data/lib/inspec/dependencies/lockfile.rb +115 -0
data/lib/inspec/dependencies/requirement.rb +123 -0
data/lib/inspec/dependencies/resolver.rb +86 -0
data/lib/inspec/describe.rb +27 -0
data/lib/inspec/dsl.rb +66 -0
data/lib/inspec/dsl_shared.rb +33 -0
data/lib/inspec/env_printer.rb +157 -0
data/lib/inspec/errors.rb +14 -0
data/lib/inspec/exceptions.rb +12 -0
data/lib/inspec/expect.rb +45 -0
data/lib/inspec/fetcher.rb +45 -0
data/lib/inspec/file_provider.rb +275 -0
data/lib/inspec/formatters.rb +3 -0
data/lib/inspec/formatters/base.rb +259 -0
data/lib/inspec/formatters/json_rspec.rb +20 -0
data/lib/inspec/formatters/show_progress.rb +12 -0
data/lib/inspec/library_eval_context.rb +58 -0
data/lib/inspec/log.rb +11 -0
data/lib/inspec/metadata.rb +247 -0
data/lib/inspec/method_source.rb +24 -0
data/lib/inspec/objects.rb +14 -0
data/lib/inspec/objects/attribute.rb +75 -0
data/lib/inspec/objects/control.rb +61 -0
data/lib/inspec/objects/describe.rb +92 -0
data/lib/inspec/objects/each_loop.rb +36 -0
data/lib/inspec/objects/list.rb +15 -0
data/lib/inspec/objects/or_test.rb +40 -0
data/lib/inspec/objects/ruby_helper.rb +15 -0
data/lib/inspec/objects/tag.rb +27 -0
data/lib/inspec/objects/test.rb +87 -0
data/lib/inspec/objects/value.rb +27 -0
data/lib/inspec/plugins.rb +60 -0
data/lib/inspec/plugins/cli.rb +24 -0
data/lib/inspec/plugins/fetcher.rb +86 -0
data/lib/inspec/plugins/resource.rb +135 -0
data/lib/inspec/plugins/secret.rb +15 -0
data/lib/inspec/plugins/source_reader.rb +40 -0
data/lib/inspec/polyfill.rb +12 -0
data/lib/inspec/profile.rb +513 -0
data/lib/inspec/profile_context.rb +208 -0
data/lib/inspec/profile_vendor.rb +66 -0
data/lib/inspec/reporters.rb +60 -0
data/lib/inspec/reporters/automate.rb +76 -0
data/lib/inspec/reporters/base.rb +25 -0
data/lib/inspec/reporters/cli.rb +356 -0
data/lib/inspec/reporters/json.rb +116 -0
data/lib/inspec/reporters/json_min.rb +48 -0
data/lib/inspec/reporters/junit.rb +78 -0
data/lib/inspec/require_loader.rb +33 -0
data/lib/inspec/resource.rb +190 -0
data/lib/inspec/rule.rb +280 -0
data/lib/inspec/runner.rb +345 -0
data/lib/inspec/runner_mock.rb +41 -0
data/lib/inspec/runner_rspec.rb +175 -0
data/lib/inspec/runtime_profile.rb +26 -0
data/lib/inspec/schema.rb +213 -0
data/lib/inspec/secrets.rb +19 -0
data/lib/inspec/secrets/yaml.rb +30 -0
data/lib/inspec/shell.rb +220 -0
data/lib/inspec/shell_detector.rb +90 -0
data/lib/inspec/source_reader.rb +29 -0
data/lib/inspec/version.rb +8 -0
data/lib/matchers/matchers.rb +339 -0
data/lib/resources/aide_conf.rb +151 -0
data/lib/resources/apache.rb +48 -0
data/lib/resources/apache_conf.rb +149 -0
data/lib/resources/apt.rb +149 -0
data/lib/resources/audit_policy.rb +63 -0
data/lib/resources/auditd.rb +231 -0
data/lib/resources/auditd_conf.rb +46 -0
data/lib/resources/bash.rb +35 -0
data/lib/resources/bond.rb +69 -0
data/lib/resources/bridge.rb +122 -0
data/lib/resources/chocolatey_package.rb +78 -0
data/lib/resources/command.rb +73 -0
data/lib/resources/cpan.rb +58 -0
data/lib/resources/cran.rb +64 -0
data/lib/resources/crontab.rb +169 -0
data/lib/resources/csv.rb +56 -0
data/lib/resources/dh_params.rb +77 -0
data/lib/resources/directory.rb +25 -0
data/lib/resources/docker.rb +236 -0
data/lib/resources/docker_container.rb +89 -0
data/lib/resources/docker_image.rb +83 -0
data/lib/resources/docker_object.rb +57 -0
data/lib/resources/docker_service.rb +90 -0
data/lib/resources/elasticsearch.rb +169 -0
data/lib/resources/etc_fstab.rb +94 -0
data/lib/resources/etc_group.rb +154 -0
data/lib/resources/etc_hosts.rb +66 -0
data/lib/resources/etc_hosts_allow_deny.rb +112 -0
data/lib/resources/file.rb +298 -0
data/lib/resources/filesystem.rb +31 -0
data/lib/resources/firewalld.rb +143 -0
data/lib/resources/gem.rb +70 -0
data/lib/resources/groups.rb +215 -0
data/lib/resources/grub_conf.rb +227 -0
data/lib/resources/host.rb +306 -0
data/lib/resources/http.rb +253 -0
data/lib/resources/iis_app.rb +101 -0
data/lib/resources/iis_site.rb +148 -0
data/lib/resources/inetd_conf.rb +54 -0
data/lib/resources/ini.rb +29 -0
data/lib/resources/interface.rb +129 -0
data/lib/resources/iptables.rb +80 -0
data/lib/resources/json.rb +111 -0
data/lib/resources/kernel_module.rb +107 -0
data/lib/resources/kernel_parameter.rb +58 -0
data/lib/resources/key_rsa.rb +63 -0
data/lib/resources/limits_conf.rb +46 -0
data/lib/resources/login_def.rb +57 -0
data/lib/resources/mount.rb +88 -0
data/lib/resources/mssql_session.rb +101 -0
data/lib/resources/mysql.rb +82 -0
data/lib/resources/mysql_conf.rb +127 -0
data/lib/resources/mysql_session.rb +85 -0
data/lib/resources/nginx.rb +96 -0
data/lib/resources/nginx_conf.rb +226 -0
data/lib/resources/npm.rb +48 -0
data/lib/resources/ntp_conf.rb +51 -0
data/lib/resources/oneget.rb +71 -0
data/lib/resources/oracledb_session.rb +139 -0
data/lib/resources/os.rb +36 -0
data/lib/resources/os_env.rb +86 -0
data/lib/resources/package.rb +370 -0
data/lib/resources/packages.rb +111 -0
data/lib/resources/parse_config.rb +112 -0
data/lib/resources/passwd.rb +76 -0
data/lib/resources/pip.rb +130 -0
data/lib/resources/platform.rb +109 -0
data/lib/resources/port.rb +771 -0
data/lib/resources/postgres.rb +131 -0
data/lib/resources/postgres_conf.rb +114 -0
data/lib/resources/postgres_hba_conf.rb +90 -0
data/lib/resources/postgres_ident_conf.rb +79 -0
data/lib/resources/postgres_session.rb +71 -0
data/lib/resources/powershell.rb +67 -0
data/lib/resources/processes.rb +204 -0
data/lib/resources/rabbitmq_conf.rb +51 -0
data/lib/resources/registry_key.rb +297 -0
data/lib/resources/security_policy.rb +180 -0
data/lib/resources/service.rb +794 -0
data/lib/resources/shadow.rb +159 -0
data/lib/resources/ssh_conf.rb +97 -0
data/lib/resources/ssl.rb +99 -0
data/lib/resources/sys_info.rb +28 -0
data/lib/resources/toml.rb +32 -0
data/lib/resources/users.rb +654 -0
data/lib/resources/vbscript.rb +68 -0
data/lib/resources/virtualization.rb +247 -0
data/lib/resources/windows_feature.rb +84 -0
data/lib/resources/windows_hotfix.rb +35 -0
data/lib/resources/windows_task.rb +102 -0
data/lib/resources/wmi.rb +110 -0
data/lib/resources/x509_certificate.rb +137 -0
data/lib/resources/xinetd.rb +106 -0
data/lib/resources/xml.rb +46 -0
data/lib/resources/yaml.rb +43 -0
data/lib/resources/yum.rb +180 -0
data/lib/resources/zfs_dataset.rb +60 -0
data/lib/resources/zfs_pool.rb +49 -0
data/lib/source_readers/flat.rb +39 -0
data/lib/source_readers/inspec.rb +75 -0
data/lib/utils/command_wrapper.rb +27 -0
data/lib/utils/convert.rb +12 -0
data/lib/utils/database_helpers.rb +77 -0
data/lib/utils/enumerable_delegation.rb +9 -0
data/lib/utils/erlang_parser.rb +192 -0
data/lib/utils/file_reader.rb +25 -0
data/lib/utils/filter.rb +273 -0
data/lib/utils/filter_array.rb +27 -0
data/lib/utils/find_files.rb +47 -0
data/lib/utils/hash.rb +41 -0
data/lib/utils/json_log.rb +18 -0
data/lib/utils/latest_version.rb +22 -0
data/lib/utils/modulator.rb +12 -0
data/lib/utils/nginx_parser.rb +105 -0
data/lib/utils/object_traversal.rb +49 -0
data/lib/utils/parser.rb +274 -0
data/lib/utils/pkey_reader.rb +15 -0
data/lib/utils/plugin_registry.rb +93 -0
data/lib/utils/simpleconfig.rb +120 -0
data/lib/utils/spdx.rb +13 -0
data/lib/utils/spdx.txt +344 -0
metadata +713 -0

data/lib/resources/http.rb ADDED

@@ -0,0 +1,253 @@
+# encoding: utf-8
+# copyright: 2017, Criteo
+# copyright: 2017, Chef Software Inc
+# license: Apache v2
+require 'faraday'
+require 'hashie'
+module Inspec::Resources
+  class Http < Inspec.resource(1)
+    name 'http'
+    supports platform: 'unix'
+    desc 'Use the http InSpec audit resource to test http call.'
+    example "
+      describe http('http://localhost:8080/ping', auth: {user: 'user', pass: 'test'}, params: {format: 'html'}) do
+        its('status') { should cmp 200 }
+        its('body') { should cmp 'pong' }
+        its('headers.Content-Type') { should cmp 'text/html' }
+      end
+      describe http('http://example.com/ping').headers do
+        its('Content-Length') { should cmp 258 }
+        its('Content-Type') { should cmp 'text/html; charset=UTF-8' }
+      end
+    "
+    def initialize(url, opts = {})
+      @url = url
+      @opts = opts
+      # Prior to InSpec 2.0 the HTTP test had to be instructed to run on the
+      # remote target machine. This warning will be removed after a few months
+      # to give users an opportunity to remove the unused option from their
+      # profiles.
+      if opts.key?(:enable_remote_worker) && !inspec.local_transport?
+        warn 'Ignoring `enable_remote_worker` option, the `http` resource ',
+             'remote worker is enabled by default for remote targets and ',
+             'cannot be disabled'
+      end
+      # Run locally if InSpec is ran locally and remotely if ran remotely
+      if inspec.local_transport?
+        @worker = Worker::Local.new(http_method, url, opts)
+      else
+        @worker = Worker::Remote.new(inspec, http_method, url, opts)
+      end
+    end
+    def status
+      @worker.status
+    end
+    def headers
+      @headers ||= Inspec::Resources::Http::Headers.create(@worker.response_headers)
+    end
+    def body
+      @worker.body
+    end
+    def http_method
+      @opts.fetch(:method, 'GET')
+    end
+    def to_s
+      "http #{http_method} on #{@url}"
+    end
+    class Worker
+      class Base
+        attr_reader :http_method, :opts, :url
+        def initialize(http_method, url, opts)
+          @http_method = http_method
+          @url = url
+          @opts = opts
+          @response = nil
+        end
+        private
+        def params
+          opts.fetch(:params, nil)
+        end
+        def username
+          opts.fetch(:auth, {})[:user]
+        end
+        def password
+          opts.fetch(:auth, {})[:pass]
+        end
+        def request_headers
+          opts.fetch(:headers, {})
+        end
+        def request_body
+          opts[:data]
+        end
+        def open_timeout
+          opts.fetch(:open_timeout, 60)
+        end
+        def read_timeout
+          opts.fetch(:read_timeout, 60)
+        end
+        def ssl_verify?
+          opts.fetch(:ssl_verify, true)
+        end
+      end
+      class Local < Base
+        def status
+          response.status
+        end
+        def body
+          response.body
+        end
+        def response_headers
+          response.headers.to_h
+        end
+        private
+        def response
+          return @response if @response
+          conn = Faraday.new url: url, headers: request_headers, params: params, ssl: { verify: ssl_verify? }
+          # set basic authentication
+          conn.basic_auth username, password unless username.nil? || password.nil?
+          # set default timeout
+          conn.options.timeout      = read_timeout  # open/read timeout in seconds
+          conn.options.open_timeout = open_timeout  # connection open timeout in seconds
+          @response = conn.run_request(http_method.downcase.to_sym, nil, nil, nil) do |req|
+            req.body = request_body
+          end
+        end
+      end
+      class Remote < Base
+        attr_reader :inspec
+        def initialize(inspec, http_method, url, opts)
+          unless inspec.command('curl').exist?
+            raise Inspec::Exceptions::ResourceSkipped,
+                  'curl is not available on the target machine'
+          end
+          @ran_curl = false
+          @inspec = inspec
+          super(http_method, url, opts)
+        end
+        def status
+          run_curl
+          @status
+        end
+        def body
+          run_curl
+          @body&.strip
+        end
+        def response_headers
+          run_curl
+          @response_headers
+        end
+        private
+        def run_curl
+          return if @ran_curl
+          cmd_result = inspec.command(curl_command)
+          response = cmd_result.stdout
+          @ran_curl = true
+          return if response.nil? || cmd_result.exit_status != 0
+          # strip any carriage returns to normalize output
+          response.delete!("\r")
+          # split the prelude (status line and headers) and the body
+          prelude, @body = response.split("\n\n", 2)
+          prelude = prelude.lines
+          # grab the status off of the first line of the prelude
+          status_line = prelude.shift
+          @status = status_line.split(' ', 3)[1].to_i
+          # parse the rest of the prelude which will be all the HTTP headers
+          @response_headers = {}
+          prelude.each do |line|
+            line.strip!
+            key, value = line.split(':', 2)
+            @response_headers[key] = value.strip
+          end
+        end
+        def curl_command # rubocop:disable Metrics/AbcSize
+          cmd = ['curl -i']
+          # Use curl's --head option when the method requested is HEAD. Otherwise,
+          # the user may experience a timeout when curl does not properly close
+          # the connection after the response is received.
+          if http_method.casecmp('HEAD') == 0
+            cmd << '--head'
+          else
+            cmd << "-X #{http_method}"
+          end
+          cmd << "--connect-timeout #{open_timeout}"
+          cmd << "--max-time #{open_timeout+read_timeout}"
+          cmd << "--user \'#{username}:#{password}\'" unless username.nil? || password.nil?
+          cmd << '--insecure' unless ssl_verify?
+          cmd << "--data #{Shellwords.shellescape(request_body)}" unless request_body.nil?
+          request_headers.each do |k, v|
+            cmd << "-H '#{k}: #{v}'"
+          end
+          if params.nil?
+            cmd << "'#{url}'"
+          else
+            cmd << "'#{url}?#{params.map { |e| e.join('=') }.join('&')}'"
+          end
+          cmd.join(' ')
+        end
+      end
+    end
+    class Headers < Hash
+      def self.create(header_data)
+        header_data.each_with_object(new) { |(k, v), memo| memo[k.to_s.downcase] = v }
+      end
+      def [](requested_key)
+        fetch(requested_key.downcase, nil)
+      end
+      def method_missing(requested_key)
+        fetch(requested_key.to_s.downcase, nil)
+      end
+    end
+  end
+end

data/lib/resources/iis_app.rb ADDED

@@ -0,0 +1,101 @@
+# encoding: utf-8
+# frozen_string_literal: true
+# check for web applications in IIS
+# Note: this is only supported in windows 2012 and later
+module Inspec::Resources
+  class IisApp < Inspec.resource(1)
+    name 'iis_app'
+    supports platform: 'windows'
+    desc 'Tests IIS application configuration on windows. Supported in server 2012+ only'
+    example "
+      describe iis_app('/myapp', 'Default Web Site') do
+        it { should exist }
+        it { should have_application_pool('MyAppPool') }
+        it { should have_protocols('http') }
+        it { should have_site_name('Default Web Site') }
+        it { should have_physical_path('C:\\inetpub\\wwwroot\\myapp') }
+        it { should have_path('\\My Application') }
+      end
+    "
+    def initialize(path, site_name)
+      @path = path
+      @site_name = site_name
+      @cache = nil
+      @inspec = inspec
+    end
+    def application_pool
+      iis_app[:application_pool]
+    end
+    def protocols
+      iis_app[:protocols]
+    end
+    def site_name
+      iis_app[:site_name]
+    end
+    def path
+      iis_app[:path]
+    end
+    def physical_path
+      iis_app[:physical_path]
+    end
+    def exists?
+      !iis_app[:path].empty?
+    end
+    def has_site_name?(site_name)
+      iis_app[:site_name] == site_name
+    end
+    def has_application_pool?(application_pool)
+      iis_app[:application_pool] == application_pool
+    end
+    def has_path?(path)
+      iis_app[:path] == path
+    end
+    def has_physical_path?(physical_path)
+      iis_app[:physical_path] == physical_path
+    end
+    def has_protocol?(protocol)
+      iis_app[:protocols].include?(protocol)
+    end
+    def to_s
+      "iis_app '#{@site_name}#{@path}'"
+    end
+    private
+    def iis_app
+      return @cache unless @cache.nil?
+      command = "Import-Module WebAdministration; Get-WebApplication -Name '#{@path}' -Site '#{@site_name}' | Select-Object * | ConvertTo-Json"
+      cmd = @inspec.command(command)
+      begin
+        app = JSON.parse(cmd.stdout)
+      rescue JSON::ParserError => _e
+        return {}
+      end
+      # map our values to a hash table
+      info = {
+        site_name: @site_name,
+        path: @path,
+        application_pool: app['applicationPool'],
+        physical_path: app['PhysicalPath'],
+        protocols: app['enabledProtocols'],
+      }
+      @cache = info unless info.nil?
+    end
+  end
+end

data/lib/resources/iis_site.rb ADDED

@@ -0,0 +1,148 @@
+# encoding: utf-8
+# frozen_string_literal: true
+# check for site in IIS
+# Usage:
+# describe iis_site('Default Web Site') do
+#   it{ should exist }
+#   it{ should be_running }
+#   it{ should be_in_app_pool('Default App Pool') }
+#   it{ should have_path('C:\\inetpub\wwwroot\\DefaultWebSite') }
+#   it{ should have_binding('https :443:www.contoso.com sslFlags=0') }
+#   it{ should have_binding('net.pipe *') }
+# end
+#
+# Note: this is only supported in windows 2012 and later
+module Inspec::Resources
+  class IisSite < Inspec.resource(1)
+    name 'iis_site'
+    supports platform: 'windows'
+    desc 'Tests IIS site configuration on windows. Supported in server 2012+ only'
+    example "
+      describe iis_site('Default Web Site') do
+        it { should exist }
+        it { should be_running }
+        it { should have_app_pool('DefaultAppPool') }
+        it { should have_binding('https :443:www.contoso.com sslFlags=0') }
+        it { should have_binding('net.pipe *') }
+        it { should have_path('C:\\inetpub\\wwwroot') }
+      end
+    "
+    def initialize(site_name)
+      @site_name = site_name
+      @cache = nil
+      @site_provider = SiteProvider.new(inspec)
+      # verify that this resource is only supported on Windows
+      return skip_resource 'The `iis_site` resource is not supported on your OS.' if inspec.os[:family] != 'windows'
+    end
+    def app_pool
+      iis_site[:app_pool]
+    end
+    def bindings
+      iis_site[:bindings]
+    end
+    def state
+      iis_site[:state]
+    end
+    def path
+      iis_site[:path]
+    end
+    def exists?
+      !iis_site.nil? && !iis_site[:name].nil?
+    end
+    def running?
+      iis_site.nil? ? false : (iis_site[:state] == 'Started')
+    end
+    def has_app_pool?(app_pool)
+      iis_site.nil? ? false : iis_site[:app_pool] == app_pool
+    end
+    def has_path?(path)
+      iis_site.nil? ? false : iis_site[:path] == path
+    end
+    def has_binding?(binding)
+      iis_site.nil? ? false : (iis_site[:bindings].include? binding)
+    end
+    def to_s
+      "iis_site '#{@site_name}'"
+    end
+    def iis_site
+      return @cache if !@cache.nil?
+      @cache = @site_provider.iis_site(@site_name) if !@site_provider.nil?
+    end
+  end
+  class SiteProvider
+    attr_reader :inspec
+    def initialize(inspec)
+      @inspec = inspec
+    end
+    # want to populate everything using one powershell command here and spit it out as json
+    def iis_site(name)
+      command = "Get-Website '#{name}' | select-object -Property Name,State,PhysicalPath,bindings,ApplicationPool | ConvertTo-Json"
+      cmd = @inspec.command(command)
+      begin
+        site = JSON.parse(cmd.stdout)
+      rescue JSON::ParserError => _e
+        return nil
+      end
+      bindings_array = site['bindings']['Collection'].map { |k, _str|
+        k['protocol'] <<
+          ' ' <<
+          k['bindingInformation'] <<
+          (k['protocol'] == 'https' ? ' sslFlags=' << flags : '')
+      }
+      # map our values to a hash table
+      info = {
+        name: site['name'],
+        state: site['state'],
+        path: site['physicalPath'],
+        bindings: bindings_array,
+        app_pool: site['applicationPool'],
+      }
+      info
+    end
+  end
+  # for compatability with serverspec
+  # this is deprecated syntax and will be removed in future versions
+  class IisSiteServerSpec < IisSite
+    name 'iis_website'
+    desc 'Tests IIS site configuration on windows. Deprecated, use `iis_site` instead.'
+    example "
+      describe iis_website('Default Website') do
+        it{ should exist }
+        it{ should be_running }
+        it{ should be_in_app_pool('Default App Pool') }
+      end
+    "
+    def initialize(site_name)
+      super(site_name)
+      warn '[DEPRECATION] `iis_website(site_name)` is deprecated.  Please use `iis_site(site_name)` instead.'
+    end
+    def in_app_pool?(app_pool)
+      has_app_pool?(app_pool)
+    end
+  end
+end