inspec-core 2.1.67
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +3136 -0
- data/Gemfile +56 -0
- data/LICENSE +14 -0
- data/MAINTAINERS.md +33 -0
- data/MAINTAINERS.toml +52 -0
- data/README.md +453 -0
- data/bin/inspec +12 -0
- data/docs/.gitignore +2 -0
- data/docs/README.md +40 -0
- data/docs/dev/control-eval.md +62 -0
- data/docs/dsl_inspec.md +258 -0
- data/docs/dsl_resource.md +100 -0
- data/docs/glossary.md +99 -0
- data/docs/habitat.md +192 -0
- data/docs/inspec_and_friends.md +114 -0
- data/docs/matchers.md +169 -0
- data/docs/migration.md +293 -0
- data/docs/platforms.md +119 -0
- data/docs/plugin_kitchen_inspec.md +50 -0
- data/docs/profiles.md +378 -0
- data/docs/reporters.md +105 -0
- data/docs/resources/aide_conf.md.erb +76 -0
- data/docs/resources/apache.md.erb +67 -0
- data/docs/resources/apache_conf.md.erb +68 -0
- data/docs/resources/apt.md.erb +71 -0
- data/docs/resources/audit_policy.md.erb +47 -0
- data/docs/resources/auditd.md.erb +79 -0
- data/docs/resources/auditd_conf.md.erb +68 -0
- data/docs/resources/bash.md.erb +75 -0
- data/docs/resources/bond.md.erb +90 -0
- data/docs/resources/bridge.md.erb +57 -0
- data/docs/resources/bsd_service.md.erb +67 -0
- data/docs/resources/chocolatey_package.md.erb +58 -0
- data/docs/resources/command.md.erb +138 -0
- data/docs/resources/cpan.md.erb +79 -0
- data/docs/resources/cran.md.erb +64 -0
- data/docs/resources/crontab.md.erb +89 -0
- data/docs/resources/csv.md.erb +54 -0
- data/docs/resources/dh_params.md.erb +205 -0
- data/docs/resources/directory.md.erb +30 -0
- data/docs/resources/docker.md.erb +219 -0
- data/docs/resources/docker_container.md.erb +103 -0
- data/docs/resources/docker_image.md.erb +94 -0
- data/docs/resources/docker_service.md.erb +114 -0
- data/docs/resources/elasticsearch.md.erb +242 -0
- data/docs/resources/etc_fstab.md.erb +125 -0
- data/docs/resources/etc_group.md.erb +75 -0
- data/docs/resources/etc_hosts.md.erb +78 -0
- data/docs/resources/etc_hosts_allow.md.erb +74 -0
- data/docs/resources/etc_hosts_deny.md.erb +74 -0
- data/docs/resources/file.md.erb +526 -0
- data/docs/resources/filesystem.md.erb +41 -0
- data/docs/resources/firewalld.md.erb +107 -0
- data/docs/resources/gem.md.erb +79 -0
- data/docs/resources/group.md.erb +61 -0
- data/docs/resources/grub_conf.md.erb +101 -0
- data/docs/resources/host.md.erb +86 -0
- data/docs/resources/http.md.erb +197 -0
- data/docs/resources/iis_app.md.erb +122 -0
- data/docs/resources/iis_site.md.erb +135 -0
- data/docs/resources/inetd_conf.md.erb +94 -0
- data/docs/resources/ini.md.erb +76 -0
- data/docs/resources/interface.md.erb +58 -0
- data/docs/resources/iptables.md.erb +64 -0
- data/docs/resources/json.md.erb +63 -0
- data/docs/resources/kernel_module.md.erb +120 -0
- data/docs/resources/kernel_parameter.md.erb +53 -0
- data/docs/resources/key_rsa.md.erb +85 -0
- data/docs/resources/launchd_service.md.erb +57 -0
- data/docs/resources/limits_conf.md.erb +75 -0
- data/docs/resources/login_defs.md.erb +71 -0
- data/docs/resources/mount.md.erb +69 -0
- data/docs/resources/mssql_session.md.erb +60 -0
- data/docs/resources/mysql_conf.md.erb +99 -0
- data/docs/resources/mysql_session.md.erb +74 -0
- data/docs/resources/nginx.md.erb +79 -0
- data/docs/resources/nginx_conf.md.erb +138 -0
- data/docs/resources/npm.md.erb +60 -0
- data/docs/resources/ntp_conf.md.erb +60 -0
- data/docs/resources/oneget.md.erb +53 -0
- data/docs/resources/oracledb_session.md.erb +52 -0
- data/docs/resources/os.md.erb +141 -0
- data/docs/resources/os_env.md.erb +91 -0
- data/docs/resources/package.md.erb +120 -0
- data/docs/resources/packages.md.erb +67 -0
- data/docs/resources/parse_config.md.erb +103 -0
- data/docs/resources/parse_config_file.md.erb +138 -0
- data/docs/resources/passwd.md.erb +141 -0
- data/docs/resources/pip.md.erb +67 -0
- data/docs/resources/port.md.erb +137 -0
- data/docs/resources/postgres_conf.md.erb +79 -0
- data/docs/resources/postgres_hba_conf.md.erb +93 -0
- data/docs/resources/postgres_ident_conf.md.erb +76 -0
- data/docs/resources/postgres_session.md.erb +69 -0
- data/docs/resources/powershell.md.erb +102 -0
- data/docs/resources/processes.md.erb +109 -0
- data/docs/resources/rabbitmq_config.md.erb +41 -0
- data/docs/resources/registry_key.md.erb +158 -0
- data/docs/resources/runit_service.md.erb +57 -0
- data/docs/resources/security_policy.md.erb +47 -0
- data/docs/resources/service.md.erb +121 -0
- data/docs/resources/shadow.md.erb +146 -0
- data/docs/resources/ssh_config.md.erb +73 -0
- data/docs/resources/sshd_config.md.erb +83 -0
- data/docs/resources/ssl.md.erb +119 -0
- data/docs/resources/sys_info.md.erb +42 -0
- data/docs/resources/systemd_service.md.erb +57 -0
- data/docs/resources/sysv_service.md.erb +57 -0
- data/docs/resources/upstart_service.md.erb +57 -0
- data/docs/resources/user.md.erb +140 -0
- data/docs/resources/users.md.erb +127 -0
- data/docs/resources/vbscript.md.erb +55 -0
- data/docs/resources/virtualization.md.erb +57 -0
- data/docs/resources/windows_feature.md.erb +47 -0
- data/docs/resources/windows_hotfix.md.erb +53 -0
- data/docs/resources/windows_task.md.erb +95 -0
- data/docs/resources/wmi.md.erb +81 -0
- data/docs/resources/x509_certificate.md.erb +151 -0
- data/docs/resources/xinetd_conf.md.erb +156 -0
- data/docs/resources/xml.md.erb +85 -0
- data/docs/resources/yaml.md.erb +69 -0
- data/docs/resources/yum.md.erb +98 -0
- data/docs/resources/zfs_dataset.md.erb +53 -0
- data/docs/resources/zfs_pool.md.erb +47 -0
- data/docs/ruby_usage.md +203 -0
- data/docs/shared/matcher_be.md.erb +1 -0
- data/docs/shared/matcher_cmp.md.erb +43 -0
- data/docs/shared/matcher_eq.md.erb +3 -0
- data/docs/shared/matcher_include.md.erb +1 -0
- data/docs/shared/matcher_match.md.erb +1 -0
- data/docs/shell.md +217 -0
- data/examples/README.md +8 -0
- data/examples/inheritance/README.md +65 -0
- data/examples/inheritance/controls/example.rb +14 -0
- data/examples/inheritance/inspec.yml +15 -0
- data/examples/kitchen-ansible/.kitchen.yml +25 -0
- data/examples/kitchen-ansible/Gemfile +19 -0
- data/examples/kitchen-ansible/README.md +53 -0
- data/examples/kitchen-ansible/files/nginx.repo +6 -0
- data/examples/kitchen-ansible/tasks/main.yml +16 -0
- data/examples/kitchen-ansible/test/integration/default/default.yml +5 -0
- data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -0
- data/examples/kitchen-chef/.kitchen.yml +20 -0
- data/examples/kitchen-chef/Berksfile +3 -0
- data/examples/kitchen-chef/Gemfile +19 -0
- data/examples/kitchen-chef/README.md +27 -0
- data/examples/kitchen-chef/metadata.rb +7 -0
- data/examples/kitchen-chef/recipes/default.rb +6 -0
- data/examples/kitchen-chef/recipes/nginx.rb +30 -0
- data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -0
- data/examples/kitchen-puppet/.kitchen.yml +23 -0
- data/examples/kitchen-puppet/Gemfile +20 -0
- data/examples/kitchen-puppet/Puppetfile +25 -0
- data/examples/kitchen-puppet/README.md +53 -0
- data/examples/kitchen-puppet/manifests/site.pp +33 -0
- data/examples/kitchen-puppet/metadata.json +11 -0
- data/examples/kitchen-puppet/modules/.gitkeep +0 -0
- data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -0
- data/examples/meta-profile/README.md +37 -0
- data/examples/meta-profile/controls/example.rb +13 -0
- data/examples/meta-profile/inspec.yml +13 -0
- data/examples/profile-attribute.yml +2 -0
- data/examples/profile-attribute/README.md +14 -0
- data/examples/profile-attribute/controls/example.rb +11 -0
- data/examples/profile-attribute/inspec.yml +8 -0
- data/examples/profile-sensitive/README.md +29 -0
- data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -0
- data/examples/profile-sensitive/controls/sensitive.rb +9 -0
- data/examples/profile-sensitive/inspec.yml +8 -0
- data/examples/profile/README.md +48 -0
- data/examples/profile/controls/example.rb +23 -0
- data/examples/profile/controls/gordon.rb +36 -0
- data/examples/profile/controls/meta.rb +34 -0
- data/examples/profile/inspec.yml +10 -0
- data/examples/profile/libraries/gordon_config.rb +59 -0
- data/inspec-core.gemspec +43 -0
- data/lib/bundles/README.md +3 -0
- data/lib/bundles/inspec-artifact.rb +7 -0
- data/lib/bundles/inspec-artifact/README.md +1 -0
- data/lib/bundles/inspec-artifact/cli.rb +277 -0
- data/lib/bundles/inspec-compliance.rb +16 -0
- data/lib/bundles/inspec-compliance/.kitchen.yml +20 -0
- data/lib/bundles/inspec-compliance/README.md +193 -0
- data/lib/bundles/inspec-compliance/api.rb +360 -0
- data/lib/bundles/inspec-compliance/api/login.rb +193 -0
- data/lib/bundles/inspec-compliance/bootstrap.sh +41 -0
- data/lib/bundles/inspec-compliance/cli.rb +260 -0
- data/lib/bundles/inspec-compliance/configuration.rb +103 -0
- data/lib/bundles/inspec-compliance/http.rb +125 -0
- data/lib/bundles/inspec-compliance/images/cc-token.png +0 -0
- data/lib/bundles/inspec-compliance/support.rb +36 -0
- data/lib/bundles/inspec-compliance/target.rb +106 -0
- data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -0
- data/lib/bundles/inspec-habitat.rb +12 -0
- data/lib/bundles/inspec-habitat/cli.rb +36 -0
- data/lib/bundles/inspec-habitat/log.rb +10 -0
- data/lib/bundles/inspec-habitat/profile.rb +391 -0
- data/lib/bundles/inspec-init.rb +8 -0
- data/lib/bundles/inspec-init/README.md +31 -0
- data/lib/bundles/inspec-init/cli.rb +97 -0
- data/lib/bundles/inspec-init/templates/profile/README.md +3 -0
- data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -0
- data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -0
- data/lib/bundles/inspec-init/templates/profile/libraries/.gitkeep +0 -0
- data/lib/bundles/inspec-supermarket.rb +13 -0
- data/lib/bundles/inspec-supermarket/README.md +45 -0
- data/lib/bundles/inspec-supermarket/api.rb +84 -0
- data/lib/bundles/inspec-supermarket/cli.rb +73 -0
- data/lib/bundles/inspec-supermarket/target.rb +34 -0
- data/lib/fetchers/git.rb +163 -0
- data/lib/fetchers/local.rb +74 -0
- data/lib/fetchers/mock.rb +35 -0
- data/lib/fetchers/url.rb +247 -0
- data/lib/inspec.rb +24 -0
- data/lib/inspec/archive/tar.rb +29 -0
- data/lib/inspec/archive/zip.rb +19 -0
- data/lib/inspec/backend.rb +93 -0
- data/lib/inspec/base_cli.rb +368 -0
- data/lib/inspec/cached_fetcher.rb +66 -0
- data/lib/inspec/cli.rb +292 -0
- data/lib/inspec/completions/bash.sh.erb +45 -0
- data/lib/inspec/completions/fish.sh.erb +34 -0
- data/lib/inspec/completions/zsh.sh.erb +61 -0
- data/lib/inspec/control_eval_context.rb +179 -0
- data/lib/inspec/dependencies/cache.rb +72 -0
- data/lib/inspec/dependencies/dependency_set.rb +92 -0
- data/lib/inspec/dependencies/lockfile.rb +115 -0
- data/lib/inspec/dependencies/requirement.rb +123 -0
- data/lib/inspec/dependencies/resolver.rb +86 -0
- data/lib/inspec/describe.rb +27 -0
- data/lib/inspec/dsl.rb +66 -0
- data/lib/inspec/dsl_shared.rb +33 -0
- data/lib/inspec/env_printer.rb +157 -0
- data/lib/inspec/errors.rb +14 -0
- data/lib/inspec/exceptions.rb +12 -0
- data/lib/inspec/expect.rb +45 -0
- data/lib/inspec/fetcher.rb +45 -0
- data/lib/inspec/file_provider.rb +275 -0
- data/lib/inspec/formatters.rb +3 -0
- data/lib/inspec/formatters/base.rb +259 -0
- data/lib/inspec/formatters/json_rspec.rb +20 -0
- data/lib/inspec/formatters/show_progress.rb +12 -0
- data/lib/inspec/library_eval_context.rb +58 -0
- data/lib/inspec/log.rb +11 -0
- data/lib/inspec/metadata.rb +247 -0
- data/lib/inspec/method_source.rb +24 -0
- data/lib/inspec/objects.rb +14 -0
- data/lib/inspec/objects/attribute.rb +75 -0
- data/lib/inspec/objects/control.rb +61 -0
- data/lib/inspec/objects/describe.rb +92 -0
- data/lib/inspec/objects/each_loop.rb +36 -0
- data/lib/inspec/objects/list.rb +15 -0
- data/lib/inspec/objects/or_test.rb +40 -0
- data/lib/inspec/objects/ruby_helper.rb +15 -0
- data/lib/inspec/objects/tag.rb +27 -0
- data/lib/inspec/objects/test.rb +87 -0
- data/lib/inspec/objects/value.rb +27 -0
- data/lib/inspec/plugins.rb +60 -0
- data/lib/inspec/plugins/cli.rb +24 -0
- data/lib/inspec/plugins/fetcher.rb +86 -0
- data/lib/inspec/plugins/resource.rb +135 -0
- data/lib/inspec/plugins/secret.rb +15 -0
- data/lib/inspec/plugins/source_reader.rb +40 -0
- data/lib/inspec/polyfill.rb +12 -0
- data/lib/inspec/profile.rb +513 -0
- data/lib/inspec/profile_context.rb +208 -0
- data/lib/inspec/profile_vendor.rb +66 -0
- data/lib/inspec/reporters.rb +60 -0
- data/lib/inspec/reporters/automate.rb +76 -0
- data/lib/inspec/reporters/base.rb +25 -0
- data/lib/inspec/reporters/cli.rb +356 -0
- data/lib/inspec/reporters/json.rb +116 -0
- data/lib/inspec/reporters/json_min.rb +48 -0
- data/lib/inspec/reporters/junit.rb +78 -0
- data/lib/inspec/require_loader.rb +33 -0
- data/lib/inspec/resource.rb +190 -0
- data/lib/inspec/rule.rb +280 -0
- data/lib/inspec/runner.rb +345 -0
- data/lib/inspec/runner_mock.rb +41 -0
- data/lib/inspec/runner_rspec.rb +175 -0
- data/lib/inspec/runtime_profile.rb +26 -0
- data/lib/inspec/schema.rb +213 -0
- data/lib/inspec/secrets.rb +19 -0
- data/lib/inspec/secrets/yaml.rb +30 -0
- data/lib/inspec/shell.rb +220 -0
- data/lib/inspec/shell_detector.rb +90 -0
- data/lib/inspec/source_reader.rb +29 -0
- data/lib/inspec/version.rb +8 -0
- data/lib/matchers/matchers.rb +339 -0
- data/lib/resources/aide_conf.rb +151 -0
- data/lib/resources/apache.rb +48 -0
- data/lib/resources/apache_conf.rb +149 -0
- data/lib/resources/apt.rb +149 -0
- data/lib/resources/audit_policy.rb +63 -0
- data/lib/resources/auditd.rb +231 -0
- data/lib/resources/auditd_conf.rb +46 -0
- data/lib/resources/bash.rb +35 -0
- data/lib/resources/bond.rb +69 -0
- data/lib/resources/bridge.rb +122 -0
- data/lib/resources/chocolatey_package.rb +78 -0
- data/lib/resources/command.rb +73 -0
- data/lib/resources/cpan.rb +58 -0
- data/lib/resources/cran.rb +64 -0
- data/lib/resources/crontab.rb +169 -0
- data/lib/resources/csv.rb +56 -0
- data/lib/resources/dh_params.rb +77 -0
- data/lib/resources/directory.rb +25 -0
- data/lib/resources/docker.rb +236 -0
- data/lib/resources/docker_container.rb +89 -0
- data/lib/resources/docker_image.rb +83 -0
- data/lib/resources/docker_object.rb +57 -0
- data/lib/resources/docker_service.rb +90 -0
- data/lib/resources/elasticsearch.rb +169 -0
- data/lib/resources/etc_fstab.rb +94 -0
- data/lib/resources/etc_group.rb +154 -0
- data/lib/resources/etc_hosts.rb +66 -0
- data/lib/resources/etc_hosts_allow_deny.rb +112 -0
- data/lib/resources/file.rb +298 -0
- data/lib/resources/filesystem.rb +31 -0
- data/lib/resources/firewalld.rb +143 -0
- data/lib/resources/gem.rb +70 -0
- data/lib/resources/groups.rb +215 -0
- data/lib/resources/grub_conf.rb +227 -0
- data/lib/resources/host.rb +306 -0
- data/lib/resources/http.rb +253 -0
- data/lib/resources/iis_app.rb +101 -0
- data/lib/resources/iis_site.rb +148 -0
- data/lib/resources/inetd_conf.rb +54 -0
- data/lib/resources/ini.rb +29 -0
- data/lib/resources/interface.rb +129 -0
- data/lib/resources/iptables.rb +80 -0
- data/lib/resources/json.rb +111 -0
- data/lib/resources/kernel_module.rb +107 -0
- data/lib/resources/kernel_parameter.rb +58 -0
- data/lib/resources/key_rsa.rb +63 -0
- data/lib/resources/limits_conf.rb +46 -0
- data/lib/resources/login_def.rb +57 -0
- data/lib/resources/mount.rb +88 -0
- data/lib/resources/mssql_session.rb +101 -0
- data/lib/resources/mysql.rb +82 -0
- data/lib/resources/mysql_conf.rb +127 -0
- data/lib/resources/mysql_session.rb +85 -0
- data/lib/resources/nginx.rb +96 -0
- data/lib/resources/nginx_conf.rb +226 -0
- data/lib/resources/npm.rb +48 -0
- data/lib/resources/ntp_conf.rb +51 -0
- data/lib/resources/oneget.rb +71 -0
- data/lib/resources/oracledb_session.rb +139 -0
- data/lib/resources/os.rb +36 -0
- data/lib/resources/os_env.rb +86 -0
- data/lib/resources/package.rb +370 -0
- data/lib/resources/packages.rb +111 -0
- data/lib/resources/parse_config.rb +112 -0
- data/lib/resources/passwd.rb +76 -0
- data/lib/resources/pip.rb +130 -0
- data/lib/resources/platform.rb +109 -0
- data/lib/resources/port.rb +771 -0
- data/lib/resources/postgres.rb +131 -0
- data/lib/resources/postgres_conf.rb +114 -0
- data/lib/resources/postgres_hba_conf.rb +90 -0
- data/lib/resources/postgres_ident_conf.rb +79 -0
- data/lib/resources/postgres_session.rb +71 -0
- data/lib/resources/powershell.rb +67 -0
- data/lib/resources/processes.rb +204 -0
- data/lib/resources/rabbitmq_conf.rb +51 -0
- data/lib/resources/registry_key.rb +297 -0
- data/lib/resources/security_policy.rb +180 -0
- data/lib/resources/service.rb +794 -0
- data/lib/resources/shadow.rb +159 -0
- data/lib/resources/ssh_conf.rb +97 -0
- data/lib/resources/ssl.rb +99 -0
- data/lib/resources/sys_info.rb +28 -0
- data/lib/resources/toml.rb +32 -0
- data/lib/resources/users.rb +654 -0
- data/lib/resources/vbscript.rb +68 -0
- data/lib/resources/virtualization.rb +247 -0
- data/lib/resources/windows_feature.rb +84 -0
- data/lib/resources/windows_hotfix.rb +35 -0
- data/lib/resources/windows_task.rb +102 -0
- data/lib/resources/wmi.rb +110 -0
- data/lib/resources/x509_certificate.rb +137 -0
- data/lib/resources/xinetd.rb +106 -0
- data/lib/resources/xml.rb +46 -0
- data/lib/resources/yaml.rb +43 -0
- data/lib/resources/yum.rb +180 -0
- data/lib/resources/zfs_dataset.rb +60 -0
- data/lib/resources/zfs_pool.rb +49 -0
- data/lib/source_readers/flat.rb +39 -0
- data/lib/source_readers/inspec.rb +75 -0
- data/lib/utils/command_wrapper.rb +27 -0
- data/lib/utils/convert.rb +12 -0
- data/lib/utils/database_helpers.rb +77 -0
- data/lib/utils/enumerable_delegation.rb +9 -0
- data/lib/utils/erlang_parser.rb +192 -0
- data/lib/utils/file_reader.rb +25 -0
- data/lib/utils/filter.rb +273 -0
- data/lib/utils/filter_array.rb +27 -0
- data/lib/utils/find_files.rb +47 -0
- data/lib/utils/hash.rb +41 -0
- data/lib/utils/json_log.rb +18 -0
- data/lib/utils/latest_version.rb +22 -0
- data/lib/utils/modulator.rb +12 -0
- data/lib/utils/nginx_parser.rb +105 -0
- data/lib/utils/object_traversal.rb +49 -0
- data/lib/utils/parser.rb +274 -0
- data/lib/utils/pkey_reader.rb +15 -0
- data/lib/utils/plugin_registry.rb +93 -0
- data/lib/utils/simpleconfig.rb +120 -0
- data/lib/utils/spdx.rb +13 -0
- data/lib/utils/spdx.txt +344 -0
- metadata +713 -0
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
require 'utils/object_traversal'
|
|
4
|
+
|
|
5
|
+
module Inspec::Resources
|
|
6
|
+
# This resource simplifies the access to wmi
|
|
7
|
+
# on CLI you would use:
|
|
8
|
+
# WMIC /NAMESPACE:\\root\rsop\computer PATH RSOP_SecuritySettingNumeric WHERE "KeyName = 'MinimumPasswordAge' And precedence=1" GET Setting
|
|
9
|
+
# We use Get-WmiObject via Powershell to retrieve all values.
|
|
10
|
+
class WMI < Inspec.resource(1)
|
|
11
|
+
name 'wmi'
|
|
12
|
+
supports platform: 'windows'
|
|
13
|
+
desc 'request wmi information'
|
|
14
|
+
example "
|
|
15
|
+
describe wmi({
|
|
16
|
+
class: 'RSOP_SecuritySettingNumeric',
|
|
17
|
+
namespace: 'root\\rsop\\computer',
|
|
18
|
+
filter: 'KeyName = \'MinimumPasswordAge\' And precedence=1'
|
|
19
|
+
}) do
|
|
20
|
+
its('Setting') { should eq true }
|
|
21
|
+
end
|
|
22
|
+
"
|
|
23
|
+
|
|
24
|
+
include ObjectTraverser
|
|
25
|
+
attr_accessor :content
|
|
26
|
+
|
|
27
|
+
def initialize(wmiclass = nil, opts = nil)
|
|
28
|
+
@options = opts || {}
|
|
29
|
+
# if wmiclass is not a hash, we have to handle deprecation behavior
|
|
30
|
+
if wmiclass.is_a?(Hash)
|
|
31
|
+
@options.merge!(wmiclass)
|
|
32
|
+
else
|
|
33
|
+
warn '[DEPRECATION] `wmi(\'wmiclass\')` is deprecated. Please use `wmi({class: \'wmiclass\'})` instead.'
|
|
34
|
+
@options[:class] = wmiclass
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
# returns nil, if not existant or value
|
|
39
|
+
def method_missing(*keys)
|
|
40
|
+
# catch behavior of rspec its implementation
|
|
41
|
+
# @see https://github.com/rspec/rspec-its/blob/master/lib/rspec/its.rb#L110
|
|
42
|
+
keys.shift if keys.is_a?(Array) && keys[0] == :[]
|
|
43
|
+
|
|
44
|
+
# map all symbols to strings
|
|
45
|
+
keys = keys.map { |x| x.to_s.downcase } if keys.is_a?(Array)
|
|
46
|
+
|
|
47
|
+
value(keys)
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def value(key)
|
|
51
|
+
extract_value(key, params)
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def params
|
|
55
|
+
return @content if defined?(@content)
|
|
56
|
+
@content = {}
|
|
57
|
+
|
|
58
|
+
# abort if no options are available
|
|
59
|
+
return @content unless defined?(@options)
|
|
60
|
+
|
|
61
|
+
# filter for supported options
|
|
62
|
+
args = @options.select { |key, _value| [:class, :namespace, :query, :filter].include?(key) }
|
|
63
|
+
|
|
64
|
+
# convert to Get-WmiObject arguments
|
|
65
|
+
params = ''
|
|
66
|
+
args.each { |key, value| params += " -#{key} \"#{value.gsub('"', '`"')}\"" }
|
|
67
|
+
|
|
68
|
+
# run wmi command and filter empty wmi
|
|
69
|
+
script = <<-EOH
|
|
70
|
+
Filter Aggregate
|
|
71
|
+
{
|
|
72
|
+
$arr = @{}
|
|
73
|
+
$_.properties | % {
|
|
74
|
+
$arr.Add($_.name, $_.value)
|
|
75
|
+
}
|
|
76
|
+
$arr
|
|
77
|
+
}
|
|
78
|
+
Get-WmiObject #{params} | Aggregate | ConvertTo-Json
|
|
79
|
+
EOH
|
|
80
|
+
|
|
81
|
+
# run wmi command
|
|
82
|
+
cmd = inspec.powershell(script)
|
|
83
|
+
@content = JSON.parse(cmd.stdout)
|
|
84
|
+
|
|
85
|
+
# make all keys case-insensitive
|
|
86
|
+
@content = lowercase_keys(@content)
|
|
87
|
+
rescue JSON::ParserError => _e
|
|
88
|
+
@content
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def to_s
|
|
92
|
+
"WMI with #{@options}"
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
private
|
|
96
|
+
|
|
97
|
+
def lowercase_keys(content)
|
|
98
|
+
if content.is_a?(Hash)
|
|
99
|
+
content.keys.each do |key|
|
|
100
|
+
new_key = key.to_s.downcase
|
|
101
|
+
content[new_key] = content.delete(key)
|
|
102
|
+
lowercase_keys(content[new_key])
|
|
103
|
+
end
|
|
104
|
+
elsif content.respond_to?(:each)
|
|
105
|
+
content.each { |item| lowercase_keys(item) }
|
|
106
|
+
end
|
|
107
|
+
content
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
end
|
|
@@ -0,0 +1,137 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
require 'openssl'
|
|
4
|
+
require 'hashie/mash'
|
|
5
|
+
require 'utils/file_reader'
|
|
6
|
+
|
|
7
|
+
module Inspec::Resources
|
|
8
|
+
class X509CertificateResource < Inspec.resource(1)
|
|
9
|
+
name 'x509_certificate'
|
|
10
|
+
supports platform: 'unix'
|
|
11
|
+
supports platform: 'windows'
|
|
12
|
+
desc 'Used to test x.509 certificates'
|
|
13
|
+
example "
|
|
14
|
+
describe x509_certificate('/etc/pki/www.mywebsite.com.pem') do
|
|
15
|
+
its('subject') { should match /CN=My Website/ }
|
|
16
|
+
its('validity_in_days') { should be > 30 }
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
describe x509_certificate('trials/x509/cert.pem') do
|
|
20
|
+
it { should be_certificate }
|
|
21
|
+
it { should be_valid }
|
|
22
|
+
its('fingerprint') { should eq '62b137bdf427e7273dc2e487877b3033e4c8ce17' }
|
|
23
|
+
its('signature_algorithm') { should eq 'sha1WithRSAEncryption' }
|
|
24
|
+
its('validity_in_days') { should_not be < 100 }
|
|
25
|
+
its('validity_in_days') { should be >= 100 }
|
|
26
|
+
its('subject_dn') { should eq '/C=DE/ST=Berlin/L=Berlin/O=InSpec/OU=Chef Software, Inc/CN=inspec.io/emailAddress=support@chef.io' }
|
|
27
|
+
its('subject.C') { should eq 'DE' }
|
|
28
|
+
its('subject.emailAddress') { should_not be_empty }
|
|
29
|
+
its('subject.emailAddress') { should eq 'support@chef.io' }
|
|
30
|
+
its('issuer_dn') { should eq '/C=DE/ST=Berlin/L=Berlin/O=InSpec/OU=Chef Software, Inc/CN=inspec.io/emailAddress=support@chef.io' }
|
|
31
|
+
its('key_length') { should be >= 2048 }
|
|
32
|
+
its('extensions.subjectKeyIdentifier') { should cmp 'A5:16:0B:12:F4:48:0F:06:6C:32:29:67:98:12:DF:3D:0D:75:9D:5C' }
|
|
33
|
+
end
|
|
34
|
+
"
|
|
35
|
+
|
|
36
|
+
include FileReader
|
|
37
|
+
|
|
38
|
+
# @see https://tools.ietf.org/html/rfc5280#page-23
|
|
39
|
+
def initialize(filename)
|
|
40
|
+
@certpath = filename
|
|
41
|
+
@issuer = nil
|
|
42
|
+
@parsed_subject = nil
|
|
43
|
+
@parsed_issuer = nil
|
|
44
|
+
@extensions = nil
|
|
45
|
+
@cert = OpenSSL::X509::Certificate.new read_file_content(@certpath)
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
# Forward these methods directly to OpenSSL::X509::Certificate instance
|
|
49
|
+
%w{version not_before not_after signature_algorithm public_key}.each do |m|
|
|
50
|
+
define_method m.to_sym do |*args|
|
|
51
|
+
@cert.method(m.to_sym).call(*args)
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def certificate?
|
|
56
|
+
!@cert.nil?
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def fingerprint
|
|
60
|
+
return if @cert.nil?
|
|
61
|
+
OpenSSL::Digest::SHA1.new(@cert.to_der).to_s
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def serial
|
|
65
|
+
return if @cert.nil?
|
|
66
|
+
@cert.serial.to_i
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def subject_dn
|
|
70
|
+
return if @cert.nil?
|
|
71
|
+
@cert.subject.to_s
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def subject
|
|
75
|
+
return if @cert.nil?
|
|
76
|
+
# Return cached subject if we have already parsed it
|
|
77
|
+
return @parsed_subject if @parsed_subject
|
|
78
|
+
# Use a Mash to make it easier to access hash elements in "its('subject') {should ...}"
|
|
79
|
+
@parsed_subject = Hashie::Mash.new(Hash[@cert.subject.to_a.map { |k, v, _| [k, v] }])
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def issuer_dn
|
|
83
|
+
return if @cert.nil?
|
|
84
|
+
@cert.issuer.to_s
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def issuer
|
|
88
|
+
return if @cert.nil?
|
|
89
|
+
# Return cached subject if we have already parsed it
|
|
90
|
+
return @parsed_issuer if @parsed_issuer
|
|
91
|
+
# Use a Mash to make it easier to access hash elements in "its('issuer') {should ...}"
|
|
92
|
+
@parsed_issuer = Hashie::Mash.new(Hash[@cert.issuer.to_a.map { |k, v, _| [k, v] }])
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
def key_length
|
|
96
|
+
return if @cert.nil?
|
|
97
|
+
@cert.public_key.n.num_bytes * 8
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
def validity_in_days
|
|
101
|
+
(not_after - Time.now.utc) / 86400
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def valid?
|
|
105
|
+
now = Time.now
|
|
106
|
+
certificate? && (now >= not_before && now <= not_after)
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
def extensions
|
|
110
|
+
# Return cached Mash if we already parsed the certificate extensions
|
|
111
|
+
return @extensions if @extensions
|
|
112
|
+
# Return the exception class if we failed to instantiate a Cert from file
|
|
113
|
+
return @cert unless @cert.respond_to? :extensions
|
|
114
|
+
# Use a Mash to make it easier to access hash elements in "its('entensions') {should ...}"
|
|
115
|
+
@extensions = Hashie::Mash.new({})
|
|
116
|
+
# Make sure standard extensions exist so we don't get nil for nil:NilClass
|
|
117
|
+
# when the user tests for extensions which aren't present
|
|
118
|
+
%w{
|
|
119
|
+
keyUsage extendedKeyUsage basicConstraints subjectKeyIdentifier
|
|
120
|
+
authorityKeyIdentifier subjectAltName issuerAltName authorityInfoAccess
|
|
121
|
+
crlDistributionPoints issuingDistributionPoint certificatePolicies
|
|
122
|
+
policyConstraints nameConstraints noCheck tlsfeature nsComment
|
|
123
|
+
}.each { |extension| @extensions[extension] ||= [] }
|
|
124
|
+
# Now parse the extensions into the Mash
|
|
125
|
+
extension_array = @cert.extensions.map(&:to_s)
|
|
126
|
+
extension_array.each do |extension|
|
|
127
|
+
kv = extension.split(/ *= */, 2)
|
|
128
|
+
@extensions[kv.first] = kv.last.split(/ *, */)
|
|
129
|
+
end
|
|
130
|
+
@extensions
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
def to_s
|
|
134
|
+
"x509_certificate #{@certpath}"
|
|
135
|
+
end
|
|
136
|
+
end
|
|
137
|
+
end
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
require 'utils/parser'
|
|
4
|
+
require 'utils/filter'
|
|
5
|
+
require 'utils/file_reader'
|
|
6
|
+
|
|
7
|
+
module Inspec::Resources
|
|
8
|
+
class XinetdConf < Inspec.resource(1)
|
|
9
|
+
name 'xinetd_conf'
|
|
10
|
+
supports platform: 'unix'
|
|
11
|
+
desc 'Xinetd services configuration.'
|
|
12
|
+
example "
|
|
13
|
+
describe xinetd_conf.services('chargen') do
|
|
14
|
+
its('socket_types') { should include 'dgram' }
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
describe xinetd_conf.services('chargen').socket_types('dgram') do
|
|
18
|
+
it { should be_disabled }
|
|
19
|
+
end
|
|
20
|
+
"
|
|
21
|
+
|
|
22
|
+
include XinetdParser
|
|
23
|
+
include FileReader
|
|
24
|
+
|
|
25
|
+
def initialize(conf_path = '/etc/xinetd.conf')
|
|
26
|
+
@conf_path = conf_path
|
|
27
|
+
@contents = {}
|
|
28
|
+
read_content(@conf_path)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def to_s
|
|
32
|
+
"Xinetd config #{@conf_path}#{@filters}"
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def params
|
|
36
|
+
@params ||= read_params
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
filter = FilterTable.create
|
|
40
|
+
filter.add_accessor(:where)
|
|
41
|
+
.add_accessor(:entries)
|
|
42
|
+
.add(:services, field: 'service')
|
|
43
|
+
.add(:ids, field: 'id')
|
|
44
|
+
.add(:socket_types, field: 'socket_type')
|
|
45
|
+
.add(:types, field: 'type')
|
|
46
|
+
.add(:protocols, field: 'protocol')
|
|
47
|
+
.add(:wait, field: 'wait')
|
|
48
|
+
.add(:disabled?) { |x| x.where('disable' => 'no').services.empty? }
|
|
49
|
+
.add(:enabled?) { |x| x.where('disable' => 'yes').services.empty? }
|
|
50
|
+
.connect(self, :service_lines)
|
|
51
|
+
|
|
52
|
+
private
|
|
53
|
+
|
|
54
|
+
def read_content(path = @conf_path)
|
|
55
|
+
return @contents[path] if @contents.key?(path)
|
|
56
|
+
|
|
57
|
+
@contents[path] = read_file_content(path)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def read_params
|
|
61
|
+
return {} if read_content.nil?
|
|
62
|
+
flat_params = parse_xinetd(read_content)
|
|
63
|
+
# we need to map service data in order to use it with filtertable
|
|
64
|
+
params = { 'services' => {} }
|
|
65
|
+
# map services that were defined and map it to the service hash
|
|
66
|
+
flat_params.each do |k, v|
|
|
67
|
+
name = k[/^service (.+)$/, 1]
|
|
68
|
+
# its not a service, no change required
|
|
69
|
+
if name.nil?
|
|
70
|
+
params[k] = v
|
|
71
|
+
# handle service entries
|
|
72
|
+
else
|
|
73
|
+
# store service
|
|
74
|
+
params['services'][name] = v
|
|
75
|
+
|
|
76
|
+
# add the service identifier to its parameters
|
|
77
|
+
if v.is_a?(Array)
|
|
78
|
+
v.each { |service| service.params['service'] = name }
|
|
79
|
+
else
|
|
80
|
+
v.params['service'] = name
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
params
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
# Method used to derive the default protocol used from the socket_type
|
|
88
|
+
def default_protocol(type)
|
|
89
|
+
case type
|
|
90
|
+
when 'stream'
|
|
91
|
+
'tcp'
|
|
92
|
+
when 'dgram'
|
|
93
|
+
'udp'
|
|
94
|
+
else
|
|
95
|
+
'unknown'
|
|
96
|
+
end
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
def service_lines
|
|
100
|
+
@services ||= params['services'].values.flatten.map { |service|
|
|
101
|
+
service.params['protocol'] ||= default_protocol(service.params['socket_type'])
|
|
102
|
+
service.params
|
|
103
|
+
}
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
module Inspec::Resources
|
|
4
|
+
class XmlConfig < JsonConfig
|
|
5
|
+
name 'xml'
|
|
6
|
+
supports platform: 'unix'
|
|
7
|
+
supports platform: 'windows'
|
|
8
|
+
desc 'Use the xml InSpec resource to test configuration data in an XML file'
|
|
9
|
+
example "
|
|
10
|
+
describe xml('default.xml') do
|
|
11
|
+
its('key/sub_key') { should eq(['value']) }
|
|
12
|
+
its(['root/name.with.a.period']) { should cmp 'so_many_dots' }
|
|
13
|
+
end
|
|
14
|
+
"
|
|
15
|
+
|
|
16
|
+
def parse(content)
|
|
17
|
+
require 'rexml/document'
|
|
18
|
+
REXML::Document.new(content)
|
|
19
|
+
rescue => e
|
|
20
|
+
raise Inspec::Exceptions::ResourceFailed, "Unable to parse XML: #{e.message}"
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def value(key)
|
|
24
|
+
output = []
|
|
25
|
+
REXML::XPath.each(@params, key.first.to_s) do |element|
|
|
26
|
+
if element.is_a?(REXML::Attribute)
|
|
27
|
+
output.push(element.to_s)
|
|
28
|
+
elsif element.is_a?(REXML::Element)
|
|
29
|
+
output.push(element.text)
|
|
30
|
+
else
|
|
31
|
+
raise Inspec::Exceptions::ResourceFailed, "Unknown XML object received (#{element.class}): #{element}"
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
output
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
private
|
|
39
|
+
|
|
40
|
+
# used by JsonConfig to build up a full to_s method
|
|
41
|
+
# based on whether a file path, content, or command was supplied.
|
|
42
|
+
def resource_base_name
|
|
43
|
+
'XML'
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
require 'yaml'
|
|
4
|
+
|
|
5
|
+
# Parses a yaml document
|
|
6
|
+
# Usage:
|
|
7
|
+
# describe yaml('.kitchen.yaml') do
|
|
8
|
+
# its('driver.name') { should eq('vagrant') }
|
|
9
|
+
# end
|
|
10
|
+
module Inspec::Resources
|
|
11
|
+
class YamlConfig < JsonConfig
|
|
12
|
+
name 'yaml'
|
|
13
|
+
desc 'Use the yaml InSpec audit resource to test configuration data in a YAML file.'
|
|
14
|
+
example "
|
|
15
|
+
describe yaml('config.yaml') do
|
|
16
|
+
its(['driver', 'name']) { should eq 'vagrant' }
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
describe yaml({ command: 'retrieve_data.py --yaml' }) do
|
|
20
|
+
its('state') { should eq 'open' }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
describe yaml({ content: \"key1: value1\nkey2: value2\" }) do
|
|
24
|
+
its('key2') { should cmp 'value2' }
|
|
25
|
+
end
|
|
26
|
+
"
|
|
27
|
+
|
|
28
|
+
# override file load and parse hash from yaml
|
|
29
|
+
def parse(content)
|
|
30
|
+
YAML.load(content)
|
|
31
|
+
rescue => e
|
|
32
|
+
raise Inspec::Exceptions::ResourceFailed, "Unable to parse YAML: #{e.message}"
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
private
|
|
36
|
+
|
|
37
|
+
# used by JsonConfig to build up a full to_s method
|
|
38
|
+
# based on whether a file path, content, or command was supplied.
|
|
39
|
+
def resource_base_name
|
|
40
|
+
'YAML'
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
@@ -0,0 +1,180 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
|
|
3
|
+
# Usage:
|
|
4
|
+
# describe yum do
|
|
5
|
+
# its('repos') { should exist }
|
|
6
|
+
# end
|
|
7
|
+
#
|
|
8
|
+
# describe yum do
|
|
9
|
+
# its('repos') { should include 'base/7/x86_64' }
|
|
10
|
+
# its('epel') { should exist }
|
|
11
|
+
# its('epel') { should be_enabled }
|
|
12
|
+
# end
|
|
13
|
+
#
|
|
14
|
+
# Filter for a specific repo by name
|
|
15
|
+
# - use full identifier e.g. 'updates/7/x86_64'
|
|
16
|
+
# - use short identifier e.g. 'updates'
|
|
17
|
+
#
|
|
18
|
+
# describe yum.repo('epel') do
|
|
19
|
+
# it { should exist }
|
|
20
|
+
# it { should be_enabled }
|
|
21
|
+
# its('baseurl') { should include 'mycompany.biz' }
|
|
22
|
+
# end
|
|
23
|
+
#
|
|
24
|
+
# deprecated:
|
|
25
|
+
# describe yumrepo('epel') do
|
|
26
|
+
# it { should exist }
|
|
27
|
+
# it { should be_enabled }
|
|
28
|
+
# end
|
|
29
|
+
|
|
30
|
+
module Inspec::Resources
|
|
31
|
+
class Yum < Inspec.resource(1)
|
|
32
|
+
name 'yum'
|
|
33
|
+
supports platform: 'unix'
|
|
34
|
+
desc 'Use the yum InSpec audit resource to test the configuration of Yum repositories.'
|
|
35
|
+
example "
|
|
36
|
+
describe yum.repo('name') do
|
|
37
|
+
it { should exist }
|
|
38
|
+
it { should be_enabled }
|
|
39
|
+
end
|
|
40
|
+
"
|
|
41
|
+
|
|
42
|
+
# returns all repositories
|
|
43
|
+
# works as following:
|
|
44
|
+
# search for Repo-id
|
|
45
|
+
# parse data in hashmap
|
|
46
|
+
# store data in object
|
|
47
|
+
# until \n
|
|
48
|
+
def repositories
|
|
49
|
+
return @cache if defined?(@cache)
|
|
50
|
+
# parse the repository data from yum
|
|
51
|
+
# we cannot use -C, because this is not reliable and may lead to errors
|
|
52
|
+
@command_result = inspec.command('yum -v repolist all')
|
|
53
|
+
@content = @command_result.stdout
|
|
54
|
+
@cache = []
|
|
55
|
+
repo = {}
|
|
56
|
+
in_repo = false
|
|
57
|
+
@content.each_line do |line|
|
|
58
|
+
# detect repo start
|
|
59
|
+
in_repo = true if line =~ /^\s*Repo-id\s*:\s*(.*)\b/
|
|
60
|
+
# detect repo end
|
|
61
|
+
if line == "\n" && in_repo
|
|
62
|
+
in_repo = false
|
|
63
|
+
@cache.push(repo)
|
|
64
|
+
repo = {}
|
|
65
|
+
end
|
|
66
|
+
# parse repo content
|
|
67
|
+
if in_repo == true
|
|
68
|
+
val = /^\s*([^:]*?)\s*:\s*(.*?)\s*$/.match(line)
|
|
69
|
+
repo[repo_key(strip(val[1]))] = strip(val[2])
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
@cache
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def repos
|
|
76
|
+
repositories.map { |repo| repo['id'] }
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def repo(repo)
|
|
80
|
+
YumRepo.new(self, repo)
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
# alias for yum.repo('reponame')
|
|
84
|
+
def method_missing(name)
|
|
85
|
+
repo(name.to_s) if !name.nil?
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def to_s
|
|
89
|
+
'Yum Repository'
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
private
|
|
93
|
+
|
|
94
|
+
# Removes lefthand and righthand whitespace
|
|
95
|
+
def strip(value)
|
|
96
|
+
value&.strip
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
# Optimize the key value
|
|
100
|
+
def repo_key(key)
|
|
101
|
+
return key if key.nil?
|
|
102
|
+
key.gsub('Repo-', '').downcase
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
class YumRepo
|
|
107
|
+
def initialize(yum, reponame)
|
|
108
|
+
@yum = yum
|
|
109
|
+
@reponame = reponame
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
# extracts the shortname from a repo id
|
|
113
|
+
# e.g. extras/7/x86_64 -> extras
|
|
114
|
+
def shortname(id)
|
|
115
|
+
val = %r{^\s*([^/]*?)/(.*?)\s*$}.match(id)
|
|
116
|
+
val.nil? ? nil : val[1]
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
def info
|
|
120
|
+
return @cache if defined?(@cache)
|
|
121
|
+
selection = @yum.repositories.select { |e| e['id'] == @reponame || shortname(e['id']) == @reponame }
|
|
122
|
+
@cache = selection.empty? ? {} : selection.first
|
|
123
|
+
@cache
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
def exist?
|
|
127
|
+
!info.empty?
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
def enabled?
|
|
131
|
+
return false unless exist?
|
|
132
|
+
info['status'] == 'enabled'
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
# provide a method for each of the repo metadata items we know about
|
|
136
|
+
[
|
|
137
|
+
:baseurl,
|
|
138
|
+
:expire,
|
|
139
|
+
:filename,
|
|
140
|
+
:mirrors,
|
|
141
|
+
:pkgs,
|
|
142
|
+
:size,
|
|
143
|
+
:status,
|
|
144
|
+
:updated,
|
|
145
|
+
].each do |key|
|
|
146
|
+
define_method key do
|
|
147
|
+
info[key.to_s]
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
def to_s
|
|
152
|
+
"YumRepo #{@reponame}"
|
|
153
|
+
end
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
# for compatability with serverspec
|
|
157
|
+
# this is deprecated syntax and will be removed in future versions
|
|
158
|
+
class YumRepoLegacy < Yum
|
|
159
|
+
name 'yumrepo'
|
|
160
|
+
|
|
161
|
+
def initialize(name)
|
|
162
|
+
super()
|
|
163
|
+
@repository = repo(name)
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
def exists?
|
|
167
|
+
deprecated
|
|
168
|
+
@repository.exist?
|
|
169
|
+
end
|
|
170
|
+
|
|
171
|
+
def enabled?
|
|
172
|
+
deprecated
|
|
173
|
+
@repository.enabled?
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
def deprecated
|
|
177
|
+
warn '[DEPRECATION] `yumrepo(reponame)` is deprecated. Please use `yum.repo(reponame)` instead.'
|
|
178
|
+
end
|
|
179
|
+
end
|
|
180
|
+
end
|