RubyGems - inspec-core - Versions diffs - 2.1.67 - Mend

inspec-core 2.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (412) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +3136 -0
data/Gemfile +56 -0
data/LICENSE +14 -0
data/MAINTAINERS.md +33 -0
data/MAINTAINERS.toml +52 -0
data/README.md +453 -0
data/bin/inspec +12 -0
data/docs/.gitignore +2 -0
data/docs/README.md +40 -0
data/docs/dev/control-eval.md +62 -0
data/docs/dsl_inspec.md +258 -0
data/docs/dsl_resource.md +100 -0
data/docs/glossary.md +99 -0
data/docs/habitat.md +192 -0
data/docs/inspec_and_friends.md +114 -0
data/docs/matchers.md +169 -0
data/docs/migration.md +293 -0
data/docs/platforms.md +119 -0
data/docs/plugin_kitchen_inspec.md +50 -0
data/docs/profiles.md +378 -0
data/docs/reporters.md +105 -0
data/docs/resources/aide_conf.md.erb +76 -0
data/docs/resources/apache.md.erb +67 -0
data/docs/resources/apache_conf.md.erb +68 -0
data/docs/resources/apt.md.erb +71 -0
data/docs/resources/audit_policy.md.erb +47 -0
data/docs/resources/auditd.md.erb +79 -0
data/docs/resources/auditd_conf.md.erb +68 -0
data/docs/resources/bash.md.erb +75 -0
data/docs/resources/bond.md.erb +90 -0
data/docs/resources/bridge.md.erb +57 -0
data/docs/resources/bsd_service.md.erb +67 -0
data/docs/resources/chocolatey_package.md.erb +58 -0
data/docs/resources/command.md.erb +138 -0
data/docs/resources/cpan.md.erb +79 -0
data/docs/resources/cran.md.erb +64 -0
data/docs/resources/crontab.md.erb +89 -0
data/docs/resources/csv.md.erb +54 -0
data/docs/resources/dh_params.md.erb +205 -0
data/docs/resources/directory.md.erb +30 -0
data/docs/resources/docker.md.erb +219 -0
data/docs/resources/docker_container.md.erb +103 -0
data/docs/resources/docker_image.md.erb +94 -0
data/docs/resources/docker_service.md.erb +114 -0
data/docs/resources/elasticsearch.md.erb +242 -0
data/docs/resources/etc_fstab.md.erb +125 -0
data/docs/resources/etc_group.md.erb +75 -0
data/docs/resources/etc_hosts.md.erb +78 -0
data/docs/resources/etc_hosts_allow.md.erb +74 -0
data/docs/resources/etc_hosts_deny.md.erb +74 -0
data/docs/resources/file.md.erb +526 -0
data/docs/resources/filesystem.md.erb +41 -0
data/docs/resources/firewalld.md.erb +107 -0
data/docs/resources/gem.md.erb +79 -0
data/docs/resources/group.md.erb +61 -0
data/docs/resources/grub_conf.md.erb +101 -0
data/docs/resources/host.md.erb +86 -0
data/docs/resources/http.md.erb +197 -0
data/docs/resources/iis_app.md.erb +122 -0
data/docs/resources/iis_site.md.erb +135 -0
data/docs/resources/inetd_conf.md.erb +94 -0
data/docs/resources/ini.md.erb +76 -0
data/docs/resources/interface.md.erb +58 -0
data/docs/resources/iptables.md.erb +64 -0
data/docs/resources/json.md.erb +63 -0
data/docs/resources/kernel_module.md.erb +120 -0
data/docs/resources/kernel_parameter.md.erb +53 -0
data/docs/resources/key_rsa.md.erb +85 -0
data/docs/resources/launchd_service.md.erb +57 -0
data/docs/resources/limits_conf.md.erb +75 -0
data/docs/resources/login_defs.md.erb +71 -0
data/docs/resources/mount.md.erb +69 -0
data/docs/resources/mssql_session.md.erb +60 -0
data/docs/resources/mysql_conf.md.erb +99 -0
data/docs/resources/mysql_session.md.erb +74 -0
data/docs/resources/nginx.md.erb +79 -0
data/docs/resources/nginx_conf.md.erb +138 -0
data/docs/resources/npm.md.erb +60 -0
data/docs/resources/ntp_conf.md.erb +60 -0
data/docs/resources/oneget.md.erb +53 -0
data/docs/resources/oracledb_session.md.erb +52 -0
data/docs/resources/os.md.erb +141 -0
data/docs/resources/os_env.md.erb +91 -0
data/docs/resources/package.md.erb +120 -0
data/docs/resources/packages.md.erb +67 -0
data/docs/resources/parse_config.md.erb +103 -0
data/docs/resources/parse_config_file.md.erb +138 -0
data/docs/resources/passwd.md.erb +141 -0
data/docs/resources/pip.md.erb +67 -0
data/docs/resources/port.md.erb +137 -0
data/docs/resources/postgres_conf.md.erb +79 -0
data/docs/resources/postgres_hba_conf.md.erb +93 -0
data/docs/resources/postgres_ident_conf.md.erb +76 -0
data/docs/resources/postgres_session.md.erb +69 -0
data/docs/resources/powershell.md.erb +102 -0
data/docs/resources/processes.md.erb +109 -0
data/docs/resources/rabbitmq_config.md.erb +41 -0
data/docs/resources/registry_key.md.erb +158 -0
data/docs/resources/runit_service.md.erb +57 -0
data/docs/resources/security_policy.md.erb +47 -0
data/docs/resources/service.md.erb +121 -0
data/docs/resources/shadow.md.erb +146 -0
data/docs/resources/ssh_config.md.erb +73 -0
data/docs/resources/sshd_config.md.erb +83 -0
data/docs/resources/ssl.md.erb +119 -0
data/docs/resources/sys_info.md.erb +42 -0
data/docs/resources/systemd_service.md.erb +57 -0
data/docs/resources/sysv_service.md.erb +57 -0
data/docs/resources/upstart_service.md.erb +57 -0
data/docs/resources/user.md.erb +140 -0
data/docs/resources/users.md.erb +127 -0
data/docs/resources/vbscript.md.erb +55 -0
data/docs/resources/virtualization.md.erb +57 -0
data/docs/resources/windows_feature.md.erb +47 -0
data/docs/resources/windows_hotfix.md.erb +53 -0
data/docs/resources/windows_task.md.erb +95 -0
data/docs/resources/wmi.md.erb +81 -0
data/docs/resources/x509_certificate.md.erb +151 -0
data/docs/resources/xinetd_conf.md.erb +156 -0
data/docs/resources/xml.md.erb +85 -0
data/docs/resources/yaml.md.erb +69 -0
data/docs/resources/yum.md.erb +98 -0
data/docs/resources/zfs_dataset.md.erb +53 -0
data/docs/resources/zfs_pool.md.erb +47 -0
data/docs/ruby_usage.md +203 -0
data/docs/shared/matcher_be.md.erb +1 -0
data/docs/shared/matcher_cmp.md.erb +43 -0
data/docs/shared/matcher_eq.md.erb +3 -0
data/docs/shared/matcher_include.md.erb +1 -0
data/docs/shared/matcher_match.md.erb +1 -0
data/docs/shell.md +217 -0
data/examples/README.md +8 -0
data/examples/inheritance/README.md +65 -0
data/examples/inheritance/controls/example.rb +14 -0
data/examples/inheritance/inspec.yml +15 -0
data/examples/kitchen-ansible/.kitchen.yml +25 -0
data/examples/kitchen-ansible/Gemfile +19 -0
data/examples/kitchen-ansible/README.md +53 -0
data/examples/kitchen-ansible/files/nginx.repo +6 -0
data/examples/kitchen-ansible/tasks/main.yml +16 -0
data/examples/kitchen-ansible/test/integration/default/default.yml +5 -0
data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-chef/.kitchen.yml +20 -0
data/examples/kitchen-chef/Berksfile +3 -0
data/examples/kitchen-chef/Gemfile +19 -0
data/examples/kitchen-chef/README.md +27 -0
data/examples/kitchen-chef/metadata.rb +7 -0
data/examples/kitchen-chef/recipes/default.rb +6 -0
data/examples/kitchen-chef/recipes/nginx.rb +30 -0
data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-puppet/.kitchen.yml +23 -0
data/examples/kitchen-puppet/Gemfile +20 -0
data/examples/kitchen-puppet/Puppetfile +25 -0
data/examples/kitchen-puppet/README.md +53 -0
data/examples/kitchen-puppet/manifests/site.pp +33 -0
data/examples/kitchen-puppet/metadata.json +11 -0
data/examples/kitchen-puppet/modules/.gitkeep +0 -0
data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -0
data/examples/meta-profile/README.md +37 -0
data/examples/meta-profile/controls/example.rb +13 -0
data/examples/meta-profile/inspec.yml +13 -0
data/examples/profile-attribute.yml +2 -0
data/examples/profile-attribute/README.md +14 -0
data/examples/profile-attribute/controls/example.rb +11 -0
data/examples/profile-attribute/inspec.yml +8 -0
data/examples/profile-sensitive/README.md +29 -0
data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -0
data/examples/profile-sensitive/controls/sensitive.rb +9 -0
data/examples/profile-sensitive/inspec.yml +8 -0
data/examples/profile/README.md +48 -0
data/examples/profile/controls/example.rb +23 -0
data/examples/profile/controls/gordon.rb +36 -0
data/examples/profile/controls/meta.rb +34 -0
data/examples/profile/inspec.yml +10 -0
data/examples/profile/libraries/gordon_config.rb +59 -0
data/inspec-core.gemspec +43 -0
data/lib/bundles/README.md +3 -0
data/lib/bundles/inspec-artifact.rb +7 -0
data/lib/bundles/inspec-artifact/README.md +1 -0
data/lib/bundles/inspec-artifact/cli.rb +277 -0
data/lib/bundles/inspec-compliance.rb +16 -0
data/lib/bundles/inspec-compliance/.kitchen.yml +20 -0
data/lib/bundles/inspec-compliance/README.md +193 -0
data/lib/bundles/inspec-compliance/api.rb +360 -0
data/lib/bundles/inspec-compliance/api/login.rb +193 -0
data/lib/bundles/inspec-compliance/bootstrap.sh +41 -0
data/lib/bundles/inspec-compliance/cli.rb +260 -0
data/lib/bundles/inspec-compliance/configuration.rb +103 -0
data/lib/bundles/inspec-compliance/http.rb +125 -0
data/lib/bundles/inspec-compliance/images/cc-token.png +0 -0
data/lib/bundles/inspec-compliance/support.rb +36 -0
data/lib/bundles/inspec-compliance/target.rb +106 -0
data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -0
data/lib/bundles/inspec-habitat.rb +12 -0
data/lib/bundles/inspec-habitat/cli.rb +36 -0
data/lib/bundles/inspec-habitat/log.rb +10 -0
data/lib/bundles/inspec-habitat/profile.rb +391 -0
data/lib/bundles/inspec-init.rb +8 -0
data/lib/bundles/inspec-init/README.md +31 -0
data/lib/bundles/inspec-init/cli.rb +97 -0
data/lib/bundles/inspec-init/templates/profile/README.md +3 -0
data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -0
data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -0
data/lib/bundles/inspec-init/templates/profile/libraries/.gitkeep +0 -0
data/lib/bundles/inspec-supermarket.rb +13 -0
data/lib/bundles/inspec-supermarket/README.md +45 -0
data/lib/bundles/inspec-supermarket/api.rb +84 -0
data/lib/bundles/inspec-supermarket/cli.rb +73 -0
data/lib/bundles/inspec-supermarket/target.rb +34 -0
data/lib/fetchers/git.rb +163 -0
data/lib/fetchers/local.rb +74 -0
data/lib/fetchers/mock.rb +35 -0
data/lib/fetchers/url.rb +247 -0
data/lib/inspec.rb +24 -0
data/lib/inspec/archive/tar.rb +29 -0
data/lib/inspec/archive/zip.rb +19 -0
data/lib/inspec/backend.rb +93 -0
data/lib/inspec/base_cli.rb +368 -0
data/lib/inspec/cached_fetcher.rb +66 -0
data/lib/inspec/cli.rb +292 -0
data/lib/inspec/completions/bash.sh.erb +45 -0
data/lib/inspec/completions/fish.sh.erb +34 -0
data/lib/inspec/completions/zsh.sh.erb +61 -0
data/lib/inspec/control_eval_context.rb +179 -0
data/lib/inspec/dependencies/cache.rb +72 -0
data/lib/inspec/dependencies/dependency_set.rb +92 -0
data/lib/inspec/dependencies/lockfile.rb +115 -0
data/lib/inspec/dependencies/requirement.rb +123 -0
data/lib/inspec/dependencies/resolver.rb +86 -0
data/lib/inspec/describe.rb +27 -0
data/lib/inspec/dsl.rb +66 -0
data/lib/inspec/dsl_shared.rb +33 -0
data/lib/inspec/env_printer.rb +157 -0
data/lib/inspec/errors.rb +14 -0
data/lib/inspec/exceptions.rb +12 -0
data/lib/inspec/expect.rb +45 -0
data/lib/inspec/fetcher.rb +45 -0
data/lib/inspec/file_provider.rb +275 -0
data/lib/inspec/formatters.rb +3 -0
data/lib/inspec/formatters/base.rb +259 -0
data/lib/inspec/formatters/json_rspec.rb +20 -0
data/lib/inspec/formatters/show_progress.rb +12 -0
data/lib/inspec/library_eval_context.rb +58 -0
data/lib/inspec/log.rb +11 -0
data/lib/inspec/metadata.rb +247 -0
data/lib/inspec/method_source.rb +24 -0
data/lib/inspec/objects.rb +14 -0
data/lib/inspec/objects/attribute.rb +75 -0
data/lib/inspec/objects/control.rb +61 -0
data/lib/inspec/objects/describe.rb +92 -0
data/lib/inspec/objects/each_loop.rb +36 -0
data/lib/inspec/objects/list.rb +15 -0
data/lib/inspec/objects/or_test.rb +40 -0
data/lib/inspec/objects/ruby_helper.rb +15 -0
data/lib/inspec/objects/tag.rb +27 -0
data/lib/inspec/objects/test.rb +87 -0
data/lib/inspec/objects/value.rb +27 -0
data/lib/inspec/plugins.rb +60 -0
data/lib/inspec/plugins/cli.rb +24 -0
data/lib/inspec/plugins/fetcher.rb +86 -0
data/lib/inspec/plugins/resource.rb +135 -0
data/lib/inspec/plugins/secret.rb +15 -0
data/lib/inspec/plugins/source_reader.rb +40 -0
data/lib/inspec/polyfill.rb +12 -0
data/lib/inspec/profile.rb +513 -0
data/lib/inspec/profile_context.rb +208 -0
data/lib/inspec/profile_vendor.rb +66 -0
data/lib/inspec/reporters.rb +60 -0
data/lib/inspec/reporters/automate.rb +76 -0
data/lib/inspec/reporters/base.rb +25 -0
data/lib/inspec/reporters/cli.rb +356 -0
data/lib/inspec/reporters/json.rb +116 -0
data/lib/inspec/reporters/json_min.rb +48 -0
data/lib/inspec/reporters/junit.rb +78 -0
data/lib/inspec/require_loader.rb +33 -0
data/lib/inspec/resource.rb +190 -0
data/lib/inspec/rule.rb +280 -0
data/lib/inspec/runner.rb +345 -0
data/lib/inspec/runner_mock.rb +41 -0
data/lib/inspec/runner_rspec.rb +175 -0
data/lib/inspec/runtime_profile.rb +26 -0
data/lib/inspec/schema.rb +213 -0
data/lib/inspec/secrets.rb +19 -0
data/lib/inspec/secrets/yaml.rb +30 -0
data/lib/inspec/shell.rb +220 -0
data/lib/inspec/shell_detector.rb +90 -0
data/lib/inspec/source_reader.rb +29 -0
data/lib/inspec/version.rb +8 -0
data/lib/matchers/matchers.rb +339 -0
data/lib/resources/aide_conf.rb +151 -0
data/lib/resources/apache.rb +48 -0
data/lib/resources/apache_conf.rb +149 -0
data/lib/resources/apt.rb +149 -0
data/lib/resources/audit_policy.rb +63 -0
data/lib/resources/auditd.rb +231 -0
data/lib/resources/auditd_conf.rb +46 -0
data/lib/resources/bash.rb +35 -0
data/lib/resources/bond.rb +69 -0
data/lib/resources/bridge.rb +122 -0
data/lib/resources/chocolatey_package.rb +78 -0
data/lib/resources/command.rb +73 -0
data/lib/resources/cpan.rb +58 -0
data/lib/resources/cran.rb +64 -0
data/lib/resources/crontab.rb +169 -0
data/lib/resources/csv.rb +56 -0
data/lib/resources/dh_params.rb +77 -0
data/lib/resources/directory.rb +25 -0
data/lib/resources/docker.rb +236 -0
data/lib/resources/docker_container.rb +89 -0
data/lib/resources/docker_image.rb +83 -0
data/lib/resources/docker_object.rb +57 -0
data/lib/resources/docker_service.rb +90 -0
data/lib/resources/elasticsearch.rb +169 -0
data/lib/resources/etc_fstab.rb +94 -0
data/lib/resources/etc_group.rb +154 -0
data/lib/resources/etc_hosts.rb +66 -0
data/lib/resources/etc_hosts_allow_deny.rb +112 -0
data/lib/resources/file.rb +298 -0
data/lib/resources/filesystem.rb +31 -0
data/lib/resources/firewalld.rb +143 -0
data/lib/resources/gem.rb +70 -0
data/lib/resources/groups.rb +215 -0
data/lib/resources/grub_conf.rb +227 -0
data/lib/resources/host.rb +306 -0
data/lib/resources/http.rb +253 -0
data/lib/resources/iis_app.rb +101 -0
data/lib/resources/iis_site.rb +148 -0
data/lib/resources/inetd_conf.rb +54 -0
data/lib/resources/ini.rb +29 -0
data/lib/resources/interface.rb +129 -0
data/lib/resources/iptables.rb +80 -0
data/lib/resources/json.rb +111 -0
data/lib/resources/kernel_module.rb +107 -0
data/lib/resources/kernel_parameter.rb +58 -0
data/lib/resources/key_rsa.rb +63 -0
data/lib/resources/limits_conf.rb +46 -0
data/lib/resources/login_def.rb +57 -0
data/lib/resources/mount.rb +88 -0
data/lib/resources/mssql_session.rb +101 -0
data/lib/resources/mysql.rb +82 -0
data/lib/resources/mysql_conf.rb +127 -0
data/lib/resources/mysql_session.rb +85 -0
data/lib/resources/nginx.rb +96 -0
data/lib/resources/nginx_conf.rb +226 -0
data/lib/resources/npm.rb +48 -0
data/lib/resources/ntp_conf.rb +51 -0
data/lib/resources/oneget.rb +71 -0
data/lib/resources/oracledb_session.rb +139 -0
data/lib/resources/os.rb +36 -0
data/lib/resources/os_env.rb +86 -0
data/lib/resources/package.rb +370 -0
data/lib/resources/packages.rb +111 -0
data/lib/resources/parse_config.rb +112 -0
data/lib/resources/passwd.rb +76 -0
data/lib/resources/pip.rb +130 -0
data/lib/resources/platform.rb +109 -0
data/lib/resources/port.rb +771 -0
data/lib/resources/postgres.rb +131 -0
data/lib/resources/postgres_conf.rb +114 -0
data/lib/resources/postgres_hba_conf.rb +90 -0
data/lib/resources/postgres_ident_conf.rb +79 -0
data/lib/resources/postgres_session.rb +71 -0
data/lib/resources/powershell.rb +67 -0
data/lib/resources/processes.rb +204 -0
data/lib/resources/rabbitmq_conf.rb +51 -0
data/lib/resources/registry_key.rb +297 -0
data/lib/resources/security_policy.rb +180 -0
data/lib/resources/service.rb +794 -0
data/lib/resources/shadow.rb +159 -0
data/lib/resources/ssh_conf.rb +97 -0
data/lib/resources/ssl.rb +99 -0
data/lib/resources/sys_info.rb +28 -0
data/lib/resources/toml.rb +32 -0
data/lib/resources/users.rb +654 -0
data/lib/resources/vbscript.rb +68 -0
data/lib/resources/virtualization.rb +247 -0
data/lib/resources/windows_feature.rb +84 -0
data/lib/resources/windows_hotfix.rb +35 -0
data/lib/resources/windows_task.rb +102 -0
data/lib/resources/wmi.rb +110 -0
data/lib/resources/x509_certificate.rb +137 -0
data/lib/resources/xinetd.rb +106 -0
data/lib/resources/xml.rb +46 -0
data/lib/resources/yaml.rb +43 -0
data/lib/resources/yum.rb +180 -0
data/lib/resources/zfs_dataset.rb +60 -0
data/lib/resources/zfs_pool.rb +49 -0
data/lib/source_readers/flat.rb +39 -0
data/lib/source_readers/inspec.rb +75 -0
data/lib/utils/command_wrapper.rb +27 -0
data/lib/utils/convert.rb +12 -0
data/lib/utils/database_helpers.rb +77 -0
data/lib/utils/enumerable_delegation.rb +9 -0
data/lib/utils/erlang_parser.rb +192 -0
data/lib/utils/file_reader.rb +25 -0
data/lib/utils/filter.rb +273 -0
data/lib/utils/filter_array.rb +27 -0
data/lib/utils/find_files.rb +47 -0
data/lib/utils/hash.rb +41 -0
data/lib/utils/json_log.rb +18 -0
data/lib/utils/latest_version.rb +22 -0
data/lib/utils/modulator.rb +12 -0
data/lib/utils/nginx_parser.rb +105 -0
data/lib/utils/object_traversal.rb +49 -0
data/lib/utils/parser.rb +274 -0
data/lib/utils/pkey_reader.rb +15 -0
data/lib/utils/plugin_registry.rb +93 -0
data/lib/utils/simpleconfig.rb +120 -0
data/lib/utils/spdx.rb +13 -0
data/lib/utils/spdx.txt +344 -0
metadata +713 -0

data/lib/resources/zfs_dataset.rb ADDED

@@ -0,0 +1,60 @@
+# encoding: utf-8
+module Inspec::Resources
+  class ZfsDataset < Inspec.resource(1)
+    name 'zfs_dataset'
+    supports platform: 'unix'
+    desc "
+      Use the zfs_dataset InSpec audit resource to test if the named
+      ZFS Dataset is present and/or has certain properties.
+    "
+    example "
+      describe zfs_dataset('tank/tmp') do
+        its('exec') { should eq('off') }
+        its('setuid') { should eq('off') }
+      end
+    "
+    def initialize(zfs_dataset)
+      return skip_resource 'The `zfs_dataset` resource is not supported on your OS yet.' if !inspec.os.bsd?
+      @zfs_dataset = zfs_dataset
+      @params = gather
+    end
+    # method called by 'it { should exist }'
+    def exists?
+      inspec.command("/sbin/zfs get -Hp all #{@zfs_dataset}").exit_status == 0
+    end
+    def mounted?
+      return false if !exists?
+      inspec.mount(@params['mountpoint']).mounted?
+    end
+    def to_s
+      "ZFS Dataset #{@zfs_dataset}"
+    end
+    def gather
+      cmd = inspec.command("/sbin/zfs get -Hp all #{@zfs_dataset}")
+      return nil if cmd.exit_status.to_i != 0
+      # parse data
+      cmd.stdout.chomp.split("\n").each_with_object(Hash.new(0)) do |line, h|
+        t = line.split("\t")
+        h[t[1].to_s] = t[2].to_s
+      end
+    end
+    # override method
+    def exec
+      @params['exec']
+    end
+    # expose all parameters
+    def method_missing(name)
+      @params[name.to_s]
+    end
+  end
+end

data/lib/resources/zfs_pool.rb ADDED

@@ -0,0 +1,49 @@
+# encoding: utf-8
+module Inspec::Resources
+  class ZfsPool < Inspec.resource(1)
+    name 'zfs_pool'
+    supports platform: 'unix'
+    desc "
+      Use the zfs_pool InSpec audit resource to test if the named
+      ZFS Pool is present and/or has certain properties.
+    "
+    example "
+      describe zfs_pool('tank') do
+        its('failmode') { should eq('continue') }
+      end
+    "
+    def initialize(zfs_pool)
+      return skip_resource 'The `zfs_pool` resource is not supported on your OS yet.' if !inspec.os.bsd?
+      @zfs_pool = zfs_pool
+      @params = gather
+    end
+    # method called by 'it { should exist }'
+    def exists?
+      inspec.command("/sbin/zpool get -Hp all #{@zfs_pool}").exit_status == 0
+    end
+    def to_s
+      "ZFS Pool #{@zfs_pool}"
+    end
+    def gather
+      cmd = inspec.command("/sbin/zpool get -Hp all #{@zfs_pool}")
+      return nil if cmd.exit_status.to_i != 0
+      # parse data
+      cmd.stdout.chomp.split("\n").each_with_object(Hash.new(0)) do |line, h|
+        t = line.split("\t")
+        h[t[1].to_s] = t[2].to_s
+      end
+    end
+    # expose all parameters
+    def method_missing(name)
+      @params[name.to_s]
+    end
+  end
+end

data/lib/source_readers/flat.rb ADDED

@@ -0,0 +1,39 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+require 'inspec/fetcher'
+require 'inspec/metadata'
+module SourceReaders
+  class Flat < Inspec.source_reader(1)
+    name 'flat'
+    priority 5
+    def self.resolve(target)
+      # TODO: eventually remove the metadata.rb exception here
+      # when we have fully phased out metadata.rb in 1.0
+      files = target.files.find_all { |x|
+        x.end_with?('.rb') && !x.include?('/') && x != 'metadata.rb'
+      }
+      return nil if files.empty?
+      new(target, files)
+    end
+    attr_reader :metadata, :tests, :libraries, :data_files
+    def initialize(target, files)
+      @target = target
+      @metadata = ::Inspec::Metadata.new(nil)
+      @tests = load_tests(files)
+      @libraries = {}
+      @data_files = {}
+    end
+    private
+    def load_tests(files)
+      Hash[files.map { |x| [x, @target.read(x)] }]
+    end
+  end
+end

data/lib/source_readers/inspec.rb ADDED

@@ -0,0 +1,75 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+require 'inspec/fetcher'
+require 'inspec/metadata'
+module SourceReaders
+  class InspecReader < Inspec.source_reader(1)
+    name 'inspec'
+    priority 10
+    def self.resolve(target)
+      return new(target, 'inspec.yml') if target.files.include?('inspec.yml')
+      # TODO: deprecated for 1.0.0 release
+      if target.files.include?('metadata.rb') &&
+         (
+           target.files.include?('controls') ||
+           target.files.include?('test')
+         )
+        return new(target, 'metadata.rb')
+      end
+      nil
+    end
+    attr_reader :metadata, :tests, :libraries, :data_files
+    # This create a new instance of an InSpec profile source reader
+    #
+    # @param [FileProvider] target An instance of a FileProvider object that can list files and read them
+    # @param [String] metadata_source eg. inspec.yml or metadata.rb
+    def initialize(target, metadata_source)
+      @target     = target
+      @metadata   = load_metadata(metadata_source)
+      @tests      = load_tests
+      @libraries  = load_libs
+      @data_files = load_data_files
+    end
+    private
+    def load_metadata(metadata_source)
+      Inspec::Metadata.from_ref(
+        metadata_source,
+        @target.read(metadata_source),
+        nil,
+      )
+    rescue Psych::SyntaxError => e
+      raise "Unable to parse inspec.yml: line #{e.line}, #{e.problem} #{e.context}"
+    rescue => e
+      raise "Unable to parse #{metadata_source}: #{e.class} -- #{e.message}"
+    end
+    def load_tests
+      tests = @target.files.find_all do |path|
+        path.start_with?('controls') && path.end_with?('.rb')
+      end
+      Hash[tests.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
+    end
+    def load_libs
+      tests = @target.files.find_all do |path|
+        path.start_with?('libraries') && path.end_with?('.rb')
+      end
+      Hash[tests.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
+    end
+    def load_data_files
+      files = @target.files.find_all do |path|
+        path.start_with?('files' + File::SEPARATOR)
+      end
+      Hash[files.map { |x| [x, @target.read(x)] }.delete_if { |_file, contents| contents.nil? }]
+    end
+  end
+end

data/lib/utils/command_wrapper.rb ADDED

@@ -0,0 +1,27 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+require 'shellwords'
+class CommandWrapper
+  UNIX_SHELLS = %w{sh bash zsh}.freeze
+  def self.wrap(cmd, options)
+    unless options.is_a?(Hash)
+      raise 'All options for the command wrapper must be provided as a hash. '\
+        "You entered: #{options.inspect}. Please consult the documentation."
+    end
+    wrap = options[:wrap]
+    raise "Called command wrapper with wrap: #{wrap.inspect}. It must be called with a Proc." if !wrap.nil? && !wrap.is_a?(Proc)
+    return wrap.call(cmd) unless wrap.nil?
+    shell = options[:shell]
+    raise "Don't know how to wrap commands for shell: #{shell.inspect}." unless UNIX_SHELLS.include?(shell)
+    path = options[:path] || shell
+    args = options[:args] || '-c'
+    path.to_s + ' ' + args + ' ' + Shellwords.escape(cmd)
+  end
+end

data/lib/utils/convert.rb ADDED

@@ -0,0 +1,12 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+module Converter
+  # convert the value to an integer if we have numbers only
+  # otherwise we return the string
+  def convert_to_i(val)
+    val = val.to_i if val =~ /^\d+$/
+    val
+  end
+end

data/lib/utils/database_helpers.rb ADDED

@@ -0,0 +1,77 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+module DatabaseHelper
+  class SQLColumn
+    def initialize(row, name)
+      @row = row
+      @name = name
+    end
+    def value
+      @row.nil? ? '' : @row[@name.downcase]
+    end
+    def to_s
+      'SQL Column'
+    end
+  end
+  class SQLRow
+    def initialize(query, row)
+      @query = query
+      @row = row
+    end
+    def column(column)
+      SQLColumn.new(@row, column)
+    end
+    def to_s
+      'SQL Row'
+    end
+  end
+  class SQLQueryResult
+    attr_reader :error
+    def initialize(cmd, results)
+      @cmd = cmd
+      @results = results
+    end
+    def empty?
+      @results.empty?
+    end
+    def successful?
+      @cmd.exit_status == 0 && @error.nil?
+    end
+    def row(id)
+      SQLRow.new(self, @results[id])
+    end
+    def size
+      @results.size
+    end
+    def stdout
+      warn '[DEPRECATION] The `stdout` method is deprecated. Use `row` instead.'
+      @cmd.stdout
+    end
+    def stderr
+      warn '[DEPRECATION] The `stderr` method is deprecated. Use `successful?` instead.'
+      @cmd.stderr
+    end
+    def inspect
+      to_s
+    end
+    def to_s
+      'SQL ResultSet'
+    end
+  end
+end

data/lib/utils/enumerable_delegation.rb ADDED

@@ -0,0 +1,9 @@
+# encoding: utf-8
+module EnumerableDelegation
+  include Enumerable
+  def each(&block)
+    @params.each(&block)
+  end
+end

data/lib/utils/erlang_parser.rb ADDED

@@ -0,0 +1,192 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+require 'parslet'
+class ErlangParser < Parslet::Parser
+  root :outermost
+  # only designed for rabbitmq config files for now:
+  rule(:outermost) { filler? >> array.maybe >> dot.maybe }
+  rule(:exp) {
+    (tuple | array | binary | string | bool | identifier | float | integer) >> filler?
+  }
+  rule(:array) {
+    str('[') >> filler? >> (
+      exp.repeat(1) >>
+      (comma >> exp).repeat
+    ).maybe.as(:array) >> str(']') >> filler?
+  }
+  rule(:tuple) {
+    str('{') >> filler? >> (
+      exp.repeat(1) >> filler? >>
+      (comma >> exp).repeat
+    ).maybe.as(:tuple) >> str('}') >> filler?
+  }
+  rule(:filler?) { space.repeat }
+  rule(:space)   { match('\s+') | match["\n"] | comment }
+  rule(:comment) { str('%') >> (match["\n\r"].absent? >> any).repeat }
+  rule(:comma) { str(',') >> filler? }
+  rule(:dot) { str('.') >> filler? }
+  rule(:bool) { str('true').as(:bool) | str('false').as(:bool) }
+  rule(:identifier) {
+    (match('[a-zA-Z]') >> match('[a-zA-Z0-9_]').repeat).as(:identifier) >> filler?
+  }
+  rule(:float) {
+    (
+      integer >> (
+        str('.') >> match('[0-9]').repeat(1) |
+        str('e') >> match('[0-9]').repeat(1)
+      ).as(:e)
+    ).as(:float) >> filler?
+  }
+  rule(:integer) {
+    ((str('+') | str('-')).maybe >> match('[0-9]').repeat(1)).as(:integer) >> filler?
+  }
+  rule(:string) { stringS | stringD }
+  rule(:stringS) {
+    str("'") >> (
+      str('\\') >> any | str("'").absent? >> any
+    ).repeat.as(:string) >> str("'") >> filler?
+  }
+  rule(:stringD) {
+    str('"') >> (
+      str('\\') >> any | str('"').absent? >> any
+    ).repeat.as(:string) >> str('"') >> filler?
+  }
+  rule(:binary_item) {
+    (string | integer) >>
+      (str(':') >> integer).maybe.as(:size) >>
+      (str('/') >> identifier).maybe.as(:type) >>
+      filler?
+  }
+  rule(:binary) {
+    str('<<') >> filler? >> (
+      binary_item.repeat(1) >>
+      (comma >> binary_item).repeat
+    ).maybe.as(:binary) >> str('>>') >> filler?
+  }
+end
+class ErlangBitstream
+  def initialize
+    @data = []     # a stream of 8-bit numbers
+    @cur_bits = '' # a string of binary bits 10010010...
+  end
+  TYPES = {
+    'integer' => 8,
+    'float'   => 8*8,
+    'utf8'    => 8,
+    'utf16'   => 8*2,
+    'utf32'   => 8*4,
+  }.freeze
+  def bit_size(size, type)
+    raise 'Cannot specify size and type at the same time.' if !type.nil? && !size.nil?
+    return (size || 8).to_i if type.nil?
+    TYPES[type] || raise("Cannot handle binary-stream type #{type}")
+  end
+  def add(i)
+    if i[:integer].nil? && i[:string].nil?
+      raise 'No data provided, internal error for binary-stream processing!'
+    end
+    s = bit_size(i[:size], i[:type])
+    unless i[:string].nil?
+      str2int(i[:string].to_s, i[:type]).map { |e| add_bits(int2bits(e, 8)) }
+    else
+      add_int(i[:integer], s)
+    end
+  rescue RuntimeError => e
+    raise 'Error processing Erlang bit string '\
+          "'#{i[:string] || i[:integer]}:#{i[:size]}/#{i[:type]}'. #{e.message}"
+  end
+  def str2int(s, type)
+    case type
+    when 'utf8' then s.encode('utf-8').unpack('C*')
+    when 'utf16' then s.encode('utf-16').unpack('C*').drop(2)
+    when 'utf32' then s.encode('utf-32').unpack('C*').drop(4)
+    when 'integer', 'float' then raise "Cannot handle bit string as type #{type}"
+    else s.split('').map { |x| x.ord & 0xff }
+    end
+  end
+  def int2bits(i, len)
+    format("%0#{len}b", i)
+  end
+  def add_int(v, size)
+    x = v.to_i & (2**size - 1) # only get the bits specified in size
+    add_bits(int2bits(x, size))
+  end
+  def add_bits(s)
+    b = (@cur_bits + s).scan(/.{1,8}/)
+    @data += b[0..-2].map { |x| x.to_i(2) }
+    @cur_bits = b.last
+  end
+  def value(encoding = 'utf-8')
+    # fill in the rest
+    rest = '0' * (8 - @cur_bits.length) + @cur_bits
+    arr = @data + [rest.to_i(2)]
+    s = arr.pack('C*')
+    s.force_encoding(encoding) unless encoding.nil?
+    s
+  end
+end
+class ErlangTransform < Parslet::Transform
+  class Tuple < Array; end
+  class Identifier < String; end
+  def self.assemble_binary(seq)
+    b = ErlangBitstream.new
+    seq.each { |i| b.add(i) }
+    b.value
+  end
+  rule(string: simple(:x)) { x.to_s }
+  rule(string: []) { '' }
+  rule(integer: simple(:x)) { x.to_i }
+  rule(float: { integer: simple(:a), e: simple(:b) }) { (a+b).to_f }
+  rule(bool: 'true') { true }
+  rule(bool: 'false') { false }
+  rule(binary: subtree(:x)) { x.nil? ? '' : ErlangTransform.assemble_binary(x) }
+  rule(identifier: simple(:x)) { Identifier.new(x.to_s) }
+  rule(array: subtree(:x)) { Array(x) }
+  rule(tuple: subtree(:x)) {
+    x.nil? ? Tuple.new : Tuple.new(x)
+  }
+end
+class ErlangConfigFile
+  def self.parse(content)
+    lex = ErlangParser.new.parse(content)
+    tree = ErlangTransform.new.apply(lex)
+    turn_to_hash(tree)
+  end
+  def self.turn_to_hash(t)
+    if t.is_a?(Array) && t.all? { |x| x.class == ErlangTransform::Tuple && x.length == 2 }
+      Hash[t.map { |i| [i[0], turn_to_hash(i[1])] }]
+    else
+      t
+    end
+  end
+end