RubyGems - inspec-core - Versions diffs - 2.1.67 - Mend

inspec-core 2.1.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (412) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +3136 -0
data/Gemfile +56 -0
data/LICENSE +14 -0
data/MAINTAINERS.md +33 -0
data/MAINTAINERS.toml +52 -0
data/README.md +453 -0
data/bin/inspec +12 -0
data/docs/.gitignore +2 -0
data/docs/README.md +40 -0
data/docs/dev/control-eval.md +62 -0
data/docs/dsl_inspec.md +258 -0
data/docs/dsl_resource.md +100 -0
data/docs/glossary.md +99 -0
data/docs/habitat.md +192 -0
data/docs/inspec_and_friends.md +114 -0
data/docs/matchers.md +169 -0
data/docs/migration.md +293 -0
data/docs/platforms.md +119 -0
data/docs/plugin_kitchen_inspec.md +50 -0
data/docs/profiles.md +378 -0
data/docs/reporters.md +105 -0
data/docs/resources/aide_conf.md.erb +76 -0
data/docs/resources/apache.md.erb +67 -0
data/docs/resources/apache_conf.md.erb +68 -0
data/docs/resources/apt.md.erb +71 -0
data/docs/resources/audit_policy.md.erb +47 -0
data/docs/resources/auditd.md.erb +79 -0
data/docs/resources/auditd_conf.md.erb +68 -0
data/docs/resources/bash.md.erb +75 -0
data/docs/resources/bond.md.erb +90 -0
data/docs/resources/bridge.md.erb +57 -0
data/docs/resources/bsd_service.md.erb +67 -0
data/docs/resources/chocolatey_package.md.erb +58 -0
data/docs/resources/command.md.erb +138 -0
data/docs/resources/cpan.md.erb +79 -0
data/docs/resources/cran.md.erb +64 -0
data/docs/resources/crontab.md.erb +89 -0
data/docs/resources/csv.md.erb +54 -0
data/docs/resources/dh_params.md.erb +205 -0
data/docs/resources/directory.md.erb +30 -0
data/docs/resources/docker.md.erb +219 -0
data/docs/resources/docker_container.md.erb +103 -0
data/docs/resources/docker_image.md.erb +94 -0
data/docs/resources/docker_service.md.erb +114 -0
data/docs/resources/elasticsearch.md.erb +242 -0
data/docs/resources/etc_fstab.md.erb +125 -0
data/docs/resources/etc_group.md.erb +75 -0
data/docs/resources/etc_hosts.md.erb +78 -0
data/docs/resources/etc_hosts_allow.md.erb +74 -0
data/docs/resources/etc_hosts_deny.md.erb +74 -0
data/docs/resources/file.md.erb +526 -0
data/docs/resources/filesystem.md.erb +41 -0
data/docs/resources/firewalld.md.erb +107 -0
data/docs/resources/gem.md.erb +79 -0
data/docs/resources/group.md.erb +61 -0
data/docs/resources/grub_conf.md.erb +101 -0
data/docs/resources/host.md.erb +86 -0
data/docs/resources/http.md.erb +197 -0
data/docs/resources/iis_app.md.erb +122 -0
data/docs/resources/iis_site.md.erb +135 -0
data/docs/resources/inetd_conf.md.erb +94 -0
data/docs/resources/ini.md.erb +76 -0
data/docs/resources/interface.md.erb +58 -0
data/docs/resources/iptables.md.erb +64 -0
data/docs/resources/json.md.erb +63 -0
data/docs/resources/kernel_module.md.erb +120 -0
data/docs/resources/kernel_parameter.md.erb +53 -0
data/docs/resources/key_rsa.md.erb +85 -0
data/docs/resources/launchd_service.md.erb +57 -0
data/docs/resources/limits_conf.md.erb +75 -0
data/docs/resources/login_defs.md.erb +71 -0
data/docs/resources/mount.md.erb +69 -0
data/docs/resources/mssql_session.md.erb +60 -0
data/docs/resources/mysql_conf.md.erb +99 -0
data/docs/resources/mysql_session.md.erb +74 -0
data/docs/resources/nginx.md.erb +79 -0
data/docs/resources/nginx_conf.md.erb +138 -0
data/docs/resources/npm.md.erb +60 -0
data/docs/resources/ntp_conf.md.erb +60 -0
data/docs/resources/oneget.md.erb +53 -0
data/docs/resources/oracledb_session.md.erb +52 -0
data/docs/resources/os.md.erb +141 -0
data/docs/resources/os_env.md.erb +91 -0
data/docs/resources/package.md.erb +120 -0
data/docs/resources/packages.md.erb +67 -0
data/docs/resources/parse_config.md.erb +103 -0
data/docs/resources/parse_config_file.md.erb +138 -0
data/docs/resources/passwd.md.erb +141 -0
data/docs/resources/pip.md.erb +67 -0
data/docs/resources/port.md.erb +137 -0
data/docs/resources/postgres_conf.md.erb +79 -0
data/docs/resources/postgres_hba_conf.md.erb +93 -0
data/docs/resources/postgres_ident_conf.md.erb +76 -0
data/docs/resources/postgres_session.md.erb +69 -0
data/docs/resources/powershell.md.erb +102 -0
data/docs/resources/processes.md.erb +109 -0
data/docs/resources/rabbitmq_config.md.erb +41 -0
data/docs/resources/registry_key.md.erb +158 -0
data/docs/resources/runit_service.md.erb +57 -0
data/docs/resources/security_policy.md.erb +47 -0
data/docs/resources/service.md.erb +121 -0
data/docs/resources/shadow.md.erb +146 -0
data/docs/resources/ssh_config.md.erb +73 -0
data/docs/resources/sshd_config.md.erb +83 -0
data/docs/resources/ssl.md.erb +119 -0
data/docs/resources/sys_info.md.erb +42 -0
data/docs/resources/systemd_service.md.erb +57 -0
data/docs/resources/sysv_service.md.erb +57 -0
data/docs/resources/upstart_service.md.erb +57 -0
data/docs/resources/user.md.erb +140 -0
data/docs/resources/users.md.erb +127 -0
data/docs/resources/vbscript.md.erb +55 -0
data/docs/resources/virtualization.md.erb +57 -0
data/docs/resources/windows_feature.md.erb +47 -0
data/docs/resources/windows_hotfix.md.erb +53 -0
data/docs/resources/windows_task.md.erb +95 -0
data/docs/resources/wmi.md.erb +81 -0
data/docs/resources/x509_certificate.md.erb +151 -0
data/docs/resources/xinetd_conf.md.erb +156 -0
data/docs/resources/xml.md.erb +85 -0
data/docs/resources/yaml.md.erb +69 -0
data/docs/resources/yum.md.erb +98 -0
data/docs/resources/zfs_dataset.md.erb +53 -0
data/docs/resources/zfs_pool.md.erb +47 -0
data/docs/ruby_usage.md +203 -0
data/docs/shared/matcher_be.md.erb +1 -0
data/docs/shared/matcher_cmp.md.erb +43 -0
data/docs/shared/matcher_eq.md.erb +3 -0
data/docs/shared/matcher_include.md.erb +1 -0
data/docs/shared/matcher_match.md.erb +1 -0
data/docs/shell.md +217 -0
data/examples/README.md +8 -0
data/examples/inheritance/README.md +65 -0
data/examples/inheritance/controls/example.rb +14 -0
data/examples/inheritance/inspec.yml +15 -0
data/examples/kitchen-ansible/.kitchen.yml +25 -0
data/examples/kitchen-ansible/Gemfile +19 -0
data/examples/kitchen-ansible/README.md +53 -0
data/examples/kitchen-ansible/files/nginx.repo +6 -0
data/examples/kitchen-ansible/tasks/main.yml +16 -0
data/examples/kitchen-ansible/test/integration/default/default.yml +5 -0
data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-chef/.kitchen.yml +20 -0
data/examples/kitchen-chef/Berksfile +3 -0
data/examples/kitchen-chef/Gemfile +19 -0
data/examples/kitchen-chef/README.md +27 -0
data/examples/kitchen-chef/metadata.rb +7 -0
data/examples/kitchen-chef/recipes/default.rb +6 -0
data/examples/kitchen-chef/recipes/nginx.rb +30 -0
data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -0
data/examples/kitchen-puppet/.kitchen.yml +23 -0
data/examples/kitchen-puppet/Gemfile +20 -0
data/examples/kitchen-puppet/Puppetfile +25 -0
data/examples/kitchen-puppet/README.md +53 -0
data/examples/kitchen-puppet/manifests/site.pp +33 -0
data/examples/kitchen-puppet/metadata.json +11 -0
data/examples/kitchen-puppet/modules/.gitkeep +0 -0
data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -0
data/examples/meta-profile/README.md +37 -0
data/examples/meta-profile/controls/example.rb +13 -0
data/examples/meta-profile/inspec.yml +13 -0
data/examples/profile-attribute.yml +2 -0
data/examples/profile-attribute/README.md +14 -0
data/examples/profile-attribute/controls/example.rb +11 -0
data/examples/profile-attribute/inspec.yml +8 -0
data/examples/profile-sensitive/README.md +29 -0
data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -0
data/examples/profile-sensitive/controls/sensitive.rb +9 -0
data/examples/profile-sensitive/inspec.yml +8 -0
data/examples/profile/README.md +48 -0
data/examples/profile/controls/example.rb +23 -0
data/examples/profile/controls/gordon.rb +36 -0
data/examples/profile/controls/meta.rb +34 -0
data/examples/profile/inspec.yml +10 -0
data/examples/profile/libraries/gordon_config.rb +59 -0
data/inspec-core.gemspec +43 -0
data/lib/bundles/README.md +3 -0
data/lib/bundles/inspec-artifact.rb +7 -0
data/lib/bundles/inspec-artifact/README.md +1 -0
data/lib/bundles/inspec-artifact/cli.rb +277 -0
data/lib/bundles/inspec-compliance.rb +16 -0
data/lib/bundles/inspec-compliance/.kitchen.yml +20 -0
data/lib/bundles/inspec-compliance/README.md +193 -0
data/lib/bundles/inspec-compliance/api.rb +360 -0
data/lib/bundles/inspec-compliance/api/login.rb +193 -0
data/lib/bundles/inspec-compliance/bootstrap.sh +41 -0
data/lib/bundles/inspec-compliance/cli.rb +260 -0
data/lib/bundles/inspec-compliance/configuration.rb +103 -0
data/lib/bundles/inspec-compliance/http.rb +125 -0
data/lib/bundles/inspec-compliance/images/cc-token.png +0 -0
data/lib/bundles/inspec-compliance/support.rb +36 -0
data/lib/bundles/inspec-compliance/target.rb +106 -0
data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -0
data/lib/bundles/inspec-habitat.rb +12 -0
data/lib/bundles/inspec-habitat/cli.rb +36 -0
data/lib/bundles/inspec-habitat/log.rb +10 -0
data/lib/bundles/inspec-habitat/profile.rb +391 -0
data/lib/bundles/inspec-init.rb +8 -0
data/lib/bundles/inspec-init/README.md +31 -0
data/lib/bundles/inspec-init/cli.rb +97 -0
data/lib/bundles/inspec-init/templates/profile/README.md +3 -0
data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -0
data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -0
data/lib/bundles/inspec-init/templates/profile/libraries/.gitkeep +0 -0
data/lib/bundles/inspec-supermarket.rb +13 -0
data/lib/bundles/inspec-supermarket/README.md +45 -0
data/lib/bundles/inspec-supermarket/api.rb +84 -0
data/lib/bundles/inspec-supermarket/cli.rb +73 -0
data/lib/bundles/inspec-supermarket/target.rb +34 -0
data/lib/fetchers/git.rb +163 -0
data/lib/fetchers/local.rb +74 -0
data/lib/fetchers/mock.rb +35 -0
data/lib/fetchers/url.rb +247 -0
data/lib/inspec.rb +24 -0
data/lib/inspec/archive/tar.rb +29 -0
data/lib/inspec/archive/zip.rb +19 -0
data/lib/inspec/backend.rb +93 -0
data/lib/inspec/base_cli.rb +368 -0
data/lib/inspec/cached_fetcher.rb +66 -0
data/lib/inspec/cli.rb +292 -0
data/lib/inspec/completions/bash.sh.erb +45 -0
data/lib/inspec/completions/fish.sh.erb +34 -0
data/lib/inspec/completions/zsh.sh.erb +61 -0
data/lib/inspec/control_eval_context.rb +179 -0
data/lib/inspec/dependencies/cache.rb +72 -0
data/lib/inspec/dependencies/dependency_set.rb +92 -0
data/lib/inspec/dependencies/lockfile.rb +115 -0
data/lib/inspec/dependencies/requirement.rb +123 -0
data/lib/inspec/dependencies/resolver.rb +86 -0
data/lib/inspec/describe.rb +27 -0
data/lib/inspec/dsl.rb +66 -0
data/lib/inspec/dsl_shared.rb +33 -0
data/lib/inspec/env_printer.rb +157 -0
data/lib/inspec/errors.rb +14 -0
data/lib/inspec/exceptions.rb +12 -0
data/lib/inspec/expect.rb +45 -0
data/lib/inspec/fetcher.rb +45 -0
data/lib/inspec/file_provider.rb +275 -0
data/lib/inspec/formatters.rb +3 -0
data/lib/inspec/formatters/base.rb +259 -0
data/lib/inspec/formatters/json_rspec.rb +20 -0
data/lib/inspec/formatters/show_progress.rb +12 -0
data/lib/inspec/library_eval_context.rb +58 -0
data/lib/inspec/log.rb +11 -0
data/lib/inspec/metadata.rb +247 -0
data/lib/inspec/method_source.rb +24 -0
data/lib/inspec/objects.rb +14 -0
data/lib/inspec/objects/attribute.rb +75 -0
data/lib/inspec/objects/control.rb +61 -0
data/lib/inspec/objects/describe.rb +92 -0
data/lib/inspec/objects/each_loop.rb +36 -0
data/lib/inspec/objects/list.rb +15 -0
data/lib/inspec/objects/or_test.rb +40 -0
data/lib/inspec/objects/ruby_helper.rb +15 -0
data/lib/inspec/objects/tag.rb +27 -0
data/lib/inspec/objects/test.rb +87 -0
data/lib/inspec/objects/value.rb +27 -0
data/lib/inspec/plugins.rb +60 -0
data/lib/inspec/plugins/cli.rb +24 -0
data/lib/inspec/plugins/fetcher.rb +86 -0
data/lib/inspec/plugins/resource.rb +135 -0
data/lib/inspec/plugins/secret.rb +15 -0
data/lib/inspec/plugins/source_reader.rb +40 -0
data/lib/inspec/polyfill.rb +12 -0
data/lib/inspec/profile.rb +513 -0
data/lib/inspec/profile_context.rb +208 -0
data/lib/inspec/profile_vendor.rb +66 -0
data/lib/inspec/reporters.rb +60 -0
data/lib/inspec/reporters/automate.rb +76 -0
data/lib/inspec/reporters/base.rb +25 -0
data/lib/inspec/reporters/cli.rb +356 -0
data/lib/inspec/reporters/json.rb +116 -0
data/lib/inspec/reporters/json_min.rb +48 -0
data/lib/inspec/reporters/junit.rb +78 -0
data/lib/inspec/require_loader.rb +33 -0
data/lib/inspec/resource.rb +190 -0
data/lib/inspec/rule.rb +280 -0
data/lib/inspec/runner.rb +345 -0
data/lib/inspec/runner_mock.rb +41 -0
data/lib/inspec/runner_rspec.rb +175 -0
data/lib/inspec/runtime_profile.rb +26 -0
data/lib/inspec/schema.rb +213 -0
data/lib/inspec/secrets.rb +19 -0
data/lib/inspec/secrets/yaml.rb +30 -0
data/lib/inspec/shell.rb +220 -0
data/lib/inspec/shell_detector.rb +90 -0
data/lib/inspec/source_reader.rb +29 -0
data/lib/inspec/version.rb +8 -0
data/lib/matchers/matchers.rb +339 -0
data/lib/resources/aide_conf.rb +151 -0
data/lib/resources/apache.rb +48 -0
data/lib/resources/apache_conf.rb +149 -0
data/lib/resources/apt.rb +149 -0
data/lib/resources/audit_policy.rb +63 -0
data/lib/resources/auditd.rb +231 -0
data/lib/resources/auditd_conf.rb +46 -0
data/lib/resources/bash.rb +35 -0
data/lib/resources/bond.rb +69 -0
data/lib/resources/bridge.rb +122 -0
data/lib/resources/chocolatey_package.rb +78 -0
data/lib/resources/command.rb +73 -0
data/lib/resources/cpan.rb +58 -0
data/lib/resources/cran.rb +64 -0
data/lib/resources/crontab.rb +169 -0
data/lib/resources/csv.rb +56 -0
data/lib/resources/dh_params.rb +77 -0
data/lib/resources/directory.rb +25 -0
data/lib/resources/docker.rb +236 -0
data/lib/resources/docker_container.rb +89 -0
data/lib/resources/docker_image.rb +83 -0
data/lib/resources/docker_object.rb +57 -0
data/lib/resources/docker_service.rb +90 -0
data/lib/resources/elasticsearch.rb +169 -0
data/lib/resources/etc_fstab.rb +94 -0
data/lib/resources/etc_group.rb +154 -0
data/lib/resources/etc_hosts.rb +66 -0
data/lib/resources/etc_hosts_allow_deny.rb +112 -0
data/lib/resources/file.rb +298 -0
data/lib/resources/filesystem.rb +31 -0
data/lib/resources/firewalld.rb +143 -0
data/lib/resources/gem.rb +70 -0
data/lib/resources/groups.rb +215 -0
data/lib/resources/grub_conf.rb +227 -0
data/lib/resources/host.rb +306 -0
data/lib/resources/http.rb +253 -0
data/lib/resources/iis_app.rb +101 -0
data/lib/resources/iis_site.rb +148 -0
data/lib/resources/inetd_conf.rb +54 -0
data/lib/resources/ini.rb +29 -0
data/lib/resources/interface.rb +129 -0
data/lib/resources/iptables.rb +80 -0
data/lib/resources/json.rb +111 -0
data/lib/resources/kernel_module.rb +107 -0
data/lib/resources/kernel_parameter.rb +58 -0
data/lib/resources/key_rsa.rb +63 -0
data/lib/resources/limits_conf.rb +46 -0
data/lib/resources/login_def.rb +57 -0
data/lib/resources/mount.rb +88 -0
data/lib/resources/mssql_session.rb +101 -0
data/lib/resources/mysql.rb +82 -0
data/lib/resources/mysql_conf.rb +127 -0
data/lib/resources/mysql_session.rb +85 -0
data/lib/resources/nginx.rb +96 -0
data/lib/resources/nginx_conf.rb +226 -0
data/lib/resources/npm.rb +48 -0
data/lib/resources/ntp_conf.rb +51 -0
data/lib/resources/oneget.rb +71 -0
data/lib/resources/oracledb_session.rb +139 -0
data/lib/resources/os.rb +36 -0
data/lib/resources/os_env.rb +86 -0
data/lib/resources/package.rb +370 -0
data/lib/resources/packages.rb +111 -0
data/lib/resources/parse_config.rb +112 -0
data/lib/resources/passwd.rb +76 -0
data/lib/resources/pip.rb +130 -0
data/lib/resources/platform.rb +109 -0
data/lib/resources/port.rb +771 -0
data/lib/resources/postgres.rb +131 -0
data/lib/resources/postgres_conf.rb +114 -0
data/lib/resources/postgres_hba_conf.rb +90 -0
data/lib/resources/postgres_ident_conf.rb +79 -0
data/lib/resources/postgres_session.rb +71 -0
data/lib/resources/powershell.rb +67 -0
data/lib/resources/processes.rb +204 -0
data/lib/resources/rabbitmq_conf.rb +51 -0
data/lib/resources/registry_key.rb +297 -0
data/lib/resources/security_policy.rb +180 -0
data/lib/resources/service.rb +794 -0
data/lib/resources/shadow.rb +159 -0
data/lib/resources/ssh_conf.rb +97 -0
data/lib/resources/ssl.rb +99 -0
data/lib/resources/sys_info.rb +28 -0
data/lib/resources/toml.rb +32 -0
data/lib/resources/users.rb +654 -0
data/lib/resources/vbscript.rb +68 -0
data/lib/resources/virtualization.rb +247 -0
data/lib/resources/windows_feature.rb +84 -0
data/lib/resources/windows_hotfix.rb +35 -0
data/lib/resources/windows_task.rb +102 -0
data/lib/resources/wmi.rb +110 -0
data/lib/resources/x509_certificate.rb +137 -0
data/lib/resources/xinetd.rb +106 -0
data/lib/resources/xml.rb +46 -0
data/lib/resources/yaml.rb +43 -0
data/lib/resources/yum.rb +180 -0
data/lib/resources/zfs_dataset.rb +60 -0
data/lib/resources/zfs_pool.rb +49 -0
data/lib/source_readers/flat.rb +39 -0
data/lib/source_readers/inspec.rb +75 -0
data/lib/utils/command_wrapper.rb +27 -0
data/lib/utils/convert.rb +12 -0
data/lib/utils/database_helpers.rb +77 -0
data/lib/utils/enumerable_delegation.rb +9 -0
data/lib/utils/erlang_parser.rb +192 -0
data/lib/utils/file_reader.rb +25 -0
data/lib/utils/filter.rb +273 -0
data/lib/utils/filter_array.rb +27 -0
data/lib/utils/find_files.rb +47 -0
data/lib/utils/hash.rb +41 -0
data/lib/utils/json_log.rb +18 -0
data/lib/utils/latest_version.rb +22 -0
data/lib/utils/modulator.rb +12 -0
data/lib/utils/nginx_parser.rb +105 -0
data/lib/utils/object_traversal.rb +49 -0
data/lib/utils/parser.rb +274 -0
data/lib/utils/pkey_reader.rb +15 -0
data/lib/utils/plugin_registry.rb +93 -0
data/lib/utils/simpleconfig.rb +120 -0
data/lib/utils/spdx.rb +13 -0
data/lib/utils/spdx.txt +344 -0
metadata +713 -0

data/lib/utils/file_reader.rb ADDED

@@ -0,0 +1,25 @@
+# encoding: utf-8
+# author: ERAMOTO Masaya
+module FileReader
+  def read_file_content(path, allow_empty = false)
+    # these are currently ResourceSkipped to maintain consistency with the resource
+    # pre-refactor (which used skip_resource). These should likely be changed to
+    # ResourceFailed during a major version bump.
+    file = inspec.file(path)
+    if !file.file?
+      raise Inspec::Exceptions::ResourceSkipped, "Can't find file: #{path}"
+    end
+    raw_content = file.content
+    if raw_content.nil?
+      raise Inspec::Exceptions::ResourceSkipped, "Can't read file: #{path}"
+    end
+    if !allow_empty && raw_content.empty?
+      raise Inspec::Exceptions::ResourceSkipped, "File is empty: #{path}"
+    end
+    raw_content
+  end
+end

data/lib/utils/filter.rb ADDED

@@ -0,0 +1,273 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Stephan Renatus
+# author: Christoph Hartmann
+module FilterTable
+  module Show; end
+  class ExceptionCatcher
+    def initialize(original_resource, original_exception)
+      @original_resource = original_resource
+      @original_exception = original_exception
+    end
+    # This method is called via the runner and signals RSpec to output a block
+    # showing why the resource was skipped. This prevents the resource from
+    # being added to the test collection and being evaluated.
+    def resource_skipped?
+      @original_exception.is_a?(Inspec::Exceptions::ResourceSkipped)
+    end
+    # This method is called via the runner and signals RSpec to output a block
+    # showing why the resource failed. This prevents the resource from
+    # being added to the test collection and being evaluated.
+    def resource_failed?
+      @original_exception.is_a?(Inspec::Exceptions::ResourceFailed)
+    end
+    def resource_exception_message
+      @original_exception.message
+    end
+    # Capture message chains and return `ExceptionCatcher` objects
+    def method_missing(*)
+      self
+    end
+    # RSpec will check the object returned to see if it responds to a method
+    # before calling it. We need to fake it out and tell it that it does. This
+    # allows it to skip past that check and fall through to #method_missing
+    def respond_to?(_method)
+      true
+    end
+    def to_s
+      @original_resource.to_s
+    end
+    alias inspect to_s
+  end
+  class Trace
+    def initialize
+      @chain = []
+    end
+    %w{== != >= > < <= =~ !~}.each do |m|
+      define_method m.to_sym do |*args|
+        res = Trace.new
+        @chain.push([[m.to_sym] + args, res])
+        res
+      end
+    end
+    def method_missing(*args)
+      res = Trace.new
+      @chain.push([args, res])
+      res
+    end
+    def self.to_ruby(trace)
+      chain = trace.instance_variable_get(:@chain)
+      return '' if chain.empty?
+      ' ' + chain.map do |el|
+        m = el[0][0]
+        args = el[0].drop(1)
+        nxt = to_ruby(el[1])
+        next m.to_s + nxt if args.empty?
+        next m.to_s + ' ' + args[0].inspect + nxt if args.length == 1
+        m.to_s + '(' + args.map(&:inspect).join(', ') + ')' + nxt
+      end.join(' ')
+    end
+  end
+  class Table
+    attr_reader :params, :resource
+    def initialize(resource, params, filters)
+      @resource = resource
+      @params = params
+      @params = [] if @params.nil?
+      @filters = filters
+    end
+    def where(conditions = {}, &block)
+      return self if !conditions.is_a?(Hash)
+      return self if conditions.empty? && !block_given?
+      filters = ''
+      table = @params
+      conditions.each do |field, condition|
+        filters += " #{field} == #{condition.inspect}"
+        table = filter_lines(table, field, condition)
+      end
+      if block_given?
+        table = table.find_all { |e| new_entry(e, '').instance_eval(&block) }
+        src = Trace.new
+        src.instance_eval(&block)
+        filters += Trace.to_ruby(src)
+      end
+      self.class.new(@resource, table, @filters + filters)
+    end
+    def new_entry(*_)
+      raise "#{self.class} must not be used on its own. It must be inherited "\
+           'and the #new_entry method must be implemented. This is an internal '\
+           'error and should not happen.'
+    end
+    def entries
+      f = @resource.to_s + @filters.to_s + ' one entry'
+      @params.map do |line|
+        new_entry(line, f)
+      end
+    end
+    def get_field(field)
+      @params.map do |line|
+        line[field]
+      end
+    end
+    def to_s
+      @resource.to_s + @filters
+    end
+    alias inspect to_s
+    private
+    def matches_float(x, y)
+      return false if x.nil?
+      return false if !x.is_a?(Float) && (x =~ /\A[-+]?(\d+\.?\d*|\.\d+)\z/).nil?
+      x.to_f == y
+    end
+    def matches_int(x, y)
+      return false if x.nil?
+      return false if !x.is_a?(Integer) && (x =~ /\A[-+]?\d+\z/).nil?
+      x.to_i == y
+    end
+    def matches_regex(x, y)
+      return x == y if x.is_a?(Regexp)
+      !x.to_s.match(y).nil?
+    end
+    def matches(x, y)
+      x === y # rubocop:disable Style/CaseEquality
+    end
+    def filter_lines(table, field, condition)
+      m = case condition
+          when Float   then method(:matches_float)
+          when Integer then method(:matches_int)
+          when Regexp  then method(:matches_regex)
+          else              method(:matches)
+          end
+      table.find_all do |line|
+        next unless line.key?(field)
+        m.call(line[field], condition)
+      end
+    end
+  end
+  class Factory
+    Connector = Struct.new(:field_name, :block, :opts)
+    def initialize
+      @accessors = []
+      @connectors = {}
+      @resource = nil
+    end
+    def connect(resource, table_accessor) # rubocop:disable Metrics/AbcSize
+      # create the table structure
+      connectors = @connectors
+      struct_fields = connectors.values.map(&:field_name)
+      connector_blocks = connectors.map do |method, c|
+        [method.to_sym, create_connector(c)]
+      end
+      # the struct to hold single items from the #entries method
+      entry_struct = Struct.new(*struct_fields.map(&:to_sym)) do
+        attr_accessor :__filter
+        def to_s
+          @__filter || super
+        end
+      end unless struct_fields.empty?
+      # the main filter table
+      table = Class.new(Table) {
+        connector_blocks.each do |x|
+          define_method x[0], &x[1]
+        end
+        define_method :new_entry do |hashmap, filter = ''|
+          return entry_struct.new if hashmap.nil?
+          res = entry_struct.new(*struct_fields.map { |x| hashmap[x] })
+          res.__filter = filter
+          res
+        end
+      }
+      # Define all access methods with the parent resource
+      # These methods will be configured to return an `ExceptionCatcher` object
+      # that will always return the original exception, but only when called
+      # upon. This will allow method chains in `describe` statements to pass the
+      # `instance_eval` when loaded and only throw-and-catch the exception when
+      # the tests are run.
+      accessors = @accessors + @connectors.keys
+      accessors.each do |method_name|
+        resource.send(:define_method, method_name.to_sym) do |*args, &block|
+          begin
+            filter = table.new(self, method(table_accessor).call, ' with')
+            filter.method(method_name.to_sym).call(*args, &block)
+          rescue Inspec::Exceptions::ResourceFailed, Inspec::Exceptions::ResourceSkipped => e
+            FilterTable::ExceptionCatcher.new(resource, e)
+          end
+        end
+      end
+    end
+    def add_accessor(method_name)
+      if method_name.nil?
+        throw RuntimeError, "Called filter.add_delegator for resource #{@resource} with method name nil!"
+      end
+      @accessors.push(method_name)
+      self
+    end
+    def add(method_name, opts = {}, &block)
+      if method_name.nil?
+        throw RuntimeError, "Called filter.add for resource #{@resource} with method name nil!"
+      end
+      @connectors[method_name.to_sym] =
+        Connector.new(opts[:field] || method_name, block, opts)
+      self
+    end
+    private
+    def create_connector(c)
+      return ->(cond = Show) { c.block.call(self, cond) } if !c.block.nil?
+      lambda { |condition = Show, &cond_block|
+        if condition == Show && !block_given?
+          r = where(nil).get_field(c.field_name)
+          r = r.flatten.uniq.compact if c.opts[:style] == :simple
+          r
+        else
+          where({ c.field_name => condition }, &cond_block)
+        end
+      }
+    end
+  end
+  def self.create
+    Factory.new
+  end
+end

data/lib/utils/filter_array.rb ADDED

@@ -0,0 +1,27 @@
+# encoding: utf-8
+# copyright: 2015, Chef Software, Inc.
+# author: Stephan Renatus
+class FilterArray
+  attr_accessor :rules
+  alias content rules
+  def initialize(rules)
+    @rules = rules
+  end
+  # allows for chaining
+  # .field('arch', 'b32').field('key', 'access').rules
+  def field(key, value = nil)
+    if value
+      res = rules.find_all { |r| r[key.to_sym] == value }
+      FilterArray.new(res)
+    else
+      rules.map { |h| h[key.to_sym] }.uniq
+    end
+  end
+  def method_missing(meth, *args)
+    field(meth, args[0])
+  end
+end

data/lib/utils/find_files.rb ADDED

@@ -0,0 +1,47 @@
+# encoding: utf-8
+# copyright: 2015, Vulcano Security GmbH
+# author: Dominik Richter
+# author: Christoph Hartmann
+module FindFiles
+  TYPES = {
+    block: 'b',
+    character: 'c',
+    directory: 'd',
+    pipe: 'p',
+    file: 'f',
+    link: 'l',
+    socket: 's',
+    door: 'D',
+  }.freeze
+  # ignores errors
+  def find_files(path, opts = {})
+    find_files_or_warn(path, opts) || []
+  end
+  def find_files_or_warn(path, opts = {})
+    depth = opts[:depth]
+    type = TYPES[opts[:type].to_sym] if opts[:type]
+    # If `path` contains a `'` we must modify how we quote the `sh -c` argument
+    quote = path.include?("'") ? '"' : '\''
+    cmd = "sh -c #{quote}find #{path}"
+    cmd += " -type #{type}" unless type.nil?
+    cmd += " -maxdepth #{depth.to_i}" if depth.to_i > 0
+    cmd += quote
+    result = inspec.command(cmd)
+    exit_status = result.exit_status
+    unless exit_status == 0
+      warn "find_files(): exit #{exit_status} from `#{cmd}`"
+      return nil
+    end
+    result.stdout.split("\n")
+          .map(&:strip)
+          .find_all { |x| !x.empty? }
+  end
+end

data/lib/utils/hash.rb ADDED

@@ -0,0 +1,41 @@
+# encoding: utf-8
+# author: Dominik Richter
+# author: Christoph Hartmann
+class ::Hash
+  # Inspired by: http://stackoverflow.com/a/9381776
+  def deep_merge(second)
+    merger = proc { |_key, v1, v2|
+      v1.is_a?(Hash) && v2.is_a?(Hash) ? v1.merge(v2, &merger) : v2
+    }
+    merge(second, &merger)
+  end
+  # converts a deep hash into a flat hash
+  # hash = {
+  #   'a' => 1,
+  #   'b' => {'c' => 2},
+  # }
+  # hash.smash # => {"a"=>1, "b-c"=>2}
+  def smash(prefix = nil)
+    inject({}) do |acc, (key, value)|
+      index = prefix.to_s + key.to_s
+      if value.is_a?(Hash)
+        acc.merge(value.smash(index + '-'))
+      else
+        acc.merge(index => value)
+      end
+    end
+  end
+  # deep check if all values are contained
+  def contains(contains)
+    hash = smash
+    contains = contains.smash
+    contains.each do |key, val|
+      return false if hash[key] != val
+    end
+    true
+  end
+end

data/lib/utils/json_log.rb ADDED

@@ -0,0 +1,18 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+require 'json'
+# a simple streaming json logger
+class Logger::JSONFormatter < Logger::Formatter
+  def call(severity, time, progname, msg)
+    puts JSON.generate(
+      {
+        'progname'=> progname,
+        'severity'=> severity,
+        'time'=> time,
+        'msg'=> msg,
+      },
+    )
+  end
+end

data/lib/utils/latest_version.rb ADDED

@@ -0,0 +1,22 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+require 'json'
+require 'net/http'
+class LatestInSpecVersion
+  # fetches the latest version from rubygems server
+  def latest
+    uri = URI('https://rubygems.org/api/v1/gems/inspec.json')
+    res = Net::HTTP.start(
+      uri.host, uri.port, use_ssl: uri.scheme == 'https',
+      open_timeout: 0.5, read_timeout: 0.5
+    ) { |http|
+      http.get(uri.path)
+    }
+    inspec_info = JSON.parse(res.body)
+    inspec_info['version']
+  rescue StandardError
+    nil
+  end
+end