inspec-core 2.1.84 → 2.2.10

data/docs/matchers.md

@@ -55,58 +55,58 @@ end
 
 * Compare strings to numbers
 
-    ```ruby
-    describe sshd_config do
-      its('Protocol') { should eq '2' }
+```ruby
+describe sshd_config do
+  its('Protocol') { should eq '2' }
 
-      its('Protocol') { should cmp '2' }
-      its('Protocol') { should cmp 2 }
-    end
-    ```
+  its('Protocol') { should cmp '2' }
+  its('Protocol') { should cmp 2 }
+end
+```
 
 * String comparisons are not case-sensitive
 
-    ```ruby
-    describe auditd_conf do
-      its('log_format') { should cmp 'raw' }
-      its('log_format') { should cmp 'RAW' }
-    end
-    ```
+```ruby
+describe auditd_conf do
+  its('log_format') { should cmp 'raw' }
+  its('log_format') { should cmp 'RAW' }
+end
+```
 * Recognize versions embedded in strings
 
-    ```ruby
-    describe package(curl) do
-      its('version') { should cmp > '7.35.0-1ubuntu2.10' }
-    end
-    ```
+```ruby
+describe package(curl) do
+  its('version') { should cmp > '7.35.0-1ubuntu2.10' }
+end
+```
 
 * Compare arrays with only one entry to a value
 
-    ```ruby
-    describe passwd.uids(0) do
-      its('users') { should cmp 'root' }
-      its('users') { should cmp ['root'] }
-    end
-    ```
+```ruby
+describe passwd.uids(0) do
+  its('users') { should cmp 'root' }
+  its('users') { should cmp ['root'] }
+end
+```
 
 * Single-value arrays of strings may also be compared to a regex
 
-    ```ruby
-    describe auditd_conf do
-      its('log_format') { should cmp /raw/i }
-    end
-    ```
+```ruby
+describe auditd_conf do
+  its('log_format') { should cmp /raw/i }
+end
+```
 
 * Improved printing of octal comparisons
 
-    ```ruby
-    describe file('/proc/cpuinfo') do
-      its('mode') { should cmp '0345' }
-    end
+```ruby
+describe file('/proc/cpuinfo') do
+  its('mode') { should cmp '0345' }
+end
 
-    expected: 0345
-    got: 0444
-    ```
+expected: 0345
+got: 0444
+```
 <br>
 
 ## eq

data/docs/profiles.md

@@ -29,7 +29,7 @@ where:
 * `files` is the directory with additional files that a profile can access (optional)
 * `README.md` should be used to explain the profile, its scope, and usage
 
-See a complete example profile in the InSpec open source repository: [https://github.com/chef/inspec/tree/master/examples/profile](https://github.com/chef/inspec/tree/master/examples/profile)
+See a complete example profile in the InSpec open source repository: [Example InSpec Profile](https://github.com/chef/inspec/tree/master/examples/profile)
 
 Also check out [Explore InSpec resources](https://learn.chef.io/modules/explore-inspec-resources#/) on Learn Chef Rally to learn more about how profiles are structured with hands-on examples.
 
@@ -300,7 +300,7 @@ The following command runs the tests and applies the secrets specified in `profi
 
     $ inspec exec examples/profile-attribute --attrs examples/profile-attribute.yml
 
-See the full example in the InSpec open source repository: https://github.com/chef/inspec/tree/master/examples/profile-attribute
+See the full example in the InSpec open source repository: [Example InSpec Profile with Attributes](https://github.com/chef/inspec/tree/master/examples/profile-attribute)
 
 # Profile files
 

data/docs/resources/apache.md.erb

@@ -28,7 +28,7 @@ where
 
 ## Properties
 
-* 'service', 'conf_dir', 'conf_path', 'user'
+* `service`, `conf_dir`, `conf_path`, `user`
 
 <br>
 

data/docs/resources/crontab.md.erb

@@ -38,15 +38,19 @@ The following examples show how to use this InSpec audit resource.
 
 ### Test that the logged-in user's crontab has no tasks set to run on every hour and every minute
 
-    describe crontab.where({'hour' => '*', 'minute' => '*'}) do
-      its('entries.length') { should cmp '0' }
-    end
+```ruby
+describe crontab.where({'hour' => '*', 'minute' => '*'}) do
+  its('entries.length') { should cmp '0' }
+end
+```
 
 ### Test that the logged-in user's crontab contains a single command that matches a pattern
 
-    describe crontab.where { command =~ /a partial command string/ } do
-      its('entries.length') { should cmp 1 }
-    end
+```ruby
+describe crontab.where { command =~ /a partial command string/ } do
+  its('entries.length') { should cmp 1 }
+end
+```
 
 ### Test a special time string (i.e., @yearly /root/annual_report.sh)
 

data/docs/resources/dh_params.md.erb

@@ -51,31 +51,33 @@ Verify prime modulus used for the Diffie-Hellman operation:
 
 Example using multi-line string:
 
-    describe dh_params('/path/to/file.dh_pem') do
-      its('modulus') do
-        # regex removes all whitespace
-        should eq <<-EOF.gsub(/[[:space:]]+/, '')
-          00:91:a0:15:89:e5:bc:38:93:12:02:fc:91:a2:85:
-          f7:f7:29:63:2e:d3:4e:7a:86:f7:ee:84:fe:42:d0:
-          48:bc:9c:91:d5:54:f8:78:1d:c0:41:78:a2:c4:ac:
-          1a:24:8b:9d:88:55:98:0b:ac:a7:23:eb:c2:aa:2b:
-          2e:a9:f9:af:d4:8e:4e:11:bc:7f:35:a2:ac:da:3a:
-          ef:f0:25:6c:9a:a4:fd:00:28:76:86:2c:57:87:67:
-          30:5d:b1:d6:5b:22:8f:72:a1:ea:de:8b:ef:9e:33:
-          1a:40:92:68:85:02:54:02:09:fa:c0:60:c1:3c:4e:
-          28:26:db:ed:25:8e:38:21:56:40:dc:c0:c0:66:1f:
-          2b:32:c3:b4:78:a9:26:94:ea:f7:41:28:b2:f5:5b:
-          01:38:0c:46:09:85:26:4d:69:12:8d:95:0f:35:e2:
-          e6:4e:47:3a:86:dd:8a:b2:fe:45:15:27:d8:59:c2:
-          3c:f4:62:ff:5f:74:e9:77:92:50:47:36:2b:05:57:
-          60:ee:7b:a1:60:cc:1c:7a:2b:77:18:8a:37:f7:c7:
-          31:3e:15:cb:15:7f:7b:66:96:fb:c6:be:7d:d6:03:
-          5e:0d:60:75:2b:5b:62:2a:a3:37:b6:34:f9:fe:96:
-          4c:f6:c5:e3:a1:52:af:01:c1:4f:c7:42:a0:be:ed:
-          cd:13
-        EOF
-      end
-    end
+```ruby
+describe dh_params('/path/to/file.dh_pem') do
+  its('modulus') do
+    # regex removes all whitespace
+    should eq <<-EOF.gsub(/[[:space:]]+/, '')
+      00:91:a0:15:89:e5:bc:38:93:12:02:fc:91:a2:85:
+      f7:f7:29:63:2e:d3:4e:7a:86:f7:ee:84:fe:42:d0:
+      48:bc:9c:91:d5:54:f8:78:1d:c0:41:78:a2:c4:ac:
+      1a:24:8b:9d:88:55:98:0b:ac:a7:23:eb:c2:aa:2b:
+      2e:a9:f9:af:d4:8e:4e:11:bc:7f:35:a2:ac:da:3a:
+      ef:f0:25:6c:9a:a4:fd:00:28:76:86:2c:57:87:67:
+      30:5d:b1:d6:5b:22:8f:72:a1:ea:de:8b:ef:9e:33:
+      1a:40:92:68:85:02:54:02:09:fa:c0:60:c1:3c:4e:
+      28:26:db:ed:25:8e:38:21:56:40:dc:c0:c0:66:1f:
+      2b:32:c3:b4:78:a9:26:94:ea:f7:41:28:b2:f5:5b:
+      01:38:0c:46:09:85:26:4d:69:12:8d:95:0f:35:e2:
+      e6:4e:47:3a:86:dd:8a:b2:fe:45:15:27:d8:59:c2:
+      3c:f4:62:ff:5f:74:e9:77:92:50:47:36:2b:05:57:
+      60:ee:7b:a1:60:cc:1c:7a:2b:77:18:8a:37:f7:c7:
+      31:3e:15:cb:15:7f:7b:66:96:fb:c6:be:7d:d6:03:
+      5e:0d:60:75:2b:5b:62:2a:a3:37:b6:34:f9:fe:96:
+      4c:f6:c5:e3:a1:52:af:01:c1:4f:c7:42:a0:be:ed:
+      cd:13
+    EOF
+  end
+end
+```
 
 ### prime_length (Integer)
 
@@ -95,19 +97,21 @@ Verify `pem` output of DH parameters:
 
 Example using multi-line string:
 
-    its('pem') do
-      # regex removes all leading spaces
-      should eq <<-EOF.gsub(/^[[:blank:]]+/, '')
-        -----BEGIN DH PARAMETERS-----
-        MIIBCAKCAQEAkaAVieW8OJMSAvyRooX39yljLtNOeob37oT+QtBIvJyR1VT4eB3A
-        QXiixKwaJIudiFWYC6ynI+vCqisuqfmv1I5OEbx/NaKs2jrv8CVsmqT9ACh2hixX
-        h2cwXbHWWyKPcqHq3ovvnjMaQJJohQJUAgn6wGDBPE4oJtvtJY44IVZA3MDAZh8r
-        MsO0eKkmlOr3QSiy9VsBOAxGCYUmTWkSjZUPNeLmTkc6ht2Ksv5FFSfYWcI89GL/
-        X3Tpd5JQRzYrBVdg7nuhYMwceit3GIo398cxPhXLFX97Zpb7xr591gNeDWB1K1ti
-        KqM3tjT5/pZM9sXjoVKvAcFPx0Kgvu3NEwIBAg==
-        -----END DH PARAMETERS-----
-      EOF
-    end
+```ruby
+its('pem') do
+  # regex removes all leading spaces
+  should eq <<-EOF.gsub(/^[[:blank:]]+/, '')
+    -----BEGIN DH PARAMETERS-----
+    MIIBCAKCAQEAkaAVieW8OJMSAvyRooX39yljLtNOeob37oT+QtBIvJyR1VT4eB3A
+    QXiixKwaJIudiFWYC6ynI+vCqisuqfmv1I5OEbx/NaKs2jrv8CVsmqT9ACh2hixX
+    h2cwXbHWWyKPcqHq3ovvnjMaQJJohQJUAgn6wGDBPE4oJtvtJY44IVZA3MDAZh8r
+    MsO0eKkmlOr3QSiy9VsBOAxGCYUmTWkSjZUPNeLmTkc6ht2Ksv5FFSfYWcI89GL/
+    X3Tpd5JQRzYrBVdg7nuhYMwceit3GIo398cxPhXLFX97Zpb7xr591gNeDWB1K1ti
+    KqM3tjT5/pZM9sXjoVKvAcFPx0Kgvu3NEwIBAg==
+    -----END DH PARAMETERS-----
+  EOF
+end
+```
 
 Verify via `openssl dhparam` command:
 
@@ -131,32 +135,34 @@ Verify human-readable text output of DH parameters:
 
 Example using multi-line string:
 
-    its('text') do
-      # regex removes 2 leading spaces
-      should eq <<-EOF.gsub(/^[[:blank:]]{2}/, '')
-        PKCS#3 DH Parameters: (2048 bit)
-            prime:
-                00:91:a0:15:89:e5:bc:38:93:12:02:fc:91:a2:85:
-                f7:f7:29:63:2e:d3:4e:7a:86:f7:ee:84:fe:42:d0:
-                48:bc:9c:91:d5:54:f8:78:1d:c0:41:78:a2:c4:ac:
-                1a:24:8b:9d:88:55:98:0b:ac:a7:23:eb:c2:aa:2b:
-                2e:a9:f9:af:d4:8e:4e:11:bc:7f:35:a2:ac:da:3a:
-                ef:f0:25:6c:9a:a4:fd:00:28:76:86:2c:57:87:67:
-                30:5d:b1:d6:5b:22:8f:72:a1:ea:de:8b:ef:9e:33:
-                1a:40:92:68:85:02:54:02:09:fa:c0:60:c1:3c:4e:
-                28:26:db:ed:25:8e:38:21:56:40:dc:c0:c0:66:1f:
-                2b:32:c3:b4:78:a9:26:94:ea:f7:41:28:b2:f5:5b:
-                01:38:0c:46:09:85:26:4d:69:12:8d:95:0f:35:e2:
-                e6:4e:47:3a:86:dd:8a:b2:fe:45:15:27:d8:59:c2:
-                3c:f4:62:ff:5f:74:e9:77:92:50:47:36:2b:05:57:
-                60:ee:7b:a1:60:cc:1c:7a:2b:77:18:8a:37:f7:c7:
-                31:3e:15:cb:15:7f:7b:66:96:fb:c6:be:7d:d6:03:
-                5e:0d:60:75:2b:5b:62:2a:a3:37:b6:34:f9:fe:96:
-                4c:f6:c5:e3:a1:52:af:01:c1:4f:c7:42:a0:be:ed:
-                cd:13
-            generator: 2 (0x2)
-        EOF
-    end
+```ruby
+its('text') do
+  # regex removes 2 leading spaces
+  should eq <<-EOF.gsub(/^[[:blank:]]{2}/, '')
+    PKCS#3 DH Parameters: (2048 bit)
+        prime:
+            00:91:a0:15:89:e5:bc:38:93:12:02:fc:91:a2:85:
+            f7:f7:29:63:2e:d3:4e:7a:86:f7:ee:84:fe:42:d0:
+            48:bc:9c:91:d5:54:f8:78:1d:c0:41:78:a2:c4:ac:
+            1a:24:8b:9d:88:55:98:0b:ac:a7:23:eb:c2:aa:2b:
+            2e:a9:f9:af:d4:8e:4e:11:bc:7f:35:a2:ac:da:3a:
+            ef:f0:25:6c:9a:a4:fd:00:28:76:86:2c:57:87:67:
+            30:5d:b1:d6:5b:22:8f:72:a1:ea:de:8b:ef:9e:33:
+            1a:40:92:68:85:02:54:02:09:fa:c0:60:c1:3c:4e:
+            28:26:db:ed:25:8e:38:21:56:40:dc:c0:c0:66:1f:
+            2b:32:c3:b4:78:a9:26:94:ea:f7:41:28:b2:f5:5b:
+            01:38:0c:46:09:85:26:4d:69:12:8d:95:0f:35:e2:
+            e6:4e:47:3a:86:dd:8a:b2:fe:45:15:27:d8:59:c2:
+            3c:f4:62:ff:5f:74:e9:77:92:50:47:36:2b:05:57:
+            60:ee:7b:a1:60:cc:1c:7a:2b:77:18:8a:37:f7:c7:
+            31:3e:15:cb:15:7f:7b:66:96:fb:c6:be:7d:d6:03:
+            5e:0d:60:75:2b:5b:62:2a:a3:37:b6:34:f9:fe:96:
+            4c:f6:c5:e3:a1:52:af:01:c1:4f:c7:42:a0:be:ed:
+            cd:13
+        generator: 2 (0x2)
+    EOF
+end
+```
 
 Verify via `openssl dhparam` command:
 
@@ -189,7 +195,7 @@ Verify via `openssl dhparam` command:
 
 For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
 
-### valid?
+### be_valid
 
 Verify whether DH parameters are valid:
 

data/docs/resources/docker_service.md.erb

@@ -50,7 +50,7 @@ The `id` property returns the service id:
 
 ### image
 
-The `image` property tests the value of the image. It is a combination of `repository:tag`:
+The `image` property is a combination of `repository:tag` it tests the value of the image:
 
     its('image') { should eq 'alpine:latest' }
 

data/docs/resources/etc_fstab.md.erb

@@ -89,7 +89,7 @@ Use the optional constructor parameter to give an alternative path to fstab file
       its('dump_options') { should cmp 0 }
     end
 
-### file_system_options
+### file\_system\_options
 
 `file_system_options` returns a integer array of each partitions file system option.
 

data/docs/resources/firewalld.md.erb

@@ -80,7 +80,7 @@ The `be_running` matcher tests if the firewalld service is running:
 
     it { should be_running }
 
-### have_zone
+### `have_zone`
 
 `have_zone` returns true or false if the zone is set on firewalld. It does not mean the zone is active.
 

data/docs/resources/http.md.erb

@@ -172,7 +172,7 @@ In InSpec 2.0, the HTTP test will automatically execute remotely whenever InSpec
 
 The `body` matcher tests body content of http response:
 
-   its('body') { should eq 'hello\n' }
+    its('body') { should eq 'hello\n' }
 
 ### headers
 

data/docs/resources/iis_app.md.erb

@@ -28,7 +28,7 @@ where
 * `'site_name'` is the name of the site, such as `'Default Web Site'`
 * `('application_pool')` is the name of the application pool in which the site's root application is run, such as `'DefaultAppPool'`
 * `('protocols')` is a binding for the site, such as `'http'`. A site may have multiple bindings; therefore, use a `have_protocol` matcher for each site protocol to be tested
-* `('physical_path') is the physical path to the application, such as `'C:\\inetpub\\wwwroot\\myapp'`
+* `('physical_path')` is the physical path to the application, such as `'C:\\inetpub\\wwwroot\\myapp'`
 
 For example:
 

data/docs/resources/inetd_conf.md.erb

@@ -5,7 +5,7 @@ platform: linux
 
 # inetd_conf
 
-Use the `inetd_conf` InSpec audit resource to test if a service is listed in the `inetd.conf` file on Linux and Unix platforms. inetd---the Internet service daemon---listens on dedicated ports, and then loads the appropriate program based on a request. The `inetd.conf` file is typically located at `/etc/inetd.conf` and contains a list of Internet services associated to the ports on which that service will listen. Only enabled services may handle a request; only services that are required by the system should be enabled.`
+Use the `inetd_conf` InSpec audit resource to test if a service is listed in the `inetd.conf` file on Linux and Unix platforms. inetd---the Internet service daemon---listens on dedicated ports, and then loads the appropriate program based on a request. The `inetd.conf` file is typically located at `/etc/inetd.conf` and contains a list of Internet services associated to the ports on which that service will listen. Only enabled services may handle a request; only services that are required by the system should be enabled.
 
 <br>
 

data/docs/resources/nginx.md.erb

@@ -32,7 +32,7 @@ where
 
 ## Properties
 
-* 'compiler_info',  'error_log_path',  'http_client_body_temp_path',  'http_fastcgi_temp_path',  'http_log_path',  'http_proxy_temp_path',  'http_scgi_temp_path',  'http_uwsgi_temp_path',  'lock_path',  'modules', 'modules_path',  'openssl_version',  'prefix',  'sbin_path',  'service',  'support_info',  'version'
+* `compiler_info`,  `error_log_path`,  `http_client_body_temp_path`,  `http_fastcgi_temp_path`,  `http_log_path`,  `http_proxy_temp_path`,  `http_scgi_temp_path`,  `http_uwsgi_temp_path`,  `lock_path`,  `modules`, `modules_path`,  `openssl_version`,  `prefix`,  `sbin_path`,  `service`,  `support_info`,  `version`
 
 <br>
 

data/docs/resources/npm.md.erb

@@ -5,7 +5,7 @@ platform: os
 
 # npm
 
-Use the `npm` InSpec audit resource to test if a global NPM package is installed. NPM is the the package manager for Node.js packages (https://docs.npmjs.com), such as Bower and StatsD.
+Use the `npm` InSpec audit resource to test if a global NPM package is installed. NPM is the the package manager for [Node.js packages](https://docs.npmjs.com), such as Bower and StatsD.
 
 <br>
 
@@ -22,6 +22,14 @@ where
 * `('npm_package_name')` must specify an NPM package, such as `'bower'` or `'statsd'`
 * `be_installed` is a valid matcher for this resource
 
+You can also specify additional options:
+
+    describe npm('npm_package_name', path: '/path/to/project') do
+      it { should be_installed }
+    end
+
+The `path` specifies a folder, that contains a `node_modules` subdirectory. It emulates running `npm` inside the specified folder. This way you can inspect local NPM installations as well as global ones.
+
 <br>
 
 ## Examples

data/docs/resources/os.md.erb

@@ -120,22 +120,24 @@ Use `os.family` to enable more granular testing of platforms, platform names, ar
 
 For example, both of the following tests should have the same result:
 
-    if os.family == 'debian'
-      describe port(69) do
-        its('processes') { should include 'in.tftpd' }
-      end
-    elsif os.family == 'redhat'
-      describe port(69) do
-        its('processes') { should include 'xinetd' }
-      end
-    end
-
-    if os.debian?
-      describe port(69) do
-        its('processes') { should include 'in.tftpd' }
-      end
-    elsif os.redhat?
-      describe port(69) do
-        its('processes') { should include 'xinetd' }
-      end
-    end
+```ruby
+if os.family == 'debian'
+  describe port(69) do
+    its('processes') { should include 'in.tftpd' }
+  end
+elsif os.family == 'redhat'
+  describe port(69) do
+    its('processes') { should include 'xinetd' }
+  end
+end
+
+if os.debian?
+  describe port(69) do
+    its('processes') { should include 'in.tftpd' }
+  end
+elsif os.redhat?
+  describe port(69) do
+    its('processes') { should include 'xinetd' }
+  end
+end
+```