RubyGems - inspec-core - Versions diffs - 2.2.112 → 2.3.4 - Mend

inspec-core 2.2.112 → 2.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb ADDED

@@ -0,0 +1,71 @@
+require_relative '../../../shared/core_plugin_test_helper.rb'
+#-----------------------------------------------------------------------#
+# Thor option defs
+#-----------------------------------------------------------------------#
+class PluginManagerCliOptions < MiniTest::Test
+  include CorePluginUnitHelper
+  let(:cli_class) { InspecPlugins::PluginManager::CliCommand }
+  def setup
+    require_relative '../../lib/inspec-plugin-manager-cli/cli_command'
+  end
+  def test_list_args
+    arg_config = cli_class.all_commands['list'].options
+    assert_equal 1, arg_config.count, 'The list command should have 1 option'
+    assert_includes arg_config.keys, :all, 'The list command should have an --all option'
+    assert_equal :boolean, arg_config[:all].type, 'The --all option should be boolean'
+    assert_equal :a, arg_config[:all].aliases.first, 'The --all option should be aliased as -a'
+    refute_nil arg_config[:all].description, 'The --all option should have a description'
+    refute arg_config[:all].required, 'The --all option should not be required'
+    assert_equal 0, cli_class.instance_method(:list).arity, 'The list command should take no arguments'
+  end
+  def test_search_args
+    arg_config = cli_class.all_commands['search'].options
+    assert_equal 2, arg_config.count, 'The search command should have 2 options'
+    assert_includes arg_config.keys, :all, 'The search command should have an --all option'
+    assert_equal :boolean, arg_config[:all].type, 'The --all option should be boolean'
+    assert_equal :a, arg_config[:all].aliases.first, 'The --all option should be aliased as -a'
+    refute_nil arg_config[:all].description, 'The --all option should have a description'
+    refute arg_config[:all].required, 'The --all option should not be required'
+    assert_includes arg_config.keys, :exact, 'The search command should have an --exact option'
+    assert_equal :boolean, arg_config[:exact].type, 'The --exact option should be boolean'
+    assert_equal :e, arg_config[:exact].aliases.first, 'The --exact option should be aliased as -e'
+    refute_nil arg_config[:exact].description, 'The --exact option should have a description'
+    refute arg_config[:exact].required, 'The --exact option should not be required'
+    assert_equal 1, cli_class.instance_method(:search).arity, 'The search command should take one argument'
+  end
+  def test_install_args
+    arg_config = cli_class.all_commands['install'].options
+    assert_equal 1, arg_config.count, 'The install command should have 1 option'
+    assert_includes arg_config.keys, :version, 'The install command should have a --version option'
+    assert_equal :string, arg_config[:version].type, 'The --version option should be a string'
+    assert_equal :v, arg_config[:version].aliases.first, 'The --version option should be aliased as -v'
+    refute_nil arg_config[:version].description, 'The --version option should have a description'
+    refute arg_config[:version].required, 'The --version option should not be required'
+    assert_equal 1, cli_class.instance_method(:install).arity, 'The install command should take one argument'
+  end
+  def test_update_args
+    # TODO: allow specifying version
+    arg_config = cli_class.all_commands['update'].options
+    assert_equal 0, arg_config.count, 'The update command should have no options'
+    assert_equal 1, cli_class.instance_method(:update).arity, 'The update command should take one argument'
+  end
+  def test_uninstall_args
+    arg_config = cli_class.all_commands['uninstall'].options
+    assert_equal 0, arg_config.count, 'The uninstall command should have no options'
+    assert_equal 1, cli_class.instance_method(:uninstall).arity, 'The uninstall command should take one argument'
+  end
+end

data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb ADDED

@@ -0,0 +1,20 @@
+require_relative '../../../shared/core_plugin_test_helper.rb'
+#-----------------------------------------------------------------------#
+# Plugin Definition
+#-----------------------------------------------------------------------#
+class PluginManagerCliDefinitionTests < MiniTest::Test
+  include CorePluginUnitHelper
+  def test_plugin_registered
+    loader = Inspec::Plugin::V2::Loader.new
+    loader.load_all # We want to ensure it is auto-loaded
+    assert registry.known_plugin?(:'inspec-plugin-manager-cli'), 'inspec-plugin-manager-cli should be registered'
+    assert registry.loaded_plugin?(:'inspec-plugin-manager-cli'), 'inspec-plugin-manager-cli should be loaded'
+    status = registry[:'inspec-plugin-manager-cli']
+    assert_equal 2, status.api_generation, 'inspec-plugin-manager-cli should be v2'
+    assert_includes status.plugin_types, :cli_command, 'inspec-plugin-manager-cli should have cli_command activators'
+  end
+end

data/lib/plugins/shared/core_plugin_test_helper.rb CHANGED

@@ -11,12 +11,32 @@ require 'ostruct'
 # Utilities often needed
 require 'fileutils'
+require 'tmpdir'
+require 'pathname'
+require 'forwardable'
 # Configure MiniTest to expose things like `let`
 class Module
   include Minitest::Spec::DSL
 end
+module Inspec
+  class FuncTestRunResult
+    attr_reader :train_result
+    attr_reader :payload
+    extend Forwardable
+    def_delegator :train_result, :stdout
+    def_delegator :train_result, :stderr
+    def_delegator :train_result, :exit_status
+    def initialize(train_result)
+      @train_result = train_result
+      @payload = OpenStruct.new
+    end
+  end
+end
 module CorePluginBaseHelper
   let(:repo_path) { File.expand_path(File.join(__FILE__, '..', '..', '..', '..')) }
   let(:inspec_bin_path) { File.join(repo_path, 'bin', 'inspec') }
@@ -40,11 +60,90 @@ module CorePluginFunctionalHelper
     elsif opts.key?(:env)
       prefix = opts[:env].to_a.map { |assignment| "#{assignment[0]}=#{assignment[1]}" }.join(' ')
     end
-    TRAIN_CONNECTION.run_command("#{prefix} #{inspec_bin_path} #{command_line}")
+    Inspec::FuncTestRunResult.new(TRAIN_CONNECTION.run_command("#{prefix} #{inspec_bin_path} #{command_line}"))
+  end
+  # This helper does some fancy footwork to make InSpec think a plugin
+  # under development is temporarily installed.
+  # @param String command_line Invocation, without the word 'inspec'
+  # @param Hash opts options as for run_inspec_process, with more options:
+  #    :pre_run: Proc(plugin_statefile_data, tmp_dir_path) - optional setup block.
+  #       Modify plugin_statefile_data as needed; it will be written to a plugins.json
+  #       in tmp_dir_path.  You may also copy in other things to the tmp_dir_path. Your PWD
+  #       will be in the tmp_dir, and it will exist and be empty.
+  #    :post_run: Proc(FuncTestRunResult, tmp_dir_path) - optional result capture block.
+  #       run_result will be populated, but you can add more to the ostruct .payload
+  #       Your PWD will be the tmp_dir, and it will still exist (for a moment!)
+  def run_inspec_process_with_this_plugin(command_line, opts = {})
+    plugin_path = __find_plugin_path_from_caller
+    # If it looks like it is a core plugin under test, don't add it to the plugin file
+    # since the loader will auto-load it anyway
+    if plugin_path.include?('lib/plugins/inspec-')
+      plugin_file_data = __make_empty_plugin_file_data_structure
+    else
+      plugin_file_data = __make_plugin_file_data_structure_with_path(plugin_path)
+    end
+    Dir.mktmpdir do |tmp_dir|
+      opts[:pre_run]&.call(plugin_file_data, tmp_dir)
+      plugin_file_path = File.join(tmp_dir, 'plugins.json')
+      # HACK: If the block cleared the hash, take that to mean it will provide a plugins.json file of its own.
+      File.write(plugin_file_path, JSON.generate(plugin_file_data)) unless plugin_file_data.empty?
+      opts[:env] ||= {}
+      opts[:env]['INSPEC_CONFIG_DIR'] = tmp_dir
+      run_result = run_inspec_process(command_line, opts)
+      # Read the resulting plugins.json into memory, if any
+      if File.exist?(plugin_file_path)
+        run_result.payload.plugin_data = JSON.parse(File.read(plugin_file_path))
+      end
+      opts[:post_run]&.call(run_result, tmp_dir)
+      run_result
+    end
+  end
+  def __find_plugin_path_from_caller(frames_back = 2)
+    caller_path = Pathname.new(caller_locations(frames_back, 1).first.absolute_path)
+    # Typical caller path:
+    # /Users/cwolfe/sandbox/inspec-resource-lister/test/functional/inspec_resource_lister_test.rb
+    # We want:
+    # /Users/cwolfe/sandbox/inspec-resource-lister/lib/inspec-resource-lister.rb
+    cursor = caller_path
+    until cursor.basename.to_s == 'test' && cursor.parent.basename.to_s =~ /^(inspec|train)-/
+      cursor = cursor.parent
+      break if cursor.nil?
+    end
+    raise 'Could not comprehend plugin project directory structure' if cursor.nil?
+    project_dir = cursor.parent
+    plugin_name = project_dir.basename
+    entry_point = File.join(project_dir.to_s, 'lib', plugin_name.to_s + '.rb')
+    raise 'Could not find plugin entry point' unless File.exist?(entry_point)
+    entry_point
+  end
+  def __make_plugin_file_data_structure_with_path(path)
+    # TODO: dry this up, refs #3350
+    plugin_name = File.basename(path, '.rb')
+    data = __make_empty_plugin_file_data_structure
+    data['plugins'] << {
+      'name' => plugin_name,
+      'installation_type' => 'path',
+      'installation_path' => path,
+    }
+  end
+  def __make_empty_plugin_file_data_structure
+    # TODO: dry this up, refs #3350
+    {
+      'plugins_config_version' => '1.0.0',
+      'plugins' => [],
+    }
   end
 end
 module CorePluginUnitHelper
   include CorePluginBaseHelper
-  require 'inspec'
 end

data/lib/plugins/things-for-train-integration.rb ADDED

@@ -0,0 +1,14 @@
+# docs/plugins
+# Update that train plugins are now possible
+# test/unit/plugin/v2/loader_test.rb
+# TODO: loading all plugins does not activate Train plugins
+# lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb
+# ~ Should be able to install a train plugin - in place, will fail until plugin published
+# ~ Should be able to search for a train plugin - in place, will fail until plugin published
+# test/functional/plugins_test.rb
+# % Should be able to suggest a train transport plugin when an unsupported --target schema is used and a gem search is successful
+# % Should be able to suggest a train transport plugin when an unrecognized profile platform declaration is used and a gem search is successful
+# - Should be able to run inspec detect targeting a test target

data/lib/resources/port.rb CHANGED

@@ -473,22 +473,26 @@ module Inspec::Resources
     def parse_netstat_line(line)
       # parse each line
-      # 1 - Proto, 2 - Recv-Q, 3 - Send-Q, 4 - Local Address, 5 - Foreign Address, 6 - State, 7 - Inode, 8 - PID/Program name
-      parsed = /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)?\s+(\S+)\s+(\S+)\s+(\S+)/.match(line)
+      # 1 - Proto, 2 - Recv-Q, 3 - Send-Q, 4 - Local Address, 5 - Foreign Address, 6 - State, 7 - User, 8 - Inode, 9 - PID/Program name
+      # * UDP lines have an empty State column and the Busybox variant lacks
+      # the User and Inode columns.
+      reg =  /^(?<proto>\S+)\s+(\S+)\s+(\S+)\s+(?<local_addr>\S+)\s+(?<foreign_addr>\S+)\s+(\S+)?\s+((\S+)\s+(\S+)\s+)?(?<pid_prog>\S+)/
+      parsed = reg.match(line)
       return {} if parsed.nil? || line.match(/^proto/i)
       # parse ip4 and ip6 addresses
-      protocol = parsed[1].downcase
+      protocol = parsed[:proto].downcase
       # detect protocol if not provided
-      protocol += '6' if parsed[4].count(':') > 1 && %w{tcp udp}.include?(protocol)
+      protocol += '6' if parsed[:local_addr].count(':') > 1 && %w{tcp udp}.include?(protocol)
       # extract host and port information
-      host, port = parse_net_address(parsed[4], protocol)
+      host, port = parse_net_address(parsed[:local_addr], protocol)
       return {} if host.nil?
       # extract PID
-      process = parsed[9].split('/')
+      process = parsed[:pid_prog].split('/')
       pid = process[0]
       pid = pid.to_i if pid =~ /^\d+$/
       process = process[1]

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 2.2.112
+  version: 2.3.4
 platform: ruby
 authors:
 - Dominik Richter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-09-19 00:00:00.000000000 Z
+date: 2018-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train-core
@@ -16,20 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.37
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.37
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -308,6 +302,7 @@ files:
 - docs/dev/control-eval.md
 - docs/dev/filtertable-internals.md
 - docs/dev/filtertable-usage.md
+- docs/dev/integration-testing.md
 - docs/dev/plugins.md
 - docs/dsl_inspec.md
 - docs/dsl_resource.md
@@ -318,6 +313,7 @@ files:
 - docs/migration.md
 - docs/platforms.md
 - docs/plugin_kitchen_inspec.md
+- docs/plugins.md
 - docs/profiles.md
 - docs/reporters.md
 - docs/resources/aide_conf.md.erb
@@ -424,13 +420,13 @@ files:
 - docs/resources/yum.md.erb
 - docs/resources/zfs_dataset.md.erb
 - docs/resources/zfs_pool.md.erb
-- docs/ruby_usage.md
 - docs/shared/matcher_be.md.erb
 - docs/shared/matcher_cmp.md.erb
 - docs/shared/matcher_eq.md.erb
 - docs/shared/matcher_include.md.erb
 - docs/shared/matcher_match.md.erb
 - docs/shell.md
+- docs/style.md
 - examples/README.md
 - examples/custom-resource/README.md
 - examples/custom-resource/controls/example.rb
@@ -466,6 +462,22 @@ files:
 - examples/meta-profile/README.md
 - examples/meta-profile/controls/example.rb
 - examples/meta-profile/inspec.yml
+- examples/plugins/inspec-resource-lister/Gemfile
+- examples/plugins/inspec-resource-lister/LICENSE
+- examples/plugins/inspec-resource-lister/README.md
+- examples/plugins/inspec-resource-lister/Rakefile
+- examples/plugins/inspec-resource-lister/inspec-resource-lister.gemspec
+- examples/plugins/inspec-resource-lister/lib/inspec-resource-lister.rb
+- examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/cli_command.rb
+- examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/plugin.rb
+- examples/plugins/inspec-resource-lister/lib/inspec-resource-lister/version.rb
+- examples/plugins/inspec-resource-lister/test/fixtures/README.md
+- examples/plugins/inspec-resource-lister/test/functional/README.md
+- examples/plugins/inspec-resource-lister/test/functional/inspec_resource_lister_test.rb
+- examples/plugins/inspec-resource-lister/test/helper.rb
+- examples/plugins/inspec-resource-lister/test/unit/README.md
+- examples/plugins/inspec-resource-lister/test/unit/cli_args_test.rb
+- examples/plugins/inspec-resource-lister/test/unit/plugin_def_test.rb
 - examples/profile-attribute.yml
 - examples/profile-attribute/README.md
 - examples/profile-attribute/controls/example.rb
@@ -561,6 +573,7 @@ files:
 - lib/inspec/plugin/v1/registry.rb
 - lib/inspec/plugin/v2.rb
 - lib/inspec/plugin/v2/activator.rb
+- lib/inspec/plugin/v2/installer.rb
 - lib/inspec/plugin/v2/loader.rb
 - lib/inspec/plugin/v2/plugin_base.rb
 - lib/inspec/plugin/v2/plugin_types/cli.rb
@@ -614,7 +627,21 @@ files:
 - lib/plugins/inspec-init/lib/inspec-init/templates/profile/inspec.yml
 - lib/plugins/inspec-init/lib/inspec-init/templates/profile/libraries/.gitkeep
 - lib/plugins/inspec-init/test/functional/inspec_init_test.rb
+- lib/plugins/inspec-plugin-manager-cli/README.md
+- lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb
+- lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb
+- lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/config_dirs/empty/.gitkeep
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-egg-white-omelette/lib/inspec-egg-white-omelette.rb
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-egg-white-omelette/lib/inspec-egg-white-omelette/.gitkeep
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/inspec-wrong-structure/.gitkeep
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb
+- lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name/.gitkeep
+- lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb
+- lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb
+- lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb
 - lib/plugins/shared/core_plugin_test_helper.rb
+- lib/plugins/things-for-train-integration.rb
 - lib/resources/aide_conf.rb
 - lib/resources/apache.rb
 - lib/resources/apache_conf.rb

data/docs/ruby_usage.md DELETED

@@ -1,204 +0,0 @@
-# Using Ruby in InSpec
-The InSpec DSL is a Ruby based DSL for writing audit controls, which
-includes audit resources that you can invoke. Core and custom resources
-are written as regular Ruby classes which inherit from
-`Inspec.resource`.
-Assuming we have a JSON file like this on the node to be tested:
-```json
-{
-  "keys":[
-    {"username":"john", "key":"/opt/keys/johnd.key"},
-    {"username":"jane", "key":"/opt/keys/janed.key"},
-    {"username":"sunny ", "key":"/opt/keys/sunnym.key"}
-  ]
-}
-```
-The following example shows how you can use pure Ruby code(variables,
-loops, conditionals, regular expressions, etc) to run a few tests
-against the above JSON file:
-```ruby
-control 'check-interns' do
-  # use the json InSpec resource to get the file
-  json_obj = json('/opt/keys/interns.json')
-  describe json_obj do
-    its('keys') { should_not eq nil }
-  end
-  if json_obj['keys']
-    # loop over the keys array
-    json_obj['keys'].each do |intern|
-      username = intern['username'].strip
-      # check for white spaces chars in usernames
-      describe username do
-        it { should_not match(/\s/) }
-      end
-      # check key file owners and permissions
-      describe file(intern['key']) do
-        it { should be_owned_by username }
-        its('mode') { should cmp '0600' }
-      end
-    end
-  end
-end
-```
-## Execution
-It's important to understand that Ruby code used in custom resources and
-controls DSL is executed on the system that runs InSpec. This allows
-InSpec to work without Ruby and rubygems being required on remote
-targets(servers or containers).
-For example, using `` `ls ``\` or `system('ls')` will result in the `ls`
-command being run locally and not on the target(remote) system. In order
-to process the output of `ls` executed on the target system, use
-`inspec.command('ls')` or `inspec.powershell('ls')`
-Similarly, use `inspec.file(PATH)` to access files or directories from
-remote systems in your tests or custom resources.
-## Using rubygems
-Ruby gems are self-contained programs and libraries. If you create a custom
-resource please vendor gems into the library. This ensures that all resources
-are self-contained and complete and don't need any resolution at runtime. We
-vendor resources and requirements through dependency resolution, which is
-independent of programming languages and their resolver mechanisms.
-## Interactive Debugging with Pry
-Here's a sample InSpec control that users Ruby variables to instantiate
-an InSpec resource once and use the content in multiple tests.
-```ruby
-control 'check-perl' do
-  impact 0.3
-  title 'Check perl compiled options and permissions'
-  perl_out = command('perl -V')
-  #require 'pry'; binding.pry;
-  describe perl_out do
-    its('exit_status') { should eq 0 }
-    its('stdout') { should match (/USE_64_BIT_ALL/) }
-    its('stdout') { should match (/useposix=true/) }
-    its('stdout') { should match (/-fstack-protector/) }
-  end
-  # extract an array of include directories
-  perl_inc = perl_out.stdout.partition('@INC:').last.strip.split("\n")
-  # ensure include directories are only writable by 'owner'
-  perl_inc.each do |path|
-    describe directory(path.strip) do
-      it { should_not be_writable.by('group') }
-      it { should_not be_writable.by('other') }
-    end
-  end
-end
-```
-An **advanced** but very useful Ruby tip. In the previous example, I
-commented out the `require 'pry'; binding.pry;` line. If you remove the
-`#` prefix and run the control, the execution will stop at that line and
-give you a `pry` shell. Use that to troubleshoot, print variables, see
-methods available, etc. For the above example:
-```ruby
-[1] pry> perl_out.exit_status
-=> 0
-[2] pry> perl_out.stderr
-=> ""
-[3] pry> ls perl_out
-Inspec::Plugins::Resource#methods: inspect
-Inspec::Resources::Cmd#methods: command  exist?  exit_status  result  stderr  stdout  to_s
-Inspec::Resource::Registry::Command#methods: inspec
-instance variables: @__backend_runner__  @__resource_name__  @command  @result
-[4] pry> perl_out.stdout.partition('@INC:').last.strip.split("\n")
-=> ["/Library/Perl/5.18/darwin-thread-multi-2level",
- "    /Library/Perl/5.18",
-...REDACTED...
-[5] pry> exit    # or abort
-```
-You can use `pry` inside both the controls DSL and resources. Similarly,
-for dev and test, you can use `inspec shell` which is based on `pry`,
-for example:
-```ruby
-$ inspec shell
-Welcome to the interactive InSpec Shell
-To find out how to use it, type: help
-inspec> command('ls /home/gordon/git/inspec/docs').stdout
-=> "ctl_inspec.rst\ndsl_inspec.rst\ndsl_resource.rst\n"
-inspec> command('ls').stdout.split("\n")
-=> ["ctl_inspec.rst", "dsl_inspec.rst", "dsl_resource.rst"]
-inspec> help command
-Name: command
-Description:
-Use the command InSpec audit resource to test an arbitrary command that is run on the system.
-Example:
-describe command('ls -al /') do
-  it { should exist }
-  its('stdout') { should match /bin/ }
-  its('stderr') { should eq '' }
-  its('exit_status') { should eq 0 }
-end
-```
-## Shelling out in tests
-When writing tests you can not use standard ruby methods to shellout as it tries to execute those commands locally.
-However, the `command` resource has a `.stdout` method that will allow you to manipulate the results.
-Using the above example, you could check the writes on several subdirectories.
-### Example 1
-```ruby
-$ inspec shell
-Welcome to the interactive InSpec Shell
-To find out how to use it, type: help
-inspec> output=command('echo test').stdout
-=> "test\n"
-inspec> describe command('echo test') do
-inspec>   its('stdout') { should eq output }
-inspec> end
-Profile: inspec-shell
-Version: (not specified)
-  Command echo
-     ✔  test stdout should eq "test\n"
-Test Summary: 1 successful, 0 failures, 0 skipped
-```
-### Example 2
-```ruby
-$ inspec shell
-Welcome to the interactive InSpec Shell
-To find out how to use it, type: help
-inspec> dirs = command('ls -d /home/gordon/git/inspec/docs').stdout.split("\n")
-=> ["/home/gordon/git/inspec/docs"]
-inspec> dirs.each do |dir|
-inspec>   describe directory(dir) do
-inspec>     its('mode') { should cmp '0775' }
-inspec>   end
-inspec> end
-Profile: inspec-shell
-Version: (not specified)
-  File /home/gordon/git/inspec/docs/
-     ✔  mode should cmp == "0775"
-Test Summary: 1 successful, 0 failures, 0 skipped
-```