RubyGems - inspec-core - Versions diffs - 2.2.55 → 2.2.61 - Mend

inspec-core 2.2.55 → 2.2.61

Files changed (115) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +24 -8
data/docs/resources/aide_conf.md.erb +10 -0
data/docs/resources/apache.md.erb +10 -0
data/docs/resources/apache_conf.md.erb +10 -0
data/docs/resources/apt.md.erb +10 -0
data/docs/resources/audit_policy.md.erb +10 -0
data/docs/resources/auditd.md.erb +10 -0
data/docs/resources/auditd_conf.md.erb +10 -0
data/docs/resources/bash.md.erb +10 -0
data/docs/resources/bond.md.erb +10 -0
data/docs/resources/bridge.md.erb +10 -0
data/docs/resources/bsd_service.md.erb +10 -0
data/docs/resources/chocolatey_package.md.erb +10 -0
data/docs/resources/command.md.erb +10 -0
data/docs/resources/cpan.md.erb +10 -0
data/docs/resources/cran.md.erb +10 -0
data/docs/resources/crontab.md.erb +10 -0
data/docs/resources/csv.md.erb +10 -0
data/docs/resources/dh_params.md.erb +10 -0
data/docs/resources/directory.md.erb +10 -0
data/docs/resources/docker.md.erb +21 -0
data/docs/resources/docker_container.md.erb +10 -0
data/docs/resources/docker_image.md.erb +10 -0
data/docs/resources/docker_plugin.md.erb +80 -0
data/docs/resources/docker_service.md.erb +10 -0
data/docs/resources/elasticsearch.md.erb +10 -0
data/docs/resources/etc_fstab.md.erb +10 -0
data/docs/resources/etc_group.md.erb +10 -0
data/docs/resources/etc_hosts.md.erb +10 -0
data/docs/resources/etc_hosts_allow.md.erb +10 -0
data/docs/resources/etc_hosts_deny.md.erb +10 -0
data/docs/resources/file.md.erb +10 -0
data/docs/resources/filesystem.md.erb +10 -0
data/docs/resources/firewalld.md.erb +10 -0
data/docs/resources/gem.md.erb +10 -0
data/docs/resources/group.md.erb +10 -0
data/docs/resources/grub_conf.md.erb +10 -0
data/docs/resources/host.md.erb +10 -0
data/docs/resources/http.md.erb +10 -0
data/docs/resources/iis_app.md.erb +10 -0
data/docs/resources/iis_site.md.erb +10 -0
data/docs/resources/inetd_conf.md.erb +10 -0
data/docs/resources/ini.md.erb +10 -0
data/docs/resources/interface.md.erb +10 -0
data/docs/resources/iptables.md.erb +10 -0
data/docs/resources/json.md.erb +10 -0
data/docs/resources/kernel_module.md.erb +10 -0
data/docs/resources/kernel_parameter.md.erb +10 -0
data/docs/resources/key_rsa.md.erb +10 -0
data/docs/resources/launchd_service.md.erb +10 -0
data/docs/resources/limits_conf.md.erb +10 -0
data/docs/resources/login_defs.md.erb +10 -0
data/docs/resources/mount.md.erb +10 -0
data/docs/resources/mssql_session.md.erb +10 -0
data/docs/resources/mysql_conf.md.erb +10 -0
data/docs/resources/mysql_session.md.erb +10 -0
data/docs/resources/nginx.md.erb +10 -0
data/docs/resources/nginx_conf.md.erb +10 -0
data/docs/resources/npm.md.erb +10 -0
data/docs/resources/ntp_conf.md.erb +10 -0
data/docs/resources/oneget.md.erb +10 -0
data/docs/resources/oracledb_session.md.erb +10 -0
data/docs/resources/os.md.erb +10 -0
data/docs/resources/os_env.md.erb +10 -0
data/docs/resources/package.md.erb +10 -0
data/docs/resources/packages.md.erb +10 -0
data/docs/resources/parse_config.md.erb +10 -0
data/docs/resources/parse_config_file.md.erb +10 -0
data/docs/resources/passwd.md.erb +10 -0
data/docs/resources/pip.md.erb +10 -0
data/docs/resources/port.md.erb +10 -0
data/docs/resources/postgres_conf.md.erb +10 -0
data/docs/resources/postgres_hba_conf.md.erb +10 -0
data/docs/resources/postgres_ident_conf.md.erb +10 -0
data/docs/resources/postgres_session.md.erb +10 -0
data/docs/resources/powershell.md.erb +10 -0
data/docs/resources/processes.md.erb +10 -0
data/docs/resources/rabbitmq_config.md.erb +10 -0
data/docs/resources/registry_key.md.erb +38 -2
data/docs/resources/runit_service.md.erb +10 -0
data/docs/resources/security_policy.md.erb +10 -0
data/docs/resources/service.md.erb +10 -0
data/docs/resources/shadow.md.erb +10 -0
data/docs/resources/ssh_config.md.erb +10 -0
data/docs/resources/sshd_config.md.erb +10 -0
data/docs/resources/ssl.md.erb +10 -0
data/docs/resources/sys_info.md.erb +10 -0
data/docs/resources/systemd_service.md.erb +10 -0
data/docs/resources/sysv_service.md.erb +10 -0
data/docs/resources/upstart_service.md.erb +10 -0
data/docs/resources/user.md.erb +10 -0
data/docs/resources/users.md.erb +10 -0
data/docs/resources/vbscript.md.erb +10 -0
data/docs/resources/virtualization.md.erb +10 -0
data/docs/resources/windows_feature.md.erb +10 -0
data/docs/resources/windows_hotfix.md.erb +10 -0
data/docs/resources/windows_task.md.erb +10 -0
data/docs/resources/wmi.md.erb +10 -0
data/docs/resources/x509_certificate.md.erb +10 -0
data/docs/resources/xinetd_conf.md.erb +10 -0
data/docs/resources/xml.md.erb +10 -0
data/docs/resources/yaml.md.erb +10 -0
data/docs/resources/yum.md.erb +10 -0
data/docs/resources/zfs_dataset.md.erb +10 -0
data/docs/resources/zfs_pool.md.erb +10 -0
data/lib/inspec/base_cli.rb +2 -2
data/lib/inspec/cli.rb +3 -2
data/lib/inspec/resource.rb +2 -0
data/lib/inspec/runner.rb +2 -4
data/lib/inspec/version.rb +1 -1
data/lib/resources/docker.rb +34 -0
data/lib/resources/docker_plugin.rb +63 -0
data/lib/resources/iis_app_pool.rb +116 -0
metadata +5 -2

data/docs/resources/pip.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `pip` InSpec audit resource to test packages that are installed using th
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `pip` resource block declares a package and (optionally) a package version:

data/docs/resources/port.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `port` InSpec audit resource to test basic port properties, such as port
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `port` resource block declares a port, and then depending on what needs to be tested, a process, protocol, process identifier, and its state (is it listening?):

data/docs/resources/postgres_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_conf` InSpec audit resource to test the contents of the config
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `postgres_conf` resource block declares one (or more) settings in the `postgresql.conf` file, and then compares the setting in the configuration file to the value stated in the test:

data/docs/resources/postgres_hba_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_hba_conf` InSpec audit resource to test the client authenticat
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.31.0 of InSpec.
 ## Syntax
 An `postgres_hba_conf` InSpec audit resource block declares client authentication data that should be tested:

data/docs/resources/postgres_ident_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_ident_conf` InSpec audit resource to test the client authentic
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.31.0 of InSpec.
 ## Syntax
 An `postgres_ident_conf` InSpec audit resource block declares client authentication data that should be tested:

data/docs/resources/postgres_session.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_session` InSpec audit resource to test SQL commands run agains
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `postgres_session` resource block declares the username and password to use for the session, and then the command to be run:

data/docs/resources/powershell.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `powershell` InSpec audit resource to test a Powershell script on the Wi
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `powershell` resource block declares a Powershell script to be tested, and then compares the output of that command to the matcher in the test:

data/docs/resources/processes.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `processes` InSpec audit resource to test properties for programs that a
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `processes` resource block declares the name of the process to be tested, and then declares one (or more) property/value pairs:

data/docs/resources/rabbitmq_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `rabbitmq_config` InSpec audit resource to test configuration data for t
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.20.0 of InSpec.
 ## Syntax
 A `rabbitmq_config` resource block declares the RabbitMQ configuration data to be tested:

data/docs/resources/registry_key.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `registry_key` InSpec audit resource to test key values in the Windows r
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `registry_key` resource block declares the item in the Windows registry, the path to a setting under that item, and then one (or more) name/value pairs to be tested.
@@ -157,5 +167,31 @@ Any name with a dot will not work as expected: <code>its('explorer.exe') { shoul
     # either use have_property_value...
     it { should have_property_value('explorer.exe', :string, 'test') }
-    # ...or provide the parts of the dot-separated name in an array
-    its(['explorer', 'exe']) { should eq 'test' }
+    # ...or provide the name in an array
+    its(['explorer.exe']) { should eq 'test' }
+The latter workaround may be preferable because upon failure, Inspec will present the expected and actual values:
+    inspec> describe registry_key('HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop') do
+    inspec>   its(["SCRNSAVE.EXE"]) { should eq "FlyingToasters.scr" }
+    inspec> end
+    Profile: inspec-shell
+    Version: (not specified)
+      Registry Key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop
+         ×  ["SCRNSAVE.EXE"] should eq "FlyingToasters.scr"
+         expected: "FlyingToasters.scr"
+              got: "scrnsave.scr"
+         (compared using ==)
+    Test Summary: 0 successful, 1 failure, 0 skipped
+`have_property_value` only presents a false assertion:
+      Registry Key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop
+         ×  should have property value "SCRNSAVE.EXE", "FlyingToasters.scr"
+         expected #has_property_value?("SCRNSAVE.EXE", "FlyingToasters.scr") to return true, got false

data/docs/resources/runit_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `runit_service` InSpec audit resource to test a service using runit.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `runit_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/security_policy.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `security_policy` InSpec audit resource to test security policies on the
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `security_policy` resource block declares the name of a security policy and the value to be tested:

data/docs/resources/service.md.erb CHANGED Viewed

@@ -11,6 +11,16 @@ Under some circumstances, it may be necessary to specify the service manager by
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/shadow.md.erb CHANGED Viewed

@@ -26,6 +26,16 @@ The `shadow` resource understands this format, allows you to search on the field
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Resource Parameters
 The `shadow` resource takes one optional parameter: the path to the shadow file. If omitted, `/etc/shadow` is assumed.

data/docs/resources/ssh_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `ssh_config` InSpec audit resource to test OpenSSH client configuration
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `ssh_config` resource block declares the client OpenSSH configuration data to be tested:

data/docs/resources/sshd_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sshd_config` InSpec audit resource to test configuration data for the O
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `sshd_config` resource block declares the client OpenSSH configuration data to be tested:

data/docs/resources/ssl.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `ssl` InSpec audit resource to test SSL settings for the named port.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `ssl` resource block declares an SSL port, and then other properties of the test like cipher and/or protocol:

data/docs/resources/sys_info.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sys_info` InSpec audit resource to test for operating system properties
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `sys_info` resource block declares the hostname to be tested:

data/docs/resources/systemd_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `systemd_service` InSpec audit resource to test a service using SystemD.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `systemd_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/sysv_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sysv_service` InSpec audit resource to test a service using SystemV.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `sysv_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/upstart_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `upstart_service` InSpec audit resource to test a service using Upstart.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `upstart_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/user.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `user` InSpec audit resource to test user profiles for a single, known/e
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `user` resource block declares a user name, and then one (or more) matchers:

data/docs/resources/users.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `users` InSpec audit resource to look up all local users available on th
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `users` resource block declares a user name, and then one (or more) matchers: