RubyGems - inspec-core - Versions diffs - 2.2.55 → 2.2.61 - Mend

inspec-core 2.2.55 → 2.2.61

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (115) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +24 -8
data/docs/resources/aide_conf.md.erb +10 -0
data/docs/resources/apache.md.erb +10 -0
data/docs/resources/apache_conf.md.erb +10 -0
data/docs/resources/apt.md.erb +10 -0
data/docs/resources/audit_policy.md.erb +10 -0
data/docs/resources/auditd.md.erb +10 -0
data/docs/resources/auditd_conf.md.erb +10 -0
data/docs/resources/bash.md.erb +10 -0
data/docs/resources/bond.md.erb +10 -0
data/docs/resources/bridge.md.erb +10 -0
data/docs/resources/bsd_service.md.erb +10 -0
data/docs/resources/chocolatey_package.md.erb +10 -0
data/docs/resources/command.md.erb +10 -0
data/docs/resources/cpan.md.erb +10 -0
data/docs/resources/cran.md.erb +10 -0
data/docs/resources/crontab.md.erb +10 -0
data/docs/resources/csv.md.erb +10 -0
data/docs/resources/dh_params.md.erb +10 -0
data/docs/resources/directory.md.erb +10 -0
data/docs/resources/docker.md.erb +21 -0
data/docs/resources/docker_container.md.erb +10 -0
data/docs/resources/docker_image.md.erb +10 -0
data/docs/resources/docker_plugin.md.erb +80 -0
data/docs/resources/docker_service.md.erb +10 -0
data/docs/resources/elasticsearch.md.erb +10 -0
data/docs/resources/etc_fstab.md.erb +10 -0
data/docs/resources/etc_group.md.erb +10 -0
data/docs/resources/etc_hosts.md.erb +10 -0
data/docs/resources/etc_hosts_allow.md.erb +10 -0
data/docs/resources/etc_hosts_deny.md.erb +10 -0
data/docs/resources/file.md.erb +10 -0
data/docs/resources/filesystem.md.erb +10 -0
data/docs/resources/firewalld.md.erb +10 -0
data/docs/resources/gem.md.erb +10 -0
data/docs/resources/group.md.erb +10 -0
data/docs/resources/grub_conf.md.erb +10 -0
data/docs/resources/host.md.erb +10 -0
data/docs/resources/http.md.erb +10 -0
data/docs/resources/iis_app.md.erb +10 -0
data/docs/resources/iis_site.md.erb +10 -0
data/docs/resources/inetd_conf.md.erb +10 -0
data/docs/resources/ini.md.erb +10 -0
data/docs/resources/interface.md.erb +10 -0
data/docs/resources/iptables.md.erb +10 -0
data/docs/resources/json.md.erb +10 -0
data/docs/resources/kernel_module.md.erb +10 -0
data/docs/resources/kernel_parameter.md.erb +10 -0
data/docs/resources/key_rsa.md.erb +10 -0
data/docs/resources/launchd_service.md.erb +10 -0
data/docs/resources/limits_conf.md.erb +10 -0
data/docs/resources/login_defs.md.erb +10 -0
data/docs/resources/mount.md.erb +10 -0
data/docs/resources/mssql_session.md.erb +10 -0
data/docs/resources/mysql_conf.md.erb +10 -0
data/docs/resources/mysql_session.md.erb +10 -0
data/docs/resources/nginx.md.erb +10 -0
data/docs/resources/nginx_conf.md.erb +10 -0
data/docs/resources/npm.md.erb +10 -0
data/docs/resources/ntp_conf.md.erb +10 -0
data/docs/resources/oneget.md.erb +10 -0
data/docs/resources/oracledb_session.md.erb +10 -0
data/docs/resources/os.md.erb +10 -0
data/docs/resources/os_env.md.erb +10 -0
data/docs/resources/package.md.erb +10 -0
data/docs/resources/packages.md.erb +10 -0
data/docs/resources/parse_config.md.erb +10 -0
data/docs/resources/parse_config_file.md.erb +10 -0
data/docs/resources/passwd.md.erb +10 -0
data/docs/resources/pip.md.erb +10 -0
data/docs/resources/port.md.erb +10 -0
data/docs/resources/postgres_conf.md.erb +10 -0
data/docs/resources/postgres_hba_conf.md.erb +10 -0
data/docs/resources/postgres_ident_conf.md.erb +10 -0
data/docs/resources/postgres_session.md.erb +10 -0
data/docs/resources/powershell.md.erb +10 -0
data/docs/resources/processes.md.erb +10 -0
data/docs/resources/rabbitmq_config.md.erb +10 -0
data/docs/resources/registry_key.md.erb +38 -2
data/docs/resources/runit_service.md.erb +10 -0
data/docs/resources/security_policy.md.erb +10 -0
data/docs/resources/service.md.erb +10 -0
data/docs/resources/shadow.md.erb +10 -0
data/docs/resources/ssh_config.md.erb +10 -0
data/docs/resources/sshd_config.md.erb +10 -0
data/docs/resources/ssl.md.erb +10 -0
data/docs/resources/sys_info.md.erb +10 -0
data/docs/resources/systemd_service.md.erb +10 -0
data/docs/resources/sysv_service.md.erb +10 -0
data/docs/resources/upstart_service.md.erb +10 -0
data/docs/resources/user.md.erb +10 -0
data/docs/resources/users.md.erb +10 -0
data/docs/resources/vbscript.md.erb +10 -0
data/docs/resources/virtualization.md.erb +10 -0
data/docs/resources/windows_feature.md.erb +10 -0
data/docs/resources/windows_hotfix.md.erb +10 -0
data/docs/resources/windows_task.md.erb +10 -0
data/docs/resources/wmi.md.erb +10 -0
data/docs/resources/x509_certificate.md.erb +10 -0
data/docs/resources/xinetd_conf.md.erb +10 -0
data/docs/resources/xml.md.erb +10 -0
data/docs/resources/yaml.md.erb +10 -0
data/docs/resources/yum.md.erb +10 -0
data/docs/resources/zfs_dataset.md.erb +10 -0
data/docs/resources/zfs_pool.md.erb +10 -0
data/lib/inspec/base_cli.rb +2 -2
data/lib/inspec/cli.rb +3 -2
data/lib/inspec/resource.rb +2 -0
data/lib/inspec/runner.rb +2 -4
data/lib/inspec/version.rb +1 -1
data/lib/resources/docker.rb +34 -0
data/lib/resources/docker_plugin.rb +63 -0
data/lib/resources/iis_app_pool.rb +116 -0
metadata +5 -2

data/docs/resources/pip.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `pip` InSpec audit resource to test packages that are installed using th
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `pip` resource block declares a package and (optionally) a package version:

data/docs/resources/port.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `port` InSpec audit resource to test basic port properties, such as port
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `port` resource block declares a port, and then depending on what needs to be tested, a process, protocol, process identifier, and its state (is it listening?):

data/docs/resources/postgres_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_conf` InSpec audit resource to test the contents of the config
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `postgres_conf` resource block declares one (or more) settings in the `postgresql.conf` file, and then compares the setting in the configuration file to the value stated in the test:

data/docs/resources/postgres_hba_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_hba_conf` InSpec audit resource to test the client authenticat
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.31.0 of InSpec.
 ## Syntax
 An `postgres_hba_conf` InSpec audit resource block declares client authentication data that should be tested:

data/docs/resources/postgres_ident_conf.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_ident_conf` InSpec audit resource to test the client authentic
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.31.0 of InSpec.
 ## Syntax
 An `postgres_ident_conf` InSpec audit resource block declares client authentication data that should be tested:

data/docs/resources/postgres_session.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `postgres_session` InSpec audit resource to test SQL commands run agains
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `postgres_session` resource block declares the username and password to use for the session, and then the command to be run:

data/docs/resources/powershell.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `powershell` InSpec audit resource to test a Powershell script on the Wi
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `powershell` resource block declares a Powershell script to be tested, and then compares the output of that command to the matcher in the test:

data/docs/resources/processes.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `processes` InSpec audit resource to test properties for programs that a
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `processes` resource block declares the name of the process to be tested, and then declares one (or more) property/value pairs:

data/docs/resources/rabbitmq_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `rabbitmq_config` InSpec audit resource to test configuration data for t
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.20.0 of InSpec.
 ## Syntax
 A `rabbitmq_config` resource block declares the RabbitMQ configuration data to be tested:

data/docs/resources/registry_key.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `registry_key` InSpec audit resource to test key values in the Windows r
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `registry_key` resource block declares the item in the Windows registry, the path to a setting under that item, and then one (or more) name/value pairs to be tested.
@@ -157,5 +167,31 @@ Any name with a dot will not work as expected: <code>its('explorer.exe') { shoul
     # either use have_property_value...
     it { should have_property_value('explorer.exe', :string, 'test') }
-    # ...or provide the parts of the dot-separated name in an array
-    its(['explorer', 'exe']) { should eq 'test' }
+    # ...or provide the name in an array
+    its(['explorer.exe']) { should eq 'test' }
+The latter workaround may be preferable because upon failure, Inspec will present the expected and actual values:
+    inspec> describe registry_key('HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop') do
+    inspec>   its(["SCRNSAVE.EXE"]) { should eq "FlyingToasters.scr" }
+    inspec> end
+    Profile: inspec-shell
+    Version: (not specified)
+      Registry Key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop
+         ×  ["SCRNSAVE.EXE"] should eq "FlyingToasters.scr"
+         expected: "FlyingToasters.scr"
+              got: "scrnsave.scr"
+         (compared using ==)
+    Test Summary: 0 successful, 1 failure, 0 skipped
+`have_property_value` only presents a false assertion:
+      Registry Key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Windows\Control Panel\Desktop
+         ×  should have property value "SCRNSAVE.EXE", "FlyingToasters.scr"
+         expected #has_property_value?("SCRNSAVE.EXE", "FlyingToasters.scr") to return true, got false

data/docs/resources/runit_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `runit_service` InSpec audit resource to test a service using runit.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `runit_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/security_policy.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `security_policy` InSpec audit resource to test security policies on the
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `security_policy` resource block declares the name of a security policy and the value to be tested:

data/docs/resources/service.md.erb CHANGED Viewed

@@ -11,6 +11,16 @@ Under some circumstances, it may be necessary to specify the service manager by
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/shadow.md.erb CHANGED Viewed

@@ -26,6 +26,16 @@ The `shadow` resource understands this format, allows you to search on the field
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Resource Parameters
 The `shadow` resource takes one optional parameter: the path to the shadow file. If omitted, `/etc/shadow` is assumed.

data/docs/resources/ssh_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `ssh_config` InSpec audit resource to test OpenSSH client configuration
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `ssh_config` resource block declares the client OpenSSH configuration data to be tested:

data/docs/resources/sshd_config.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sshd_config` InSpec audit resource to test configuration data for the O
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `sshd_config` resource block declares the client OpenSSH configuration data to be tested:

data/docs/resources/ssl.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `ssl` InSpec audit resource to test SSL settings for the named port.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `ssl` resource block declares an SSL port, and then other properties of the test like cipher and/or protocol:

data/docs/resources/sys_info.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sys_info` InSpec audit resource to test for operating system properties
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `sys_info` resource block declares the hostname to be tested:

data/docs/resources/systemd_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `systemd_service` InSpec audit resource to test a service using SystemD.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `systemd_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/sysv_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `sysv_service` InSpec audit resource to test a service using SystemV.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `sysv_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/upstart_service.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `upstart_service` InSpec audit resource to test a service using Upstart.
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 An `upstart_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:

data/docs/resources/user.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `user` InSpec audit resource to test user profiles for a single, known/e
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `user` resource block declares a user name, and then one (or more) matchers:

data/docs/resources/users.md.erb CHANGED Viewed

@@ -9,6 +9,16 @@ Use the `users` InSpec audit resource to look up all local users available on th
 <br>
+## Availability
+### Installation
+This resource is distributed along with InSpec itself. You can use it automatically.
+### Version
+This resource first became available in v1.0.0 of InSpec.
 ## Syntax
 A `users` resource block declares a user name, and then one (or more) matchers: