inspec-core 2.3.10 → 2.3.23

data/docs/resources/os_env.md.erb

@@ -1,101 +0,0 @@
----
-title: About the os_env Resource
-platform: os
----
-
-# os_env
-
-Use the `os_env` InSpec audit resource to test the environment variables for the platform on which the system is running.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `os_env` resource block declares an environment variable, and then declares its value:
-
-    describe os_env('VARIABLE') do
-      its('property') { should eq 1 }
-    end
-
-where
-
-* `('VARIABLE')` must specify an environment variable, such as `PATH`
-* `matcher` is a valid matcher for this resource
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test the PATH environment variable
-
-    describe os_env('PATH') do
-      its('split') { should_not include('') }
-      its('split') { should_not include('.') }
-    end
-
-### Test the Path environment variable by specifying the target Environment (Windows)
-
-On windows a User's environment variable may obscure the local machine (system) environment variable.  The correct environment variable may be tested as follows:
-
-    describe os_env('PATH', 'target') do
-      its('split') { should_not include('') }
-      its('split') { should_not include('.') }
-    end
-
-where
-
-* `'target'` may be either `system` or `user` 
-
-### Test Habitat environment variables
-
-Habitat uses the `os_env` resource to test environment variables. The environment variables are first defined in a whitespace array, after which each environment variable is tested:
-
-    hab_env_vars = %w(HAB_AUTH_TOKEN
-                      HAB_CACHE_KEY_PATH
-                      HAB_DEPOT_URL
-                      HAB_ORG
-                      HAB_ORIGIN
-                      HAB_ORIGIN_KEYS
-                      HAB_RING
-                      HAB_RING_KEY
-                      HAB_STUDIOS_HOME
-                      HAB_STUDIO_ROOT
-                      HAB_USER)
-
-    hab_env_vars.each do |e|
-      describe os_env(e) do
-        its('content') { should eq nil }
-      end
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### content
-
-The `content` matcher return the value of the environment variable:
-
-    its('content') { should eq '/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin' }
-
-### split
-
-The `split` matcher splits the value of the environment variable with the `:` deliminator (use the `;` deliminator if Windows):
-
-    its('split') { should include ('/usr/bin') }
-
-Note: the `split` matcher returns an array including `""` for cases where there is a trailing colon (`:`), such as `dir1::dir2:`

data/docs/resources/package.md.erb

@@ -1,130 +0,0 @@
----
-title: About the package Resource
-platform: os
----
-
-# package
-
-Use the `package` InSpec audit resource to test if the named package and/or package version is installed on the system.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `package` resource block declares a package and (optionally) a package version:
-
-    describe package('name') do
-      it { should be_installed }
-    end
-
-where
-
-* `('name')` must specify the name of a package, such as `'nginx'`
-* `be_installed` is a valid matcher for this resource
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test if NGINX version 1.9.5 is installed
-
-    describe package('nginx') do
-      it { should be_installed }
-      its('version') { should eq '1.9.5' }
-    end
-
-### Test that a package is not installed
-
-    describe package('some_package') do
-      it { should_not be_installed }
-    end
-
-### Test if telnet is installed
-
-    describe package('telnetd') do
-      it { should_not be_installed }
-    end
-
-    describe inetd_conf do
-      its('telnet') { should eq nil }
-    end
-
-### Test if ClamAV (an antivirus engine) is installed and running
-
-    describe package('clamav') do
-      it { should be_installed }
-      its('version') { should eq '0.98.7' }
-    end
-
-    describe service('clamd') do
-      it { should_not be_enabled }
-      it { should_not be_installed }
-      it { should_not be_running }
-    end
-
-### Verify if a package is installed according to my rpm database
-
-    describe package('some_package', rpm_dbpath: '/var/lib/my_rpmdb') do
-      it { should be_installed }
-    end
-
-### Verify if Memcached is installed, enabled, and running
-
-Memcached is an in-memory key-value store that helps improve the performance of database-driven websites and can be installed, maintained, and tested using the `memcached` cookbook (maintained by Chef). The following example is from the `memcached` cookbook and shows how to use a combination of the `package`, `service`, and `port` InSpec audit resources to test if Memcached is installed, enabled, and running:
-
-    describe package('memcached') do
-      it { should be_installed }
-    end
-
-    describe service('memcached') do
-      it { should be_installed }
-      it { should be_enabled }
-      it { should be_running }
-    end
-
-    describe port(11_211) do
-      it { should be_listening }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### be_held
-
-The `be_held` matcher tests if the named package is "held". On dpkg platforms, a "held" package
-will not be upgraded to a later version.
-
-    it { should be_held }
-
-### be_installed
-
-The `be_installed` matcher tests if the named package is installed on the system:
-
-    it { should be_installed }
-
-### version
-
-The `version` matcher tests if the named package version is on the system:
-
-    its('version') { should eq '1.2.3' }
-
-You can also use the `cmp OPERATOR` matcher to perform comparisons using the version attribute:
-
-    its('version') { should cmp >= '7.35.0-1ubuntu3.10' }
-
-`cmp` understands version numbers using Gem::Version, and can use the operators `==, <, <=, >=, and >`.  It will compare versions by each segment, not as a string - so '7.4' is smaller than '7.30', for example.

data/docs/resources/packages.md.erb

@@ -1,77 +0,0 @@
----
-title: About the packages Resource
-platform: linux
----
-
-# packages
-
-Use the `packages` InSpec audit resource to test the properties of multiple packages on the system.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.51.15 of InSpec.
-
-## Syntax
-
-A `packages` resource block declares a regular expression search to select packages
-
-    describe packages(/name/) do
-      its('statuses') { should cmp 'installed' }
-    end
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Verify that no `xserver` packages are installed
-
-    describe package(/xserver/) do
-      its('statuses') { should_not cmp 'installed' }
-    end
-
-### Verify all `openssl` packages match a certain version
-
-    describe package(/openssl/) do
-      its('versions') { should cmp '1.0.1e-42.el7' }
-    end
-
-### Verify that both the `i686` and `x86_64` versions of `libgcc` are installed
-
-    describe package(/libgcc/) do
-      its('architectures') { should include 'x86_64' }
-      its('architectures') { should include 'i686' }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### statuses
-
-The `statuses` matcher tests if packages are installed on the system
-
-    its('statuses') { should cmp 'installed' }
-
-### versions
-
-The `versions` matcher tests the versions of the packages installed on the system
-
-    its('versions') { should cmp '3.4.0.2-4.el7' }
-
-### architectures
-
-The `architectures` matcher tests the architecture of packages installed on the system
-
-    its('architectures') { should include 'i686' }

data/docs/resources/parse_config.md.erb

@@ -1,113 +0,0 @@
----
-title: About the parse_config Resource
-platform: os
----
-
-# parse_config
-
-Use the `parse_config` InSpec audit resource to test arbitrary configuration files.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `parse_config` resource block declares the location of the configuration setting to be tested, and then what value is to be tested. Because this resource relies on arbitrary configuration files, the test itself is often arbitrary and relies on custom Ruby code:
-
-    output = command('some-command').stdout
-
-    describe parse_config(output, { data_config_option: value } ) do
-      its('setting') { should eq 1 }
-    end
-
-or:
-
-    audit = command('/sbin/auditctl -l').stdout
-      options = {
-        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
-        multiple_values: true
-      }
-
-    describe parse_config(audit, options) do
-      its('setting') { should eq 1 }
-    end
-
-where each test
-
-* Must declare the location of the configuration file to be tested
-* Must declare one (or more) settings to be tested
-* May run a command to `stdout`, and then run the test against that output
-* May use options to define how configuration data is to be parsed
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### assignment_regex
-
-Use `assignment_regex` to test a key value using a regular expression:
-
-    'key = value'
-
-may be tested using the following regular expression, which determines assignment from key to value:
-
-    assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
-
-### comment_char
-
-Use `comment_char` to test for comments in a configuration file:
-
-    comment_char: '#'
-
-### key_values
-
-Use `key_values` to test how many values a key contains:
-
-    key = a b c
-
-contains three values. To test that value to ensure it only contains one, use:
-
-    key_values: 1
-
-### multiple_values
-
-Use `multiple_values` if the source file uses the same key multiple times. All values will be aggregated in an array:
-
-    # # file structure:
-    # key = a
-    # key = b
-    # key2 = c
-    params['key'] = ['a', 'b']
-    params['key2'] = ['c']
-
-To use plain key value mapping, use `multiple_values: false`:
-
-    # # file structure:
-    # key = a
-    # key = b
-    # key2 = c
-    params['key'] = 'b'
-    params['key2'] = 'c'
-
-### standalone_comments
-
-Use `standalone_comments` to parse comments as a line, otherwise inline comments are allowed:
-
-    'key = value # comment'
-    params['key'] = 'value # comment'
-
-Use `standalone_comments: false`, to parse the following:
-
-    'key = value # comment'
-    params['key'] = 'value'

data/docs/resources/parse_config_file.md.erb

@@ -1,148 +0,0 @@
----
-title: About the parse_config_file Resource
-platform: os
----
-
-# parse\_config\_file
-
-Use the `parse_config_file` InSpec audit resource to test arbitrary configuration files. It works in the same way as `parse_config`. Instead of using a command output, this resource works with files.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `parse_config_file` InSpec audit resource block declares the location of the configuration file to be tested, and then which settings in that file are to be tested.
-
-    describe parse_config_file('/path/to/file', { data_config_option: value } ) do
-      its('setting') { should eq 1 }
-    end
-
-or:
-
-    options = {
-      assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
-      multiple_values: true
-    }
-
-    describe parse_config_file('path/to/file', options) do
-      its('setting') { should eq 1 }
-    end
-
-where each test
-
-* Must declare the location of the configuration file to be tested
-* Must declare one (or more) settings to be tested
-* May run a command to `stdout`, and then run the test against that output
-* May use options to define how configuration data is to be parsed
-
-<br>
-
-## Options
-
-This resource supports the following options for parsing configuration data. Use them in an `options` block stated outside of (and immediately before) the actual test:
-
-    options = {
-        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
-        multiple_values: true
-      }
-    describe parse_config_file('path/to/file',  options) do
-      its('setting') { should eq 1 }
-    end
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test a configuration setting
-
-    describe parse_config_file('/path/to/file.conf') do
-     its('PARAM_X') { should eq 'Y' }
-    end
-
-### Use options, and then test a configuration setting
-
-    describe parse_config_file('/path/to/file.conf', { multiple_values: true }) do
-     its('PARAM_X') { should include 'Y' }
-    end
-
-### Test a file with an ini-like structure (such as a yum.conf)
-
-    describe parse_config_file('/path/to/yum.conf') do
-     its('main') { should include('gpgcheck' => '1') }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### assignment_regex
-
-Use `assignment_regex` to test a key value using a regular expression:
-
-    'key = value'
-
-may be tested using the following regular expression, which determines assignment from key to value:
-
-    assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
-
-### comment_char
-
-Use `comment_char` to test for comments in a configuration file:
-
-    comment_char: '#'
-
-### key_values
-
-Use `key_values` to test how many values a key contains:
-
-    key = a b c
-
-contains three values. To test that value to ensure it only contains one, use:
-
-    key_values: 1
-
-### multiple_values
-
-Use `multiple_values` if the source file uses the same key multiple times. All values will be aggregated in an array:
-
-    # # file structure:
-    # key = a
-    # key = b
-    # key2 = c
-    params['key'] = ['a', 'b']
-    params['key2'] = ['c']
-
-To use plain key value mapping, use `multiple_values: false`:
-
-    # # file structure:
-    # key = a
-    # key = b
-    # key2 = c
-    params['key'] = 'b'
-    params['key2'] = 'c'
-
-### standalone_comments
-
-Use `standalone_comments` to parse comments as a line, otherwise inline comments are allowed:
-
-    'key = value # comment'
-    params['key'] = 'value # comment'
-
-Use `standalone_comments: false`, to parse the following:
-
-    'key = value # comment'
-    params['key'] = 'value'