inspec-core 2.3.10 → 2.3.23

data/docs/reporters.md

@@ -1,170 +0,0 @@
----
-title: InSpec Reporters
----
-
-# InSpec Reporters
-
-Introduced in InSpec 1.51.6
-
-InSpec allows you to output your test results to one or more reporters. You can configure the reporter(s) using either the `--json-config` option or the `--reporter` option. While you can configure multiple reporters to write to different files, only one reporter can output to the screen(stdout).
-
-## Syntax
-
-You can specify one or more reporters using the `--reporter` cli flag. You can also specify a output by appending a path separated by a colon.
-
-Output json to screen.
-
-```bash
-inspec exec --reporter json
-or
-inspec exec --reporter json:-
-```
-
-Output yaml to screen
-
-```bash
-inspec exec --reporter yaml
-or
-inspec exec --reporter yaml:-
-```
-
-Output cli to screen and write json to a file.
-
-```bash
-inspec exec --reporter cli json:/tmp/output.json
-```
-
-Output nothing to screen and write junit and html to a file.
-
-```bash
-inspec exec --reporter junit:/tmp/junit.xml html:www/index.html
-```
-
-Output json to screen and write to a file. Write junit to a file.
-
-```bash
-inspec exec --reporter json junit:/tmp/junit.xml | tee out.json
-```
-
-If you are using the cli option `--json-config` you can also set reporters.
-
-Output cli to screen.
-
-```json
-{
-    "reporter": {
-        "cli" : {
-            "stdout" : true
-        }
-    }
-}
-```
-
-Output cli to screen and write json to a file.
-
-```json
-{
-    "reporter": {
-        "cli" : {
-            "stdout" : true
-        },
-        "json" : {
-            "file" : "/tmp/output.json",
-            "stdout" : false
-        }
-    }
-}
-```
-
-## Supported Reporters
-
-The following are the current supported reporters:
-
-### cli
-
-This is the basic text base report. It includes details about which tests passed and failed and includes an overall summary at the end.
-
-### json
-
-This reporter includes all information about the profiles and test results in standard json format.
-
-### json-min
-
-This reporter is a redacted version of the json and only includes test results.
-
-### yaml
-
-This reporter includes all information about the profiles and test results in standard yaml format.
-
-### documentation
-
-This reporter is a very minimal text base report. It shows you which tests passed by name and has a small summary at the end.
-
-### junit
-
-This reporter outputs the standard junit spec in xml format.
-
-### progress
-
-This reporter is very condensed and gives you a `.`(pass), `f`(fail), or `*`(skip) character per test and a small summary at the end.
-
-### json-rspec
-
-This reporter includes all information from the rspec runner. Unlike the json reporter this includes rspec specific details.
-
-### html
-
-This renders html code to view your tests in a browser. It includes all the test and summary information.
-
-## Automate Reporter
-
-The automate reporter type is a special reporter used with the Automate 2 suite. To use this reporter you must pass in the correct configuration via a json config `--json-config`.
-
-Example config:
-
-```json
-"reporter": {
-    "automate" : {
-        "stdout" : false,
-        "url" : "https://YOUR_A2_URL/data-collector/v0/",
-        "token" : "YOUR_A2_ADMIN_TOKEN",
-        "insecure" : true,
-        "node_name" : "inspec_test_node",
-        "environment" : "prod"
-    }
-}
-```
-
-### Mandatory fields
-
-#### stdout
-
-This will either suppress or show the automate report in the CLI screen on completion
-
-#### url
-
-This is your Automate 2 url. Append `data-collector/v0/` at the end.
-
-#### token
-
-This is your Automate 2 token. You can generate this token by navigating to the admin tab of A2 and then api keys.
-
-### Optional fields
-
-#### insecure
-
-This will disable or enable the ssl check when accessing the Automate 2 instance.
-
-PLEASE NOTE: These fields are ONLY needed if you do not have chef-client attached to a chef server running on your node. The fields below will be automatically pulled from the chef server.
-
-#### node_name
-
-This will be the node name which shows up in Automate 2.
-
-#### node_uuid
-
-This overrides the node uuid sent up to Automate 2. On non-chef nodes we will try to generate a static node uuid for you from your hardware. This will almost never be needed unless your working with a unique virtual setup.
-
-#### environment
-
-This will set the environment metadata for Automate 2.

data/docs/resources/aide_conf.md.erb

@@ -1,86 +0,0 @@
----
-title: The aide_conf Resource
-platform: linux
----
-
-# aide_conf
-
-Use the `aide_conf` InSpec audit resource to test the rules established for the file integrity tool AIDE. Controlled by the aide.conf file typically at /etc/aide.conf.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.37.6 of InSpec.
-
-## Syntax
-
-An `aide_conf` resource block can be used to determine if the selection lines contain one (or more) directories whose files should be added to the aide database:
-
-    describe aide_conf('path') do
-      its('selection_lines') { should include '/sbin' }
-    end
-
-where
-
-* `'selection_lines'` refers to all selection lines found in the aide.conf file
-* `('path')` is the non-default path to the `aide.conf` file (optional)
-* `should include 'value'` is the value that is expected
-
-Use the where clause to match a selection_line to one rule or a particular set of rules found in the aide.conf file:
-
-    describe aide_conf.where { selection_line == '/bin' } do
-      its('rules.flatten') { should include 'r' }
-    end
-
-    describe aide_conf.where { selection_line == '/sbin' } do
-      its('rules') { should include ['p', 'i', 'l', 'n', 'u', 'g', 'sha512'] }
-    end
-
-<br>
-
-## Properties
-
-* `conf_path`, `content`, `rules`, `all_have_rule`
-
-<br>
-
-## Property Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test if all selection lines contain the xattr rule
-
-    describe aide_conf.all_have_rule('xattr') do
-      it { should eq true }
-    end
-
-### Test whether selection line for /bin contains a particular rule
-
-    describe aide_conf.where { selection_line == '/bin' } do
-      its('rules.flatten') { should include 'r' }
-    end
-
-### Test whether selection line for /sbin consists of a particular set of rules
-
-    describe aide_conf.where { selection_line == '/sbin' } do
-      its('rules') { should include ['r', 'sha512'] }
-    end
-
-### The usage of all\_have\_rule will return whether or not all selection lines in audit.conf contain a particular rule:
-
-    describe aide_conf.all_have_rule('sha512') do
-      it { should eq true }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

data/docs/resources/apache.md.erb

@@ -1,77 +0,0 @@
----
-title: About the apache Resource
-platform: linux
----
-
-# apache
-
-Use the `apache` InSpec audit resource to test the state of the Apache server on Linux/Unix systems.
-
-<p class="warning">This resource is deprecated and should not be used. It will be removed in InSpec 3.0.</p>
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.51.15 of InSpec.
-
-## Syntax
-
-An `apache` InSpec audit resource block declares settings that should be tested:
-
-    describe apache do
-      its('setting_name') { should cmp 'value' }
-    end
-
-where
-
-* `'setting_name'` is description of the Apache configuration file
-* `{ should cmp 'value' }` is the value that is expected
-
-<br>
-
-## Properties
-
-* `service`, `conf_dir`, `conf_path`, `user`
-
-<br>
-
-## Property Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test the service name.
-
-    describe apache do
-      its ('service') { should cmp 'apache2' }
-    end
-
-### Test the configuration location
-
-    describe apache do
-      its ('conf_dir') { should cmp '/etc/apache2' }
-    end
-
-### Test the path of the configuration file
-
-    describe apache do
-      its ('conf_path') { should cmp '/etc/apache2/apache2.conf' }
-    end
-
-### Test the apache user
-
-    describe apache do
-      its ('user') { should cmp 'www-data' }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

data/docs/resources/apache_conf.md.erb

@@ -1,78 +0,0 @@
----
-title: About the apache_conf Resource
-platform: linux
----
-
-# apache_conf
-
-Use the `apache_conf` InSpec audit resource to test the configuration settings for Apache. This file is typically located under `/etc/apache2` on the Debian and Ubuntu platforms and under `/etc/httpd` on the Fedora, CentOS, RedHat Enterprise Linux, and ArchLinux platforms. The configuration settings may vary significantly from platform to platform.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-An `apache_conf` InSpec audit resource block declares configuration settings that should be tested:
-
-    describe apache_conf('path') do
-      its('setting_name') { should eq 'value' }
-    end
-
-where
-
-* `'setting_name'` is a configuration setting defined in the Apache configuration file
-* `('path')` is the non-default path to the Apache configuration file
-* `{ should eq 'value' }` is the value that is expected
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test for blocking .htaccess files on CentOS
-
-    describe apache_conf do
-      its('AllowOverride') { should cmp 'None' }
-    end
-
-### Test ports for SSL
-
-    describe apache_conf do
-      its('Listen') { should cmp '443' }
-    end
-
-### Test multiple ports are listening
-
-    describe apache_conf do
-      its('Listen') { should =~ [ '80', '443' ] }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-This InSpec audit resource matches any service that is listed in the Apache configuration file:
-
-    its('PidFile') { should_not eq '/var/run/httpd.pid' }
-
-or:
-
-    its('Timeout') { should cmp '300' }
-
-For example:
-
-    describe apache_conf do
-      its('MaxClients') { should cmp '100' }
-      its('Listen') { should cmp '443' }
-    end

data/docs/resources/apt.md.erb

@@ -1,81 +0,0 @@
----
-title: About the apt Resource
-platform: linux
----
-
-# apt
-
-Use the `apt` InSpec audit resource to verify Apt repositories on the Debian and Ubuntu platforms, and also PPA repositories on the Ubuntu platform.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-An `apt` resource block tests the contents of Apt and PPA repositories:
-
-    describe apt('path') do
-      it { should exist }
-      it { should be_enabled }
-    end
-
-where
-
-* `apt('path')` must specify an Apt or PPA repository
-* `('path')` may be an `http://` address, a `ppa:` address, or a short `repo-name/ppa` address
-* `exist` and `be_enabled` are a valid matchers for this resource
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test if apt repository exists and is enabled
-
-    describe apt('http://ppa.launchpad.net/juju/stable/ubuntu') do
-      it { should exist }
-      it { should be_enabled }
-    end
-
-### Verify that a PPA repository exists and is enabled
-
-    describe apt('ppa:nginx/stable') do
-      it { should exist }
-      it { should be_enabled }
-    end
-
-### Verify that a repository is not present
-
-    describe apt('ubuntu-wine/ppa') do
-      it { should_not exist }
-      it { should_not be_enabled }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-
-### be_enabled
-
-The `be_enabled` matcher tests if a package exists in the repository:
-
-    it { should be_enabled }
-
-### exist
-
-The `exist` matcher tests if a package exists on the system:
-
-    it { should exist }