inspec-core 4.3.2 → 4.6.3

data/lib/inspec/reporters/json.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
-
-require 'json'
+require "json"
 
 module Inspec::Reporters
   class Json < Base
@@ -26,7 +24,7 @@ module Inspec::Reporters
         name: run_data[:platform][:name],
         release: run_data[:platform][:release],
       }
-      platform[:target_id] = @config['target_id'] if @config['target_id']
+      platform[:target_id] = @config["target_id"] if @config["target_id"]
       platform
     end
 

data/lib/inspec/reporters/json_automate.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
-
-require 'json'
+require "json"
 
 module Inspec::Reporters
   class JsonAutomate < Json

data/lib/inspec/reporters/json_min.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
-
-require 'json'
+require "json"
 
 module Inspec::Reporters
   class JsonMin < Base

data/lib/inspec/reporters/junit.rb

@@ -1,13 +1,11 @@
-# encoding: utf-8
-
 module Inspec::Reporters
   class Junit < Base
     def render
-      require 'rexml/document'
+      require "rexml/document"
       xml_output = REXML::Document.new
       xml_output.add(REXML::XMLDecl.new)
 
-      testsuites = REXML::Element.new('testsuites')
+      testsuites = REXML::Element.new("testsuites")
       xml_output.add(testsuites)
 
       run_data[:profiles].each do |profile|
@@ -16,18 +14,18 @@ module Inspec::Reporters
 
       formatter = REXML::Formatters::Pretty.new
       formatter.compact = true
-      output(formatter.write(xml_output.xml_decl, ''))
-      output(formatter.write(xml_output.root, ''))
+      output(formatter.write(xml_output.xml_decl, ""))
+      output(formatter.write(xml_output.root, ""))
     end
 
     private
 
     def build_profile_xml(profile)
-      profile_xml = REXML::Element.new('testsuite')
-      profile_xml.add_attribute('name', profile[:name])
-      profile_xml.add_attribute('tests', count_profile_tests(profile))
-      profile_xml.add_attribute('failed', count_profile_failed_tests(profile))
-      profile_xml.add_attribute('failures', count_profile_failed_tests(profile))
+      profile_xml = REXML::Element.new("testsuite")
+      profile_xml.add_attribute("name", profile[:name])
+      profile_xml.add_attribute("tests", count_profile_tests(profile))
+      profile_xml.add_attribute("failed", count_profile_failed_tests(profile))
+      profile_xml.add_attribute("failures", count_profile_failed_tests(profile))
 
       profile[:controls].each do |control|
         next if control[:results].nil?
@@ -41,39 +39,39 @@ module Inspec::Reporters
     end
 
     def build_result_xml(profile_name, control, result)
-      result_xml = REXML::Element.new('testcase')
-      result_xml.add_attribute('name', result[:code_desc])
-      result_xml.add_attribute('classname', control[:title].nil? ? "#{profile_name}.Anonymous" : "#{profile_name}.#{control[:id]}")
-      result_xml.add_attribute('target', run_data[:platform][:target].nil? ? '' : run_data[:platform][:target].to_s)
-      result_xml.add_attribute('time', result[:run_time])
+      result_xml = REXML::Element.new("testcase")
+      result_xml.add_attribute("name", result[:code_desc])
+      result_xml.add_attribute("classname", control[:title].nil? ? "#{profile_name}.Anonymous" : "#{profile_name}.#{control[:id]}")
+      result_xml.add_attribute("target", run_data[:platform][:target].nil? ? "" : run_data[:platform][:target].to_s)
+      result_xml.add_attribute("time", result[:run_time])
 
-      if result[:status] == 'failed'
-        failure_element = REXML::Element.new('failure')
-        failure_element.add_attribute('message', result[:message])
+      if result[:status] == "failed"
+        failure_element = REXML::Element.new("failure")
+        failure_element.add_attribute("message", result[:message])
         result_xml.add(failure_element)
-      elsif result[:status] == 'skipped'
-        result_xml.add_element('skipped')
+      elsif result[:status] == "skipped"
+        result_xml.add_element("skipped")
       end
 
       result_xml
     end
 
     def count_profile_tests(profile)
-      profile[:controls].reduce(0) { |acc, elem|
+      profile[:controls].reduce(0) do |acc, elem|
         acc + (elem[:results].nil? ? 0 : elem[:results].count)
-      }
+      end
     end
 
     def count_profile_failed_tests(profile)
-      profile[:controls].reduce(0) { |acc, elem|
+      profile[:controls].reduce(0) do |acc, elem|
         if elem[:results].nil?
           acc
         else
-          acc + elem[:results].reduce(0) { |fail_test_total, test_case|
-            test_case[:status] == 'failed' ? fail_test_total + 1 : fail_test_total
-          }
+          acc + elem[:results].reduce(0) do |fail_test_total, test_case|
+            test_case[:status] == "failed" ? fail_test_total + 1 : fail_test_total
+          end
         end
-      }
+      end
     end
   end
 end

data/lib/inspec/reporters/yaml.rb

@@ -1,6 +1,4 @@
-# encoding: utf-8
-
-require 'yaml'
+require "yaml"
 
 module Inspec::Reporters
   class Yaml < Base

data/lib/inspec/require_loader.rb

@@ -1,7 +1,3 @@
-# encoding: utf-8
-# author: Dominik Richter
-# author: Christoph Hartmann
-
 module Inspec
   class RequireLoader
     Item = Struct.new(:content, :ref, :line, :loaded)

data/lib/inspec/resource.rb

@@ -1,8 +1,6 @@
-# encoding: utf-8
 # copyright: 2015, Vulcano Security GmbH
-# author: Dominik Richter
-# author: Christoph Hartmann
-require 'inspec/plugin/v1'
+require "inspec/plugin/v1"
+require "inspec/utils/deprecation/global_method" # for resources
 
 module Inspec
   class ProfileNotFound < StandardError; end
@@ -78,128 +76,9 @@ module Inspec
   end
 
   def self.validate_resource_dsl_version!(version)
-    raise 'Only resource version 1 is supported!' if version != 1
+    raise "Only resource version 1 is supported!" if version != 1
   end
 end
 
 # Many resources use FilterTable.
-require 'utils/filter'
-
-# Detect if we are running the stripped-down inspec-core
-# This relies on AWS being stripped from the inspec-core gem
-inspec_core_only = !File.exist?(File.join(File.dirname(__FILE__), '..', 'resource_support', 'aws.rb'))
-
-# Do not attempt to load cloud resources if we are in inspec-core mode
-unless inspec_core_only
-  require 'resource_support/aws'
-  require 'resources/azure/azure_backend.rb'
-  require 'resources/azure/azure_generic_resource.rb'
-  require 'resources/azure/azure_resource_group.rb'
-  require 'resources/azure/azure_virtual_machine.rb'
-  require 'resources/azure/azure_virtual_machine_data_disk.rb'
-end
-
-require 'resources/aide_conf'
-require 'resources/apache'
-require 'resources/apache_conf'
-require 'resources/apt'
-require 'resources/audit_policy'
-require 'resources/auditd'
-require 'resources/auditd_conf'
-require 'resources/bash'
-require 'resources/bond'
-require 'resources/bridge'
-require 'resources/chocolatey_package'
-require 'resources/command'
-require 'resources/cran'
-require 'resources/cpan'
-require 'resources/crontab'
-require 'resources/dh_params'
-require 'resources/directory'
-require 'resources/docker'
-require 'resources/docker_container'
-require 'resources/docker_image'
-require 'resources/docker_plugin'
-require 'resources/docker_service'
-require 'resources/elasticsearch'
-require 'resources/etc_fstab'
-require 'resources/etc_group'
-require 'resources/etc_hosts_allow_deny'
-require 'resources/etc_hosts'
-require 'resources/file'
-require 'resources/filesystem'
-require 'resources/firewalld'
-require 'resources/gem'
-require 'resources/groups'
-require 'resources/grub_conf'
-require 'resources/host'
-require 'resources/http'
-require 'resources/iis_app'
-require 'resources/iis_app_pool'
-require 'resources/iis_site'
-require 'resources/inetd_conf'
-require 'resources/interface'
-require 'resources/iptables'
-require 'resources/json'
-require 'resources/kernel_module'
-require 'resources/kernel_parameter'
-require 'resources/key_rsa'
-require 'resources/ksh'
-require 'resources/limits_conf'
-require 'resources/login_def'
-require 'resources/mount'
-require 'resources/mssql_session'
-require 'resources/mysql'
-require 'resources/mysql_conf'
-require 'resources/mysql_session'
-require 'resources/nginx'
-require 'resources/nginx_conf'
-require 'resources/npm'
-require 'resources/ntp_conf'
-require 'resources/oneget'
-require 'resources/oracledb_session'
-require 'resources/os'
-require 'resources/os_env'
-require 'resources/package'
-require 'resources/packages'
-require 'resources/parse_config'
-require 'resources/passwd'
-require 'resources/pip'
-require 'resources/platform'
-require 'resources/port'
-require 'resources/postgres'
-require 'resources/postgres_conf'
-require 'resources/postgres_hba_conf'
-require 'resources/postgres_ident_conf'
-require 'resources/postgres_session'
-require 'resources/powershell'
-require 'resources/processes'
-require 'resources/rabbitmq_conf'
-require 'resources/registry_key'
-require 'resources/security_identifier'
-require 'resources/security_policy'
-require 'resources/service'
-require 'resources/shadow'
-require 'resources/ssh_conf'
-require 'resources/ssl'
-require 'resources/sys_info'
-require 'resources/toml'
-require 'resources/users'
-require 'resources/vbscript'
-require 'resources/virtualization'
-require 'resources/windows_feature'
-require 'resources/windows_hotfix'
-require 'resources/windows_task'
-require 'resources/wmi'
-require 'resources/x509_certificate'
-require 'resources/xinetd'
-require 'resources/yum'
-require 'resources/zfs_dataset'
-require 'resources/zfs_pool'
-
-# file formats, depend on json implementation
-require 'resources/json'
-require 'resources/yaml'
-require 'resources/csv'
-require 'resources/ini'
-require 'resources/xml'
+require "inspec/utils/filter"

data/lib/inspec/resources.rb

@@ -0,0 +1,121 @@
+require "inspec/resource"
+
+# Detect if we are running the stripped-down inspec-core
+# This relies on AWS being stripped from the inspec-core gem
+inspec_core_only = ENV["NO_AWS"] || !File.exist?(File.join(File.dirname(__FILE__), "..", "resource_support", "aws.rb"))
+
+require "rspec/matchers"
+
+# Do not attempt to load cloud resources if we are in inspec-core mode
+unless inspec_core_only
+  require "resource_support/aws"
+  require "resources/azure/azure_backend.rb"
+  require "resources/azure/azure_generic_resource.rb"
+  require "resources/azure/azure_resource_group.rb"
+  require "resources/azure/azure_virtual_machine.rb"
+  require "resources/azure/azure_virtual_machine_data_disk.rb"
+end
+
+require "inspec/resources/aide_conf"
+require "inspec/resources/apache"
+require "inspec/resources/apache_conf"
+require "inspec/resources/apt"
+require "inspec/resources/audit_policy"
+require "inspec/resources/auditd"
+require "inspec/resources/auditd_conf"
+require "inspec/resources/bash"
+require "inspec/resources/bond"
+require "inspec/resources/bridge"
+require "inspec/resources/chocolatey_package"
+require "inspec/resources/command"
+require "inspec/resources/cran"
+require "inspec/resources/cpan"
+require "inspec/resources/crontab"
+require "inspec/resources/dh_params"
+require "inspec/resources/directory"
+require "inspec/resources/docker"
+require "inspec/resources/docker_container"
+require "inspec/resources/docker_image"
+require "inspec/resources/docker_plugin"
+require "inspec/resources/docker_service"
+require "inspec/resources/elasticsearch"
+require "inspec/resources/etc_fstab"
+require "inspec/resources/etc_group"
+require "inspec/resources/etc_hosts_allow_deny"
+require "inspec/resources/etc_hosts"
+require "inspec/resources/file"
+require "inspec/resources/filesystem"
+require "inspec/resources/firewalld"
+require "inspec/resources/gem"
+require "inspec/resources/groups"
+require "inspec/resources/grub_conf"
+require "inspec/resources/host"
+require "inspec/resources/http"
+require "inspec/resources/iis_app"
+require "inspec/resources/iis_app_pool"
+require "inspec/resources/iis_site"
+require "inspec/resources/inetd_conf"
+require "inspec/resources/interface"
+require "inspec/resources/iptables"
+require "inspec/resources/kernel_module"
+require "inspec/resources/kernel_parameter"
+require "inspec/resources/key_rsa"
+require "inspec/resources/ksh"
+require "inspec/resources/limits_conf"
+require "inspec/resources/login_defs"
+require "inspec/resources/mount"
+require "inspec/resources/mssql_session"
+require "inspec/resources/mysql"
+require "inspec/resources/mysql_conf"
+require "inspec/resources/mysql_session"
+require "inspec/resources/nginx"
+require "inspec/resources/nginx_conf"
+require "inspec/resources/npm"
+require "inspec/resources/ntp_conf"
+require "inspec/resources/oneget"
+require "inspec/resources/oracledb_session"
+require "inspec/resources/os"
+require "inspec/resources/os_env"
+require "inspec/resources/package"
+require "inspec/resources/packages"
+require "inspec/resources/parse_config"
+require "inspec/resources/passwd"
+require "inspec/resources/pip"
+require "inspec/resources/platform"
+require "inspec/resources/port"
+require "inspec/resources/postgres"
+require "inspec/resources/postgres_conf"
+require "inspec/resources/postgres_hba_conf"
+require "inspec/resources/postgres_ident_conf"
+require "inspec/resources/postgres_session"
+require "inspec/resources/powershell"
+require "inspec/resources/processes"
+require "inspec/resources/rabbitmq_config"
+require "inspec/resources/registry_key"
+require "inspec/resources/security_identifier"
+require "inspec/resources/security_policy"
+require "inspec/resources/service"
+require "inspec/resources/shadow"
+require "inspec/resources/ssh_config"
+require "inspec/resources/ssl"
+require "inspec/resources/sys_info"
+require "inspec/resources/toml"
+require "inspec/resources/users"
+require "inspec/resources/vbscript"
+require "inspec/resources/virtualization"
+require "inspec/resources/windows_feature"
+require "inspec/resources/windows_hotfix"
+require "inspec/resources/windows_task"
+require "inspec/resources/wmi"
+require "inspec/resources/x509_certificate"
+require "inspec/resources/xinetd_conf"
+require "inspec/resources/yum"
+require "inspec/resources/zfs_dataset"
+require "inspec/resources/zfs_pool"
+
+# file formats, depend on json implementation
+require "inspec/resources/json"
+require "inspec/resources/yaml"
+require "inspec/resources/csv"
+require "inspec/resources/ini"
+require "inspec/resources/xml"

data/lib/{resources → inspec/resources}/aide_conf.rb

@@ -1,12 +1,11 @@
-# encoding: utf-8
+require "inspec/utils/filter"
+require "inspec/utils/parser"
+require "inspec/utils/file_reader"
 
-require 'utils/filter'
-require 'utils/parser'
-require 'utils/file_reader'
 module Inspec::Resources
   class AideConf < Inspec.resource(1)
-    name 'aide_conf'
-    supports platform: 'unix'
+    name "aide_conf"
+    supports platform: "unix"
     desc 'Use the aide_conf InSpec audit resource to test the rules established for
       the file integrity tool AIDE. Controlled by the aide.conf file typically at /etc/aide.conf.'
     example <<~EXAMPLE
@@ -29,7 +28,7 @@ module Inspec::Resources
     include FileReader
 
     def initialize(aide_conf_path = nil)
-      @conf_path = aide_conf_path || '/etc/aide.conf'
+      @conf_path = aide_conf_path || "/etc/aide.conf"
       @content = nil
       @rules = nil
       read_content
@@ -39,13 +38,13 @@ module Inspec::Resources
       # Case when file didn't exist or perms didn't allow an open
       return false if @content.nil?
 
-      lines = @params.reject { |line| line['rules'].include? rule }
+      lines = @params.reject { |line| line["rules"].include? rule }
       lines.empty?
     end
 
     filter = FilterTable.create
-    filter.register_column(:selection_lines, field: 'selection_line')
-          .register_column(:rules,           field: 'rules')
+    filter.register_column(:selection_lines, field: "selection_line")
+          .register_column(:rules,           field: "rules")
 
     filter.install_filter_methods_on_resource(self, :params)
 
@@ -65,7 +64,7 @@ module Inspec::Resources
     def filter_comments(data)
       content = []
       data.each do |line|
-        content_line, = parse_comment_line(line, comment_char: '#', standalone_comments: false)
+        content_line, = parse_comment_line(line, comment_char: "#", standalone_comments: false)
         content.push(content_line)
       end
       content
@@ -75,7 +74,7 @@ module Inspec::Resources
       params = []
       content.each do |line|
         param = parse_line(line)
-        if !param['selection_line'].nil?
+        if !param["selection_line"].nil?
           params.push(param)
         end
       end
@@ -85,19 +84,19 @@ module Inspec::Resources
     def parse_line(line)
       line_and_rules = {}
       # Case when line is a rule line
-      if line.include?(' = ')
+      if line.include?(" = ")
         parse_rule_line(line)
       # Case when line is a selection line
-      elsif line.start_with?('/', '!', '=')
+      elsif line.start_with?("/", "!", "=")
         line_and_rules = parse_selection_line(line)
       end
       line_and_rules
     end
 
     def parse_rule_line(line)
-      line.gsub!(/\s+/, '')
-      rule_line_arr = line.split('=')
-      rules_list = rule_line_arr.last.split('+')
+      line.gsub!(/\s+/, "")
+      rule_line_arr = line.split("=")
+      rules_list = rule_line_arr.last.split("+")
       rule_name = rule_line_arr.first
       rules_list.each_index do |i|
         # Cases where rule respresents one or more other rules
@@ -110,10 +109,10 @@ module Inspec::Resources
     end
 
     def parse_selection_line(line)
-      selec_line_arr = line.split(' ')
+      selec_line_arr = line.split(" ")
       selection_line = selec_line_arr.first
-      selection_line.chop! if selection_line.end_with?('/')
-      rule_list = selec_line_arr.last.split('+')
+      selection_line.chop! if selection_line.end_with?("/")
+      rule_list = selec_line_arr.last.split("+")
       rule_list.each_index do |i|
         hash_list = @rules[rule_list[i]]
         # Cases where rule respresents one or more other rules
@@ -124,8 +123,8 @@ module Inspec::Resources
       end
       rule_list.flatten!
       {
-        'selection_line' => selection_line,
-        'rules' => rule_list,
+        "selection_line" => selection_line,
+        "rules" => rule_list,
       }
     end
 
@@ -136,11 +135,11 @@ module Inspec::Resources
       grow_log_rules = %w{p l u g i n S}
 
       case rule_list[i]
-      when 'R'
+      when "R"
         return r_rules
-      when 'L'
+      when "L"
         return l_rules
-      when '>'
+      when ">"
         return grow_log_rules
       end
       rule_list[i]