inspec-core 4.56.17 → 5.10.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/etc/deprecations.json +12 -16
- data/inspec-core.gemspec +1 -1
- data/lib/inspec/base_cli.rb +14 -2
- data/lib/inspec/cli.rb +15 -0
- data/lib/inspec/dependency_installer.rb +74 -0
- data/lib/inspec/dependency_loader.rb +97 -0
- data/lib/inspec/dsl.rb +11 -2
- data/lib/inspec/errors.rb +7 -0
- data/lib/inspec/formatters/base.rb +23 -0
- data/lib/inspec/metadata.rb +36 -0
- data/lib/inspec/plugin/v2/installer.rb +9 -2
- data/lib/inspec/plugin/v2/loader.rb +13 -0
- data/lib/inspec/plugin/v2/plugin_types/streaming_reporter.rb +44 -1
- data/lib/inspec/plugin/v2/status.rb +2 -1
- data/lib/inspec/profile.rb +63 -0
- data/lib/inspec/reporters/automate.rb +1 -1
- data/lib/inspec/reporters/cli.rb +1 -1
- data/lib/inspec/reporters/json.rb +31 -11
- data/lib/inspec/resource.rb +6 -0
- data/lib/inspec/resources/apt.rb +12 -6
- data/lib/inspec/resources/cgroup.rb +101 -0
- data/lib/inspec/resources/cron.rb +49 -0
- data/lib/inspec/resources/ipfilter.rb +59 -0
- data/lib/inspec/resources/ipnat.rb +58 -0
- data/lib/inspec/resources/lxc.rb +57 -0
- data/lib/inspec/resources/oracledb_session.rb +7 -3
- data/lib/inspec/resources/postgres_session.rb +4 -2
- data/lib/inspec/resources/virtualization.rb +9 -3
- data/lib/inspec/resources.rb +3 -16
- data/lib/inspec/runner.rb +18 -1
- data/lib/inspec/runner_rspec.rb +15 -0
- data/lib/inspec/schema/exec_json.rb +59 -58
- data/lib/inspec/schema/exec_json_min.rb +16 -16
- data/lib/inspec/schema/primitives.rb +68 -51
- data/lib/inspec/schema/profile_json.rb +27 -27
- data/lib/inspec/schema.rb +1 -0
- data/lib/inspec/ui.rb +10 -0
- data/lib/inspec/utils/deprecated_cloud_resources_list.rb +54 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/inspec.rb +3 -0
- data/lib/plugins/inspec-artifact/inspec-artifact.gemspec +9 -0
- data/lib/plugins/inspec-compliance/inspec-compliance.gemspec +9 -0
- data/lib/plugins/inspec-habitat/inspec-habitat.gemspec +9 -0
- data/lib/plugins/inspec-init/inspec-init.gemspec +9 -0
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +1 -0
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +9 -0
- data/lib/plugins/inspec-init/lib/inspec-init/cli_resource.rb +126 -0
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +9 -8
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.erb +16 -0
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/streaming_reporter.erb +31 -0
- data/lib/plugins/inspec-init/templates/profiles/aws/inspec.yml +1 -1
- data/lib/plugins/inspec-init/templates/resources/basic/docs/resource-doc.erb +77 -0
- data/lib/plugins/inspec-init/templates/resources/basic/libraries/inspec-resource-template.erb +94 -0
- data/lib/plugins/inspec-init/templates/resources/plural/docs/resource-doc.erb +62 -0
- data/lib/plugins/inspec-init/templates/resources/plural/libraries/inspec-resource-template.erb +73 -0
- data/lib/plugins/inspec-plugin-manager-cli/inspec-plugin-manager-cli.gemspec +10 -0
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +15 -11
- data/lib/plugins/inspec-reporter-html2/inspec-reporter-html2.gemspec +9 -0
- data/lib/plugins/inspec-reporter-html2/templates/body.html.erb +2 -0
- data/lib/plugins/inspec-reporter-html2/templates/control.html.erb +3 -0
- data/lib/plugins/inspec-reporter-html2/templates/profile.html.erb +1 -0
- data/lib/plugins/inspec-reporter-html2/templates/result.html.erb +1 -0
- data/lib/plugins/inspec-reporter-json-min/inspec-reporter-json-min.gemspec +9 -0
- data/lib/plugins/inspec-reporter-junit/inspec-reporter-junit.gemspec +9 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/README.md +5 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/inspec-streaming-reporter-progress-bar.gemspec +9 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/lib/inspec-streaming-reporter-progress-bar/plugin.rb +13 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/lib/inspec-streaming-reporter-progress-bar/streaming_reporter.rb +112 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/lib/inspec-streaming-reporter-progress-bar/version.rb +8 -0
- data/lib/plugins/inspec-streaming-reporter-progress-bar/lib/inspec-streaming-reporter-progress-bar.rb +15 -0
- metadata +31 -3
data/lib/inspec/ui.rb
CHANGED
@@ -30,6 +30,7 @@ module Inspec
|
|
30
30
|
EXIT_USAGE_ERROR = 1
|
31
31
|
EXIT_PLUGIN_ERROR = 2
|
32
32
|
EXIT_FATAL_DEPRECATION = 3
|
33
|
+
EXIT_GEM_DEPENDENCY_LOAD_ERROR = 4
|
33
34
|
EXIT_LICENSE_NOT_ACCEPTED = 172
|
34
35
|
EXIT_FAILED_TESTS = 100
|
35
36
|
EXIT_SKIPPED_TESTS = 101
|
@@ -139,6 +140,15 @@ module Inspec
|
|
139
140
|
print_or_return(result, opts[:print])
|
140
141
|
end
|
141
142
|
|
143
|
+
def line_with_width(width = 80, opts = { print: true } )
|
144
|
+
if color?
|
145
|
+
result = ANSI_CODES[:bold] + GLYPHS[:heavy_dash] * width + ANSI_CODES[:reset] + "\n"
|
146
|
+
else
|
147
|
+
result = "-" * width + "\n"
|
148
|
+
end
|
149
|
+
print_or_return(result, opts[:print])
|
150
|
+
end
|
151
|
+
|
142
152
|
# Makes a bullet point.
|
143
153
|
def list_item(str, opts = { print: true })
|
144
154
|
bullet = color? ? ANSI_CODES[:bold] + ANSI_CODES[:color][:white] + GLYPHS[:bullet] + ANSI_CODES[:reset] : "*"
|
@@ -0,0 +1,54 @@
|
|
1
|
+
module DeprecatedCloudResourcesList
|
2
|
+
CLOUD_RESOURCES_DEPRECATED = %i{
|
3
|
+
aws_billing_report
|
4
|
+
aws_billing_reports
|
5
|
+
aws_cloudtrail_trail
|
6
|
+
aws_cloudtrail_trails
|
7
|
+
aws_cloudwatch_alarm
|
8
|
+
aws_cloudwatch_log_metric_filter
|
9
|
+
aws_config_delivery_channel
|
10
|
+
aws_config_recorder
|
11
|
+
aws_ec2_instance
|
12
|
+
aws_ebs_volume
|
13
|
+
aws_ebs_volumes
|
14
|
+
aws_flow_log
|
15
|
+
aws_ec2_instances
|
16
|
+
aws_ecs_cluster
|
17
|
+
aws_eks_cluster
|
18
|
+
aws_elb
|
19
|
+
aws_elbs
|
20
|
+
aws_iam_access_key
|
21
|
+
aws_iam_access_keys
|
22
|
+
aws_iam_group
|
23
|
+
aws_iam_groups
|
24
|
+
aws_iam_password_policy
|
25
|
+
aws_iam_policies
|
26
|
+
aws_iam_policy
|
27
|
+
aws_iam_role
|
28
|
+
aws_iam_root_user
|
29
|
+
aws_iam_user
|
30
|
+
aws_iam_users
|
31
|
+
aws_kms_key
|
32
|
+
aws_kms_keys
|
33
|
+
aws_rds_instance
|
34
|
+
aws_route_table
|
35
|
+
aws_route_tables
|
36
|
+
aws_s3_bucket
|
37
|
+
aws_s3_bucket_object
|
38
|
+
aws_s3_buckets
|
39
|
+
aws_security_group
|
40
|
+
aws_security_groups
|
41
|
+
aws_sns_subscription
|
42
|
+
aws_sns_topic
|
43
|
+
aws_sns_topics
|
44
|
+
aws_sqs_queue
|
45
|
+
aws_subnet
|
46
|
+
aws_subnets
|
47
|
+
aws_vpc
|
48
|
+
aws_vpcs
|
49
|
+
azure_generic_resource
|
50
|
+
azure_resource_group
|
51
|
+
azure_virtual_machine
|
52
|
+
azure_virtual_machine_data_disk
|
53
|
+
}.freeze
|
54
|
+
end
|
data/lib/inspec/version.rb
CHANGED
data/lib/inspec.rb
CHANGED
@@ -0,0 +1,9 @@
|
|
1
|
+
# .gemspec file is added to add plugin details
|
2
|
+
# These specs are used in plugin list and search command
|
3
|
+
|
4
|
+
Gem::Specification.new do |spec|
|
5
|
+
spec.name = "inspec-artifact"
|
6
|
+
spec.summary = ""
|
7
|
+
spec.description = "Plugin to generate asymmetrical keys that you can use to encrypt profiles"
|
8
|
+
spec.license = "Apache-2.0"
|
9
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# .gemspec file is added to add plugin details
|
2
|
+
# These specs are used in plugin list and search command
|
3
|
+
|
4
|
+
Gem::Specification.new do |spec|
|
5
|
+
spec.name = "inspec-compliance"
|
6
|
+
spec.summary = "Plugin to perform operations with Chef Automate"
|
7
|
+
spec.description = "This extensions will allow you to interact with Chef Automate"
|
8
|
+
spec.license = "Apache-2.0"
|
9
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# .gemspec file is added to add plugin details
|
2
|
+
# These specs are used in plugin list and search command
|
3
|
+
|
4
|
+
Gem::Specification.new do |spec|
|
5
|
+
spec.name = "inspec-habitat"
|
6
|
+
spec.summary = "Plugin to create/upload habitat package"
|
7
|
+
spec.description = "This extensions will allow you to create/upload habitat package from an inspec profile."
|
8
|
+
spec.license = "Apache-2.0"
|
9
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# .gemspec file is added to add plugin details
|
2
|
+
# These specs are used in plugin list and search command
|
3
|
+
|
4
|
+
Gem::Specification.new do |spec|
|
5
|
+
spec.name = "inspec-init"
|
6
|
+
spec.summary = "Plugin for scaffolding profile, plugin or a resource"
|
7
|
+
spec.description = "This extensions helps you to easily create a new profile, plugin or a resource."
|
8
|
+
spec.license = "Apache-2.0"
|
9
|
+
end
|
@@ -81,6 +81,7 @@ module InspecPlugins
|
|
81
81
|
File.join("lib", "inspec-plugin-template.erb") => File.join("lib", plugin_name + ".rb"),
|
82
82
|
File.join("lib", "inspec-plugin-template", "cli_command.erb") => File.join("lib", plugin_name, "cli_command.rb"),
|
83
83
|
File.join("lib", "inspec-plugin-template", "reporter.erb") => File.join("lib", plugin_name, "reporter.rb"),
|
84
|
+
File.join("lib", "inspec-plugin-template", "streaming_reporter.erb") => File.join("lib", plugin_name, "streaming_reporter.rb"),
|
84
85
|
File.join("lib", "inspec-plugin-template", "plugin.erb") => File.join("lib", plugin_name, "plugin.rb"),
|
85
86
|
File.join("lib", "inspec-plugin-template", "version.erb") => File.join("lib", plugin_name, "version.rb"),
|
86
87
|
File.join("test", "functional", "inspec_plugin_template_test.erb") => File.join("test", "functional", snake_case + "_test.rb"),
|
@@ -183,6 +184,9 @@ module InspecPlugins
|
|
183
184
|
elsif activators_by_type.key?(:reporter)
|
184
185
|
vars[:reporter_name_dashes] = activators_by_type[:reporter].tr("_", "-")
|
185
186
|
vars[:reporter_name_snake] = activators_by_type[:reporter].tr("-", "_")
|
187
|
+
elsif activators_by_type.key?(:streaming_reporter)
|
188
|
+
vars[:streaming_reporter_name_dashes] = activators_by_type[:streaming_reporter].tr("_", "-")
|
189
|
+
vars[:streaming_reporter_name_snake] = activators_by_type[:streaming_reporter].tr("-", "_")
|
186
190
|
end
|
187
191
|
vars
|
188
192
|
end
|
@@ -267,6 +271,11 @@ module InspecPlugins
|
|
267
271
|
File.join("lib", "inspec-plugin-template", "reporter.erb"),
|
268
272
|
]
|
269
273
|
end
|
274
|
+
unless requested_activators.include?(:streaming_reporter)
|
275
|
+
skips += [
|
276
|
+
File.join("lib", "inspec-plugin-template", "streaming_reporter.erb"),
|
277
|
+
]
|
278
|
+
end
|
270
279
|
|
271
280
|
skips.uniq
|
272
281
|
end
|
@@ -0,0 +1,126 @@
|
|
1
|
+
require_relative "renderer"
|
2
|
+
|
3
|
+
module InspecPlugins
|
4
|
+
module Init
|
5
|
+
class CLI < Inspec.plugin(2, :cli_command)
|
6
|
+
#-------------------------------------------------------------------#
|
7
|
+
# inspec init resource
|
8
|
+
#-------------------------------------------------------------------#
|
9
|
+
desc "resource RESOURCE_NAME [options]", "Generates an InSpec resource, which can extend the scope of InSpec resources support"
|
10
|
+
# General options
|
11
|
+
option :prompt, type: :boolean, default: true, desc: "Interactively prompt for information to put in your generated resource."
|
12
|
+
option :overwrite, type: :boolean, default: false, desc: "Overwrite existing files"
|
13
|
+
option :layout, type: :string, default: "resource-pack", desc: "File layout, either 'resource-pack' or 'core'"
|
14
|
+
option :template, type: :string, default: "basic", desc: "Which type of resource template to use"
|
15
|
+
|
16
|
+
# Templating vars
|
17
|
+
option :supports_platform, type: :string, default: "linux", desc: "the platform supported by this resource"
|
18
|
+
option :description, type: :string, default: "Resource description ...", desc: "the description of this resource"
|
19
|
+
option :class_name, type: :string, default: "MyCustomResource", desc: "Class Name for your resource."
|
20
|
+
option :path, type: :string, default: ".", desc: "Subdirectory under which to create files"
|
21
|
+
|
22
|
+
# Wishlist:
|
23
|
+
# Make make_rename_map_resource dynamic:
|
24
|
+
# + Add a --path option which defaults to ., which will create the tree under that path
|
25
|
+
# + Add a --layout option which changes all the tree to act as placing the files in core inspec (lib/inspec/resources, docs-chef-io/)
|
26
|
+
# - Add a --template=plural option which changes the templates to use a set of Filtertable based templates
|
27
|
+
# - Add a --template=inherit option which provides a template for inheriting from the core resources
|
28
|
+
# - Add a template=aws
|
29
|
+
# + Generate properties and matchers:
|
30
|
+
# + generate a has_bells? matcher => it { should have_bells }
|
31
|
+
# + generate a is_purple? matcher => it { should be_purple }
|
32
|
+
# + generate a shoe_size => its('shoe_size') { should cmp 10 }
|
33
|
+
# + Generate unit tests for above properties and matchers
|
34
|
+
# + Generate docs for properties and matchers
|
35
|
+
# + Add --overwrite option
|
36
|
+
|
37
|
+
def resource(resource_name)
|
38
|
+
resource_vars_from_opts_resource
|
39
|
+
template_vars = {
|
40
|
+
name: options[:path], # This is used for the path prefix
|
41
|
+
resource_name: resource_name,
|
42
|
+
}
|
43
|
+
template_vars.merge!(options)
|
44
|
+
template_path = File.join("resources", template_vars["template"])
|
45
|
+
|
46
|
+
render_opts = {
|
47
|
+
templates_path: TEMPLATES_PATH,
|
48
|
+
overwrite: options[:overwrite],
|
49
|
+
file_rename_map: make_rename_map_resource(template_vars),
|
50
|
+
}
|
51
|
+
renderer = InspecPlugins::Init::Renderer.new(ui, render_opts)
|
52
|
+
renderer.render_with_values(template_path, "resource", template_vars)
|
53
|
+
end
|
54
|
+
|
55
|
+
private
|
56
|
+
|
57
|
+
def make_rename_map_resource(vars)
|
58
|
+
if vars["layout"] == "resource-pack"
|
59
|
+
{
|
60
|
+
File.join("libraries", "inspec-resource-template.erb") => File.join("libraries", vars[:resource_name] + ".rb"),
|
61
|
+
File.join("docs", "resource-doc.erb") => File.join("docs", vars[:resource_name] + ".md"),
|
62
|
+
File.join("test", "unit", "inspec-resource-test-template.erb") => File.join("test", "unit", vars[:resource_name] + "_test.rb"),
|
63
|
+
}
|
64
|
+
elsif vars["layout"] == "core"
|
65
|
+
{
|
66
|
+
File.join("libraries", "inspec-resource-template.erb") => File.join("lib", "inspec", "resources", vars[:resource_name] + ".rb"),
|
67
|
+
File.join("docs", "resource-doc.erb") => File.join("docs-chef-io", "content", "inspec", "resources", vars[:resource_name] + ".md"),
|
68
|
+
File.join("test", "unit", "inspec-resource-test-template.erb") => File.join("test", "unit", "resources", vars[:resource_name] + "_test.rb"),
|
69
|
+
}
|
70
|
+
else
|
71
|
+
ui.error("Unrecognized value for 'layout' - please enter either 'resource-pack' or 'core'")
|
72
|
+
ui.exit(:usage_error)
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
def resource_vars_from_opts_resource
|
77
|
+
if options[:prompt] && ui.interactive?
|
78
|
+
options.dup.merge(prompt_for_options_resource)
|
79
|
+
elsif !options[:prompt]
|
80
|
+
# Nothing to do - unless we need to calculate dynamic defaults in the future
|
81
|
+
else
|
82
|
+
ui.error("You requested interactive prompting for the template variables, but this does not seem to be an interactive terminal.")
|
83
|
+
ui.exit(:usage_error)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
def prompt_for_options_resource # rubocop: disable Metrics/AbcSize
|
88
|
+
option_defs = self.class.all_commands["resource"].options
|
89
|
+
options_order = {
|
90
|
+
path: {},
|
91
|
+
layout: {
|
92
|
+
mode: :select,
|
93
|
+
choices: [
|
94
|
+
{ name: "Resource Pack", value: "resource-pack", default: true },
|
95
|
+
{ name: "InSpec Core", value: "core" },
|
96
|
+
],
|
97
|
+
},
|
98
|
+
template: {
|
99
|
+
mode: :select,
|
100
|
+
choices: [
|
101
|
+
{ name: "Basic", value: "basic", default: true },
|
102
|
+
{ name: "Plural", value: "plural" },
|
103
|
+
],
|
104
|
+
},
|
105
|
+
supports_platform: {},
|
106
|
+
description: {},
|
107
|
+
class_name: {},
|
108
|
+
}
|
109
|
+
|
110
|
+
options_order.each do |opt_name, prompt_options|
|
111
|
+
opt_def = option_defs[opt_name]
|
112
|
+
|
113
|
+
case prompt_options[:mode]
|
114
|
+
when :select
|
115
|
+
options[opt_name] = ui.prompt.select("Choose " + opt_def.description + ":", prompt_options[:choices])
|
116
|
+
when :multiline
|
117
|
+
options[opt_name] = ui.prompt.multiline("Enter " + opt_def.description + ". Press Control-D to end.", default: options[opt_name])
|
118
|
+
else
|
119
|
+
# Assume plain ask
|
120
|
+
options[opt_name] = ui.prompt.ask("Enter " + opt_def.description + ":", default: options[opt_name])
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
@@ -38,8 +38,8 @@ module InspecPlugins
|
|
38
38
|
full_destination_path = Pathname.new(Dir.pwd).join(relative_destination_path)
|
39
39
|
|
40
40
|
# check that the directory does not exist
|
41
|
-
if File.exist?(full_destination_path) && !overwrite_mode
|
42
|
-
ui.plain_line "#{ui.emphasis(full_destination_path)} exists already, use --overwrite"
|
41
|
+
if File.exist?(full_destination_path) && !overwrite_mode && template_values[:name] != "."
|
42
|
+
ui.plain_line "#{ui.emphasis(full_destination_path)} exists already, use --overwrite or move to #{ui.emphasis(full_destination_path)} to create the resource"
|
43
43
|
ui.exit(:usage_error)
|
44
44
|
end
|
45
45
|
|
@@ -57,18 +57,19 @@ module InspecPlugins
|
|
57
57
|
|
58
58
|
relative_destination_item_path = file_rename_map[relative_destination_item_path] || relative_destination_item_path
|
59
59
|
full_destination_item_path = Pathname.new(full_destination_path).join(relative_destination_item_path)
|
60
|
-
if File.
|
61
|
-
|
62
|
-
|
63
|
-
|
60
|
+
if File.file?(source_file)
|
61
|
+
# Be git-like and only create directories if they contain a file
|
62
|
+
containing_directory = full_destination_item_path.dirname
|
63
|
+
unless File.exist?(containing_directory)
|
64
|
+
ui.list_item "Creating directory #{ui.emphasis(containing_directory)}"
|
65
|
+
FileUtils.mkdir_p(containing_directory)
|
66
|
+
end
|
64
67
|
ui.list_item "Creating file #{ui.emphasis(relative_destination_item_path)}"
|
65
68
|
# read & render content
|
66
69
|
content = render(File.read(source_file), template_values)
|
67
70
|
# write file content
|
68
71
|
|
69
72
|
File.write(full_destination_item_path, content)
|
70
|
-
else
|
71
|
-
ui.warning "Ignoring #{ui.emphasis(source_file)}, because its not an file or directoy"
|
72
73
|
end
|
73
74
|
end
|
74
75
|
|
@@ -66,6 +66,22 @@ module InspecPlugins
|
|
66
66
|
InspecPlugins::<%= module_name %>::Reporter
|
67
67
|
end
|
68
68
|
<% end %>
|
69
|
+
|
70
|
+
<% if activators[:streaming_reporter] %>
|
71
|
+
# Define a new Streaming Reporter.
|
72
|
+
# The argument here will be used to match against the CLI --reporter option.
|
73
|
+
# `--reporter <%= streaming_reporter_name_snake %>` will load your streaming reporter and perform streaming real-time on each passing, failing or pending test.
|
74
|
+
streaming_reporter :<%= streaming_reporter_name_snake %> do
|
75
|
+
# Calling this activator doesn't mean the reporter is being executed - just
|
76
|
+
# that we should be ready to do so. So, load the file that defines the
|
77
|
+
# functionality.
|
78
|
+
require "<%= plugin_name %>/streaming_reporter"
|
79
|
+
|
80
|
+
# Having loaded our functionality, return a class that will let the
|
81
|
+
# reporting engine tap into it.
|
82
|
+
InspecPlugins::<%= module_name %>::StreamingReporter
|
83
|
+
end
|
84
|
+
<% end %>
|
69
85
|
end
|
70
86
|
end
|
71
87
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module InspecPlugins::<%= module_name %>
|
2
|
+
# This class will provide the actual Streaming Reporter implementation.
|
3
|
+
# Its superclass is provided by another call to Inspec.plugin,
|
4
|
+
# this time with two args. The first arg specifies we are requesting
|
5
|
+
# version 2 of the Plugins API. The second says we are making a
|
6
|
+
# Streaming Reporter plugin component, so please make available any DSL needed
|
7
|
+
# for that.
|
8
|
+
|
9
|
+
class StreamingReporter < Inspec.plugin(2, :streaming_reporter)
|
10
|
+
|
11
|
+
# Registering these methods with RSpec::Core::Formatters class is mandatory
|
12
|
+
RSpec::Core::Formatters.register self, :example_passed, :example_failed, :example_pending
|
13
|
+
|
14
|
+
def initialize(output)
|
15
|
+
@output = output
|
16
|
+
end
|
17
|
+
|
18
|
+
def example_passed(notification) # ExampleNotification
|
19
|
+
# some logic to run on passing test case
|
20
|
+
end
|
21
|
+
|
22
|
+
def example_failed(notification) # FailedExampleNotification
|
23
|
+
# some logic to run on failing test case
|
24
|
+
end
|
25
|
+
|
26
|
+
def example_pending(notification) # ExampleNotification
|
27
|
+
# some logic to run on pending test case
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
+++
|
2
|
+
title = "<%= resource_name %> resource"
|
3
|
+
draft = false
|
4
|
+
gh_repo = "inspec"
|
5
|
+
platform = "<%= supports_platform %>"
|
6
|
+
|
7
|
+
[menu]
|
8
|
+
[menu.inspec]
|
9
|
+
title = "<%= resource_name %>"
|
10
|
+
identifier = "inspec/resources/os/<%= resource_name %>.md <%= resource_name %> resource"
|
11
|
+
parent = "inspec/resources/os"
|
12
|
+
+++
|
13
|
+
|
14
|
+
Use the `<%= resource_name %>` Chef InSpec audit resource to test the ...
|
15
|
+
|
16
|
+
|
17
|
+
## Availability
|
18
|
+
|
19
|
+
### Installation
|
20
|
+
|
21
|
+
This resource is distributed along with Chef InSpec itself. You can use it automatically.
|
22
|
+
|
23
|
+
## Syntax
|
24
|
+
|
25
|
+
A `<%= resource_name %>` Chef InSpec audit resource ...
|
26
|
+
|
27
|
+
describe <%= resource_name %> do
|
28
|
+
its('shoe_size') { should cmp 42 }
|
29
|
+
it { should be_purple }
|
30
|
+
it { should have_bells }
|
31
|
+
end
|
32
|
+
where
|
33
|
+
|
34
|
+
- `'shoe_size'` is some property of this resource
|
35
|
+
- `42` is the value to test for shoe size
|
36
|
+
- `be_purple` is a matcher of this resource
|
37
|
+
- `have_bells` is a matcher of this resource
|
38
|
+
|
39
|
+
## Properties
|
40
|
+
|
41
|
+
- Properties of the resources: `shoe_size`
|
42
|
+
|
43
|
+
### shoe_size
|
44
|
+
|
45
|
+
The shoe_size property tests ....
|
46
|
+
|
47
|
+
## Matchers
|
48
|
+
|
49
|
+
For a full list of available matchers, please visit our [matchers page](https://docs.chef.io/inspec/matchers/).
|
50
|
+
|
51
|
+
The specific matchers of this resource are: `be_purple`, `have_bells`
|
52
|
+
|
53
|
+
### be_purple
|
54
|
+
|
55
|
+
The `be_purple` matcher tests the ...:
|
56
|
+
|
57
|
+
it { should be_purple }
|
58
|
+
|
59
|
+
## Examples
|
60
|
+
The following examples show how to use this Chef InSpec audit resource.
|
61
|
+
|
62
|
+
### Example 1
|
63
|
+
|
64
|
+
`shoe_size` returns ...
|
65
|
+
|
66
|
+
describe <%= resource_name %> do
|
67
|
+
its("shoe_size") { should eq 42 }
|
68
|
+
end
|
69
|
+
|
70
|
+
### Example 2
|
71
|
+
|
72
|
+
`be_purple` checks for ...
|
73
|
+
|
74
|
+
describe <%= resource_name %> do
|
75
|
+
it { should be_purple }
|
76
|
+
end
|
77
|
+
|
@@ -0,0 +1,94 @@
|
|
1
|
+
# Uncomment the below lines to add gems and files required by the resource
|
2
|
+
# require ""
|
3
|
+
# require_relative ""
|
4
|
+
|
5
|
+
# Change module if required
|
6
|
+
module Inspec::Resources
|
7
|
+
# Most custom InSpec resource inherit from a dynamic class, InSpec.resource(1).
|
8
|
+
# If you wish to inherit from a core resource, you need to follow special instructions -
|
9
|
+
# see https://www.chef.io/blog/extending-inspec-resources-core-resource-inheritance
|
10
|
+
class <%= class_name %> < Inspec.resource(1)
|
11
|
+
# Every resource requires an internal name.
|
12
|
+
name "<%= resource_name %>"
|
13
|
+
|
14
|
+
# Restrict to only run on the below platforms (if none were given,
|
15
|
+
# all OS's and cloud API's supported)
|
16
|
+
supports platform: "<%= supports_platform %>"
|
17
|
+
|
18
|
+
desc "<%= description %>"
|
19
|
+
|
20
|
+
example <<~EXAMPLE
|
21
|
+
describe "<%= resource_name %>" do
|
22
|
+
its("shoe_size") { should cmp 10 }
|
23
|
+
end
|
24
|
+
describe "<%= resource_name %>" do
|
25
|
+
it { should be_purple }
|
26
|
+
end
|
27
|
+
EXAMPLE
|
28
|
+
|
29
|
+
# Resource initialization. Add any arguments you want to pass to the contructor here.
|
30
|
+
# Anything you pass here will be passed to the "describe" call:
|
31
|
+
# describe <%= resource_name %>(YOUR_PARAMETERS_HERE) do
|
32
|
+
# its("shoe_size") { should cmp 10 }
|
33
|
+
# end
|
34
|
+
def initialize
|
35
|
+
skip_resource "The `<%= resource_name %>` resource is not yet available on your OS." unless inspec.os.<%= supports_platform %>?
|
36
|
+
# Initialize required path/params/configs
|
37
|
+
end
|
38
|
+
|
39
|
+
# Define a resource ID. This is used in reporting engines to uniquely identify the individual resource.
|
40
|
+
# This might be a file path, or a process ID, or a cloud instance ID. Only meaningful to the implementation.
|
41
|
+
# Must be a string. Defaults to the empty string if not implemented.
|
42
|
+
def resource_id
|
43
|
+
# replace value specific unique to this individual resource instance
|
44
|
+
"something special"
|
45
|
+
end
|
46
|
+
|
47
|
+
# Define how you want your resource to appear in test reports. Commonly, this is just the resource name and the resource ID.
|
48
|
+
def to_s
|
49
|
+
"<%= resource_name %> #{resource_id}"
|
50
|
+
end
|
51
|
+
|
52
|
+
# Define matchers. Matchers are predicates - they return true or false.
|
53
|
+
# Matchers also have their names transformed: the question mark is dropped, and
|
54
|
+
# the "is_" prefix becomes "be_". A similar transformation happens for "has_" (see below)
|
55
|
+
# So this will be called as:
|
56
|
+
# describe "<%= resource_name %>" do
|
57
|
+
# it { should be_purple }
|
58
|
+
# end
|
59
|
+
def is_purple?
|
60
|
+
# positive or negative expectations specific to this resource instance
|
61
|
+
true # Purple is the best color
|
62
|
+
end
|
63
|
+
|
64
|
+
# Define matchers. Matchers are predicates - they return true or false.
|
65
|
+
# Matchers also have their names transformed: the question mark is dropped, and
|
66
|
+
# the "has_" prefix becomes "have_".
|
67
|
+
# So this will be called as:
|
68
|
+
# describe "<%= resource_name %>" do
|
69
|
+
# it { should have_bells }
|
70
|
+
# end
|
71
|
+
def has_bells?
|
72
|
+
# positive or negative expectations specific to this resource instance
|
73
|
+
true # Jingle all the way
|
74
|
+
end
|
75
|
+
|
76
|
+
# Define properties. Properties return values for evaluation against operators.
|
77
|
+
# No name transformation occurs. This is called using the "its" facility.
|
78
|
+
# So this will be called as:
|
79
|
+
# describe "<%= resource_name %>" do
|
80
|
+
# its('shoe_size') { should cmp 42 }
|
81
|
+
# end
|
82
|
+
def shoe_size
|
83
|
+
# Implementation of a property specific to this resource
|
84
|
+
42
|
85
|
+
end
|
86
|
+
|
87
|
+
private
|
88
|
+
|
89
|
+
# Methods to help the resource's public methods
|
90
|
+
def helper_method
|
91
|
+
# Add anything you need here
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
@@ -0,0 +1,62 @@
|
|
1
|
+
+++
|
2
|
+
title = "<%= resource_name %> resource"
|
3
|
+
draft = false
|
4
|
+
gh_repo = "inspec"
|
5
|
+
platform = "<%= supports_platform %>"
|
6
|
+
|
7
|
+
[menu]
|
8
|
+
[menu.inspec]
|
9
|
+
title = "<%= resource_name %>"
|
10
|
+
identifier = "inspec/resources/os/<%= resource_name %>.md <%= resource_name %> resource"
|
11
|
+
parent = "inspec/resources/os"
|
12
|
+
+++
|
13
|
+
|
14
|
+
Use the `<%= resource_name %>` Chef InSpec audit resource to test multiple ...
|
15
|
+
|
16
|
+
|
17
|
+
## Availability
|
18
|
+
|
19
|
+
### Installation
|
20
|
+
|
21
|
+
This resource is distributed along with Chef InSpec itself. You can use it automatically.
|
22
|
+
|
23
|
+
## Syntax
|
24
|
+
|
25
|
+
A `<%= resource_name %>` Chef InSpec audit resource tests multiple ...
|
26
|
+
|
27
|
+
describe <%= resource_name %>.where { shoe_size > 10 } do
|
28
|
+
its('count') { should cmp 10 }
|
29
|
+
end
|
30
|
+
|
31
|
+
where
|
32
|
+
|
33
|
+
- `'shoe_size'` is a filter criteria of this resource
|
34
|
+
- `10` is the value to test for shoe size
|
35
|
+
- `count` is the count of matched records
|
36
|
+
|
37
|
+
## Filter Criteria
|
38
|
+
|
39
|
+
### shoe_size
|
40
|
+
|
41
|
+
The shoe_size filter criteria tests ....
|
42
|
+
|
43
|
+
## Properties
|
44
|
+
|
45
|
+
### count
|
46
|
+
|
47
|
+
Returns the number of records matched by the filter criteria.
|
48
|
+
|
49
|
+
describe <%= resource_name %>.where { shoe_size > 10 } do
|
50
|
+
its('count') { should cmp 10 }
|
51
|
+
end
|
52
|
+
|
53
|
+
## Matchers
|
54
|
+
|
55
|
+
### exist
|
56
|
+
|
57
|
+
The control will pass if the filter returns at least one result. Use
|
58
|
+
`should_not` if you expect zero matches.
|
59
|
+
|
60
|
+
describe <%= resource_name %> do
|
61
|
+
it { should exist }
|
62
|
+
end
|