inspec-core 4.56.17 → 5.7.9

data/lib/inspec/schema/primitives.rb

@@ -35,7 +35,7 @@ module Inspec
       # Use this class to quickly add/use object types to/in a definition block
       class SchemaType
         attr_accessor :name, :depends
-        def initialize(name, body, dependencies)
+        def initialize(name, body, dependencies, description = nil)
           # Validate the schema
           Primitives.validate_schema(body)
           # The title of the type
@@ -44,14 +44,17 @@ module Inspec
           @body = body
           # What SchemaType[]s it depends on. In essence, any thing that you .ref in the body
           @depends = Set.new(dependencies)
+          # The description of the type
+          @description = description
         end
 
         # Produce this schema types generated body.
         # Use to actually define the ref!
         def body
           @body.merge({
+              "description" => @description,
               "title" => @name,
-          })
+          }).compact
         end
 
         # Formats this to have a JSON pointer compatible title
@@ -89,22 +92,32 @@ module Inspec
       URL = { "type" => "string" }.freeze
 
       # A controls tags can have any number of properties, and any sorts of values
-      TAGS = { "type" => "object", "additionalProperties" => true }.freeze
+      TAGS = {
+        "type" => "object",
+        "additionalProperties" => true,
+        "description" => "A set of any number of tags - they can have any sort of value and are usually metadata.  Example: 'nist' => ['AC-10'].",
+      }.freeze
 
       # Attributes/Inputs specify the inputs to a profile.
-      INPUT = { "type" => "object", "additionalProperties" => true }.freeze
+      INPUT = {
+        "type" => "object",
+        "additionalProperties" => true,
+        "description" => "An input or attribute used in the run.",
+      }.freeze
 
-      # Within a control file, impacts can be numeric 0-1 or string in [none,low,medium,high,critical]
-      # However, when they are output, the string types are automatically converted as follows:
-      # none      -> 0    to 0.01
-      # low       -> 0.01 to 0.4
-      # medium    -> 0.4  to 0.7
-      # high      -> 0.7  to 0.9
-      # Critical  -> 0.9  to 1.0 (inclusive)
       IMPACT = {
         "type" => "number",
         "minimum" => 0.0,
         "maximum" => 1.0,
+        "description" => %q{
+           Within a control file, impacts can be a decimal number in the range [0,1] or a string that is one of [none,low,medium,high,critical].
+           However, the string will be automatically converted as follows:
+           none      -> 0    to 0.01
+           low       -> 0.01 to 0.4
+           medium    -> 0.4  to 0.7
+           high      -> 0.7  to 0.9
+           critical  -> 0.9  to 1.0
+        },
       }.freeze
 
       # A status for a control
@@ -123,9 +136,9 @@ module Inspec
         "additionalProperties" => true,
         "required" => ["total"],
         "properties" => {
-          "total" => desc(NUMBER, "Total number of controls (in this category) for this inspec execution."),
+          "total" => desc(NUMBER, "The total.  Example: the total number of controls in a given category for a run."),
         },
-      }, [])
+      }, [], "Statistics for a given item, such as the total.")
 
       # Bundles several results statistics, representing distinct groups of controls
       STATISTIC_GROUPING = SchemaType.new("Statistic Hash", {
@@ -133,11 +146,11 @@ module Inspec
         "additionalProperties" => true,
         "required" => [],
         "properties" => {
-            "passed" => STATISTIC_ITEM.ref,
-            "skipped" => STATISTIC_ITEM.ref,
-            "failed" => STATISTIC_ITEM.ref,
+          "passed" => desc(STATISTIC_ITEM.ref, "Statistics for the controls that passed."),
+          "skipped" => desc(STATISTIC_ITEM.ref, "Statistics for the controls that were skipped."),
+          "failed" => desc(STATISTIC_ITEM.ref, "Statistics for the controls that failed."),
         },
-      }, [STATISTIC_ITEM])
+      }, [STATISTIC_ITEM], "Statistics for the control results.")
 
       # Contains statistics of an exec run.
       STATISTICS = SchemaType.new("Statistics", {
@@ -145,10 +158,10 @@ module Inspec
         "additionalProperties" => true,
         "required" => ["duration"],
         "properties" => {
-          "duration" => desc(NUMBER, "How long (in seconds) this inspec exec ran for."),
+          "duration" => desc(NUMBER, "How long (in seconds) this run by the tool was."),
           "controls" => desc(STATISTIC_GROUPING.ref, "Breakdowns of control statistics by result"),
         },
-      }, [STATISTIC_GROUPING])
+      }, [STATISTIC_GROUPING], "Statistics for the run(s) such as how long it took.")
 
       # Profile dependencies
       DEPENDENCY = SchemaType.new("Dependency", {
@@ -156,17 +169,17 @@ module Inspec
         "additionalProperties" => true, # Weird stuff shows up here sometimes
         "required" => [], # Mysteriously even in a run profile we can have no status
         "properties" => {
-          "name" => STRING,
-          "url" => URL,
-          "branch" => STRING,
-          "path" => STRING,
-          "status_message" => STRING,
-          "status" => STRING,
-          "git" => URL,
-          "supermarket" => STRING,
-          "compliance" => STRING,
+          "name" => desc(STRING, "The name/assigned alias."),
+          "url" => desc(URL, "The address of the dependency."),
+          "branch" => desc(STRING, "The branch name for a git repo."),
+          "path" => desc(STRING, "The relative path if the dependency is locally available."),
+          "status_message" => desc(STRING, "The reason for the status if it is 'failed' or 'skipped'."),
+          "status" => desc(STRING, "The status.  Should be: 'loaded', 'failed', or 'skipped'."), # NOTE: enum?
+          "git" => desc(URL, "The location of the git repo.  Example: 'https://github.com/mitre/canonical-ubuntu-18.04-lts-stig-baseline.git'."),
+          "supermarket" => desc(STRING, "The 'user/profilename' attribute for a Supermarket server."),
+          "compliance" => desc(STRING, "The 'user/profilename' attribute for an Automate server."),
         },
-      }, [])
+      }, [], "A dependency for a profile.  Can include relative paths or urls for where to find the dependency.")
 
       # Represents the platform the test was run on
       PLATFORM = SchemaType.new("Platform", {
@@ -176,9 +189,9 @@ module Inspec
         "properties" => {
           "name" => desc(STRING, "The name of the platform this was run on."),
           "release" => desc(STRING, "The version of the platform this was run on."),
-          "target_id" => STRING,
+          "target_id" => desc(STRING, "The id of the target.  Example: the name and version of the operating system were not sufficient to identify the platform so a release identifier can additionally be provided like '21H2' for the release version of MS Windows 10."),
         },
-      }, [])
+      }, [], "Platform information such as its name.")
 
       # Explains what software ran the inspec profile/made this file. Typically inspec but could in theory be a different software
       GENERATOR = SchemaType.new("Generator", {
@@ -186,10 +199,10 @@ module Inspec
         "additionalProperties" => true,
         "required" => %w{name version},
         "properties" => {
-          "name" => desc(STRING, "The name of the software that generated this report."),
-          "version" => desc(STRING, "The version of the software that generated this report."),
+          "name" => desc(STRING, "The name.  Example: Chef Inspec."),
+          "version" => desc(STRING, "The version.  Example: 4.18.108."),
         },
-      }, [])
+      }, [], "The tool that generated this file.  Example: Chef Inspec.")
 
       # Occurs from "exec --reporter json" and "inspec json"
       # Denotes what file this control comes from, and where within
@@ -197,11 +210,11 @@ module Inspec
         "type" => "object",
         "additionalProperties" => true,
         "properties" => {
-          "ref" => desc(STRING, "Path to the file that this statement originates from"),
-          "line" => desc(NUMBER, "The line at which this statement is located in the file"),
+          "ref" => desc(STRING, "Path to the file that this control originates from."),
+          "line" => desc(NUMBER, "The line on which this control is located."),
         },
         "required" => %w{ref line},
-      }, [])
+      }, [], "The explicit location of the control.")
 
       # References an external document
       REFERENCE = SchemaType.new("Reference", {
@@ -211,26 +224,30 @@ module Inspec
             "type" => "object",
             "required" => ["ref"],
             "properties" => { "ref" => STRING },
+            "description" => "A human readable/meaningful reference.  Example: a book title.",
           },
           {
             "type" => "object",
             "required" => ["url"],
-            "properties" => { "url" => STRING },
+            "properties" => { "url" => STRING }, # NOTE: should this be a URL?
+            "description" => "A url pointing at the reference.",
           },
           {
             "type" => "object",
             "required" => ["uri"],
-            "properties" => { "uri" => STRING },
+            "properties" => { "uri" => STRING }, # NOTE: should this be a URL?
+            "description" => "A uri pointing at the reference.",
           },
           # I am of the opinion that this is just an error in the codebase itself. See profiles/wrapper-override to uncover new mysteries!
           {
             "type" => "object",
             "required" => ["ref"],
             "properties" => { "ref" => array(OBJECT) },
+            "description" => "", # TODO: I'm not sure what goes here.  Maybe it's supposed to be objects similar to { "title" => "blah", "text" => "blah" }?
 
           },
         ],
-      }, [])
+      }, [], "A reference to an external document.")
 
       # Represents a group of controls within a profile/.rb file
       CONTROL_GROUP = SchemaType.new("Control Group", {
@@ -238,11 +255,11 @@ module Inspec
         "additionalProperties" => true,
         "required" => %w{id controls},
         "properties" => {
-          "id" => desc(STRING, "The unique identifier of the group"),
-          "title" => desc({ type: %w{string null} }, "The name of the group"),
-          "controls" => desc(array(STRING), "The control IDs in this group"),
+          "id" => desc(STRING, "The unique identifier for the group.  Example: the relative path to the file specifying the controls."),
+          "title" => desc({ type: %w{string null} }, "The title of the group - should be human readable."), # NOTE: pretty unique type like this - wouldn't it be better to have it be a STRING and then continue to not make it required?
+          "controls" => desc(array(STRING), "The set of controls as specified by their ids in this group.  Example: 'V-75443'."),
         },
-      }, [])
+      }, [], "Descriptions for controls in a group, such as the list of all the controls.")
 
       # Occurs from "inspec exec --reporter json" and "inspec json"
       # Represents a platfrom or group of platforms that this profile supports
@@ -251,15 +268,15 @@ module Inspec
         "additionalProperties" => true, # NOTE: This should really be false, and inspec should validate profiles to ensure people don't make dumb mistakes like platform_family
         "required" => [],
         "properties" => {
-          "platform-family" => STRING,
-          "platform-name" => STRING,
-          "platform" => STRING,
-          "release" => STRING,
+          "platform-family" => desc(STRING, "The platform family.  Example: 'redhat'."),
+          "platform-name" => desc(STRING, "The platform name - can include wildcards.  Example: 'debian'."),
+          "platform" => desc(STRING, "The location of the platform.  Can be: 'os', 'aws', 'azure', or 'gcp'."), # NOTE: enum?
+          "release" => desc(STRING, "The release of the platform.  Example: '20.04' for 'ubuntu'."),
           # os-* supports are being deprecated
-          "os-family" => STRING,
-          "os-name" => STRING,
+          "os-family" => desc(STRING, "Deprecated in favor of platform-family."),
+          "os-name" => desc(STRING, "Deprecated in favor of platform-name."),
         },
-      }, [])
+      }, [], "A supported platform target.  Example: the platform name being 'ubuntu'.")
 
     end
   end

data/lib/inspec/schema/profile_json.rb

@@ -8,9 +8,9 @@ module Inspec
       # Represents descriptions. Can have any string => string pairing
       CONTROL_DESCRIPTIONS = Primitives::SchemaType.new("Profile JSON Control Descriptions", {
         "type" => "object",
-        "aditionalProperties" => Primitives::STRING,
+        "additionalProperties" => Primitives::STRING,
         "required" => [],
-      }, [])
+      }, [], "An arbitrary set of descriptions for a control.")
 
       # Represents a control that hasn't been run
       # Differs slightly from a normal control, in that it lacks results, and its descriptions are different
@@ -19,17 +19,17 @@ module Inspec
         "additionalProperties" => true,
         "required" => %w{id title desc impact tags code},
         "properties" => {
-          "id" => Primitives.desc(Primitives::STRING, "The ID of this control"),
-          "title" => { "type" => %w{string null} },
-          "desc" => { "type" => %w{string null} },
-          "descriptions" => CONTROL_DESCRIPTIONS.ref,
-          "impact" => Primitives::IMPACT,
-          "refs" => Primitives.array(Primitives::REFERENCE.ref),
-          "tags" => Primitives::TAGS,
-          "code" => Primitives.desc(Primitives::STRING, "The raw source code of the control. Note that if this is an overlay control, it does not include the underlying source code"),
-          "source_location" => Primitives::SOURCE_LOCATION.ref,
+          "id" => Primitives.desc(Primitives::STRING, "The id."),
+          "title" => Primitives.desc({ "type" => %w{string null} }, "The title - is nullable."),
+          "desc" => Primitives.desc({ "type" => %w{string null} }, "The description for the overarching control."),
+          "descriptions" => Primitives.desc(CONTROL_DESCRIPTIONS.ref, "A set of additional descriptions.  Example: the 'fix' text."),
+          "impact" => Primitives.desc(Primitives::IMPACT, "The impactfulness or severity."),
+          "refs" => Primitives.desc(Primitives.array(Primitives::REFERENCE.ref), "The set of references to external documents."),
+          "tags" => Primitives.desc(Primitives::TAGS, "A set of tags - usually metadata."),
+          "code" => Primitives.desc(Primitives::STRING, "The raw source code of the control. Note that if this is an overlay control, it does not include the underlying source code."),
+          "source_location" => Primitives.desc(Primitives::SOURCE_LOCATION.ref, "The explicit location of the control within the source code."),
         },
-      }, [CONTROL_DESCRIPTIONS, Primitives::REFERENCE, Primitives::SOURCE_LOCATION])
+      }, [CONTROL_DESCRIPTIONS, Primitives::REFERENCE, Primitives::SOURCE_LOCATION], "The set of all tests within the control.")
 
       # A profile that has not been run.
       PROFILE = Primitives::SchemaType.new("Profile JSON Profile", {
@@ -37,24 +37,24 @@ module Inspec
         "additionalProperties" => true, # Anything in the yaml will be put in here. LTTODO: Make this stricter!
         "required" => %w{name supports controls groups sha256},
         "properties" => {
-          "name" => Primitives::STRING,
-          "supports" => Primitives.array(Primitives::SUPPORT.ref),
-          "controls" => Primitives.array(CONTROL.ref),
-          "groups" => Primitives.array(Primitives::CONTROL_GROUP.ref),
-          "inputs" => Primitives.array(Primitives::INPUT),
-          "sha256" => Primitives::STRING,
-          "status" => Primitives::STRING,
-          "generator" => Primitives::GENERATOR.ref,
-          "version" => Primitives::STRING,
+          "name" => Primitives.desc(Primitives::STRING, "The name - must be unique."),
+          "supports" => Primitives.desc(Primitives.array(Primitives::SUPPORT.ref), "The set of supported platform targets."),
+          "controls" => Primitives.desc(Primitives.array(CONTROL.ref), "The set of controls - contains no findings as the assessment has not yet occurred."),
+          "groups" => Primitives.desc(Primitives.array(Primitives::CONTROL_GROUP.ref), "A set of descriptions for the control groups.  Example: the ids of the controls."),
+          "inputs" => Primitives.desc(Primitives.array(Primitives::INPUT), "The input(s) or attribute(s) used to be in the run."),
+          "sha256" => Primitives.desc(Primitives::STRING, "The checksum of the profile."),
+          "status" => Primitives.desc(Primitives::STRING, "The status.  Example: skipped."),
+          "generator" => Primitives.desc(Primitives::GENERATOR.ref, "The tool that generated this file.  Example: Chef Inspec."),
+          "version" => Primitives.desc(Primitives::STRING, "The version of the profile."),
 
           # Other properties possible in inspec docs, but that aren"t guaranteed
-          "title" => Primitives::STRING,
-          "maintainer" => Primitives::STRING,
-          "copyright" => Primitives::STRING,
-          "copyright_email" => Primitives::STRING,
-          "depends" => Primitives.array(Primitives::DEPENDENCY.ref), # Can have depends, but NOT a parentprofile
+          "title" => Primitives.desc(Primitives::STRING, "The title - should be human readable."),
+          "maintainer" => Primitives.desc(Primitives::STRING, "The maintainer(s)."),
+          "copyright" => Primitives.desc(Primitives::STRING, "The copyright holder(s)."),
+          "copyright_email" => Primitives.desc(Primitives::STRING, "The email address or other contract information of the copyright holder(s)."),
+          "depends" => Primitives.desc(Primitives.array(Primitives::DEPENDENCY.ref), "The set of dependencies this profile depends on.  Example: an overlay profile is dependent on another profile."), # Can have depends, but NOT a parentprofile
         },
-      }, [Primitives::SUPPORT, CONTROL, Primitives::CONTROL_GROUP, Primitives::DEPENDENCY, Primitives::GENERATOR])
+      }, [Primitives::SUPPORT, CONTROL, Primitives::CONTROL_GROUP, Primitives::DEPENDENCY, Primitives::GENERATOR], "Information on the set of controls that can be assessed.  Example: it can include the name of the Inspec profile.")
     end
   end
 end

data/lib/inspec/schema.rb

@@ -57,6 +57,7 @@ module Inspec
         "run_time" => { "type" => "number" },
         "start_time" => { "type" => "string" },
         "resource_class" => { "type" => "string", "optional" => true },
+        "resource_id" => { "type" => "string", "optional" => true },
         "skip_message" => { "type" => "string", "optional" => true },
         "resource" => { "type" => "string", "optional" => true },
         "message" => { "type" => "string", "optional" => true },

data/lib/inspec/ui.rb

@@ -30,6 +30,7 @@ module Inspec
     EXIT_USAGE_ERROR = 1
     EXIT_PLUGIN_ERROR = 2
     EXIT_FATAL_DEPRECATION = 3
+    EXIT_GEM_DEPENDENCY_LOAD_ERROR = 4
     EXIT_LICENSE_NOT_ACCEPTED = 172
     EXIT_FAILED_TESTS = 100
     EXIT_SKIPPED_TESTS = 101

data/lib/inspec/utils/deprecated_cloud_resources_list.rb

@@ -0,0 +1,54 @@
+module DeprecatedCloudResourcesList
+  CLOUD_RESOURCES_DEPRECATED = %i{
+    aws_billing_report
+    aws_billing_reports
+    aws_cloudtrail_trail
+    aws_cloudtrail_trails
+    aws_cloudwatch_alarm
+    aws_cloudwatch_log_metric_filter
+    aws_config_delivery_channel
+    aws_config_recorder
+    aws_ec2_instance
+    aws_ebs_volume
+    aws_ebs_volumes
+    aws_flow_log
+    aws_ec2_instances
+    aws_ecs_cluster
+    aws_eks_cluster
+    aws_elb
+    aws_elbs
+    aws_iam_access_key
+    aws_iam_access_keys
+    aws_iam_group
+    aws_iam_groups
+    aws_iam_password_policy
+    aws_iam_policies
+    aws_iam_policy
+    aws_iam_role
+    aws_iam_root_user
+    aws_iam_user
+    aws_iam_users
+    aws_kms_key
+    aws_kms_keys
+    aws_rds_instance
+    aws_route_table
+    aws_route_tables
+    aws_s3_bucket
+    aws_s3_bucket_object
+    aws_s3_buckets
+    aws_security_group
+    aws_security_groups
+    aws_sns_subscription
+    aws_sns_topic
+    aws_sns_topics
+    aws_sqs_queue
+    aws_subnet
+    aws_subnets
+    aws_vpc
+    aws_vpcs
+    azure_generic_resource
+    azure_resource_group
+    azure_virtual_machine
+    azure_virtual_machine_data_disk
+  }.freeze
+end

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.56.17".freeze
+  VERSION = "5.7.9".freeze
 end

data/lib/inspec.rb

@@ -28,3 +28,6 @@ require "inspec/base_cli"
 require "inspec/fetcher"
 require "inspec/source_reader"
 require "inspec/resource"
+
+require "inspec/dependency_loader"
+require "inspec/dependency_installer"

data/lib/plugins/inspec-init/lib/inspec-init/cli.rb

@@ -10,6 +10,7 @@ module InspecPlugins
 
       require_relative "cli_profile"
       require_relative "cli_plugin"
+      require_relative "cli_resource"
     end
   end
 end

data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb

@@ -81,6 +81,7 @@ module InspecPlugins
           File.join("lib", "inspec-plugin-template.erb") => File.join("lib", plugin_name + ".rb"),
           File.join("lib", "inspec-plugin-template", "cli_command.erb") => File.join("lib", plugin_name, "cli_command.rb"),
           File.join("lib", "inspec-plugin-template", "reporter.erb") => File.join("lib", plugin_name, "reporter.rb"),
+          File.join("lib", "inspec-plugin-template", "streaming_reporter.erb") => File.join("lib", plugin_name, "streaming_reporter.rb"),
           File.join("lib", "inspec-plugin-template", "plugin.erb") => File.join("lib", plugin_name, "plugin.rb"),
           File.join("lib", "inspec-plugin-template", "version.erb") => File.join("lib", plugin_name, "version.rb"),
           File.join("test", "functional", "inspec_plugin_template_test.erb") => File.join("test", "functional", snake_case + "_test.rb"),
@@ -183,6 +184,9 @@ module InspecPlugins
         elsif activators_by_type.key?(:reporter)
           vars[:reporter_name_dashes] = activators_by_type[:reporter].tr("_", "-")
           vars[:reporter_name_snake] = activators_by_type[:reporter].tr("-", "_")
+        elsif activators_by_type.key?(:streaming_reporter)
+          vars[:streaming_reporter_name_dashes] = activators_by_type[:streaming_reporter].tr("_", "-")
+          vars[:streaming_reporter_name_snake] = activators_by_type[:streaming_reporter].tr("-", "_")
         end
         vars
       end
@@ -267,6 +271,11 @@ module InspecPlugins
             File.join("lib", "inspec-plugin-template", "reporter.erb"),
           ]
         end
+        unless requested_activators.include?(:streaming_reporter)
+          skips += [
+            File.join("lib", "inspec-plugin-template", "streaming_reporter.erb"),
+          ]
+        end
 
         skips.uniq
       end

data/lib/plugins/inspec-init/lib/inspec-init/cli_resource.rb

@@ -0,0 +1,126 @@
+require_relative "renderer"
+
+module InspecPlugins
+  module Init
+    class CLI < Inspec.plugin(2, :cli_command)
+      #-------------------------------------------------------------------#
+      #                 inspec init resource
+      #-------------------------------------------------------------------#
+      desc "resource RESOURCE_NAME [options]", "Generates an InSpec resource, which can extend the scope of InSpec resources support"
+      # General options
+      option :prompt, type: :boolean, default: true, desc: "Interactively prompt for information to put in your generated resource."
+      option :overwrite, type: :boolean, default: false, desc: "Overwrite existing files"
+      option :layout, type: :string, default: "resource-pack", desc: "File layout, either 'resource-pack' or 'core'"
+      option :template, type: :string, default: "basic", desc: "Which type of resource template to use"
+
+      # Templating vars
+      option :supports_platform, type: :string, default: "linux", desc: "the platform supported by this resource"
+      option :description, type: :string, default: "Resource description ...", desc: "the description of this resource"
+      option :class_name, type: :string, default: "MyCustomResource", desc: "Class Name for your resource."
+      option :path, type: :string, default: ".", desc: "Subdirectory under which to create files"
+
+      # Wishlist:
+      #  Make make_rename_map_resource dynamic:
+      #   + Add a --path option which defaults to ., which will create the tree under that path
+      #   + Add a --layout option which changes all the tree to act as placing the files in core inspec (lib/inspec/resources, docs-chef-io/)
+      #   - Add a --template=plural option which changes the templates to use a set of Filtertable based templates
+      #   - Add a --template=inherit option which provides a template for inheriting from the core resources
+      #   - Add a template=aws
+      #  + Generate properties and matchers:
+      #   + generate a has_bells? matcher => it { should have_bells }
+      #   + generate a is_purple? matcher => it { should be_purple }
+      #   + generate a shoe_size => its('shoe_size') { should cmp 10 }
+      #  + Generate unit tests for above properties and matchers
+      #  + Generate docs for properties and matchers
+      #  + Add --overwrite option
+
+      def resource(resource_name)
+        resource_vars_from_opts_resource
+        template_vars = {
+          name: options[:path], # This is used for the path prefix
+          resource_name: resource_name,
+        }
+        template_vars.merge!(options)
+        template_path = File.join("resources", template_vars["template"])
+
+        render_opts = {
+          templates_path: TEMPLATES_PATH,
+          overwrite: options[:overwrite],
+          file_rename_map: make_rename_map_resource(template_vars),
+        }
+        renderer = InspecPlugins::Init::Renderer.new(ui, render_opts)
+        renderer.render_with_values(template_path, "resource", template_vars)
+      end
+
+      private
+
+      def make_rename_map_resource(vars)
+        if vars["layout"] == "resource-pack"
+          {
+            File.join("libraries", "inspec-resource-template.erb") => File.join("libraries", vars[:resource_name] + ".rb"),
+            File.join("docs", "resource-doc.erb") => File.join("docs", vars[:resource_name] + ".md"),
+            File.join("test", "unit", "inspec-resource-test-template.erb") => File.join("test", "unit", vars[:resource_name] + "_test.rb"),
+          }
+        elsif vars["layout"] == "core"
+          {
+            File.join("libraries", "inspec-resource-template.erb") => File.join("lib", "inspec", "resources", vars[:resource_name] + ".rb"),
+            File.join("docs", "resource-doc.erb") => File.join("docs-chef-io", "content", "inspec", "resources", vars[:resource_name] + ".md"),
+            File.join("test", "unit", "inspec-resource-test-template.erb") => File.join("test", "unit", "resources", vars[:resource_name] + "_test.rb"),
+          }
+        else
+          ui.error("Unrecognized value for 'layout' - please enter either 'resource-pack' or 'core'")
+          ui.exit(:usage_error)
+        end
+      end
+
+      def resource_vars_from_opts_resource
+        if options[:prompt] && ui.interactive?
+          options.dup.merge(prompt_for_options_resource)
+        elsif !options[:prompt]
+          # Nothing to do - unless we need to calculate dynamic defaults in the future
+        else
+          ui.error("You requested interactive prompting for the template variables, but this does not seem to be an interactive terminal.")
+          ui.exit(:usage_error)
+        end
+      end
+
+      def prompt_for_options_resource # rubocop: disable Metrics/AbcSize
+        option_defs = self.class.all_commands["resource"].options
+        options_order = {
+          path: {},
+          layout: {
+            mode: :select,
+            choices: [
+              { name: "Resource Pack", value: "resource-pack", default: true },
+              { name: "InSpec Core", value: "core" },
+            ],
+          },
+          template: {
+            mode: :select,
+            choices: [
+              { name: "Basic", value: "basic", default: true },
+              { name: "Plural", value: "plural" },
+            ],
+          },
+          supports_platform: {},
+          description: {},
+          class_name: {},
+        }
+
+        options_order.each do |opt_name, prompt_options|
+          opt_def = option_defs[opt_name]
+
+          case prompt_options[:mode]
+          when :select
+            options[opt_name] = ui.prompt.select("Choose " + opt_def.description + ":", prompt_options[:choices])
+          when :multiline
+            options[opt_name] = ui.prompt.multiline("Enter " + opt_def.description + ". Press Control-D to end.", default: options[opt_name])
+          else
+            # Assume plain ask
+            options[opt_name] = ui.prompt.ask("Enter " + opt_def.description + ":", default: options[opt_name])
+          end
+        end
+      end
+    end
+  end
+end

data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb

@@ -38,8 +38,8 @@ module InspecPlugins
         full_destination_path = Pathname.new(Dir.pwd).join(relative_destination_path)
 
         # check that the directory does not exist
-        if File.exist?(full_destination_path) && !overwrite_mode
-          ui.plain_line "#{ui.emphasis(full_destination_path)} exists already, use --overwrite"
+        if File.exist?(full_destination_path) && !overwrite_mode && template_values[:name] != "."
+          ui.plain_line "#{ui.emphasis(full_destination_path)} exists already, use --overwrite or move to #{ui.emphasis(full_destination_path)} to create the resource"
           ui.exit(:usage_error)
         end
 
@@ -57,18 +57,19 @@ module InspecPlugins
 
           relative_destination_item_path = file_rename_map[relative_destination_item_path] || relative_destination_item_path
           full_destination_item_path = Pathname.new(full_destination_path).join(relative_destination_item_path)
-          if File.directory?(source_file)
-            ui.list_item "Creating directory #{ui.emphasis(relative_destination_item_path)}"
-            FileUtils.mkdir_p(full_destination_item_path)
-          elsif File.file?(source_file)
+          if File.file?(source_file)
+            # Be git-like and only create directories if they contain a file
+            containing_directory = full_destination_item_path.dirname
+            unless File.exist?(containing_directory)
+              ui.list_item "Creating directory #{ui.emphasis(containing_directory)}"
+              FileUtils.mkdir_p(containing_directory)
+            end
             ui.list_item "Creating file #{ui.emphasis(relative_destination_item_path)}"
             # read & render content
             content = render(File.read(source_file), template_values)
             # write file content
 
             File.write(full_destination_item_path, content)
-          else
-            ui.warning "Ignoring #{ui.emphasis(source_file)}, because its not an file or directoy"
           end
         end
 

data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.erb

@@ -66,6 +66,22 @@ module InspecPlugins
         InspecPlugins::<%= module_name %>::Reporter
       end
       <% end %>
+
+      <% if activators[:streaming_reporter] %>
+      # Define a new Streaming Reporter.
+      # The argument here will be used to match against the CLI --reporter option.
+      # `--reporter <%= streaming_reporter_name_snake %>` will load your streaming reporter and perform streaming real-time on each passing, failing or pending test.
+      streaming_reporter :<%= streaming_reporter_name_snake %> do
+        # Calling this activator doesn't mean the reporter is being executed - just
+        # that we should be ready to do so. So, load the file that defines the
+        # functionality.
+        require "<%= plugin_name %>/streaming_reporter"
+
+        # Having loaded our functionality, return a class that will let the
+        # reporting engine tap into it.
+        InspecPlugins::<%= module_name %>::StreamingReporter
+      end
+      <% end %>
     end
   end
 end