inspec-core 4.18.51 → 4.18.85

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 91c5fa977076e418e2372d7a78cbc45383cbec50ee57c7126b7625aef4a1a606
-  data.tar.gz: fe4ee768878acdaddf4c933ed0e41f899319fccaff69a19f942ddbbb7771b9a1
+  metadata.gz: 367bf0fb9467148e5434036ec14c7ec9b9b9e560504758e0c72493bacc73270a
+  data.tar.gz: 352392686e13db1a8827f9d7aa29f3961c070fd0b66d7f8cdb7ab88513429f59
 SHA512:
-  metadata.gz: 00c1bfcaef4c1b42f5d16d3d1eab4255a67959b9fd7e6f8c9494fdcd6a324afc20a4059c8c30521036e6a996a839eda354b84194cde32549e63301b4f4a28dfc
-  data.tar.gz: c40df12e404ec13c2fd1ef689e0d59e5ea6435d534763effad5372ce027fa0732e8a19f307b50761da7ecad8f6a438f7c5c4de989d024ba5d5274d7883b97355
+  metadata.gz: 8e237b06411e204f1a811c7cf5707ebed9082084f24e541fc94faea6e2e956ab671c2cdf1ab3ac2388e721129d151d06171791448501a71c760b426c2919567c
+  data.tar.gz: 11bdb33d12ef3890934c17bb5855001de5d0bce259f484e80b15ed3fed2b69639d509baab1a7f4690778c882ea1a11a6b50244a881cb883853eb6bfa77ec0866

data/Gemfile

@@ -0,0 +1,61 @@
+source "https://rubygems.org"
+
+gem "inspec", path: "."
+
+# This dependency is NOT used for normal gem deployment
+# - instead, inspec-bin gemspec-depends on inspec
+#
+# However, AppBundler requires a top-level Gemfile.lock with inspec-bin
+# in it in order to package the executable. Hence the odd backwards dependency.
+gem "inspec-bin", path: "./inspec-bin"
+
+gem "ffi", ">= 1.9.14"
+
+group :omnibus do
+  gem "rb-readline"
+  gem "appbundler"
+  gem "ed25519" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
+  gem "bcrypt_pbkdf" # ed25519 ssh key support done here as its a native gem we can't put in the gemspec
+end
+
+group :test do
+  gem "chefstyle", "~> 0.13.0"
+  gem "minitest", "~> 5.5"
+  gem "minitest-sprint", "~> 1.0"
+  gem "rake", ">= 10"
+  gem "simplecov", "~> 0.10"
+  gem "concurrent-ruby", "~> 1.0"
+  gem "mocha", "~> 1.1"
+  gem "ruby-progressbar", "~> 1.8"
+  gem "webmock", "~> 3.0"
+  gem "m"
+  gem "pry", "~> 0.10"
+  gem "pry-byebug"
+end
+
+group :integration do
+  gem "berkshelf"
+  gem "chef", "< 15"
+  gem "test-kitchen"
+  gem "kitchen-vagrant"
+  gem "kitchen-inspec"
+  gem "kitchen-ec2"
+  gem "kitchen-dokken"
+  gem "git"
+end
+
+# gems for Maintainers.md generation
+group :maintenance do
+  gem "tomlrb"
+
+  # To sync maintainers with github
+  gem "octokit"
+  gem "netrc"
+end
+
+group :deploy do
+  gem "inquirer"
+end
+
+# add these additional dependencies into Gemfile.local
+eval_gemfile(__FILE__ + ".local") if File.exist?(__FILE__ + ".local")

data/README.md

@@ -312,7 +312,7 @@ Remote Targets
 | Oracle Enterprise Linux      | 5, 6, 7                                          | i386, x86_64  |
 | Red Hat Enterprise Linux     | 5, 6, 7                                          | i386, x86_64  |
 | Solaris                      | 10, 11                                           | sparc, x86    |
-| Windows\*                    | 7, 8, 8.1, 10, 2008, 2008R2 , 2012, 2012R2, 2016 | x86, x86_64   |
+| Windows\*                    | 8, 8.1, 10, 2012, 2012R2, 2016                   | x86, x86_64   |
 | Ubuntu Linux                 |                                                  | x86, x86_64   |
 | SUSE Linux Enterprise Server | 11, 12                                           | x86_64        |
 | Scientific Linux             | 5.x, 6.x and 7.x                                 | i386, x86_64  |
@@ -332,7 +332,7 @@ In addition, runtime support is provided for:
 | Debian   | 8, 9     | x86_64 |
 | RHEL     | 6, 7     | x86_64 |
 | Ubuntu   | 12.04+   | x86_64 |
-| Windows  | 7+       | x86_64 |
+| Windows  | 8+       | x86_64 |
 | Windows  | 2012+    | x86_64 |
 
 ## Documentation
@@ -449,7 +449,7 @@ Please see [TESTING_AGAINST_AWS.md](./test/integration/aws/TESTING_AGAINST_AWS.m
 
 Use the rake task `bundle exec rake test:azure` to test the Azure resources against an Azure account.
 
-Please see [TESTING_AGAINST_AZURE.md](./test/integration/aws/TESTING_AGAINST_AZURE.md) for details on how to setup the needed Azure accounts to perform testing.
+Please see [TESTING_AGAINST_AZURE.md](./test/integration/azure/TESTING_AGAINST_AZURE.md) for details on how to setup the needed Azure accounts to perform testing.
 
 ## License
 

data/inspec-core.gemspec

@@ -0,0 +1,51 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "inspec/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "inspec-core"
+  spec.version       = Inspec::VERSION
+  spec.authors       = ["Chef InSpec Team"]
+  spec.email         = ["inspec@chef.io"]
+  spec.summary       = "Infrastructure and compliance testing. Core library."
+  spec.description   = "InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification. This has local support only. See the `inspec` gem for full support."
+  spec.homepage      = "https://github.com/inspec/inspec"
+  spec.license       = "Apache-2.0"
+  spec.require_paths = ["lib"]
+
+  spec.required_ruby_version = "~> 2.4"
+
+  # the gemfile and gemspec are necessary for appbundler so don't remove it
+  spec.files =
+    Dir.glob("{{lib,etc}/**/*,README.md,LICENSE,Gemfile,inspec-core.gemspec}")
+      .grep_v(%r{(?<!inspec-init/templates/profiles/)(aws|azure|gcp)})
+      .grep_v(%r{lib/plugins/.*/test/})
+      .reject { |f| File.directory?(f) }
+
+  # Implementation dependencies
+  spec.add_dependency "chef-telemetry",     "~> 1.0"
+  spec.add_dependency "license-acceptance", ">= 0.2.13", "< 2.0"
+  spec.add_dependency "thor",               ">= 0.20", "< 2.0"
+  spec.add_dependency "json-schema",        "~> 2.8"
+  spec.add_dependency "method_source",      "~> 0.8"
+  spec.add_dependency "rubyzip",            "~> 1.2", ">= 1.2.2"
+  spec.add_dependency "rspec",              "~> 3.9"
+  spec.add_dependency "rspec-its",          "~> 1.2"
+  spec.add_dependency "pry",                "~> 0"
+  spec.add_dependency "hashie",             "~> 3.4"
+  spec.add_dependency "mixlib-log",         "~> 3.0"
+  spec.add_dependency "sslshake",           "~> 1.2"
+  spec.add_dependency "parallel",           "~> 1.9"
+  spec.add_dependency "faraday",            ">= 0.9.0"
+  spec.add_dependency "tty-table",          "~> 0.10"
+  spec.add_dependency "tty-prompt",         "~> 0.17"
+  spec.add_dependency "tomlrb",             "~> 1.2"
+  spec.add_dependency "addressable",        "~> 2.4"
+  spec.add_dependency "parslet",            "~> 1.5"
+  spec.add_dependency "semverse",           "~> 3.0"
+  spec.add_dependency "htmlentities",       "~> 4.3" # TODO: remove when #4853 fixed
+  spec.add_dependency "multipart-post",     "~> 2.0"
+  spec.add_dependency "term-ansicolor",     "~> 1.7"
+
+  spec.add_dependency "train-core", "~> 3.0"
+end

data/lib/bundles/inspec-supermarket/cli.rb

@@ -1,3 +1,4 @@
+require "inspec/plugin/v1"
 require "inspec/base_cli"
 
 module Supermarket

data/lib/inspec/backend.rb

@@ -7,34 +7,19 @@ require "inspec/resource"
 require "inspec/dsl" # for method_missing_resource
 
 module Inspec
-  module Backend
-    module Base
-      attr_accessor :profile
+  class Backend
+    attr_accessor :backend
+    attr_accessor :profile
 
-      # Provide a shorthand to retrieve the inspec version from within a profile
-      #
-      # @return [String] inspec version
-      def version
-        Inspec::VERSION
-      end
-
-      # Determine whether the connection/transport is a local connection
-      # Useful for resources to modify behavior as necessary, such as using
-      # the Ruby stdlib for a better experience.
-      def local_transport?
-        return false unless defined?(Train::Transports::Local)
-
-        backend.is_a?(Train::Transports::Local::Connection)
-      end
+    # Creates a bunch of predefined resource methods based on the
+    # current registry at the time. See #method_missing for what else
+    # can happen.
 
-      # Ruby internal for printing a nice name for this class
-      def to_s
-        "Inspec::Backend::Class"
-      end
-
-      # Ruby internal for pretty-printing a summary for this class
-      def inspect
-        "Inspec::Backend::Class @transport=#{backend.class}"
+    def self.add_resource_methods # TODO: remove
+      Inspec::Resource.registry.each do |id, r|
+        define_method id.to_sym do |*args|
+          r.new(self, id.to_s, *args)
+        end
       end
     end
 
@@ -71,31 +56,48 @@ module Inspec
         connection.disable_cache(:command)
       end
 
-      cls = Class.new do
-        include Base
-
-        define_method :backend do
-          connection
-        end
-
-        def method_missing(id, *args, &blk)
-          Inspec::DSL.method_missing_resource(self, id, *args)
-        rescue LoadError
-          super
-        end
-
-        Inspec::Resource.registry.each do |id, r|
-          define_method id.to_sym do |*args|
-            r.new(self, id.to_s, *args)
-          end
-        end
-      end
-
-      cls.new
+      Inspec::Backend.new(connection)
     rescue Train::ClientError => e
       raise "Client error, can't connect to '#{transport_name}' backend: #{e.message}"
     rescue Train::TransportError => e
       raise "Transport error, can't connect to '#{transport_name}' backend: #{e.message}"
     end
+
+    def initialize(backend)
+      self.backend = backend
+      self.class.add_resource_methods
+    end
+
+    # Provide a shorthand to retrieve the inspec version from within a profile
+    #
+    # @return [String] inspec version
+    def version
+      Inspec::VERSION
+    end
+
+    # Determine whether the connection/transport is a local connection
+    # Useful for resources to modify behavior as necessary, such as using
+    # the Ruby stdlib for a better experience.
+    def local_transport?
+      return false unless defined?(Train::Transports::Local)
+
+      backend.is_a?(Train::Transports::Local::Connection)
+    end
+
+    # Ruby internal for printing a nice name for this class
+    def to_s
+      "Inspec::Backend::Class"
+    end
+
+    # Ruby internal for pretty-printing a summary for this class
+    def inspect
+      "Inspec::Backend::Class @transport=#{backend.class}"
+    end
+
+    def method_missing(id, *args, &blk)
+      Inspec::DSL.method_missing_resource(self, id, *args)
+    rescue LoadError
+      super
+    end
   end
 end

data/lib/inspec/base_cli.rb

@@ -101,7 +101,7 @@ module Inspec
         desc: "Specify which transport to use, defaults to negotiate (WinRM)."
       option :winrm_disable_sspi, type: :boolean,
         desc: "Whether to use disable sspi authentication, defaults to false (WinRM)."
-      option :winrm_basic_auth, type: :boolean,
+      option :winrm_basic_auth_only, type: :boolean,
         desc: "Whether to use basic authentication, defaults to false (WinRM)."
       option :config, type: :string,
         desc: "Read configuration from JSON file (`-` reads from stdin)."
@@ -284,7 +284,7 @@ module Inspec
         return false
       end
 
-      profile_vendor.vendor!
+      profile_vendor.vendor!(opts)
       puts "Dependencies for profile #{profile_path} successfully vendored to #{profile_vendor.cache_path}"
     rescue StandardError => e
       pretty_handle_exception(e)

data/lib/inspec/cached_fetcher.rb

@@ -22,6 +22,10 @@ module Inspec
       @fetcher.resolved_source
     end
 
+    def update_from_opts(_opts)
+      false
+    end
+
     def cache_key
       k = if target.is_a?(Hash)
             target[:sha256] || target[:ref]

data/lib/inspec/cli.rb

@@ -173,6 +173,8 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     desc: "Generates a tar.gz archive."
   option :overwrite, type: :boolean, default: false,
     desc: "Overwrite existing archive."
+  option :airgap, type: :boolean, banner: "",
+    desc: "Fallback to using local archives if fetching fails."
   option :ignore_errors, type: :boolean, default: false,
     desc: "Ignore profile warnings."
   def archive(path)
@@ -327,11 +329,14 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     desc: "A space-delimited list of local folders containing profiles whose libraries and resources will be loaded into the new shell"
   option :distinct_exit, type: :boolean, default: true,
     desc: "Exit with code 100 if any tests fail, and 101 if any are skipped but none failed (default).  If disabled, exit 0 on skips and 1 for failures."
+  option :inspect, type: :boolean, default: false, desc: "Use verbose/debugging output for resources."
   def shell_func
     o = config
     diagnose(o)
     o[:debug_shell] = true
 
+    Inspec::Resource.toggle_inspect unless o[:inspect]
+
     log_device = suppress_log_output?(o) ? nil : $stdout
     o[:logger] = Logger.new(log_device)
     o[:logger].level = get_log_level(o[:log_level])

data/lib/inspec/config.rb

@@ -44,7 +44,7 @@ module Inspec
     # Use this to get a cached version of the config.  This prevents you from
     # being required to pass it around everywhere.
     def self.cached
-      @cached_config
+      @cached_config ||= {}
     end
 
     def self.cached=(cfg)

data/lib/inspec/control_eval_context.rb

@@ -12,236 +12,168 @@ module Inspec
   # etc).
   #
   class ControlEvalContext
-    # Create the context for controls. This includes all components of the DSL,
-    # including matchers and resources.
-    #
-    # @param [ResourcesDSL] resources_dsl which has all resources to attach
-    # @return [RuleContext] the inner context of rules
-    def self.rule_context(resources_dsl, profile_id)
-      Class.new(Inspec::Rule) do
-        include RSpec::Core::DSL
-        with_resource_dsl resources_dsl
-
-        # allow attributes to be accessed within control blocks
-        define_method :input do |input_name, options = {}|
-          if options.empty?
-            # Simply an access, no event here
-            Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
-          else
-            options[:priority] ||= 20
-            options[:provider] = :inline_control_code
-            evt = Inspec::Input.infer_event(options)
-            Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
-          end
-        end
+    include Inspec::DSL
+    include Inspec::DSL::RequireOverride
+
+    attr_accessor :skip_file
+    attr_accessor :profile_context
+    attr_accessor :resources_dsl
+
+    def initialize(profile_context, resources_dsl, backend, conf, dependencies, require_loader, skip_only_if_eval)
+      @profile_context = profile_context
+      @resources_dsl = resources_dsl
+      @backend = backend
+      @conf = conf
+      @dependencies = dependencies
+      @require_loader = require_loader
+      @skip_file_message = nil
+      @skip_file = false
+      @skip_only_if_eval = skip_only_if_eval
+
+      extend resources_dsl # TODO: remove? push to method_missing?
+    end
 
-        # Find the Input object, but don't collapse to a value.
-        # Will return nil on a miss.
-        define_method :input_object do |input_name|
-          Inspec::InputRegistry.find_or_register_input(input_name, profile_id)
-        end
+    alias profile_context_owner profile_context
 
-        define_method :attribute do |name, options = {}|
-          Inspec.deprecate(:attrs_dsl, "Input name: #{name}, Profile: #{profile_id}")
-          input(name, options)
-        end
+    def profile_id
+      profile_context.profile_id
+    end
 
-        # Support for Control DSL plugins.
-        # This is called when an unknown method is encountered
-        # within a control block.
-        def method_missing(method_name, *arguments, &block)
-          # Check to see if there is a control_dsl plugin activator hook with the method name
-          registry = Inspec::Plugin::V2::Registry.instance
-          hook = registry.find_activators(plugin_type: :control_dsl, activator_name: method_name).first
-          if hook
-            # OK, load the hook if it hasn't been already.  We'll then know a module,
-            # which we can then inject into the context
-            hook.activate
-
-            # Inject the module's methods into the context.
-            # implementation_class is the field name, but this is actually a module.
-            self.class.include(hook.implementation_class)
-            # Now that the module is loaded, it defined one or more methods
-            # (presumably the one we were looking for.)
-            # We still haven't called it, so do so now.
-            send(method_name, *arguments, &block)
-          else
-            begin
-              Inspec::DSL.method_missing_resource(inspec, method_name, *arguments)
-            rescue LoadError
-              super
-            end
-          end
-        end
+    def to_s
+      "Control Evaluation Context (#{profile_name})"
+    end
 
-      end
+    def title(arg)
+      profile_context_owner.set_header(:title, arg)
     end
 
-    # Creates the heart of the control eval context:
-    #
-    # An instantiated object which has all resources registered to it
-    # and exposes them to the a test file.
-    #
-    # @param profile_context [Inspec::ProfileContext]
-    # @param outer_dsl [OuterDSLClass]
-    # @return [ProfileContextClass]
-    def self.create(profile_context, resources_dsl) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
-      profile_context_owner = profile_context
-      profile_id = profile_context.profile_id
-      rule_class = rule_context(resources_dsl, profile_id)
-      Class.new do # rubocop:disable Metrics/BlockLength
-        include Inspec::DSL
-        include Inspec::DSL::RequireOverride
-        include resources_dsl
-
-        attr_accessor :skip_file
-
-        def initialize(backend, conf, dependencies, require_loader, skip_only_if_eval)
-          @backend = backend
-          @conf = conf
-          @dependencies = dependencies
-          @require_loader = require_loader
-          @skip_file_message = nil
-          @skip_file = false
-          @skip_only_if_eval = skip_only_if_eval
-        end
+    def profile_name
+      profile_id
+    end
 
-        define_method :title do |arg|
-          profile_context_owner.set_header(:title, arg)
-        end
+    def control(id, opts = {}, &block)
+      opts[:skip_only_if_eval] = @skip_only_if_eval
 
-        def to_s
-          "Control Evaluation Context (#{profile_name})"
-        end
+      register_control(Inspec::Rule.new(id, profile_id, resources_dsl, opts, &block))
+    end
+    alias rule control
 
-        define_method :profile_name do
-          profile_id
-        end
+    # Describe allows users to write rspec-like bare describe
+    # blocks without declaring an inclosing control. Here, we
+    # generate a control for them automatically and then execute
+    # the describe block in the context of that control.
+    #
+    def describe(*args, &block)
+      loc = block_location(block, caller(1..1).first)
+      id = "(generated from #{loc} #{SecureRandom.hex})"
 
-        define_method :control do |*args, &block|
-          id = args[0]
-          opts = args[1] || {}
-          opts[:skip_only_if_eval] = @skip_only_if_eval
-          register_control(rule_class.new(id, profile_id, opts, &block))
-        end
+      res = nil
+      rule = Inspec::Rule.new(id, profile_id, resources_dsl, {}) do
+        res = describe(*args, &block)
+      end
+      register_control(rule, &block)
 
-        #
-        # Describe allows users to write rspec-like bare describe
-        # blocks without declaring an inclosing control. Here, we
-        # generate a control for them automatically and then execute
-        # the describe block in the context of that control.
-        #
-        define_method :describe do |*args, &block|
-          loc = block_location(block, caller(1..1).first)
-          id = "(generated from #{loc} #{SecureRandom.hex})"
-
-          res = nil
-          rule = rule_class.new(id, profile_id, {}) do
-            res = describe(*args, &block)
-          end
-          register_control(rule, &block)
-
-          res
-        end
+      res
+    end
 
-        define_method :add_resource do |name, new_res|
-          resources_dsl.module_exec do
-            define_method name.to_sym do |*args|
-              new_res.new(@backend, name.to_s, *args)
-            end
-          end
+    def add_resource(name, new_res)
+      resources_dsl.module_exec do
+        define_method name.to_sym do |*args|
+          new_res.new(@backend, name.to_s, *args)
         end
+      end
+    end
 
-        define_method :add_resources do |context|
-          self.class.class_eval do
-            include context.to_resources_dsl
-          end
+    def add_resources(context)
+      # # TODO: write real unit tests for this and then make this change:
+      # dsl = context.to_resources_dsl
+      # self.class.include dsl
+      # Inspec::Rule.include dsl
 
-          rule_class.class_eval do
-            include context.to_resources_dsl
-          end
-        end
+      self.class.class_eval do
+        include context.to_resources_dsl
+      end
 
-        define_method :add_subcontext do |context|
-          profile_context_owner.add_subcontext(context)
-        end
+      # TODO: seriously consider getting rid of the NPM model
+      extend context.to_resources_dsl
+    end
 
-        define_method :register_control do |control, &block|
-          if @skip_file
-            ::Inspec::Rule.set_skip_rule(control, true, @skip_file_message)
-          end
+    def add_subcontext(context)
+      profile_context_owner.add_subcontext(context)
+    end
 
-          unless profile_context_owner.profile_supports_platform?
-            platform = inspec.platform
-            msg = "Profile `#{profile_context_owner.profile_id}` is not supported on platform #{platform.name}/#{platform.release}."
-            ::Inspec::Rule.set_skip_rule(control, true, msg)
-          end
+    def register_control(control, &block)
+      if @skip_file
+        ::Inspec::Rule.set_skip_rule(control, true, @skip_file_message)
+      end
 
-          unless profile_context_owner.profile_supports_inspec_version?
-            msg = "Profile `#{profile_context_owner.profile_id}` is not supported on InSpec version (#{Inspec::VERSION})."
-            ::Inspec::Rule.set_skip_rule(control, true, msg)
-          end
+      unless profile_context_owner.profile_supports_platform?
+        platform = inspec.platform
+        msg = "Profile `#{profile_id}` is not supported on platform #{platform.name}/#{platform.release}."
+        ::Inspec::Rule.set_skip_rule(control, true, msg)
+      end
 
-          profile_context_owner.register_rule(control, &block) unless control.nil?
-        end
+      unless profile_context_owner.profile_supports_inspec_version?
+        msg = "Profile `#{profile_id}` is not supported on InSpec version (#{Inspec::VERSION})."
+        ::Inspec::Rule.set_skip_rule(control, true, msg)
+      end
 
-        define_method :input do |input_name, options = {}|
-          if options.empty?
-            # Simply an access, no event here
-            Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
-          else
-            options[:priority] ||= 20
-            options[:provider] = :inline_control_code
-            evt = Inspec::Input.infer_event(options)
-            Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
-          end
-        end
+      profile_context_owner.register_rule(control, &block) unless control.nil?
+    end
 
-        # Find the Input object, but don't collapse to a value.
-        # Will return nil on a miss.
-        define_method :input_object do |input_name|
-          Inspec::InputRegistry.find_or_register_input(input_name, profile_id)
-        end
+    def input(input_name, options = {})
+      if options.empty?
+        # Simply an access, no event here
+        Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
+      else
+        options[:priority] ||= 20
+        options[:provider] = :inline_control_code
+        evt = Inspec::Input.infer_event(options)
+        Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
+      end
+    end
 
-        define_method :attribute do |name, options = {}|
-          Inspec.deprecate(:attrs_dsl, "Input name: #{name}, Profile: #{profile_id}")
-          input(name, options)
-        end
+    # Find the Input object, but don't collapse to a value.
+    # Will return nil on a miss.
+    def input_object(input_name)
+      Inspec::InputRegistry.find_or_register_input(input_name, profile_id)
+    end
 
-        define_method :skip_control do |id|
-          profile_context_owner.unregister_rule(id)
-        end
+    def attribute(name, options = {})
+      Inspec.deprecate(:attrs_dsl, "Input name: #{name}, Profile: #{profile_id}")
+      input(name, options)
+    end
 
-        define_method :only_if do |message = nil, &block|
-          return unless block
-          return if @skip_file == true
-          return if @skip_only_if_eval == true
+    def skip_control(id)
+      profile_context_owner.unregister_rule(id)
+    end
+    alias skip_rule skip_control
 
-          return if block.yield == true
+    def only_if(message = nil, &block)
+      return unless block
+      return if @skip_file == true
+      return if @skip_only_if_eval == true
 
-          # Apply `set_skip_rule` for other rules in the same file
-          profile_context_owner.rules.values.each do |r|
-            sources_match = r.source_file == block.source_location[0]
-            Inspec::Rule.set_skip_rule(r, true, message) if sources_match
-          end
+      return if block.yield == true
 
-          @skip_file_message = message
-          @skip_file = true
-        end
+      # Apply `set_skip_rule` for other rules in the same file
+      profile_context_owner.rules.values.each do |r|
+        sources_match = r.source_file == block.source_location[0]
+        Inspec::Rule.set_skip_rule(r, true, message) if sources_match
+      end
 
-        alias_method :rule, :control
-        alias_method :skip_rule, :skip_control
+      @skip_file_message = message
+      @skip_file = true
+    end
 
-        private
+    private
 
-        def block_location(block, alternate_caller)
-          if block.nil?
-            alternate_caller[/^(.+:\d+):in .+$/, 1] || "unknown"
-          else
-            path, line = block.source_location
-            "#{File.basename(path)}:#{line}"
-          end
-        end
+    def block_location(block, alternate_caller)
+      if block.nil?
+        alternate_caller[/^(.+:\d+):in .+$/, 1] || "unknown"
+      else
+        path, line = block.source_location
+        "#{File.basename(path)}:#{line}"
       end
     end
   end