inspec 0.14.8 → 0.15.0

data/lib/inspec/runner_rspec.rb

@@ -76,6 +76,7 @@ module Inspec
     # @return [nil]
     def configure_output
       RSpec.configuration.add_formatter(@conf['format'] || 'progress')
+      RSpec.configuration.color = @conf['color']
 
       setup_reporting if @conf['report']
     end

data/lib/inspec/version.rb

@@ -3,5 +3,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '0.14.8'.freeze
+  VERSION = '0.15.0'.freeze
 end

data/lib/resources/apache.rb

@@ -4,26 +4,28 @@
 # author: Dominik Richter
 # license: All rights reserved
 
-class Apache < Inspec.resource(1)
-  name 'apache'
+module Inspec::Resources
+  class Apache < Inspec.resource(1)
+    name 'apache'
 
-  attr_reader :service, :conf_dir, :conf_path, :user
-  def initialize
-    case inspec.os[:family]
-    when 'ubuntu', 'debian'
-      @service = 'apache2'
-      @conf_dir = '/etc/apache2/'
-      @conf_path = File.join @conf_dir, 'apache2.conf'
-      @user = 'www-data'
-    else
-      @service = 'httpd'
-      @conf_dir = '/etc/httpd/'
-      @conf_path = File.join @conf_dir, '/conf/httpd.conf'
-      @user = 'apache'
+    attr_reader :service, :conf_dir, :conf_path, :user
+    def initialize
+      case inspec.os[:family]
+      when 'ubuntu', 'debian'
+        @service = 'apache2'
+        @conf_dir = '/etc/apache2/'
+        @conf_path = File.join @conf_dir, 'apache2.conf'
+        @user = 'www-data'
+      else
+        @service = 'httpd'
+        @conf_dir = '/etc/httpd/'
+        @conf_path = File.join @conf_dir, '/conf/httpd.conf'
+        @user = 'apache'
+      end
     end
-  end
 
-  def to_s
-    'Apache Environment'
+    def to_s
+      'Apache Environment'
+    end
   end
 end

data/lib/resources/apache_conf.rb

@@ -7,118 +7,120 @@
 require 'utils/simpleconfig'
 require 'utils/find_files'
 
-class ApacheConf < Inspec.resource(1)
-  name 'apache_conf'
-  desc 'Use the apache_conf InSpec audit resource to test the configuration settings for Apache. This file is typically located under /etc/apache2 on the Debian and Ubuntu platforms and under /etc/httpd on the Fedora, CentOS, Red Hat Enterprise Linux, and Arch Linux platforms. The configuration settings may vary significantly from platform to platform.'
-  example "
-    describe apache_conf do
-      its('setting_name') { should eq 'value' }
-    end
-  "
+module Inspec::Resources
+  class ApacheConf < Inspec.resource(1)
+    name 'apache_conf'
+    desc 'Use the apache_conf InSpec audit resource to test the configuration settings for Apache. This file is typically located under /etc/apache2 on the Debian and Ubuntu platforms and under /etc/httpd on the Fedora, CentOS, Red Hat Enterprise Linux, and Arch Linux platforms. The configuration settings may vary significantly from platform to platform.'
+    example "
+      describe apache_conf do
+        its('setting_name') { should eq 'value' }
+      end
+    "
 
-  include FindFiles
+    include FindFiles
 
-  def initialize(conf_path = nil)
-    @conf_path = conf_path || inspec.apache.conf_path
-    @conf_dir = File.dirname(@conf_path)
-    @files_contents = {}
-    @content = nil
-    @params = nil
-    read_content
-  end
+    def initialize(conf_path = nil)
+      @conf_path = conf_path || inspec.apache.conf_path
+      @conf_dir = File.dirname(@conf_path)
+      @files_contents = {}
+      @content = nil
+      @params = nil
+      read_content
+    end
 
-  def content
-    @content ||= read_content
-  end
+    def content
+      @content ||= read_content
+    end
 
-  def params(*opts)
-    @params || read_content
-    res = @params
-    opts.each do |opt|
-      res = res[opt] unless res.nil?
+    def params(*opts)
+      @params || read_content
+      res = @params
+      opts.each do |opt|
+        res = res[opt] unless res.nil?
+      end
+      res
     end
-    res
-  end
 
-  def method_missing(name)
-    # ensure params are loaded
-    @params || read_content
+    def method_missing(name)
+      # ensure params are loaded
+      @params || read_content
 
-    # extract values
-    @params[name.to_s] unless @params.nil?
-  end
+      # extract values
+      @params[name.to_s] unless @params.nil?
+    end
 
-  def filter_comments(data)
-    content = ''
-    data.each_line do |line|
-      if !line.match(/^\s*#/)
-        content << line
+    def filter_comments(data)
+      content = ''
+      data.each_line do |line|
+        if !line.match(/^\s*#/)
+          content << line
+        end
       end
+      content
     end
-    content
-  end
 
-  def read_content
-    @content = ''
-    @params = {}
+    def read_content
+      @content = ''
+      @params = {}
 
-    # skip if the main configuration file doesn't exist
-    file = inspec.file(@conf_path)
-    if !file.file?
-      return skip_resource "Can't find file \"#{@conf_path}\""
-    end
+      # skip if the main configuration file doesn't exist
+      file = inspec.file(@conf_path)
+      if !file.file?
+        return skip_resource "Can't find file \"#{@conf_path}\""
+      end
 
-    raw_conf = file.content
-    if raw_conf.empty? && file.size > 0
-      return skip_resource("Can't read file \"#{@conf_path}\"")
-    end
+      raw_conf = file.content
+      if raw_conf.empty? && file.size > 0
+        return skip_resource("Can't read file \"#{@conf_path}\"")
+      end
 
-    to_read = [@conf_path]
-    until to_read.empty?
-      raw_conf = read_file(to_read[0])
-      @content += raw_conf
-
-      # parse include file parameters
-      params = SimpleConfig.new(
-        raw_conf,
-        assignment_re: /^\s*(\S+)\s+(.*)\s*$/,
-        multiple_values: true,
-      ).params
-      @params.merge!(params)
-
-      to_read = to_read.drop(1)
-      to_read += include_files(params).find_all do |fp|
-        not @files_contents.key? fp
+      to_read = [@conf_path]
+      until to_read.empty?
+        raw_conf = read_file(to_read[0])
+        @content += raw_conf
+
+        # parse include file parameters
+        params = SimpleConfig.new(
+          raw_conf,
+          assignment_re: /^\s*(\S+)\s+(.*)\s*$/,
+          multiple_values: true,
+        ).params
+        @params.merge!(params)
+
+        to_read = to_read.drop(1)
+        to_read += include_files(params).find_all do |fp|
+          not @files_contents.key? fp
+        end
       end
+
+      # fiter comments
+      @content = filter_comments @content
+      @content
     end
 
-    # fiter comments
-    @content = filter_comments @content
-    @content
-  end
+    def include_files(params)
+      # see if there is more config files to include
+      include_files = params['Include'] || []
+      include_files_optional = params['IncludeOptional'] || []
 
-  def include_files(params)
-    # see if there is more config files to include
-    include_files = params['Include'] || []
-    include_files_optional = params['IncludeOptional'] || []
+      includes = []
+      (include_files + include_files_optional).each do |f|
+        id = File.join(@conf_dir, f)
+        files = find_files(id, depth: 1, type: 'file')
 
-    includes = []
-    (include_files + include_files_optional).each do |f|
-      id = File.join(@conf_dir, f)
-      files = find_files(id, depth: 1, type: 'file')
+        includes.push(files) if files
+      end
 
-      includes.push(files) if files
+      # [].flatten! == nil
+      includes.flatten! || []
     end
 
-    # [].flatten! == nil
-    includes.flatten! || []
-  end
-
-  def read_file(path)
-    @files_contents[path] ||= inspec.file(path).content
-  end
+    def read_file(path)
+      @files_contents[path] ||= inspec.file(path).content
+    end
 
-  def to_s
-    "Apache Config #{@conf_path}"
+    def to_s
+      "Apache Config #{@conf_path}"
+    end
   end
 end

data/lib/resources/apt.rb

@@ -28,120 +28,122 @@
 
 require 'uri'
 
-class AptRepository < Inspec.resource(1)
-  name 'apt'
-  desc 'Use the apt InSpec audit resource to verify Apt repositories on the Debian and Ubuntu platforms, and also PPA repositories on the Ubuntu platform.'
-  example "
-    describe apt('nginx/stable') do
-      it { should exist }
-      it { should be_enabled }
+module Inspec::Resources
+  class AptRepository < Inspec.resource(1)
+    name 'apt'
+    desc 'Use the apt InSpec audit resource to verify Apt repositories on the Debian and Ubuntu platforms, and also PPA repositories on the Ubuntu platform.'
+    example "
+      describe apt('nginx/stable') do
+        it { should exist }
+        it { should be_enabled }
+      end
+    "
+
+    def initialize(ppa_name)
+      @deb_url = nil
+      # check if the os is ubuntu or debian
+      if inspec.os.debian?
+        @deb_url = determine_ppa_url(ppa_name)
+      else
+        # this resource is only supported on ubuntu and debian
+        skip_resource 'The `apt` resource is not supported on your OS yet.'
+      end
     end
-  "
-
-  def initialize(ppa_name)
-    @deb_url = nil
-    # check if the os is ubuntu or debian
-    if inspec.os.debian?
-      @deb_url = determine_ppa_url(ppa_name)
-    else
-      # this resource is only supported on ubuntu and debian
-      skip_resource 'The `apt` resource is not supported on your OS yet.'
-    end
-  end
 
-  def exists?
-    find_repo.count > 0
-  end
+    def exists?
+      find_repo.count > 0
+    end
 
-  def enabled?
-    return false if find_repo.count == 0
-    actives = find_repo.map { |repo| repo[:active] }
-    actives = actives.uniq
-    actives.size == 1 && actives[0] = true
-  end
+    def enabled?
+      return false if find_repo.count == 0
+      actives = find_repo.map { |repo| repo[:active] }
+      actives = actives.uniq
+      actives.size == 1 && actives[0] = true
+    end
 
-  def to_s
-    "Apt Repository #{@deb_url}"
-  end
+    def to_s
+      "Apt Repository #{@deb_url}"
+    end
 
-  private
+    private
 
-  def find_repo
-    read_debs.select { |repo| repo[:url] == @deb_url && repo[:type] == 'deb' }
-  end
+    def find_repo
+      read_debs.select { |repo| repo[:url] == @deb_url && repo[:type] == 'deb' }
+    end
 
-  HTTP_URL_RE = /\A#{URI::DEFAULT_PARSER.make_regexp(%w{http https})}\z/
+    HTTP_URL_RE = /\A#{URI::DEFAULT_PARSER.make_regexp(%w{http https})}\z/
 
-  # read
-  def read_debs
-    return @repo_cache if defined?(@repo_cache)
+    # read
+    def read_debs
+      return @repo_cache if defined?(@repo_cache)
 
-    # load all lists
-    cmd = inspec.command("find /etc/apt/ -name \*.list -exec sh -c 'cat {} || echo -n' \\;")
+      # load all lists
+      cmd = inspec.command("find /etc/apt/ -name \*.list -exec sh -c 'cat {} || echo -n' \\;")
 
-    # @see https://help.ubuntu.com/community/Repositories/CommandLine#Explanation_of_the_Repository_Format
-    @repo_cache = cmd.stdout.chomp.split("\n").each_with_object([]) do |raw_line, lines|
-      active = true
+      # @see https://help.ubuntu.com/community/Repositories/CommandLine#Explanation_of_the_Repository_Format
+      @repo_cache = cmd.stdout.chomp.split("\n").each_with_object([]) do |raw_line, lines|
+        active = true
 
-      # detect if the repo is commented out
-      line = raw_line.gsub(/^(#\s*)*/, '')
-      active = false if raw_line != line
+        # detect if the repo is commented out
+        line = raw_line.gsub(/^(#\s*)*/, '')
+        active = false if raw_line != line
 
-      # eg.: deb http://archive.ubuntu.com/ubuntu/ wily main restricted
-      parse_repo = /^\s*(\S+)\s+"?([^ "\t\r\n\f]+)"?\s+(\S+)\s+(.*)$/.match(line)
+        # eg.: deb http://archive.ubuntu.com/ubuntu/ wily main restricted
+        parse_repo = /^\s*(\S+)\s+"?([^ "\t\r\n\f]+)"?\s+(\S+)\s+(.*)$/.match(line)
 
-      # check if we got any result and the second param is an url
-      next if parse_repo.nil? || !parse_repo[2] =~ HTTP_URL_RE
+        # check if we got any result and the second param is an url
+        next if parse_repo.nil? || !parse_repo[2] =~ HTTP_URL_RE
 
-      # map data
-      repo = {
-        type: parse_repo[1],
-        url: parse_repo[2],
-        distro: parse_repo[3],
-        components: parse_repo[4].chomp.split(' '),
-        active: active,
-      }
-      next unless ['deb', 'deb-src'].include? repo[:type]
+        # map data
+        repo = {
+          type: parse_repo[1],
+          url: parse_repo[2],
+          distro: parse_repo[3],
+          components: parse_repo[4].chomp.split(' '),
+          active: active,
+        }
+        next unless ['deb', 'deb-src'].include? repo[:type]
 
-      lines.push(repo)
+        lines.push(repo)
+      end
     end
-  end
 
-  # resolves ppa urls
-  # @see http://bazaar.launchpad.net/~ubuntu-core-dev/software-properties/main/view/head:/softwareproperties/ppa.py
-  def determine_ppa_url(ppa_url)
-    # verify if we have the url already, then just return
-    return ppa_url if ppa_url =~ HTTP_URL_RE
-    # otherwise start generating the ppa url
+    # resolves ppa urls
+    # @see http://bazaar.launchpad.net/~ubuntu-core-dev/software-properties/main/view/head:/softwareproperties/ppa.py
+    def determine_ppa_url(ppa_url)
+      # verify if we have the url already, then just return
+      return ppa_url if ppa_url =~ HTTP_URL_RE
+      # otherwise start generating the ppa url
 
-    # special care if the name stats with :
-    ppa_url = ppa_url.split(':')[1] if ppa_url.start_with?('ppa:')
+      # special care if the name stats with :
+      ppa_url = ppa_url.split(':')[1] if ppa_url.start_with?('ppa:')
 
-    # parse ppa owner and repo
-    ppa_owner, ppa_repo = ppa_url.split('/')
-    ppa_repo = 'ppa' if ppa_repo.nil?
+      # parse ppa owner and repo
+      ppa_owner, ppa_repo = ppa_url.split('/')
+      ppa_repo = 'ppa' if ppa_repo.nil?
 
-    # construct new ppa url and return it
-    format('http://ppa.launchpad.net/%s/%s/ubuntu', ppa_owner, ppa_repo)
+      # construct new ppa url and return it
+      format('http://ppa.launchpad.net/%s/%s/ubuntu', ppa_owner, ppa_repo)
+    end
   end
-end
 
-# for compatability with serverspec
-# this is deprecated syntax and will be removed in future versions
-class PpaRepository < AptRepository
-  name 'ppa'
+  # for compatability with serverspec
+  # this is deprecated syntax and will be removed in future versions
+  class PpaRepository < AptRepository
+    name 'ppa'
 
-  def exists?
-    deprecated
-    super()
-  end
+    def exists?
+      deprecated
+      super()
+    end
 
-  def enabled?
-    deprecated
-    super()
-  end
+    def enabled?
+      deprecated
+      super()
+    end
 
-  def deprecated
-    warn '[DEPRECATION] `ppa(reponame)` is deprecated.  Please use `apt(reponame)` instead.'
+    def deprecated
+      warn '[DEPRECATION] `ppa(reponame)` is deprecated.  Please use `apt(reponame)` instead.'
+    end
   end
 end