inspec 0.20.1 → 0.21.0

data/test/functional/inspec_exec_test.rb

@@ -22,15 +22,13 @@ describe 'inspec exec' do
     out.stdout.must_include '1 example, 0 failures'
   end
 
-  it 'can execute the profile with the json formatter' do
-    out = inspec('exec ' + example_profile + ' --format json')
+  it 'can execute the profile with the mini json formatter' do
+    out = inspec('exec ' + example_profile + ' --format json-min')
     out.stderr.must_equal ''
     out.exit_status.must_equal 0
     JSON.load(out.stdout).must_be_kind_of Hash
   end
 
-  let(:example_control) { File.join(example_profile, 'controls', 'example.rb') }
-
   it 'can execute a simple file with the default formatter' do
     out = inspec('exec ' + example_control)
     out.stderr.must_equal ''
@@ -38,126 +36,45 @@ describe 'inspec exec' do
     out.stdout.must_include '2 examples, 0 failures'
   end
 
-  it 'can execute a simple file with the json formatter' do
-    out = inspec('exec ' + example_control + ' --format json')
-    out.stderr.must_equal ''
-    out.exit_status.must_equal 0
-    JSON.load(out.stdout).must_be_kind_of Hash
-  end
-
-  it 'can execute a simple file with the fulljson formatter' do
-    out = inspec('exec ' + example_control + ' --format fulljson')
+  it 'can execute a simple file with the mini json formatter' do
+    out = inspec('exec ' + example_control + ' --format json-min')
     out.stderr.must_equal ''
     out.exit_status.must_equal 0
     JSON.load(out.stdout).must_be_kind_of Hash
   end
 
-  describe 'execute a profile with json formatting' do
-    let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format json').stdout) }
-    let(:examples) { json['examples'] }
-    let(:ex1) { examples.find{|x| x['id'] == 'tmp-1.0'} }
-    let(:ex2) { examples.find{|x| x['id'] =~ /generated/} }
-    let(:ex3) { examples.find{|x| x['id'] == 'gordon-1.0'} }
-
-    it 'must have 5 examples' do
-      json['examples'].length.must_equal 5
-    end
-
-    it 'id in json' do
-      examples.find { |ex| !ex.key? 'id' }.must_be :nil?
-    end
-
-    it 'impact in json' do
-      ex1['impact'].must_equal 0.7
-      ex2['impact'].must_be :nil?
-    end
-
-    it 'status in json' do
-      ex1['status'].must_equal 'passed'
-      ex3['status'].must_equal 'pending'
-    end
-
-    it 'pending message in json' do
-      ex1['pending_message'].must_be :nil?
-      ex3['pending_message'].must_equal 'Not yet implemented'
-    end
-  end
-
-  describe 'execute a profile with fulljson formatting' do
-    let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format fulljson').stdout) }
-    let(:examples) { json['examples'] }
-    let(:metadata) { json['profiles'][0] }
-    let(:ex1) { examples.find{|x| x['id'] == 'tmp-1.0'} }
-    let(:ex2) { examples.find{|x| x['id'] =~ /generated/} }
-    let(:ex3) { examples.find{|x| x['id'] == 'gordon-1.0'} }
-
-    it 'has all the metadata' do
-      metadata.must_equal({
-        "name" => "profile",
-        "title" => "InSpec Example Profile",
-        "maintainer" => "Chef Software, Inc.",
-        "copyright" => "Chef Software, Inc.",
-        "copyright_email" => "support@chef.io",
-        "license" => "Apache 2 license",
-        "summary" => "Demonstrates the use of InSpec Compliance Profile",
-        "version" => "1.0.0",
-        "supports" => [{"os-family" => "unix"}]
-      })
-    end
+  describe 'execute a profile with mini json formatting' do
+    let(:json) { JSON.load(inspec('exec ' + example_profile + ' --format json-min').stdout) }
+    let(:controls) { json['controls'] }
+    let(:ex1) { controls.find{|x| x['id'] == 'tmp-1.0'} }
+    let(:ex2) { controls.find{|x| x['id'] =~ /generated/} }
+    let(:ex3) { controls.find{|x| x['id'] == 'gordon-1.0'} }
 
     it 'must have 5 examples' do
-      json['examples'].length.must_equal 5
+      json['controls'].length.must_equal 5
     end
 
-    it 'id in json' do
-      examples.find { |ex| !ex.key? 'id' }.must_be :nil?
+    it 'has an id' do
+      controls.find { |ex| !ex.key? 'id' }.must_be :nil?
     end
 
-    it 'title in json' do
-      ex3['title'].must_equal 'Verify the version number of Gordon'
+    it 'has a profile_id' do
+      controls.find { |ex| !ex.key? 'profile_id' }.must_be :nil?
     end
 
-    it 'desc in json' do
-      ex3['desc'].must_equal 'An optional description...'
+    it 'has a code_desc' do
+      ex1['code_desc'].must_equal 'File /tmp should be directory'
+      controls.find { |ex| !ex.key? 'code_desc' }.must_be :nil?
     end
 
-    it 'code in json' do
-      ex3['code'].wont_be :nil?
-    end
-
-    it 'code_desc in json' do
-      ex3['code_desc'].wont_be :nil?
-    end
-
-    it 'impact in json' do
-      ex1['impact'].must_equal 0.7
-      ex2['impact'].must_be :nil?
-    end
-
-    it 'status in json' do
+    it 'has a status' do
       ex1['status'].must_equal 'passed'
-      ex3['status'].must_equal 'pending'
+      ex3['status'].must_equal 'skipped'
     end
 
-    it 'ref in json' do
-      ex1['ref'].must_match %r{examples/profile/controls/example.rb$}
-    end
-
-    it 'ref_line in json' do
-      ex1['ref_line'].must_equal 16
-    end
-
-    it 'run_time in json' do
-      ex1['run_time'].wont_be :nil?
-    end
-
-    it 'start_time in json' do
-      ex1['start_time'].wont_be :nil?
-    end
-
-    it 'pending message in json' do
-      ex1['pending'].must_be :nil?
-      ex3['pending'].must_equal "Can't find file \"/tmp/gordon/config.yaml\""
+    it 'has a skip_message' do
+      ex1['skip_message'].must_be :nil?
+      ex3['skip_message'].must_equal "Can't find file \"/tmp/gordon/config.yaml\""
     end
   end
 
@@ -171,17 +88,6 @@ describe 'inspec exec' do
     end
   end
 
-  describe 'with a profile that is not supported on this OS/platform' do
-    let(:out) { inspec('exec ' + File.join(profile_path, 'skippy-profile-os') + ' --format fulljson') }
-    let(:json) { JSON.load(out.stdout) }
-
-    # TODO: failure handling in json formatters...
-
-    it 'never runs the actual resource' do
-      File.exist?('/tmp/inspec_test_DONT_CREATE').must_equal false
-    end
-  end
-
   describe 'with a profile that is supported on this version of inspec' do
     let(:out) { inspec('exec ' + File.join(profile_path, 'supported_inspec')) }
 

data/test/functional/{inspec_json_test.rb → inspec_json_profile_test.rb}

@@ -42,36 +42,36 @@ describe 'inspec json' do
       json['copyright'].must_equal 'Chef Software, Inc.'
     end
 
-    it 'has rules' do
-      json['rules'].length.must_equal 3 # TODO: flatten out or search deeper!
+    it 'has controls' do
+      json['controls'].length.must_equal 4
     end
 
-    describe 'a rule' do
-      let(:rule) { json['rules']['controls/example.rb']['rules']['tmp-1.0'] }
+    describe 'a control' do
+      let(:control) { json['controls']['tmp-1.0'] }
 
       it 'has a title' do
-        rule['title'].must_equal 'Create /tmp directory'
+        control['title'].must_equal 'Create /tmp directory'
       end
 
       it 'has a description' do
-        rule['desc'].must_equal 'An optional description...'
+        control['desc'].must_equal 'An optional description...'
       end
 
       it 'has an impact' do
-        rule['impact'].must_equal 0.7
+        control['impact'].must_equal 0.7
       end
 
       it 'has a ref' do
-        rule['refs'].must_equal([{'ref' => 'Document A-12', 'url' => 'http://...'}])
+        control['refs'].must_equal([{'ref' => 'Document A-12', 'url' => 'http://...'}])
       end
 
       it 'has a source location' do
         loc = File.join(example_profile, '/controls/example.rb')
-        rule['source_location'].must_equal [loc, 8]
+        control['source_location'].must_equal [loc, 8]
       end
 
       it 'has a the source code' do
-        rule['code'].must_match /\Acontrol \"tmp-1.0\" do.*end\n\Z/m
+        control['code'].must_match /\Acontrol \"tmp-1.0\" do.*end\n\Z/m
       end
     end
   end
@@ -86,10 +86,8 @@ describe 'inspec json' do
 
     it 'only has one control included' do
       json = JSON.load(out.stdout)
-      grps = json['rules']
-      grps.keys.must_equal ['controls/example.rb']
-      rules = grps.values[0]['rules']
-      rules.keys.must_equal ['tmp-1.0']
+      json['controls'].keys.must_equal %w{tmp-1.0}
+      json['groups'].keys.must_equal %w{controls/example.rb}
     end
   end
 
@@ -99,6 +97,6 @@ describe 'inspec json' do
     out.exit_status.must_equal 0
     hm = JSON.load(File.read(dst.path))
     hm['name'].must_equal 'profile'
-    hm['rules'].length.must_equal 3 # TODO: flatten out or search deeper!
+    hm['controls'].length.must_equal 4
   end
 end

data/test/functional/inspec_test.rb

@@ -7,9 +7,9 @@ require 'functional/helper'
 describe 'command tests' do
   include FunctionalHelper
 
-  describe 'detect' do
+  describe 'detect with json' do
     it 'runs well on all nodes' do
-      out = inspec('detect')
+      out = inspec('detect --format json')
       out.stderr.must_equal ''
       out.exit_status.must_equal 0
       j = JSON.load(out.stdout)
@@ -20,6 +20,19 @@ describe 'command tests' do
     end
   end
 
+  describe 'detect without json' do
+    it 'runs well on all nodes' do
+      out = inspec('detect')
+      out.stderr.must_equal ''
+      out.exit_status.must_equal 0
+      std = out.stdout
+      std.must_include 'Name:'
+      std.must_include 'Family:'
+      std.must_include 'Arch:'
+      std.must_include 'Release:'
+    end
+  end
+
   describe 'cmd' do
     it 'can run arbitrary ruby' do
       x = rand

data/test/helper.rb

@@ -246,7 +246,11 @@ class MockLoader
       #user info on hpux
       "logins -x -l root" => cmd.call('logins-x'),
       #packages on hpux
-      "swlist -l product | grep vim" => cmd.call('swlist-l-product')
+      "swlist -l product | grep vim" => cmd.call('swlist-l-product'),
+      # ipv4 ports on hpux
+      'netstat -an -f inet' => cmd.call('hpux-netstat-inet'),
+      #ipv6 ports on hpux
+      'netstat -an -f inet6' => cmd.call('hpux-netstat-inet6'),
     }
 
     @backend

data/test/integration/default/auditd_rules_spec.rb

@@ -4,7 +4,7 @@
 return unless os[:family] == 'centos'
 
 describe auditd_rules.syscall('open') do
-  its(:action) { should eq(['always']) }
+  its('action') { should eq(['always']) }
 end
 
 describe auditd_rules.syscall('open').action do
@@ -12,7 +12,7 @@ describe auditd_rules.syscall('open').action do
 end
 
 describe auditd_rules.key('sshd_config') do
-  its(:permissions) { should contain_match(/x/) }
+  its('permissions') { should contain_match(/x/) }
 end
 
 describe auditd_rules.file('/etc/ssh/sshd_config').permissions do
@@ -20,7 +20,7 @@ describe auditd_rules.file('/etc/ssh/sshd_config').permissions do
 end
 
 describe auditd_rules do
-  its(:lines) { should contain_match(%r{-w /etc/ssh/sshd_config/}) }
+  its('lines') { should contain_match(%r{-w /etc/ssh/sshd_config/}) }
 end
 
 describe auditd_rules.syscall('open').action('always').list do

data/test/integration/default/kernel_parameter_spec.rb

@@ -30,27 +30,27 @@ end
 # test on all linux systems
 if os.linux?
   describe kernel_parameter('kernel.panic') do
-    its(:value) { should eq test_values[:kernel_panic] }
+    its('value') { should eq test_values[:kernel_panic] }
   end
 
   describe kernel_parameter('net.netfilter.nf_log.0') do
-    its(:value) { should eq test_values[:nf_log] }
+    its('value') { should eq test_values[:nf_log] }
   end
 
   describe kernel_parameter('kernel.sched_autogroup_enabled') do
-    its(:value) { should eq test_values[:sched_autogroup_enabled] }
+    its('value') { should eq test_values[:sched_autogroup_enabled] }
   end
 
   describe kernel_parameter('net.ipv4.ip_local_port_range') do
-    its(:value) { should eq test_values[:ip_local_port_range] }
+    its('value') { should eq test_values[:ip_local_port_range] }
   end
 
   describe kernel_parameter('net.ipv4.conf.all.forwarding') do
-    its(:value) { should eq test_values[:forwarding] }
+    its('value') { should eq test_values[:forwarding] }
   end
 
   # serverspec compatability
   describe linux_kernel_parameter('net.ipv4.conf.all.forwarding') do
-    its(:value) { should eq test_values[:forwarding] }
+    its('value') { should eq test_values[:forwarding] }
   end
 end

data/test/integration/default/service_spec.rb

@@ -89,6 +89,9 @@ if os[:family] == 'centos' && os[:release].to_i >= 6
     it { should be_enabled }
     it { should be_installed }
     it { should be_running }
+    its('type') { should be 'upstart' }
+    its('name') { should be 'upstart-enabled-and-running' }
+    its('description') { should be nil }
   end
 
   describe upstart_service('upstart-enabled-not-running') do
@@ -101,6 +104,7 @@ if os[:family] == 'centos' && os[:release].to_i >= 6
     it { should_not be_enabled }
     it { should_not be_installed }
     it { should_not be_running }
+    its('type') { should be nil }
   end
 end
 

data/test/resource/command_test.rb

@@ -3,21 +3,21 @@
 # author: Christoph Hartmann
 
 describe command('echo hello') do
-  its(:stdout) { should eq "hello\n" }
-  its(:stderr) { should eq '' }
-  its(:exit_status) { should eq 0 }
+  its('stdout') { should eq "hello\n" }
+  its('stderr') { should eq '' }
+  its('exit_status') { should eq 0 }
 end
 
 describe command('>&2 echo error') do
-  its(:stdout) { should eq '' }
-  its(:stderr) { should eq "error\n" }
-  its(:exit_status) { should eq 0 }
+  its('stdout') { should eq '' }
+  its('stderr') { should eq "error\n" }
+  its('exit_status') { should eq 0 }
 end
 
 describe command('exit 123') do
-  its(:stdout) { should eq '' }
-  its(:stderr) { should eq '' }
-  its(:exit_status) { should eq 123 }
+  its('stdout') { should eq '' }
+  its('stderr') { should eq '' }
+  its('exit_status') { should eq 123 }
 end
 
 describe command('/bin/sh').exist? do

data/test/resource/dsl_test.rb

@@ -3,7 +3,7 @@
 # author: Christoph Hartmann
 
 describe command('echo hello') do
-  its(:stdout) { should eq "hello\n" }
+  its('stdout') { should eq "hello\n" }
 end
 
 describe 'describe + it + expect' do

data/test/resource/file_test.rb

@@ -11,18 +11,18 @@ describe file('/tmpest') do
 end
 
 describe file('/tmp') do
-  its(:type) { should eq :directory }
+  its('type') { should eq :directory }
   it { should be_directory }
 end
 
 describe file('/proc/version') do
-  its(:type) { should eq :file }
+  its('type') { should eq :file }
   it { should be_file }
   it { should_not be_directory }
 end
 
 describe file('/dev/stdout') do
-  its(:type) { should eq :pipe }
+  its('type') { should eq :pipe }
   its('source.type') { should eq :symlink }
   it { should be_symlink }
   it { should be_pipe }
@@ -31,29 +31,29 @@ describe file('/dev/stdout') do
 end
 
 describe file('/dev/zero') do
-  its(:type) { should eq :character_device }
+  its('type') { should eq :character_device }
   it { should be_character_device }
   it { should_not be_file }
   it { should_not be_directory }
 end
 
 # describe file('...') do
-#   its(:type) { should eq :block_device }
+#   its('type') { should eq :block_device }
 #   it { should be_block_device }
 # end
 
 # describe file('...') do
-#   its(:type) { should eq :socket }
+#   its('type') { should eq :socket }
 #   it { should be_socket }
 # end
 
 # describe file('...') do
-#   its(:type) { should eq :pipe }
+#   its('type') { should eq :pipe }
 #   it { should be_pipe }
 # end
 
 describe file('/dev') do
-  its(:mode) { should eq 00755 }
+  its('mode') { should eq 00755 }
 end
 
 describe file('/dev') do
@@ -61,7 +61,7 @@ describe file('/dev') do
 end
 
 describe file('/root') do
-  its(:owner) { should eq 'root' }
+  its('owner') { should eq 'root' }
 end
 
 describe file('/dev') do
@@ -69,7 +69,7 @@ describe file('/dev') do
 end
 
 describe file('/root') do
-  its(:group) { should eq 'root' }
+  its('group') { should eq 'root' }
 end
 
 describe file('/dev') do
@@ -77,7 +77,7 @@ describe file('/dev') do
 end
 
 describe file('/dev/kcore') do
-  its(:link_path) { should eq '/proc/kcore' }
+  its('link_path') { should eq '/proc/kcore' }
 end
 
 describe file('/dev/kcore') do
@@ -85,7 +85,7 @@ describe file('/dev/kcore') do
 end
 
 describe file('/proc/cpuinfo') do
-  its(:content) { should match /^processor/ }
+  its('content') { should match /^processor/ }
 end
 
 describe file('/').mtime.to_i do
@@ -94,12 +94,12 @@ describe file('/').mtime.to_i do
 end
 
 describe file('/') do
-  its(:size) { should be > 64 }
-  its(:size) { should be < 10240 }
+  its('size') { should be > 64 }
+  its('size') { should be < 10240 }
 end
 
 describe file('/proc/cpuinfo') do
-  its(:size) { should be 0 }
+  its('size') { should be 0 }
 end
 
 # @TODO selinux_label
@@ -123,10 +123,10 @@ cpuinfo = file('/proc/cpuinfo').content
 
 md5sum = Digest::MD5.hexdigest(cpuinfo)
 describe file('/proc/cpuinfo') do
-  its(:md5sum) { should eq md5sum }
+  its('md5sum') { should eq md5sum }
 end
 
 sha256sum = Digest::SHA256.hexdigest(cpuinfo)
 describe file('/proc/cpuinfo') do
-  its(:sha256sum) { should eq sha256sum }
+  its('sha256sum') { should eq sha256sum }
 end