inspec 0.30.0 → 0.31.0

data/test/integration/default/cmp_matcher_spec.rb

@@ -1,115 +0,0 @@
-# encoding: utf-8
-
-if os.linux?
-  # uses the `cmp` matcher instead of the eq matcher
-  describe sshd_config do
-    its('Port') { should eq '22' }
-    its('Port') { should_not eq 22 }
-
-    its('Port') { should cmp '22' }
-    its('Port') { should cmp 22 }
-    its('Port') { should cmp 22.0 }
-    its('Port') { should_not cmp 22.1 }
-
-    its('LogLevel') { should eq 'VERBOSE' }
-    its('LogLevel') { should_not eq 'verbose'}
-
-    its('LogLevel') { should cmp 'VERBOSE' }
-    its('LogLevel') { should cmp 'verbose' }
-    its('LogLevel') { should cmp 'VerBose' }
-  end
-
-  describe passwd.passwords.uniq do
-    it { should eq ['x'] }
-    it { should cmp ['x'] }
-    it { should cmp 'x' }
-  end
-
-  describe passwd.usernames do
-    it { should include 'root' }
-    it { should_not cmp 'root' }
-  end
-
-  len = passwd.passwords.length
-  describe len do
-    it { should cmp len.to_s }
-  end
-
-  describe 122 do
-    it { should cmp 122 }
-    it { should cmp < 133 }
-    it { should cmp > 111 }
-    it { should_not cmp < 122 }
-    it { should_not cmp > 122 }
-    it { should cmp <= 122 }
-    it { should cmp >= 122 }
-    it { should cmp >= -666 }
-    it { should_not cmp <= 111 }
-    it { should_not cmp >= 133 }
-    it { should cmp /122/ }
-    it { should_not cmp /133/ }
-  end
-
-  describe 0o640 do
-    it { should cmp 0o640 }
-    it { should cmp > 100 }
-    it { should_not cmp <= 0 }
-    it { should cmp == '416' }
-    it { should cmp /416$/ }
-  end
-
-  describe '12' do
-    it { should cmp 12 }
-    it { should cmp < 13 }
-    it { should cmp > 11 }
-    it { should_not cmp < 12 }
-    it { should_not cmp > 12 }
-    it { should cmp <= 12 }
-    it { should cmp >= 12 }
-    it { should cmp >= -666 }
-    it { should_not cmp <= 11 }
-    it { should_not cmp >= 13 }
-  end
-
-  # Don't compare octal to number
-  describe '07' do
-    it { should_not cmp 7 }
-  end
-
-  describe 'some 123' do
-    it { should cmp 'some 123' }
-    it { should cmp /^SOME\s\d+(1|2|3)3/i }
-    it { should_not cmp /^SOME/ }
-  end
-
-  describe ['some-array'] do
-    it { should cmp 'some-array' }
-    it { should cmp /.+/ }
-    it { should_not cmp /^SOME/ }
-  end
-
-  describe '' do
-    it { should_not cmp >= 3 }
-    it { should_not cmp < 3 }
-    it { should_not cmp /.+/ }
-  end
-
-  describe nil do
-    it { should cmp nil }
-    it { should_not cmp >= 3 }
-    it { should_not cmp < 3 }
-    it { should_not cmp /something/ }
-  end
-
-  describe true do
-    it { should cmp 'true' }
-    it { should cmp 'True' }
-    it { should cmp true }
-  end
-
-  describe false do
-    it { should cmp 'false' }
-    it { should cmp 'False' }
-    it { should cmp false }
-  end
-end

data/test/integration/default/csv_spec.rb

@@ -1,11 +0,0 @@
-# encoding: utf-8
-
-if os.unix?
-  filename = '/tmp/example.csv'
-else
-  filename = 'c:/windows/temp/example.csv'
-end
-
-describe csv(filename) do
-  its('name') { should eq(['addressable', 'ast', 'astrolabe', 'berkshelf']) }
-end

data/test/integration/default/etc_group_spec.rb

@@ -1,29 +0,0 @@
-# encoding: utf-8
-
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-# lets define our own group
-root_group = 'root'
-
-if os[:family] == 'aix'
-  root_group = 'system'
-elsif os[:family] == 'freebsd'
-  root_group = 'wheel'
-elsif os.solaris?
-  root_group = 'sys'
-end
-
-if os.unix?
-  describe etc_group do
-    its('gids') { should_not contain_duplicates }
-    its('groups') { should include root_group }
-    its('users') { should include 'root' }
-  end
-
-  describe etc_group.where(name: root_group) do
-    its('users') { should include 'root' }
-  end
-end

data/test/integration/default/file_spec.rb

@@ -1,195 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-if os[:family] == 'freebsd'
-  filedata = {
-    user: 'root',
-    group: 'wheel',
-    dir_content: "\u0003\u0000",
-    dir_md5sum: '598f4fe64aefab8f00bcbea4c9239abf',
-    dir_sha256sum: '9b4fb24edd6d1d8830e272398263cdbf026b97392cc35387b991dc0248a628f9',
-  }
-elsif os[:family] == 'aix'
-  filedata = {
-    user: 'root',
-    group: 'system',
-    dir_content: nil,
-    dir_md5sum: nil,
-    dir_sha256sum: nil,
-  }
-elsif os.solaris?
-  filedata = {
-    user: 'root',
-    group: 'sys',
-    dir_content: nil,
-    dir_md5sum: nil,
-    dir_sha256sum: nil,
-  }
-else
-  filedata = {
-    user: 'root',
-    group: 'root',
-    dir_content: nil,
-    dir_md5sum: nil,
-    dir_sha256sum: nil,
-  }
-end
-
-if os.unix?
-
-  # test regular file
-  describe file('/tmp/file') do
-    it { should exist }
-    it { should be_file }
-
-    it { should_not be_directory }
-    it { should_not be_block_device }
-    it { should_not be_character_device }
-    it { should_not be_pipe }
-    it { should_not be_socket }
-    it { should_not be_symlink }
-    it { should_not be_mounted }
-
-    # check owner
-    it { should be_owned_by filedata[:user] }
-    it { should be_grouped_into filedata[:group] }
-
-    # it { should have_mode }
-    its('mode') { should eq 00765 }
-    it { should be_mode 00765 }
-    its('mode') { should cmp 0765 }
-    its('mode') { should_not cmp 0777 }
-    its('suid') { should eq false }
-    its('sgid') { should eq false }
-    its('sticky') { should eq false }
-
-    it { should be_readable }
-    it { should be_readable.by('owner') }
-    it { should be_readable.by('group') }
-    it { should be_readable.by('other') }
-    it { should be_readable.by_user(filedata[:user]) }
-    it { should_not be_readable.by_user('noroot') }
-    # for server spec compatibility
-    it { should be_readable.by('others') }
-
-    it { should be_writable }
-    it { should be_writable.by('owner') }
-    it { should be_writable.by('group') }
-    it { should_not be_writable.by('other') }
-    it { should be_writable.by_user(filedata[:user]) }
-    # it { should_not be_writable.by_user('noroot') }
-    # for server spec compatibility
-    it { should_not be_writable.by('others') }
-
-    it { should be_executable }
-    it { should be_executable.by('owner') }
-    it { should_not be_executable.by('group') }
-    it { should be_executable.by('other') }
-    it { should be_executable.by_user(filedata[:user]) }
-    # it { should_not be_executable.by_user('noroot') }
-    # for server spec compatibility
-    it { should be_executable.by('others') }
-
-    # test extended linux attributes
-    # it { should be_immutable }
-
-    its('content') { should eq 'hello world' }
-    its('content') { should match('world') }
-    its('size') { should eq 11 }
-    its('md5sum') { should eq '5eb63bbbe01eeed093cb22bb8f5acdc3' }
-    its('sha256sum') { should eq 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9' }
-    its('product_version') { should eq nil }
-    its('file_version') { should eq nil }
-    its('basename') { should cmp 'file' }
-    its('path') { should cmp '/tmp/file' }
-
-    its('owner') { should eq filedata[:user] }
-    its('group') { should eq filedata[:group] }
-    its('type') { should eq :file }
-  end
-
-  describe file('/tmp/file') do
-    its('suid') { should eq true }
-    its('sgid') { should eq true }
-    its('sticky') { should eq true }
-  end
-
-  describe file('/tmp/folder') do
-    it { should exist }
-    it { should be_directory }
-
-    it { should_not be_file }
-    it { should_not be_block_device }
-    it { should_not be_character_device }
-    it { should_not be_pipe }
-    it { should_not be_socket }
-    it { should_not be_symlink }
-
-    its('content') { should eq filedata[:dir_content] }
-    its('md5sum') { should eq filedata[:dir_md5sum] }
-    its('sha256sum') { should eq filedata[:dir_sha256sum] }
-    its('product_version') { should eq nil }
-    its('file_version') { should eq nil }
-    its('basename') { should cmp 'folder' }
-    its('path') { should cmp '/tmp/folder' }
-
-    its('owner') { should eq filedata[:user] }
-    its('group') { should eq filedata[:group] }
-    its('type') { should eq :directory }
-  end
-end
-
-# check file mount on linux
-if os.linux?
-  # for server spec compatibility
-  # Do not use `.with` or `.only_with`, this syntax is deprecated and will be removed
-  # in InSpec version 1
-  describe file('/mnt/iso-disk') do
-    it { should be_mounted }
-    it { should be_mounted.with( :type => 'iso9660' ) }
-    it { should be_mounted.with( :type => 'iso9660', :options => { :ro => true } ) }
-    it { should be_mounted.with( :type => 'iso9660', :device => '/tmp/empty.iso' ) }
-    it { should_not be_mounted.with( :type => 'ext4' ) }
-    it { should_not be_mounted.with( :type => 'xfs' ) }
-  end
-
-  # compare with exact match
-  # also see mount_spec.rb
-  describe file('/mnt/iso-disk') do
-    it { should be_mounted.only_with( {
-      :device=>"/tmp/empty.iso",
-      :type=>"iso9660",
-      :options=>{
-        :ro=>true}
-      })
-    }
-  end
-end
-
-if os.windows?
-  describe file('C:\Windows') do
-    it { should exist }
-    it { should be_directory }
-    its('basename') { should cmp 'Windows' }
-    its('path') { should cmp "C:\\Windows" }
-  end
-
-  describe file('C:\\Test Directory\\test file.txt') do
-    it { should exist }
-    it { should be_file }
-  end
-
-  describe file('C:\\Test Directory') do
-    it { should exist }
-    it { should be_directory }
-  end
-
-  describe file("C:/Program Files (x86)/Windows NT/Accessories/wordpad.exe") do
-    it { should exist }
-    # Only works on Windows 2012 R2
-    its('file_version') { should eq '6.3.9600.17415' }
-  end
-end

data/test/integration/default/group_spec.rb

@@ -1,59 +0,0 @@
-# encoding: utf-8
-
-# test root group on linux
-if os.linux?
-  describe group('root') do
-    it { should exist }
-    its('gid') { should eq 0 }
-  end
-
-  describe group('noroot') do
-    it { should_not exist }
-    its('gid') { should eq nil }
-  end
-elsif os[:family] == 'freebsd'
-  describe group('wheel') do
-    it { should exist }
-    its('gid') { should eq 0 }
-  end
-
-  describe group('root') do
-    it { should_not exist }
-    its('gid') { should eq nil }
-  end
-
-  describe group('noroot') do
-    it { should_not exist }
-    its('gid') { should eq nil }
-  end
-elsif os[:family] == 'aix'
-  describe group('system') do
-    it { should exist }
-    its('gid') { should eq 0 }
-  end
-
-  describe group('bin') do
-    it { should exist }
-    its('gid') { should eq 2 }
-  end
-
-  describe group('noroot') do
-    it { should_not exist }
-    its('gid') { should eq nil }
-  end
-elsif os.solaris?
-  describe group('root') do
-    it { should exist }
-    its('gid') { should eq 0 }
-  end
-
-  describe group('bin') do
-    it { should exist }
-    its('gid') { should eq 2 }
-  end
-
-  describe group('noroot') do
-    it { should_not exist }
-    its('gid') { should eq nil }
-  end
-end

data/test/integration/default/ini_spec.rb

@@ -1,11 +0,0 @@
-# encoding: utf-8
-
-if os.unix?
-  filename = '/tmp/example.ini'
-else
-  filename = 'c:/windows/temp/example.ini'
-end
-
-describe ini(filename) do
-  its(['client','port']) { should eq('3306') }
-end

data/test/integration/default/iptables_spec.rb

@@ -1,29 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-case os[:family]
-when 'ubuntu', 'fedora'
-  describe iptables do
-    it { should have_rule('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http on 80" -j ACCEPT') }
-    it { should_not have_rule('-A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT') }
-
-    # single-word comments have their quotes dropped
-    it { should have_rule('-A derby-cognos-web -p tcp -m tcp --dport 80 -m comment --comment derby-cognos-web -j ACCEPT') }
-  end
-when  'rhel', 'centos'
-  describe iptables do
-    it { should have_rule('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http on 80" -j ACCEPT') }
-    it { should_not have_rule('-A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT') }
-  end
-
-  describe iptables do
-    it { should have_rule('-A derby-cognos-web -p tcp -m tcp --dport 80 -m comment --comment "derby-cognos-web" -j ACCEPT') }
-  end if os[:release] == 6
-
-  describe iptables do
-    it { should have_rule('-A derby-cognos-web -p tcp -m tcp --dport 80 -m comment --comment derby-cognos-web -j ACCEPT') }
-  end if os[:release] == 7
-end

data/test/integration/default/json_spec.rb

@@ -1,11 +0,0 @@
-# encoding: utf-8
-
-if os.unix?
-  filename = '/tmp/example.json'
-else
-  filename = 'c:/windows/temp/example.json'
-end
-
-describe json(filename) do
-  its(['cookbook_locks','omnibus','version']) { should eq('2.2.0') }
-end

data/test/integration/default/kernel_module_spec.rb

@@ -1,23 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-if !os.linux?
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__} because we are not on linux.\033[0m"
-  return
-end
-
-# Test kernel modules on all linux systems
-describe kernel_module('video') do
-  it { should be_loaded }
-end
-
-describe kernel_module('bridge') do
-  it { should_not be_loaded }
-end
-
-describe kernel_module('dhcp') do
-  it { should_not be_loaded }
-end

data/test/integration/default/kernel_parameter_spec.rb

@@ -1,60 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-# prepare values
-if ['ubuntu', 'centos', 'fedora', 'opensuse', 'debian'].include?(os[:family])
-  test_values = {
-    kernel_panic: 0,
-    ip_local_port_range: "32768\t61000",
-    forwarding: 0,
-    sched_autogroup_enabled: 1,
-    nf_log: 'NONE',
-  }
-
-  # configue parameter derivations for different OS
-  test_values[:sched_autogroup_enabled] = 0 if ['centos', 'debian'].include?(os[:family])
-
-  if (os[:family] == 'ubuntu' && os[:release].to_f == 10.04) ||
-     (os[:family] == 'debian' && os[:release].to_i == 6) ||
-     (os[:family] == 'centos' && os[:release].to_i == 5) ||
-     (os[:family] == 'opensuse')
-    test_values[:sched_autogroup_enabled] = nil
-  end
-
-  test_values[:nf_log] = nil if os[:family] == 'centos' && os[:release].to_i == 5
-  test_values[:kernel_panic] = 90 if os[:family] == 'opensuse'
-
-else
-  test_values = {}
-end
-
-# test on all linux systems
-if os.linux?
-  describe kernel_parameter('kernel.panic') do
-    its('value') { should eq test_values[:kernel_panic] }
-  end
-
-  describe kernel_parameter('net.netfilter.nf_log.0') do
-    its('value') { should eq test_values[:nf_log] }
-  end
-
-  describe kernel_parameter('kernel.sched_autogroup_enabled') do
-    its('value') { should eq test_values[:sched_autogroup_enabled] }
-  end
-
-  describe kernel_parameter('net.ipv4.ip_local_port_range') do
-    its('value') { should eq test_values[:ip_local_port_range] }
-  end
-
-  describe kernel_parameter('net.ipv4.conf.all.forwarding') do
-    its('value') { should eq test_values[:forwarding] }
-  end
-
-  # serverspec compatability
-  describe linux_kernel_parameter('net.ipv4.conf.all.forwarding') do
-    its('value') { should eq test_values[:forwarding] }
-  end
-end

data/test/integration/default/mount_spec.rb

@@ -1,19 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-if !os.linux?
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__} because we are not on linux.\033[0m"
-  return
-end
-
-# instead of `.with` or `.only_with` we recommend to use the `mount` resource
-describe mount '/mnt/iso-disk' do
-  it { should be_mounted }
-  its('count') { should eq  1 }
-  its('device') { should eq '/tmp/empty.iso' }
-  its('type') { should eq  'iso9660' }
-  its('options') { should eq  ['ro'] }
-end

data/test/integration/default/os_spec.rb

@@ -1,13 +0,0 @@
-# encoding: utf-8
-
-family = os[:family]
-
-# use symbol
-describe os[:family] do
-  it { should eq family }
-end
-
-# use string
-describe os['family'] do
-  it { should eq family }
-end

data/test/integration/default/package_spec.rb

@@ -1,30 +0,0 @@
-# encoding: utf-8
-
-case os[:family]
-when 'centos', 'fedora', 'opensuse', 'debian', 'ubuntu'
-  describe package('curl') do
-    it { should be_installed }
-  end
-when 'aix'
-  describe package('bos.rte') do
-    it { should be_installed }
-    its('version') { should match /^(6|7)[.|\d]+\d$/ }
-  end
-when 'solaris'
-  if os[:release] == '11'
-    pkg = 'system/file-system/zfs'
-    ver = /^0\.5.+$/
-  else
-    pkg = 'SUNWzfsr'
-    ver = /^11\.10.+$/
-  end
-
-  describe package(pkg) do
-    it { should be_installed }
-    its('version') { should match ver }
-  end
-end
-
-describe package('nginx') do
-  it { should_not be_installed }
-end

data/test/integration/default/port_spec.rb

@@ -1,27 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-# check that ssh runs
-if os.unix?
-  describe port(22) do
-    it { should be_listening }
-    its('protocols') { should include('tcp') }
-    its('protocols') { should_not include('udp') }
-  end
-
-  describe port(65432) do
-    it { should_not be_listening }
-  end
-end
-
-# extra test for linux
-if os.linux?
-  describe port(22) do
-    its('processes') { should include 'sshd' }
-    its('protocols') { should include 'tcp' }
-    its('addresses') {should include '0.0.0.0'}
-  end
-end

data/test/integration/default/postgres_session_spec.rb

@@ -1,13 +0,0 @@
-# encoding: utf-8
-if ENV['DOCKER']
-  STDERR.puts "\033[1;33mTODO: Not running #{__FILE__.split("/").last} because we are running in docker\033[0m"
-  return
-end
-
-# postgres-server is installed on these platforms
-if ['ubuntu', 'centos'].include? os['family']
-  postgres = postgres_session('postgres', 'inspec')
-  describe postgres.query('show ssl;') do
-    its('output') { should eq 'on' }
-  end
-end