inspec 0.9.0

data/test/unit/resources/kernel_parameter_test.rb

@@ -0,0 +1,13 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::KernelParameter' do
+  it 'verify kernel_parameter parsing' do
+    resource = load_resource('kernel_parameter', 'net.ipv4.conf.all.forwarding')
+    _(resource.value).must_equal 1
+  end
+end

data/test/unit/resources/limits_conf_test.rb

@@ -0,0 +1,14 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::LimitsConf' do
+  it 'verify limits.conf config parsing' do
+    resource = load_resource('limits_conf')
+    _(resource.send('*')).must_equal [['soft', 'core', '0'], ['hard', 'rss', '10000']]
+    _(resource.send('ftp')).must_equal [["hard", "nproc", "0"]]
+  end
+end

data/test/unit/resources/login_def_test.rb

@@ -0,0 +1,16 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::LoginDef' do
+  it 'verify login.def config parsing' do
+    resource = load_resource('login_defs')
+    _(resource.UMASK).must_equal '022'
+    _(resource.PASS_MIN_DAYS).must_equal '0'
+    _(resource.PASS_WARN_AGE).must_equal '7'
+    _(resource.USERDEL_CMD).must_equal nil
+  end
+end

data/test/unit/resources/mysql_conf_test.rb

@@ -0,0 +1,14 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+
+describe 'Inspec::Resources::MysqlConf' do
+  it 'verify mysql.conf config parsing' do
+    resource = load_resource('mysql_conf', '/etc/mysql/my.cnf')
+    _(resource.client['port']).must_equal '3306'
+    _(resource.mysqld['user']).must_equal 'mysql'
+    _(resource.mysqld['key_buffer_size']).must_equal '16M'
+  end
+end

data/test/unit/resources/npm_test.rb

@@ -0,0 +1,20 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Npm' do
+  it 'verify npm package detail parsing' do
+    resource = load_resource('npm', 'bower')
+    pkg = {
+      name: 'bower',
+      version: '1.4.1',
+      type: 'npm',
+      installed: true,
+    }
+    _(resource.installed?).must_equal true
+    _(resource.info).must_equal pkg
+  end
+end

data/test/unit/resources/ntp_conf_test.rb

@@ -0,0 +1,16 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::NtpConf' do
+  it 'verify ntp config parsing' do
+    resource = load_resource('ntp_conf')
+    _(resource.driftfile).must_equal '/var/lib/ntp/ntp.drift'
+    _(resource.server).must_equal %w{
+      0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org
+    }
+  end
+end

data/test/unit/resources/oneget_test.rb

@@ -0,0 +1,45 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::OneGet' do
+
+  it 'verify oneget package detail parsing' do
+    resource = MockLoader.new(:windows).load_resource('oneget', 'Mozilla Firefox')
+    pkg = {
+      name: 'Mozilla Firefox 40.0.3 (x86 en-US)',
+      version: '40.0.3',
+      type: 'oneget',
+      installed: true,
+    }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '40.0.3'
+    _(resource.info).must_equal pkg
+  end
+
+  # catch cases where we recieve multiple return values
+  # eg. happens if you do 'choco install ruby'
+  it 'filter dups of Get-Package' do
+    resource = MockLoader.new(:windows).load_resource('oneget', 'Ruby 2.1.6-p336-x64')
+    pkg = {
+      name: 'Ruby 2.1.6-p336-x64',
+      version: '2.1.6-p336',
+      type: 'oneget',
+      installed: true,
+    }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '2.1.6-p336'
+    _(resource.info).must_equal pkg
+  end
+
+  it 'should skip on linux' do
+    resource = MockLoader.new(:centos7).load_resource('oneget', 'Not available')
+    pkg = { type: 'oneget', installed: false }
+    _(resource.installed?).must_equal false
+    _(resource.version).must_equal nil
+    _(resource.info).must_equal pkg
+  end
+end

data/test/unit/resources/os_env_test.rb

@@ -0,0 +1,13 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::OsEnv' do
+  it 'verify ntp config parsing' do
+    resource = load_resource('os_env', 'PATH')
+    _(resource.split).must_equal %w{/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin}
+  end
+end

data/test/unit/resources/package_test.rb

@@ -0,0 +1,51 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Package' do
+  # arch linux
+  it 'verify arch linux package parsing' do
+    resource = MockLoader.new(:arch).load_resource('package', 'curl')
+    pkg = { name: 'curl', installed: true, version: '7.37.0-1', type: 'pacman' }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '7.37.0-1'
+    _(resource.info).must_equal pkg
+  end
+
+  # ubuntu
+  it 'verify ubuntu package parsing' do
+    resource = MockLoader.new(:ubuntu1404).load_resource('package', 'curl')
+    pkg = { name: 'curl', installed: true, version: '7.35.0-1ubuntu2', type: 'deb' }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '7.35.0-1ubuntu2'
+    _(resource.info).must_equal pkg
+  end
+
+  # centos
+  it 'verify centos package parsing' do
+    resource = MockLoader.new(:centos7).load_resource('package', 'curl')
+    pkg = { name: 'curl', installed: true, version: '7.29.0', type: 'rpm' }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '7.29.0'
+    _(resource.info).must_equal pkg
+  end
+
+  # windows
+  it 'verify windows package parsing' do
+    resource = MockLoader.new(:windows).load_resource('package', 'Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161')
+    pkg = { name: 'Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161', installed: true, version: '9.0.30729.6161', type: 'windows' }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '9.0.30729.6161'
+    _(resource.info).must_equal pkg
+  end
+
+  # undefined
+  it 'verify package handling on unsupported os' do
+    resource = MockLoader.new(:undefined).load_resource('package', 'curl')
+    _(resource.installed?).must_equal false
+    _(resource.info).must_equal nil
+  end
+end

data/test/unit/resources/passwd_test.rb

@@ -0,0 +1,24 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Passwd' do
+  it 'verify passwd parsing' do
+    resource = load_resource('passwd')
+    _(resource.usernames).must_equal %w{root www-data}
+    _(resource.uids).must_equal %w{0 33}
+
+    # verify root passwd resource
+    root = resource.uid(0)
+    _(root.username).must_equal 'root'
+    _(root.count).must_equal 1
+
+    # verify www-data resource
+    www = resource.uid(33)
+    _(www.username).must_equal 'www-data'
+    _(www.count).must_equal 1
+  end
+end

data/test/unit/resources/pip_test.rb

@@ -0,0 +1,15 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Pip' do
+  it 'verify pip package detail parsing' do
+    resource = load_resource('pip', 'jinja2')
+    pkg = {:name=>'Jinja2', :installed=>true, :version=>'2.8', :type=>'pip'}
+    _(resource.installed?).must_equal true
+    _(resource.info).must_equal pkg
+  end
+end

data/test/unit/resources/port_test.rb

@@ -0,0 +1,46 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Port' do
+  it 'verify port on Ubuntu 14.04' do
+    resource = MockLoader.new(:ubuntu1404).load_resource('port', 22)
+    _(resource.listening?).must_equal true
+    _(resource.protocol).must_equal %w{ tcp tcp6 }
+    _(resource.pid).must_equal [1]
+    _(resource.process).must_equal ['sshd']
+  end
+
+  it 'verify port on MacOs x' do
+    resource = MockLoader.new(:osx104).load_resource('port', 2022)
+    _(resource.listening?).must_equal true
+    _(resource.protocol).must_equal ['tcp']
+    _(resource.process).must_equal ['VBoxHeadl']
+  end
+
+  it 'verify port on Windows' do
+    resource = MockLoader.new(:windows).load_resource('port', 135)
+    _(resource.listening?).must_equal true
+    _(resource.protocol).must_equal ['tcp']
+    _(resource.process).must_equal nil
+  end
+
+  it 'verify port on FreeBSD' do
+    resource = MockLoader.new(:freebsd10).load_resource('port', 22)
+    _(resource.listening?).must_equal true
+    _(resource.protocol).must_equal %w{ tcp6 tcp }
+    _(resource.pid).must_equal [668]
+    _(resource.process).must_equal ['sshd']
+  end
+
+  it 'verify running on undefined' do
+    resource = MockLoader.new(:undefined).load_resource('port', 22)
+    _(resource.listening?).must_equal false
+    _(resource.protocol).must_equal nil
+    _(resource.pid).must_equal nil
+    _(resource.process).must_equal nil
+  end
+end

data/test/unit/resources/processes_test.rb

@@ -0,0 +1,32 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Processes' do
+  it 'handles empty process results' do
+    resource = load_resource('processes', 'nothing')
+    _(resource.list).must_equal []
+  end
+
+  it 'verify processes resource' do
+    resource = load_resource('processes', '/bin/bash')
+    _(resource.list).must_equal [{
+      user: 'root',
+      pid: '1',
+      cpu: '0.0',
+      mem: '0.0',
+      vsz: '18084',
+      rss: '3228',
+      tty: '?',
+      stat: 'Ss',
+      start: '14:15',
+      time: '0:00',
+      command: '/bin/bash',
+    }]
+
+    _(resource.list.length).must_equal 1
+  end
+end

data/test/unit/resources/registry_key_test.rb

@@ -0,0 +1,19 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::RegistryKey' do
+  let(:resource) { load_resource('registry_key', 'Task Scheduler', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') }
+  let(:resource_without_name) { load_resource('registry_key', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') }
+
+  it 'read reg key with human readable name' do
+    _(resource.Start).must_equal 2
+  end
+
+  it 'read reg key without human readable name' do
+    _(resource_without_name.Start).must_equal 2
+  end
+end

data/test/unit/resources/script_test.rb

@@ -0,0 +1,19 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Script' do
+
+  ps1_script = <<-EOH
+    # call help for get command
+    Get-Help Get-Command
+  EOH
+
+  it 'check if script for windows is properly generated ' do
+    resource = MockLoader.new(:windows).load_resource('script', ps1_script)
+    _(resource.command).must_equal 'powershell -encodedCommand IAAgACAAIAAjACAAYwBhAGwAbAAgAGgAZQBsAHAAIABmAG8AcgAgAGcAZQB0ACAAYwBvAG0AbQBhAG4AZAAKACAAIAAgACAARwBlAHQALQBIAGUAbABwACAARwBlAHQALQBDAG8AbQBtAGEAbgBkAAoA'
+  end
+end

data/test/unit/resources/security_policy_test.rb

@@ -0,0 +1,16 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::SecurityPolicy' do
+  it 'verify processes resource' do
+    resource = load_resource('security_policy')
+    _(resource.MaximumPasswordAge).must_equal 42
+    _(resource.send('MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel')).must_equal '4,0'
+    _(resource.SeUndockPrivilege).must_equal '*S-1-5-32-544'
+    _(resource.SeRemoteInteractiveLogonRight).must_equal '*S-1-5-32-544,*S-1-5-32-555'
+  end
+end

data/test/unit/resources/service_test.rb

@@ -0,0 +1,116 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'helper'
+require 'inspec/resource'
+
+describe 'Inspec::Resources::Service' do
+
+  # windows
+  it 'verify service parsing' do
+    resource = MockLoader.new(:windows).load_resource('service', 'dhcp')
+    srv = { name: 'dhcp', description: 'DHCP Client', installed: true, running: true, enabled: true, type: 'windows' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # ubuntu 14.04 with upstart
+  it 'verify ubuntu package parsing' do
+    resource = MockLoader.new(:ubuntu1404).load_resource('service', 'ssh')
+    srv = { name: 'ssh', description: nil, installed: true, running: true, enabled: true, type: 'upstart' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # ubuntu 15.04 with systemd
+  it 'verify ubuntu package parsing' do
+    resource = MockLoader.new(:ubuntu1504).load_resource('service', 'sshd')
+    srv = { name: 'sshd.service', description: 'OpenSSH server daemon', installed: true, running: true, enabled: true, type: 'systemd' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # centos 6 with systemv
+  it 'verify centos 6 package parsing' do
+    resource = MockLoader.new(:centos6).load_resource('service', 'sshd')
+    srv = { name: 'sshd', description: nil, installed: true, running: true, enabled: true, type: 'sysv' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # centos 7 with systemd
+  it 'verify centos 7 package parsing' do
+    resource = MockLoader.new(:centos7).load_resource('service', 'sshd')
+    srv = { name: 'sshd.service', description: 'OpenSSH server daemon', installed: true, running: true, enabled: true, type: 'systemd' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # freebsd
+  it 'verify freebsd10 package parsing' do
+    resource = MockLoader.new(:freebsd10).load_resource('service', 'sendmail')
+    srv = { name: 'sendmail', description: nil, installed: true, running: true, enabled: true, type: 'bsd-init' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # arch linux with systemd
+  it 'verify arch linux package parsing' do
+    resource = MockLoader.new(:arch).load_resource('service', 'sshd')
+    srv = { name: 'sshd.service', description: 'OpenSSH server daemon', installed: true, running: true, enabled: true, type: 'systemd' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # debian 7 with systemv
+  it 'verify debian 7 package parsing' do
+    resource = MockLoader.new(:debian7).load_resource('service', 'sshd')
+    srv = { name: 'sshd', description: nil, installed: true, running: true, enabled: true, type: 'sysv' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # debian 8 with systemd
+  it 'verify arch linux package parsing' do
+    resource = MockLoader.new(:debian8).load_resource('service', 'sshd')
+    srv = { name: 'sshd.service', description: 'OpenSSH server daemon', installed: true, running: true, enabled: true, type: 'systemd' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # macos test
+  it 'verify arch linux package parsing' do
+    resource = MockLoader.new(:osx104).load_resource('service', 'ssh')
+    srv = { name: 'org.openbsd.ssh-agent', description: nil, installed: true, running: true, enabled: true, type: 'darwin' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
+  # unknown OS
+  it 'verify package handling on unsupported os' do
+    resource = MockLoader.new(:undefined).load_resource('service', 'dhcp')
+    _(resource.installed?).must_equal false
+    _(resource.info).must_equal nil
+  end
+end