inspec 0.9.2 → 0.9.3

data/lib/utils/simpleconfig.rb

@@ -42,7 +42,7 @@ class SimpleConfig
     start_idx = 2
     i = 0
     count = values - 1
-    return match[start_idx] if (values == 1)
+    return match[start_idx] if values == 1
 
     # iterate over expected parameters
     values = []

data/test/helper.rb

@@ -108,8 +108,10 @@ class MockLoader
       'type win_secpol.cfg' => cmd.call('secedit-export'),
       'secedit /export /cfg win_secpol.cfg' => cmd.call('success'),
       'del win_secpol.cfg' => cmd.call('success'),
-      'su - root -c \'echo $PATH\'' => cmd.call('PATH'),
-      '(Get-Item \'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule\').GetValue(\'Start\')' => cmd.call('reg_schedule'),
+      'env' => cmd.call('env'),
+      '$Env:PATH'  => cmd.call('$env-PATH'),
+      # registry key test
+      '2790db1e88204a073ed7fd3493f5445e5ce531afd0d2724a0e36c17110c535e6' => cmd.call('reg_schedule'),
       'Auditpol /get /subcategory:\'User Account Management\' /r' => cmd.call('auditpol'),
       '/sbin/auditctl -l' => cmd.call('auditctl'),
       'yum -v repolist all'  => cmd.call('yum-repolist-all'),

data/test/integration/cookbooks/os_prepare/recipes/default.rb

@@ -7,3 +7,5 @@
 include_recipe('os_prepare::apt')
 include_recipe('os_prepare::file')
 include_recipe('os_prepare::package')
+include_recipe('os_prepare::registry_key')
+include_recipe('os_prepare::service')

data/test/integration/cookbooks/os_prepare/recipes/file.rb

@@ -4,18 +4,22 @@
 #
 # prepares a sample file for verification
 
-gid = 'root'
-gid = 'wheel' if node['platform_family'] == 'freebsd'
+if node['platform_family'] != 'windows'
 
-file '/tmp/file' do
-  mode '0765'
-  owner 'root'
-  group gid
-  content 'hello world'
-end
+  gid = 'root'
+  gid = 'wheel' if node['platform_family'] == 'freebsd'
+
+  file '/tmp/file' do
+    mode '0765'
+    owner 'root'
+    group gid
+    content 'hello world'
+  end
+
+  directory '/tmp/folder' do
+    mode '0567'
+    owner 'root'
+    group gid
+  end
 
-directory '/tmp/folder' do
-  mode '0567'
-  owner 'root'
-  group gid
 end

data/test/integration/cookbooks/os_prepare/recipes/registry_key.rb

@@ -0,0 +1,69 @@
+# encoding: utf-8
+# author: Alex Pop
+# author: Christoph Hartmann
+#
+# change a few Windows registry keys for testing purposes
+
+if node['platform_family'] == 'windows'
+
+  registry_key 'HKLM\System\Test' do
+    values [{
+      :name => '',
+      :type => :string,
+      :data => 'test'
+    },{
+      :name => 'string value',
+      :type => :string,
+      :data => nil
+    },{
+      :name => 'binary value',
+      :type => :binary,
+      :data => 'dfa0f066'
+    },{
+      :name => 'dword value',
+      :type => :dword,
+      :data => 0
+    },{
+      :name => 'qword value',
+      :type => :qword,
+      :data => 0
+    },{
+      :name => 'multistring value',
+      :type => :multi_string,
+      :data => ['test', 'multi','string','data']
+    }]
+    recursive true
+    action :create
+  end
+
+  registry_key 'HKLM\Software\Policies\Microsoft\Windows\EventLog\System' do
+    values [{ name: 'MaxSize', type: :dword, data: 67_108_864 }]
+    recursive true
+    action :create
+  end
+
+  registry_key 'HKLM\System\CurrentControlSet\Control\Session Manager' do
+    values [{ name: 'SafeDllSearchMode', type: :dword, data: 1 }]
+    recursive true
+    action :create
+  end
+
+  registry_key 'HKLM\System\CurrentControlSet\Services\LanManServer\Parameters' do
+    values [{ name: 'NullSessionShares', type: :multi_string, data: [] }]
+    recursive true
+    action :create
+  end
+
+  registry_key 'HKLM\Software\Policies\Microsoft\Internet Explorer\Main' do
+    values [{ name: 'Isolation64Bit', type: :dword, data: 1 }]
+    recursive true
+    action :create
+  end
+
+  registry_key 'HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services' do
+    values [{ name: 'MinEncryptionLevel', type: :dword, data: 3 }]
+    recursive true
+    action :create
+  end
+
+end

data/test/integration/cookbooks/os_prepare/recipes/service.rb

@@ -0,0 +1,12 @@
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+#
+# prepares services
+
+# install ntp as a service on ubuntu
+case node['platform']
+when 'ubuntu'
+  include_recipe('apt')
+  package 'ntp'
+end

data/test/integration/test/integration/default/port_spec.rb

@@ -0,0 +1,9 @@
+# encoding: utf-8
+
+if os.unix?
+  # check that ssh runs
+  describe port(22) do
+    it { should be_listening }
+    its('protocol') { should include('tcp') }
+  end
+end

data/test/integration/test/integration/default/registry_key_spec.rb

@@ -0,0 +1,53 @@
+# encoding: utf-8
+
+if os.windows?
+
+  describe registry_key('HKLM\System\Test') do
+    it { should exist }
+    it { should have_value('test') }
+    it { should have_property('binary value', :binary) }
+    it { should have_property('string value') }
+    it { should have_property('dword value', :dword) }
+    it { should have_property_value('multistring value', :multi_string, ['test', 'multi','string','data']) }
+    it { should have_property_value('qword value', :qword, 0) }
+    it { should have_property_value('binary value', :binary, 'dfa0f066') }
+  end
+
+  # serverspec compatability
+  describe windows_registry_key('HKLM\System\Test') do
+    it { should exist }
+    it { should have_value('test') }
+    it { should have_property('string value') }
+    it { should have_property('binary value', :type_binary) }
+    it { should have_property('dword value', :type_dword) }
+    it { should have_property_value('multistring value', :type_multistring, ['test', 'multi','string','data']) }
+    it { should have_property_value('qword value', :type_qword, 0) }
+    it { should have_property_value('binary value', :type_binary, 'dfa0f066') }
+  end
+
+  describe registry_key('HKLM\Software\Policies\Microsoft\Windows\EventLog\System') do
+    it { should exist }
+    its('MaxSize') { should_not eq nil }
+  end
+
+  describe registry_key('HKLM\System\CurrentControlSet\Control\Session Manager') do
+    it { should exist }
+    it { should_not have_property_value('SafeDllSearchMode', :type_dword, 0) }
+  end
+
+  describe registry_key('HKLM\System\CurrentControlSet\Services\LanManServer\Parameters') do
+    it { should exist }
+    its('NullSessionShares') { should eq [''] }
+  end
+
+  describe registry_key('HKLM\Software\Policies\Microsoft\Internet Explorer\Main') do
+    it { should exist }
+    its('Isolation64Bit') { should eq 1 }
+  end
+
+  describe registry_key('HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services') do
+    it { should exist }
+    its('MinEncryptionLevel') { should eq 3 }
+  end
+
+end

data/test/integration/{default → test/integration/default}/service_spec.rb

@@ -9,10 +9,14 @@ elsif ['debian'].include?(os[:family])
   # Debian
   unavailable_service = 'clamav'
   available_service = 'ssh'
-else
+elsif ['ubuntu'].include?(os[:family])
   # Ubuntu
   unavailable_service = 'sshd'
   available_service = 'ssh'
+elsif ['windows'].include?(os[:family])
+  # Ubuntu
+  unavailable_service = 'sshd'
+  available_service = 'dhcp'
 end
 
 describe service(unavailable_service) do
@@ -26,3 +30,12 @@ describe service(available_service) do
   it { should be_installed }
   it { should be_running }
 end
+
+# extra test for ubuntu upstart with systemv service
+if os[:family] == 'ubuntu'
+  describe service('ntp') do
+    it { should be_enabled }
+    it { should be_installed }
+    it { should be_running }
+  end
+end

data/test/integration/test/integration/default/user_spec.rb

@@ -0,0 +1,62 @@
+# encoding: utf-8
+
+# root test
+if ['centos', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family])
+
+  userinfo = {
+    name: 'root',
+    group: 'root',
+    uid: 0,
+    gid: 0,
+    groups: ["root"],
+    home: '/root',
+    shell: '/bin/bash',
+  }
+
+  # different groupset for centos 5
+  userinfo[:groups] = ["root", "bin", "daemon", "sys", "adm", "disk", "wheel"] if os[:release].to_i == 5
+
+elsif ['freebsd'].include?(os[:family])
+
+  userinfo = {
+    name: 'root',
+    group: 'wheel',
+    uid: 0,
+    gid: 0,
+    groups: ["wheel", "operator"],
+    home: '/root',
+    shell: '/bin/csh',
+  }
+
+elsif ['windows'].include?(os[:family])
+
+  userinfo = {
+    name: 'Administrator',
+    group: nil,
+    uid: nil,
+    gid: nil,
+    groups: nil,
+    home: nil,
+    shell: nil,
+  }
+
+else
+  userinfo = {}
+end
+
+if !os.windows?
+  describe user(userinfo[:name]) do
+    it { should exist }
+    it { should belong_to_group userinfo[:group] }
+    its('uid') { should eq userinfo[:uid] }
+    its('gid') { should eq userinfo[:gid] }
+    its('group') { should eq userinfo[:group] }
+    its('groups') { should eq userinfo[:groups] }
+    its('home') { should eq userinfo[:home] }
+    its('shell') { should eq userinfo[:shell] }
+  end
+else
+  describe user(userinfo[:name]) do
+    it { should exist }
+  end
+end

data/test/unit/mock/cmd/$env-PATH

@@ -0,0 +1 @@
+C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\opscode\chef\bin\

data/test/unit/mock/cmd/env

@@ -0,0 +1 @@
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

data/test/unit/mock/cmd/reg_schedule

@@ -1 +1,6 @@
-2
+{
+    "Start":  {
+                  "value":  2,
+                  "type":  4
+              }
+}

data/test/unit/profile_context_test.rb

@@ -22,21 +22,32 @@ describe Inspec::ProfileContext do
       load('print os[:family]').must_output 'ubuntu'
     end
 
-    it 'must profide file resource' do
+    it 'must provide file resource' do
       load('print file("").type').must_output 'unknown'
     end
 
-    it 'must profide command resource' do
+    it 'must provide command resource' do
       load('print command("").stdout').must_output ''
     end
 
     it 'provides the describe keyword in the global DSL' do
       load('describe true do; it { should_eq true }; end')
         .must_output ''
-      profile.rules.keys.must_equal ['unknown:1']
+      profile.rules.keys.length.must_equal 1
+      profile.rules.keys[0].must_match /^unknown:1 [0-9a-f]+$/
       profile.rules.values[0].must_be_kind_of Inspec::Rule
     end
 
+    it 'loads multiple computed calls to describe correctly' do
+      load("%w{1 2 3}.each do\ndescribe true do; it { should_eq true }; end\nend")
+        .must_output ''
+      profile.rules.keys.length.must_equal 3
+      [0, 1, 2].each do |i|
+        profile.rules.keys[i].must_match /^unknown:2 [0-9a-f]+$/
+        profile.rules.values[i].must_be_kind_of Inspec::Rule
+      end
+    end
+
     it 'does not provide the expect keyword in the global DLS' do
       load('expect(true).to_eq true').must_raise NoMethodError
     end

data/test/unit/resources/os_env_test.rb

@@ -6,8 +6,13 @@ require 'helper'
 require 'inspec/resource'
 
 describe 'Inspec::Resources::OsEnv' do
-  it 'verify ntp config parsing' do
+  it 'verify env parsing' do
     resource = load_resource('os_env', 'PATH')
     _(resource.split).must_equal %w{/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin}
   end
+
+  it 'read env variable on Windows' do
+    resource = MockLoader.new(:windows).load_resource('os_env', 'PATH')
+    _(resource.split).must_equal ['C:\Windows\system32', 'C:\Windows', 'C:\Windows\System32\Wbem', 'C:\Windows\System32\WindowsPowerShell\v1.0\\', 'C:\opscode\chef\bin\\']
+  end
 end

data/test/unit/resources/registry_key_test.rb

@@ -6,14 +6,13 @@ require 'helper'
 require 'inspec/resource'
 
 describe 'Inspec::Resources::RegistryKey' do
-  let(:resource) { load_resource('registry_key', 'Task Scheduler', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') }
-  let(:resource_without_name) { load_resource('registry_key', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') }
-
   it 'read reg key with human readable name' do
+    resource = MockLoader.new(:windows).load_resource('registry_key', 'Task Scheduler', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule')
     _(resource.Start).must_equal 2
   end
 
   it 'read reg key without human readable name' do
+    resource_without_name = MockLoader.new(:windows).load_resource('registry_key', 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule')
     _(resource_without_name.Start).must_equal 2
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 0.9.2
+  version: 0.9.3
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-06 00:00:00.000000000 Z
+date: 2015-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: r-train
@@ -262,15 +262,19 @@ files:
 - test/integration/cookbooks/os_prepare/recipes/default.rb
 - test/integration/cookbooks/os_prepare/recipes/file.rb
 - test/integration/cookbooks/os_prepare/recipes/package.rb
-- test/integration/default/_debug_spec.rb
-- test/integration/default/apt_spec.rb
-- test/integration/default/file_spec.rb
-- test/integration/default/group_spec.rb
-- test/integration/default/kernel_module_spec.rb
-- test/integration/default/kernel_parameter_spec.rb
-- test/integration/default/package_spec.rb
-- test/integration/default/service_spec.rb
-- test/integration/default/user_spec.rb
+- test/integration/cookbooks/os_prepare/recipes/registry_key.rb
+- test/integration/cookbooks/os_prepare/recipes/service.rb
+- test/integration/test/integration/default/_debug_spec.rb
+- test/integration/test/integration/default/apt_spec.rb
+- test/integration/test/integration/default/file_spec.rb
+- test/integration/test/integration/default/group_spec.rb
+- test/integration/test/integration/default/kernel_module_spec.rb
+- test/integration/test/integration/default/kernel_parameter_spec.rb
+- test/integration/test/integration/default/package_spec.rb
+- test/integration/test/integration/default/port_spec.rb
+- test/integration/test/integration/default/registry_key_spec.rb
+- test/integration/test/integration/default/service_spec.rb
+- test/integration/test/integration/default/user_spec.rb
 - test/resource/command_test.rb
 - test/resource/dsl_test.rb
 - test/resource/file_test.rb
@@ -278,10 +282,10 @@ files:
 - test/resource/sshd_config.rb
 - test/test-extra.yaml
 - test/test.yaml
+- test/unit/mock/cmd/$env-PATH
 - test/unit/mock/cmd/Get-NetAdapter
 - test/unit/mock/cmd/GetUserAccount
 - test/unit/mock/cmd/GetWin32Group
-- test/unit/mock/cmd/PATH
 - test/unit/mock/cmd/Resolve-DnsName
 - test/unit/mock/cmd/Test-NetConnection
 - test/unit/mock/cmd/auditctl
@@ -290,6 +294,7 @@ files:
 - test/unit/mock/cmd/chage-l-root
 - test/unit/mock/cmd/dpkg-s-curl
 - test/unit/mock/cmd/dscl
+- test/unit/mock/cmd/env
 - test/unit/mock/cmd/etc-apt
 - test/unit/mock/cmd/find-etc-rc-d-name-S
 - test/unit/mock/cmd/find-net-interface
@@ -427,15 +432,19 @@ test_files:
 - test/integration/cookbooks/os_prepare/recipes/default.rb
 - test/integration/cookbooks/os_prepare/recipes/file.rb
 - test/integration/cookbooks/os_prepare/recipes/package.rb
-- test/integration/default/_debug_spec.rb
-- test/integration/default/apt_spec.rb
-- test/integration/default/file_spec.rb
-- test/integration/default/group_spec.rb
-- test/integration/default/kernel_module_spec.rb
-- test/integration/default/kernel_parameter_spec.rb
-- test/integration/default/package_spec.rb
-- test/integration/default/service_spec.rb
-- test/integration/default/user_spec.rb
+- test/integration/cookbooks/os_prepare/recipes/registry_key.rb
+- test/integration/cookbooks/os_prepare/recipes/service.rb
+- test/integration/test/integration/default/_debug_spec.rb
+- test/integration/test/integration/default/apt_spec.rb
+- test/integration/test/integration/default/file_spec.rb
+- test/integration/test/integration/default/group_spec.rb
+- test/integration/test/integration/default/kernel_module_spec.rb
+- test/integration/test/integration/default/kernel_parameter_spec.rb
+- test/integration/test/integration/default/package_spec.rb
+- test/integration/test/integration/default/port_spec.rb
+- test/integration/test/integration/default/registry_key_spec.rb
+- test/integration/test/integration/default/service_spec.rb
+- test/integration/test/integration/default/user_spec.rb
 - test/resource/command_test.rb
 - test/resource/dsl_test.rb
 - test/resource/file_test.rb
@@ -443,10 +452,10 @@ test_files:
 - test/resource/sshd_config.rb
 - test/test-extra.yaml
 - test/test.yaml
+- test/unit/mock/cmd/$env-PATH
 - test/unit/mock/cmd/Get-NetAdapter
 - test/unit/mock/cmd/GetUserAccount
 - test/unit/mock/cmd/GetWin32Group
-- test/unit/mock/cmd/PATH
 - test/unit/mock/cmd/Resolve-DnsName
 - test/unit/mock/cmd/Test-NetConnection
 - test/unit/mock/cmd/auditctl
@@ -455,6 +464,7 @@ test_files:
 - test/unit/mock/cmd/chage-l-root
 - test/unit/mock/cmd/dpkg-s-curl
 - test/unit/mock/cmd/dscl
+- test/unit/mock/cmd/env
 - test/unit/mock/cmd/etc-apt
 - test/unit/mock/cmd/find-etc-rc-d-name-S
 - test/unit/mock/cmd/find-net-interface