inspec 0.9.5 → 0.9.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (110) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +58 -8
  3. data/README.md +8 -39
  4. data/Rakefile +74 -9
  5. data/bin/inspec +66 -10
  6. data/docs/ctl_inspec.rst +7 -1
  7. data/docs/inspec_and_friends.rst +1 -1
  8. data/docs/resources.rst +51 -45
  9. data/examples/README.md +7 -0
  10. data/examples/kitchen-ansible/.kitchen.yml +25 -0
  11. data/examples/kitchen-ansible/Gemfile +20 -0
  12. data/examples/kitchen-ansible/README.md +53 -0
  13. data/examples/kitchen-ansible/files/nginx.repo +6 -0
  14. data/examples/kitchen-ansible/tasks/main.yml +16 -0
  15. data/examples/kitchen-ansible/test/integration/default/default.yml +5 -0
  16. data/examples/{test-kitchen → kitchen-ansible}/test/integration/default/web_spec.rb +0 -0
  17. data/examples/{test-kitchen → kitchen-chef}/.kitchen.yml +1 -1
  18. data/examples/{test-kitchen → kitchen-chef}/Berksfile +0 -0
  19. data/examples/{test-kitchen → kitchen-chef}/Gemfile +1 -2
  20. data/examples/{test-kitchen → kitchen-chef}/README.md +1 -1
  21. data/examples/{test-kitchen → kitchen-chef}/metadata.rb +0 -0
  22. data/examples/{test-kitchen → kitchen-chef}/recipes/default.rb +0 -0
  23. data/examples/{test-kitchen → kitchen-chef}/recipes/nginx.rb +0 -0
  24. data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -0
  25. data/examples/kitchen-puppet/.kitchen.yml +22 -0
  26. data/examples/kitchen-puppet/Gemfile +21 -0
  27. data/examples/kitchen-puppet/Puppetfile +25 -0
  28. data/examples/kitchen-puppet/README.md +53 -0
  29. data/examples/kitchen-puppet/manifests/site.pp +33 -0
  30. data/examples/kitchen-puppet/metadata.json +11 -0
  31. data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -0
  32. data/inspec.gemspec +2 -0
  33. data/lib/inspec/plugins/resource.rb +21 -0
  34. data/lib/inspec/shell.rb +73 -11
  35. data/lib/inspec/version.rb +1 -1
  36. data/lib/matchers/matchers.rb +43 -0
  37. data/lib/resources/apache_conf.rb +12 -9
  38. data/lib/resources/apt.rb +7 -0
  39. data/lib/resources/audit_policy.rb +6 -6
  40. data/lib/resources/auditd_conf.rb +6 -7
  41. data/lib/resources/auditd_rules.rb +9 -8
  42. data/lib/resources/bond.rb +6 -6
  43. data/lib/resources/bridge.rb +7 -0
  44. data/lib/resources/command.rb +10 -8
  45. data/lib/resources/csv.rb +6 -5
  46. data/lib/resources/directory.rb +6 -0
  47. data/lib/resources/etc_group.rb +9 -1
  48. data/lib/resources/file.rb +72 -61
  49. data/lib/resources/gem.rb +6 -4
  50. data/lib/resources/group.rb +7 -0
  51. data/lib/resources/host.rb +6 -0
  52. data/lib/resources/inetd_conf.rb +8 -8
  53. data/lib/resources/ini.rb +6 -6
  54. data/lib/resources/interface.rb +8 -8
  55. data/lib/resources/iptables.rb +6 -0
  56. data/lib/resources/json.rb +6 -5
  57. data/lib/resources/kernel_module.rb +6 -5
  58. data/lib/resources/kernel_parameter.rb +6 -4
  59. data/lib/resources/limits_conf.rb +6 -6
  60. data/lib/resources/login_def.rb +6 -0
  61. data/lib/resources/mysql_conf.rb +6 -0
  62. data/lib/resources/mysql_session.rb +7 -0
  63. data/lib/resources/npm.rb +6 -4
  64. data/lib/resources/ntp_conf.rb +7 -7
  65. data/lib/resources/oneget.rb +6 -0
  66. data/lib/resources/os.rb +8 -0
  67. data/lib/resources/os_env.rb +6 -0
  68. data/lib/resources/package.rb +8 -1
  69. data/lib/resources/parse_config.rb +14 -0
  70. data/lib/resources/passwd.rb +7 -0
  71. data/lib/resources/pip.rb +6 -0
  72. data/lib/resources/port.rb +22 -11
  73. data/lib/resources/postgres_conf.rb +6 -0
  74. data/lib/resources/postgres_session.rb +8 -0
  75. data/lib/resources/processes.rb +17 -1
  76. data/lib/resources/registry_key.rb +7 -0
  77. data/lib/resources/script.rb +11 -0
  78. data/lib/resources/security_policy.rb +6 -1
  79. data/lib/resources/service.rb +10 -0
  80. data/lib/resources/ssh_conf.rb +6 -0
  81. data/lib/resources/user.rb +9 -2
  82. data/lib/resources/windows_feature.rb +6 -0
  83. data/lib/resources/yaml.rb +6 -0
  84. data/lib/resources/yum.rb +7 -0
  85. data/lib/utils/find_files.rb +15 -7
  86. data/test/helper.rb +9 -0
  87. data/test/integration/.kitchen.yml +3 -0
  88. data/test/integration/test/integration/default/compare_matcher_spec.rb +19 -0
  89. data/test/integration/test/integration/default/etc_group.rb +13 -0
  90. data/test/integration/test/integration/default/os_spec.rb +13 -0
  91. data/test/integration/test/integration/default/port_spec.rb +1 -1
  92. data/test/unit/mock/cmd/find-apache2-conf-enabled +1 -0
  93. data/test/unit/mock/cmd/find-apache2-ports-conf +1 -0
  94. data/test/unit/mock/cmd/ps-aux +2 -0
  95. data/test/unit/mock/files/apache2.conf +14 -0
  96. data/test/unit/mock/files/ports.conf +6 -0
  97. data/test/unit/mock/files/serve-cgi-bin.conf +20 -0
  98. data/test/unit/resources/apache_conf_test.rb +31 -0
  99. data/test/unit/resources/file_test.rb +181 -0
  100. data/test/unit/resources/package_test.rb +9 -0
  101. data/test/unit/resources/port_test.rb +33 -13
  102. data/test/unit/resources/processes_test.rb +6 -0
  103. data/test/unit/resources/service_test.rb +10 -0
  104. data/test/unit/resources/user_test.rb +12 -0
  105. data/test/unit/utils/find_files_test.rb +23 -0
  106. metadata +61 -16
  107. data/bin/inspec.orig +0 -115
  108. data/lib/resources/.service.rb.swp +0 -0
  109. data/test/unit/mock/profiles/rules/metadata.rb +0 -2
  110. data/test/unit/mock/profiles/rules/test/test.rb +0 -6
data/bin/inspec.orig DELETED
@@ -1,115 +0,0 @@
1
- #!/usr/bin/env ruby
2
- # encoding: utf-8
3
- # Copyright 2015 Dominik Richter. All rights reserved.
4
- # author: Dominik Richter
5
- # author: Christoph Hartmann
6
-
7
- require 'thor'
8
- require 'json'
9
- require_relative '../lib/inspec'
10
-
11
- class InspecCLI < Thor
12
- def self.target_options
13
- option :target, aliases: :t, type: :string, default: nil,
14
- desc: 'Simple targeting option using URIs, e.g. ssh://user:pass@host:port'
15
- option :backend, aliases: :b, type: :string, default: nil,
16
- desc: 'Choose a backend: local, ssh, winrm, docker.'
17
- option :host, type: :string,
18
- desc: 'Specify a remote host which is tested.'
19
- option :port, type: :numeric,
20
- desc: 'Specify the login port for a remote scan.'
21
- option :user, type: :string, default: nil,
22
- desc: 'The login user for a remote scan.'
23
- option :password, type: :string, default: nil,
24
- desc: 'Login password for a remote scan, if required.'
25
- option :key_files, type: :array, default: nil,
26
- desc: 'Login key or certificate file for a remote scan.'
27
- option :path, type: :string, default: nil,
28
- <<<<<<< HEAD
29
- desc: 'Login path to use when connecting to the target.'
30
- option :sudo, type: :boolean, default: false,
31
- desc: 'Run scans with sudo. Only activates on Unix and non-root user.'
32
- =======
33
- desc: 'Login path to use when connecting to the target (WinRM).'
34
- option :disable_sudo, type: :boolean, default: false,
35
- desc: 'To not run remote scans via sudo.'
36
- >>>>>>> update cli description of --path
37
- option :sudo_password, type: :string, default: nil,
38
- desc: 'Specify a sudo password, if it is required.'
39
- option :sudo_options, type: :string, default: '',
40
- desc: 'Additional sudo options for a remote scan.'
41
- option :ssl, type: :boolean, default: false,
42
- desc: 'Use SSL for transport layer encryption (WinRM).'
43
- option :self_signed, type: :boolean, default: false,
44
- desc: 'Allow remote scans with self-signed certificates (WinRM).'
45
- end
46
-
47
- desc 'json PATH', 'read all tests in PATH and generate a JSON profile'
48
- option :id, type: :string,
49
- desc: 'Attach a profile ID to all test results'
50
- option :output, aliases: :o, type: :string,
51
- desc: 'Save the created profile to a path'
52
- def json(path)
53
- profile = Inspec::Profile.from_path(path, options)
54
- dst = options[:output].to_s
55
- if dst.empty?
56
- puts JSON.pretty_generate(profile.info)
57
- else
58
- if File.exist? dst
59
- puts "----> updating #{dst}"
60
- else
61
- puts "----> creating #{dst}"
62
- end
63
- fdst = File.expand_path(dst)
64
- File.write(fdst, JSON.dump(profile.info))
65
- end
66
- end
67
-
68
- desc 'check PATH', 'verify test structure in PATH'
69
- def check(path)
70
- o = options.dup
71
- o[:logger] = Logger.new(STDOUT)
72
- profile = Inspec::Profile.from_path(path, o)
73
- exit 1 unless profile.check
74
- end
75
-
76
- desc 'exec PATHS', 'run all test files'
77
- option :id, type: :string,
78
- desc: 'Attach a profile ID to all test results'
79
- target_options
80
- option :format, type: :string, default: 'progress'
81
- def exec(*tests)
82
- runner = Inspec::Runner.new(options)
83
- runner.add_tests(tests)
84
- runner.run
85
- rescue RuntimeError => e
86
- puts e.message
87
- end
88
-
89
- desc 'detect', 'detect the target OS'
90
- target_options
91
- def detect
92
- runner = Inspec::Runner.new(options)
93
- rel = File.join(File.dirname(__FILE__), *%w{.. lib utils detect.rb})
94
- detect_util = File.expand_path(rel)
95
- runner.add_tests([detect_util])
96
- runner.run
97
- rescue RuntimeError => e
98
- puts e.message
99
- end
100
-
101
- desc 'shell', 'open an interactive debugging shell'
102
- target_options
103
- def shell_func
104
- runner = Inspec::Runner.new(options)
105
- Inspec::Shell.new(runner).start
106
- rescue RuntimeError => e
107
- puts e.message
108
- end
109
-
110
- desc 'version', 'prints the version of this tool'
111
- def version
112
- puts Inspec::VERSION
113
- end
114
- end
115
- InspecCLI.start(ARGV)
data/test/unit/mock/profiles/rules/metadata.rb DELETED
@@ -1,2 +0,0 @@
1
- name 'metadata profile'
2
-
data/test/unit/mock/profiles/rules/test/test.rb DELETED
@@ -1,6 +0,0 @@
1
- rule 'id-1' do
2
- title 'hello title'
3
- desc 'hello desc'
4
- impact 0.0
5
- expect(file '/dev/zero').to be_file
6
- end