inspec 1.0.0 → 1.1.0

data/docs/resources/interface.md.erb

@@ -9,7 +9,7 @@ Use the `interface` InSpec audit resource to test basic network adapter properti
 * On Linux platforms, `/sys/class/net/#{iface}` is used as source
 * On the Windows platform, the `Get-NetAdapter` cmdlet is used as source
 
-# Syntax
+## Syntax
 
 An `interface` resource block declares network interface properties to be tested:
 
@@ -19,48 +19,48 @@ An `interface` resource block declares network interface properties to be tested
       its('name') { should eq eth0 }
     end
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## be_up
+### be_up
 
 The `be_up` matcher tests if the network interface is available:
 
     it { should be_up }
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## name
+### name
 
 The `name` matcher tests if the named network interface exists:
 
     its('name') { should eq eth0 }
 
-## speed
+### speed
 
 The `speed` matcher tests the speed of the network interface, in MB/sec:
 
     its('speed') { should eq 1000 }
 
-# Examples
+## Examples
 
 None.

data/docs/resources/iptables.md.erb

@@ -6,7 +6,7 @@ title: About the iptables Resource
 
 Use the `iptables` InSpec audit resource to test rules that are defined in `iptables`, which maintains tables of IP packet filtering rules. There may be more than one table. Each table contains one (or more) chains (both built-in and custom). A chain is a list of rules that match packets. When the rule matches, the rule defines what target to assign to the packet.
 
-# Syntax
+## Syntax
 
 A `iptables` resource block declares tests for rules in IP tables:
 
@@ -23,47 +23,47 @@ where
 * `have_rule('RULE')` tests that rule in the iptables file
 
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## have_rule
+### have_rule
 
 The `have_rule` matcher tests the named rule against the information in the `iptables` file:
 
     it { should have_rule('RULE') }
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test if the IP table allows a packet through
+### Test if the IP table allows a packet through
 
     describe iptables do
       it { should have_rule('-P INPUT ACCEPT') }
     end
 
-## Test if the IP table allows a packet through, for a specific table and chain
+### Test if the IP table allows a packet through, for a specific table and chain
 
     describe iptables(table:'mangle', chain: 'input') do
       it { should have_rule('-P INPUT ACCEPT') }

data/docs/resources/json.md.erb

@@ -6,7 +6,7 @@ title: About the json Resource
 
 Use the `json` InSpec audit resource to test data in a JSON file.
 
-# Syntax
+## Syntax
 
 A `json` resource block declares the data to be tested. Assume the following JSON file:
 
@@ -35,41 +35,41 @@ where
 * `should eq 'foo'` tests a value of `name` as read from a JSON file versus the value declared in the test
 
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## name
+### name
 
 The `name` matcher tests the value of `name` as read from a JSON file versus the value declared in the test:
 
     its('name') { should eq 'foo' }
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test a cookbook version in a policyfile.lock.json file
+### Test a cookbook version in a policyfile.lock.json file
 
     describe json('policyfile.lock.json') do
       its(['cookbook_locks', 'omnibus', 'version']) { should eq('2.2.0') }

data/docs/resources/kernel_module.md.erb

@@ -6,7 +6,7 @@ title: About the kernel_module Resource
 
 Use the `kernel_module` InSpec audit resource to test kernel modules on Linux platforms. These parameters are located under `/lib/modules`. Any submodule may be tested using this resource.
 
-# Syntax
+## Syntax
 
 A `kernel_module` resource block declares a module name, and then tests if that module is a loadable kernel module:
 
@@ -19,41 +19,41 @@ where
 * `'module_name'` must specify a kernel module, such as `'bridge'`
 * `{ should be_loaded }` tests if the module is a loadable kernel module
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## be_loaded
+### be_loaded
 
 The `be_loaded` matcher tests if the module is a loadable kernel module:
 
     it { should be_loaded }
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test if a module is loaded
+### Test if a module is loaded
 
     describe kernel_module('bridge') do
       it { should be_loaded }

data/docs/resources/kernel_parameter.md.erb

@@ -6,7 +6,7 @@ title: About the kernel_parameter Resource
 
 Use the `kernel_parameter` InSpec audit resource to test kernel parameters on Linux platforms.
 
-# Syntax
+## Syntax
 
 A `kernel_parameter` resource block declares a parameter and then a value to be tested:
 
@@ -19,53 +19,53 @@ where
 * `'kernel.parameter'` must specify a kernel parameter, such as `'net.ipv4.conf.all.forwarding'`
 * `{ should eq 0 }` states the value to be tested
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-## value
+### value
 
 The `value` matcher tests the value assigned to the named IP address versus the value declared in the test:
 
     its('value') { should eq 0 }
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test if global forwarding is enabled for an IPv4 address
+### Test if global forwarding is enabled for an IPv4 address
 
     describe kernel_parameter('net.ipv4.conf.all.forwarding') do
       its('value') { should eq 1 }
     end
 
-## Test if global forwarding is disabled for an IPv6 address
+### Test if global forwarding is disabled for an IPv6 address
 
     describe kernel_parameter('net.ipv6.conf.all.forwarding') do
       its('value') { should eq 0 }
     end
 
-## Test if an IPv6 address accepts redirects
+### Test if an IPv6 address accepts redirects
 
     describe kernel_parameter('net.ipv6.conf.interface.accept_redirects') do
       its('value') { should eq 'true' }

data/docs/resources/launchd_service.md.erb

@@ -6,7 +6,7 @@ title: About the launchd_service Resource
 
 Use the ``launchd_service`` InSpec audit resource to test a service using Launchd.
 
-# Syntax
+## Syntax
 
 A ``launchd_service`` resource block declares the name of a service and then one (or more) matchers to test the state of the service:
 
@@ -29,48 +29,48 @@ The path to the service manager's control may be specified for situations where
       it { should be_running }
     end
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## be_enabled
+### be_enabled
 
 The `be_enabled` matcher tests if the named service is enabled:
 
     it { should be_enabled }
 
-## be_installed
+### be_installed
 
 The `be_installed` matcher tests if the named service is installed:
 
     it { should be_installed }
 
-## be_running
+### be_running
 
 The `be_running` matcher tests if the named service is running:
 
     it { should be_running }
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-# Examples
+## Examples
 
 None.

data/docs/resources/limits_conf.md.erb

@@ -17,7 +17,7 @@ Entries in the `limits.conf` file are similar to:
     ^^^^^^^^^   ^^^^   ^^^^^^   ^^^^^
     domain      type    item    value
 
-# Syntax
+## Syntax
 
 A `limits_conf` resource block declares a domain to be tested, along with associated type, item, and value:
 
@@ -34,19 +34,19 @@ where
 * `'item'` is the item for which limits are defined, such as `core`, `nofile`, `stack`, `nproc`, `priority`, or `maxlogins`
 * `'value'` is the value associated with the `item`
 
-# Matchers
+## Matchers
 
 This InSpec audit resource has the following matchers:
 
-## be
+### be
 
 <%= partial "/shared/matcher_be" %>
 
-## cmp
+### cmp
 
 <%= partial "/shared/matcher_cmp" %>
 
-## domain
+### domain
 
 The `domain` matcher tests the domain in the `limits.conf` file, along with associated type, item, and value:
 
@@ -56,23 +56,23 @@ For example:
 
     its('grantmc') { should include ['hard', 'nofile', '63536'] }
 
-## eq
+### eq
 
 <%= partial "/shared/matcher_eq" %>
 
-## include
+### include
 
 <%= partial "/shared/matcher_include" %>
 
-## match
+### match
 
 <%= partial "/shared/matcher_match" %>
 
-# Examples
+## Examples
 
 The following examples show how to use this InSpec audit resource.
 
-## Test limits
+### Test limits
 
     describe limits_conf('path') do
       its('*') { should include ['soft', 'core', '0'], ['hard', 'rss', '10000'] }