inspec 1.40.0 → 1.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (114) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +30 -9
  3. data/docs/matchers.md +18 -0
  4. data/docs/plugin_kitchen_inspec.md +18 -24
  5. data/docs/profiles.md +39 -2
  6. data/docs/resources/aide_conf.md.erb +18 -28
  7. data/docs/resources/apache_conf.md.erb +19 -33
  8. data/docs/resources/apt.md.erb +22 -36
  9. data/docs/resources/audit_policy.md.erb +9 -24
  10. data/docs/resources/auditd.md.erb +9 -24
  11. data/docs/resources/auditd_conf.md.erb +20 -34
  12. data/docs/resources/auditd_rules.md.erb +8 -24
  13. data/docs/resources/bash.md.erb +4 -26
  14. data/docs/resources/bond.md.erb +25 -40
  15. data/docs/resources/bridge.md.erb +5 -25
  16. data/docs/resources/bsd_service.md.erb +5 -25
  17. data/docs/resources/command.md.erb +35 -50
  18. data/docs/resources/crontab.md.erb +9 -23
  19. data/docs/resources/csv.md.erb +12 -27
  20. data/docs/resources/dh_params.md +1 -0
  21. data/docs/resources/directory.md.erb +5 -25
  22. data/docs/resources/docker.md.erb +60 -57
  23. data/docs/resources/docker_container.md.erb +23 -19
  24. data/docs/resources/docker_image.md.erb +20 -16
  25. data/docs/resources/etc_fstab.md.erb +5 -2
  26. data/docs/resources/etc_group.md.erb +29 -45
  27. data/docs/resources/etc_hosts.md.erb +6 -0
  28. data/docs/resources/etc_hosts_allow.md.erb +6 -2
  29. data/docs/resources/etc_hosts_deny.md.erb +6 -2
  30. data/docs/resources/file.md.erb +198 -212
  31. data/docs/resources/firewalld.md.erb +7 -1
  32. data/docs/resources/gem.md.erb +21 -35
  33. data/docs/resources/group.md.erb +16 -30
  34. data/docs/resources/grub_conf.md.erb +9 -24
  35. data/docs/resources/host.md.erb +32 -49
  36. data/docs/resources/http.md.erb +38 -44
  37. data/docs/resources/iis_app.md.erb +25 -35
  38. data/docs/resources/iis_site.md.erb +26 -40
  39. data/docs/resources/inetd_conf.md.erb +27 -42
  40. data/docs/resources/ini.md.erb +9 -23
  41. data/docs/resources/interface.md.erb +5 -25
  42. data/docs/resources/iptables.md.erb +15 -29
  43. data/docs/resources/json.md.erb +12 -27
  44. data/docs/resources/kernel_module.md.erb +47 -61
  45. data/docs/resources/kernel_parameter.md.erb +15 -29
  46. data/docs/resources/key_rsa.md.erb +3 -0
  47. data/docs/resources/launchd_service.md.erb +5 -25
  48. data/docs/resources/limits_conf.md.erb +15 -29
  49. data/docs/resources/login_def.md.erb +15 -30
  50. data/docs/resources/mount.md.erb +18 -33
  51. data/docs/resources/mssql_session.md.erb +9 -12
  52. data/docs/resources/mysql_conf.md.erb +17 -32
  53. data/docs/resources/mysql_session.md.erb +15 -29
  54. data/docs/resources/nginx.md.erb +6 -0
  55. data/docs/resources/nginx_conf.md.erb +25 -20
  56. data/docs/resources/npm.md.erb +19 -35
  57. data/docs/resources/ntp_conf.md.erb +20 -37
  58. data/docs/resources/oneget.md.erb +15 -30
  59. data/docs/resources/oracledb_session.md.erb +9 -11
  60. data/docs/resources/os.md.erb +29 -43
  61. data/docs/resources/os_env.md.erb +29 -44
  62. data/docs/resources/package.md.erb +33 -42
  63. data/docs/resources/parse_config.md.erb +5 -25
  64. data/docs/resources/parse_config_file.md.erb +31 -43
  65. data/docs/resources/passwd.md.erb +24 -39
  66. data/docs/resources/pip.md.erb +20 -35
  67. data/docs/resources/port.md.erb +43 -57
  68. data/docs/resources/postgres_conf.md.erb +17 -31
  69. data/docs/resources/postgres_hba_conf.md.erb +26 -38
  70. data/docs/resources/postgres_ident_conf.md.erb +25 -37
  71. data/docs/resources/postgres_session.md.erb +15 -29
  72. data/docs/resources/powershell.md.erb +27 -42
  73. data/docs/resources/processes.md.erb +17 -33
  74. data/docs/resources/rabbitmq_config.md.erb +9 -24
  75. data/docs/resources/registry_key.md.erb +27 -42
  76. data/docs/resources/runit_service.md.erb +5 -25
  77. data/docs/resources/security_policy.md.erb +12 -27
  78. data/docs/resources/service.md.erb +27 -42
  79. data/docs/resources/shadow.md.erb +20 -35
  80. data/docs/resources/ssh_config.md.erb +19 -34
  81. data/docs/resources/sshd_config.md.erb +19 -34
  82. data/docs/resources/ssl.md.erb +39 -54
  83. data/docs/resources/sys_info.md.erb +12 -26
  84. data/docs/resources/systemd_service.md.erb +5 -25
  85. data/docs/resources/sysv_service.md.erb +5 -25
  86. data/docs/resources/upstart_service.md.erb +5 -25
  87. data/docs/resources/user.md.erb +29 -44
  88. data/docs/resources/users.md.erb +12 -26
  89. data/docs/resources/vbscript.md.erb +9 -24
  90. data/docs/resources/virtualization.md.erb +8 -23
  91. data/docs/resources/windows_feature.md.erb +15 -30
  92. data/docs/resources/windows_hotfix.md.erb +15 -9
  93. data/docs/resources/windows_task.md.erb +12 -26
  94. data/docs/resources/wmi.md.erb +9 -24
  95. data/docs/resources/x509_certificate.md.erb +4 -0
  96. data/docs/resources/xinetd_conf.md.erb +65 -80
  97. data/docs/resources/xml.md.erb +12 -26
  98. data/docs/resources/yaml.md.erb +12 -27
  99. data/docs/resources/yum.md.erb +37 -51
  100. data/docs/resources/zfs_dataset.md.erb +15 -26
  101. data/docs/resources/zfs_pool.md.erb +9 -20
  102. data/lib/inspec/backend.rb +8 -0
  103. data/lib/inspec/profile.rb +9 -1
  104. data/lib/inspec/shell.rb +13 -13
  105. data/lib/inspec/version.rb +1 -1
  106. data/lib/matchers/matchers.rb +2 -0
  107. data/lib/resources/etc_hosts.rb +1 -1
  108. data/lib/resources/host.rb +4 -1
  109. data/lib/resources/http.rb +173 -23
  110. data/lib/resources/processes.rb +106 -20
  111. data/lib/resources/ssh_conf.rb +1 -1
  112. data/lib/resources/ssl.rb +4 -3
  113. data/lib/utils/object_traversal.rb +35 -10
  114. metadata +2 -2
data/lib/resources/ssh_conf.rb CHANGED
@@ -63,7 +63,7 @@ module Inspec::Resources
63
63
  end
64
64
 
65
65
  @content = file.content
66
- if @content.empty? && !file.empty?
66
+ if @content.nil? || (@content.empty? && !file.size.zero?)
67
67
  return skip_resource "Can't read file \"#{@conf_path}\""
68
68
  end
69
69
 
data/lib/resources/ssl.rb CHANGED
@@ -50,8 +50,6 @@ class SSL < Inspec.resource(1)
50
50
  @host = inspec.backend.hostname
51
51
  elsif inspec.backend.class.to_s == 'Train::Transports::Local::Connection'
52
52
  @host = 'localhost'
53
- else
54
- raise 'Cannot determine host for SSL test. Please specify it or use a different target.'
55
53
  end
56
54
  end
57
55
  @port = opts[:port] || 443
@@ -60,11 +58,14 @@ class SSL < Inspec.resource(1)
60
58
  end
61
59
 
62
60
  filter = FilterTable.create
61
+ filter.add(:enabled?) do |x|
62
+ raise 'Cannot determine host for SSL test. Please specify it or use a different target.' if x.resource.host.nil?
63
+ x.handshake.values.any? { |i| i['success'] }
64
+ end
63
65
  filter.add_accessor(:where)
64
66
  .add_accessor(:entries)
65
67
  .add(:ciphers, field: 'cipher')
66
68
  .add(:protocols, field: 'protocol')
67
- .add(:enabled?) { |x| x.handshake.values.any? { |i| i['success'] } }
68
69
  .add(:handshake) { |x|
69
70
  groups = x.entries.group_by(&:protocol)
70
71
  res = Parallel.map(groups, in_threads: 8) do |proto, e|
data/lib/utils/object_traversal.rb CHANGED
@@ -3,22 +3,47 @@
3
3
  # author: Christoph Hartmann
4
4
  module ObjectTraverser
5
5
  def extract_value(keys, value)
6
+ return nil if value.nil?
7
+
6
8
  key = keys.shift
7
- return nil if key.nil? || value.nil?
9
+ return nil if key.nil?
8
10
 
9
- if value.is_a?(Array)
10
- value = if key.is_a?(Fixnum)
11
- value[key]
12
- elsif value.respond_to?(key.to_sym)
13
- value.send(key.to_sym)
14
- end
15
- else
16
- value = value[key.to_s].nil? ? nil : value[key.to_s]
17
- end
11
+ # if the current value is not a Hash or Array, it is undefined
12
+ # behavior so value will be assigned nil by default.
13
+ value = if value.is_a?(Array)
14
+ extract_from_array(key, value)
15
+ elsif value.is_a?(Hash)
16
+ extract_from_hash(key, value)
17
+ end
18
18
 
19
19
  # if there are no more keys, just return the value
20
20
  return value if keys.first.nil?
21
21
  # if there are more keys, extract more
22
22
  extract_value(keys.clone, value)
23
23
  end
24
+
25
+ private
26
+
27
+ # If the values to return from is an Array, allow returning by index.
28
+ # Otherwise, support methods on the Array itself.
29
+ def extract_from_array(key, value)
30
+ if key.is_a?(Fixnum)
31
+ value[key]
32
+ elsif value.respond_to?(key.to_sym)
33
+ value.send(key.to_sym)
34
+ end
35
+ end
36
+
37
+ # for Hashes, try to return the value by the key.
38
+ # We first try to find by the raw key before we stringify
39
+ # if the keys themselves are symbols, for example.
40
+ #
41
+ # This will return nil default if we can't find the key.
42
+ def extract_from_hash(key, value)
43
+ if value.key?(key)
44
+ value[key]
45
+ elsif value.key?(key.to_s)
46
+ value[key.to_s]
47
+ end
48
+ end
24
49
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.40.0
4
+ version: 1.41.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-09-27 00:00:00.000000000 Z
11
+ date: 2017-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train