inspec 1.40.0 → 1.41.0

data/docs/resources/firewalld.md.erb

@@ -8,6 +8,8 @@ Use the `firewalld` InSpec audit resource to test that firewalld is configured t
 
 A firewalld has a number of zones that can be configured to allow and deny access to specific hosts, services, and ports.
 
+<br>
+
 ## Syntax
 
     describe firewalld do
@@ -24,6 +26,8 @@ Use the where clause to test open interfaces, sources, and services in active zo
       its('sources') { should cmp ['192.168.1.0/24', '192.168.1.2'] }
       its('services') { should cmp ['ssh', 'icmp'] }
     end
+    
+<br>
 
 ## Supported Properties
 
@@ -57,9 +61,11 @@ The `default_zone` property displays the default active zone to be used.
 
     its('default_zone') { should eq 'public' }
 
+<br>
+
 ## Matchers
 
-This InSpec audit resource has the following matchers:
+This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
 
 ### `be_installed`
 

data/docs/resources/gem.md.erb

@@ -6,6 +6,8 @@ title: About the gem Resource
 
 Use the `gem` InSpec audit resource to test if a global Gem package is installed.
 
+<br>
+
 ## Syntax
 
 A `gem` resource block declares a package and (optionally) a package version:
@@ -20,41 +22,7 @@ where
 * `('gem_binary')` can specify the path to a non-default gem binary, defaults to `'gem'`
 * `be_installed` is a valid matcher for this resource
 
-## Matchers
-
-This InSpec audit resource has the following matchers:
-
-### be
-
-<%= partial "/shared/matcher_be" %>
-
-### be_installed
-
-The `be_installed` matcher tests if the named Gem package is installed:
-
-    it { should be_installed }
-
-### cmp
-
-<%= partial "/shared/matcher_cmp" %>
-
-### eq
-
-<%= partial "/shared/matcher_eq" %>
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### match
-
-<%= partial "/shared/matcher_match" %>
-
-### version
-
-The `version` matcher tests if the named package version is on the system:
-
-    its('version') { should eq '0.33.0' }
+<br>
 
 ## Examples
 
@@ -90,3 +58,21 @@ The following examples show how to use this InSpec audit resource.
     describe gem('knife-backup', :chef_server) do
       it { should be_installed }
     end
+
+<br>
+
+## Matchers
+
+This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### be_installed
+
+The `be_installed` matcher tests if the named Gem package is installed:
+
+    it { should be_installed }
+
+### version
+
+The `version` matcher tests if the named package version is on the system:
+
+    its('version') { should eq '0.33.0' }

data/docs/resources/group.md.erb

@@ -6,6 +6,8 @@ title: About the group Resource
 
 Use the `group` InSpec audit resource to test groups on the system.
 
+<br>
+
 ## Syntax
 
 A `group` resource block declares a group, and then the details to be tested, such as if the group is a local group, the group identifier, or if the group exists:
@@ -20,27 +22,30 @@ where
 * `'group_name'` must specify the name of a group on the system
 * `exist` and `'gid'` are valid matchers for this resource
 
-## Matchers
+<br>
 
-This InSpec audit resource has the following matchers:
+## Examples
 
-### be
+The following examples show how to use this InSpec audit resource.
 
-<%= partial "/shared/matcher_be" %>
+### Test the group identifier for the root group
 
-### be_local
+    describe group('root') do
+      it { should exist }
+      its('gid') { should eq 0 }
+    end
 
-The `be_local` matcher tests if the group is a local group:
+<br>
 
-    it { should be_local }
+## Matchers
 
-### cmp
+This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
 
-<%= partial "/shared/matcher_cmp" %>
+### be_local
 
-### eq
+The `be_local` matcher tests if the group is a local group:
 
-<%= partial "/shared/matcher_eq" %>
+    it { should be_local }
 
 ### exist
 
@@ -53,22 +58,3 @@ The `exist` matcher tests if the named user exists:
 The `gid` matcher tests the named group identifier:
 
     its('gid') { should eq 1234 }
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### match
-
-<%= partial "/shared/matcher_match" %>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test the group identifier for the root group
-
-    describe group('root') do
-      it { should exist }
-      its('gid') { should eq 0 }
-    end

data/docs/resources/grub_conf.md.erb

@@ -6,6 +6,8 @@ title: About the grub_conf Resource
 
 Grub is a boot loader on the Linux platform used to load and then transfer control to an operating system kernel, after which that kernel initializes the rest of the operating system. Use the `grub_conf` InSpec audit resource to test boot loader configuration settings that are defined in the `grub.conf` configuration file.
 
+<br>
+
 ## Syntax
 
 A `grub_conf` resource block declares a list of settings in a `grub.conf` file:
@@ -28,30 +30,7 @@ where
 * `'kernel'` specifies the default kernel (by using `'default'`) or a specific kernel; `'default'` defines the position in the list of kernels at which the default kernel is defined, i.e. `should eq '0'` for the first kernel listed or `'path', 'default'` to use the default kernel as specified in the `grub.conf` file
 * `'value'` is the value that is expected
 
-
-## Matchers
-
-This InSpec audit resource has the following matchers:
-
-### be
-
-<%= partial "/shared/matcher_be" %>
-
-### cmp
-
-<%= partial "/shared/matcher_cmp" %>
-
-### eq
-
-<%= partial "/shared/matcher_eq" %>
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### match
-
-<%= partial "/shared/matcher_match" %>
+<br>
 
 ## Examples
 
@@ -113,3 +92,9 @@ The following test verifies the `ramdisk_size` for the non-deault kernel:
     grub_conf('/etc/grub.conf',  'CentOS (2.6.32-573.12.1.el6.x86_64)') do
       its('kernel') { should include 'audit=1' }
     end
+
+<br>
+
+## Matchers
+
+For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

data/docs/resources/host.md.erb

@@ -6,17 +6,17 @@ title: About the host Resource
 
 Use the `host` InSpec audit resource to test the name used to refer to a specific host and its availability, including the Internet protocols and ports over which that host name should be available.
 
+<br>
+
 ## Syntax
 
 A `host` resource block declares a host name, and then (depending on what is to be tested) a port and/or a protocol:
 
-.. code-block:: ruby
-
-   describe host('example.com', port: 80, protocol: 'tcp') do
-     it { should be_reachable }
-     it { should be_resolvable }
-     its('ipaddress') { should include '12.34.56.78' }
-   end
+    describe host('example.com', port: 80, protocol: 'tcp') do
+      it { should be_reachable }
+      it { should be_resolvable }
+      its('ipaddress') { should include '12.34.56.78' }
+    end
 
 where
 
@@ -25,48 +25,7 @@ where
 * `port:` is the port number
 * `protocol: 'name'` is the Internet protocol: TCP (`protocol: 'tcp'`), UDP (`protocol: 'udp'` or  ICMP (`protocol: 'icmp'`))
 
-
-## Matchers
-
-This InSpec audit resource has the following matchers:
-
-### be
-
-<%= partial "/shared/matcher_be" %>
-
-### be_reachable
-
-The `be_reachable` matcher tests if the host name is available:
-
-    it { should be_reachable }
-
-### be_resolvable
-
-The `be_resolvable` matcher tests for host name resolution, i.e. "resolvable to an IP address":
-
-    it { should be_resolvable }
-
-### cmp
-
-<%= partial "/shared/matcher_cmp" %>
-
-### eq
-
-<%= partial "/shared/matcher_eq" %>
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### ipaddress
-
-The `ipaddress` matcher tests if a host name is resolvable to a specific IP address:
-
-    its('ipaddress') { should include '93.184.216.34' }
-
-### match
-
-<%= partial "/shared/matcher_match" %>
+<br>
 
 ## Examples
 
@@ -92,3 +51,27 @@ The following examples show how to use this InSpec audit resource.
       its('connection') { should_not match /connection refused/ }
       its('socket') { should match /STATUS_OK/ }
     end
+
+<br>
+
+## Matchers
+
+This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### be_reachable
+
+The `be_reachable` matcher tests if the host name is available:
+
+    it { should be_reachable }
+
+### be_resolvable
+
+The `be_resolvable` matcher tests for host name resolution, i.e. "resolvable to an IP address":
+
+    it { should be_resolvable }
+
+### ipaddress
+
+The `ipaddress` matcher tests if a host name is resolvable to a specific IP address:
+
+    its('ipaddress') { should include '93.184.216.34' }

data/docs/resources/http.md.erb

@@ -6,9 +6,14 @@ title: About the http Resource
 
 Use the `http` InSpec audit resource to test an http endpoint.
 
-<p class="warning">Currently, this resource always executes on the host on which <code>inspec exec</code> is run, even if you use the <code>--target</code> option to remotely scan a different host.<br>
+<p class="warning">In InSpec 1.40 and earlier, this resource always executes on the host on which <code>inspec exec</code> is run, even if you use the <code>--target</code> option to remotely scan a different host.<br>
+<br>
+Beginning with InSpec 1.41, you can enable the ability to have the HTTP test execute on the remote target, provided <code>curl</code> is available. See the "Local vs. Remote" section below.<br>
+<br>
+Executing the HTTP test on the remote target will be the default behavior in InSpec 2.0.
+</p>
+
 <br>
-This will be corrected in a future version of InSpec. New InSpec releases are posted in the <a href="https://discourse.chef.io/c/chef-release" target="_blank">Release Announcements Category in Discourse</a>.</p>
 
 ## Syntax
 
@@ -32,51 +37,16 @@ where
 * `read_timeout` may be specified for a timeout for reading connections (default to 60)
 * `ssl_verify` may be specified to enable or disable verification of SSL certificates (default to `true`)
 
-## Matchers
-
-This InSpec audit resource has the following matchers:
-
-### be
-
-<%= partial "/shared/matcher_be" %>
-
-### body
-
-The `body` matcher tests body content of http response:
-
-   its('body') { should eq 'hello\n' }
-
-### cmp
-
-<%= partial "/shared/matcher_cmp" %>
-
-### eq
-
-<%= partial "/shared/matcher_eq" %>
-
-### headers
-
-The `headers` matcher returns an hash of all http headers:
-
-    its('headers') { should eq {} }
-
-Individual headers can be tested via:
-
-    its('headers.Content-Type') { should cmp 'text/html' }
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### match
-
-<%= partial "/shared/matcher_match" %>
+<br>
+## Local vs. Remote
 
-### status
+Beginning with InSpec 1.41, you can enable the ability to have the HTTP test execute on the remote target:
 
-The `status` matcher tests status of the http response:
+    describe http('http://www.example.com', enable_remote_worker: true) do
+      its('body') { should cmp 'awesome' }
+    end
 
-    its('status') { should eq 200 }
+In InSpec 2.0, the HTTP test will automatically execute remotely whenever InSpec is testing a remote node.
 
 ## Examples
 
@@ -102,3 +72,27 @@ For example, a service is listening on default http port can be tested like this
       its('body') { should cmp 'pong' }
       its('headers.Content-Type') { should cmp 'text/html' }
     end
+
+<br>
+
+### body
+
+The `body` matcher tests body content of http response:
+
+   its('body') { should eq 'hello\n' }
+
+### headers
+
+The `headers` matcher returns an hash of all http headers:
+
+    its('headers') { should eq {} }
+
+Individual headers can be tested via:
+
+    its('headers.Content-Type') { should cmp 'text/html' }
+
+### status
+
+The `status` matcher tests status of the http response:
+
+    its('status') { should eq 200 }

data/docs/resources/iis_app.md.erb

@@ -6,6 +6,8 @@ title: About the iis_app Resource
 
 Use the `iis_app` InSpec audit resource to test the state of IIS on Windows Server 2012 (and later).
 
+<br>
+
 ## Syntax
 
 An `iis_app` resource block declares details about the named site:
@@ -38,17 +40,34 @@ For example:
       it { should have_path('\\My Application') }
     end
 
-## Matchers
+<br>
+
+## Examples
+
+The following examples show how to use this InSpec audit resource.
+
+### Test a default IIS web application
+
+    describe iis_app('Default Web Site') do
+      it { should exist }
+      it { should be_running }
+      it { should have_app_pool('DefaultAppPool') }
+      it { should have_binding('http *:80:') }
+      it { should have_path('%SystemDrive%\\inetpub\\wwwroot') }
+    end
 
-This InSpec audit resource has the following matchers:
+### Test if IIS service is running
 
-### cmp
+    describe service('W3SVC') do
+      it { should be_installed }
+      it { should be_running }
+    end
 
-<%= partial "/shared/matcher_cmp" %>
+<br>
 
-### eq
+## Matchers
 
-<%= partial "/shared/matcher_eq" %>
+This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
 
 ### exist
 
@@ -95,32 +114,3 @@ Testing a web application with https enabled and http enabled:
 The `have_physical_path` matcher tests if the named path is defined for the web application:
 
     it { should have_physical_path('C:\\inetpub\\wwwroot') }
-
-### include
-
-<%= partial "/shared/matcher_include" %>
-
-### match
-
-<%= partial "/shared/matcher_match" %>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test a default IIS web application
-
-    describe iis_app('Default Web Site') do
-      it { should exist }
-      it { should be_running }
-      it { should have_app_pool('DefaultAppPool') }
-      it { should have_binding('http *:80:') }
-      it { should have_path('%SystemDrive%\\inetpub\\wwwroot') }
-    end
-
-### Test if IIS service is running
-
-    describe service('W3SVC') do
-      it { should be_installed }
-      it { should be_running }
-    end