inspec 1.51.0 → 1.51.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -15
- data/README.md +1 -1
- data/docs/glossary.md +99 -0
- data/docs/resources/aide_conf.md.erb +16 -9
- data/docs/resources/apache.md.erb +66 -0
- data/docs/resources/apache_conf.md.erb +11 -5
- data/docs/resources/apt.md.erb +1 -1
- data/docs/resources/audit_policy.md.erb +1 -1
- data/docs/resources/auditd_conf.md.erb +12 -9
- data/docs/resources/bash.md.erb +24 -12
- data/docs/resources/bond.md.erb +26 -24
- data/docs/resources/bridge.md.erb +18 -11
- data/docs/resources/bsd_service.md.erb +11 -2
- data/docs/resources/command.md.erb +30 -29
- data/docs/resources/cpan.md.erb +33 -17
- data/docs/resources/cran.md.erb +26 -17
- data/docs/resources/crontab.md.erb +18 -1
- data/docs/resources/csv.md.erb +13 -7
- data/docs/resources/{dh_params.md → dh_params.md.erb} +30 -6
- data/docs/resources/directory.md.erb +9 -4
- data/docs/resources/docker.md.erb +1 -1
- data/docs/resources/docker_container.md.erb +32 -26
- data/docs/resources/docker_image.md.erb +29 -26
- data/docs/resources/docker_service.md.erb +37 -31
- data/docs/resources/elasticsearch.md.erb +18 -32
- data/docs/resources/etc_fstab.md.erb +19 -15
- data/docs/resources/etc_group.md.erb +13 -39
- data/docs/resources/etc_hosts.md.erb +12 -5
- data/docs/resources/etc_hosts_allow.md.erb +9 -4
- data/docs/resources/etc_hosts_deny.md.erb +12 -7
- data/docs/resources/file.md.erb +139 -134
- data/docs/resources/filesystem.md.erb +5 -4
- data/docs/resources/firewalld.md.erb +1 -1
- data/docs/resources/gem.md.erb +2 -2
- data/docs/resources/group.md.erb +1 -1
- data/docs/resources/host.md.erb +1 -1
- data/docs/resources/iis_app.md.erb +1 -1
- data/docs/resources/iis_site.md.erb +1 -1
- data/docs/resources/interface.md.erb +1 -1
- data/docs/resources/iptables.md.erb +1 -1
- data/docs/resources/json.md.erb +1 -1
- data/docs/resources/kernel_module.md.erb +1 -1
- data/docs/resources/kernel_parameter.md.erb +1 -1
- data/docs/resources/launchd_service.md.erb +1 -1
- data/docs/resources/limits_conf.md.erb +1 -1
- data/docs/resources/login_def.md.erb +1 -1
- data/docs/resources/mount.md.erb +1 -1
- data/docs/resources/mysql_conf.md.erb +1 -1
- data/docs/resources/nginx_conf.md.erb +1 -1
- data/docs/resources/npm.md.erb +1 -1
- data/docs/resources/oneget.md.erb +1 -1
- data/docs/resources/os.md.erb +1 -1
- data/docs/resources/os_env.md.erb +2 -2
- data/docs/resources/package.md.erb +1 -1
- data/docs/resources/packages.md.erb +66 -0
- data/docs/resources/parse_config.md.erb +1 -1
- data/docs/resources/parse_config_file.md.erb +1 -1
- data/docs/resources/passwd.md.erb +1 -1
- data/docs/resources/pip.md.erb +1 -1
- data/docs/resources/port.md.erb +1 -1
- data/docs/resources/postgres_conf.md.erb +1 -1
- data/docs/resources/postgres_session.md.erb +1 -1
- data/docs/resources/powershell.md.erb +2 -2
- data/docs/resources/processes.md.erb +1 -1
- data/docs/resources/registry_key.md.erb +1 -1
- data/docs/resources/runit_service.md.erb +1 -1
- data/docs/resources/security_policy.md.erb +1 -1
- data/docs/resources/service.md.erb +1 -1
- data/docs/resources/shadow.md.erb +1 -1
- data/docs/resources/ssh_config.md.erb +1 -1
- data/docs/resources/sshd_config.md.erb +1 -1
- data/docs/resources/ssl.md.erb +1 -1
- data/docs/resources/sys_info.md.erb +1 -1
- data/docs/resources/systemd_service.md.erb +1 -1
- data/docs/resources/sysv_service.md.erb +1 -1
- data/docs/resources/upstart_service.md.erb +1 -1
- data/docs/resources/user.md.erb +1 -1
- data/docs/resources/users.md.erb +1 -1
- data/docs/resources/windows_feature.md.erb +1 -1
- data/docs/resources/windows_hotfix.md.erb +1 -1
- data/docs/resources/xinetd_conf.md.erb +1 -1
- data/docs/resources/xml.md.erb +1 -1
- data/docs/resources/yaml.md.erb +1 -1
- data/docs/resources/yum.md.erb +1 -1
- data/lib/inspec.rb +2 -1
- data/lib/inspec/base_cli.rb +98 -18
- data/lib/inspec/cli.rb +33 -21
- data/lib/inspec/formatters.rb +3 -0
- data/lib/inspec/formatters/base.rb +208 -0
- data/lib/inspec/formatters/json_rspec.rb +20 -0
- data/lib/inspec/formatters/show_progress.rb +12 -0
- data/lib/inspec/objects.rb +1 -0
- data/lib/inspec/objects/describe.rb +92 -0
- data/lib/inspec/reporters.rb +33 -0
- data/lib/inspec/reporters/base.rb +23 -0
- data/lib/inspec/reporters/cli.rb +395 -0
- data/lib/inspec/reporters/json.rb +132 -0
- data/lib/inspec/reporters/json_min.rb +44 -0
- data/lib/inspec/reporters/junit.rb +77 -0
- data/lib/inspec/runner.rb +14 -1
- data/lib/inspec/runner_rspec.rb +34 -14
- data/lib/inspec/schema.rb +1 -0
- data/lib/inspec/shell.rb +0 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/resources/apache.rb +20 -0
- data/lib/resources/apache_conf.rb +33 -8
- data/lib/resources/audit_policy.rb +1 -1
- data/lib/resources/packages.rb +4 -3
- metadata +17 -4
- data/lib/inspec/rspec_json_formatter.rb +0 -940
@@ -22,8 +22,9 @@ A `dh_params` resource block declares a parameter file to be tested.
|
|
22
22
|
its('text') { should eq 'PKCS#3 DH Parameters: (2048 bit)...' }
|
23
23
|
end
|
24
24
|
|
25
|
+
<br>
|
25
26
|
|
26
|
-
##
|
27
|
+
## Resource Parameter Examples
|
27
28
|
|
28
29
|
### dh_params?
|
29
30
|
|
@@ -33,13 +34,15 @@ Verify whether file contains DH parameters:
|
|
33
34
|
it { should be_dh_params }
|
34
35
|
end
|
35
36
|
|
36
|
-
|
37
|
+
<br>
|
37
38
|
|
38
|
-
|
39
|
+
## Supported Resource Properties
|
39
40
|
|
40
|
-
|
41
|
-
|
42
|
-
|
41
|
+
generator, modulus, prime_length, pem, text
|
42
|
+
|
43
|
+
<br>
|
44
|
+
|
45
|
+
## Property Examples
|
43
46
|
|
44
47
|
### generator (Integer)
|
45
48
|
|
@@ -190,3 +193,24 @@ Verify via `openssl dhparam` command:
|
|
190
193
|
4c:f6:c5:e3:a1:52:af:01:c1:4f:c7:42:a0:be:ed:
|
191
194
|
cd:13
|
192
195
|
generator: 2 (0x2)
|
196
|
+
|
197
|
+
<br>
|
198
|
+
|
199
|
+
## Matchers
|
200
|
+
|
201
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
202
|
+
|
203
|
+
### valid?
|
204
|
+
|
205
|
+
Verify whether DH parameters are valid:
|
206
|
+
|
207
|
+
describe dh_params('/path/to/file.dh_pem') do
|
208
|
+
it { should be_valid }
|
209
|
+
end
|
210
|
+
|
211
|
+
### be\_dh\_params
|
212
|
+
|
213
|
+
describe dh_params('/path/to/file.dh_pem') do
|
214
|
+
it { should be_dh_params}
|
215
|
+
end
|
216
|
+
|
@@ -4,20 +4,25 @@ title: About the directory Resource
|
|
4
4
|
|
5
5
|
# directory
|
6
6
|
|
7
|
-
Use the `directory` InSpec audit resource to test if the file type is a directory. This is equivalent to using the `file` resource and the `be_directory` matcher, but provides a simpler and more direct way to test directories.
|
7
|
+
Use the `directory` InSpec audit resource to test if the file type is a directory. This is equivalent to using the `file` resource and the `be_directory` matcher, but provides a simpler and more direct way to test directories.
|
8
8
|
|
9
9
|
<br>
|
10
10
|
|
11
11
|
## Syntax
|
12
12
|
|
13
|
-
A `directory` resource block declares the location of the directory to be tested, and then one (or more) matchers
|
13
|
+
A `directory` resource block declares the location of the directory to be tested, and then one (or more) matchers.
|
14
14
|
|
15
15
|
describe directory('path') do
|
16
|
-
|
16
|
+
its('property') { should cmp 'value' }
|
17
17
|
end
|
18
18
|
|
19
19
|
<br>
|
20
20
|
|
21
|
+
## Supported Resource Properties
|
22
|
+
|
23
|
+
All of the properties available to `file` may be used with `directory`.
|
24
|
+
|
25
|
+
<br>
|
21
26
|
## Matchers
|
22
27
|
|
23
|
-
|
28
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
@@ -109,7 +109,7 @@ Or execute the profile directly via URL:
|
|
109
109
|
|
110
110
|
## Matchers
|
111
111
|
|
112
|
-
|
112
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
113
113
|
|
114
114
|
### containers
|
115
115
|
|
@@ -23,7 +23,11 @@ A `docker_container` resource block declares the configuration data to be tested
|
|
23
23
|
its('command') { should eq 'nc -ll -p 1234 -e /bin/cat' }
|
24
24
|
end
|
25
25
|
|
26
|
-
|
26
|
+
## Resource Parameter Examples
|
27
|
+
|
28
|
+
### container
|
29
|
+
|
30
|
+
The container name can also be passed with the `name` resource parameter:
|
27
31
|
|
28
32
|
describe docker_container(name: 'an-echo-server') do
|
29
33
|
it { should exist }
|
@@ -39,55 +43,57 @@ Alternatively, you can pass in the container id:
|
|
39
43
|
|
40
44
|
<br>
|
41
45
|
|
42
|
-
## Examples
|
46
|
+
## Property Examples
|
43
47
|
|
44
48
|
The following examples show how to use this InSpec resource.
|
45
49
|
|
46
|
-
### Verify an running container:
|
47
|
-
|
48
|
-
describe docker_container('an-echo-server') do
|
49
|
-
it { should exist }
|
50
|
-
it { should be_running }
|
51
|
-
its('id') { should_not eq '' }
|
52
|
-
its('image') { should eq 'busybox:latest' }
|
53
|
-
its('repo') { should eq 'busybox' }
|
54
|
-
its('tag') { should eq 'latest' }
|
55
|
-
its('ports') { should eq [] }
|
56
|
-
its('command') { should eq 'nc -ll -p 1234 -e /bin/cat' }
|
57
|
-
end
|
58
|
-
|
59
|
-
<br>
|
60
|
-
|
61
|
-
## Matchers
|
62
|
-
|
63
|
-
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
64
|
-
|
65
50
|
### id
|
66
51
|
|
67
|
-
The `id`
|
52
|
+
The `id` property tests the container id:
|
68
53
|
|
69
54
|
its('id') { should eq 'sha:71b5df59...442b' }
|
70
55
|
|
71
56
|
### repo
|
72
57
|
|
73
|
-
The `repo`
|
58
|
+
The `repo` property tests the value of the image repository:
|
74
59
|
|
75
60
|
its('repo') { should eq 'busybox' }
|
76
61
|
|
77
62
|
### tag
|
78
63
|
|
79
|
-
The `tag`
|
64
|
+
The `tag` property tests the value of the image tag:
|
80
65
|
|
81
66
|
its('tag') { should eq 'latest' }
|
82
67
|
|
83
68
|
### ports
|
84
69
|
|
85
|
-
The `ports`
|
70
|
+
The `ports` property tests the value the docker ports:
|
86
71
|
|
87
72
|
its('ports') { should eq '0.0.0.0:1234->1234/tcp' }
|
88
73
|
|
89
74
|
### command
|
90
75
|
|
91
|
-
The `command`
|
76
|
+
The `command` property tests the value of the container run command:
|
92
77
|
|
93
78
|
its('command') { should eq 'nc -ll -p 1234 -e /bin/cat' }
|
79
|
+
|
80
|
+
|
81
|
+
### Verify a running container:
|
82
|
+
|
83
|
+
describe docker_container('an-echo-server') do
|
84
|
+
it { should exist }
|
85
|
+
it { should be_running }
|
86
|
+
its('id') { should_not eq '' }
|
87
|
+
its('image') { should eq 'busybox:latest' }
|
88
|
+
its('repo') { should eq 'busybox' }
|
89
|
+
its('tag') { should eq 'latest' }
|
90
|
+
its('ports') { should eq [] }
|
91
|
+
its('command') { should eq 'nc -ll -p 1234 -e /bin/cat' }
|
92
|
+
end
|
93
|
+
|
94
|
+
<br>
|
95
|
+
|
96
|
+
## Matchers
|
97
|
+
|
98
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
99
|
+
|
@@ -19,6 +19,10 @@ A `docker_image` resource block declares the image:
|
|
19
19
|
its('tag') { should eq 'latest' }
|
20
20
|
end
|
21
21
|
|
22
|
+
<br>
|
23
|
+
|
24
|
+
## Resource Parameter Examples
|
25
|
+
|
22
26
|
The resource allows you to pass in an image id:
|
23
27
|
|
24
28
|
describe docker_image(id: alpine_id) do
|
@@ -39,9 +43,31 @@ You can also pass in repository and tag as separate values
|
|
39
43
|
|
40
44
|
<br>
|
41
45
|
|
42
|
-
## Examples
|
46
|
+
## Property Examples
|
43
47
|
|
44
|
-
|
48
|
+
### id
|
49
|
+
|
50
|
+
The `id` property returns the full image id:
|
51
|
+
|
52
|
+
its('id') { should eq 'sha256:4a415e3663882fbc554ee830889c68a33b3585503892cc718a4698e91ef2a526' }
|
53
|
+
|
54
|
+
### image
|
55
|
+
|
56
|
+
The `image` property tests the value of the image. It is a combination of `repository/tag`:
|
57
|
+
|
58
|
+
its('image') { should eq 'alpine:latest' }
|
59
|
+
|
60
|
+
### repo
|
61
|
+
|
62
|
+
The `repo` property tests the value of the repository name:
|
63
|
+
|
64
|
+
its('repo') { should eq 'alpine' }
|
65
|
+
|
66
|
+
### tag
|
67
|
+
|
68
|
+
The `tag` property tests the value of image tag:
|
69
|
+
|
70
|
+
its('tag') { should eq 'latest' }
|
45
71
|
|
46
72
|
### Test a docker image
|
47
73
|
|
@@ -57,7 +83,7 @@ The following examples show how to use this InSpec `docker_image` resource.
|
|
57
83
|
|
58
84
|
## Matchers
|
59
85
|
|
60
|
-
|
86
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
61
87
|
|
62
88
|
### exist
|
63
89
|
|
@@ -65,26 +91,3 @@ The `exist` matcher tests if the image is available on the node:
|
|
65
91
|
|
66
92
|
it { should exist }
|
67
93
|
|
68
|
-
### id
|
69
|
-
|
70
|
-
The `id` matcher returns the full image id:
|
71
|
-
|
72
|
-
its('id') { should eq 'sha256:4a415e3663882fbc554ee830889c68a33b3585503892cc718a4698e91ef2a526' }
|
73
|
-
|
74
|
-
### image
|
75
|
-
|
76
|
-
The `image` matcher tests the value of the image. It is a combination of `repository/tag`:
|
77
|
-
|
78
|
-
its('image') { should eq 'alpine:latest' }
|
79
|
-
|
80
|
-
### repo
|
81
|
-
|
82
|
-
The `repo` matcher tests the value of the repository name:
|
83
|
-
|
84
|
-
its('repo') { should eq 'alpine' }
|
85
|
-
|
86
|
-
### tag
|
87
|
-
|
88
|
-
The `tag` matcher tests the value of image tag:
|
89
|
-
|
90
|
-
its('tag') { should eq 'latest' }
|
@@ -19,6 +19,10 @@ A `docker_service` resource block declares the service by name:
|
|
19
19
|
its('tag') { should eq 'latest' }
|
20
20
|
end
|
21
21
|
|
22
|
+
<br>
|
23
|
+
|
24
|
+
## Resource Parameter Examples
|
25
|
+
|
22
26
|
The resource allows you to pass in a service id:
|
23
27
|
|
24
28
|
describe docker_service(id: '2ghswegspre1') do
|
@@ -33,75 +37,77 @@ You can also pass in the fully-qualified image:
|
|
33
37
|
|
34
38
|
<br>
|
35
39
|
|
36
|
-
## Examples
|
37
|
-
|
38
|
-
The following examples show how to use this InSpec `docker_service` resource.
|
39
|
-
|
40
|
-
### Test a docker service
|
40
|
+
## Property Examples
|
41
41
|
|
42
|
-
|
43
|
-
it { should exist }
|
44
|
-
its('id') { should eq '2ghswegspre1' }
|
45
|
-
its('repo') { should eq 'alpine' }
|
46
|
-
its('tag') { should eq 'latest' }
|
47
|
-
end
|
48
|
-
|
49
|
-
<br>
|
50
|
-
|
51
|
-
## Matchers
|
52
|
-
|
53
|
-
This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
54
|
-
|
55
|
-
### exist
|
56
|
-
|
57
|
-
The `exist` matcher tests if the image is available on the node:
|
58
|
-
|
59
|
-
it { should exist }
|
42
|
+
The following examples show how to use InSpec `docker_service` resource.
|
60
43
|
|
61
44
|
### id
|
62
45
|
|
63
|
-
The `id`
|
46
|
+
The `id` property returns the service id:
|
64
47
|
|
65
48
|
its('id') { should eq '2ghswegspre1' }
|
66
49
|
|
67
50
|
### image
|
68
51
|
|
69
|
-
The `image`
|
52
|
+
The `image` property tests the value of the image. It is a combination of `repository:tag`:
|
70
53
|
|
71
54
|
its('image') { should eq 'alpine:latest' }
|
72
55
|
|
73
56
|
### mode
|
74
57
|
|
75
|
-
The `mode`
|
58
|
+
The `mode` property tests the value of the service mode:
|
76
59
|
|
77
60
|
its('mode') { should eq 'replicated' }
|
78
61
|
|
79
62
|
### name
|
80
63
|
|
81
|
-
The `name`
|
64
|
+
The `name` property tests the value of the service name:
|
82
65
|
|
83
66
|
its('name') { should eq 'foo' }
|
84
67
|
|
85
68
|
### ports
|
86
69
|
|
87
|
-
The `ports`
|
70
|
+
The `ports` property tests the value of the service's published ports:
|
88
71
|
|
89
72
|
its('ports') { should include '*:8000->8000/tcp' }
|
90
73
|
|
91
74
|
### repo
|
92
75
|
|
93
|
-
The `repo`
|
76
|
+
The `repo` property tests the value of the repository name:
|
94
77
|
|
95
78
|
its('repo') { should eq 'alpine' }
|
96
79
|
|
97
80
|
### replicas
|
98
81
|
|
99
|
-
The `replicas`
|
82
|
+
The `replicas` property tests the value of the service's replica count:
|
100
83
|
|
101
84
|
its('replicas') { should eq '3/3' }
|
102
85
|
|
103
86
|
### tag
|
104
87
|
|
105
|
-
The `tag`
|
88
|
+
The `tag` property tests the value of image tag:
|
106
89
|
|
107
90
|
its('tag') { should eq 'latest' }
|
91
|
+
|
92
|
+
### Test a docker service
|
93
|
+
|
94
|
+
describe docker_service('foo') do
|
95
|
+
it { should exist }
|
96
|
+
its('id') { should eq '2ghswegspre1' }
|
97
|
+
its('repo') { should eq 'alpine' }
|
98
|
+
its('tag') { should eq 'latest' }
|
99
|
+
end
|
100
|
+
|
101
|
+
<br>
|
102
|
+
|
103
|
+
## Matchers
|
104
|
+
|
105
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
106
|
+
|
107
|
+
### exist
|
108
|
+
|
109
|
+
The `exist` matcher tests if the image is available on the node:
|
110
|
+
|
111
|
+
it { should exist }
|
112
|
+
|
113
|
+
|
@@ -1,12 +1,12 @@
|
|
1
1
|
---
|
2
|
-
title:
|
2
|
+
title: About the Elasticsearch Resource
|
3
3
|
---
|
4
4
|
|
5
5
|
# elasticsearch
|
6
6
|
|
7
|
-
|
8
|
-
Elasticsearch cluster. InSpec
|
9
|
-
provided (defaults to `http://localhost:9200`) and
|
7
|
+
Use the `elasticsearch` resource to test the status of a node against a running
|
8
|
+
Elasticsearch cluster. InSpec retrieves the node list from the cluster node URL
|
9
|
+
provided (defaults to `http://localhost:9200`) and provides the ability to query
|
10
10
|
a variety of settings and statuses.
|
11
11
|
|
12
12
|
## Syntax
|
@@ -15,7 +15,9 @@ a variety of settings and statuses.
|
|
15
15
|
its('property') { should cmp 'value' }
|
16
16
|
end
|
17
17
|
|
18
|
-
|
18
|
+
## Supported Resource parameters
|
19
|
+
|
20
|
+
The `elasticsearch` resource accepts a number of optional resource parameters:
|
19
21
|
|
20
22
|
* `url`: the top-level URL of an Elasticsearch node in the cluster. If your Elasticsearch installation is not served out of the top-level directory at the host, be sure to specific the full URL; for example: `http://my-load-balancer/elasticsearch`. Default: `http://localhost:9200`
|
21
23
|
* `username`: a username to use to log in with HTTP-Basic authentication. If `username` is provided, a `password` must also be provided.
|
@@ -38,33 +40,13 @@ To simply check if nodes exist that match the criteria, use the `exist` matcher:
|
|
38
40
|
it { should exist }
|
39
41
|
end
|
40
42
|
|
41
|
-
## Supported Properties
|
43
|
+
## Supported Resource Properties
|
42
44
|
|
43
45
|
The following properties are provided:
|
44
46
|
|
45
|
-
*
|
46
|
-
|
47
|
-
|
48
|
-
* http
|
49
|
-
* ingest
|
50
|
-
* ip
|
51
|
-
* jvm
|
52
|
-
* module_list
|
53
|
-
* modules
|
54
|
-
* node_name
|
55
|
-
* node_id
|
56
|
-
* os
|
57
|
-
* plugin_list
|
58
|
-
* plugins
|
59
|
-
* process
|
60
|
-
* roles
|
61
|
-
* settings
|
62
|
-
* total_indexing_buffer
|
63
|
-
* transport
|
64
|
-
* transport_address
|
65
|
-
* version
|
66
|
-
|
67
|
-
Since the `elasticsearch` resource is meant for use on a cluster, each property will return an array of the values for each node that matches any provided search criteria. Using InSpec's `cmp` matcher will help avoid any issues when trying to compare values for when a single match is returned (i.e. when the cluster only contains a single node, or the `where` filter criteria provided only returns a single node).
|
47
|
+
* build\_hash cluster\_name, host, http, ingest, ip, jvm, module\_list, modules, node\_name, node\_id, os, plugin\_list, plugins, process, roles, settings, total\_indexing\_buffer, transport, transport\_address, version
|
48
|
+
|
49
|
+
Since the `elasticsearch` resource is meant for use on a cluster, each property will return an array of the values for each node that matches any provided search criteria. Using InSpec's `cmp` matcher helps avoid issues when comparing values when there is only a single match (i.e. when the cluster only contains a single node, or the `where` filter criteria provided only returns a single node).
|
68
50
|
|
69
51
|
## Property Examples
|
70
52
|
|
@@ -86,7 +68,7 @@ Returns the cluster names of each of the nodes.
|
|
86
68
|
|
87
69
|
### host
|
88
70
|
|
89
|
-
Returns the hostname of each of the nodes. This may return an IP address
|
71
|
+
Returns the hostname of each of the nodes. This may return an IP address, if the node is improperly performing DNS resolution or has no hostname set.
|
90
72
|
|
91
73
|
describe elasticsearch do
|
92
74
|
its('host') { should cmp 'my.hostname.mycompany.biz' }
|
@@ -134,7 +116,7 @@ Returns a list of enabled modules for each node in the cluster. For more additio
|
|
134
116
|
|
135
117
|
### modules
|
136
118
|
|
137
|
-
Returns detailed information about each enabled module for each node in the cluster. For a succint list of the names of each of the modules enabled, use the `module_list` property. This example uses
|
119
|
+
Returns detailed information about each enabled module for each node in the cluster. For a succint list of the names of each of the modules enabled, use the `module_list` property. This example uses additional Ruby to find a specific module and assert a value.
|
138
120
|
|
139
121
|
modules = elasticsearch.modules.first
|
140
122
|
lang_groovy_module = modules.find { |mod| mod.name == 'lang-groovy' }
|
@@ -178,7 +160,7 @@ Returns a list of enabled plugins for each node in the cluster. For more additio
|
|
178
160
|
|
179
161
|
### plugins
|
180
162
|
|
181
|
-
Returns detailed information about each enabled plugin for each node in the cluster. For a succint list of the names of each of the plugins enabled, use the `plugin_list` property. This example uses
|
163
|
+
Returns detailed information about each enabled plugin for each node in the cluster. For a succint list of the names of each of the plugins enabled, use the `plugin_list` property. This example uses additional Ruby to find a specific plugin and assert a value.
|
182
164
|
|
183
165
|
plugins = elasticsearch.plugins.first
|
184
166
|
my_plugin = plugins.find { |plugin| plugin.name == 'my_plugin' }
|
@@ -243,3 +225,7 @@ Returns the version of Elasticsearch running on each node of the cluster.
|
|
243
225
|
describe elasticsearch do
|
244
226
|
its('version') { should cmp '5.5.2' }
|
245
227
|
end
|
228
|
+
|
229
|
+
## Matchers
|
230
|
+
|
231
|
+
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|