inspec 1.51.25 → 2.0.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/CHANGELOG.md +24 -19
- data/Gemfile +3 -1
- data/LICENSE +0 -0
- data/MAINTAINERS.md +0 -0
- data/MAINTAINERS.toml +0 -0
- data/README.md +22 -3
- data/Rakefile +117 -0
- data/docs/.gitignore +0 -0
- data/docs/README.md +0 -0
- data/docs/dsl_inspec.md +0 -0
- data/docs/dsl_resource.md +0 -0
- data/docs/glossary.md +0 -0
- data/docs/habitat.md +0 -0
- data/docs/inspec_and_friends.md +0 -0
- data/docs/matchers.md +0 -0
- data/docs/migration.md +0 -0
- data/docs/platforms.md +119 -0
- data/docs/plugin_kitchen_inspec.md +0 -0
- data/docs/profiles.md +0 -0
- data/docs/reporters.md +0 -0
- data/docs/resources/aide_conf.md.erb +6 -8
- data/docs/resources/apache.md.erb +2 -1
- data/docs/resources/apache_conf.md.erb +2 -1
- data/docs/resources/apt.md.erb +2 -1
- data/docs/resources/audit_policy.md.erb +3 -2
- data/docs/resources/auditd.md.erb +2 -1
- data/docs/resources/auditd_conf.md.erb +3 -3
- data/docs/resources/aws_cloudtrail_trail.md.erb +140 -0
- data/docs/resources/aws_cloudtrail_trails.md.erb +81 -0
- data/docs/resources/aws_cloudwatch_alarm.md.erb +86 -0
- data/docs/resources/aws_cloudwatch_log_metric_filter.md.erb +151 -0
- data/docs/resources/aws_ec2_instance.md.erb +106 -0
- data/docs/resources/aws_iam_access_key.md.erb +123 -0
- data/docs/resources/aws_iam_access_keys.md.erb +198 -0
- data/docs/resources/aws_iam_group.md.erb +46 -0
- data/docs/resources/aws_iam_groups.md.erb +43 -0
- data/docs/resources/aws_iam_password_policy.md.erb +76 -0
- data/docs/resources/aws_iam_policies.md.erb +82 -0
- data/docs/resources/aws_iam_policy.md.erb +146 -0
- data/docs/resources/aws_iam_role.md.erb +65 -0
- data/docs/resources/aws_iam_root_user.md.erb +58 -0
- data/docs/resources/aws_iam_user.md.erb +64 -0
- data/docs/resources/aws_iam_users.md.erb +90 -0
- data/docs/resources/aws_kms_keys.md.erb +84 -0
- data/docs/resources/aws_route_table.md.erb +47 -0
- data/docs/resources/aws_s3_bucket.md.erb +134 -0
- data/docs/resources/aws_security_group.md.erb +152 -0
- data/docs/resources/aws_security_groups.md.erb +92 -0
- data/docs/resources/aws_sns_topic.md.erb +63 -0
- data/docs/resources/aws_subnet.md.erb +134 -0
- data/docs/resources/aws_subnets.md.erb +126 -0
- data/docs/resources/aws_vpc.md.erb +120 -0
- data/docs/resources/aws_vpcs.md.erb +48 -0
- data/docs/resources/azure_generic_resource.md.erb +140 -0
- data/docs/resources/azure_resource_group.md.erb +284 -0
- data/docs/resources/azure_virtual_machine.md.erb +314 -0
- data/docs/resources/azure_virtual_machine_data_disk.md.erb +182 -0
- data/docs/resources/bash.md.erb +2 -1
- data/docs/resources/bond.md.erb +2 -1
- data/docs/resources/bridge.md.erb +5 -2
- data/docs/resources/bsd_service.md.erb +3 -1
- data/docs/resources/command.md.erb +2 -1
- data/docs/resources/cpan.md.erb +4 -3
- data/docs/resources/cran.md.erb +2 -1
- data/docs/resources/crontab.md.erb +2 -1
- data/docs/resources/csv.md.erb +2 -1
- data/docs/resources/dh_params.md.erb +2 -1
- data/docs/resources/directory.md.erb +4 -2
- data/docs/resources/docker.md.erb +2 -1
- data/docs/resources/docker_container.md.erb +5 -2
- data/docs/resources/docker_image.md.erb +2 -1
- data/docs/resources/docker_service.md.erb +2 -1
- data/docs/resources/elasticsearch.md.erb +12 -1
- data/docs/resources/etc_fstab.md.erb +2 -1
- data/docs/resources/etc_group.md.erb +2 -1
- data/docs/resources/etc_hosts.md.erb +4 -1
- data/docs/resources/etc_hosts_allow.md.erb +2 -1
- data/docs/resources/etc_hosts_deny.md.erb +2 -1
- data/docs/resources/file.md.erb +6 -3
- data/docs/resources/filesystem.md.erb +2 -1
- data/docs/resources/firewalld.md.erb +4 -3
- data/docs/resources/gem.md.erb +2 -1
- data/docs/resources/group.md.erb +2 -1
- data/docs/resources/grub_conf.md.erb +2 -2
- data/docs/resources/host.md.erb +2 -1
- data/docs/resources/http.md.erb +4 -7
- data/docs/resources/iis_app.md.erb +3 -1
- data/docs/resources/iis_site.md.erb +4 -1
- data/docs/resources/inetd_conf.md.erb +2 -3
- data/docs/resources/ini.md.erb +6 -2
- data/docs/resources/interface.md.erb +5 -2
- data/docs/resources/iptables.md.erb +2 -1
- data/docs/resources/json.md.erb +2 -1
- data/docs/resources/kernel_module.md.erb +2 -1
- data/docs/resources/kernel_parameter.md.erb +3 -3
- data/docs/resources/key_rsa.md.erb +5 -3
- data/docs/resources/launchd_service.md.erb +2 -1
- data/docs/resources/limits_conf.md.erb +4 -2
- data/docs/resources/login_def.md.erb +2 -2
- data/docs/resources/mount.md.erb +2 -1
- data/docs/resources/mssql_session.md.erb +2 -1
- data/docs/resources/mysql_conf.md.erb +2 -1
- data/docs/resources/mysql_session.md.erb +2 -1
- data/docs/resources/nginx.md.erb +1 -0
- data/docs/resources/nginx_conf.md.erb +2 -1
- data/docs/resources/npm.md.erb +2 -1
- data/docs/resources/ntp_conf.md.erb +2 -1
- data/docs/resources/oneget.md.erb +2 -1
- data/docs/resources/oracledb_session.md.erb +2 -1
- data/docs/resources/os.md.erb +4 -3
- data/docs/resources/os_env.md.erb +2 -1
- data/docs/resources/package.md.erb +3 -2
- data/docs/resources/packages.md.erb +2 -1
- data/docs/resources/parse_config.md.erb +2 -1
- data/docs/resources/parse_config_file.md.erb +3 -2
- data/docs/resources/passwd.md.erb +2 -1
- data/docs/resources/pip.md.erb +2 -1
- data/docs/resources/port.md.erb +2 -1
- data/docs/resources/postgres_conf.md.erb +2 -1
- data/docs/resources/postgres_hba_conf.md.erb +2 -1
- data/docs/resources/postgres_ident_conf.md.erb +2 -1
- data/docs/resources/postgres_session.md.erb +2 -1
- data/docs/resources/powershell.md.erb +2 -1
- data/docs/resources/processes.md.erb +3 -1
- data/docs/resources/rabbitmq_config.md.erb +2 -1
- data/docs/resources/registry_key.md.erb +2 -1
- data/docs/resources/runit_service.md.erb +2 -1
- data/docs/resources/security_policy.md.erb +2 -1
- data/docs/resources/service.md.erb +2 -1
- data/docs/resources/shadow.md.erb +2 -1
- data/docs/resources/ssh_config.md.erb +2 -1
- data/docs/resources/sshd_config.md.erb +2 -1
- data/docs/resources/ssl.md.erb +2 -1
- data/docs/resources/sys_info.md.erb +2 -1
- data/docs/resources/systemd_service.md.erb +2 -1
- data/docs/resources/sysv_service.md.erb +2 -1
- data/docs/resources/upstart_service.md.erb +2 -1
- data/docs/resources/user.md.erb +3 -1
- data/docs/resources/users.md.erb +2 -1
- data/docs/resources/vbscript.md.erb +2 -1
- data/docs/resources/virtualization.md.erb +2 -1
- data/docs/resources/windows_feature.md.erb +2 -1
- data/docs/resources/windows_hotfix.md.erb +2 -1
- data/docs/resources/windows_task.md.erb +49 -43
- data/docs/resources/wmi.md.erb +2 -1
- data/docs/resources/x509_certificate.md.erb +1 -0
- data/docs/resources/xinetd_conf.md.erb +2 -1
- data/docs/resources/xml.md.erb +2 -1
- data/docs/resources/yaml.md.erb +2 -1
- data/docs/resources/yum.md.erb +2 -1
- data/docs/resources/zfs_dataset.md.erb +2 -1
- data/docs/resources/zfs_pool.md.erb +2 -1
- data/docs/ruby_usage.md +0 -0
- data/docs/shared/matcher_be.md.erb +0 -0
- data/docs/shared/matcher_cmp.md.erb +0 -0
- data/docs/shared/matcher_eq.md.erb +0 -0
- data/docs/shared/matcher_include.md.erb +0 -0
- data/docs/shared/matcher_match.md.erb +0 -0
- data/docs/shell.md +0 -0
- data/examples/README.md +0 -0
- data/examples/inheritance/README.md +0 -0
- data/examples/inheritance/controls/example.rb +0 -0
- data/examples/inheritance/inspec.yml +0 -0
- data/examples/kitchen-ansible/.kitchen.yml +0 -0
- data/examples/kitchen-ansible/Gemfile +0 -0
- data/examples/kitchen-ansible/README.md +0 -0
- data/examples/kitchen-ansible/files/nginx.repo +0 -0
- data/examples/kitchen-ansible/tasks/main.yml +0 -0
- data/examples/kitchen-ansible/test/integration/default/default.yml +0 -0
- data/examples/kitchen-ansible/test/integration/default/web_spec.rb +0 -0
- data/examples/kitchen-chef/.kitchen.yml +0 -0
- data/examples/kitchen-chef/Berksfile +0 -0
- data/examples/kitchen-chef/Gemfile +0 -0
- data/examples/kitchen-chef/README.md +0 -0
- data/examples/kitchen-chef/metadata.rb +0 -0
- data/examples/kitchen-chef/recipes/default.rb +0 -0
- data/examples/kitchen-chef/recipes/nginx.rb +0 -0
- data/examples/kitchen-chef/test/integration/default/web_spec.rb +0 -0
- data/examples/kitchen-puppet/.kitchen.yml +0 -0
- data/examples/kitchen-puppet/Gemfile +0 -0
- data/examples/kitchen-puppet/Puppetfile +0 -0
- data/examples/kitchen-puppet/README.md +0 -0
- data/examples/kitchen-puppet/manifests/site.pp +0 -0
- data/examples/kitchen-puppet/metadata.json +0 -0
- data/examples/kitchen-puppet/test/integration/default/web_spec.rb +0 -0
- data/examples/meta-profile/README.md +0 -0
- data/examples/meta-profile/controls/example.rb +0 -0
- data/examples/meta-profile/inspec.yml +0 -0
- data/examples/profile-attribute.yml +0 -0
- data/examples/profile-attribute/README.md +0 -0
- data/examples/profile-attribute/controls/example.rb +0 -0
- data/examples/profile-attribute/inspec.yml +0 -0
- data/examples/profile-aws/controls/iam_password_policy_expiration.rb +8 -0
- data/examples/profile-aws/controls/iam_password_policy_max_age.rb +8 -0
- data/examples/profile-aws/controls/iam_root_user_mfa.rb +8 -0
- data/examples/profile-aws/controls/iam_users_access_key_age.rb +8 -0
- data/examples/profile-aws/controls/iam_users_console_users_mfa.rb +8 -0
- data/examples/profile-aws/inspec.yml +11 -0
- data/examples/profile-azure/controls/azure_resource_group_example.rb +24 -0
- data/examples/profile-azure/controls/azure_vm_example.rb +29 -0
- data/examples/profile-azure/inspec.yml +11 -0
- data/examples/profile-sensitive/README.md +0 -0
- data/examples/profile-sensitive/controls/sensitive-failures.rb +0 -0
- data/examples/profile-sensitive/controls/sensitive.rb +0 -0
- data/examples/profile-sensitive/inspec.yml +0 -0
- data/examples/profile/README.md +0 -0
- data/examples/profile/controls/example.rb +0 -0
- data/examples/profile/controls/gordon.rb +0 -0
- data/examples/profile/controls/meta.rb +0 -0
- data/examples/profile/inspec.yml +0 -0
- data/examples/profile/libraries/gordon_config.rb +0 -0
- data/inspec.gemspec +1 -1
- data/lib/bundles/README.md +0 -0
- data/lib/bundles/inspec-artifact.rb +0 -0
- data/lib/bundles/inspec-artifact/README.md +0 -0
- data/lib/bundles/inspec-artifact/cli.rb +0 -0
- data/lib/bundles/inspec-compliance.rb +0 -0
- data/lib/bundles/inspec-compliance/.kitchen.yml +0 -0
- data/lib/bundles/inspec-compliance/README.md +0 -0
- data/lib/bundles/inspec-compliance/api/login.rb +0 -0
- data/lib/bundles/inspec-compliance/bootstrap.sh +0 -0
- data/lib/bundles/inspec-compliance/cli.rb +12 -35
- data/lib/bundles/inspec-compliance/configuration.rb +0 -0
- data/lib/bundles/inspec-compliance/http.rb +0 -0
- data/lib/bundles/inspec-compliance/images/cc-token.png +0 -0
- data/lib/bundles/inspec-compliance/support.rb +0 -0
- data/lib/bundles/inspec-compliance/target.rb +0 -0
- data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +0 -0
- data/lib/bundles/inspec-habitat.rb +0 -0
- data/lib/bundles/inspec-habitat/cli.rb +0 -0
- data/lib/bundles/inspec-habitat/log.rb +0 -0
- data/lib/bundles/inspec-habitat/profile.rb +0 -0
- data/lib/bundles/inspec-init.rb +0 -0
- data/lib/bundles/inspec-init/README.md +0 -0
- data/lib/bundles/inspec-init/cli.rb +0 -0
- data/lib/bundles/inspec-init/templates/profile/README.md +0 -0
- data/lib/bundles/inspec-init/templates/profile/controls/example.rb +1 -1
- data/lib/bundles/inspec-init/templates/profile/inspec.yml +0 -0
- data/lib/bundles/inspec-init/templates/profile/libraries/.gitkeep +0 -0
- data/lib/bundles/inspec-supermarket.rb +0 -0
- data/lib/bundles/inspec-supermarket/README.md +0 -0
- data/lib/bundles/inspec-supermarket/api.rb +0 -0
- data/lib/bundles/inspec-supermarket/cli.rb +11 -3
- data/lib/bundles/inspec-supermarket/target.rb +0 -0
- data/lib/fetchers/git.rb +0 -0
- data/lib/fetchers/local.rb +0 -0
- data/lib/fetchers/mock.rb +0 -0
- data/lib/fetchers/url.rb +0 -0
- data/lib/inspec.rb +0 -0
- data/lib/inspec/archive/tar.rb +0 -0
- data/lib/inspec/archive/zip.rb +0 -0
- data/lib/inspec/backend.rb +0 -0
- data/lib/inspec/base_cli.rb +2 -4
- data/lib/inspec/cached_fetcher.rb +0 -0
- data/lib/inspec/cli.rb +15 -11
- data/lib/inspec/completions/bash.sh.erb +0 -0
- data/lib/inspec/completions/fish.sh.erb +0 -0
- data/lib/inspec/completions/zsh.sh.erb +0 -0
- data/lib/inspec/control_eval_context.rb +0 -0
- data/lib/inspec/dependencies/cache.rb +0 -0
- data/lib/inspec/dependencies/dependency_set.rb +0 -0
- data/lib/inspec/dependencies/lockfile.rb +0 -0
- data/lib/inspec/dependencies/requirement.rb +0 -0
- data/lib/inspec/dependencies/resolver.rb +0 -0
- data/lib/inspec/describe.rb +0 -0
- data/lib/inspec/dsl.rb +0 -0
- data/lib/inspec/dsl_shared.rb +0 -0
- data/lib/inspec/env_printer.rb +0 -0
- data/lib/inspec/errors.rb +0 -0
- data/lib/inspec/exceptions.rb +0 -0
- data/lib/inspec/expect.rb +0 -0
- data/lib/inspec/fetcher.rb +0 -0
- data/lib/inspec/file_provider.rb +0 -0
- data/lib/inspec/formatters.rb +0 -0
- data/lib/inspec/formatters/base.rb +43 -1
- data/lib/inspec/formatters/json_rspec.rb +0 -0
- data/lib/inspec/formatters/show_progress.rb +0 -0
- data/lib/inspec/library_eval_context.rb +0 -0
- data/lib/inspec/log.rb +0 -0
- data/lib/inspec/metadata.rb +3 -9
- data/lib/inspec/method_source.rb +0 -0
- data/lib/inspec/objects.rb +0 -0
- data/lib/inspec/objects/attribute.rb +0 -0
- data/lib/inspec/objects/control.rb +0 -0
- data/lib/inspec/objects/describe.rb +0 -0
- data/lib/inspec/objects/each_loop.rb +0 -0
- data/lib/inspec/objects/list.rb +0 -0
- data/lib/inspec/objects/or_test.rb +0 -0
- data/lib/inspec/objects/ruby_helper.rb +0 -0
- data/lib/inspec/objects/tag.rb +0 -0
- data/lib/inspec/objects/test.rb +0 -0
- data/lib/inspec/objects/value.rb +0 -0
- data/lib/inspec/plugins.rb +0 -0
- data/lib/inspec/plugins/cli.rb +0 -0
- data/lib/inspec/plugins/fetcher.rb +0 -0
- data/lib/inspec/plugins/resource.rb +10 -9
- data/lib/inspec/plugins/secret.rb +0 -0
- data/lib/inspec/plugins/source_reader.rb +0 -0
- data/lib/inspec/polyfill.rb +0 -0
- data/lib/inspec/profile.rb +0 -0
- data/lib/inspec/profile_context.rb +0 -0
- data/lib/inspec/profile_vendor.rb +0 -0
- data/lib/inspec/reporters.rb +0 -0
- data/lib/inspec/reporters/base.rb +0 -0
- data/lib/inspec/reporters/cli.rb +12 -51
- data/lib/inspec/reporters/json.rb +3 -26
- data/lib/inspec/reporters/json_min.rb +0 -0
- data/lib/inspec/reporters/junit.rb +0 -0
- data/lib/inspec/require_loader.rb +0 -0
- data/lib/inspec/resource.rb +11 -1
- data/lib/inspec/rule.rb +0 -0
- data/lib/inspec/runner.rb +10 -8
- data/lib/inspec/runner_mock.rb +0 -0
- data/lib/inspec/runner_rspec.rb +18 -2
- data/lib/inspec/runtime_profile.rb +0 -0
- data/lib/inspec/schema.rb +25 -4
- data/lib/inspec/secrets.rb +0 -0
- data/lib/inspec/secrets/yaml.rb +0 -0
- data/lib/inspec/shell.rb +0 -0
- data/lib/inspec/shell_detector.rb +0 -0
- data/lib/inspec/source_reader.rb +0 -0
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +1 -59
- data/lib/resource_support/aws.rb +40 -0
- data/lib/resource_support/aws/aws_backend_base.rb +12 -0
- data/lib/resource_support/aws/aws_backend_factory_mixin.rb +12 -0
- data/lib/resource_support/aws/aws_plural_resource_mixin.rb +21 -0
- data/lib/resource_support/aws/aws_resource_mixin.rb +66 -0
- data/lib/resource_support/aws/aws_singular_resource_mixin.rb +24 -0
- data/lib/resources/aide_conf.rb +1 -1
- data/lib/resources/apache.rb +1 -2
- data/lib/resources/apache_conf.rb +2 -4
- data/lib/resources/apt.rb +1 -2
- data/lib/resources/audit_policy.rb +1 -2
- data/lib/resources/auditd.rb +1 -3
- data/lib/resources/auditd_conf.rb +1 -2
- data/lib/resources/aws/aws_cloudtrail_trail.rb +77 -0
- data/lib/resources/aws/aws_cloudtrail_trails.rb +47 -0
- data/lib/resources/aws/aws_cloudwatch_alarm.rb +62 -0
- data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +100 -0
- data/lib/resources/aws/aws_ec2_instance.rb +157 -0
- data/lib/resources/aws/aws_iam_access_key.rb +106 -0
- data/lib/resources/aws/aws_iam_access_keys.rb +144 -0
- data/lib/resources/aws/aws_iam_group.rb +56 -0
- data/lib/resources/aws/aws_iam_groups.rb +45 -0
- data/lib/resources/aws/aws_iam_password_policy.rb +116 -0
- data/lib/resources/aws/aws_iam_policies.rb +46 -0
- data/lib/resources/aws/aws_iam_policy.rb +119 -0
- data/lib/resources/aws/aws_iam_role.rb +51 -0
- data/lib/resources/aws/aws_iam_root_user.rb +60 -0
- data/lib/resources/aws/aws_iam_user.rb +111 -0
- data/lib/resources/aws/aws_iam_users.rb +96 -0
- data/lib/resources/aws/aws_kms_keys.rb +46 -0
- data/lib/resources/aws/aws_route_table.rb +61 -0
- data/lib/resources/aws/aws_s3_bucket.rb +115 -0
- data/lib/resources/aws/aws_security_group.rb +93 -0
- data/lib/resources/aws/aws_security_groups.rb +68 -0
- data/lib/resources/aws/aws_sns_topic.rb +53 -0
- data/lib/resources/aws/aws_subnet.rb +88 -0
- data/lib/resources/aws/aws_subnets.rb +53 -0
- data/lib/resources/aws/aws_vpc.rb +69 -0
- data/lib/resources/aws/aws_vpcs.rb +45 -0
- data/lib/resources/azure/azure_backend.rb +377 -0
- data/lib/resources/azure/azure_generic_resource.rb +59 -0
- data/lib/resources/azure/azure_resource_group.rb +152 -0
- data/lib/resources/azure/azure_virtual_machine.rb +264 -0
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +136 -0
- data/lib/resources/bash.rb +1 -2
- data/lib/resources/bond.rb +1 -2
- data/lib/resources/bridge.rb +1 -2
- data/lib/resources/command.rb +2 -2
- data/lib/resources/cpan.rb +1 -3
- data/lib/resources/cran.rb +1 -3
- data/lib/resources/crontab.rb +1 -0
- data/lib/resources/csv.rb +4 -2
- data/lib/resources/dh_params.rb +1 -2
- data/lib/resources/directory.rb +2 -2
- data/lib/resources/docker.rb +1 -4
- data/lib/resources/docker_container.rb +1 -4
- data/lib/resources/docker_image.rb +1 -4
- data/lib/resources/docker_object.rb +0 -0
- data/lib/resources/docker_service.rb +1 -5
- data/lib/resources/elasticsearch.rb +1 -0
- data/lib/resources/etc_fstab.rb +1 -1
- data/lib/resources/etc_group.rb +1 -2
- data/lib/resources/etc_hosts.rb +1 -1
- data/lib/resources/etc_hosts_allow_deny.rb +2 -1
- data/lib/resources/file.rb +2 -2
- data/lib/resources/filesystem.rb +1 -1
- data/lib/resources/firewalld.rb +1 -1
- data/lib/resources/gem.rb +2 -3
- data/lib/resources/groups.rb +4 -2
- data/lib/resources/grub_conf.rb +1 -1
- data/lib/resources/host.rb +2 -2
- data/lib/resources/http.rb +20 -22
- data/lib/resources/iis_app.rb +1 -0
- data/lib/resources/iis_site.rb +1 -0
- data/lib/resources/inetd_conf.rb +1 -2
- data/lib/resources/ini.rb +2 -2
- data/lib/resources/interface.rb +2 -3
- data/lib/resources/iptables.rb +1 -2
- data/lib/resources/json.rb +4 -2
- data/lib/resources/kernel_module.rb +1 -4
- data/lib/resources/kernel_parameter.rb +1 -1
- data/lib/resources/key_rsa.rb +2 -2
- data/lib/resources/limits_conf.rb +1 -2
- data/lib/resources/login_def.rb +1 -2
- data/lib/resources/mount.rb +1 -3
- data/lib/resources/mssql_session.rb +1 -3
- data/lib/resources/mysql.rb +1 -2
- data/lib/resources/mysql_conf.rb +2 -1
- data/lib/resources/mysql_session.rb +2 -3
- data/lib/resources/nginx.rb +1 -2
- data/lib/resources/nginx_conf.rb +1 -2
- data/lib/resources/npm.rb +2 -2
- data/lib/resources/ntp_conf.rb +1 -2
- data/lib/resources/oneget.rb +1 -2
- data/lib/resources/oracledb_session.rb +2 -3
- data/lib/resources/os.rb +2 -12
- data/lib/resources/os_env.rb +2 -2
- data/lib/resources/package.rb +2 -2
- data/lib/resources/packages.rb +1 -2
- data/lib/resources/parse_config.rb +2 -2
- data/lib/resources/passwd.rb +1 -23
- data/lib/resources/pip.rb +2 -2
- data/lib/resources/platform.rb +19 -22
- data/lib/resources/port.rb +2 -2
- data/lib/resources/postgres.rb +1 -3
- data/lib/resources/postgres_conf.rb +2 -3
- data/lib/resources/postgres_hba_conf.rb +1 -2
- data/lib/resources/postgres_ident_conf.rb +1 -2
- data/lib/resources/postgres_session.rb +2 -3
- data/lib/resources/powershell.rb +1 -2
- data/lib/resources/processes.rb +2 -2
- data/lib/resources/rabbitmq_conf.rb +1 -2
- data/lib/resources/registry_key.rb +1 -1
- data/lib/resources/security_policy.rb +1 -2
- data/lib/resources/service.rb +8 -3
- data/lib/resources/shadow.rb +1 -2
- data/lib/resources/ssh_conf.rb +2 -2
- data/lib/resources/ssl.rb +2 -2
- data/lib/resources/sys_info.rb +2 -0
- data/lib/resources/toml.rb +0 -0
- data/lib/resources/users.rb +4 -2
- data/lib/resources/vbscript.rb +1 -2
- data/lib/resources/virtualization.rb +1 -1
- data/lib/resources/windows_feature.rb +1 -2
- data/lib/resources/windows_hotfix.rb +1 -1
- data/lib/resources/windows_task.rb +1 -2
- data/lib/resources/wmi.rb +1 -2
- data/lib/resources/x509_certificate.rb +2 -2
- data/lib/resources/xinetd.rb +1 -2
- data/lib/resources/xml.rb +2 -1
- data/lib/resources/yaml.rb +4 -2
- data/lib/resources/yum.rb +1 -2
- data/lib/resources/zfs_dataset.rb +1 -1
- data/lib/resources/zfs_pool.rb +1 -1
- data/lib/source_readers/flat.rb +0 -0
- data/lib/source_readers/inspec.rb +0 -0
- data/lib/utils/command_wrapper.rb +0 -0
- data/lib/utils/convert.rb +0 -0
- data/lib/utils/database_helpers.rb +0 -0
- data/lib/utils/erlang_parser.rb +0 -0
- data/lib/utils/filter.rb +0 -0
- data/lib/utils/filter_array.rb +0 -0
- data/lib/utils/find_files.rb +0 -0
- data/lib/utils/hash.rb +0 -0
- data/lib/utils/json_log.rb +0 -0
- data/lib/utils/latest_version.rb +0 -0
- data/lib/utils/modulator.rb +0 -0
- data/lib/utils/nginx_parser.rb +0 -0
- data/lib/utils/object_traversal.rb +0 -0
- data/lib/utils/parser.rb +0 -0
- data/lib/utils/plugin_registry.rb +0 -0
- data/lib/utils/simpleconfig.rb +0 -12
- data/lib/utils/spdx.rb +0 -0
- data/lib/utils/spdx.txt +0 -0
- metadata +81 -6
- data/docs/resources/auditd_rules.md.erb +0 -116
- data/lib/resources/auditd_rules.rb +0 -205
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
# copyright: 2015, Vulcano Security GmbH
|
|
3
|
-
# author: Christoph Hartmann
|
|
4
3
|
|
|
5
4
|
require 'json'
|
|
6
5
|
|
|
@@ -49,6 +48,7 @@ require 'json'
|
|
|
49
48
|
module Inspec::Resources
|
|
50
49
|
class RegistryKey < Inspec.resource(1)
|
|
51
50
|
name 'registry_key'
|
|
51
|
+
supports platform: 'windows'
|
|
52
52
|
desc 'Use the registry_key InSpec audit resource to test key values in the Microsoft Windows registry.'
|
|
53
53
|
example "
|
|
54
54
|
describe registry_key('path\to\key') do
|
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
#
|
|
5
3
|
# Security Configuration and Analysis
|
|
6
4
|
#
|
|
@@ -69,6 +67,7 @@ module Inspec::Resources
|
|
|
69
67
|
|
|
70
68
|
class SecurityPolicy < Inspec.resource(1)
|
|
71
69
|
name 'security_policy'
|
|
70
|
+
supports platform: 'windows'
|
|
72
71
|
desc 'Use the security_policy InSpec audit resource to test security policies on the Microsoft Windows platform.'
|
|
73
72
|
example "
|
|
74
73
|
describe security_policy do
|
data/lib/resources/service.rb
CHANGED
|
@@ -1,7 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
|
-
# author: Stephan Renatus
|
|
5
2
|
|
|
6
3
|
require 'hashie'
|
|
7
4
|
|
|
@@ -70,6 +67,8 @@ module Inspec::Resources
|
|
|
70
67
|
# TODO: extend the logic to detect the running init system, independently of OS
|
|
71
68
|
class Service < Inspec.resource(1)
|
|
72
69
|
name 'service'
|
|
70
|
+
supports platform: 'unix'
|
|
71
|
+
supports platform: 'windows'
|
|
73
72
|
desc 'Use the service InSpec audit resource to test if the named service is installed, running and/or enabled.'
|
|
74
73
|
example "
|
|
75
74
|
describe service('service_name') do
|
|
@@ -652,6 +651,7 @@ module Inspec::Resources
|
|
|
652
651
|
|
|
653
652
|
class SystemdService < Service
|
|
654
653
|
name 'systemd_service'
|
|
654
|
+
supports platform: 'unix'
|
|
655
655
|
desc 'Use the systemd_service InSpec audit resource to test if the named service (controlled by systemd) is installed, running and/or enabled.'
|
|
656
656
|
example "
|
|
657
657
|
# to override service mgmt auto-detection
|
|
@@ -674,6 +674,7 @@ module Inspec::Resources
|
|
|
674
674
|
|
|
675
675
|
class UpstartService < Service
|
|
676
676
|
name 'upstart_service'
|
|
677
|
+
supports platform: 'unix'
|
|
677
678
|
desc 'Use the upstart_service InSpec audit resource to test if the named service (controlled by upstart) is installed, running and/or enabled.'
|
|
678
679
|
example "
|
|
679
680
|
# to override service mgmt auto-detection
|
|
@@ -696,6 +697,7 @@ module Inspec::Resources
|
|
|
696
697
|
|
|
697
698
|
class SysVService < Service
|
|
698
699
|
name 'sysv_service'
|
|
700
|
+
supports platform: 'unix'
|
|
699
701
|
desc 'Use the sysv_service InSpec audit resource to test if the named service (controlled by SysV) is installed, running and/or enabled.'
|
|
700
702
|
example "
|
|
701
703
|
# to override service mgmt auto-detection
|
|
@@ -718,6 +720,7 @@ module Inspec::Resources
|
|
|
718
720
|
|
|
719
721
|
class BSDService < Service
|
|
720
722
|
name 'bsd_service'
|
|
723
|
+
supports platform: 'unix'
|
|
721
724
|
desc 'Use the bsd_service InSpec audit resource to test if the named service (controlled by BSD init) is installed, running and/or enabled.'
|
|
722
725
|
example "
|
|
723
726
|
# to override service mgmt auto-detection
|
|
@@ -740,6 +743,7 @@ module Inspec::Resources
|
|
|
740
743
|
|
|
741
744
|
class LaunchdService < Service
|
|
742
745
|
name 'launchd_service'
|
|
746
|
+
supports platform: 'unix'
|
|
743
747
|
desc 'Use the launchd_service InSpec audit resource to test if the named service (controlled by launchd) is installed, running and/or enabled.'
|
|
744
748
|
example "
|
|
745
749
|
# to override service mgmt auto-detection
|
|
@@ -762,6 +766,7 @@ module Inspec::Resources
|
|
|
762
766
|
|
|
763
767
|
class RunitService < Service
|
|
764
768
|
name 'runit_service'
|
|
769
|
+
supports platform: 'unix'
|
|
765
770
|
desc 'Use the runit_service InSpec audit resource to test if the named service (controlled by runit) is installed, running and/or enabled.'
|
|
766
771
|
example "
|
|
767
772
|
# to override service mgmt auto-detection
|
data/lib/resources/shadow.rb
CHANGED
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
# copyright: 2016, Chef Software Inc.
|
|
3
|
-
# author: Dominik Richter
|
|
4
|
-
# author: Christoph Hartmann
|
|
5
3
|
|
|
6
4
|
require 'forwardable'
|
|
7
5
|
|
|
@@ -18,6 +16,7 @@ require 'forwardable'
|
|
|
18
16
|
module Inspec::Resources
|
|
19
17
|
class Shadow < Inspec.resource(1)
|
|
20
18
|
name 'shadow'
|
|
19
|
+
supports platform: 'unix'
|
|
21
20
|
desc 'Use the shadow InSpec resource to test the contents of /etc/shadow, '\
|
|
22
21
|
'which contains the following information for users that may log into '\
|
|
23
22
|
'the system and/or as users that own running processes.'
|
data/lib/resources/ssh_conf.rb
CHANGED
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
# copyright: 2015, Vulcano Security GmbH
|
|
3
|
-
# author: Dominik Richter
|
|
4
|
-
# author: Christoph Hartmann
|
|
5
3
|
|
|
6
4
|
require 'utils/simpleconfig'
|
|
7
5
|
|
|
8
6
|
module Inspec::Resources
|
|
9
7
|
class SshConf < Inspec.resource(1)
|
|
10
8
|
name 'ssh_config'
|
|
9
|
+
supports platform: 'unix'
|
|
11
10
|
desc 'Use the `ssh_config` InSpec audit resource to test OpenSSH client configuration data located at `/etc/ssh/ssh_config` on Linux and Unix platforms.'
|
|
12
11
|
example "
|
|
13
12
|
describe ssh_config do
|
|
@@ -84,6 +83,7 @@ module Inspec::Resources
|
|
|
84
83
|
|
|
85
84
|
class SshdConf < SshConf
|
|
86
85
|
name 'sshd_config'
|
|
86
|
+
supports platform: 'unix'
|
|
87
87
|
desc 'Use the sshd_config InSpec audit resource to test configuration data for the Open SSH daemon located at /etc/ssh/sshd_config on Linux and UNIX platforms. sshd---the Open SSH daemon---listens on dedicated ports, starts a daemon for each incoming connection, and then handles encryption, authentication, key exchanges, command execution, and data exchanges.'
|
|
88
88
|
example "
|
|
89
89
|
describe sshd_config do
|
data/lib/resources/ssl.rb
CHANGED
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
# copyright: 2015, Chef Software Inc.
|
|
3
|
-
# author: Dominik Richter
|
|
4
|
-
# author: Christoph Hartmann
|
|
5
3
|
|
|
6
4
|
require 'sslshake'
|
|
7
5
|
require 'utils/filter'
|
|
@@ -11,6 +9,8 @@ require 'parallel'
|
|
|
11
9
|
# Custom resource based on the InSpec resource DSL
|
|
12
10
|
class SSL < Inspec.resource(1)
|
|
13
11
|
name 'ssl'
|
|
12
|
+
supports platform: 'unix'
|
|
13
|
+
supports platform: 'windows'
|
|
14
14
|
|
|
15
15
|
desc "
|
|
16
16
|
SSL test resource
|
data/lib/resources/sys_info.rb
CHANGED
|
@@ -3,6 +3,8 @@ module Inspec::Resources
|
|
|
3
3
|
# this resource returns additional system informatio
|
|
4
4
|
class System < Inspec.resource(1)
|
|
5
5
|
name 'sys_info'
|
|
6
|
+
supports platform: 'unix'
|
|
7
|
+
supports platform: 'windows'
|
|
6
8
|
|
|
7
9
|
desc 'Use the user InSpec system resource to test for operating system properties.'
|
|
8
10
|
example "
|
data/lib/resources/toml.rb
CHANGED
|
File without changes
|
data/lib/resources/users.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
require 'utils/parser'
|
|
6
4
|
require 'utils/convert'
|
|
@@ -55,6 +53,8 @@ module Inspec::Resources
|
|
|
55
53
|
include UserManagementSelector
|
|
56
54
|
|
|
57
55
|
name 'users'
|
|
56
|
+
supports platform: 'unix'
|
|
57
|
+
supports platform: 'windows'
|
|
58
58
|
desc 'Use the users InSpec audit resource to test local user profiles. Users can be filtered by groups to which they belong, the frequency of required password changes, the directory paths to home and shell.'
|
|
59
59
|
example "
|
|
60
60
|
describe users.where { uid == 0 }.entries do
|
|
@@ -140,6 +140,8 @@ module Inspec::Resources
|
|
|
140
140
|
class User < Inspec.resource(1)
|
|
141
141
|
include UserManagementSelector
|
|
142
142
|
name 'user'
|
|
143
|
+
supports platform: 'unix'
|
|
144
|
+
supports platform: 'windows'
|
|
143
145
|
desc 'Use the user InSpec audit resource to test user profiles, including the groups to which they belong, the frequency of required password changes, the directory paths to home and shell.'
|
|
144
146
|
example "
|
|
145
147
|
describe user('root') do
|
data/lib/resources/vbscript.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
require 'securerandom'
|
|
6
4
|
|
|
@@ -23,6 +21,7 @@ module Inspec::Resources
|
|
|
23
21
|
# @see https://msdn.microsoft.com/en-us/library/aa364991.aspx
|
|
24
22
|
class VBScript < PowershellScript
|
|
25
23
|
name 'vbscript'
|
|
24
|
+
supports platform: 'windows'
|
|
26
25
|
desc ''
|
|
27
26
|
example "
|
|
28
27
|
script = <<-EOH
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Takaaki Furukawa
|
|
3
2
|
|
|
4
3
|
require 'hashie/mash'
|
|
5
4
|
|
|
6
5
|
module Inspec::Resources
|
|
7
6
|
class Virtualization < Inspec.resource(1)
|
|
8
7
|
name 'virtualization'
|
|
8
|
+
supports platform: 'unix'
|
|
9
9
|
desc 'Use the virtualization InSpec audit resource to test the virtualization platform on which the system is running'
|
|
10
10
|
example "
|
|
11
11
|
describe virtualization do
|
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
# check for a Windows feature
|
|
6
4
|
# Usage:
|
|
@@ -30,6 +28,7 @@
|
|
|
30
28
|
module Inspec::Resources
|
|
31
29
|
class WindowsFeature < Inspec.resource(1)
|
|
32
30
|
name 'windows_feature'
|
|
31
|
+
supports platform: 'windows'
|
|
33
32
|
desc 'Use the windows_feature InSpec audit resource to test features on Microsoft Windows.'
|
|
34
33
|
example "
|
|
35
34
|
describe windows_feature('dhcp') do
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Matt Ray
|
|
3
2
|
|
|
4
3
|
module Inspec::Resources
|
|
5
4
|
class WindowsHotfix < Inspec.resource(1)
|
|
6
5
|
name 'windows_hotfix'
|
|
6
|
+
supports platform: 'windows'
|
|
7
7
|
desc 'Use the windows_hotfix InSpec audit resource to test if the hotfix has been installed on the Windows system.'
|
|
8
8
|
example "
|
|
9
9
|
describe windows_hotfix('KB4012212') do
|
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Gary Bright @username-is-already-taken2
|
|
3
|
-
# author: Chris Beard @cdbeard2016
|
|
4
2
|
module Inspec::Resources
|
|
5
3
|
class WindowsTasks < Inspec.resource(1)
|
|
6
4
|
name 'windows_task'
|
|
5
|
+
supports platform: 'windows'
|
|
7
6
|
desc 'Use the windows_task InSpec audit resource to test task schedules on Microsoft Windows.'
|
|
8
7
|
example "
|
|
9
8
|
describe windows_task('\\Microsoft\\Windows\\Time Synchronization\\SynchronizeTime') do
|
data/lib/resources/wmi.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
require 'utils/object_traversal'
|
|
6
4
|
|
|
@@ -11,6 +9,7 @@ module Inspec::Resources
|
|
|
11
9
|
# We use Get-WmiObject via Powershell to retrieve all values.
|
|
12
10
|
class WMI < Inspec.resource(1)
|
|
13
11
|
name 'wmi'
|
|
12
|
+
supports platform: 'windows'
|
|
14
13
|
desc 'request wmi information'
|
|
15
14
|
example "
|
|
16
15
|
describe wmi({
|
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Richard Nixon
|
|
3
|
-
# author: Christoph Hartmann
|
|
4
2
|
|
|
5
3
|
require 'openssl'
|
|
6
4
|
require 'hashie/mash'
|
|
@@ -8,6 +6,8 @@ require 'hashie/mash'
|
|
|
8
6
|
module Inspec::Resources
|
|
9
7
|
class X509CertificateResource < Inspec.resource(1)
|
|
10
8
|
name 'x509_certificate'
|
|
9
|
+
supports platform: 'unix'
|
|
10
|
+
supports platform: 'windows'
|
|
11
11
|
desc 'Used to test x.509 certificates'
|
|
12
12
|
example "
|
|
13
13
|
describe x509_certificate('/etc/pki/www.mywebsite.com.pem') do
|
data/lib/resources/xinetd.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
require 'utils/parser'
|
|
6
4
|
require 'utils/filter'
|
|
@@ -8,6 +6,7 @@ require 'utils/filter'
|
|
|
8
6
|
module Inspec::Resources
|
|
9
7
|
class XinetdConf < Inspec.resource(1)
|
|
10
8
|
name 'xinetd_conf'
|
|
9
|
+
supports platform: 'unix'
|
|
11
10
|
desc 'Xinetd services configuration.'
|
|
12
11
|
example "
|
|
13
12
|
describe xinetd_conf.services('chargen') do
|
data/lib/resources/xml.rb
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Jonathan Morley
|
|
3
2
|
|
|
4
3
|
module Inspec::Resources
|
|
5
4
|
class XmlConfig < JsonConfig
|
|
6
5
|
name 'xml'
|
|
6
|
+
supports platform: 'unix'
|
|
7
|
+
supports platform: 'windows'
|
|
7
8
|
desc 'Use the xml InSpec resource to test configuration data in an XML file'
|
|
8
9
|
example "
|
|
9
10
|
describe xml('default.xml') do
|
data/lib/resources/yaml.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
require 'yaml'
|
|
6
4
|
|
|
@@ -12,6 +10,10 @@ require 'yaml'
|
|
|
12
10
|
module Inspec::Resources
|
|
13
11
|
class YamlConfig < JsonConfig
|
|
14
12
|
name 'yaml'
|
|
13
|
+
supports platform: 'unix'
|
|
14
|
+
supports platform: 'windows'
|
|
15
|
+
supports platform: 'esx'
|
|
16
|
+
supports platform: 'cisco'
|
|
15
17
|
desc 'Use the yaml InSpec audit resource to test configuration data in a YAML file.'
|
|
16
18
|
example "
|
|
17
19
|
describe yaml('config.yaml') do
|
data/lib/resources/yum.rb
CHANGED
|
@@ -1,6 +1,4 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
2
|
|
|
5
3
|
# Usage:
|
|
6
4
|
# describe yum do
|
|
@@ -32,6 +30,7 @@
|
|
|
32
30
|
module Inspec::Resources
|
|
33
31
|
class Yum < Inspec.resource(1)
|
|
34
32
|
name 'yum'
|
|
33
|
+
supports platform: 'unix'
|
|
35
34
|
desc 'Use the yum InSpec audit resource to test the configuration of Yum repositories.'
|
|
36
35
|
example "
|
|
37
36
|
describe yum.repo('name') do
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Joseph Benden
|
|
3
2
|
|
|
4
3
|
module Inspec::Resources
|
|
5
4
|
class ZfsDataset < Inspec.resource(1)
|
|
6
5
|
name 'zfs_dataset'
|
|
6
|
+
supports platform: 'unix'
|
|
7
7
|
desc "
|
|
8
8
|
Use the zfs_dataset InSpec audit resource to test if the named
|
|
9
9
|
ZFS Dataset is present and/or has certain properties.
|
data/lib/resources/zfs_pool.rb
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
|
-
# author: Joseph Benden
|
|
3
2
|
|
|
4
3
|
module Inspec::Resources
|
|
5
4
|
class ZfsPool < Inspec.resource(1)
|
|
6
5
|
name 'zfs_pool'
|
|
6
|
+
supports platform: 'unix'
|
|
7
7
|
desc "
|
|
8
8
|
Use the zfs_pool InSpec audit resource to test if the named
|
|
9
9
|
ZFS Pool is present and/or has certain properties.
|
data/lib/source_readers/flat.rb
CHANGED
|
File without changes
|
|
File without changes
|
|
File without changes
|
data/lib/utils/convert.rb
CHANGED
|
File without changes
|
|
File without changes
|
data/lib/utils/erlang_parser.rb
CHANGED
|
File without changes
|
data/lib/utils/filter.rb
CHANGED
|
File without changes
|
data/lib/utils/filter_array.rb
CHANGED
|
File without changes
|
data/lib/utils/find_files.rb
CHANGED
|
File without changes
|
data/lib/utils/hash.rb
CHANGED
|
File without changes
|
data/lib/utils/json_log.rb
CHANGED
|
File without changes
|
data/lib/utils/latest_version.rb
CHANGED
|
File without changes
|
data/lib/utils/modulator.rb
CHANGED
|
File without changes
|
data/lib/utils/nginx_parser.rb
CHANGED
|
File without changes
|
|
File without changes
|
data/lib/utils/parser.rb
CHANGED
|
File without changes
|
|
File without changes
|
data/lib/utils/simpleconfig.rb
CHANGED
|
@@ -54,18 +54,6 @@ class SimpleConfig
|
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
def parse_params_line(line, opts)
|
|
57
|
-
# Deprecation handling
|
|
58
|
-
if opts.key?(:assignment_re)
|
|
59
|
-
warn '[DEPRECATION] `:assignment_re` is deprecated in favor of `:assignment_regex` '\
|
|
60
|
-
'and will be removed in the next major version. See: https://github.com/chef/inspec/issues/1709'
|
|
61
|
-
opts[:assignment_regex] = opts[:assignment_re]
|
|
62
|
-
end
|
|
63
|
-
if opts.key?(:key_vals)
|
|
64
|
-
warn '[DEPRECATION] `:key_vals` is deprecated in favor of `:key_values` '\
|
|
65
|
-
'and will be removed in the next major version. See: https://github.com/chef/inspec/issues/1709'
|
|
66
|
-
opts[:key_values] = opts[:key_vals]
|
|
67
|
-
end
|
|
68
|
-
|
|
69
57
|
# now line contains what we are interested in parsing
|
|
70
58
|
# check if it is an assignment
|
|
71
59
|
m = opts[:assignment_regex].match(line)
|
data/lib/utils/spdx.rb
CHANGED
|
File without changes
|
data/lib/utils/spdx.txt
CHANGED
|
File without changes
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.16
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dominik Richter
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-02-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: train
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '1.1'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '1.1'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: thor
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -297,6 +297,7 @@ files:
|
|
|
297
297
|
- docs/inspec_and_friends.md
|
|
298
298
|
- docs/matchers.md
|
|
299
299
|
- docs/migration.md
|
|
300
|
+
- docs/platforms.md
|
|
300
301
|
- docs/plugin_kitchen_inspec.md
|
|
301
302
|
- docs/profiles.md
|
|
302
303
|
- docs/reporters.md
|
|
@@ -307,7 +308,36 @@ files:
|
|
|
307
308
|
- docs/resources/audit_policy.md.erb
|
|
308
309
|
- docs/resources/auditd.md.erb
|
|
309
310
|
- docs/resources/auditd_conf.md.erb
|
|
310
|
-
- docs/resources/
|
|
311
|
+
- docs/resources/aws_cloudtrail_trail.md.erb
|
|
312
|
+
- docs/resources/aws_cloudtrail_trails.md.erb
|
|
313
|
+
- docs/resources/aws_cloudwatch_alarm.md.erb
|
|
314
|
+
- docs/resources/aws_cloudwatch_log_metric_filter.md.erb
|
|
315
|
+
- docs/resources/aws_ec2_instance.md.erb
|
|
316
|
+
- docs/resources/aws_iam_access_key.md.erb
|
|
317
|
+
- docs/resources/aws_iam_access_keys.md.erb
|
|
318
|
+
- docs/resources/aws_iam_group.md.erb
|
|
319
|
+
- docs/resources/aws_iam_groups.md.erb
|
|
320
|
+
- docs/resources/aws_iam_password_policy.md.erb
|
|
321
|
+
- docs/resources/aws_iam_policies.md.erb
|
|
322
|
+
- docs/resources/aws_iam_policy.md.erb
|
|
323
|
+
- docs/resources/aws_iam_role.md.erb
|
|
324
|
+
- docs/resources/aws_iam_root_user.md.erb
|
|
325
|
+
- docs/resources/aws_iam_user.md.erb
|
|
326
|
+
- docs/resources/aws_iam_users.md.erb
|
|
327
|
+
- docs/resources/aws_kms_keys.md.erb
|
|
328
|
+
- docs/resources/aws_route_table.md.erb
|
|
329
|
+
- docs/resources/aws_s3_bucket.md.erb
|
|
330
|
+
- docs/resources/aws_security_group.md.erb
|
|
331
|
+
- docs/resources/aws_security_groups.md.erb
|
|
332
|
+
- docs/resources/aws_sns_topic.md.erb
|
|
333
|
+
- docs/resources/aws_subnet.md.erb
|
|
334
|
+
- docs/resources/aws_subnets.md.erb
|
|
335
|
+
- docs/resources/aws_vpc.md.erb
|
|
336
|
+
- docs/resources/aws_vpcs.md.erb
|
|
337
|
+
- docs/resources/azure_generic_resource.md.erb
|
|
338
|
+
- docs/resources/azure_resource_group.md.erb
|
|
339
|
+
- docs/resources/azure_virtual_machine.md.erb
|
|
340
|
+
- docs/resources/azure_virtual_machine_data_disk.md.erb
|
|
311
341
|
- docs/resources/bash.md.erb
|
|
312
342
|
- docs/resources/bond.md.erb
|
|
313
343
|
- docs/resources/bridge.md.erb
|
|
@@ -443,6 +473,15 @@ files:
|
|
|
443
473
|
- examples/profile-attribute/README.md
|
|
444
474
|
- examples/profile-attribute/controls/example.rb
|
|
445
475
|
- examples/profile-attribute/inspec.yml
|
|
476
|
+
- examples/profile-aws/controls/iam_password_policy_expiration.rb
|
|
477
|
+
- examples/profile-aws/controls/iam_password_policy_max_age.rb
|
|
478
|
+
- examples/profile-aws/controls/iam_root_user_mfa.rb
|
|
479
|
+
- examples/profile-aws/controls/iam_users_access_key_age.rb
|
|
480
|
+
- examples/profile-aws/controls/iam_users_console_users_mfa.rb
|
|
481
|
+
- examples/profile-aws/inspec.yml
|
|
482
|
+
- examples/profile-azure/controls/azure_resource_group_example.rb
|
|
483
|
+
- examples/profile-azure/controls/azure_vm_example.rb
|
|
484
|
+
- examples/profile-azure/inspec.yml
|
|
446
485
|
- examples/profile-sensitive/README.md
|
|
447
486
|
- examples/profile-sensitive/controls/sensitive-failures.rb
|
|
448
487
|
- examples/profile-sensitive/controls/sensitive.rb
|
|
@@ -566,6 +605,12 @@ files:
|
|
|
566
605
|
- lib/inspec/source_reader.rb
|
|
567
606
|
- lib/inspec/version.rb
|
|
568
607
|
- lib/matchers/matchers.rb
|
|
608
|
+
- lib/resource_support/aws.rb
|
|
609
|
+
- lib/resource_support/aws/aws_backend_base.rb
|
|
610
|
+
- lib/resource_support/aws/aws_backend_factory_mixin.rb
|
|
611
|
+
- lib/resource_support/aws/aws_plural_resource_mixin.rb
|
|
612
|
+
- lib/resource_support/aws/aws_resource_mixin.rb
|
|
613
|
+
- lib/resource_support/aws/aws_singular_resource_mixin.rb
|
|
569
614
|
- lib/resources/aide_conf.rb
|
|
570
615
|
- lib/resources/apache.rb
|
|
571
616
|
- lib/resources/apache_conf.rb
|
|
@@ -573,7 +618,37 @@ files:
|
|
|
573
618
|
- lib/resources/audit_policy.rb
|
|
574
619
|
- lib/resources/auditd.rb
|
|
575
620
|
- lib/resources/auditd_conf.rb
|
|
576
|
-
- lib/resources/
|
|
621
|
+
- lib/resources/aws/aws_cloudtrail_trail.rb
|
|
622
|
+
- lib/resources/aws/aws_cloudtrail_trails.rb
|
|
623
|
+
- lib/resources/aws/aws_cloudwatch_alarm.rb
|
|
624
|
+
- lib/resources/aws/aws_cloudwatch_log_metric_filter.rb
|
|
625
|
+
- lib/resources/aws/aws_ec2_instance.rb
|
|
626
|
+
- lib/resources/aws/aws_iam_access_key.rb
|
|
627
|
+
- lib/resources/aws/aws_iam_access_keys.rb
|
|
628
|
+
- lib/resources/aws/aws_iam_group.rb
|
|
629
|
+
- lib/resources/aws/aws_iam_groups.rb
|
|
630
|
+
- lib/resources/aws/aws_iam_password_policy.rb
|
|
631
|
+
- lib/resources/aws/aws_iam_policies.rb
|
|
632
|
+
- lib/resources/aws/aws_iam_policy.rb
|
|
633
|
+
- lib/resources/aws/aws_iam_role.rb
|
|
634
|
+
- lib/resources/aws/aws_iam_root_user.rb
|
|
635
|
+
- lib/resources/aws/aws_iam_user.rb
|
|
636
|
+
- lib/resources/aws/aws_iam_users.rb
|
|
637
|
+
- lib/resources/aws/aws_kms_keys.rb
|
|
638
|
+
- lib/resources/aws/aws_route_table.rb
|
|
639
|
+
- lib/resources/aws/aws_s3_bucket.rb
|
|
640
|
+
- lib/resources/aws/aws_security_group.rb
|
|
641
|
+
- lib/resources/aws/aws_security_groups.rb
|
|
642
|
+
- lib/resources/aws/aws_sns_topic.rb
|
|
643
|
+
- lib/resources/aws/aws_subnet.rb
|
|
644
|
+
- lib/resources/aws/aws_subnets.rb
|
|
645
|
+
- lib/resources/aws/aws_vpc.rb
|
|
646
|
+
- lib/resources/aws/aws_vpcs.rb
|
|
647
|
+
- lib/resources/azure/azure_backend.rb
|
|
648
|
+
- lib/resources/azure/azure_generic_resource.rb
|
|
649
|
+
- lib/resources/azure/azure_resource_group.rb
|
|
650
|
+
- lib/resources/azure/azure_virtual_machine.rb
|
|
651
|
+
- lib/resources/azure/azure_virtual_machine_data_disk.rb
|
|
577
652
|
- lib/resources/bash.rb
|
|
578
653
|
- lib/resources/bond.rb
|
|
579
654
|
- lib/resources/bridge.rb
|