inspec 1.51.6 → 1.51.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (404) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +101 -101
  3. data/CHANGELOG.md +2915 -2902
  4. data/Gemfile +53 -53
  5. data/LICENSE +14 -14
  6. data/MAINTAINERS.md +31 -31
  7. data/MAINTAINERS.toml +47 -47
  8. data/README.md +419 -419
  9. data/Rakefile +167 -167
  10. data/bin/inspec +12 -12
  11. data/docs/.gitignore +2 -2
  12. data/docs/README.md +40 -40
  13. data/docs/dsl_inspec.md +258 -258
  14. data/docs/dsl_resource.md +93 -93
  15. data/docs/glossary.md +99 -99
  16. data/docs/habitat.md +191 -191
  17. data/docs/inspec_and_friends.md +107 -107
  18. data/docs/matchers.md +165 -165
  19. data/docs/migration.md +293 -293
  20. data/docs/plugin_kitchen_inspec.md +49 -49
  21. data/docs/profiles.md +370 -370
  22. data/docs/resources/aide_conf.md.erb +78 -78
  23. data/docs/resources/apache.md.erb +66 -66
  24. data/docs/resources/apache_conf.md.erb +67 -67
  25. data/docs/resources/apt.md.erb +70 -70
  26. data/docs/resources/audit_policy.md.erb +46 -46
  27. data/docs/resources/auditd.md.erb +78 -78
  28. data/docs/resources/auditd_conf.md.erb +68 -68
  29. data/docs/resources/auditd_rules.md.erb +116 -116
  30. data/docs/resources/bash.md.erb +74 -74
  31. data/docs/resources/bond.md.erb +89 -89
  32. data/docs/resources/bridge.md.erb +54 -54
  33. data/docs/resources/bsd_service.md.erb +65 -65
  34. data/docs/resources/command.md.erb +137 -137
  35. data/docs/resources/cpan.md.erb +77 -77
  36. data/docs/resources/cran.md.erb +63 -63
  37. data/docs/resources/crontab.md.erb +87 -87
  38. data/docs/resources/csv.md.erb +53 -53
  39. data/docs/resources/dh_params.md.erb +216 -216
  40. data/docs/resources/directory.md.erb +28 -28
  41. data/docs/resources/docker.md.erb +163 -163
  42. data/docs/resources/docker_container.md.erb +99 -99
  43. data/docs/resources/docker_image.md.erb +93 -93
  44. data/docs/resources/docker_service.md.erb +113 -113
  45. data/docs/resources/elasticsearch.md.erb +230 -230
  46. data/docs/resources/etc_fstab.md.erb +124 -124
  47. data/docs/resources/etc_group.md.erb +74 -74
  48. data/docs/resources/etc_hosts.md.erb +75 -75
  49. data/docs/resources/etc_hosts_allow.md.erb +73 -73
  50. data/docs/resources/etc_hosts_deny.md.erb +73 -73
  51. data/docs/resources/file.md.erb +512 -512
  52. data/docs/resources/filesystem.md.erb +40 -40
  53. data/docs/resources/firewalld.md.erb +105 -105
  54. data/docs/resources/gem.md.erb +78 -78
  55. data/docs/resources/group.md.erb +60 -60
  56. data/docs/resources/grub_conf.md.erb +101 -100
  57. data/docs/resources/host.md.erb +77 -77
  58. data/docs/resources/http.md.erb +104 -98
  59. data/docs/resources/iis_app.md.erb +120 -116
  60. data/docs/resources/iis_site.md.erb +132 -128
  61. data/docs/resources/inetd_conf.md.erb +95 -84
  62. data/docs/resources/ini.md.erb +72 -69
  63. data/docs/resources/interface.md.erb +55 -46
  64. data/docs/resources/iptables.md.erb +63 -63
  65. data/docs/resources/json.md.erb +61 -61
  66. data/docs/resources/kernel_module.md.erb +106 -106
  67. data/docs/resources/kernel_parameter.md.erb +58 -58
  68. data/docs/resources/key_rsa.md.erb +73 -73
  69. data/docs/resources/launchd_service.md.erb +56 -56
  70. data/docs/resources/limits_conf.md.erb +66 -66
  71. data/docs/resources/login_def.md.erb +62 -62
  72. data/docs/resources/mount.md.erb +68 -68
  73. data/docs/resources/mssql_session.md.erb +59 -59
  74. data/docs/resources/mysql_conf.md.erb +98 -98
  75. data/docs/resources/mysql_session.md.erb +73 -73
  76. data/docs/resources/nginx.md.erb +78 -78
  77. data/docs/resources/nginx_conf.md.erb +127 -127
  78. data/docs/resources/npm.md.erb +59 -59
  79. data/docs/resources/ntp_conf.md.erb +59 -59
  80. data/docs/resources/oneget.md.erb +52 -52
  81. data/docs/resources/oracledb_session.md.erb +51 -51
  82. data/docs/resources/os.md.erb +140 -140
  83. data/docs/resources/os_env.md.erb +77 -77
  84. data/docs/resources/package.md.erb +119 -119
  85. data/docs/resources/packages.md.erb +66 -66
  86. data/docs/resources/parse_config.md.erb +102 -102
  87. data/docs/resources/parse_config_file.md.erb +137 -137
  88. data/docs/resources/passwd.md.erb +140 -140
  89. data/docs/resources/pip.md.erb +66 -66
  90. data/docs/resources/port.md.erb +136 -136
  91. data/docs/resources/postgres_conf.md.erb +78 -78
  92. data/docs/resources/postgres_hba_conf.md.erb +92 -92
  93. data/docs/resources/postgres_ident_conf.md.erb +75 -75
  94. data/docs/resources/postgres_session.md.erb +68 -68
  95. data/docs/resources/powershell.md.erb +101 -101
  96. data/docs/resources/processes.md.erb +107 -107
  97. data/docs/resources/rabbitmq_config.md.erb +40 -40
  98. data/docs/resources/registry_key.md.erb +157 -157
  99. data/docs/resources/runit_service.md.erb +56 -56
  100. data/docs/resources/security_policy.md.erb +46 -46
  101. data/docs/resources/service.md.erb +120 -120
  102. data/docs/resources/shadow.md.erb +143 -143
  103. data/docs/resources/ssh_config.md.erb +79 -79
  104. data/docs/resources/sshd_config.md.erb +82 -82
  105. data/docs/resources/ssl.md.erb +118 -118
  106. data/docs/resources/sys_info.md.erb +41 -41
  107. data/docs/resources/systemd_service.md.erb +56 -56
  108. data/docs/resources/sysv_service.md.erb +56 -56
  109. data/docs/resources/upstart_service.md.erb +56 -56
  110. data/docs/resources/user.md.erb +139 -139
  111. data/docs/resources/users.md.erb +126 -126
  112. data/docs/resources/vbscript.md.erb +54 -54
  113. data/docs/resources/virtualization.md.erb +56 -56
  114. data/docs/resources/windows_feature.md.erb +46 -46
  115. data/docs/resources/windows_hotfix.md.erb +52 -52
  116. data/docs/resources/windows_task.md.erb +89 -89
  117. data/docs/resources/wmi.md.erb +80 -80
  118. data/docs/resources/x509_certificate.md.erb +150 -150
  119. data/docs/resources/xinetd_conf.md.erb +155 -155
  120. data/docs/resources/xml.md.erb +84 -84
  121. data/docs/resources/yaml.md.erb +68 -68
  122. data/docs/resources/yum.md.erb +97 -97
  123. data/docs/resources/zfs_dataset.md.erb +52 -52
  124. data/docs/resources/zfs_pool.md.erb +46 -46
  125. data/docs/ruby_usage.md +203 -203
  126. data/docs/shared/matcher_be.md.erb +1 -1
  127. data/docs/shared/matcher_cmp.md.erb +43 -43
  128. data/docs/shared/matcher_eq.md.erb +3 -3
  129. data/docs/shared/matcher_include.md.erb +1 -1
  130. data/docs/shared/matcher_match.md.erb +1 -1
  131. data/docs/shell.md +172 -172
  132. data/examples/README.md +8 -8
  133. data/examples/inheritance/README.md +65 -65
  134. data/examples/inheritance/controls/example.rb +14 -14
  135. data/examples/inheritance/inspec.yml +15 -15
  136. data/examples/kitchen-ansible/.kitchen.yml +25 -25
  137. data/examples/kitchen-ansible/Gemfile +19 -19
  138. data/examples/kitchen-ansible/README.md +53 -53
  139. data/examples/kitchen-ansible/files/nginx.repo +6 -6
  140. data/examples/kitchen-ansible/tasks/main.yml +16 -16
  141. data/examples/kitchen-ansible/test/integration/default/default.yml +5 -5
  142. data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -28
  143. data/examples/kitchen-chef/.kitchen.yml +20 -20
  144. data/examples/kitchen-chef/Berksfile +3 -3
  145. data/examples/kitchen-chef/Gemfile +19 -19
  146. data/examples/kitchen-chef/README.md +27 -27
  147. data/examples/kitchen-chef/metadata.rb +7 -7
  148. data/examples/kitchen-chef/recipes/default.rb +6 -6
  149. data/examples/kitchen-chef/recipes/nginx.rb +30 -30
  150. data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -28
  151. data/examples/kitchen-puppet/.kitchen.yml +22 -22
  152. data/examples/kitchen-puppet/Gemfile +20 -20
  153. data/examples/kitchen-puppet/Puppetfile +25 -25
  154. data/examples/kitchen-puppet/README.md +53 -53
  155. data/examples/kitchen-puppet/manifests/site.pp +33 -33
  156. data/examples/kitchen-puppet/metadata.json +11 -11
  157. data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -28
  158. data/examples/meta-profile/README.md +37 -37
  159. data/examples/meta-profile/controls/example.rb +13 -13
  160. data/examples/meta-profile/inspec.yml +13 -13
  161. data/examples/profile-attribute.yml +2 -2
  162. data/examples/profile-attribute/README.md +14 -14
  163. data/examples/profile-attribute/controls/example.rb +11 -11
  164. data/examples/profile-attribute/inspec.yml +8 -8
  165. data/examples/profile-sensitive/README.md +29 -29
  166. data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -9
  167. data/examples/profile-sensitive/controls/sensitive.rb +9 -9
  168. data/examples/profile-sensitive/inspec.yml +8 -8
  169. data/examples/profile/README.md +48 -48
  170. data/examples/profile/controls/example.rb +23 -23
  171. data/examples/profile/controls/gordon.rb +36 -36
  172. data/examples/profile/controls/meta.rb +34 -34
  173. data/examples/profile/inspec.yml +10 -10
  174. data/examples/profile/libraries/gordon_config.rb +53 -53
  175. data/inspec.gemspec +47 -47
  176. data/lib/bundles/README.md +3 -3
  177. data/lib/bundles/inspec-artifact.rb +7 -7
  178. data/lib/bundles/inspec-artifact/README.md +1 -1
  179. data/lib/bundles/inspec-artifact/cli.rb +277 -277
  180. data/lib/bundles/inspec-compliance.rb +16 -16
  181. data/lib/bundles/inspec-compliance/.kitchen.yml +20 -20
  182. data/lib/bundles/inspec-compliance/README.md +185 -185
  183. data/lib/bundles/inspec-compliance/api.rb +316 -316
  184. data/lib/bundles/inspec-compliance/api/login.rb +152 -152
  185. data/lib/bundles/inspec-compliance/bootstrap.sh +41 -41
  186. data/lib/bundles/inspec-compliance/cli.rb +277 -277
  187. data/lib/bundles/inspec-compliance/configuration.rb +103 -103
  188. data/lib/bundles/inspec-compliance/http.rb +86 -86
  189. data/lib/bundles/inspec-compliance/support.rb +36 -36
  190. data/lib/bundles/inspec-compliance/target.rb +98 -98
  191. data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -93
  192. data/lib/bundles/inspec-habitat.rb +12 -12
  193. data/lib/bundles/inspec-habitat/cli.rb +36 -36
  194. data/lib/bundles/inspec-habitat/log.rb +10 -10
  195. data/lib/bundles/inspec-habitat/profile.rb +390 -390
  196. data/lib/bundles/inspec-init.rb +8 -8
  197. data/lib/bundles/inspec-init/README.md +31 -31
  198. data/lib/bundles/inspec-init/cli.rb +97 -97
  199. data/lib/bundles/inspec-init/templates/profile/README.md +3 -3
  200. data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -19
  201. data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -8
  202. data/lib/bundles/inspec-supermarket.rb +13 -13
  203. data/lib/bundles/inspec-supermarket/README.md +45 -45
  204. data/lib/bundles/inspec-supermarket/api.rb +84 -84
  205. data/lib/bundles/inspec-supermarket/cli.rb +65 -65
  206. data/lib/bundles/inspec-supermarket/target.rb +34 -34
  207. data/lib/fetchers/git.rb +163 -163
  208. data/lib/fetchers/local.rb +74 -74
  209. data/lib/fetchers/mock.rb +35 -35
  210. data/lib/fetchers/url.rb +204 -204
  211. data/lib/inspec.rb +24 -24
  212. data/lib/inspec/archive/tar.rb +29 -29
  213. data/lib/inspec/archive/zip.rb +19 -19
  214. data/lib/inspec/backend.rb +92 -92
  215. data/lib/inspec/base_cli.rb +324 -322
  216. data/lib/inspec/cached_fetcher.rb +66 -66
  217. data/lib/inspec/cli.rb +298 -298
  218. data/lib/inspec/completions/bash.sh.erb +45 -45
  219. data/lib/inspec/completions/fish.sh.erb +34 -34
  220. data/lib/inspec/completions/zsh.sh.erb +61 -61
  221. data/lib/inspec/control_eval_context.rb +179 -179
  222. data/lib/inspec/dependencies/cache.rb +72 -72
  223. data/lib/inspec/dependencies/dependency_set.rb +92 -92
  224. data/lib/inspec/dependencies/lockfile.rb +115 -115
  225. data/lib/inspec/dependencies/requirement.rb +123 -123
  226. data/lib/inspec/dependencies/resolver.rb +86 -86
  227. data/lib/inspec/describe.rb +27 -27
  228. data/lib/inspec/dsl.rb +66 -66
  229. data/lib/inspec/dsl_shared.rb +33 -33
  230. data/lib/inspec/env_printer.rb +157 -157
  231. data/lib/inspec/errors.rb +13 -13
  232. data/lib/inspec/exceptions.rb +12 -12
  233. data/lib/inspec/expect.rb +45 -45
  234. data/lib/inspec/fetcher.rb +45 -45
  235. data/lib/inspec/file_provider.rb +275 -275
  236. data/lib/inspec/formatters.rb +3 -3
  237. data/lib/inspec/formatters/base.rb +208 -208
  238. data/lib/inspec/formatters/json_rspec.rb +20 -20
  239. data/lib/inspec/formatters/show_progress.rb +12 -12
  240. data/lib/inspec/library_eval_context.rb +58 -58
  241. data/lib/inspec/log.rb +11 -11
  242. data/lib/inspec/metadata.rb +253 -253
  243. data/lib/inspec/method_source.rb +24 -24
  244. data/lib/inspec/objects.rb +14 -14
  245. data/lib/inspec/objects/attribute.rb +65 -65
  246. data/lib/inspec/objects/control.rb +61 -61
  247. data/lib/inspec/objects/describe.rb +92 -92
  248. data/lib/inspec/objects/each_loop.rb +36 -36
  249. data/lib/inspec/objects/list.rb +15 -15
  250. data/lib/inspec/objects/or_test.rb +40 -40
  251. data/lib/inspec/objects/ruby_helper.rb +15 -15
  252. data/lib/inspec/objects/tag.rb +27 -27
  253. data/lib/inspec/objects/test.rb +87 -87
  254. data/lib/inspec/objects/value.rb +27 -27
  255. data/lib/inspec/plugins.rb +60 -60
  256. data/lib/inspec/plugins/cli.rb +24 -24
  257. data/lib/inspec/plugins/fetcher.rb +86 -86
  258. data/lib/inspec/plugins/resource.rb +132 -132
  259. data/lib/inspec/plugins/secret.rb +15 -15
  260. data/lib/inspec/plugins/source_reader.rb +40 -40
  261. data/lib/inspec/polyfill.rb +12 -12
  262. data/lib/inspec/profile.rb +510 -510
  263. data/lib/inspec/profile_context.rb +207 -207
  264. data/lib/inspec/profile_vendor.rb +66 -66
  265. data/lib/inspec/reporters.rb +50 -33
  266. data/lib/inspec/reporters/base.rb +24 -23
  267. data/lib/inspec/reporters/cli.rb +395 -395
  268. data/lib/inspec/reporters/json.rb +134 -132
  269. data/lib/inspec/reporters/json_min.rb +48 -44
  270. data/lib/inspec/reporters/junit.rb +77 -77
  271. data/lib/inspec/require_loader.rb +33 -33
  272. data/lib/inspec/resource.rb +176 -176
  273. data/lib/inspec/rule.rb +266 -266
  274. data/lib/inspec/runner.rb +340 -337
  275. data/lib/inspec/runner_mock.rb +41 -41
  276. data/lib/inspec/runner_rspec.rb +163 -185
  277. data/lib/inspec/runtime_profile.rb +26 -26
  278. data/lib/inspec/schema.rb +186 -186
  279. data/lib/inspec/secrets.rb +19 -19
  280. data/lib/inspec/secrets/yaml.rb +30 -30
  281. data/lib/inspec/shell.rb +223 -223
  282. data/lib/inspec/shell_detector.rb +90 -90
  283. data/lib/inspec/source_reader.rb +29 -29
  284. data/lib/inspec/version.rb +8 -8
  285. data/lib/matchers/matchers.rb +397 -397
  286. data/lib/resources/aide_conf.rb +160 -160
  287. data/lib/resources/apache.rb +49 -49
  288. data/lib/resources/apache_conf.rb +158 -158
  289. data/lib/resources/apt.rb +150 -150
  290. data/lib/resources/audit_policy.rb +64 -64
  291. data/lib/resources/auditd.rb +233 -233
  292. data/lib/resources/auditd_conf.rb +56 -56
  293. data/lib/resources/auditd_rules.rb +205 -205
  294. data/lib/resources/bash.rb +36 -36
  295. data/lib/resources/bond.rb +69 -69
  296. data/lib/resources/bridge.rb +123 -123
  297. data/lib/resources/command.rb +69 -69
  298. data/lib/resources/cpan.rb +60 -60
  299. data/lib/resources/cran.rb +66 -66
  300. data/lib/resources/crontab.rb +169 -169
  301. data/lib/resources/csv.rb +58 -58
  302. data/lib/resources/dh_params.rb +83 -83
  303. data/lib/resources/directory.rb +25 -25
  304. data/lib/resources/docker.rb +239 -239
  305. data/lib/resources/docker_container.rb +92 -92
  306. data/lib/resources/docker_image.rb +86 -86
  307. data/lib/resources/docker_object.rb +57 -57
  308. data/lib/resources/docker_service.rb +94 -94
  309. data/lib/resources/elasticsearch.rb +168 -168
  310. data/lib/resources/etc_fstab.rb +102 -102
  311. data/lib/resources/etc_group.rb +157 -157
  312. data/lib/resources/etc_hosts.rb +81 -81
  313. data/lib/resources/etc_hosts_allow_deny.rb +122 -122
  314. data/lib/resources/file.rb +298 -298
  315. data/lib/resources/filesystem.rb +31 -31
  316. data/lib/resources/firewalld.rb +144 -144
  317. data/lib/resources/gem.rb +71 -71
  318. data/lib/resources/groups.rb +213 -213
  319. data/lib/resources/grub_conf.rb +237 -237
  320. data/lib/resources/host.rb +300 -300
  321. data/lib/resources/http.rb +252 -252
  322. data/lib/resources/iis_app.rb +103 -103
  323. data/lib/resources/iis_site.rb +147 -147
  324. data/lib/resources/inetd_conf.rb +63 -63
  325. data/lib/resources/ini.rb +29 -29
  326. data/lib/resources/interface.rb +130 -130
  327. data/lib/resources/iptables.rb +70 -70
  328. data/lib/resources/json.rb +115 -115
  329. data/lib/resources/kernel_module.rb +110 -110
  330. data/lib/resources/kernel_parameter.rb +58 -58
  331. data/lib/resources/key_rsa.rb +67 -67
  332. data/lib/resources/limits_conf.rb +56 -56
  333. data/lib/resources/login_def.rb +67 -67
  334. data/lib/resources/mount.rb +90 -90
  335. data/lib/resources/mssql_session.rb +103 -103
  336. data/lib/resources/mysql.rb +82 -82
  337. data/lib/resources/mysql_conf.rb +133 -133
  338. data/lib/resources/mysql_session.rb +72 -72
  339. data/lib/resources/nginx.rb +97 -97
  340. data/lib/resources/nginx_conf.rb +228 -228
  341. data/lib/resources/npm.rb +48 -48
  342. data/lib/resources/ntp_conf.rb +59 -59
  343. data/lib/resources/oneget.rb +72 -72
  344. data/lib/resources/oracledb_session.rb +140 -140
  345. data/lib/resources/os.rb +46 -46
  346. data/lib/resources/os_env.rb +76 -76
  347. data/lib/resources/package.rb +357 -357
  348. data/lib/resources/packages.rb +112 -112
  349. data/lib/resources/parse_config.rb +116 -116
  350. data/lib/resources/passwd.rb +96 -96
  351. data/lib/resources/pip.rb +89 -89
  352. data/lib/resources/platform.rb +112 -112
  353. data/lib/resources/port.rb +771 -771
  354. data/lib/resources/postgres.rb +132 -132
  355. data/lib/resources/postgres_conf.rb +122 -122
  356. data/lib/resources/postgres_hba_conf.rb +101 -101
  357. data/lib/resources/postgres_ident_conf.rb +79 -79
  358. data/lib/resources/postgres_session.rb +72 -72
  359. data/lib/resources/powershell.rb +58 -58
  360. data/lib/resources/processes.rb +204 -204
  361. data/lib/resources/rabbitmq_conf.rb +53 -53
  362. data/lib/resources/registry_key.rb +296 -296
  363. data/lib/resources/security_policy.rb +181 -181
  364. data/lib/resources/service.rb +784 -784
  365. data/lib/resources/shadow.rb +141 -141
  366. data/lib/resources/ssh_conf.rb +102 -102
  367. data/lib/resources/ssl.rb +99 -99
  368. data/lib/resources/sys_info.rb +26 -26
  369. data/lib/resources/toml.rb +32 -32
  370. data/lib/resources/users.rb +652 -652
  371. data/lib/resources/vbscript.rb +70 -70
  372. data/lib/resources/virtualization.rb +251 -251
  373. data/lib/resources/windows_feature.rb +85 -85
  374. data/lib/resources/windows_hotfix.rb +35 -35
  375. data/lib/resources/windows_task.rb +106 -106
  376. data/lib/resources/wmi.rb +114 -114
  377. data/lib/resources/x509_certificate.rb +143 -143
  378. data/lib/resources/xinetd.rb +112 -112
  379. data/lib/resources/xml.rb +45 -45
  380. data/lib/resources/yaml.rb +45 -45
  381. data/lib/resources/yum.rb +181 -181
  382. data/lib/resources/zfs_dataset.rb +60 -60
  383. data/lib/resources/zfs_pool.rb +49 -49
  384. data/lib/source_readers/flat.rb +39 -39
  385. data/lib/source_readers/inspec.rb +75 -75
  386. data/lib/utils/command_wrapper.rb +27 -27
  387. data/lib/utils/convert.rb +12 -12
  388. data/lib/utils/database_helpers.rb +77 -77
  389. data/lib/utils/erlang_parser.rb +192 -192
  390. data/lib/utils/filter.rb +272 -272
  391. data/lib/utils/filter_array.rb +27 -27
  392. data/lib/utils/find_files.rb +44 -44
  393. data/lib/utils/hash.rb +41 -41
  394. data/lib/utils/json_log.rb +18 -18
  395. data/lib/utils/latest_version.rb +22 -22
  396. data/lib/utils/modulator.rb +12 -12
  397. data/lib/utils/nginx_parser.rb +85 -85
  398. data/lib/utils/object_traversal.rb +49 -49
  399. data/lib/utils/parser.rb +274 -274
  400. data/lib/utils/plugin_registry.rb +93 -93
  401. data/lib/utils/simpleconfig.rb +132 -132
  402. data/lib/utils/spdx.rb +13 -13
  403. data/lib/utils/spdx.txt +343 -343
  404. metadata +2 -2
@@ -1,68 +1,68 @@
1
- ---
2
- title: About the mount Resource
3
- ---
4
-
5
- # mount
6
-
7
- Use the `mount` InSpec audit resource to test the mount points on FreeBSD and Linux systems.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- An `mount` resource block declares the synchronization settings that should be tested:
14
-
15
- describe mount('path') do
16
- it { should MATCHER 'value' }
17
- end
18
-
19
- where
20
-
21
- * `('path')` is the path to the mounted directory
22
- * `MATCHER` is a valid matcher for this resource
23
- * `'value'` is the value to be tested
24
-
25
- <br>
26
-
27
- ## Examples
28
-
29
- The following examples show how to use this InSpec audit resource.
30
-
31
- ### Test a the mount point on '/'
32
-
33
- describe mount('/') do
34
- it { should be_mounted }
35
- its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
36
- its('type') { should eq 'ext4' }
37
- its('options') { should eq ['rw', 'mode=620'] }
38
- end
39
-
40
- <br>
41
-
42
- ## Matchers
43
-
44
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
45
-
46
- ### be_mounted
47
-
48
- The `be_mounted` matcher tests if the file is accessible from the file system:
49
-
50
- it { should be_mounted }
51
-
52
- ### device
53
-
54
- The `device` matcher tests the device from the `fstab` table:
55
-
56
- its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
57
-
58
- ### options
59
-
60
- The `options` matcher tests the mount options for the file system from the `fstab` table:
61
-
62
- its('options') { should eq ['rw', 'mode=620'] }
63
-
64
- ### type
65
-
66
- The `type` matcher tests the file system type:
67
-
68
- its('type') { should eq 'ext4' }
1
+ ---
2
+ title: About the mount Resource
3
+ ---
4
+
5
+ # mount
6
+
7
+ Use the `mount` InSpec audit resource to test the mount points on FreeBSD and Linux systems.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ An `mount` resource block declares the synchronization settings that should be tested:
14
+
15
+ describe mount('path') do
16
+ it { should MATCHER 'value' }
17
+ end
18
+
19
+ where
20
+
21
+ * `('path')` is the path to the mounted directory
22
+ * `MATCHER` is a valid matcher for this resource
23
+ * `'value'` is the value to be tested
24
+
25
+ <br>
26
+
27
+ ## Examples
28
+
29
+ The following examples show how to use this InSpec audit resource.
30
+
31
+ ### Test a the mount point on '/'
32
+
33
+ describe mount('/') do
34
+ it { should be_mounted }
35
+ its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
36
+ its('type') { should eq 'ext4' }
37
+ its('options') { should eq ['rw', 'mode=620'] }
38
+ end
39
+
40
+ <br>
41
+
42
+ ## Matchers
43
+
44
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
45
+
46
+ ### be_mounted
47
+
48
+ The `be_mounted` matcher tests if the file is accessible from the file system:
49
+
50
+ it { should be_mounted }
51
+
52
+ ### device
53
+
54
+ The `device` matcher tests the device from the `fstab` table:
55
+
56
+ its('device') { should eq '/dev/mapper/VolGroup-lv_root' }
57
+
58
+ ### options
59
+
60
+ The `options` matcher tests the mount options for the file system from the `fstab` table:
61
+
62
+ its('options') { should eq ['rw', 'mode=620'] }
63
+
64
+ ### type
65
+
66
+ The `type` matcher tests the file system type:
67
+
68
+ its('type') { should eq 'ext4' }
@@ -1,59 +1,59 @@
1
- ---
2
- title: About the mssql_session Resource
3
- ---
4
-
5
- # mssql_session
6
-
7
- Use the `mssql_session` InSpec audit resource to test SQL commands run against a Microsoft SQL database.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- A `mssql_session` resource block declares the username and password to use for the session, and then the command to be run:
14
-
15
- describe mssql_session(user: 'username', password: 'password').query('QUERY').row(0).column('result') do
16
- its('value') { should eq('') }
17
- end
18
-
19
- where
20
-
21
- * `mssql_session` declares a username and password with permission to run the query. Omitting the username or password parameters results in the use of Windows authentication as the user InSpec is executing as. You may also optionally pass a host and instance name. If omitted, they will default to host: localhost and the default instance.
22
- * `query('QUERY')` contains the query to be run
23
- * `its('value') { should eq('') }` compares the results of the query against the expected result in the test
24
-
25
- <br>
26
-
27
- ## Examples
28
-
29
- The following examples show how to use this InSpec audit resource.
30
-
31
- ### Test for matching databases
32
-
33
- sql = mssql_session(user: 'my_user', password: 'password')
34
-
35
- describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
36
- its("value") { should cmp > '12.00.4457' }
37
- end
38
-
39
- ### Test using Windows authentication
40
-
41
- sql = mssql_session
42
-
43
- describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
44
- its("value") { should cmp > '12.00.4457' }
45
- end
46
-
47
- ### Test a specific host and instance
48
-
49
- sql = mssql_session(user: 'my_user', password: 'password', host: 'mssqlserver', instance: 'foo')
50
-
51
- describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
52
- its("value") { should cmp > '12.00.4457' }
53
- end
54
-
55
- <br>
56
-
57
- ## Matchers
58
-
59
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
1
+ ---
2
+ title: About the mssql_session Resource
3
+ ---
4
+
5
+ # mssql_session
6
+
7
+ Use the `mssql_session` InSpec audit resource to test SQL commands run against a Microsoft SQL database.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ A `mssql_session` resource block declares the username and password to use for the session, and then the command to be run:
14
+
15
+ describe mssql_session(user: 'username', password: 'password').query('QUERY').row(0).column('result') do
16
+ its('value') { should eq('') }
17
+ end
18
+
19
+ where
20
+
21
+ * `mssql_session` declares a username and password with permission to run the query. Omitting the username or password parameters results in the use of Windows authentication as the user InSpec is executing as. You may also optionally pass a host and instance name. If omitted, they will default to host: localhost and the default instance.
22
+ * `query('QUERY')` contains the query to be run
23
+ * `its('value') { should eq('') }` compares the results of the query against the expected result in the test
24
+
25
+ <br>
26
+
27
+ ## Examples
28
+
29
+ The following examples show how to use this InSpec audit resource.
30
+
31
+ ### Test for matching databases
32
+
33
+ sql = mssql_session(user: 'my_user', password: 'password')
34
+
35
+ describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
36
+ its("value") { should cmp > '12.00.4457' }
37
+ end
38
+
39
+ ### Test using Windows authentication
40
+
41
+ sql = mssql_session
42
+
43
+ describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
44
+ its("value") { should cmp > '12.00.4457' }
45
+ end
46
+
47
+ ### Test a specific host and instance
48
+
49
+ sql = mssql_session(user: 'my_user', password: 'password', host: 'mssqlserver', instance: 'foo')
50
+
51
+ describe sql.query("SELECT SERVERPROPERTY('ProductVersion') as result").row(0).column('result') do
52
+ its("value") { should cmp > '12.00.4457' }
53
+ end
54
+
55
+ <br>
56
+
57
+ ## Matchers
58
+
59
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
@@ -1,98 +1,98 @@
1
- ---
2
- title: About the mysql_conf Resource
3
- ---
4
-
5
- # mysql_conf
6
-
7
- Use the `mysql_conf` InSpec audit resource to test the contents of the configuration file for MySQL, typically located at `/etc/mysql/my.cnf` or `/etc/my.cnf`.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
14
-
15
- describe mysql_conf('path') do
16
- its('setting') { should eq 'value' }
17
- end
18
-
19
- # Test a parameter set within the [mysqld] section
20
- describe mysql_conf do
21
- its('mysqld.port') { should cmp 3306 }
22
- end
23
-
24
- # Test a parameter set within the [mariadb] section using array notation
25
- describe mysql_conf do
26
- its(['mariadb', 'max-connections']) { should_not be_nil }
27
- end
28
-
29
- where
30
-
31
- * `'setting'` specifies a setting in the `my.cnf` file, such as `max_connections`
32
- * when checking a setting within sections, such as `[mysqld]`, the section name must be included
33
- * `('path')` is the non-default path to the `my.cnf` file
34
- * `should eq 'value'` is the value that is expected
35
-
36
- <br>
37
-
38
- ## Examples
39
-
40
- The following examples show how to use this InSpec audit resource.
41
-
42
- ### Test the maximum number of allowed connections
43
-
44
- describe mysql_conf do
45
- its('max_connections') { should eq '505' }
46
- its('max_user_connections') { should eq '500' }
47
- end
48
-
49
- ### Test slow query logging**
50
-
51
- describe mysql_conf do
52
- its('slow_query_log_file') { should eq 'hostname_slow.log' }
53
- its('slow_query_log') { should eq '0' }
54
- its('log_queries_not_using_indexes') { should eq '1' }
55
- its('long_query_time') { should eq '0.5' }
56
- its('min_examined_row_limit') { should eq '100' }
57
- end
58
-
59
- ### Test the port and socket on which MySQL listens
60
-
61
- describe mysql_conf do
62
- its('port') { should eq '3306' }
63
- its('socket') { should eq '/var/run/mysqld/mysql.sock' }
64
- end
65
-
66
- ### Test connection and thread variables
67
-
68
- describe mysql_conf do
69
- its('port') { should eq '3306' }
70
- its('socket') { should eq '/var/run/mysqld/mysql.sock' }
71
- its('max_allowed_packet') { should eq '12M' }
72
- its('default_storage_engine') { should eq 'InnoDB' }
73
- its('character_set_server') { should eq 'utf8' }
74
- its('collation_server') { should eq 'utf8_general_ci' }
75
- its('max_connections') { should eq '505' }
76
- its('max_user_connections') { should eq '500' }
77
- its('thread_cache_size') { should eq '505' }
78
- end
79
-
80
- ### Test the safe-user-create parameter
81
-
82
- describe mysql_conf.params('mysqld') do
83
- its('safe-user-create') { should eq('1') }
84
- end
85
-
86
- <br>
87
-
88
- ## Matchers
89
-
90
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
91
-
92
- ### setting
93
-
94
- The `setting` matcher tests specific, named settings in the `my.cnf` file:
95
-
96
- its('setting') { should eq 'value' }
97
-
98
- Use a `setting` matcher for each setting to be tested.
1
+ ---
2
+ title: About the mysql_conf Resource
3
+ ---
4
+
5
+ # mysql_conf
6
+
7
+ Use the `mysql_conf` InSpec audit resource to test the contents of the configuration file for MySQL, typically located at `/etc/mysql/my.cnf` or `/etc/my.cnf`.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ A `mysql_conf` resource block declares one (or more) settings in the `my.cnf` file, and then compares the setting in the configuration file to the value stated in the test:
14
+
15
+ describe mysql_conf('path') do
16
+ its('setting') { should eq 'value' }
17
+ end
18
+
19
+ # Test a parameter set within the [mysqld] section
20
+ describe mysql_conf do
21
+ its('mysqld.port') { should cmp 3306 }
22
+ end
23
+
24
+ # Test a parameter set within the [mariadb] section using array notation
25
+ describe mysql_conf do
26
+ its(['mariadb', 'max-connections']) { should_not be_nil }
27
+ end
28
+
29
+ where
30
+
31
+ * `'setting'` specifies a setting in the `my.cnf` file, such as `max_connections`
32
+ * when checking a setting within sections, such as `[mysqld]`, the section name must be included
33
+ * `('path')` is the non-default path to the `my.cnf` file
34
+ * `should eq 'value'` is the value that is expected
35
+
36
+ <br>
37
+
38
+ ## Examples
39
+
40
+ The following examples show how to use this InSpec audit resource.
41
+
42
+ ### Test the maximum number of allowed connections
43
+
44
+ describe mysql_conf do
45
+ its('max_connections') { should eq '505' }
46
+ its('max_user_connections') { should eq '500' }
47
+ end
48
+
49
+ ### Test slow query logging**
50
+
51
+ describe mysql_conf do
52
+ its('slow_query_log_file') { should eq 'hostname_slow.log' }
53
+ its('slow_query_log') { should eq '0' }
54
+ its('log_queries_not_using_indexes') { should eq '1' }
55
+ its('long_query_time') { should eq '0.5' }
56
+ its('min_examined_row_limit') { should eq '100' }
57
+ end
58
+
59
+ ### Test the port and socket on which MySQL listens
60
+
61
+ describe mysql_conf do
62
+ its('port') { should eq '3306' }
63
+ its('socket') { should eq '/var/run/mysqld/mysql.sock' }
64
+ end
65
+
66
+ ### Test connection and thread variables
67
+
68
+ describe mysql_conf do
69
+ its('port') { should eq '3306' }
70
+ its('socket') { should eq '/var/run/mysqld/mysql.sock' }
71
+ its('max_allowed_packet') { should eq '12M' }
72
+ its('default_storage_engine') { should eq 'InnoDB' }
73
+ its('character_set_server') { should eq 'utf8' }
74
+ its('collation_server') { should eq 'utf8_general_ci' }
75
+ its('max_connections') { should eq '505' }
76
+ its('max_user_connections') { should eq '500' }
77
+ its('thread_cache_size') { should eq '505' }
78
+ end
79
+
80
+ ### Test the safe-user-create parameter
81
+
82
+ describe mysql_conf.params('mysqld') do
83
+ its('safe-user-create') { should eq('1') }
84
+ end
85
+
86
+ <br>
87
+
88
+ ## Matchers
89
+
90
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
91
+
92
+ ### setting
93
+
94
+ The `setting` matcher tests specific, named settings in the `my.cnf` file:
95
+
96
+ its('setting') { should eq 'value' }
97
+
98
+ Use a `setting` matcher for each setting to be tested.