inspec 1.51.6 → 1.51.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (404) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +101 -101
  3. data/CHANGELOG.md +2915 -2902
  4. data/Gemfile +53 -53
  5. data/LICENSE +14 -14
  6. data/MAINTAINERS.md +31 -31
  7. data/MAINTAINERS.toml +47 -47
  8. data/README.md +419 -419
  9. data/Rakefile +167 -167
  10. data/bin/inspec +12 -12
  11. data/docs/.gitignore +2 -2
  12. data/docs/README.md +40 -40
  13. data/docs/dsl_inspec.md +258 -258
  14. data/docs/dsl_resource.md +93 -93
  15. data/docs/glossary.md +99 -99
  16. data/docs/habitat.md +191 -191
  17. data/docs/inspec_and_friends.md +107 -107
  18. data/docs/matchers.md +165 -165
  19. data/docs/migration.md +293 -293
  20. data/docs/plugin_kitchen_inspec.md +49 -49
  21. data/docs/profiles.md +370 -370
  22. data/docs/resources/aide_conf.md.erb +78 -78
  23. data/docs/resources/apache.md.erb +66 -66
  24. data/docs/resources/apache_conf.md.erb +67 -67
  25. data/docs/resources/apt.md.erb +70 -70
  26. data/docs/resources/audit_policy.md.erb +46 -46
  27. data/docs/resources/auditd.md.erb +78 -78
  28. data/docs/resources/auditd_conf.md.erb +68 -68
  29. data/docs/resources/auditd_rules.md.erb +116 -116
  30. data/docs/resources/bash.md.erb +74 -74
  31. data/docs/resources/bond.md.erb +89 -89
  32. data/docs/resources/bridge.md.erb +54 -54
  33. data/docs/resources/bsd_service.md.erb +65 -65
  34. data/docs/resources/command.md.erb +137 -137
  35. data/docs/resources/cpan.md.erb +77 -77
  36. data/docs/resources/cran.md.erb +63 -63
  37. data/docs/resources/crontab.md.erb +87 -87
  38. data/docs/resources/csv.md.erb +53 -53
  39. data/docs/resources/dh_params.md.erb +216 -216
  40. data/docs/resources/directory.md.erb +28 -28
  41. data/docs/resources/docker.md.erb +163 -163
  42. data/docs/resources/docker_container.md.erb +99 -99
  43. data/docs/resources/docker_image.md.erb +93 -93
  44. data/docs/resources/docker_service.md.erb +113 -113
  45. data/docs/resources/elasticsearch.md.erb +230 -230
  46. data/docs/resources/etc_fstab.md.erb +124 -124
  47. data/docs/resources/etc_group.md.erb +74 -74
  48. data/docs/resources/etc_hosts.md.erb +75 -75
  49. data/docs/resources/etc_hosts_allow.md.erb +73 -73
  50. data/docs/resources/etc_hosts_deny.md.erb +73 -73
  51. data/docs/resources/file.md.erb +512 -512
  52. data/docs/resources/filesystem.md.erb +40 -40
  53. data/docs/resources/firewalld.md.erb +105 -105
  54. data/docs/resources/gem.md.erb +78 -78
  55. data/docs/resources/group.md.erb +60 -60
  56. data/docs/resources/grub_conf.md.erb +101 -100
  57. data/docs/resources/host.md.erb +77 -77
  58. data/docs/resources/http.md.erb +104 -98
  59. data/docs/resources/iis_app.md.erb +120 -116
  60. data/docs/resources/iis_site.md.erb +132 -128
  61. data/docs/resources/inetd_conf.md.erb +95 -84
  62. data/docs/resources/ini.md.erb +72 -69
  63. data/docs/resources/interface.md.erb +55 -46
  64. data/docs/resources/iptables.md.erb +63 -63
  65. data/docs/resources/json.md.erb +61 -61
  66. data/docs/resources/kernel_module.md.erb +106 -106
  67. data/docs/resources/kernel_parameter.md.erb +58 -58
  68. data/docs/resources/key_rsa.md.erb +73 -73
  69. data/docs/resources/launchd_service.md.erb +56 -56
  70. data/docs/resources/limits_conf.md.erb +66 -66
  71. data/docs/resources/login_def.md.erb +62 -62
  72. data/docs/resources/mount.md.erb +68 -68
  73. data/docs/resources/mssql_session.md.erb +59 -59
  74. data/docs/resources/mysql_conf.md.erb +98 -98
  75. data/docs/resources/mysql_session.md.erb +73 -73
  76. data/docs/resources/nginx.md.erb +78 -78
  77. data/docs/resources/nginx_conf.md.erb +127 -127
  78. data/docs/resources/npm.md.erb +59 -59
  79. data/docs/resources/ntp_conf.md.erb +59 -59
  80. data/docs/resources/oneget.md.erb +52 -52
  81. data/docs/resources/oracledb_session.md.erb +51 -51
  82. data/docs/resources/os.md.erb +140 -140
  83. data/docs/resources/os_env.md.erb +77 -77
  84. data/docs/resources/package.md.erb +119 -119
  85. data/docs/resources/packages.md.erb +66 -66
  86. data/docs/resources/parse_config.md.erb +102 -102
  87. data/docs/resources/parse_config_file.md.erb +137 -137
  88. data/docs/resources/passwd.md.erb +140 -140
  89. data/docs/resources/pip.md.erb +66 -66
  90. data/docs/resources/port.md.erb +136 -136
  91. data/docs/resources/postgres_conf.md.erb +78 -78
  92. data/docs/resources/postgres_hba_conf.md.erb +92 -92
  93. data/docs/resources/postgres_ident_conf.md.erb +75 -75
  94. data/docs/resources/postgres_session.md.erb +68 -68
  95. data/docs/resources/powershell.md.erb +101 -101
  96. data/docs/resources/processes.md.erb +107 -107
  97. data/docs/resources/rabbitmq_config.md.erb +40 -40
  98. data/docs/resources/registry_key.md.erb +157 -157
  99. data/docs/resources/runit_service.md.erb +56 -56
  100. data/docs/resources/security_policy.md.erb +46 -46
  101. data/docs/resources/service.md.erb +120 -120
  102. data/docs/resources/shadow.md.erb +143 -143
  103. data/docs/resources/ssh_config.md.erb +79 -79
  104. data/docs/resources/sshd_config.md.erb +82 -82
  105. data/docs/resources/ssl.md.erb +118 -118
  106. data/docs/resources/sys_info.md.erb +41 -41
  107. data/docs/resources/systemd_service.md.erb +56 -56
  108. data/docs/resources/sysv_service.md.erb +56 -56
  109. data/docs/resources/upstart_service.md.erb +56 -56
  110. data/docs/resources/user.md.erb +139 -139
  111. data/docs/resources/users.md.erb +126 -126
  112. data/docs/resources/vbscript.md.erb +54 -54
  113. data/docs/resources/virtualization.md.erb +56 -56
  114. data/docs/resources/windows_feature.md.erb +46 -46
  115. data/docs/resources/windows_hotfix.md.erb +52 -52
  116. data/docs/resources/windows_task.md.erb +89 -89
  117. data/docs/resources/wmi.md.erb +80 -80
  118. data/docs/resources/x509_certificate.md.erb +150 -150
  119. data/docs/resources/xinetd_conf.md.erb +155 -155
  120. data/docs/resources/xml.md.erb +84 -84
  121. data/docs/resources/yaml.md.erb +68 -68
  122. data/docs/resources/yum.md.erb +97 -97
  123. data/docs/resources/zfs_dataset.md.erb +52 -52
  124. data/docs/resources/zfs_pool.md.erb +46 -46
  125. data/docs/ruby_usage.md +203 -203
  126. data/docs/shared/matcher_be.md.erb +1 -1
  127. data/docs/shared/matcher_cmp.md.erb +43 -43
  128. data/docs/shared/matcher_eq.md.erb +3 -3
  129. data/docs/shared/matcher_include.md.erb +1 -1
  130. data/docs/shared/matcher_match.md.erb +1 -1
  131. data/docs/shell.md +172 -172
  132. data/examples/README.md +8 -8
  133. data/examples/inheritance/README.md +65 -65
  134. data/examples/inheritance/controls/example.rb +14 -14
  135. data/examples/inheritance/inspec.yml +15 -15
  136. data/examples/kitchen-ansible/.kitchen.yml +25 -25
  137. data/examples/kitchen-ansible/Gemfile +19 -19
  138. data/examples/kitchen-ansible/README.md +53 -53
  139. data/examples/kitchen-ansible/files/nginx.repo +6 -6
  140. data/examples/kitchen-ansible/tasks/main.yml +16 -16
  141. data/examples/kitchen-ansible/test/integration/default/default.yml +5 -5
  142. data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -28
  143. data/examples/kitchen-chef/.kitchen.yml +20 -20
  144. data/examples/kitchen-chef/Berksfile +3 -3
  145. data/examples/kitchen-chef/Gemfile +19 -19
  146. data/examples/kitchen-chef/README.md +27 -27
  147. data/examples/kitchen-chef/metadata.rb +7 -7
  148. data/examples/kitchen-chef/recipes/default.rb +6 -6
  149. data/examples/kitchen-chef/recipes/nginx.rb +30 -30
  150. data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -28
  151. data/examples/kitchen-puppet/.kitchen.yml +22 -22
  152. data/examples/kitchen-puppet/Gemfile +20 -20
  153. data/examples/kitchen-puppet/Puppetfile +25 -25
  154. data/examples/kitchen-puppet/README.md +53 -53
  155. data/examples/kitchen-puppet/manifests/site.pp +33 -33
  156. data/examples/kitchen-puppet/metadata.json +11 -11
  157. data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -28
  158. data/examples/meta-profile/README.md +37 -37
  159. data/examples/meta-profile/controls/example.rb +13 -13
  160. data/examples/meta-profile/inspec.yml +13 -13
  161. data/examples/profile-attribute.yml +2 -2
  162. data/examples/profile-attribute/README.md +14 -14
  163. data/examples/profile-attribute/controls/example.rb +11 -11
  164. data/examples/profile-attribute/inspec.yml +8 -8
  165. data/examples/profile-sensitive/README.md +29 -29
  166. data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -9
  167. data/examples/profile-sensitive/controls/sensitive.rb +9 -9
  168. data/examples/profile-sensitive/inspec.yml +8 -8
  169. data/examples/profile/README.md +48 -48
  170. data/examples/profile/controls/example.rb +23 -23
  171. data/examples/profile/controls/gordon.rb +36 -36
  172. data/examples/profile/controls/meta.rb +34 -34
  173. data/examples/profile/inspec.yml +10 -10
  174. data/examples/profile/libraries/gordon_config.rb +53 -53
  175. data/inspec.gemspec +47 -47
  176. data/lib/bundles/README.md +3 -3
  177. data/lib/bundles/inspec-artifact.rb +7 -7
  178. data/lib/bundles/inspec-artifact/README.md +1 -1
  179. data/lib/bundles/inspec-artifact/cli.rb +277 -277
  180. data/lib/bundles/inspec-compliance.rb +16 -16
  181. data/lib/bundles/inspec-compliance/.kitchen.yml +20 -20
  182. data/lib/bundles/inspec-compliance/README.md +185 -185
  183. data/lib/bundles/inspec-compliance/api.rb +316 -316
  184. data/lib/bundles/inspec-compliance/api/login.rb +152 -152
  185. data/lib/bundles/inspec-compliance/bootstrap.sh +41 -41
  186. data/lib/bundles/inspec-compliance/cli.rb +277 -277
  187. data/lib/bundles/inspec-compliance/configuration.rb +103 -103
  188. data/lib/bundles/inspec-compliance/http.rb +86 -86
  189. data/lib/bundles/inspec-compliance/support.rb +36 -36
  190. data/lib/bundles/inspec-compliance/target.rb +98 -98
  191. data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -93
  192. data/lib/bundles/inspec-habitat.rb +12 -12
  193. data/lib/bundles/inspec-habitat/cli.rb +36 -36
  194. data/lib/bundles/inspec-habitat/log.rb +10 -10
  195. data/lib/bundles/inspec-habitat/profile.rb +390 -390
  196. data/lib/bundles/inspec-init.rb +8 -8
  197. data/lib/bundles/inspec-init/README.md +31 -31
  198. data/lib/bundles/inspec-init/cli.rb +97 -97
  199. data/lib/bundles/inspec-init/templates/profile/README.md +3 -3
  200. data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -19
  201. data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -8
  202. data/lib/bundles/inspec-supermarket.rb +13 -13
  203. data/lib/bundles/inspec-supermarket/README.md +45 -45
  204. data/lib/bundles/inspec-supermarket/api.rb +84 -84
  205. data/lib/bundles/inspec-supermarket/cli.rb +65 -65
  206. data/lib/bundles/inspec-supermarket/target.rb +34 -34
  207. data/lib/fetchers/git.rb +163 -163
  208. data/lib/fetchers/local.rb +74 -74
  209. data/lib/fetchers/mock.rb +35 -35
  210. data/lib/fetchers/url.rb +204 -204
  211. data/lib/inspec.rb +24 -24
  212. data/lib/inspec/archive/tar.rb +29 -29
  213. data/lib/inspec/archive/zip.rb +19 -19
  214. data/lib/inspec/backend.rb +92 -92
  215. data/lib/inspec/base_cli.rb +324 -322
  216. data/lib/inspec/cached_fetcher.rb +66 -66
  217. data/lib/inspec/cli.rb +298 -298
  218. data/lib/inspec/completions/bash.sh.erb +45 -45
  219. data/lib/inspec/completions/fish.sh.erb +34 -34
  220. data/lib/inspec/completions/zsh.sh.erb +61 -61
  221. data/lib/inspec/control_eval_context.rb +179 -179
  222. data/lib/inspec/dependencies/cache.rb +72 -72
  223. data/lib/inspec/dependencies/dependency_set.rb +92 -92
  224. data/lib/inspec/dependencies/lockfile.rb +115 -115
  225. data/lib/inspec/dependencies/requirement.rb +123 -123
  226. data/lib/inspec/dependencies/resolver.rb +86 -86
  227. data/lib/inspec/describe.rb +27 -27
  228. data/lib/inspec/dsl.rb +66 -66
  229. data/lib/inspec/dsl_shared.rb +33 -33
  230. data/lib/inspec/env_printer.rb +157 -157
  231. data/lib/inspec/errors.rb +13 -13
  232. data/lib/inspec/exceptions.rb +12 -12
  233. data/lib/inspec/expect.rb +45 -45
  234. data/lib/inspec/fetcher.rb +45 -45
  235. data/lib/inspec/file_provider.rb +275 -275
  236. data/lib/inspec/formatters.rb +3 -3
  237. data/lib/inspec/formatters/base.rb +208 -208
  238. data/lib/inspec/formatters/json_rspec.rb +20 -20
  239. data/lib/inspec/formatters/show_progress.rb +12 -12
  240. data/lib/inspec/library_eval_context.rb +58 -58
  241. data/lib/inspec/log.rb +11 -11
  242. data/lib/inspec/metadata.rb +253 -253
  243. data/lib/inspec/method_source.rb +24 -24
  244. data/lib/inspec/objects.rb +14 -14
  245. data/lib/inspec/objects/attribute.rb +65 -65
  246. data/lib/inspec/objects/control.rb +61 -61
  247. data/lib/inspec/objects/describe.rb +92 -92
  248. data/lib/inspec/objects/each_loop.rb +36 -36
  249. data/lib/inspec/objects/list.rb +15 -15
  250. data/lib/inspec/objects/or_test.rb +40 -40
  251. data/lib/inspec/objects/ruby_helper.rb +15 -15
  252. data/lib/inspec/objects/tag.rb +27 -27
  253. data/lib/inspec/objects/test.rb +87 -87
  254. data/lib/inspec/objects/value.rb +27 -27
  255. data/lib/inspec/plugins.rb +60 -60
  256. data/lib/inspec/plugins/cli.rb +24 -24
  257. data/lib/inspec/plugins/fetcher.rb +86 -86
  258. data/lib/inspec/plugins/resource.rb +132 -132
  259. data/lib/inspec/plugins/secret.rb +15 -15
  260. data/lib/inspec/plugins/source_reader.rb +40 -40
  261. data/lib/inspec/polyfill.rb +12 -12
  262. data/lib/inspec/profile.rb +510 -510
  263. data/lib/inspec/profile_context.rb +207 -207
  264. data/lib/inspec/profile_vendor.rb +66 -66
  265. data/lib/inspec/reporters.rb +50 -33
  266. data/lib/inspec/reporters/base.rb +24 -23
  267. data/lib/inspec/reporters/cli.rb +395 -395
  268. data/lib/inspec/reporters/json.rb +134 -132
  269. data/lib/inspec/reporters/json_min.rb +48 -44
  270. data/lib/inspec/reporters/junit.rb +77 -77
  271. data/lib/inspec/require_loader.rb +33 -33
  272. data/lib/inspec/resource.rb +176 -176
  273. data/lib/inspec/rule.rb +266 -266
  274. data/lib/inspec/runner.rb +340 -337
  275. data/lib/inspec/runner_mock.rb +41 -41
  276. data/lib/inspec/runner_rspec.rb +163 -185
  277. data/lib/inspec/runtime_profile.rb +26 -26
  278. data/lib/inspec/schema.rb +186 -186
  279. data/lib/inspec/secrets.rb +19 -19
  280. data/lib/inspec/secrets/yaml.rb +30 -30
  281. data/lib/inspec/shell.rb +223 -223
  282. data/lib/inspec/shell_detector.rb +90 -90
  283. data/lib/inspec/source_reader.rb +29 -29
  284. data/lib/inspec/version.rb +8 -8
  285. data/lib/matchers/matchers.rb +397 -397
  286. data/lib/resources/aide_conf.rb +160 -160
  287. data/lib/resources/apache.rb +49 -49
  288. data/lib/resources/apache_conf.rb +158 -158
  289. data/lib/resources/apt.rb +150 -150
  290. data/lib/resources/audit_policy.rb +64 -64
  291. data/lib/resources/auditd.rb +233 -233
  292. data/lib/resources/auditd_conf.rb +56 -56
  293. data/lib/resources/auditd_rules.rb +205 -205
  294. data/lib/resources/bash.rb +36 -36
  295. data/lib/resources/bond.rb +69 -69
  296. data/lib/resources/bridge.rb +123 -123
  297. data/lib/resources/command.rb +69 -69
  298. data/lib/resources/cpan.rb +60 -60
  299. data/lib/resources/cran.rb +66 -66
  300. data/lib/resources/crontab.rb +169 -169
  301. data/lib/resources/csv.rb +58 -58
  302. data/lib/resources/dh_params.rb +83 -83
  303. data/lib/resources/directory.rb +25 -25
  304. data/lib/resources/docker.rb +239 -239
  305. data/lib/resources/docker_container.rb +92 -92
  306. data/lib/resources/docker_image.rb +86 -86
  307. data/lib/resources/docker_object.rb +57 -57
  308. data/lib/resources/docker_service.rb +94 -94
  309. data/lib/resources/elasticsearch.rb +168 -168
  310. data/lib/resources/etc_fstab.rb +102 -102
  311. data/lib/resources/etc_group.rb +157 -157
  312. data/lib/resources/etc_hosts.rb +81 -81
  313. data/lib/resources/etc_hosts_allow_deny.rb +122 -122
  314. data/lib/resources/file.rb +298 -298
  315. data/lib/resources/filesystem.rb +31 -31
  316. data/lib/resources/firewalld.rb +144 -144
  317. data/lib/resources/gem.rb +71 -71
  318. data/lib/resources/groups.rb +213 -213
  319. data/lib/resources/grub_conf.rb +237 -237
  320. data/lib/resources/host.rb +300 -300
  321. data/lib/resources/http.rb +252 -252
  322. data/lib/resources/iis_app.rb +103 -103
  323. data/lib/resources/iis_site.rb +147 -147
  324. data/lib/resources/inetd_conf.rb +63 -63
  325. data/lib/resources/ini.rb +29 -29
  326. data/lib/resources/interface.rb +130 -130
  327. data/lib/resources/iptables.rb +70 -70
  328. data/lib/resources/json.rb +115 -115
  329. data/lib/resources/kernel_module.rb +110 -110
  330. data/lib/resources/kernel_parameter.rb +58 -58
  331. data/lib/resources/key_rsa.rb +67 -67
  332. data/lib/resources/limits_conf.rb +56 -56
  333. data/lib/resources/login_def.rb +67 -67
  334. data/lib/resources/mount.rb +90 -90
  335. data/lib/resources/mssql_session.rb +103 -103
  336. data/lib/resources/mysql.rb +82 -82
  337. data/lib/resources/mysql_conf.rb +133 -133
  338. data/lib/resources/mysql_session.rb +72 -72
  339. data/lib/resources/nginx.rb +97 -97
  340. data/lib/resources/nginx_conf.rb +228 -228
  341. data/lib/resources/npm.rb +48 -48
  342. data/lib/resources/ntp_conf.rb +59 -59
  343. data/lib/resources/oneget.rb +72 -72
  344. data/lib/resources/oracledb_session.rb +140 -140
  345. data/lib/resources/os.rb +46 -46
  346. data/lib/resources/os_env.rb +76 -76
  347. data/lib/resources/package.rb +357 -357
  348. data/lib/resources/packages.rb +112 -112
  349. data/lib/resources/parse_config.rb +116 -116
  350. data/lib/resources/passwd.rb +96 -96
  351. data/lib/resources/pip.rb +89 -89
  352. data/lib/resources/platform.rb +112 -112
  353. data/lib/resources/port.rb +771 -771
  354. data/lib/resources/postgres.rb +132 -132
  355. data/lib/resources/postgres_conf.rb +122 -122
  356. data/lib/resources/postgres_hba_conf.rb +101 -101
  357. data/lib/resources/postgres_ident_conf.rb +79 -79
  358. data/lib/resources/postgres_session.rb +72 -72
  359. data/lib/resources/powershell.rb +58 -58
  360. data/lib/resources/processes.rb +204 -204
  361. data/lib/resources/rabbitmq_conf.rb +53 -53
  362. data/lib/resources/registry_key.rb +296 -296
  363. data/lib/resources/security_policy.rb +181 -181
  364. data/lib/resources/service.rb +784 -784
  365. data/lib/resources/shadow.rb +141 -141
  366. data/lib/resources/ssh_conf.rb +102 -102
  367. data/lib/resources/ssl.rb +99 -99
  368. data/lib/resources/sys_info.rb +26 -26
  369. data/lib/resources/toml.rb +32 -32
  370. data/lib/resources/users.rb +652 -652
  371. data/lib/resources/vbscript.rb +70 -70
  372. data/lib/resources/virtualization.rb +251 -251
  373. data/lib/resources/windows_feature.rb +85 -85
  374. data/lib/resources/windows_hotfix.rb +35 -35
  375. data/lib/resources/windows_task.rb +106 -106
  376. data/lib/resources/wmi.rb +114 -114
  377. data/lib/resources/x509_certificate.rb +143 -143
  378. data/lib/resources/xinetd.rb +112 -112
  379. data/lib/resources/xml.rb +45 -45
  380. data/lib/resources/yaml.rb +45 -45
  381. data/lib/resources/yum.rb +181 -181
  382. data/lib/resources/zfs_dataset.rb +60 -60
  383. data/lib/resources/zfs_pool.rb +49 -49
  384. data/lib/source_readers/flat.rb +39 -39
  385. data/lib/source_readers/inspec.rb +75 -75
  386. data/lib/utils/command_wrapper.rb +27 -27
  387. data/lib/utils/convert.rb +12 -12
  388. data/lib/utils/database_helpers.rb +77 -77
  389. data/lib/utils/erlang_parser.rb +192 -192
  390. data/lib/utils/filter.rb +272 -272
  391. data/lib/utils/filter_array.rb +27 -27
  392. data/lib/utils/find_files.rb +44 -44
  393. data/lib/utils/hash.rb +41 -41
  394. data/lib/utils/json_log.rb +18 -18
  395. data/lib/utils/latest_version.rb +22 -22
  396. data/lib/utils/modulator.rb +12 -12
  397. data/lib/utils/nginx_parser.rb +85 -85
  398. data/lib/utils/object_traversal.rb +49 -49
  399. data/lib/utils/parser.rb +274 -274
  400. data/lib/utils/plugin_registry.rb +93 -93
  401. data/lib/utils/simpleconfig.rb +132 -132
  402. data/lib/utils/spdx.rb +13 -13
  403. data/lib/utils/spdx.txt +343 -343
  404. metadata +2 -2
@@ -1,40 +1,40 @@
1
- ---
2
- title: About the rabbitmq_config Resource
3
- ---
4
-
5
- # rabbitmq_config
6
-
7
- Use the `rabbitmq_config` InSpec audit resource to test configuration data for the RabbitMQ daemon located at `/etc/rabbitmq/rabbitmq.config` on Linux and Unix platforms.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- A `rabbitmq_config` resource block declares the RabbitMQ configuration data to be tested:
14
-
15
- describe rabbitmq_config.params('rabbit', 'ssl_listeners') do
16
- it { should cmp 5671 }
17
- end
18
-
19
- where
20
-
21
- * `params` is the list of parameters configured in the RabbitMQ config file
22
- * `{ should cmp 5671 }` tests the value of `rabbit.ssl_listeners` as read from `rabbitmq.config` versus the value declared in the test
23
-
24
- <br>
25
-
26
- ## Examples
27
-
28
- The following examples show how to use this InSpec audit resource.
29
-
30
- ### Test the list of TCP listeners
31
-
32
- describe rabbitmq_config.params('rabbit', 'tcp_listeners') do
33
- it { should eq [5672] }
34
- end
35
-
36
- <br>
37
-
38
- ## Matchers
39
-
40
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
1
+ ---
2
+ title: About the rabbitmq_config Resource
3
+ ---
4
+
5
+ # rabbitmq_config
6
+
7
+ Use the `rabbitmq_config` InSpec audit resource to test configuration data for the RabbitMQ daemon located at `/etc/rabbitmq/rabbitmq.config` on Linux and Unix platforms.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ A `rabbitmq_config` resource block declares the RabbitMQ configuration data to be tested:
14
+
15
+ describe rabbitmq_config.params('rabbit', 'ssl_listeners') do
16
+ it { should cmp 5671 }
17
+ end
18
+
19
+ where
20
+
21
+ * `params` is the list of parameters configured in the RabbitMQ config file
22
+ * `{ should cmp 5671 }` tests the value of `rabbit.ssl_listeners` as read from `rabbitmq.config` versus the value declared in the test
23
+
24
+ <br>
25
+
26
+ ## Examples
27
+
28
+ The following examples show how to use this InSpec audit resource.
29
+
30
+ ### Test the list of TCP listeners
31
+
32
+ describe rabbitmq_config.params('rabbit', 'tcp_listeners') do
33
+ it { should eq [5672] }
34
+ end
35
+
36
+ <br>
37
+
38
+ ## Matchers
39
+
40
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
@@ -1,157 +1,157 @@
1
- ---
2
- title: About the registry_key Resource
3
- ---
4
-
5
- # registry_key
6
-
7
- Use the `registry_key` InSpec audit resource to test key values in the Windows registry.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- A `registry_key` resource block declares the item in the Windows registry, the path to a setting under that item, and then one (or more) name/value pairs to be tested.
14
-
15
- Use a registry key name and path:
16
-
17
- describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') do
18
- its('Start') { should eq 2 }
19
- end
20
-
21
- Use only a registry key path:
22
-
23
- describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') do
24
- its('Start') { should eq 2 }
25
- end
26
-
27
- Or use a Ruby Hash:
28
-
29
- describe registry_key({
30
- name: 'Task Scheduler',
31
- hive: 'HKEY_LOCAL_MACHINE',
32
- key: '\SYSTEM\CurrentControlSet\services\Schedule'
33
- }) do
34
- its('Start') { should eq 2 }
35
- end
36
-
37
-
38
- ### Registry Key Path Separators
39
-
40
- A Windows registry key can be used as a string in Ruby code, such as when a registry key is used as the name of a recipe. In Ruby, when a registry key is enclosed in a double-quoted string (`" "`), the same backslash character (`\`) that is used to define the registry key path separator is also used in Ruby to define an escape character. Therefore, the registry key path separators must be escaped when they are enclosed in a double-quoted string. For example, the following registry key:
41
-
42
- HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Themes
43
-
44
- may be encloused in a single-quoted string with a single backslash:
45
-
46
- 'HKCU\SOFTWARE\path\to\key\Themes'
47
-
48
- or may be enclosed in a double-quoted string with an extra backslash as an escape character:
49
-
50
- "HKCU\\SOFTWARE\\path\\to\\key\\Themes"
51
-
52
-
53
- <p class="warning">
54
- Please make sure that you use backslashes instead of forward slashes. Forward slashes will not work for registry keys.
55
- </p>
56
-
57
- # The following will not work:
58
- # describe registry_key('HKLM/SOFTWARE/Microsoft/NET Framework Setup/NDP/v4/Full/1033') do
59
- # its('Release') { should eq 378675 }
60
- # end
61
- # You should use:
62
- describe registry_key('HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\1033') do
63
- its('Release') { should eq 378675 }
64
- end
65
-
66
- <br>
67
-
68
- ## Examples
69
-
70
- The following examples show how to use this InSpec audit resource.
71
-
72
- ### Test the start time for the Schedule service
73
-
74
- describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\...\Schedule') do
75
- its('Start') { should eq 2 }
76
- end
77
-
78
- where `'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule'` is the full path to the setting.
79
-
80
- ### Use a regular expression in responses
81
-
82
- describe registry_key({
83
- hive: 'HKEY_LOCAL_MACHINE',
84
- key: 'SOFTWARE\Microsoft\Windows NT\CurrentVersion'
85
- }) do
86
- its('ProductName') { should match /^[a-zA-Z0-9\(\)\s]*2012\s[rR]2[a-zA-Z0-9\(\)\s]*$/ }
87
- end
88
-
89
- <br>
90
-
91
- ## Matchers
92
-
93
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
94
-
95
- ### children
96
-
97
- The `children` matcher return all of the child items of a registry key. A regular expression may be used to filter child items:
98
-
99
- describe registry_key('Key Name', '\path\to\key').children(regex)
100
- ...
101
- end
102
-
103
- For example, to get all child items for a registry key:
104
-
105
- describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet').children do
106
- it { should_not eq [] }
107
- end
108
-
109
- The following example shows how find a property that may exist against multiple registry keys, and then test that property for every registry key in which that property is located:
110
-
111
- describe registry_key({
112
- hive: 'HKEY_USERS'
113
- }).children(/^S-1-5-21-[0-9]+-[0-9]+-[0-9]+-[0-9]{3,}\\Software\\Policies\\Microsoft\\Windows\\Installer/).each { |key|
114
- describe registry_key(key) do
115
- its('AlwaysInstallElevated') { should eq 'value' }
116
- end
117
- }
118
-
119
- ### exist
120
-
121
- The `exist` matcher tests if the registry key is present:
122
-
123
- it { should exist }
124
-
125
- ### have_property
126
-
127
- The `have_property` matcher tests if a property exists for a registry key:
128
-
129
- it { should have_property 'value' }
130
-
131
- ### have\_property\_value
132
-
133
- The `have_property_value` matcher tests if a property value exists for a registry key:
134
-
135
- it { should have_property_value 'value' }
136
-
137
- ### have_value
138
-
139
- The `have_value` matcher tests if a value exists for a registry key:
140
-
141
- it { should have_value 'value' }
142
-
143
- ### name
144
-
145
- The `name` matcher tests the value for the specified registry setting:
146
-
147
- its('name') { should eq 'value' }
148
-
149
-
150
- <p class="warning">
151
- Any name with a dot will not work as expected: <code>its('explorer.exe') { should eq 'test' }</code>. This issue is tracked in <a href="https://github.com/chef/inspec/issues/1281">https://github.com/chef/inspec/issues/1281</a>
152
- </p>
153
-
154
- # instead of:
155
- # its('explorer.exe') { should eq 'test' }
156
- # use the following solution:
157
- it { should have_property_value('explorer.exe', :string, 'test') }
1
+ ---
2
+ title: About the registry_key Resource
3
+ ---
4
+
5
+ # registry_key
6
+
7
+ Use the `registry_key` InSpec audit resource to test key values in the Windows registry.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ A `registry_key` resource block declares the item in the Windows registry, the path to a setting under that item, and then one (or more) name/value pairs to be tested.
14
+
15
+ Use a registry key name and path:
16
+
17
+ describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') do
18
+ its('Start') { should eq 2 }
19
+ end
20
+
21
+ Use only a registry key path:
22
+
23
+ describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule') do
24
+ its('Start') { should eq 2 }
25
+ end
26
+
27
+ Or use a Ruby Hash:
28
+
29
+ describe registry_key({
30
+ name: 'Task Scheduler',
31
+ hive: 'HKEY_LOCAL_MACHINE',
32
+ key: '\SYSTEM\CurrentControlSet\services\Schedule'
33
+ }) do
34
+ its('Start') { should eq 2 }
35
+ end
36
+
37
+
38
+ ### Registry Key Path Separators
39
+
40
+ A Windows registry key can be used as a string in Ruby code, such as when a registry key is used as the name of a recipe. In Ruby, when a registry key is enclosed in a double-quoted string (`" "`), the same backslash character (`\`) that is used to define the registry key path separator is also used in Ruby to define an escape character. Therefore, the registry key path separators must be escaped when they are enclosed in a double-quoted string. For example, the following registry key:
41
+
42
+ HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Themes
43
+
44
+ may be encloused in a single-quoted string with a single backslash:
45
+
46
+ 'HKCU\SOFTWARE\path\to\key\Themes'
47
+
48
+ or may be enclosed in a double-quoted string with an extra backslash as an escape character:
49
+
50
+ "HKCU\\SOFTWARE\\path\\to\\key\\Themes"
51
+
52
+
53
+ <p class="warning">
54
+ Please make sure that you use backslashes instead of forward slashes. Forward slashes will not work for registry keys.
55
+ </p>
56
+
57
+ # The following will not work:
58
+ # describe registry_key('HKLM/SOFTWARE/Microsoft/NET Framework Setup/NDP/v4/Full/1033') do
59
+ # its('Release') { should eq 378675 }
60
+ # end
61
+ # You should use:
62
+ describe registry_key('HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\1033') do
63
+ its('Release') { should eq 378675 }
64
+ end
65
+
66
+ <br>
67
+
68
+ ## Examples
69
+
70
+ The following examples show how to use this InSpec audit resource.
71
+
72
+ ### Test the start time for the Schedule service
73
+
74
+ describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\...\Schedule') do
75
+ its('Start') { should eq 2 }
76
+ end
77
+
78
+ where `'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule'` is the full path to the setting.
79
+
80
+ ### Use a regular expression in responses
81
+
82
+ describe registry_key({
83
+ hive: 'HKEY_LOCAL_MACHINE',
84
+ key: 'SOFTWARE\Microsoft\Windows NT\CurrentVersion'
85
+ }) do
86
+ its('ProductName') { should match /^[a-zA-Z0-9\(\)\s]*2012\s[rR]2[a-zA-Z0-9\(\)\s]*$/ }
87
+ end
88
+
89
+ <br>
90
+
91
+ ## Matchers
92
+
93
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
94
+
95
+ ### children
96
+
97
+ The `children` matcher return all of the child items of a registry key. A regular expression may be used to filter child items:
98
+
99
+ describe registry_key('Key Name', '\path\to\key').children(regex)
100
+ ...
101
+ end
102
+
103
+ For example, to get all child items for a registry key:
104
+
105
+ describe registry_key('Task Scheduler','HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet').children do
106
+ it { should_not eq [] }
107
+ end
108
+
109
+ The following example shows how find a property that may exist against multiple registry keys, and then test that property for every registry key in which that property is located:
110
+
111
+ describe registry_key({
112
+ hive: 'HKEY_USERS'
113
+ }).children(/^S-1-5-21-[0-9]+-[0-9]+-[0-9]+-[0-9]{3,}\\Software\\Policies\\Microsoft\\Windows\\Installer/).each { |key|
114
+ describe registry_key(key) do
115
+ its('AlwaysInstallElevated') { should eq 'value' }
116
+ end
117
+ }
118
+
119
+ ### exist
120
+
121
+ The `exist` matcher tests if the registry key is present:
122
+
123
+ it { should exist }
124
+
125
+ ### have_property
126
+
127
+ The `have_property` matcher tests if a property exists for a registry key:
128
+
129
+ it { should have_property 'value' }
130
+
131
+ ### have\_property\_value
132
+
133
+ The `have_property_value` matcher tests if a property value exists for a registry key:
134
+
135
+ it { should have_property_value 'value' }
136
+
137
+ ### have_value
138
+
139
+ The `have_value` matcher tests if a value exists for a registry key:
140
+
141
+ it { should have_value 'value' }
142
+
143
+ ### name
144
+
145
+ The `name` matcher tests the value for the specified registry setting:
146
+
147
+ its('name') { should eq 'value' }
148
+
149
+
150
+ <p class="warning">
151
+ Any name with a dot will not work as expected: <code>its('explorer.exe') { should eq 'test' }</code>. This issue is tracked in <a href="https://github.com/chef/inspec/issues/1281">https://github.com/chef/inspec/issues/1281</a>
152
+ </p>
153
+
154
+ # instead of:
155
+ # its('explorer.exe') { should eq 'test' }
156
+ # use the following solution:
157
+ it { should have_property_value('explorer.exe', :string, 'test') }
@@ -1,56 +1,56 @@
1
- ---
2
- title: About the runit_service Resource
3
- ---
4
-
5
- # runit_service
6
-
7
- Use the `runit_service` InSpec audit resource to test a service using runit.
8
-
9
- <br>
10
-
11
- ## Syntax
12
-
13
- A `runit_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:
14
-
15
- describe runit_service('service_name') do
16
- it { should be_installed }
17
- it { should be_enabled }
18
- it { should be_running }
19
- end
20
-
21
- where
22
-
23
- * `('service_name')` must specify a service name
24
- * `be_installed`, `be_enabled`, and `be_running` are valid matchers for this resource; all matchers available to the `service` resource may be used
25
-
26
- The path to the service manager's control may be specified for situations where the path isn't available in the current `PATH`. For example:
27
-
28
- describe runit_service('service_name', '/path/to/control') do
29
- it { should be_enabled }
30
- it { should be_installed }
31
- it { should be_running }
32
- end
33
-
34
- <br>
35
-
36
- ## Matchers
37
-
38
- For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
39
-
40
- ### be_enabled
41
-
42
- The `be_enabled` matcher tests if the named service is enabled:
43
-
44
- it { should be_enabled }
45
-
46
- ### be_installed
47
-
48
- The `be_installed` matcher tests if the named service is installed:
49
-
50
- it { should be_installed }
51
-
52
- ### be_running
53
-
54
- The `be_running` matcher tests if the named service is running:
55
-
56
- it { should be_running }
1
+ ---
2
+ title: About the runit_service Resource
3
+ ---
4
+
5
+ # runit_service
6
+
7
+ Use the `runit_service` InSpec audit resource to test a service using runit.
8
+
9
+ <br>
10
+
11
+ ## Syntax
12
+
13
+ A `runit_service` resource block declares the name of a service and then one (or more) matchers to test the state of the service:
14
+
15
+ describe runit_service('service_name') do
16
+ it { should be_installed }
17
+ it { should be_enabled }
18
+ it { should be_running }
19
+ end
20
+
21
+ where
22
+
23
+ * `('service_name')` must specify a service name
24
+ * `be_installed`, `be_enabled`, and `be_running` are valid matchers for this resource; all matchers available to the `service` resource may be used
25
+
26
+ The path to the service manager's control may be specified for situations where the path isn't available in the current `PATH`. For example:
27
+
28
+ describe runit_service('service_name', '/path/to/control') do
29
+ it { should be_enabled }
30
+ it { should be_installed }
31
+ it { should be_running }
32
+ end
33
+
34
+ <br>
35
+
36
+ ## Matchers
37
+
38
+ For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
39
+
40
+ ### be_enabled
41
+
42
+ The `be_enabled` matcher tests if the named service is enabled:
43
+
44
+ it { should be_enabled }
45
+
46
+ ### be_installed
47
+
48
+ The `be_installed` matcher tests if the named service is installed:
49
+
50
+ it { should be_installed }
51
+
52
+ ### be_running
53
+
54
+ The `be_running` matcher tests if the named service is running:
55
+
56
+ it { should be_running }