RubyGems - inspec - Versions diffs - 2.0.16 → 2.0.17 - Mend

inspec 2.0.16 → 2.0.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (480) hide show

checksums.yaml +4 -4
data/.rubocop.yml +101 -101
data/CHANGELOG.md +2949 -2944
data/Gemfile +55 -55
data/LICENSE +14 -14
data/MAINTAINERS.md +31 -31
data/MAINTAINERS.toml +47 -47
data/README.md +438 -438
data/Rakefile +284 -284
data/bin/inspec +12 -12
data/docs/.gitignore +2 -2
data/docs/README.md +40 -40
data/docs/dsl_inspec.md +258 -258
data/docs/dsl_resource.md +93 -93
data/docs/glossary.md +99 -99
data/docs/habitat.md +191 -191
data/docs/inspec_and_friends.md +107 -107
data/docs/matchers.md +165 -165
data/docs/migration.md +293 -293
data/docs/platforms.md +118 -118
data/docs/plugin_kitchen_inspec.md +49 -49
data/docs/profiles.md +370 -370
data/docs/reporters.md +105 -105
data/docs/resources/aide_conf.md.erb +75 -75
data/docs/resources/apache.md.erb +67 -67
data/docs/resources/apache_conf.md.erb +68 -68
data/docs/resources/apt.md.erb +71 -71
data/docs/resources/audit_policy.md.erb +47 -47
data/docs/resources/auditd.md.erb +79 -79
data/docs/resources/auditd_conf.md.erb +68 -68
data/docs/resources/aws_cloudtrail_trail.md.erb +140 -140
data/docs/resources/aws_cloudtrail_trails.md.erb +81 -81
data/docs/resources/aws_cloudwatch_alarm.md.erb +86 -86
data/docs/resources/aws_cloudwatch_log_metric_filter.md.erb +151 -151
data/docs/resources/aws_ec2_instance.md.erb +106 -106
data/docs/resources/aws_iam_access_key.md.erb +123 -123
data/docs/resources/aws_iam_access_keys.md.erb +198 -198
data/docs/resources/aws_iam_group.md.erb +46 -46
data/docs/resources/aws_iam_groups.md.erb +43 -43
data/docs/resources/aws_iam_password_policy.md.erb +76 -76
data/docs/resources/aws_iam_policies.md.erb +82 -82
data/docs/resources/aws_iam_policy.md.erb +146 -146
data/docs/resources/aws_iam_role.md.erb +65 -65
data/docs/resources/aws_iam_root_user.md.erb +58 -58
data/docs/resources/aws_iam_user.md.erb +64 -64
data/docs/resources/aws_iam_users.md.erb +89 -89
data/docs/resources/aws_kms_keys.md.erb +84 -84
data/docs/resources/aws_route_table.md.erb +47 -47
data/docs/resources/aws_s3_bucket.md.erb +134 -134
data/docs/resources/aws_security_group.md.erb +152 -152
data/docs/resources/aws_security_groups.md.erb +92 -92
data/docs/resources/aws_sns_topic.md.erb +62 -62
data/docs/resources/aws_subnet.md.erb +133 -133
data/docs/resources/aws_subnets.md.erb +126 -126
data/docs/resources/aws_vpc.md.erb +120 -120
data/docs/resources/aws_vpcs.md.erb +48 -48
data/docs/resources/azure_generic_resource.md.erb +170 -139
data/docs/resources/azure_resource_group.md.erb +284 -284
data/docs/resources/azure_virtual_machine.md.erb +347 -314
data/docs/resources/azure_virtual_machine_data_disk.md.erb +224 -182
data/docs/resources/bash.md.erb +75 -75
data/docs/resources/bond.md.erb +90 -90
data/docs/resources/bridge.md.erb +57 -57
data/docs/resources/bsd_service.md.erb +67 -67
data/docs/resources/command.md.erb +138 -138
data/docs/resources/cpan.md.erb +79 -79
data/docs/resources/cran.md.erb +64 -64
data/docs/resources/crontab.md.erb +88 -88
data/docs/resources/csv.md.erb +54 -54
data/docs/resources/dh_params.md.erb +217 -217
data/docs/resources/directory.md.erb +30 -30
data/docs/resources/docker.md.erb +164 -164
data/docs/resources/docker_container.md.erb +104 -104
data/docs/resources/docker_image.md.erb +94 -94
data/docs/resources/docker_service.md.erb +114 -114
data/docs/resources/elasticsearch.md.erb +242 -242
data/docs/resources/etc_fstab.md.erb +125 -125
data/docs/resources/etc_group.md.erb +75 -75
data/docs/resources/etc_hosts.md.erb +78 -78
data/docs/resources/etc_hosts_allow.md.erb +74 -74
data/docs/resources/etc_hosts_deny.md.erb +74 -74
data/docs/resources/file.md.erb +515 -515
data/docs/resources/filesystem.md.erb +41 -41
data/docs/resources/firewalld.md.erb +107 -107
data/docs/resources/gem.md.erb +79 -79
data/docs/resources/group.md.erb +61 -61
data/docs/resources/grub_conf.md.erb +101 -101
data/docs/resources/host.md.erb +78 -78
data/docs/resources/http.md.erb +101 -101
data/docs/resources/iis_app.md.erb +122 -122
data/docs/resources/iis_site.md.erb +135 -135
data/docs/resources/inetd_conf.md.erb +94 -94
data/docs/resources/ini.md.erb +76 -76
data/docs/resources/interface.md.erb +58 -58
data/docs/resources/iptables.md.erb +64 -64
data/docs/resources/json.md.erb +62 -62
data/docs/resources/kernel_module.md.erb +107 -107
data/docs/resources/kernel_parameter.md.erb +53 -53
data/docs/resources/key_rsa.md.erb +85 -85
data/docs/resources/launchd_service.md.erb +57 -57
data/docs/resources/limits_conf.md.erb +75 -75
data/docs/resources/login_def.md.erb +71 -71
data/docs/resources/mount.md.erb +69 -69
data/docs/resources/mssql_session.md.erb +60 -60
data/docs/resources/mysql_conf.md.erb +99 -99
data/docs/resources/mysql_session.md.erb +74 -74
data/docs/resources/nginx.md.erb +79 -79
data/docs/resources/nginx_conf.md.erb +128 -128
data/docs/resources/npm.md.erb +60 -60
data/docs/resources/ntp_conf.md.erb +60 -60
data/docs/resources/oneget.md.erb +53 -53
data/docs/resources/oracledb_session.md.erb +52 -52
data/docs/resources/os.md.erb +141 -141
data/docs/resources/os_env.md.erb +78 -78
data/docs/resources/package.md.erb +120 -120
data/docs/resources/packages.md.erb +67 -67
data/docs/resources/parse_config.md.erb +103 -103
data/docs/resources/parse_config_file.md.erb +138 -138
data/docs/resources/passwd.md.erb +141 -141
data/docs/resources/pip.md.erb +67 -67
data/docs/resources/port.md.erb +137 -137
data/docs/resources/postgres_conf.md.erb +79 -79
data/docs/resources/postgres_hba_conf.md.erb +93 -93
data/docs/resources/postgres_ident_conf.md.erb +76 -76
data/docs/resources/postgres_session.md.erb +69 -69
data/docs/resources/powershell.md.erb +102 -102
data/docs/resources/processes.md.erb +109 -109
data/docs/resources/rabbitmq_config.md.erb +41 -41
data/docs/resources/registry_key.md.erb +158 -158
data/docs/resources/runit_service.md.erb +57 -57
data/docs/resources/security_policy.md.erb +47 -47
data/docs/resources/service.md.erb +121 -121
data/docs/resources/shadow.md.erb +144 -144
data/docs/resources/ssh_config.md.erb +80 -80
data/docs/resources/sshd_config.md.erb +83 -83
data/docs/resources/ssl.md.erb +119 -119
data/docs/resources/sys_info.md.erb +42 -42
data/docs/resources/systemd_service.md.erb +57 -57
data/docs/resources/sysv_service.md.erb +57 -57
data/docs/resources/upstart_service.md.erb +57 -57
data/docs/resources/user.md.erb +140 -140
data/docs/resources/users.md.erb +127 -127
data/docs/resources/vbscript.md.erb +55 -55
data/docs/resources/virtualization.md.erb +57 -57
data/docs/resources/windows_feature.md.erb +47 -47
data/docs/resources/windows_hotfix.md.erb +53 -53
data/docs/resources/windows_task.md.erb +95 -95
data/docs/resources/wmi.md.erb +81 -81
data/docs/resources/x509_certificate.md.erb +151 -151
data/docs/resources/xinetd_conf.md.erb +156 -156
data/docs/resources/xml.md.erb +85 -85
data/docs/resources/yaml.md.erb +69 -69
data/docs/resources/yum.md.erb +98 -98
data/docs/resources/zfs_dataset.md.erb +53 -53
data/docs/resources/zfs_pool.md.erb +47 -47
data/docs/ruby_usage.md +203 -203
data/docs/shared/matcher_be.md.erb +1 -1
data/docs/shared/matcher_cmp.md.erb +43 -43
data/docs/shared/matcher_eq.md.erb +3 -3
data/docs/shared/matcher_include.md.erb +1 -1
data/docs/shared/matcher_match.md.erb +1 -1
data/docs/shell.md +172 -172
data/examples/README.md +8 -8
data/examples/inheritance/README.md +65 -65
data/examples/inheritance/controls/example.rb +14 -14
data/examples/inheritance/inspec.yml +15 -15
data/examples/kitchen-ansible/.kitchen.yml +25 -25
data/examples/kitchen-ansible/Gemfile +19 -19
data/examples/kitchen-ansible/README.md +53 -53
data/examples/kitchen-ansible/files/nginx.repo +6 -6
data/examples/kitchen-ansible/tasks/main.yml +16 -16
data/examples/kitchen-ansible/test/integration/default/default.yml +5 -5
data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -28
data/examples/kitchen-chef/.kitchen.yml +20 -20
data/examples/kitchen-chef/Berksfile +3 -3
data/examples/kitchen-chef/Gemfile +19 -19
data/examples/kitchen-chef/README.md +27 -27
data/examples/kitchen-chef/metadata.rb +7 -7
data/examples/kitchen-chef/recipes/default.rb +6 -6
data/examples/kitchen-chef/recipes/nginx.rb +30 -30
data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -28
data/examples/kitchen-puppet/.kitchen.yml +22 -22
data/examples/kitchen-puppet/Gemfile +20 -20
data/examples/kitchen-puppet/Puppetfile +25 -25
data/examples/kitchen-puppet/README.md +53 -53
data/examples/kitchen-puppet/manifests/site.pp +33 -33
data/examples/kitchen-puppet/metadata.json +11 -11
data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -28
data/examples/meta-profile/README.md +37 -37
data/examples/meta-profile/controls/example.rb +13 -13
data/examples/meta-profile/inspec.yml +13 -13
data/examples/profile-attribute.yml +2 -2
data/examples/profile-attribute/README.md +14 -14
data/examples/profile-attribute/controls/example.rb +11 -11
data/examples/profile-attribute/inspec.yml +8 -8
data/examples/profile-aws/controls/iam_password_policy_expiration.rb +8 -8
data/examples/profile-aws/controls/iam_password_policy_max_age.rb +8 -8
data/examples/profile-aws/controls/iam_root_user_mfa.rb +8 -8
data/examples/profile-aws/controls/iam_users_access_key_age.rb +8 -8
data/examples/profile-aws/controls/iam_users_console_users_mfa.rb +8 -8
data/examples/profile-aws/inspec.yml +11 -11
data/examples/profile-azure/controls/azure_resource_group_example.rb +24 -24
data/examples/profile-azure/controls/azure_vm_example.rb +29 -29
data/examples/profile-azure/inspec.yml +11 -11
data/examples/profile-sensitive/README.md +29 -29
data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -9
data/examples/profile-sensitive/controls/sensitive.rb +9 -9
data/examples/profile-sensitive/inspec.yml +8 -8
data/examples/profile/README.md +48 -48
data/examples/profile/controls/example.rb +23 -23
data/examples/profile/controls/gordon.rb +36 -36
data/examples/profile/controls/meta.rb +34 -34
data/examples/profile/inspec.yml +10 -10
data/examples/profile/libraries/gordon_config.rb +53 -53
data/inspec.gemspec +47 -47
data/lib/bundles/README.md +3 -3
data/lib/bundles/inspec-artifact.rb +7 -7
data/lib/bundles/inspec-artifact/README.md +1 -1
data/lib/bundles/inspec-artifact/cli.rb +277 -277
data/lib/bundles/inspec-compliance.rb +16 -16
data/lib/bundles/inspec-compliance/.kitchen.yml +20 -20
data/lib/bundles/inspec-compliance/README.md +185 -185
data/lib/bundles/inspec-compliance/api.rb +316 -316
data/lib/bundles/inspec-compliance/api/login.rb +152 -152
data/lib/bundles/inspec-compliance/bootstrap.sh +41 -41
data/lib/bundles/inspec-compliance/cli.rb +254 -254
data/lib/bundles/inspec-compliance/configuration.rb +103 -103
data/lib/bundles/inspec-compliance/http.rb +86 -86
data/lib/bundles/inspec-compliance/support.rb +36 -36
data/lib/bundles/inspec-compliance/target.rb +98 -98
data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -93
data/lib/bundles/inspec-habitat.rb +12 -12
data/lib/bundles/inspec-habitat/cli.rb +36 -36
data/lib/bundles/inspec-habitat/log.rb +10 -10
data/lib/bundles/inspec-habitat/profile.rb +390 -390
data/lib/bundles/inspec-init.rb +8 -8
data/lib/bundles/inspec-init/README.md +31 -31
data/lib/bundles/inspec-init/cli.rb +97 -97
data/lib/bundles/inspec-init/templates/profile/README.md +3 -3
data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -19
data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -8
data/lib/bundles/inspec-supermarket.rb +13 -13
data/lib/bundles/inspec-supermarket/README.md +45 -45
data/lib/bundles/inspec-supermarket/api.rb +84 -84
data/lib/bundles/inspec-supermarket/cli.rb +73 -73
data/lib/bundles/inspec-supermarket/target.rb +34 -34
data/lib/fetchers/git.rb +163 -163
data/lib/fetchers/local.rb +74 -74
data/lib/fetchers/mock.rb +35 -35
data/lib/fetchers/url.rb +204 -204
data/lib/inspec.rb +24 -24
data/lib/inspec/archive/tar.rb +29 -29
data/lib/inspec/archive/zip.rb +19 -19
data/lib/inspec/backend.rb +92 -92
data/lib/inspec/base_cli.rb +350 -333
data/lib/inspec/cached_fetcher.rb +66 -66
data/lib/inspec/cli.rb +292 -302
data/lib/inspec/completions/bash.sh.erb +45 -45
data/lib/inspec/completions/fish.sh.erb +34 -34
data/lib/inspec/completions/zsh.sh.erb +61 -61
data/lib/inspec/control_eval_context.rb +179 -179
data/lib/inspec/dependencies/cache.rb +72 -72
data/lib/inspec/dependencies/dependency_set.rb +92 -92
data/lib/inspec/dependencies/lockfile.rb +115 -115
data/lib/inspec/dependencies/requirement.rb +123 -123
data/lib/inspec/dependencies/resolver.rb +86 -86
data/lib/inspec/describe.rb +27 -27
data/lib/inspec/dsl.rb +66 -66
data/lib/inspec/dsl_shared.rb +33 -33
data/lib/inspec/env_printer.rb +157 -157
data/lib/inspec/errors.rb +13 -13
data/lib/inspec/exceptions.rb +12 -12
data/lib/inspec/expect.rb +45 -45
data/lib/inspec/fetcher.rb +45 -45
data/lib/inspec/file_provider.rb +275 -275
data/lib/inspec/formatters.rb +3 -3
data/lib/inspec/formatters/base.rb +250 -250
data/lib/inspec/formatters/json_rspec.rb +20 -20
data/lib/inspec/formatters/show_progress.rb +12 -12
data/lib/inspec/library_eval_context.rb +58 -58
data/lib/inspec/log.rb +11 -11
data/lib/inspec/metadata.rb +247 -247
data/lib/inspec/method_source.rb +24 -24
data/lib/inspec/objects.rb +14 -14
data/lib/inspec/objects/attribute.rb +65 -65
data/lib/inspec/objects/control.rb +61 -61
data/lib/inspec/objects/describe.rb +92 -92
data/lib/inspec/objects/each_loop.rb +36 -36
data/lib/inspec/objects/list.rb +15 -15
data/lib/inspec/objects/or_test.rb +40 -40
data/lib/inspec/objects/ruby_helper.rb +15 -15
data/lib/inspec/objects/tag.rb +27 -27
data/lib/inspec/objects/test.rb +87 -87
data/lib/inspec/objects/value.rb +27 -27
data/lib/inspec/plugins.rb +60 -60
data/lib/inspec/plugins/cli.rb +24 -24
data/lib/inspec/plugins/fetcher.rb +86 -86
data/lib/inspec/plugins/resource.rb +133 -133
data/lib/inspec/plugins/secret.rb +15 -15
data/lib/inspec/plugins/source_reader.rb +40 -40
data/lib/inspec/polyfill.rb +12 -12
data/lib/inspec/profile.rb +510 -510
data/lib/inspec/profile_context.rb +207 -207
data/lib/inspec/profile_vendor.rb +66 -66
data/lib/inspec/reporters.rb +50 -50
data/lib/inspec/reporters/base.rb +24 -24
data/lib/inspec/reporters/cli.rb +356 -356
data/lib/inspec/reporters/json.rb +116 -116
data/lib/inspec/reporters/json_min.rb +48 -48
data/lib/inspec/reporters/junit.rb +77 -77
data/lib/inspec/require_loader.rb +33 -33
data/lib/inspec/resource.rb +186 -186
data/lib/inspec/rule.rb +266 -266
data/lib/inspec/runner.rb +344 -344
data/lib/inspec/runner_mock.rb +41 -41
data/lib/inspec/runner_rspec.rb +174 -174
data/lib/inspec/runtime_profile.rb +26 -26
data/lib/inspec/schema.rb +213 -213
data/lib/inspec/secrets.rb +19 -19
data/lib/inspec/secrets/yaml.rb +30 -30
data/lib/inspec/shell.rb +220 -223
data/lib/inspec/shell_detector.rb +90 -90
data/lib/inspec/source_reader.rb +29 -29
data/lib/inspec/version.rb +8 -8
data/lib/matchers/matchers.rb +339 -339
data/lib/resource_support/aws.rb +40 -40
data/lib/resource_support/aws/aws_backend_base.rb +12 -12
data/lib/resource_support/aws/aws_backend_factory_mixin.rb +12 -12
data/lib/resource_support/aws/aws_plural_resource_mixin.rb +21 -21
data/lib/resource_support/aws/aws_resource_mixin.rb +66 -66
data/lib/resource_support/aws/aws_singular_resource_mixin.rb +24 -24
data/lib/resources/aide_conf.rb +160 -160
data/lib/resources/apache.rb +48 -48
data/lib/resources/apache_conf.rb +156 -156
data/lib/resources/apt.rb +149 -149
data/lib/resources/audit_policy.rb +63 -63
data/lib/resources/auditd.rb +231 -231
data/lib/resources/auditd_conf.rb +55 -55
data/lib/resources/aws/aws_cloudtrail_trail.rb +77 -77
data/lib/resources/aws/aws_cloudtrail_trails.rb +47 -47
data/lib/resources/aws/aws_cloudwatch_alarm.rb +62 -62
data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +100 -100
data/lib/resources/aws/aws_ec2_instance.rb +157 -157
data/lib/resources/aws/aws_iam_access_key.rb +106 -106
data/lib/resources/aws/aws_iam_access_keys.rb +144 -144
data/lib/resources/aws/aws_iam_group.rb +56 -56
data/lib/resources/aws/aws_iam_groups.rb +45 -45
data/lib/resources/aws/aws_iam_password_policy.rb +116 -116
data/lib/resources/aws/aws_iam_policies.rb +46 -46
data/lib/resources/aws/aws_iam_policy.rb +119 -119
data/lib/resources/aws/aws_iam_role.rb +51 -51
data/lib/resources/aws/aws_iam_root_user.rb +60 -60
data/lib/resources/aws/aws_iam_user.rb +111 -111
data/lib/resources/aws/aws_iam_users.rb +96 -96
data/lib/resources/aws/aws_kms_keys.rb +46 -46
data/lib/resources/aws/aws_route_table.rb +61 -61
data/lib/resources/aws/aws_s3_bucket.rb +115 -115
data/lib/resources/aws/aws_security_group.rb +93 -93
data/lib/resources/aws/aws_security_groups.rb +68 -68
data/lib/resources/aws/aws_sns_topic.rb +53 -53
data/lib/resources/aws/aws_subnet.rb +88 -88
data/lib/resources/aws/aws_subnets.rb +53 -53
data/lib/resources/aws/aws_vpc.rb +69 -69
data/lib/resources/aws/aws_vpcs.rb +45 -45
data/lib/resources/azure/azure_backend.rb +377 -377
data/lib/resources/azure/azure_generic_resource.rb +59 -59
data/lib/resources/azure/azure_resource_group.rb +152 -152
data/lib/resources/azure/azure_virtual_machine.rb +264 -264
data/lib/resources/azure/azure_virtual_machine_data_disk.rb +136 -136
data/lib/resources/bash.rb +35 -35
data/lib/resources/bond.rb +68 -68
data/lib/resources/bridge.rb +122 -122
data/lib/resources/command.rb +69 -69
data/lib/resources/cpan.rb +58 -58
data/lib/resources/cran.rb +64 -64
data/lib/resources/crontab.rb +170 -170
data/lib/resources/csv.rb +60 -60
data/lib/resources/dh_params.rb +82 -82
data/lib/resources/directory.rb +25 -25
data/lib/resources/docker.rb +236 -236
data/lib/resources/docker_container.rb +89 -89
data/lib/resources/docker_image.rb +83 -83
data/lib/resources/docker_object.rb +57 -57
data/lib/resources/docker_service.rb +90 -90
data/lib/resources/elasticsearch.rb +169 -169
data/lib/resources/etc_fstab.rb +102 -102
data/lib/resources/etc_group.rb +156 -156
data/lib/resources/etc_hosts.rb +81 -81
data/lib/resources/etc_hosts_allow_deny.rb +123 -123
data/lib/resources/file.rb +298 -298
data/lib/resources/filesystem.rb +31 -31
data/lib/resources/firewalld.rb +144 -144
data/lib/resources/gem.rb +70 -70
data/lib/resources/groups.rb +215 -215
data/lib/resources/grub_conf.rb +237 -237
data/lib/resources/host.rb +300 -300
data/lib/resources/http.rb +250 -250
data/lib/resources/iis_app.rb +104 -104
data/lib/resources/iis_site.rb +148 -148
data/lib/resources/inetd_conf.rb +62 -62
data/lib/resources/ini.rb +29 -29
data/lib/resources/interface.rb +129 -129
data/lib/resources/iptables.rb +69 -69
data/lib/resources/json.rb +117 -117
data/lib/resources/kernel_module.rb +107 -107
data/lib/resources/kernel_parameter.rb +58 -58
data/lib/resources/key_rsa.rb +67 -67
data/lib/resources/limits_conf.rb +55 -55
data/lib/resources/login_def.rb +66 -66
data/lib/resources/mount.rb +88 -88
data/lib/resources/mssql_session.rb +101 -101
data/lib/resources/mysql.rb +81 -81
data/lib/resources/mysql_conf.rb +134 -134
data/lib/resources/mysql_session.rb +71 -71
data/lib/resources/nginx.rb +96 -96
data/lib/resources/nginx_conf.rb +227 -227
data/lib/resources/npm.rb +48 -48
data/lib/resources/ntp_conf.rb +58 -58
data/lib/resources/oneget.rb +71 -71
data/lib/resources/oracledb_session.rb +139 -139
data/lib/resources/os.rb +36 -36
data/lib/resources/os_env.rb +76 -76
data/lib/resources/package.rb +363 -363
data/lib/resources/packages.rb +111 -111
data/lib/resources/parse_config.rb +116 -116
data/lib/resources/passwd.rb +74 -74
data/lib/resources/pip.rb +89 -89
data/lib/resources/platform.rb +109 -109
data/lib/resources/port.rb +771 -771
data/lib/resources/postgres.rb +130 -130
data/lib/resources/postgres_conf.rb +121 -121
data/lib/resources/postgres_hba_conf.rb +100 -100
data/lib/resources/postgres_ident_conf.rb +78 -78
data/lib/resources/postgres_session.rb +71 -71
data/lib/resources/powershell.rb +57 -57
data/lib/resources/processes.rb +204 -204
data/lib/resources/rabbitmq_conf.rb +52 -52
data/lib/resources/registry_key.rb +296 -296
data/lib/resources/security_policy.rb +180 -180
data/lib/resources/service.rb +789 -789
data/lib/resources/shadow.rb +140 -140
data/lib/resources/ssh_conf.rb +102 -102
data/lib/resources/ssl.rb +99 -99
data/lib/resources/sys_info.rb +28 -28
data/lib/resources/toml.rb +32 -32
data/lib/resources/users.rb +654 -654
data/lib/resources/vbscript.rb +69 -69
data/lib/resources/virtualization.rb +251 -251
data/lib/resources/windows_feature.rb +84 -84
data/lib/resources/windows_hotfix.rb +35 -35
data/lib/resources/windows_task.rb +105 -105
data/lib/resources/wmi.rb +113 -113
data/lib/resources/x509_certificate.rb +143 -143
data/lib/resources/xinetd.rb +111 -111
data/lib/resources/xml.rb +46 -46
data/lib/resources/yaml.rb +47 -47
data/lib/resources/yum.rb +180 -180
data/lib/resources/zfs_dataset.rb +60 -60
data/lib/resources/zfs_pool.rb +49 -49
data/lib/source_readers/flat.rb +39 -39
data/lib/source_readers/inspec.rb +75 -75
data/lib/utils/command_wrapper.rb +27 -27
data/lib/utils/convert.rb +12 -12
data/lib/utils/database_helpers.rb +77 -77
data/lib/utils/erlang_parser.rb +192 -192
data/lib/utils/filter.rb +272 -272
data/lib/utils/filter_array.rb +27 -27
data/lib/utils/find_files.rb +44 -44
data/lib/utils/hash.rb +41 -41
data/lib/utils/json_log.rb +18 -18
data/lib/utils/latest_version.rb +22 -22
data/lib/utils/modulator.rb +12 -12
data/lib/utils/nginx_parser.rb +85 -85
data/lib/utils/object_traversal.rb +49 -49
data/lib/utils/parser.rb +274 -274
data/lib/utils/plugin_registry.rb +93 -93
data/lib/utils/simpleconfig.rb +120 -120
data/lib/utils/spdx.rb +13 -13
data/lib/utils/spdx.txt +343 -343
metadata +1 -1

data/docs/resources/aws_iam_groups.md.erb CHANGED

@@ -1,43 +1,43 @@
----
-title: About the aws_iam_groups Resource
-platform: aws
----
-# aws\_iam\_groups
-Use the `aws_iam_groups` InSpec audit resource to test properties of all or multiple groups.
-To test properties of a single group, use the `aws_iam_group` resource.
-<br>
-## Syntax
-An `aws_iam_groups` resource block uses an optional filter to select a collection of IAM groups and then tests that collection.
-    # The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
-    describe aws_iam_groups do
-      it { should exist }
-    end
-<br>
-## Examples
-The following examples show how to use this InSpec audit resource.
-As this is the initial release of `aws_iam_groups`, its limited functionality precludes examples.
-<br>
-## Matchers
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-### exists
-The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
-    describe aws_iam_groups
-      it { should exist }
-    end
+---
+title: About the aws_iam_groups Resource
+platform: aws
+---
+# aws\_iam\_groups
+Use the `aws_iam_groups` InSpec audit resource to test properties of all or multiple groups.
+To test properties of a single group, use the `aws_iam_group` resource.
+<br>
+## Syntax
+An `aws_iam_groups` resource block uses an optional filter to select a collection of IAM groups and then tests that collection.
+    # The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+    describe aws_iam_groups do
+      it { should exist }
+    end
+<br>
+## Examples
+The following examples show how to use this InSpec audit resource.
+As this is the initial release of `aws_iam_groups`, its limited functionality precludes examples.
+<br>
+## Matchers
+For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+### exists
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+    describe aws_iam_groups
+      it { should exist }
+    end

data/docs/resources/aws_iam_password_policy.md.erb CHANGED

@@ -1,76 +1,76 @@
----
-title: About the aws_iam_password_policy Resource
-platform: aws
----
-# aws\_iam\_password\_policy
-Use the `aws_iam_password_policy` InSpec audit resource to test properties of the AWS IAM Password Policy.
-<br>
-## Syntax
-An `aws_iam_password_policy` resource block takes no parameters.  Several properties and matchers are available.
-    describe aws_iam_password_policy do
-      it { should require_lowercase_characters }
-    end
-<br>
-## Properties
-* `max_password_age_in_days`,  `minimum_password_length`, `number_of_passwords_to_remember`
-## Examples
-The following examples show how to use this InSpec audit resource.
-### Test that the IAM Password Policy requires lowercase characters, uppercase characters, numbers, symbols, and a minimum length greater than eight
-    describe aws_iam_password_policy do
-      it { should require_lowercase_characters }
-      it { should require_uppercase_characters }
-      it { should require_symbols }
-      it { should require_numbers }
-      its('minimum_password_length') { should be > 8 }
-    end
-### Test that the IAM Password Policy allows users to change their password
-    describe aws_iam_password_policy do
-      it { should allow_users_to_change_passwords }
-    end
-### Test that the IAM Password Policy expires passwords
-    describe aws_iam_password_policy do
-      it { should expire_passwords }
-    end
-### Test that the IAM Password Policy has a max password age
-    describe aws_iam_password_policy do
-      its('max_password_age_in_days') { should be 90 }
-    end
-### Test that the IAM Password Policy prevents password reuse
-    describe aws_iam_password_policy do
-      it { should prevent_password_reuse }
-    end
-### Test that the IAM Password Policy requires users to remember 3 previous passwords
-    describe aws_iam_password_policy do
-      its('number_of_passwords_to_remember') { should eq 3 }
-    end
-<br>
-## Matchers
-This resource uses the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-* `allows_users_to_change_passwords`, `expire_passwords`, `prevent_password_reuse`, `require_lowercase_characters` , `require_uppercase_characters`, `require_numbers`, `require_symbols`
+---
+title: About the aws_iam_password_policy Resource
+platform: aws
+---
+# aws\_iam\_password\_policy
+Use the `aws_iam_password_policy` InSpec audit resource to test properties of the AWS IAM Password Policy.
+<br>
+## Syntax
+An `aws_iam_password_policy` resource block takes no parameters. Several properties and matchers are available.
+    describe aws_iam_password_policy do
+      it { should require_lowercase_characters }
+    end
+<br>
+## Properties
+* `max_password_age_in_days`, `minimum_password_length`, `number_of_passwords_to_remember`
+## Examples
+The following examples show how to use this InSpec audit resource.
+### Test that the IAM Password Policy requires lowercase characters, uppercase characters, numbers, symbols, and a minimum length greater than eight
+    describe aws_iam_password_policy do
+      it { should require_lowercase_characters }
+      it { should require_uppercase_characters }
+      it { should require_symbols }
+      it { should require_numbers }
+      its('minimum_password_length') { should be > 8 }
+    end
+### Test that the IAM Password Policy allows users to change their password
+    describe aws_iam_password_policy do
+      it { should allow_users_to_change_passwords }
+    end
+### Test that the IAM Password Policy expires passwords
+    describe aws_iam_password_policy do
+      it { should expire_passwords }
+    end
+### Test that the IAM Password Policy has a max password age
+    describe aws_iam_password_policy do
+      its('max_password_age_in_days') { should be 90 }
+    end
+### Test that the IAM Password Policy prevents password reuse
+    describe aws_iam_password_policy do
+      it { should prevent_password_reuse }
+    end
+### Test that the IAM Password Policy requires users to remember 3 previous passwords
+    describe aws_iam_password_policy do
+      its('number_of_passwords_to_remember') { should eq 3 }
+    end
+<br>
+## Matchers
+This resource uses the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+* `allows_users_to_change_passwords`, `expire_passwords`, `prevent_password_reuse`, `require_lowercase_characters` , `require_uppercase_characters`, `require_numbers`, `require_symbols`

data/docs/resources/aws_iam_policies.md.erb CHANGED

@@ -1,82 +1,82 @@
----
-title: About the aws_iam_policies Resource
-platform: aws
----
-# aws\_iam\_policies
-Use the `aws_iam_policies` InSpec audit resource to test properties of some or all AWS IAM Policies.
-A policy is an entity in AWS that, when attached to an identity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine if the request is allowed or denied.
-Each IAM Policy is uniquely identified by either its `policy_name` or `arn`.
-<br>
-## Syntax
-An `aws_iam_policies` resource block collects a group of IAM Policies and then tests that group.
-    # Verify the policy specified by the policy name is included in IAM Policies in the AWS account.
-    describe aws_iam_policies do
-      its('policy_names') { should include('test-policy-1') }
-    end
-<br>
-## Examples
-The following examples show how to use this InSpec audit resource.
-As this is the initial release of `aws_iam_policies`, its limited functionality precludes examples.
-<br>
-## Properties
-* `arns`, `entries`, `policy_names`
-<br>
-## Property Examples
-### policy\_names
-Provides a list of policy names for all IAM Policies in the AWS account.
-    describe aws_iam_policies do
-      its('policy_names') { should include('test-policy-1') }
-    end
-### arns
-Provides a list of policy arns for all IAM Policies in the AWS account.
-    describe aws_iam_policies do
-      its('arns') { should include('arn:aws:iam::aws:policy/test-policy-1') }
-    end
-### entries
-Provides access to the raw results of the query.  This can be useful for checking counts and other advanced operations.
-    # Allow at most 100 IAM Policies on the account
-    describe aws_iam_policies do
-      its('entries.count') { should be <= 100}
-    end
-<br>
-## Matchers
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-### exists
-The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
-    # Verify that at least one IAM Policies exists.
-    describe aws_iam_policies
-      it { should exist }
-    end
+---
+title: About the aws_iam_policies Resource
+platform: aws
+---
+# aws\_iam\_policies
+Use the `aws_iam_policies` InSpec audit resource to test properties of some or all AWS IAM Policies.
+A policy is an entity in AWS that, when attached to an identity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine if the request is allowed or denied.
+Each IAM Policy is uniquely identified by either its `policy_name` or `arn`.
+<br>
+## Syntax
+An `aws_iam_policies` resource block collects a group of IAM Policies and then tests that group.
+    # Verify the policy specified by the policy name is included in IAM Policies in the AWS account.
+    describe aws_iam_policies do
+      its('policy_names') { should include('test-policy-1') }
+    end
+<br>
+## Examples
+The following examples show how to use this InSpec audit resource.
+As this is the initial release of `aws_iam_policies`, its limited functionality precludes examples.
+<br>
+## Properties
+* `arns`, `entries`, `policy_names`
+<br>
+## Property Examples
+### policy\_names
+Provides a list of policy names for all IAM Policies in the AWS account.
+    describe aws_iam_policies do
+      its('policy_names') { should include('test-policy-1') }
+    end
+### arns
+Provides a list of policy arns for all IAM Policies in the AWS account.
+    describe aws_iam_policies do
+      its('arns') { should include('arn:aws:iam::aws:policy/test-policy-1') }
+    end
+### entries
+Provides access to the raw results of the query. This can be useful for checking counts and other advanced operations.
+    # Allow at most 100 IAM Policies on the account
+    describe aws_iam_policies do
+      its('entries.count') { should be <= 100}
+    end
+<br>
+## Matchers
+For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+### exists
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+    # Verify that at least one IAM Policies exists.
+    describe aws_iam_policies
+      it { should exist }
+    end

data/docs/resources/aws_iam_policy.md.erb CHANGED

@@ -1,146 +1,146 @@
----
-title: About the aws_iam_policy Resource
-platform: aws
----
-# aws\_iam\_policy
-Use the `aws_iam_policy` InSpec audit resource to test properties of a single managed AWS IAM Policy.
-A policy is an entity in AWS that, when attached to an identity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine if the request is allowed or denied.
-Each IAM Policy is uniquely identified by either its policy_name or arn.
-<br>
-## Syntax
-An `aws_iam_policy` resource block identifies a policy by policy name.
-    # Find a policy by name
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should exist }
-    end
-    # Find a customer-managed by name
-    describe aws_iam_policy('customer-managed-policy') do
-      it { should exist }
-    end
-    # Hash syntax for policy name
-    describe aws_iam_policy(policy_name: 'AWSSupportAccess') do
-      it { should exist }
-    end
-<br>
-## Examples
-The following examples show how to use this InSpec audit resource.
-### Test that a policy does exist
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should exist }
-    end
-### Test that a policy is attached to at least one entity
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should be_attached }
-    end
-<br>
-## Properties
-* `arn`, `attachment_count`, `attached_groups`, `attached_roles`,`attached_users`, `default_version_id`
-## Property Examples
-### arn
-"The ARN identifier of the specified policy. An ARN uniquely identifies the policy within AWS."
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('arn') { should cmp "arn:aws:iam::aws:policy/AWSSupportAccess" }
-    end
-### attachment\_count
-The count of attached entities for the specified policy.
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('attachment_count') { should cmp 1 }
-    end
-### attached\_groups
-The list of groupnames of the groups attached to the policy.
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('attached_groups') { should include "test-group" }
-    end
-### attached\_roles
-The list of rolenames of the roles attached to the policy.
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('attached_roles') { should include "test-role" }
-    end
-### attached\_users
-The list of usernames of the users attached to the policy.
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('attached_users') { should include "test-user" }
-    end
-### default\_version\_id
-The 'default_version_id' value of the specified policy.
-    describe aws_iam_policy('AWSSupportAccess') do
-      its('default_version_id') { should cmp "v1" }
-    end
-## Matchers
-This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-### be\_attached
-The test will pass if the identified policy is attached to at least one IAM user, group, or role.
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should be_attached }
-    end
-### be\_attached\_to\_group(GROUPNAME)
-The test will pass if the identified policy attached the specified group.
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should be_attached_to_group(GROUPNAME) }
-    end
-### be\_attached\_to\_user(USERNAME)
-The test will pass if the identified policy attached the specified user.
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should be_attached_to_user(USERNAME) }
-    end
-### be\_attached\_to\_role(ROLENAME)
-The test will pass if the identified policy attached the specified role.
-    describe aws_iam_policy('AWSSupportAccess') do
-      it { should be_attached_to_role(ROLENAME) }
-    end
+---
+title: About the aws_iam_policy Resource
+platform: aws
+---
+# aws\_iam\_policy
+Use the `aws_iam_policy` InSpec audit resource to test properties of a single managed AWS IAM Policy.
+A policy is an entity in AWS that, when attached to an identity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine if the request is allowed or denied.
+Each IAM Policy is uniquely identified by either its policy_name or arn.
+<br>
+## Syntax
+An `aws_iam_policy` resource block identifies a policy by policy name.
+    # Find a policy by name
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should exist }
+    end
+    # Find a customer-managed by name
+    describe aws_iam_policy('customer-managed-policy') do
+      it { should exist }
+    end
+    # Hash syntax for policy name
+    describe aws_iam_policy(policy_name: 'AWSSupportAccess') do
+      it { should exist }
+    end
+<br>
+## Examples
+The following examples show how to use this InSpec audit resource.
+### Test that a policy does exist
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should exist }
+    end
+### Test that a policy is attached to at least one entity
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should be_attached }
+    end
+<br>
+## Properties
+* `arn`, `attachment_count`, `attached_groups`, `attached_roles`,`attached_users`, `default_version_id`
+## Property Examples
+### arn
+"The ARN identifier of the specified policy. An ARN uniquely identifies the policy within AWS."
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('arn') { should cmp "arn:aws:iam::aws:policy/AWSSupportAccess" }
+    end
+### attachment\_count
+The count of attached entities for the specified policy.
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('attachment_count') { should cmp 1 }
+    end
+### attached\_groups
+The list of groupnames of the groups attached to the policy.
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('attached_groups') { should include "test-group" }
+    end
+### attached\_roles
+The list of rolenames of the roles attached to the policy.
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('attached_roles') { should include "test-role" }
+    end
+### attached\_users
+The list of usernames of the users attached to the policy.
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('attached_users') { should include "test-user" }
+    end
+### default\_version\_id
+The 'default_version_id' value of the specified policy.
+    describe aws_iam_policy('AWSSupportAccess') do
+      its('default_version_id') { should cmp "v1" }
+    end
+## Matchers
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
+### be\_attached
+The test will pass if the identified policy is attached to at least one IAM user, group, or role.
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should be_attached }
+    end
+### be\_attached\_to\_group(GROUPNAME)
+The test will pass if the identified policy attached the specified group.
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should be_attached_to_group(GROUPNAME) }
+    end
+### be\_attached\_to\_user(USERNAME)
+The test will pass if the identified policy attached the specified user.
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should be_attached_to_user(USERNAME) }
+    end
+### be\_attached\_to\_role(ROLENAME)
+The test will pass if the identified policy attached the specified role.
+    describe aws_iam_policy('AWSSupportAccess') do
+      it { should be_attached_to_role(ROLENAME) }
+    end