inspec 2.1.21 → 2.1.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +101 -101
- data/CHANGELOG.md +3062 -3045
- data/Gemfile +56 -56
- data/LICENSE +14 -14
- data/MAINTAINERS.md +33 -33
- data/MAINTAINERS.toml +52 -52
- data/README.md +447 -447
- data/Rakefile +322 -322
- data/bin/inspec +12 -12
- data/docs/.gitignore +2 -2
- data/docs/README.md +40 -40
- data/docs/dsl_inspec.md +258 -258
- data/docs/dsl_resource.md +100 -100
- data/docs/glossary.md +99 -99
- data/docs/habitat.md +191 -191
- data/docs/inspec_and_friends.md +114 -114
- data/docs/matchers.md +169 -169
- data/docs/migration.md +293 -293
- data/docs/platforms.md +118 -118
- data/docs/plugin_kitchen_inspec.md +50 -50
- data/docs/profiles.md +376 -376
- data/docs/reporters.md +105 -105
- data/docs/resources/aide_conf.md.erb +75 -75
- data/docs/resources/apache.md.erb +67 -67
- data/docs/resources/apache_conf.md.erb +68 -68
- data/docs/resources/apt.md.erb +71 -71
- data/docs/resources/audit_policy.md.erb +47 -47
- data/docs/resources/auditd.md.erb +79 -79
- data/docs/resources/auditd_conf.md.erb +68 -68
- data/docs/resources/aws_cloudtrail_trail.md.erb +140 -140
- data/docs/resources/aws_cloudtrail_trails.md.erb +81 -81
- data/docs/resources/aws_cloudwatch_alarm.md.erb +86 -86
- data/docs/resources/aws_cloudwatch_log_metric_filter.md.erb +151 -151
- data/docs/resources/aws_config_delivery_channel.md +79 -79
- data/docs/resources/aws_config_recorder.md.erb +71 -71
- data/docs/resources/aws_ec2_instance.md.erb +106 -106
- data/docs/resources/aws_iam_access_key.md.erb +123 -123
- data/docs/resources/aws_iam_access_keys.md.erb +198 -198
- data/docs/resources/aws_iam_group.md.erb +46 -46
- data/docs/resources/aws_iam_groups.md.erb +43 -43
- data/docs/resources/aws_iam_password_policy.md.erb +76 -76
- data/docs/resources/aws_iam_policies.md.erb +82 -82
- data/docs/resources/aws_iam_policy.md.erb +144 -144
- data/docs/resources/aws_iam_role.md.erb +63 -63
- data/docs/resources/aws_iam_root_user.md.erb +70 -58
- data/docs/resources/aws_iam_user.md.erb +64 -64
- data/docs/resources/aws_iam_users.md.erb +89 -89
- data/docs/resources/aws_kms_key.md.erb +171 -171
- data/docs/resources/aws_kms_keys.md.erb +84 -84
- data/docs/resources/aws_rds_instance.md.erb +60 -60
- data/docs/resources/aws_route_table.md.erb +47 -47
- data/docs/resources/aws_route_tables.md.erb +49 -0
- data/docs/resources/aws_s3_bucket.md.erb +134 -134
- data/docs/resources/aws_s3_bucket_object.md.erb +83 -83
- data/docs/resources/aws_s3_buckets.md.erb +53 -0
- data/docs/resources/aws_security_group.md.erb +151 -151
- data/docs/resources/aws_security_groups.md.erb +91 -91
- data/docs/resources/aws_sns_subscription.md.erb +124 -124
- data/docs/resources/aws_sns_topic.md.erb +63 -63
- data/docs/resources/aws_sns_topics.md.erb +52 -52
- data/docs/resources/aws_subnet.md.erb +134 -134
- data/docs/resources/aws_subnets.md.erb +126 -126
- data/docs/resources/aws_vpc.md.erb +120 -120
- data/docs/resources/aws_vpcs.md.erb +48 -48
- data/docs/resources/azure_generic_resource.md.erb +171 -171
- data/docs/resources/azure_resource_group.md.erb +284 -284
- data/docs/resources/azure_virtual_machine.md.erb +347 -347
- data/docs/resources/azure_virtual_machine_data_disk.md.erb +224 -224
- data/docs/resources/bash.md.erb +75 -75
- data/docs/resources/bond.md.erb +90 -90
- data/docs/resources/bridge.md.erb +57 -57
- data/docs/resources/bsd_service.md.erb +67 -67
- data/docs/resources/chocolatey_package.md.erb +58 -0
- data/docs/resources/command.md.erb +138 -138
- data/docs/resources/cpan.md.erb +79 -79
- data/docs/resources/cran.md.erb +64 -64
- data/docs/resources/crontab.md.erb +89 -89
- data/docs/resources/csv.md.erb +54 -54
- data/docs/resources/dh_params.md.erb +205 -205
- data/docs/resources/directory.md.erb +30 -30
- data/docs/resources/docker.md.erb +219 -219
- data/docs/resources/docker_container.md.erb +103 -103
- data/docs/resources/docker_image.md.erb +94 -94
- data/docs/resources/docker_service.md.erb +114 -114
- data/docs/resources/elasticsearch.md.erb +242 -242
- data/docs/resources/etc_fstab.md.erb +125 -125
- data/docs/resources/etc_group.md.erb +75 -75
- data/docs/resources/etc_hosts.md.erb +78 -78
- data/docs/resources/etc_hosts_allow.md.erb +74 -74
- data/docs/resources/etc_hosts_deny.md.erb +74 -74
- data/docs/resources/file.md.erb +526 -526
- data/docs/resources/filesystem.md.erb +41 -41
- data/docs/resources/firewalld.md.erb +107 -107
- data/docs/resources/gem.md.erb +79 -79
- data/docs/resources/group.md.erb +61 -61
- data/docs/resources/grub_conf.md.erb +101 -101
- data/docs/resources/host.md.erb +86 -86
- data/docs/resources/http.md.erb +196 -196
- data/docs/resources/iis_app.md.erb +122 -122
- data/docs/resources/iis_site.md.erb +135 -135
- data/docs/resources/inetd_conf.md.erb +94 -94
- data/docs/resources/ini.md.erb +76 -76
- data/docs/resources/interface.md.erb +58 -58
- data/docs/resources/iptables.md.erb +64 -64
- data/docs/resources/json.md.erb +63 -63
- data/docs/resources/kernel_module.md.erb +120 -120
- data/docs/resources/kernel_parameter.md.erb +53 -53
- data/docs/resources/key_rsa.md.erb +85 -85
- data/docs/resources/launchd_service.md.erb +57 -57
- data/docs/resources/limits_conf.md.erb +75 -75
- data/docs/resources/login_defs.md.erb +71 -71
- data/docs/resources/mount.md.erb +69 -69
- data/docs/resources/mssql_session.md.erb +60 -60
- data/docs/resources/mysql_conf.md.erb +99 -99
- data/docs/resources/mysql_session.md.erb +74 -74
- data/docs/resources/nginx.md.erb +79 -79
- data/docs/resources/nginx_conf.md.erb +138 -138
- data/docs/resources/npm.md.erb +60 -60
- data/docs/resources/ntp_conf.md.erb +60 -60
- data/docs/resources/oneget.md.erb +53 -53
- data/docs/resources/oracledb_session.md.erb +52 -52
- data/docs/resources/os.md.erb +141 -141
- data/docs/resources/os_env.md.erb +78 -78
- data/docs/resources/package.md.erb +120 -120
- data/docs/resources/packages.md.erb +67 -67
- data/docs/resources/parse_config.md.erb +103 -103
- data/docs/resources/parse_config_file.md.erb +138 -138
- data/docs/resources/passwd.md.erb +141 -141
- data/docs/resources/pip.md.erb +67 -67
- data/docs/resources/port.md.erb +137 -137
- data/docs/resources/postgres_conf.md.erb +79 -79
- data/docs/resources/postgres_hba_conf.md.erb +93 -93
- data/docs/resources/postgres_ident_conf.md.erb +76 -76
- data/docs/resources/postgres_session.md.erb +69 -69
- data/docs/resources/powershell.md.erb +102 -102
- data/docs/resources/processes.md.erb +109 -109
- data/docs/resources/rabbitmq_config.md.erb +41 -41
- data/docs/resources/registry_key.md.erb +158 -158
- data/docs/resources/runit_service.md.erb +57 -57
- data/docs/resources/security_policy.md.erb +47 -47
- data/docs/resources/service.md.erb +121 -121
- data/docs/resources/shadow.md.erb +146 -146
- data/docs/resources/ssh_config.md.erb +73 -73
- data/docs/resources/sshd_config.md.erb +83 -83
- data/docs/resources/ssl.md.erb +119 -119
- data/docs/resources/sys_info.md.erb +42 -42
- data/docs/resources/systemd_service.md.erb +57 -57
- data/docs/resources/sysv_service.md.erb +57 -57
- data/docs/resources/upstart_service.md.erb +57 -57
- data/docs/resources/user.md.erb +140 -140
- data/docs/resources/users.md.erb +127 -127
- data/docs/resources/vbscript.md.erb +55 -55
- data/docs/resources/virtualization.md.erb +57 -57
- data/docs/resources/windows_feature.md.erb +47 -47
- data/docs/resources/windows_hotfix.md.erb +53 -53
- data/docs/resources/windows_task.md.erb +95 -95
- data/docs/resources/wmi.md.erb +81 -81
- data/docs/resources/x509_certificate.md.erb +151 -151
- data/docs/resources/xinetd_conf.md.erb +156 -156
- data/docs/resources/xml.md.erb +85 -85
- data/docs/resources/yaml.md.erb +69 -69
- data/docs/resources/yum.md.erb +98 -98
- data/docs/resources/zfs_dataset.md.erb +53 -53
- data/docs/resources/zfs_pool.md.erb +47 -47
- data/docs/ruby_usage.md +203 -203
- data/docs/shared/matcher_be.md.erb +1 -1
- data/docs/shared/matcher_cmp.md.erb +43 -43
- data/docs/shared/matcher_eq.md.erb +3 -3
- data/docs/shared/matcher_include.md.erb +1 -1
- data/docs/shared/matcher_match.md.erb +1 -1
- data/docs/shell.md +217 -217
- data/examples/README.md +8 -8
- data/examples/inheritance/README.md +65 -65
- data/examples/inheritance/controls/example.rb +14 -14
- data/examples/inheritance/inspec.yml +15 -15
- data/examples/kitchen-ansible/.kitchen.yml +25 -25
- data/examples/kitchen-ansible/Gemfile +19 -19
- data/examples/kitchen-ansible/README.md +53 -53
- data/examples/kitchen-ansible/files/nginx.repo +6 -6
- data/examples/kitchen-ansible/tasks/main.yml +16 -16
- data/examples/kitchen-ansible/test/integration/default/default.yml +5 -5
- data/examples/kitchen-ansible/test/integration/default/web_spec.rb +28 -28
- data/examples/kitchen-chef/.kitchen.yml +20 -20
- data/examples/kitchen-chef/Berksfile +3 -3
- data/examples/kitchen-chef/Gemfile +19 -19
- data/examples/kitchen-chef/README.md +27 -27
- data/examples/kitchen-chef/metadata.rb +7 -7
- data/examples/kitchen-chef/recipes/default.rb +6 -6
- data/examples/kitchen-chef/recipes/nginx.rb +30 -30
- data/examples/kitchen-chef/test/integration/default/web_spec.rb +28 -28
- data/examples/kitchen-puppet/.kitchen.yml +22 -22
- data/examples/kitchen-puppet/Gemfile +20 -20
- data/examples/kitchen-puppet/Puppetfile +25 -25
- data/examples/kitchen-puppet/README.md +53 -53
- data/examples/kitchen-puppet/manifests/site.pp +33 -33
- data/examples/kitchen-puppet/metadata.json +11 -11
- data/examples/kitchen-puppet/test/integration/default/web_spec.rb +28 -28
- data/examples/meta-profile/README.md +37 -37
- data/examples/meta-profile/controls/example.rb +13 -13
- data/examples/meta-profile/inspec.yml +13 -13
- data/examples/profile-attribute.yml +2 -2
- data/examples/profile-attribute/README.md +14 -14
- data/examples/profile-attribute/controls/example.rb +11 -11
- data/examples/profile-attribute/inspec.yml +8 -8
- data/examples/profile-aws/controls/iam_password_policy_expiration.rb +8 -8
- data/examples/profile-aws/controls/iam_password_policy_max_age.rb +8 -8
- data/examples/profile-aws/controls/iam_root_user_mfa.rb +8 -8
- data/examples/profile-aws/controls/iam_users_access_key_age.rb +8 -8
- data/examples/profile-aws/controls/iam_users_console_users_mfa.rb +8 -8
- data/examples/profile-aws/inspec.yml +11 -11
- data/examples/profile-azure/controls/azure_resource_group_example.rb +24 -24
- data/examples/profile-azure/controls/azure_vm_example.rb +29 -29
- data/examples/profile-azure/inspec.yml +11 -11
- data/examples/profile-sensitive/README.md +29 -29
- data/examples/profile-sensitive/controls/sensitive-failures.rb +9 -9
- data/examples/profile-sensitive/controls/sensitive.rb +9 -9
- data/examples/profile-sensitive/inspec.yml +8 -8
- data/examples/profile/README.md +48 -48
- data/examples/profile/controls/example.rb +23 -23
- data/examples/profile/controls/gordon.rb +36 -36
- data/examples/profile/controls/meta.rb +34 -34
- data/examples/profile/inspec.yml +10 -10
- data/examples/profile/libraries/gordon_config.rb +59 -53
- data/inspec.gemspec +47 -47
- data/lib/bundles/README.md +3 -3
- data/lib/bundles/inspec-artifact.rb +7 -7
- data/lib/bundles/inspec-artifact/README.md +1 -1
- data/lib/bundles/inspec-artifact/cli.rb +277 -277
- data/lib/bundles/inspec-compliance.rb +16 -16
- data/lib/bundles/inspec-compliance/.kitchen.yml +20 -20
- data/lib/bundles/inspec-compliance/README.md +185 -185
- data/lib/bundles/inspec-compliance/api.rb +316 -316
- data/lib/bundles/inspec-compliance/api/login.rb +152 -152
- data/lib/bundles/inspec-compliance/bootstrap.sh +41 -41
- data/lib/bundles/inspec-compliance/cli.rb +254 -254
- data/lib/bundles/inspec-compliance/configuration.rb +103 -103
- data/lib/bundles/inspec-compliance/http.rb +86 -86
- data/lib/bundles/inspec-compliance/support.rb +36 -36
- data/lib/bundles/inspec-compliance/target.rb +98 -98
- data/lib/bundles/inspec-compliance/test/integration/default/cli.rb +93 -93
- data/lib/bundles/inspec-habitat.rb +12 -12
- data/lib/bundles/inspec-habitat/cli.rb +36 -36
- data/lib/bundles/inspec-habitat/log.rb +10 -10
- data/lib/bundles/inspec-habitat/profile.rb +391 -391
- data/lib/bundles/inspec-init.rb +8 -8
- data/lib/bundles/inspec-init/README.md +31 -31
- data/lib/bundles/inspec-init/cli.rb +97 -97
- data/lib/bundles/inspec-init/templates/profile/README.md +3 -3
- data/lib/bundles/inspec-init/templates/profile/controls/example.rb +19 -19
- data/lib/bundles/inspec-init/templates/profile/inspec.yml +8 -8
- data/lib/bundles/inspec-supermarket.rb +13 -13
- data/lib/bundles/inspec-supermarket/README.md +45 -45
- data/lib/bundles/inspec-supermarket/api.rb +84 -84
- data/lib/bundles/inspec-supermarket/cli.rb +73 -73
- data/lib/bundles/inspec-supermarket/target.rb +34 -34
- data/lib/fetchers/git.rb +163 -163
- data/lib/fetchers/local.rb +74 -74
- data/lib/fetchers/mock.rb +35 -35
- data/lib/fetchers/url.rb +204 -204
- data/lib/inspec.rb +24 -24
- data/lib/inspec/archive/tar.rb +29 -29
- data/lib/inspec/archive/zip.rb +19 -19
- data/lib/inspec/backend.rb +93 -93
- data/lib/inspec/base_cli.rb +363 -357
- data/lib/inspec/cached_fetcher.rb +66 -66
- data/lib/inspec/cli.rb +292 -292
- data/lib/inspec/completions/bash.sh.erb +45 -45
- data/lib/inspec/completions/fish.sh.erb +34 -34
- data/lib/inspec/completions/zsh.sh.erb +61 -61
- data/lib/inspec/control_eval_context.rb +179 -179
- data/lib/inspec/dependencies/cache.rb +72 -72
- data/lib/inspec/dependencies/dependency_set.rb +92 -92
- data/lib/inspec/dependencies/lockfile.rb +115 -115
- data/lib/inspec/dependencies/requirement.rb +123 -123
- data/lib/inspec/dependencies/resolver.rb +86 -86
- data/lib/inspec/describe.rb +27 -27
- data/lib/inspec/dsl.rb +66 -66
- data/lib/inspec/dsl_shared.rb +33 -33
- data/lib/inspec/env_printer.rb +157 -157
- data/lib/inspec/errors.rb +14 -13
- data/lib/inspec/exceptions.rb +12 -12
- data/lib/inspec/expect.rb +45 -45
- data/lib/inspec/fetcher.rb +45 -45
- data/lib/inspec/file_provider.rb +275 -275
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +259 -250
- data/lib/inspec/formatters/json_rspec.rb +20 -20
- data/lib/inspec/formatters/show_progress.rb +12 -12
- data/lib/inspec/library_eval_context.rb +58 -58
- data/lib/inspec/log.rb +11 -11
- data/lib/inspec/metadata.rb +247 -247
- data/lib/inspec/method_source.rb +24 -24
- data/lib/inspec/objects.rb +14 -14
- data/lib/inspec/objects/attribute.rb +65 -65
- data/lib/inspec/objects/control.rb +61 -61
- data/lib/inspec/objects/describe.rb +92 -92
- data/lib/inspec/objects/each_loop.rb +36 -36
- data/lib/inspec/objects/list.rb +15 -15
- data/lib/inspec/objects/or_test.rb +40 -40
- data/lib/inspec/objects/ruby_helper.rb +15 -15
- data/lib/inspec/objects/tag.rb +27 -27
- data/lib/inspec/objects/test.rb +87 -87
- data/lib/inspec/objects/value.rb +27 -27
- data/lib/inspec/plugins.rb +60 -60
- data/lib/inspec/plugins/cli.rb +24 -24
- data/lib/inspec/plugins/fetcher.rb +86 -86
- data/lib/inspec/plugins/resource.rb +135 -135
- data/lib/inspec/plugins/secret.rb +15 -15
- data/lib/inspec/plugins/source_reader.rb +40 -40
- data/lib/inspec/polyfill.rb +12 -12
- data/lib/inspec/profile.rb +513 -513
- data/lib/inspec/profile_context.rb +208 -208
- data/lib/inspec/profile_vendor.rb +66 -66
- data/lib/inspec/reporters.rb +60 -54
- data/lib/inspec/reporters/automate.rb +76 -0
- data/lib/inspec/reporters/base.rb +25 -24
- data/lib/inspec/reporters/cli.rb +356 -356
- data/lib/inspec/reporters/json.rb +116 -116
- data/lib/inspec/reporters/json_min.rb +48 -48
- data/lib/inspec/reporters/junit.rb +77 -77
- data/lib/inspec/require_loader.rb +33 -33
- data/lib/inspec/resource.rb +187 -186
- data/lib/inspec/rule.rb +266 -266
- data/lib/inspec/runner.rb +345 -345
- data/lib/inspec/runner_mock.rb +41 -41
- data/lib/inspec/runner_rspec.rb +175 -175
- data/lib/inspec/runtime_profile.rb +26 -26
- data/lib/inspec/schema.rb +213 -213
- data/lib/inspec/secrets.rb +19 -19
- data/lib/inspec/secrets/yaml.rb +30 -30
- data/lib/inspec/shell.rb +220 -220
- data/lib/inspec/shell_detector.rb +90 -90
- data/lib/inspec/source_reader.rb +29 -29
- data/lib/inspec/version.rb +8 -8
- data/lib/matchers/matchers.rb +339 -339
- data/lib/resource_support/aws.rb +49 -47
- data/lib/resource_support/aws/aws_backend_base.rb +12 -12
- data/lib/resource_support/aws/aws_backend_factory_mixin.rb +12 -12
- data/lib/resource_support/aws/aws_plural_resource_mixin.rb +21 -21
- data/lib/resource_support/aws/aws_resource_mixin.rb +66 -66
- data/lib/resource_support/aws/aws_singular_resource_mixin.rb +24 -24
- data/lib/resources/aide_conf.rb +151 -151
- data/lib/resources/apache.rb +48 -48
- data/lib/resources/apache_conf.rb +149 -149
- data/lib/resources/apt.rb +149 -149
- data/lib/resources/audit_policy.rb +63 -63
- data/lib/resources/auditd.rb +231 -231
- data/lib/resources/auditd_conf.rb +46 -46
- data/lib/resources/aws/aws_cloudtrail_trail.rb +77 -77
- data/lib/resources/aws/aws_cloudtrail_trails.rb +47 -47
- data/lib/resources/aws/aws_cloudwatch_alarm.rb +62 -62
- data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +100 -100
- data/lib/resources/aws/aws_config_delivery_channel.rb +76 -76
- data/lib/resources/aws/aws_config_recorder.rb +98 -98
- data/lib/resources/aws/aws_ec2_instance.rb +157 -157
- data/lib/resources/aws/aws_iam_access_key.rb +106 -106
- data/lib/resources/aws/aws_iam_access_keys.rb +149 -149
- data/lib/resources/aws/aws_iam_group.rb +56 -56
- data/lib/resources/aws/aws_iam_groups.rb +52 -52
- data/lib/resources/aws/aws_iam_password_policy.rb +116 -116
- data/lib/resources/aws/aws_iam_policies.rb +53 -53
- data/lib/resources/aws/aws_iam_policy.rb +125 -125
- data/lib/resources/aws/aws_iam_role.rb +51 -51
- data/lib/resources/aws/aws_iam_root_user.rb +78 -60
- data/lib/resources/aws/aws_iam_user.rb +111 -111
- data/lib/resources/aws/aws_iam_users.rb +108 -108
- data/lib/resources/aws/aws_kms_key.rb +96 -96
- data/lib/resources/aws/aws_kms_keys.rb +53 -53
- data/lib/resources/aws/aws_rds_instance.rb +71 -71
- data/lib/resources/aws/aws_route_table.rb +63 -63
- data/lib/resources/aws/aws_route_tables.rb +60 -0
- data/lib/resources/aws/aws_s3_bucket.rb +115 -115
- data/lib/resources/aws/aws_s3_bucket_object.rb +82 -82
- data/lib/resources/aws/aws_s3_buckets.rb +51 -0
- data/lib/resources/aws/aws_security_group.rb +93 -93
- data/lib/resources/aws/aws_security_groups.rb +68 -68
- data/lib/resources/aws/aws_sns_subscription.rb +78 -78
- data/lib/resources/aws/aws_sns_topic.rb +53 -53
- data/lib/resources/aws/aws_sns_topics.rb +56 -56
- data/lib/resources/aws/aws_subnet.rb +88 -88
- data/lib/resources/aws/aws_subnets.rb +53 -53
- data/lib/resources/aws/aws_vpc.rb +69 -69
- data/lib/resources/aws/aws_vpcs.rb +45 -45
- data/lib/resources/azure/azure_backend.rb +377 -377
- data/lib/resources/azure/azure_generic_resource.rb +59 -59
- data/lib/resources/azure/azure_resource_group.rb +152 -152
- data/lib/resources/azure/azure_virtual_machine.rb +264 -264
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +134 -134
- data/lib/resources/bash.rb +35 -35
- data/lib/resources/bond.rb +69 -69
- data/lib/resources/bridge.rb +122 -122
- data/lib/resources/chocolatey_package.rb +78 -0
- data/lib/resources/command.rb +73 -73
- data/lib/resources/cpan.rb +58 -58
- data/lib/resources/cran.rb +64 -64
- data/lib/resources/crontab.rb +169 -169
- data/lib/resources/csv.rb +56 -56
- data/lib/resources/dh_params.rb +77 -77
- data/lib/resources/directory.rb +25 -25
- data/lib/resources/docker.rb +236 -236
- data/lib/resources/docker_container.rb +89 -89
- data/lib/resources/docker_image.rb +83 -83
- data/lib/resources/docker_object.rb +57 -57
- data/lib/resources/docker_service.rb +90 -90
- data/lib/resources/elasticsearch.rb +169 -169
- data/lib/resources/etc_fstab.rb +94 -94
- data/lib/resources/etc_group.rb +152 -152
- data/lib/resources/etc_hosts.rb +66 -66
- data/lib/resources/etc_hosts_allow_deny.rb +112 -112
- data/lib/resources/file.rb +298 -298
- data/lib/resources/filesystem.rb +31 -31
- data/lib/resources/firewalld.rb +143 -143
- data/lib/resources/gem.rb +70 -70
- data/lib/resources/groups.rb +215 -215
- data/lib/resources/grub_conf.rb +227 -227
- data/lib/resources/host.rb +306 -306
- data/lib/resources/http.rb +253 -253
- data/lib/resources/iis_app.rb +101 -101
- data/lib/resources/iis_site.rb +148 -148
- data/lib/resources/inetd_conf.rb +54 -54
- data/lib/resources/ini.rb +29 -29
- data/lib/resources/interface.rb +129 -129
- data/lib/resources/iptables.rb +80 -80
- data/lib/resources/json.rb +107 -107
- data/lib/resources/kernel_module.rb +107 -107
- data/lib/resources/kernel_parameter.rb +58 -58
- data/lib/resources/key_rsa.rb +61 -61
- data/lib/resources/limits_conf.rb +46 -46
- data/lib/resources/login_def.rb +57 -57
- data/lib/resources/mount.rb +88 -88
- data/lib/resources/mssql_session.rb +101 -101
- data/lib/resources/mysql.rb +82 -81
- data/lib/resources/mysql_conf.rb +127 -127
- data/lib/resources/mysql_session.rb +85 -85
- data/lib/resources/nginx.rb +96 -96
- data/lib/resources/nginx_conf.rb +226 -226
- data/lib/resources/npm.rb +48 -48
- data/lib/resources/ntp_conf.rb +51 -51
- data/lib/resources/oneget.rb +71 -71
- data/lib/resources/oracledb_session.rb +139 -139
- data/lib/resources/os.rb +36 -36
- data/lib/resources/os_env.rb +75 -75
- data/lib/resources/package.rb +370 -370
- data/lib/resources/packages.rb +111 -111
- data/lib/resources/parse_config.rb +112 -112
- data/lib/resources/passwd.rb +76 -76
- data/lib/resources/pip.rb +130 -130
- data/lib/resources/platform.rb +109 -109
- data/lib/resources/port.rb +771 -771
- data/lib/resources/postgres.rb +131 -130
- data/lib/resources/postgres_conf.rb +114 -114
- data/lib/resources/postgres_hba_conf.rb +90 -90
- data/lib/resources/postgres_ident_conf.rb +79 -79
- data/lib/resources/postgres_session.rb +71 -71
- data/lib/resources/powershell.rb +66 -66
- data/lib/resources/processes.rb +204 -204
- data/lib/resources/rabbitmq_conf.rb +51 -51
- data/lib/resources/registry_key.rb +297 -297
- data/lib/resources/security_policy.rb +180 -180
- data/lib/resources/service.rb +794 -790
- data/lib/resources/shadow.rb +149 -149
- data/lib/resources/ssh_conf.rb +97 -97
- data/lib/resources/ssl.rb +99 -99
- data/lib/resources/sys_info.rb +28 -28
- data/lib/resources/toml.rb +32 -32
- data/lib/resources/users.rb +654 -654
- data/lib/resources/vbscript.rb +68 -68
- data/lib/resources/virtualization.rb +247 -247
- data/lib/resources/windows_feature.rb +84 -84
- data/lib/resources/windows_hotfix.rb +35 -35
- data/lib/resources/windows_task.rb +102 -102
- data/lib/resources/wmi.rb +110 -110
- data/lib/resources/x509_certificate.rb +137 -137
- data/lib/resources/xinetd.rb +106 -106
- data/lib/resources/xml.rb +46 -46
- data/lib/resources/yaml.rb +43 -43
- data/lib/resources/yum.rb +180 -180
- data/lib/resources/zfs_dataset.rb +60 -60
- data/lib/resources/zfs_pool.rb +49 -49
- data/lib/source_readers/flat.rb +39 -39
- data/lib/source_readers/inspec.rb +75 -75
- data/lib/utils/command_wrapper.rb +27 -27
- data/lib/utils/convert.rb +12 -12
- data/lib/utils/database_helpers.rb +77 -77
- data/lib/utils/erlang_parser.rb +192 -192
- data/lib/utils/file_reader.rb +25 -25
- data/lib/utils/filter.rb +273 -273
- data/lib/utils/filter_array.rb +27 -27
- data/lib/utils/find_files.rb +44 -44
- data/lib/utils/hash.rb +41 -41
- data/lib/utils/json_log.rb +18 -18
- data/lib/utils/latest_version.rb +22 -22
- data/lib/utils/modulator.rb +12 -12
- data/lib/utils/nginx_parser.rb +85 -85
- data/lib/utils/object_traversal.rb +49 -49
- data/lib/utils/parser.rb +274 -274
- data/lib/utils/plugin_registry.rb +93 -93
- data/lib/utils/simpleconfig.rb +120 -120
- data/lib/utils/spdx.rb +13 -13
- data/lib/utils/spdx.txt +343 -343
- metadata +9 -2
data/lib/inspec/objects/value.rb
CHANGED
|
@@ -1,27 +1,27 @@
|
|
|
1
|
-
# encoding:utf-8
|
|
2
|
-
|
|
3
|
-
module Inspec
|
|
4
|
-
class Value
|
|
5
|
-
include ::Inspec::RubyHelper
|
|
6
|
-
|
|
7
|
-
attr_accessor :qualifier
|
|
8
|
-
attr_accessor :skip
|
|
9
|
-
attr_accessor :variable
|
|
10
|
-
|
|
11
|
-
def initialize(qualifiers = [])
|
|
12
|
-
@qualifier = qualifiers
|
|
13
|
-
@variable = nil
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def to_ruby
|
|
17
|
-
res = @variable.nil? ? '' : "#{@variable} = "
|
|
18
|
-
res + @qualifier.map { |x| ruby_qualifier(x) }.join('.')
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def name_variable(cache = [])
|
|
22
|
-
@variable = Array('a'..'z').find { |x| !cache.include?(x) }
|
|
23
|
-
cache.push(@variable)
|
|
24
|
-
@variable
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
end
|
|
1
|
+
# encoding:utf-8
|
|
2
|
+
|
|
3
|
+
module Inspec
|
|
4
|
+
class Value
|
|
5
|
+
include ::Inspec::RubyHelper
|
|
6
|
+
|
|
7
|
+
attr_accessor :qualifier
|
|
8
|
+
attr_accessor :skip
|
|
9
|
+
attr_accessor :variable
|
|
10
|
+
|
|
11
|
+
def initialize(qualifiers = [])
|
|
12
|
+
@qualifier = qualifiers
|
|
13
|
+
@variable = nil
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def to_ruby
|
|
17
|
+
res = @variable.nil? ? '' : "#{@variable} = "
|
|
18
|
+
res + @qualifier.map { |x| ruby_qualifier(x) }.join('.')
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def name_variable(cache = [])
|
|
22
|
+
@variable = Array('a'..'z').find { |x| !cache.include?(x) }
|
|
23
|
+
cache.push(@variable)
|
|
24
|
+
@variable
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
data/lib/inspec/plugins.rb
CHANGED
|
@@ -1,60 +1,60 @@
|
|
|
1
|
-
# encoding: utf-8
|
|
2
|
-
# author: Dominik Richter
|
|
3
|
-
# author: Christoph Hartmann
|
|
4
|
-
|
|
5
|
-
require 'forwardable'
|
|
6
|
-
|
|
7
|
-
module Inspec
|
|
8
|
-
# Resource Plugins
|
|
9
|
-
module Plugins
|
|
10
|
-
autoload :Resource, 'inspec/plugins/resource'
|
|
11
|
-
autoload :CLI, 'inspec/plugins/cli'
|
|
12
|
-
autoload :Fetcher, 'inspec/plugins/fetcher'
|
|
13
|
-
autoload :SourceReader, 'inspec/plugins/source_reader'
|
|
14
|
-
autoload :Secret, 'inspec/plugins/secret'
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
# PLEASE NOTE: The Plugin system is an internal mechanism for connecting
|
|
18
|
-
# inspec components. Its API is currently considered in an alpha state
|
|
19
|
-
# and may change between minor version revisions. A stable plugin API will be
|
|
20
|
-
# released in the future.
|
|
21
|
-
class PluginCtl
|
|
22
|
-
extend Forwardable
|
|
23
|
-
|
|
24
|
-
attr_reader :registry
|
|
25
|
-
def_delegator :registry, :keys, :list
|
|
26
|
-
|
|
27
|
-
def initialize(home = nil)
|
|
28
|
-
@paths = []
|
|
29
|
-
|
|
30
|
-
# load plugins in the same gem installation
|
|
31
|
-
lib_home = File.expand_path(File.join(__FILE__, '..', '..', '..', '..'))
|
|
32
|
-
@paths += Dir[lib_home+'/inspec-*-*/lib/inspec-*rb']
|
|
33
|
-
|
|
34
|
-
# traverse out of inspec-vX.Y.Z/lib/inspec/plugins.rb
|
|
35
|
-
@home = home || File.join(Dir.home, '.inspec', 'plugins')
|
|
36
|
-
@paths += Dir[File.join(@home, '**{,/*/**}', '*.gemspec')]
|
|
37
|
-
.map { |x| File.dirname(x) }
|
|
38
|
-
.map { |x| Dir[File.join(x, 'lib', 'inspec-*.rb')] }
|
|
39
|
-
.flatten
|
|
40
|
-
|
|
41
|
-
# load bundled plugins
|
|
42
|
-
bundled_dir = File.expand_path(File.dirname(__FILE__))
|
|
43
|
-
@paths += Dir[File.join(bundled_dir, '..', 'bundles', 'inspec-*.rb')].flatten
|
|
44
|
-
|
|
45
|
-
# map paths to names
|
|
46
|
-
@registry = Hash[@paths.map { |x|
|
|
47
|
-
[File.basename(x, '.rb'), x]
|
|
48
|
-
}]
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def load(name)
|
|
52
|
-
path = @registry[name]
|
|
53
|
-
if path.nil?
|
|
54
|
-
raise "Couldn't find plugin #{name}. Searching in #{@home}"
|
|
55
|
-
end
|
|
56
|
-
# puts "Loading plugin #{name} from #{path}"
|
|
57
|
-
require path
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
end
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
# author: Dominik Richter
|
|
3
|
+
# author: Christoph Hartmann
|
|
4
|
+
|
|
5
|
+
require 'forwardable'
|
|
6
|
+
|
|
7
|
+
module Inspec
|
|
8
|
+
# Resource Plugins
|
|
9
|
+
module Plugins
|
|
10
|
+
autoload :Resource, 'inspec/plugins/resource'
|
|
11
|
+
autoload :CLI, 'inspec/plugins/cli'
|
|
12
|
+
autoload :Fetcher, 'inspec/plugins/fetcher'
|
|
13
|
+
autoload :SourceReader, 'inspec/plugins/source_reader'
|
|
14
|
+
autoload :Secret, 'inspec/plugins/secret'
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
# PLEASE NOTE: The Plugin system is an internal mechanism for connecting
|
|
18
|
+
# inspec components. Its API is currently considered in an alpha state
|
|
19
|
+
# and may change between minor version revisions. A stable plugin API will be
|
|
20
|
+
# released in the future.
|
|
21
|
+
class PluginCtl
|
|
22
|
+
extend Forwardable
|
|
23
|
+
|
|
24
|
+
attr_reader :registry
|
|
25
|
+
def_delegator :registry, :keys, :list
|
|
26
|
+
|
|
27
|
+
def initialize(home = nil)
|
|
28
|
+
@paths = []
|
|
29
|
+
|
|
30
|
+
# load plugins in the same gem installation
|
|
31
|
+
lib_home = File.expand_path(File.join(__FILE__, '..', '..', '..', '..'))
|
|
32
|
+
@paths += Dir[lib_home+'/inspec-*-*/lib/inspec-*rb']
|
|
33
|
+
|
|
34
|
+
# traverse out of inspec-vX.Y.Z/lib/inspec/plugins.rb
|
|
35
|
+
@home = home || File.join(Dir.home, '.inspec', 'plugins')
|
|
36
|
+
@paths += Dir[File.join(@home, '**{,/*/**}', '*.gemspec')]
|
|
37
|
+
.map { |x| File.dirname(x) }
|
|
38
|
+
.map { |x| Dir[File.join(x, 'lib', 'inspec-*.rb')] }
|
|
39
|
+
.flatten
|
|
40
|
+
|
|
41
|
+
# load bundled plugins
|
|
42
|
+
bundled_dir = File.expand_path(File.dirname(__FILE__))
|
|
43
|
+
@paths += Dir[File.join(bundled_dir, '..', 'bundles', 'inspec-*.rb')].flatten
|
|
44
|
+
|
|
45
|
+
# map paths to names
|
|
46
|
+
@registry = Hash[@paths.map { |x|
|
|
47
|
+
[File.basename(x, '.rb'), x]
|
|
48
|
+
}]
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def load(name)
|
|
52
|
+
path = @registry[name]
|
|
53
|
+
if path.nil?
|
|
54
|
+
raise "Couldn't find plugin #{name}. Searching in #{@home}"
|
|
55
|
+
end
|
|
56
|
+
# puts "Loading plugin #{name} from #{path}"
|
|
57
|
+
require path
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
data/lib/inspec/plugins/cli.rb
CHANGED
|
@@ -1,24 +1,24 @@
|
|
|
1
|
-
# encoding: utf-8
|
|
2
|
-
# author: Christoph Hartmann
|
|
3
|
-
# author: Dominik Richter
|
|
4
|
-
|
|
5
|
-
module Inspec
|
|
6
|
-
module Plugins
|
|
7
|
-
# stores all CLI plugin, we expect those to the `Thor` subclasses
|
|
8
|
-
class CLI
|
|
9
|
-
def self.subcommands
|
|
10
|
-
@subcommands ||= {}
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def self.add_subcommand(klass, subcommand_name, usage, description, options = {})
|
|
14
|
-
subcommands[subcommand_name] = {
|
|
15
|
-
klass: klass,
|
|
16
|
-
subcommand_name: subcommand_name,
|
|
17
|
-
usage: usage,
|
|
18
|
-
description: description,
|
|
19
|
-
options: options,
|
|
20
|
-
}
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
# author: Christoph Hartmann
|
|
3
|
+
# author: Dominik Richter
|
|
4
|
+
|
|
5
|
+
module Inspec
|
|
6
|
+
module Plugins
|
|
7
|
+
# stores all CLI plugin, we expect those to the `Thor` subclasses
|
|
8
|
+
class CLI
|
|
9
|
+
def self.subcommands
|
|
10
|
+
@subcommands ||= {}
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def self.add_subcommand(klass, subcommand_name, usage, description, options = {})
|
|
14
|
+
subcommands[subcommand_name] = {
|
|
15
|
+
klass: klass,
|
|
16
|
+
subcommand_name: subcommand_name,
|
|
17
|
+
usage: usage,
|
|
18
|
+
description: description,
|
|
19
|
+
options: options,
|
|
20
|
+
}
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -1,86 +1,86 @@
|
|
|
1
|
-
# encoding: utf-8
|
|
2
|
-
# author: Dominik Richter
|
|
3
|
-
# author: Christoph Hartmann
|
|
4
|
-
require 'utils/plugin_registry'
|
|
5
|
-
require 'inspec/file_provider'
|
|
6
|
-
|
|
7
|
-
module Inspec
|
|
8
|
-
module Plugins
|
|
9
|
-
#
|
|
10
|
-
# An Inspec::Plugins::Fetcher is responsible for fetching a remote
|
|
11
|
-
# source to a local directory or file provided by the user.
|
|
12
|
-
#
|
|
13
|
-
# In general, there are two kinds of fetchers. (1) Fetchers that
|
|
14
|
-
# implement this entire API (see the Git or Url fetchers for
|
|
15
|
-
# examples), and (2) fetchers that only implement self.resolve and
|
|
16
|
-
# then call the resolve_next method with a modified target hash.
|
|
17
|
-
# Fetchers in (2) do not need to implement the functions in this
|
|
18
|
-
# class because the caller will never actually get an instance of
|
|
19
|
-
# those fetchers.
|
|
20
|
-
#
|
|
21
|
-
class Fetcher < PluginRegistry::Plugin
|
|
22
|
-
def self.plugin_registry
|
|
23
|
-
Inspec::Fetcher
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
attr_accessor :target
|
|
27
|
-
|
|
28
|
-
def writable?
|
|
29
|
-
false
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
#
|
|
33
|
-
# The path to the archive on disk. This can be passed to a
|
|
34
|
-
# FileProvider to get access to the files in the fetched
|
|
35
|
-
# profile.
|
|
36
|
-
#
|
|
37
|
-
def archive_path
|
|
38
|
-
raise "Fetcher #{self} does not implement `archive_path()`. This is required."
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
#
|
|
42
|
-
# Fetches the remote source to a local source, using the
|
|
43
|
-
# provided path as a partial filename. That is, if you pass
|
|
44
|
-
# /foo/bar/baz, the fetcher can create:
|
|
45
|
-
#
|
|
46
|
-
# /foo/bar/baz/: A profile directory, or
|
|
47
|
-
# /foo/bar/baz.tar.gz: A profile tarball, or
|
|
48
|
-
# /foo/bar/baz.zip
|
|
49
|
-
#
|
|
50
|
-
def fetch(_path)
|
|
51
|
-
raise "Fetcher #{self} does not implement `fetch()`. This is required."
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
#
|
|
55
|
-
# The full specification of the remote source, with any
|
|
56
|
-
# ambigious references provided by the user resolved to an exact
|
|
57
|
-
# reference where possible. For example, in the Git provide, a
|
|
58
|
-
# tag will be resolved to an exact revision.
|
|
59
|
-
#
|
|
60
|
-
def resolved_source
|
|
61
|
-
raise "Fetcher #{self} does not implement `resolved_source()`. This is required for terminal fetchers."
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
#
|
|
65
|
-
# The unique key based on the content of the remote archive.
|
|
66
|
-
#
|
|
67
|
-
def cache_key
|
|
68
|
-
raise "Fetcher #{self} does not implement `cache_key()`. This is required for terminal fetchers."
|
|
69
|
-
end
|
|
70
|
-
|
|
71
|
-
#
|
|
72
|
-
# relative_target is provided to keep compatibility with 3rd
|
|
73
|
-
# party plugins.
|
|
74
|
-
#
|
|
75
|
-
# Deprecated: This function may be removed in future versions of
|
|
76
|
-
# Inspec, don't depend on it in new plugins.
|
|
77
|
-
#
|
|
78
|
-
# @returns [Inspec::RelativeFileProvider]
|
|
79
|
-
#
|
|
80
|
-
def relative_target
|
|
81
|
-
file_provider = Inspec::FileProvider.for_path(archive_path)
|
|
82
|
-
file_provider.relative_provider
|
|
83
|
-
end
|
|
84
|
-
end
|
|
85
|
-
end
|
|
86
|
-
end
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
# author: Dominik Richter
|
|
3
|
+
# author: Christoph Hartmann
|
|
4
|
+
require 'utils/plugin_registry'
|
|
5
|
+
require 'inspec/file_provider'
|
|
6
|
+
|
|
7
|
+
module Inspec
|
|
8
|
+
module Plugins
|
|
9
|
+
#
|
|
10
|
+
# An Inspec::Plugins::Fetcher is responsible for fetching a remote
|
|
11
|
+
# source to a local directory or file provided by the user.
|
|
12
|
+
#
|
|
13
|
+
# In general, there are two kinds of fetchers. (1) Fetchers that
|
|
14
|
+
# implement this entire API (see the Git or Url fetchers for
|
|
15
|
+
# examples), and (2) fetchers that only implement self.resolve and
|
|
16
|
+
# then call the resolve_next method with a modified target hash.
|
|
17
|
+
# Fetchers in (2) do not need to implement the functions in this
|
|
18
|
+
# class because the caller will never actually get an instance of
|
|
19
|
+
# those fetchers.
|
|
20
|
+
#
|
|
21
|
+
class Fetcher < PluginRegistry::Plugin
|
|
22
|
+
def self.plugin_registry
|
|
23
|
+
Inspec::Fetcher
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
attr_accessor :target
|
|
27
|
+
|
|
28
|
+
def writable?
|
|
29
|
+
false
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
#
|
|
33
|
+
# The path to the archive on disk. This can be passed to a
|
|
34
|
+
# FileProvider to get access to the files in the fetched
|
|
35
|
+
# profile.
|
|
36
|
+
#
|
|
37
|
+
def archive_path
|
|
38
|
+
raise "Fetcher #{self} does not implement `archive_path()`. This is required."
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
#
|
|
42
|
+
# Fetches the remote source to a local source, using the
|
|
43
|
+
# provided path as a partial filename. That is, if you pass
|
|
44
|
+
# /foo/bar/baz, the fetcher can create:
|
|
45
|
+
#
|
|
46
|
+
# /foo/bar/baz/: A profile directory, or
|
|
47
|
+
# /foo/bar/baz.tar.gz: A profile tarball, or
|
|
48
|
+
# /foo/bar/baz.zip
|
|
49
|
+
#
|
|
50
|
+
def fetch(_path)
|
|
51
|
+
raise "Fetcher #{self} does not implement `fetch()`. This is required."
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
#
|
|
55
|
+
# The full specification of the remote source, with any
|
|
56
|
+
# ambigious references provided by the user resolved to an exact
|
|
57
|
+
# reference where possible. For example, in the Git provide, a
|
|
58
|
+
# tag will be resolved to an exact revision.
|
|
59
|
+
#
|
|
60
|
+
def resolved_source
|
|
61
|
+
raise "Fetcher #{self} does not implement `resolved_source()`. This is required for terminal fetchers."
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
#
|
|
65
|
+
# The unique key based on the content of the remote archive.
|
|
66
|
+
#
|
|
67
|
+
def cache_key
|
|
68
|
+
raise "Fetcher #{self} does not implement `cache_key()`. This is required for terminal fetchers."
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
#
|
|
72
|
+
# relative_target is provided to keep compatibility with 3rd
|
|
73
|
+
# party plugins.
|
|
74
|
+
#
|
|
75
|
+
# Deprecated: This function may be removed in future versions of
|
|
76
|
+
# Inspec, don't depend on it in new plugins.
|
|
77
|
+
#
|
|
78
|
+
# @returns [Inspec::RelativeFileProvider]
|
|
79
|
+
#
|
|
80
|
+
def relative_target
|
|
81
|
+
file_provider = Inspec::FileProvider.for_path(archive_path)
|
|
82
|
+
file_provider.relative_provider
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
@@ -1,135 +1,135 @@
|
|
|
1
|
-
# encoding: utf-8
|
|
2
|
-
# author: Dominik Richter
|
|
3
|
-
# author: Christoph Hartmann
|
|
4
|
-
|
|
5
|
-
module Inspec
|
|
6
|
-
module ResourceBehaviors
|
|
7
|
-
def to_s
|
|
8
|
-
@__resource_name__
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
# Overwrite inspect to provide better output to RSpec results.
|
|
12
|
-
#
|
|
13
|
-
# @return [String] full name of the resource
|
|
14
|
-
def inspect
|
|
15
|
-
to_s
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
module ResourceDSL
|
|
20
|
-
def name(name = nil)
|
|
21
|
-
return if name.nil?
|
|
22
|
-
@name = name
|
|
23
|
-
__register(name, self)
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
def desc(description = nil)
|
|
27
|
-
return if description.nil?
|
|
28
|
-
__resource_registry[@name].desc(description)
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def supports(criteria = nil)
|
|
32
|
-
return if criteria.nil?
|
|
33
|
-
Inspec::Resource.supports[@name] ||= []
|
|
34
|
-
Inspec::Resource.supports[@name].push(criteria)
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def example(example = nil)
|
|
38
|
-
return if example.nil?
|
|
39
|
-
__resource_registry[@name].example(example)
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
def __resource_registry
|
|
43
|
-
Inspec::Resource.registry
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
def __register(name, obj) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
|
|
47
|
-
cl = Class.new(obj) do # rubocop:disable Metrics/BlockLength
|
|
48
|
-
attr_reader :resource_exception_message
|
|
49
|
-
|
|
50
|
-
def initialize(backend, name, *args)
|
|
51
|
-
@resource_skipped = false
|
|
52
|
-
@resource_failed = false
|
|
53
|
-
@supports = Inspec::Resource.supports[name]
|
|
54
|
-
|
|
55
|
-
# attach the backend to this instance
|
|
56
|
-
@__backend_runner__ = backend
|
|
57
|
-
@__resource_name__ = name
|
|
58
|
-
|
|
59
|
-
# check resource supports
|
|
60
|
-
supported = true
|
|
61
|
-
supported = check_supports unless @supports.nil?
|
|
62
|
-
test_backend = defined?(Train::Transports::Mock::Connection) && backend.backend.class == Train::Transports::Mock::Connection
|
|
63
|
-
# do not return if we are supported, or for tests
|
|
64
|
-
return unless supported || test_backend
|
|
65
|
-
|
|
66
|
-
# call the resource initializer
|
|
67
|
-
begin
|
|
68
|
-
super(*args)
|
|
69
|
-
rescue Inspec::Exceptions::ResourceSkipped => e
|
|
70
|
-
skip_resource(e.message)
|
|
71
|
-
rescue Inspec::Exceptions::ResourceFailed => e
|
|
72
|
-
fail_resource(e.message)
|
|
73
|
-
rescue NoMethodError => e
|
|
74
|
-
# The new platform resources have methods generated on the fly
|
|
75
|
-
# for inspec check to work we need to skip these train errors
|
|
76
|
-
raise unless test_backend && e.receiver.class == Train::Transports::Mock::Connection
|
|
77
|
-
skip_resource(e.message)
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
def self.desc(description = nil)
|
|
82
|
-
return @description if description.nil?
|
|
83
|
-
@description = description
|
|
84
|
-
end
|
|
85
|
-
|
|
86
|
-
def self.example(example = nil)
|
|
87
|
-
return @example if example.nil?
|
|
88
|
-
@example = example
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
def check_supports
|
|
92
|
-
status = inspec.platform.supported?(@supports)
|
|
93
|
-
skip_msg = "Resource #{@__resource_name__.capitalize} is not supported on platform #{inspec.platform.name}/#{inspec.platform.release}."
|
|
94
|
-
skip_resource(skip_msg) unless status
|
|
95
|
-
status
|
|
96
|
-
end
|
|
97
|
-
|
|
98
|
-
def skip_resource(message)
|
|
99
|
-
@resource_skipped = true
|
|
100
|
-
@resource_exception_message = message
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
def resource_skipped?
|
|
104
|
-
@resource_skipped
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
def fail_resource(message)
|
|
108
|
-
@resource_failed = true
|
|
109
|
-
@resource_exception_message = message
|
|
110
|
-
end
|
|
111
|
-
|
|
112
|
-
def resource_failed?
|
|
113
|
-
@resource_failed
|
|
114
|
-
end
|
|
115
|
-
|
|
116
|
-
def inspec
|
|
117
|
-
@__backend_runner__
|
|
118
|
-
end
|
|
119
|
-
end
|
|
120
|
-
|
|
121
|
-
# rubocop:enable Lint/NestedMethodDefinition
|
|
122
|
-
if __resource_registry.key?(name)
|
|
123
|
-
Inspec::Log.warn("Overwriting resource #{name}. To reference a specific version of #{name} use the resource() method")
|
|
124
|
-
end
|
|
125
|
-
__resource_registry[name] = cl
|
|
126
|
-
end
|
|
127
|
-
end
|
|
128
|
-
|
|
129
|
-
module Plugins
|
|
130
|
-
class Resource
|
|
131
|
-
extend Inspec::ResourceDSL
|
|
132
|
-
include Inspec::ResourceBehaviors
|
|
133
|
-
end
|
|
134
|
-
end
|
|
135
|
-
end
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
# author: Dominik Richter
|
|
3
|
+
# author: Christoph Hartmann
|
|
4
|
+
|
|
5
|
+
module Inspec
|
|
6
|
+
module ResourceBehaviors
|
|
7
|
+
def to_s
|
|
8
|
+
@__resource_name__
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
# Overwrite inspect to provide better output to RSpec results.
|
|
12
|
+
#
|
|
13
|
+
# @return [String] full name of the resource
|
|
14
|
+
def inspect
|
|
15
|
+
to_s
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
module ResourceDSL
|
|
20
|
+
def name(name = nil)
|
|
21
|
+
return if name.nil?
|
|
22
|
+
@name = name
|
|
23
|
+
__register(name, self)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def desc(description = nil)
|
|
27
|
+
return if description.nil?
|
|
28
|
+
__resource_registry[@name].desc(description)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def supports(criteria = nil)
|
|
32
|
+
return if criteria.nil?
|
|
33
|
+
Inspec::Resource.supports[@name] ||= []
|
|
34
|
+
Inspec::Resource.supports[@name].push(criteria)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def example(example = nil)
|
|
38
|
+
return if example.nil?
|
|
39
|
+
__resource_registry[@name].example(example)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def __resource_registry
|
|
43
|
+
Inspec::Resource.registry
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def __register(name, obj) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
|
|
47
|
+
cl = Class.new(obj) do # rubocop:disable Metrics/BlockLength
|
|
48
|
+
attr_reader :resource_exception_message
|
|
49
|
+
|
|
50
|
+
def initialize(backend, name, *args)
|
|
51
|
+
@resource_skipped = false
|
|
52
|
+
@resource_failed = false
|
|
53
|
+
@supports = Inspec::Resource.supports[name]
|
|
54
|
+
|
|
55
|
+
# attach the backend to this instance
|
|
56
|
+
@__backend_runner__ = backend
|
|
57
|
+
@__resource_name__ = name
|
|
58
|
+
|
|
59
|
+
# check resource supports
|
|
60
|
+
supported = true
|
|
61
|
+
supported = check_supports unless @supports.nil?
|
|
62
|
+
test_backend = defined?(Train::Transports::Mock::Connection) && backend.backend.class == Train::Transports::Mock::Connection
|
|
63
|
+
# do not return if we are supported, or for tests
|
|
64
|
+
return unless supported || test_backend
|
|
65
|
+
|
|
66
|
+
# call the resource initializer
|
|
67
|
+
begin
|
|
68
|
+
super(*args)
|
|
69
|
+
rescue Inspec::Exceptions::ResourceSkipped => e
|
|
70
|
+
skip_resource(e.message)
|
|
71
|
+
rescue Inspec::Exceptions::ResourceFailed => e
|
|
72
|
+
fail_resource(e.message)
|
|
73
|
+
rescue NoMethodError => e
|
|
74
|
+
# The new platform resources have methods generated on the fly
|
|
75
|
+
# for inspec check to work we need to skip these train errors
|
|
76
|
+
raise unless test_backend && e.receiver.class == Train::Transports::Mock::Connection
|
|
77
|
+
skip_resource(e.message)
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def self.desc(description = nil)
|
|
82
|
+
return @description if description.nil?
|
|
83
|
+
@description = description
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def self.example(example = nil)
|
|
87
|
+
return @example if example.nil?
|
|
88
|
+
@example = example
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def check_supports
|
|
92
|
+
status = inspec.platform.supported?(@supports)
|
|
93
|
+
skip_msg = "Resource #{@__resource_name__.capitalize} is not supported on platform #{inspec.platform.name}/#{inspec.platform.release}."
|
|
94
|
+
skip_resource(skip_msg) unless status
|
|
95
|
+
status
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
def skip_resource(message)
|
|
99
|
+
@resource_skipped = true
|
|
100
|
+
@resource_exception_message = message
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def resource_skipped?
|
|
104
|
+
@resource_skipped
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def fail_resource(message)
|
|
108
|
+
@resource_failed = true
|
|
109
|
+
@resource_exception_message = message
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
def resource_failed?
|
|
113
|
+
@resource_failed
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
def inspec
|
|
117
|
+
@__backend_runner__
|
|
118
|
+
end
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
# rubocop:enable Lint/NestedMethodDefinition
|
|
122
|
+
if __resource_registry.key?(name)
|
|
123
|
+
Inspec::Log.warn("Overwriting resource #{name}. To reference a specific version of #{name} use the resource() method")
|
|
124
|
+
end
|
|
125
|
+
__resource_registry[name] = cl
|
|
126
|
+
end
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
module Plugins
|
|
130
|
+
class Resource
|
|
131
|
+
extend Inspec::ResourceDSL
|
|
132
|
+
include Inspec::ResourceBehaviors
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
end
|