inspec 2.3.10 → 2.3.23

data/docs/resources/npm.md.erb

@@ -1,78 +0,0 @@
----
-title: About the npm Resource
-platform: os
----
-
-# npm
-
-Use the `npm` InSpec audit resource to test if a global NPM package is installed. NPM is the the package manager for [Node.js packages](https://docs.npmjs.com), such as Bower and StatsD.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `npm` resource block declares a package and (optionally) a package version:
-
-    describe npm('npm_package_name') do
-      it { should be_installed }
-    end
-
-where
-
-* `('npm_package_name')` must specify an NPM package, such as `'bower'` or `'statsd'`
-* `be_installed` is a valid matcher for this resource
-
-You can also specify additional options:
-
-    describe npm('npm_package_name', path: '/path/to/project') do
-      it { should be_installed }
-    end
-
-The `path` specifies a folder, that contains a `node_modules` subdirectory. It emulates running `npm` inside the specified folder. This way you can inspect local NPM installations as well as global ones.
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Verify that bower is installed, with a specific version
-
-    describe npm('bower') do
-      it { should be_installed }
-      its('version') { should eq '1.4.1' }
-    end
-
-### Verify that statsd is not installed
-
-    describe npm('statsd') do
-      it { should_not be_installed }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### be_installed
-
-The `be_installed` matcher tests if the named Gem package and package version (if specified) is installed:
-
-    it { should be_installed }
-
-### version
-
-The `version` matcher tests if the named package version is on the system:
-
-    its('version') { should eq '1.2.3' }

data/docs/resources/ntp_conf.md.erb

@@ -1,70 +0,0 @@
----
-title: About the ntp_conf Resource
-platform: linux
----
-
-# ntp_conf
-
-Use the `ntp_conf` InSpec audit resource to test the synchronization settings defined in the `ntp.conf` file. This file is typically located at `/etc/ntp.conf`.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-An `ntp_conf` resource block declares the synchronization settings that should be tested:
-
-    describe ntp_conf('path') do
-      its('setting_name') { should eq 'value' }
-    end
-
-where
-
-* `'setting_name'` is a synchronization setting defined in the `ntp.conf` file
-* `('path')` is the non-default path to the `ntp.conf` file
-* `{ should eq 'value' }` is the value that is expected
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test for clock drift against named servers
-
-    describe ntp_conf do
-      its('driftfile') { should eq '/var/lib/ntp/ntp.drift' }
-      its('server') { should eq [
-        0.ubuntu.pool.ntp.org,
-        1.ubuntu.pool.ntp.org,
-        2.ubuntu.pool.ntp.org
-      ] }
-    end
-
-<br>
-
-## Matchers
-
-This resource matches any service that is listed in the `ntp.conf` file. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-    its('server') { should_not eq nil }
-
-or:
-
-    its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
-
-For example:
-
-    describe ntp_conf do
-      its('server') { should_not eq nil }
-      its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
-    end

data/docs/resources/oneget.md.erb

@@ -1,63 +0,0 @@
----
-title: About the oneget Resource
-platform: windows
----
-
-# oneget
-
-Use the `oneget` InSpec audit resource to test if the named package and/or package version is installed on the system. This resource uses Oneget, which is `part of the Windows Management Framework 5.0 and Windows 10 <https://github.com/OneGet/oneget>`__. This resource uses the `Get-Package` cmdlet to return all of the package names in the Oneget repository.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `oneget` resource block declares a package and (optionally) a package version:
-
-    describe oneget('name') do
-      it { should be_installed }
-    end
-
-where
-
-* `('name')` must specify the name of a package, such as `'VLC'`
-* `be_installed` is a valid matcher for this resource
-
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test if VLC is installed
-
-    describe oneget('VLC') do
-      it { should be_installed }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### be_installed
-
-The `be_installed` matcher tests if the named package is installed on the system:
-
-    it { should be_installed }
-
-### version
-
-The `version` matcher tests if the named package version is on the system:
-
-    its('version') { should eq '1.2.3' }

data/docs/resources/oracledb_session.md.erb

@@ -1,103 +0,0 @@
----
-title: About the oracledb_session Resource
-platform: os
----
-
-# oracledb_session
-
-Use the `oracledb_session` InSpec audit resource to test SQL commands run against a Oracle database.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-A `oracledb_session` resource block declares the username and password to use for the session with an optional service to connect to, and then the command to be run:
-
-    describe oracledb_session(user: 'username', password: 'password', service: 'ORCL.localdomain').query('QUERY').row(0).column('result') do
-      its('value') { should eq('') }
-    end
-
-where
-
-* `oracledb_session` declares a username and password with permission to run the query (required), and an optional parameters for host (default: `localhost`), SID (default: `nil`, which uses the default SID, and path to the sqlplus binary (default: `sqlplus`).
-* it is possible to run queries as sysdba/sysoper by using `as_db_role option`, see examples
-* `query('QUERY')` contains the query to be run
-* `its('value') { should eq('') }` compares the results of the query against the expected result in the test
-
-<br>
-
-## oracledb_session(...).query method Properties
-* rows the query result as array of hashes
-* row(number)  selected row from query result, where number is just a row number in the query result
-* column(name) array with values from selected column
- 
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test for matching databases
-
-    sql = oracledb_session(user: 'my_user', pass: 'password')
-
-    describe sql.query('SELECT NAME AS VALUE FROM v$database;').row(0).column('value') do
-      its('value') { should cmp 'ORCL' }
-    end
-
-### Test for matching databases with custom host, SID and sqlplus binary location
-
-    sql = oracledb_session(user: 'my_user', pass: 'password', host: 'oraclehost', sid: 'mysid', sqlplus_bin: '/u01/app/oracle/product/12.1.0/dbhome_1/bin/sqlplus')
-
-    describe sql.query('SELECT NAME FROM v$database;').row(0).column('name') do
-      its('value') { should cmp 'ORCL' }
-    end
-
-### Test for table contains a specified value in any row for the given column name
-
-    sql = oracledb_session(user: 'my_user', pass: 'password', service: 'MYSID')
-
-    describe sql.query('SELECT * FROM my_table;').column('my_column') do
-      it { should include 'my_value' }
-    end
-
-### Test tablespace exists as sysdba
-    The check will change user (with su) to specified user and run 'sqlplus / as sysdba' (sysoper, sysasm) 
-
-    sql = oracledb_session(as_os_user: 'oracle', as_db_role: 'sysdba', service: 'MYSID')
-
-    describe sql.query('SELECT tablespace_name AS name FROM dba_tablespaces;').column('name') do
-      it { should include 'MYTABLESPACE' }
-    end
-    NOTE: option `as_os_user` available only on unix-like systems and not supported on Windows. Also this option requires that you are running inspec as `root` or with `--sudo`
-
-### Test number of rows in the query result
-
-    sql = oracledb_session(user: 'my_user', pass: 'password')
-
-    describe sql.query('SELECT * FROM my_table;').rows do
-      its('count') { should eq 20 }
-    end
-
-### Use data out of (remote) DB query to build other tests
-
-    sql = oracledb_session(user: 'my_user', pass: 'password', host: 'my.remote.db', service: 'MYSID')
-
-    sql.query('SELECT * FROM files;').rows.each do |file_row|
-      describe file(file_row['path']) do
-	its('owner') { should eq file_row['owner']}
-      end
-    end
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

data/docs/resources/os.md.erb

@@ -1,153 +0,0 @@
----
-title: About the os Resource
-platform: os
----
-
-# os
-
-Use the `os` InSpec audit resource to test the platform on which the system is running.
-
-<br>
-
-## Availability
-
-### Installation
-
-This resource is distributed along with InSpec itself. You can use it automatically.
-
-### Version
-
-This resource first became available in v1.0.0 of InSpec.
-
-## Syntax
-
-An `os` resource block declares the platform to be tested. The platform may specified via matcher or control block name. For example, using a matcher:
-
-    describe os.family do
-      it { should eq 'platform_family_name' }
-    end
-
-* `'platform_family_name'` (a string) is one of `aix`, `bsd`, `darwin`, `debian`, `hpux`, `linux`, `redhat`, `solaris`, `suse`,  `unix`, or `windows`
-
-The parameters available to `os` are:
-
-* `:name` - the operating system name, such as `centos`
-* `:family` - the operating system family, such as `redhat`
-* `:release` - the version of the operating system, such as `7.3.1611`
-* `:arch` - the architecture of the operating system, such as `x86_64`
-<br>
-
-## Examples
-
-The following examples show how to use this InSpec audit resource.
-
-### Test for RedHat
-
-    describe os.family do
-      it { should eq 'redhat' }
-    end
-
-### Test for Ubuntu
-
-    describe os.family do
-      it { should eq 'debian' }
-    end
-
-### Test for Microsoft Windows
-
-    describe os.family do
-      it { should eq 'windows' }
-    end
-
-<br>
-
-## Matchers
-
-For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
-
-### os.family? Helpers
-
-The `os` audit resource includes a collection of helpers that enable more granular testing of platforms, platform names, architectures, and releases. Use any of the following platform-specific helpers to test for specific platforms:
-
-* `aix?`
-* `bsd?` (including Darwin, FreeBSD, NetBSD, and OpenBSD)
-* `darwin?`
-* `debian?`
-* `hpux?`
-* `linux?` (including Alpine Linux, Amazon Linux, ArchLinux, CoreOS, Exherbo, Fedora, Gentoo, and Slackware)
-* `redhat?` (including CentOS)
-* `solaris?` (including Nexenta Core, OmniOS, Open Indiana, Solaris Open, and SmartOS)
-* `suse?`
-* `unix?`
-* `windows?`
-
-For example, to test for Darwin use:
-
-    describe os.bsd? do
-       it { should eq true }
-    end
-
-To test for Windows use:
-
-    describe os.windows? do
-       it { should eq true }
-    end
-
-and to test for Redhat use:
-
-    describe os.redhat? do
-       it { should eq true }
-    end
-
-Use the following helpers to test for operating system names, releases, and architectures:
-
-    describe os.name do
-       it { should eq 'foo' }
-    end
-
-    describe os.release do
-       it { should eq 'foo' }
-    end
-
-    describe os.arch do
-       it { should eq 'foo' }
-    end
-
-### os.family names
-
-Use `os.family` to enable more granular testing of platforms, platform names, architectures, and releases. Use any of the following platform-specific names to test for specific platforms:
-
-* `aix`
-* `bsd` For platforms that are part of the Berkeley OS family `darwin`, `freebsd`, `netbsd`, and `openbsd`.
-* `debian`
-* `hpux`
-* `linux`. For platforms that are part of the Linux family `alpine`, `amazon`, `arch`, `coreos`, `exherbo`, `fedora`, `gentoo`, and `slackware`.
-* `redhat`. For platforms that are part of the Redhat family `centos`.
-* `solaris`. For platforms that are part of the Solaris family `nexentacore`, `omnios`, `openindiana`, `opensolaris`, and `smartos`.
-* `suse`
-* `unix`
-* `windows`
-
-For example, both of the following tests should have the same result:
-
-```ruby
-if os.family == 'debian'
-  describe port(69) do
-    its('processes') { should include 'in.tftpd' }
-  end
-elsif os.family == 'redhat'
-  describe port(69) do
-    its('processes') { should include 'xinetd' }
-  end
-end
-
-if os.debian?
-  describe port(69) do
-    its('processes') { should include 'in.tftpd' }
-  end
-elsif os.redhat?
-  describe port(69) do
-    its('processes') { should include 'xinetd' }
-  end
-end
-```