inspec 3.7.1 → 3.7.11

data/lib/resources/key_rsa.rb

@@ -11,7 +11,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'public/private RSA key pair test'
-    example "
+    example <<~EXAMPLE
       describe key_rsa('/etc/pki/www.mywebsite.com.key') do
         its('public_key') { should match /BEGIN RSA PUBLIC KEY/ }
       end
@@ -20,7 +20,7 @@ module Inspec::Resources
         it { should be_private }
         it { should be_public }
       end
-    "
+    EXAMPLE
 
     include FileReader
     include PkeyReader

data/lib/resources/ksh.rb

@@ -8,7 +8,7 @@ module Inspec::Resources
     name 'ksh'
     supports platform: 'unix'
     desc 'Run a command or script in KornShell.'
-    example "
+    example <<~EXAMPLE
       describe ksh('ls -al /') do
         its('stdout') { should match /bin/ }
         its('stderr') { should eq '' }
@@ -20,7 +20,7 @@ module Inspec::Resources
 
       # Specify arguments (defaults to -c)
       ksh('...', args: '-x -c')
-    "
+    EXAMPLE
 
     def initialize(command, options = {})
       @raw_command = command

data/lib/resources/limits_conf.rb

@@ -9,11 +9,11 @@ module Inspec::Resources
     name 'limits_conf'
     supports platform: 'unix'
     desc 'Use the limits_conf InSpec audit resource to test configuration settings in the /etc/security/limits.conf file. The limits.conf defines limits for processes (by user and/or group names) and helps ensure that the system on which those processes are running remains stable. Each process may be assigned a hard or soft limit.'
-    example "
+    example <<~EXAMPLE
       describe limits_conf do
         its('*') { should include ['hard','core','0'] }
       end
-    "
+    EXAMPLE
 
     include FileReader
 

data/lib/resources/login_def.rb

@@ -21,11 +21,11 @@ module Inspec::Resources
     name 'login_defs'
     supports platform: 'unix'
     desc 'Use the login_defs InSpec audit resource to test configuration settings in the /etc/login.defs file. The logins.defs file defines site-specific configuration for the shadow password suite on Linux and UNIX platforms, such as password expiration ranges, minimum/maximum values for automatic selection of user and group identifiers, or the method with which passwords are encrypted.'
-    example "
+    example <<~EXAMPLE
       describe login_defs do
         its('ENCRYPT_METHOD') { should eq 'SHA512' }
       end
-    "
+    EXAMPLE
 
     include FileReader
 

data/lib/resources/mount.rb

@@ -7,7 +7,7 @@ module Inspec::Resources
     name 'mount'
     supports platform: 'unix'
     desc 'Use the mount InSpec audit resource to test if mount points.'
-    example "
+    example <<~EXAMPLE
       describe mount('/') do
         it { should be_mounted }
         its('count') { should eq 1 }
@@ -16,7 +16,7 @@ module Inspec::Resources
         its('options') { should eq ['rw', 'mode=620'] }
         its('options') { should include 'nodev' }
       end
-    "
+    EXAMPLE
     attr_reader :file
 
     def initialize(path)

data/lib/resources/mssql_session.rb

@@ -14,7 +14,7 @@ module Inspec::Resources
     name 'mssql_session'
     supports platform: 'windows'
     desc 'Use the mssql_session InSpec audit resource to test SQL commands run against a MS Sql Server database.'
-    example "
+    example <<~EXAMPLE
       # Using SQL authentication
       sql = mssql_session(user: 'myuser', pass: 'mypassword')
       describe sql.query('SELECT * FROM table').row(0).column('columnname') do
@@ -27,7 +27,7 @@ module Inspec::Resources
         its('value') { should_not be_empty }
         its('value') { should cmp == 1 }
       end
-    "
+    EXAMPLE
 
     attr_reader :user, :password, :host, :port, :instance, :local_mode, :db_name
     def initialize(opts = {})

data/lib/resources/mysql_conf.rb

@@ -31,7 +31,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the mysql_conf InSpec audit resource to test the contents of the configuration file for MySQL, typically located at /etc/mysql/my.cnf or /etc/my.cnf.'
-    example "
+    example <<~EXAMPLE
       describe mysql_conf('path') do
         its('setting') { should eq 'value' }
       end
@@ -45,7 +45,7 @@ module Inspec::Resources
       describe mysql_conf do
         its(['mariadb', 'max-connections']) { should_not be_nil }
       end
-    "
+    EXAMPLE
 
     include FindFiles
     include FileReader

data/lib/resources/mysql_session.rb

@@ -9,12 +9,12 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the mysql_session InSpec audit resource to test SQL commands run against a MySQL database.'
-    example "
+    example <<~EXAMPLE
       sql = mysql_session('my_user','password','host')
       describe sql.query('show databases like \'test\';') do
         its('stdout') { should_not match(/test/) }
       end
-    "
+    EXAMPLE
 
     def initialize(user = nil, pass = nil, host = 'localhost', port = nil, socket = nil)
       @user = user

data/lib/resources/nginx.rb

@@ -8,7 +8,7 @@ module Inspec::Resources
     name 'nginx'
     supports platform: 'unix'
     desc 'Use the nginx InSpec audit resource to test information about your NGINX instance.'
-    example "
+    example <<~EXAMPLE
       describe nginx do
         its('conf_path') { should cmp '/etc/nginx/nginx.conf' }
       end
@@ -18,7 +18,7 @@ module Inspec::Resources
       describe nginx do
         its('modules') { should include 'my_module' }
       end
-    "
+    EXAMPLE
     attr_reader :params, :bin_dir
 
     def initialize(nginx_path = '/usr/sbin/nginx')

data/lib/resources/nginx_conf.rb

@@ -19,10 +19,10 @@ module Inspec::Resources
     desc 'Use the nginx_conf InSpec resource to test configuration data '\
          'for the NginX web server located in /etc/nginx/nginx.conf on '\
          'Linux and UNIX platforms.'
-    example "
+    example <<~EXAMPLE
       describe nginx_conf.params ...
       describe nginx_conf('/path/to/my/nginx.conf').params ...
-    "
+    EXAMPLE
 
     extend Forwardable
 

data/lib/resources/npm.rb

@@ -8,7 +8,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the npm InSpec audit resource to test if a global npm package is installed. npm is the the package manager for Nodejs packages, such as bower and StatsD.'
-    example "
+    example <<~EXAMPLE
       describe npm('bower') do
         it { should be_installed }
       end
@@ -16,7 +16,7 @@ module Inspec::Resources
       describe npm('tar', path: '/path/to/project') do
         it { should be_installed }
       end
-    "
+    EXAMPLE
 
     def initialize(package_name, opts = {})
       @package_name = package_name

data/lib/resources/ntp_conf.rb

@@ -9,12 +9,12 @@ module Inspec::Resources
     name 'ntp_conf'
     supports platform: 'unix'
     desc 'Use the ntp_conf InSpec audit resource to test the synchronization settings defined in the ntp.conf file. This file is typically located at /etc/ntp.conf.'
-    example "
+    example <<~EXAMPLE
       describe ntp_conf do
         its('server') { should_not eq nil }
         its('restrict') { should include '-4 default kod notrap nomodify nopeer noquery'}
       end
-    "
+    EXAMPLE
 
     include FileReader
 

data/lib/resources/oneget.rb

@@ -12,12 +12,12 @@ module Inspec::Resources
     name 'oneget'
     supports platform: 'windows'
     desc 'Use the oneget InSpec audit resource to test if the named package and/or package version is installed on the system. This resource uses OneGet, which is part of the Windows Management Framework 5.0 and Windows 10. This resource uses the Get-Package cmdlet to return all of the package names in the OneGet repository.'
-    example "
+    example <<~EXAMPLE
       describe oneget('zoomit') do
         it { should be_installed }
         its('version') { should eq '1.2.3' }
       end
-    "
+    EXAMPLE
 
     def initialize(package_name)
       @package_name = package_name

data/lib/resources/oracledb_session.rb

@@ -15,12 +15,12 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the oracledb_session InSpec resource to test commands against an Oracle database'
-    example "
+    example <<~EXAMPLE
       sql = oracledb_session(user: 'my_user', pass: 'password')
       describe sql.query(\"SELECT UPPER(VALUE) AS VALUE FROM V$PARAMETER WHERE UPPER(NAME)='AUDIT_SYS_OPERATIONS'\").row(0).column('value') do
         its('value') { should eq 'TRUE' }
       end
-    "
+    EXAMPLE
 
     attr_reader :user, :password, :host, :service, :as_os_user, :as_db_role
     # rubocop:disable Metrics/PerceivedComplexity,Metrics/CyclomaticComplexity

data/lib/resources/os.rb

@@ -8,7 +8,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the os InSpec audit resource to test the platform on which the system is running.'
-    example "
+    example <<~EXAMPLE
       describe os[:family] do
         it { should eq 'redhat' }
       end
@@ -20,7 +20,7 @@ module Inspec::Resources
       describe os.linux? do
         it { should eq true }
       end
-    "
+    EXAMPLE
 
     # reuse helper methods from backend
     %w{aix? redhat? debian? suse? bsd? solaris? linux? unix? windows? hpux? darwin?}.each do |os_family|

data/lib/resources/os_env.rb

@@ -16,11 +16,11 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the os_env InSpec audit resource to test the environment variables for the platform on which the system is running.'
-    example "
+    example <<~EXAMPLE
       describe os_env('VARIABLE') do
         its('matcher') { should eq 1 }
       end
-    "
+    EXAMPLE
 
     def initialize(env = nil, target = nil)
       @osenv = env

data/lib/resources/package.rb

@@ -12,13 +12,13 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the package InSpec audit resource to test if the named package and/or package version is installed on the system.'
-    example "
+    example <<~EXAMPLE
       describe package('nginx') do
         it { should be_installed }
         it { should_not be_held } # for dpkg platforms that support holding a version from being upgraded
         its('version') { should eq 1.9.5 }
       end
-    "
+    EXAMPLE
     def initialize(package_name, opts = {}) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
       @package_name = package_name
       @name = @package_name

data/lib/resources/packages.rb

@@ -8,7 +8,7 @@ module Inspec::Resources
     name 'packages'
     supports platform: 'unix'
     desc 'Use the packages InSpec audit resource to test properties for multiple packages installed on the system'
-    example "
+    example <<~EXAMPLE
       describe packages(/xserver-xorg.*/) do
         its('entries') { should be_empty }
       end
@@ -18,7 +18,7 @@ module Inspec::Resources
       describe packages(/vi.+/).where { status != 'installed' } do
         its('statuses') { should be_empty }
       end
-    "
+    EXAMPLE
 
     def initialize(pattern)
       os = inspec.os

data/lib/resources/parse_config.rb

@@ -18,7 +18,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the parse_config InSpec audit resource to test arbitrary configuration files.'
-    example "
+    example <<~EXAMPLE
       output = command('some-command').stdout
       describe parse_config(output, { data_config_option: value } ) do
         its('setting') { should eq 1 }
@@ -41,7 +41,7 @@ module Inspec::Resources
       describe parse_config(output2, options2 ).params['listen queue'].to_i do
         it { should be < 100 }
       end
-    "
+    EXAMPLE
 
     include FileReader
 
@@ -94,11 +94,11 @@ module Inspec::Resources
   class PConfigFile < PConfig
     name 'parse_config_file'
     desc 'Use the parse_config_file InSpec resource to test arbitrary configuration files. It works identically to parse_config. Instead of using a command output, this resource works with files.'
-    example "
+    example <<~EXAMPLE
       describe parse_config_file('/path/to/file') do
         its('setting') { should eq 1 }
       end
-    "
+    EXAMPLE
 
     def initialize(path, opts = nil)
       super(nil, opts)

data/lib/resources/passwd.rb

@@ -19,7 +19,7 @@ module Inspec::Resources
     name 'passwd'
     supports platform: 'unix'
     desc 'Use the passwd InSpec audit resource to test the contents of /etc/passwd, which contains the following information for users that may log into the system and/or as users that own running processes.'
-    example "
+    example <<~EXAMPLE
       describe passwd do
         its('users') { should_not include 'forbidden_user' }
       end
@@ -32,7 +32,7 @@ module Inspec::Resources
         # find all users with a nologin shell
         its('users') { should_not include 'my_login_user' }
       end
-    "
+    EXAMPLE
 
     include PasswdParser
     include FileReader

data/lib/resources/pip.rb

@@ -12,7 +12,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the pip InSpec audit resource to test packages that are installed using the pip installer.'
-    example "
+    example <<~EXAMPLE
       describe pip('Jinja2') do
         it { should be_installed }
       end
@@ -21,7 +21,7 @@ module Inspec::Resources
         it { should be_installed }
         its('version') { should eq('1.11.4')}
       end
-    "
+    EXAMPLE
 
     def initialize(package_name, pip_path = nil)
       @package_name = package_name

data/lib/resources/platform.rb

@@ -4,7 +4,7 @@ module Inspec::Resources
   class PlatformResource < Inspec.resource(1)
     name 'platform'
     desc 'Use the platform InSpec resource to test the platform on which the system is running.'
-    example "
+    example <<~EXAMPLE
       describe platform do
         its('name') { should eq 'redhat' }
       end
@@ -12,7 +12,7 @@ module Inspec::Resources
       describe platform do
         it { should be_in_family('unix') }
       end
-    "
+    EXAMPLE
 
     def initialize
       @platform = inspec.backend.platform

data/lib/resources/port.rb

@@ -12,7 +12,7 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc "Use the port InSpec audit resource to test basic port properties, such as port, process, if it's listening."
-    example "
+    example <<~EXAMPLE
       describe port(80) do
         it { should be_listening }
         its('protocols') {should eq ['tcp']}
@@ -22,7 +22,7 @@ module Inspec::Resources
       describe port.where { protocol =~ /tcp/ && port > 80 } do
         it { should_not be_listening }
       end
-    "
+    EXAMPLE
 
     def initialize(*args)
       args.unshift(nil) if args.length <= 1 # add the ip address to the front

data/lib/resources/postgres_conf.rb

@@ -12,11 +12,11 @@ module Inspec::Resources
     supports platform: 'unix'
     supports platform: 'windows'
     desc 'Use the postgres_conf InSpec audit resource to test the contents of the configuration file for PostgreSQL, typically located at /etc/postgresql/<version>/main/postgresql.conf or /var/lib/postgres/data/postgresql.conf, depending on the platform.'
-    example "
+    example <<~EXAMPLE
       describe postgres_conf do
         its('max_connections') { should eq '5' }
       end
-    "
+    EXAMPLE
 
     include FindFiles
     include FileReader

data/lib/resources/postgres_hba_conf.rb

@@ -9,11 +9,11 @@ module Inspec::Resources
     supports platform: 'unix'
     desc 'Use the `postgres_hba_conf` InSpec audit resource to test the client
           authentication data defined in the pg_hba.conf file.'
-    example "
+    example <<~EXAMPLE
       describe postgres_hba_conf.where { type == 'local' } do
         its('auth_method') { should eq ['peer'] }
       end
-    "
+    EXAMPLE
 
     include FileReader
 

data/lib/resources/postgres_ident_conf.rb

@@ -9,11 +9,11 @@ module Inspec::Resources
     supports platform: 'unix'
     desc 'Use the postgres_ident_conf InSpec audit resource to test the client
           authentication data is controlled by a pg_ident.conf file.'
-    example "
+    example <<~EXAMPLE
       describe postgres_ident_conf.where { pg_username == 'acme_user' } do
         its('map_name') { should eq ['ssl-test'] }
       end
-    "
+    EXAMPLE
 
     include FileReader