inspec 4.3.2 → 4.6.3

data/lib/{resources → inspec/resources}/csv.rb

@@ -1,12 +1,12 @@
-# encoding: utf-8
+require "inspec/resources/json"
 
 # Parses a csv document
 # This implementation was inspired by a blog post
 # @see http://technicalpickles.com/posts/parsing-csv-with-ruby
 module Inspec::Resources
   class CsvConfig < JsonConfig
-    name 'csv'
-    desc 'Use the csv InSpec audit resource to test configuration data in a CSV file.'
+    name "csv"
+    desc "Use the csv InSpec audit resource to test configuration data in a CSV file."
     example <<~EXAMPLE
       describe csv('example.csv') do
         its('name') { should eq(['John', 'Alice']) }
@@ -20,7 +20,7 @@ module Inspec::Resources
     #      { 'name' => 'row2', 'col1' => 'value3', 'col2' => 'value4' }
     #    ]
     def parse(content)
-      require 'csv'
+      require "csv"
 
       # convert empty field to nil
       CSV::Converters[:blank_to_nil] = lambda do |field|
@@ -50,7 +50,7 @@ module Inspec::Resources
     # used by JsonConfig to build up a full to_s method
     # based on whether a file path, content, or command was supplied.
     def resource_base_name
-      'CSV'
+      "CSV"
     end
   end
 end

data/lib/{resources → inspec/resources}/dh_params.rb

@@ -1,11 +1,9 @@
-# encoding: utf-8
-
-require 'openssl'
-require 'utils/file_reader'
+require "openssl"
+require "inspec/utils/file_reader"
 
 class DhParams < Inspec.resource(1)
-  name 'dh_params'
-  supports platform: 'unix'
+  name "dh_params"
+  supports platform: "unix"
   desc '
     Use the `dh_params` InSpec audit resource to test Diffie-Hellman (DH)
     parameters.
@@ -44,7 +42,7 @@ class DhParams < Inspec.resource(1)
   # its('modulus') { should eq '00:91:a0:15:89:e5:bc:38:93:12:02:fc:...' }
   def modulus
     return if @dh_params.nil?
-    '00:' + @dh_params.p.to_s(16).downcase.scan(/.{2}/).join(':')
+    "00:" + @dh_params.p.to_s(16).downcase.scan(/.{2}/).join(":")
   end
 
   # its('pem') { should eq '-----BEGIN DH PARAMETERS...' }

data/lib/{resources → inspec/resources}/directory.rb

@@ -1,13 +1,11 @@
-# encoding: utf-8
-
-require 'resources/file'
+require "inspec/resources/file"
 
 module Inspec::Resources
   class Directory < FileResource
-    name 'directory'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the directory InSpec audit resource to test if the file type is a directory. This is equivalent to using the file InSpec audit resource and the be_directory matcher, but provides a simpler and more direct way to test directories. All of the matchers available to file may be used with directory.'
+    name "directory"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the directory InSpec audit resource to test if the file type is a directory. This is equivalent to using the file InSpec audit resource and the be_directory matcher, but provides a simpler and more direct way to test directories. All of the matchers available to file may be used with directory."
     example <<~EXAMPLE
       describe directory('path') do
         it { should be_directory }

data/lib/{resources → inspec/resources}/docker.rb

@@ -1,31 +1,31 @@
-# encoding: utf-8
 #
 # Copyright 2017, Christoph Hartmann
 #
 
-require 'utils/filter'
-require 'hashie/mash'
+require "inspec/resources/command"
+require "inspec/utils/filter"
+require "hashie/mash"
 
 module Inspec::Resources
   class DockerContainerFilter
     # use filtertable for containers
     filter = FilterTable.create
     filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    filter.register_column(:commands,       field: 'command')
-          .register_column(:ids,            field: 'id')
-          .register_column(:images,         field: 'image')
-          .register_column(:labels,         field: 'labels', style: :simple)
-          .register_column(:local_volumes,  field: 'localvolumes')
-          .register_column(:mounts,         field: 'mounts')
-          .register_column(:names,          field: 'names')
-          .register_column(:networks,       field: 'networks')
-          .register_column(:ports,          field: 'ports')
-          .register_column(:running_for,    field: 'runningfor')
-          .register_column(:sizes,          field: 'size')
-          .register_column(:status,         field: 'status')
-          .register_custom_matcher(:running?) { |x|
-            x.where { status.downcase.start_with?('up') }
-          }
+    filter.register_column(:commands,       field: "command")
+          .register_column(:ids,            field: "id")
+          .register_column(:images,         field: "image")
+          .register_column(:labels,         field: "labels", style: :simple)
+          .register_column(:local_volumes,  field: "localvolumes")
+          .register_column(:mounts,         field: "mounts")
+          .register_column(:names,          field: "names")
+          .register_column(:networks,       field: "networks")
+          .register_column(:ports,          field: "ports")
+          .register_column(:running_for,    field: "runningfor")
+          .register_column(:sizes,          field: "size")
+          .register_column(:status,         field: "status")
+          .register_custom_matcher(:running?) do |x|
+            x.where { status.downcase.start_with?("up") }
+          end
     filter.install_filter_methods_on_resource(self, :containers)
 
     attr_reader :containers
@@ -37,13 +37,13 @@ module Inspec::Resources
   class DockerImageFilter
     filter = FilterTable.create
     filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    filter.register_column(:ids,           field: 'id')
-          .register_column(:repositories,  field: 'repository')
-          .register_column(:tags,          field: 'tag')
-          .register_column(:sizes,         field: 'size')
-          .register_column(:digests,       field: 'digest')
-          .register_column(:created,       field: 'createdat')
-          .register_column(:created_since, field: 'createdsize')
+    filter.register_column(:ids,           field: "id")
+          .register_column(:repositories,  field: "repository")
+          .register_column(:tags,          field: "tag")
+          .register_column(:sizes,         field: "size")
+          .register_column(:digests,       field: "digest")
+          .register_column(:created,       field: "createdat")
+          .register_column(:created_since, field: "createdsize")
     filter.install_filter_methods_on_resource(self, :images)
 
     attr_reader :images
@@ -54,10 +54,10 @@ module Inspec::Resources
 
   class DockerPluginFilter
     filter = FilterTable.create
-    filter.add(:ids,      field: 'id')
-          .add(:names,    field: 'name')
-          .add(:versions, field: 'version')
-          .add(:enabled,  field: 'enabled')
+    filter.add(:ids,      field: "id")
+          .add(:names,    field: "name")
+          .add(:versions, field: "version")
+          .add(:enabled,  field: "enabled")
     filter.connect(self, :plugins)
 
     attr_reader :plugins
@@ -69,12 +69,12 @@ module Inspec::Resources
   class DockerServiceFilter
     filter = FilterTable.create
     filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    filter.register_column(:ids,      field: 'id')
-          .register_column(:names,    field: 'name')
-          .register_column(:modes,    field: 'mode')
-          .register_column(:replicas, field: 'replicas')
-          .register_column(:images,   field: 'image')
-          .register_column(:ports,    field: 'ports')
+    filter.register_column(:ids,      field: "id")
+          .register_column(:names,    field: "name")
+          .register_column(:modes,    field: "mode")
+          .register_column(:replicas, field: "replicas")
+          .register_column(:images,   field: "image")
+          .register_column(:ports,    field: "ports")
     filter.install_filter_methods_on_resource(self, :services)
 
     attr_reader :services
@@ -88,8 +88,8 @@ module Inspec::Resources
   # - docker_container
   # - docker_image
   class Docker < Inspec.resource(1)
-    name 'docker'
-    supports platform: 'unix'
+    name "docker"
+    supports platform: "unix"
     desc "
       A resource to retrieve information about docker
     "
@@ -148,22 +148,22 @@ module Inspec::Resources
     def version
       return @version if defined?(@version)
       data = {}
-      cmd = inspec.command('docker version --format \'{{ json . }}\'')
+      cmd = inspec.command("docker version --format '{{ json . }}'")
       data = JSON.parse(cmd.stdout) if cmd.exit_status == 0
       @version = Hashie::Mash.new(data)
     rescue JSON::ParserError => _e
-      return Hashie::Mash.new({})
+      Hashie::Mash.new({})
     end
 
     def info
       return @info if defined?(@info)
       data = {}
       # docke info format is only supported for Docker 17.03+
-      cmd = inspec.command('docker info --format \'{{ json . }}\'')
+      cmd = inspec.command("docker info --format '{{ json . }}'")
       data = JSON.parse(cmd.stdout) if cmd.exit_status == 0
       @info = Hashie::Mash.new(data)
     rescue JSON::ParserError => _e
-      return Hashie::Mash.new({})
+      Hashie::Mash.new({})
     end
 
     # returns information about docker objects
@@ -173,11 +173,11 @@ module Inspec::Resources
       data = data[0] if data.is_a?(Array)
       @inspect = Hashie::Mash.new(data)
     rescue JSON::ParserError => _e
-      return Hashie::Mash.new({})
+      Hashie::Mash.new({})
     end
 
     def to_s
-      'Docker Host'
+      "Docker Host"
     end
 
     private
@@ -188,11 +188,11 @@ module Inspec::Resources
       raw = inspec.command("docker #{subcommand} --format '{#{format.join(', ')}}'").stdout
       output = []
       # since docker is not outputting valid json, we need to parse each row
-      raw.each_line { |entry|
+      raw.each_line do |entry|
         # convert all keys to lower_case to work well with ruby and filter table
-        row = JSON.parse(entry).map { |key, value|
+        row = JSON.parse(entry).map do |key, value|
           [key.downcase, value]
-        }.to_h
+        end.to_h
 
         # ensure all keys are there
         row = ensure_keys(row, labels)
@@ -201,16 +201,16 @@ module Inspec::Resources
         # Depending on how it was linked, the actual container name may come before
         # or after the link information, so we'll just look for the first name that
         # does not include a slash since that is not a valid character in a container name
-        if row['names']
-          row['names'] = row['names'].split(',').find { |c| !c.include?('/') }
+        if row["names"]
+          row["names"] = row["names"].split(",").find { |c| !c.include?("/") }
         end
 
         # Split labels on ',' or set to empty array
         # Allows for `docker.containers.where { labels.include?('app=redis') }`
-        row['labels'] = row.key?('labels') ? row['labels'].split(',') : []
+        row["labels"] = row.key?("labels") ? row["labels"].split(",") : []
 
         output.push(row)
-      }
+      end
 
       output
     rescue JSON::ParserError => _e
@@ -225,21 +225,21 @@ module Inspec::Resources
       labels = %w{Command CreatedAt ID Image Labels Mounts Names Ports RunningFor Size Status}
 
       # Networks LocalVolumes work with 1.13+ only
-      if !version.empty? && Gem::Version.new(version['Client']['Version']) >= Gem::Version.new('1.13')
-        labels.push('Networks')
-        labels.push('LocalVolumes')
+      if !version.empty? && Gem::Version.new(version["Client"]["Version"]) >= Gem::Version.new("1.13")
+        labels.push("Networks")
+        labels.push("LocalVolumes")
       end
-      parse_json_command(labels, 'ps -a --no-trunc')
+      parse_json_command(labels, "ps -a --no-trunc")
     end
 
     def parse_services
-      parse_json_command(%w{ID Name Mode Replicas Image Ports}, 'service ls')
+      parse_json_command(%w{ID Name Mode Replicas Image Ports}, "service ls")
     end
 
     def ensure_keys(entry, labels)
-      labels.each { |key|
+      labels.each do |key|
         entry[key.downcase] = nil if !entry.key?(key.downcase)
-      }
+      end
       entry
     end
 
@@ -247,24 +247,24 @@ module Inspec::Resources
       # docker does not support the `json .` function here, therefore we need to emulate that behavior.
       raw_images = inspec.command('docker images -a --no-trunc --format \'{ "id": {{json .ID}}, "repository": {{json .Repository}}, "tag": {{json .Tag}}, "size": {{json .Size}}, "digest": {{json .Digest}}, "createdat": {{json .CreatedAt}}, "createdsize": {{json .CreatedSince}} }\'').stdout
       c_images = []
-      raw_images.each_line { |entry|
+      raw_images.each_line do |entry|
         c_images.push(JSON.parse(entry))
-      }
+      end
       c_images
     rescue JSON::ParserError => _e
-      warn 'Could not parse `docker images` output'
+      warn "Could not parse `docker images` output"
       []
     end
 
     def parse_plugins
       plugins = inspec.command('docker plugin ls --format \'{"id": {{json .ID}}, "name": "{{ with split .Name ":"}}{{index . 0}}{{end}}", "version": "{{ with split .Name ":"}}{{index . 1}}{{end}}", "enabled": {{json .Enabled}} }\'').stdout
       c_plugins = []
-      plugins.each_line { |entry|
+      plugins.each_line do |entry|
         c_plugins.push(JSON.parse(entry))
-      }
+      end
       c_plugins
     rescue JSON::ParserError => _e
-      warn 'Could not parse `docker plugin ls` output'
+      warn "Could not parse `docker plugin ls` output"
       []
     end
   end

data/lib/{resources → inspec/resources}/docker_container.rb

@@ -1,16 +1,16 @@
-# encoding: utf-8
 #
 # Copyright 2017, Christoph Hartmann
 
-require_relative 'docker_object'
+require "inspec/resources/docker"
+require_relative "docker_object"
 
 module Inspec::Resources
   class DockerContainer < Inspec.resource(1)
     include Inspec::Resources::DockerObject
 
-    name 'docker_container'
-    supports platform: 'unix'
-    desc ''
+    name "docker_container"
+    supports platform: "unix"
+    desc ""
     example <<~EXAMPLE
       describe docker_container('an-echo-server') do
         it { should exist }
@@ -40,7 +40,7 @@ module Inspec::Resources
     end
 
     def running?
-      status.downcase.start_with?('up') if object_info.entries.length == 1
+      status.downcase.start_with?("up") if object_info.entries.length == 1
     end
 
     def status

data/lib/{resources → inspec/resources}/docker_image.rb

@@ -1,16 +1,16 @@
-# encoding: utf-8
 #
 # Copyright 2017, Christoph Hartmann
 
-require_relative 'docker_object'
+require "inspec/resources/docker"
+require_relative "docker_object"
 
 module Inspec::Resources
   class DockerImage < Inspec.resource(1)
     include Inspec::Resources::DockerObject
 
-    name 'docker_image'
-    supports platform: 'unix'
-    desc ''
+    name "docker_image"
+    supports platform: "unix"
+    desc ""
     example <<~EXAMPLE
       describe docker_image('alpine:latest') do
         it { should exist }
@@ -59,11 +59,11 @@ module Inspec::Resources
       opts.merge!(parse_components_from_image(opts[:image]))
 
       # assume a "latest" tag if we don't have one
-      opts[:tag] ||= 'latest'
+      opts[:tag] ||= "latest"
 
       # if the ID isn't nil and doesn't contain a hash indicator (indicated by the presence
       # of a colon, which separates the indicator from the actual hash), we assume it's sha256.
-      opts[:id] = 'sha256:' + opts[:id] unless opts[:id].nil? || opts[:id].include?(':')
+      opts[:id] = "sha256:" + opts[:id] unless opts[:id].nil? || opts[:id].include?(":")
 
       # Assemble/reassemble the image from the repo and tag
       opts[:image] = "#{opts[:repo]}:#{opts[:tag]}" unless opts[:repo].nil?
@@ -75,9 +75,9 @@ module Inspec::Resources
     def object_info
       return @info if defined?(@info)
       opts = @opts
-      @info = inspec.docker.images.where {
+      @info = inspec.docker.images.where do
         (repository == opts[:repo] && tag == opts[:tag]) || (!id.nil? && !opts[:id].nil? && (id == opts[:id] || id.start_with?(opts[:id])))
-      }
+      end
     end
   end
 end

data/lib/{resources → inspec/resources}/docker_object.rb

@@ -1,11 +1,6 @@
-# encoding: utf-8
 #
 # Copyright 2017, Christoph Hartmann
 #
-# author: Christoph Hartmann
-# author: Patrick Muench
-# author: Dominik Richter
-# author: Matt Kulka
 
 module Inspec::Resources::DockerObject
   def exist?
@@ -23,30 +18,30 @@ module Inspec::Resources::DockerObject
     # option parameters, such as repo and tag. Return empty data back to the caller.
     return {} if image_string.nil?
 
-    first_colon = image_string.index(':') || -1
-    first_slash = image_string.index('/') || -1
+    first_colon = image_string.index(":") || -1
+    first_slash = image_string.index("/") || -1
 
-    if image_string.count(':') == 2
+    if image_string.count(":") == 2
       # If there are two colons in the image string, it contains a repo-with-port and a tag.
       # example: localhost:5000/chef/inspec:1.46.3
-      partitioned_string = image_string.rpartition(':')
+      partitioned_string = image_string.rpartition(":")
       repo = partitioned_string.first
       tag = partitioned_string.last
-      image_name = repo.split('/')[1..-1].join
-    elsif image_string.count(':') == 1 && first_colon < first_slash
+      image_name = repo.split("/")[1..-1].join
+    elsif image_string.count(":") == 1 && first_colon < first_slash
       # If there's one colon in the image string, and it comes before a forward-slash,
       # it contains a repo-with-port but no tag.
       # example: localhost:5000/ubuntu
       repo = image_string
       tag = nil
-      image_name = repo.split('/')[1..-1].join
+      image_name = repo.split("/")[1..-1].join
     else
       # If there's one colon in the image string and it doesn't preceed a slash, or if
       # there is no colon at all, then it separates the repo from the tag, if there is a tag.
       # example: chef/inspec:1.46.3
       # example: chef/inspec
       # example: ubuntu:14.04
-      repo, tag = image_string.split(':')
+      repo, tag = image_string.split(":")
       image_name = repo
     end