RubyGems - inspec - Versions diffs - 4.3.2 → 4.6.3 - Mend

inspec 4.3.2 → 4.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (368) hide show

checksums.yaml +4 -4
data/Gemfile +36 -38
data/README.md +37 -21
data/etc/deprecations.json +10 -0
data/etc/plugin_filters.json +8 -0
data/inspec.gemspec +38 -39
data/lib/bundles/inspec-compliance/api.rb +1 -1
data/lib/bundles/inspec-compliance/configuration.rb +1 -1
data/lib/bundles/inspec-compliance/http.rb +1 -1
data/lib/bundles/inspec-compliance/support.rb +1 -1
data/lib/bundles/inspec-compliance/target.rb +1 -1
data/lib/bundles/inspec-supermarket.rb +3 -7
data/lib/bundles/inspec-supermarket/api.rb +10 -13
data/lib/bundles/inspec-supermarket/cli.rb +12 -15
data/lib/bundles/inspec-supermarket/target.rb +7 -11
data/lib/fetchers/git.rb +14 -15
data/lib/fetchers/local.rb +6 -10
data/lib/fetchers/mock.rb +3 -5
data/lib/fetchers/url.rb +42 -44
data/lib/inspec.rb +23 -24
data/lib/inspec/archive/tar.rb +2 -6
data/lib/inspec/archive/zip.rb +3 -7
data/lib/inspec/backend.rb +8 -9
data/lib/inspec/base_cli.rb +64 -65
data/lib/inspec/cached_fetcher.rb +2 -3
data/lib/inspec/cli.rb +136 -97
data/lib/inspec/config.rb +71 -61
data/lib/inspec/control_eval_context.rb +22 -18
data/lib/inspec/dependencies/cache.rb +2 -3
data/lib/inspec/dependencies/dependency_set.rb +2 -3
data/lib/inspec/dependencies/lockfile.rb +8 -9
data/lib/inspec/dependencies/requirement.rb +7 -8
data/lib/inspec/dependencies/resolver.rb +5 -7
data/lib/inspec/describe.rb +2 -6
data/lib/inspec/dist.rb +20 -0
data/lib/inspec/dsl.rb +4 -7
data/lib/inspec/dsl_shared.rb +1 -2
data/lib/inspec/env_printer.rb +11 -12
data/lib/inspec/errors.rb +0 -4
data/lib/inspec/exceptions.rb +0 -1
data/lib/inspec/expect.rb +5 -8
data/lib/inspec/fetcher.rb +7 -10
data/lib/inspec/file_provider.rb +24 -24
data/lib/inspec/formatters.rb +3 -3
data/lib/inspec/formatters/base.rb +8 -8
data/lib/inspec/globals.rb +2 -2
data/lib/inspec/impact.rb +5 -7
data/lib/inspec/input_registry.rb +84 -33
data/lib/inspec/library_eval_context.rb +3 -6
data/lib/inspec/log.rb +1 -5
data/lib/inspec/metadata.rb +17 -16
data/lib/inspec/method_source.rb +5 -9
data/lib/inspec/objects.rb +10 -12
data/lib/inspec/objects/control.rb +7 -9
data/lib/inspec/objects/describe.rb +9 -11
data/lib/inspec/objects/each_loop.rb +1 -3
data/lib/inspec/objects/input.rb +24 -26
data/lib/inspec/objects/list.rb +4 -6
data/lib/inspec/objects/or_test.rb +2 -4
data/lib/inspec/objects/ruby_helper.rb +3 -5
data/lib/inspec/objects/tag.rb +0 -2
data/lib/inspec/objects/test.rb +9 -11
data/lib/inspec/objects/value.rb +3 -5
data/lib/inspec/plugin/v1.rb +2 -2
data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
data/lib/inspec/plugin/v1/plugins.rb +15 -19
data/lib/inspec/plugin/v1/registry.rb +0 -4
data/lib/inspec/plugin/v2.rb +8 -8
data/lib/inspec/plugin/v2/activator.rb +1 -1
data/lib/inspec/plugin/v2/config_file.rb +6 -6
data/lib/inspec/plugin/v2/filter.rb +13 -13
data/lib/inspec/plugin/v2/installer.rb +36 -24
data/lib/inspec/plugin/v2/loader.rb +28 -28
data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
data/lib/inspec/plugin/v2/registry.rb +7 -7
data/lib/inspec/polyfill.rb +0 -3
data/lib/inspec/profile.rb +55 -63
data/lib/inspec/profile_context.rb +27 -30
data/lib/inspec/profile_vendor.rb +6 -9
data/lib/inspec/reporters.rb +24 -24
data/lib/inspec/reporters/automate.rb +17 -19
data/lib/inspec/reporters/base.rb +1 -1
data/lib/inspec/reporters/cli.rb +88 -91
data/lib/inspec/reporters/json.rb +2 -4
data/lib/inspec/reporters/json_automate.rb +1 -3
data/lib/inspec/reporters/json_min.rb +1 -3
data/lib/inspec/reporters/junit.rb +26 -28
data/lib/inspec/reporters/yaml.rb +1 -3
data/lib/inspec/require_loader.rb +0 -4
data/lib/inspec/resource.rb +4 -125
data/lib/inspec/resources.rb +121 -0
data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
data/lib/{resources → inspec/resources}/apache.rb +13 -14
data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
data/lib/{resources → inspec/resources}/apt.rb +17 -17
data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
data/lib/{resources → inspec/resources}/auditd.rb +62 -64
data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
data/lib/{resources → inspec/resources}/bash.rb +6 -8
data/lib/{resources → inspec/resources}/bond.rb +15 -14
data/lib/{resources → inspec/resources}/bridge.rb +8 -8
data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
data/lib/{resources → inspec/resources}/command.rb +11 -10
data/lib/{resources → inspec/resources}/cpan.rb +12 -12
data/lib/{resources → inspec/resources}/cran.rb +9 -9
data/lib/{resources → inspec/resources}/crontab.rb +47 -48
data/lib/{resources → inspec/resources}/csv.rb +5 -5
data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
data/lib/{resources → inspec/resources}/directory.rb +5 -7
data/lib/{resources → inspec/resources}/docker.rb +63 -63
data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
data/lib/{resources → inspec/resources}/file.rb +80 -79
data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
data/lib/{resources → inspec/resources}/gem.rb +12 -12
data/lib/{resources → inspec/resources}/groups.rb +28 -27
data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
data/lib/{resources → inspec/resources}/host.rb +31 -29
data/lib/{resources → inspec/resources}/http.rb +24 -24
data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
data/lib/{resources → inspec/resources}/ini.rb +7 -8
data/lib/{resources → inspec/resources}/interface.rb +30 -30
data/lib/{resources → inspec/resources}/iptables.rb +8 -8
data/lib/{resources → inspec/resources}/json.rb +8 -10
data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
data/lib/{resources → inspec/resources}/ksh.rb +6 -8
data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
data/lib/{resources → inspec/resources}/mount.rb +6 -8
data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
data/lib/inspec/resources/mysql.rb +81 -0
data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
data/lib/{resources → inspec/resources}/nginx.rb +16 -17
data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
data/lib/{resources → inspec/resources}/npm.rb +9 -10
data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
data/lib/{resources → inspec/resources}/oneget.rb +8 -8
data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
data/lib/{resources → inspec/resources}/os.rb +6 -8
data/lib/{resources → inspec/resources}/os_env.rb +11 -12
data/lib/{resources → inspec/resources}/package.rb +66 -65
data/lib/{resources → inspec/resources}/packages.rb +13 -13
data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
data/lib/{resources → inspec/resources}/passwd.rb +18 -19
data/lib/{resources → inspec/resources}/pip.rb +19 -19
data/lib/{resources → inspec/resources}/platform.rb +9 -11
data/lib/{resources → inspec/resources}/port.rb +134 -136
data/lib/{resources → inspec/resources}/postgres.rb +40 -32
data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
data/lib/{resources → inspec/resources}/powershell.rb +17 -13
data/lib/{resources → inspec/resources}/processes.rb +29 -29
data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
data/lib/inspec/resources/script.rb +1 -0
data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
data/lib/{resources → inspec/resources}/service.rb +74 -75
data/lib/{resources → inspec/resources}/shadow.rb +44 -45
data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
data/lib/{resources → inspec/resources}/ssl.rb +28 -29
data/lib/inspec/resources/sys_info.rb +30 -0
data/lib/{resources → inspec/resources}/toml.rb +5 -7
data/lib/{resources → inspec/resources}/users.rb +65 -65
data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
data/lib/{resources → inspec/resources}/wmi.rb +7 -8
data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
data/lib/{resources → inspec/resources}/xml.rb +7 -7
data/lib/{resources → inspec/resources}/yaml.rb +5 -6
data/lib/{resources → inspec/resources}/yum.rb +10 -10
data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
data/lib/inspec/rspec_extensions.rb +24 -8
data/lib/inspec/rule.rb +14 -15
data/lib/inspec/runner.rb +28 -28
data/lib/inspec/runner_mock.rb +1 -5
data/lib/inspec/runner_rspec.rb +18 -20
data/lib/inspec/runtime_profile.rb +2 -5
data/lib/inspec/schema.rb +142 -143
data/lib/inspec/secrets.rb +3 -7
data/lib/inspec/secrets/yaml.rb +3 -5
data/lib/inspec/shell.rb +11 -15
data/lib/inspec/shell_detector.rb +6 -7
data/lib/inspec/source_reader.rb +4 -8
data/lib/inspec/ui.rb +33 -39
data/lib/inspec/ui_table_helper.rb +12 -0
data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
data/lib/{utils → inspec/utils}/convert.rb +0 -4
data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
data/lib/inspec/utils/deprecation.rb +6 -0
data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
data/lib/{utils → inspec/utils}/filter.rb +30 -33
data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
data/lib/{utils → inspec/utils}/find_files.rb +9 -12
data/lib/{utils → inspec/utils}/hash.rb +1 -5
data/lib/inspec/utils/json_log.rb +15 -0
data/lib/inspec/utils/latest_version.rb +13 -0
data/lib/{utils → inspec/utils}/modulator.rb +0 -3
data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
data/lib/{utils → inspec/utils}/parser.rb +45 -45
data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
data/lib/{utils → inspec/utils}/spdx.rb +1 -4
data/lib/{utils → inspec/utils}/spdx.txt +0 -0
data/lib/inspec/utils/telemetry.rb +3 -3
data/lib/inspec/utils/telemetry/collector.rb +30 -9
data/lib/inspec/utils/telemetry/data_series.rb +3 -1
data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
data/lib/inspec/version.rb +1 -1
data/lib/matchers/matchers.rb +22 -25
data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +12 -11
data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +12 -14
data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +39 -41
data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +64 -64
data/lib/plugins/inspec-compliance/test/unit/api_test.rb +157 -156
data/lib/plugins/inspec-compliance/test/unit/target_test.rb +85 -85
data/lib/plugins/inspec-habitat/Berksfile +2 -2
data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +1 -1
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +8 -8
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +17 -17
data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +9 -8
data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +14 -14
data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +4 -4
data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +42 -41
data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +5 -5
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +1 -3
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +2 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +2 -2
data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +10 -11
data/lib/plugins/inspec-init/templates/profiles/azure/controls/example.rb +4 -5
data/lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb +10 -11
data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +51 -50
data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +35 -33
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +1 -1
data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +281 -271
data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +41 -41
data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +25 -6
data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
data/lib/resource_support/aws.rb +67 -67
data/lib/resource_support/aws/aws_plural_resource_mixin.rb +4 -1
data/lib/resource_support/aws/aws_resource_mixin.rb +4 -3
data/lib/resource_support/aws/aws_singular_resource_mixin.rb +4 -1
data/lib/resources/aws/aws_billing_report.rb +15 -8
data/lib/resources/aws/aws_billing_reports.rb +10 -7
data/lib/resources/aws/aws_cloudtrail_trail.rb +9 -5
data/lib/resources/aws/aws_cloudtrail_trails.rb +9 -5
data/lib/resources/aws/aws_cloudwatch_alarm.rb +9 -5
data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +12 -8
data/lib/resources/aws/aws_config_delivery_channel.rb +13 -9
data/lib/resources/aws/aws_config_recorder.rb +10 -6
data/lib/resources/aws/aws_ebs_volume.rb +12 -8
data/lib/resources/aws/aws_ebs_volumes.rb +9 -5
data/lib/resources/aws/aws_ec2_instance.rb +14 -11
data/lib/resources/aws/aws_ec2_instances.rb +9 -5
data/lib/resources/aws/aws_ecs_cluster.rb +11 -7
data/lib/resources/aws/aws_eks_cluster.rb +13 -9
data/lib/resources/aws/aws_elb.rb +9 -5
data/lib/resources/aws/aws_elbs.rb +9 -5
data/lib/resources/aws/aws_flow_log.rb +17 -13
data/lib/resources/aws/aws_iam_access_key.rb +15 -11
data/lib/resources/aws/aws_iam_access_keys.rb +19 -15
data/lib/resources/aws/aws_iam_group.rb +9 -5
data/lib/resources/aws/aws_iam_groups.rb +9 -5
data/lib/resources/aws/aws_iam_password_policy.rb +13 -10
data/lib/resources/aws/aws_iam_policies.rb +9 -5
data/lib/resources/aws/aws_iam_policy.rb +16 -12
data/lib/resources/aws/aws_iam_role.rb +9 -5
data/lib/resources/aws/aws_iam_root_user.rb +12 -8
data/lib/resources/aws/aws_iam_user.rb +12 -12
data/lib/resources/aws/aws_iam_users.rb +10 -10
data/lib/resources/aws/aws_kms_key.rb +12 -8
data/lib/resources/aws/aws_kms_keys.rb +9 -5
data/lib/resources/aws/aws_rds_instance.rb +11 -8
data/lib/resources/aws/aws_route_table.rb +11 -7
data/lib/resources/aws/aws_route_tables.rb +10 -6
data/lib/resources/aws/aws_s3_bucket.rb +14 -11
data/lib/resources/aws/aws_s3_bucket_object.rb +12 -9
data/lib/resources/aws/aws_s3_buckets.rb +9 -7
data/lib/resources/aws/aws_security_group.rb +16 -12
data/lib/resources/aws/aws_security_groups.rb +12 -8
data/lib/resources/aws/aws_sns_subscription.rb +15 -11
data/lib/resources/aws/aws_sns_topic.rb +10 -6
data/lib/resources/aws/aws_sns_topics.rb +9 -5
data/lib/resources/aws/aws_sqs_queue.rb +18 -14
data/lib/resources/aws/aws_subnet.rb +11 -7
data/lib/resources/aws/aws_subnets.rb +9 -5
data/lib/resources/aws/aws_vpc.rb +10 -6
data/lib/resources/aws/aws_vpcs.rb +9 -5
data/lib/resources/azure/azure_backend.rb +20 -18
data/lib/resources/azure/azure_generic_resource.rb +13 -15
data/lib/resources/azure/azure_resource_group.rb +17 -19
data/lib/resources/azure/azure_virtual_machine.rb +6 -8
data/lib/resources/azure/azure_virtual_machine_data_disk.rb +6 -8
data/lib/source_readers/flat.rb +6 -10
data/lib/source_readers/inspec.rb +8 -12
metadata +141 -142
data/lib/resources/mysql.rb +0 -82
data/lib/resources/sys_info.rb +0 -28
data/lib/utils/deprecation.rb +0 -6
data/lib/utils/json_log.rb +0 -18
data/lib/utils/latest_version.rb +0 -22

data/lib/{resources → inspec/resources}/firewalld.rb RENAMED

@@ -1,4 +1,4 @@
-# encoding: utf-8
+require "inspec/resources/command"
 module Inspec::Resources
   class FirewallD < Inspec.resource(1)
@@ -7,9 +7,9 @@ module Inspec::Resources
     #  set to allow users in group "wheel" to perform any commands without authentication.
     ###
-    name 'firewalld'
-    supports platform: 'linux'
-    desc 'Use the firewalld resource to check and see if firewalld is configured to grand or deny access to specific hosts or services'
+    name "firewalld"
+    supports platform: "linux"
+    desc "Use the firewalld resource to check and see if firewalld is configured to grand or deny access to specific hosts or services"
     example <<~EXAMPLE
       describe firewalld do
         it { should be_running }
@@ -28,10 +28,10 @@ module Inspec::Resources
     attr_reader :params
     filter = FilterTable.create
-    filter.register_column(:zone,       field: 'zone')
-          .register_column(:interfaces, field: 'interfaces')
-          .register_column(:sources,    field: 'sources')
-          .register_column(:services,   field: 'services')
+    filter.register_column(:zone,       field: "zone")
+          .register_column(:interfaces, field: "interfaces")
+          .register_column(:sources,    field: "sources")
+          .register_column(:services,   field: "services")
     filter.install_filter_methods_on_resource(self, :params)
@@ -40,50 +40,50 @@ module Inspec::Resources
     end
     def installed?
-      inspec.command('firewall-cmd').exist?
+      inspec.command("firewall-cmd").exist?
     end
     def has_zone?(query_zone)
       return false unless installed?
-      result = firewalld_command('--get-zones').split(' ')
+      result = firewalld_command("--get-zones").split(" ")
       result.include?(query_zone)
     end
     def running?
       return false unless installed?
-      result = firewalld_command('--state')
+      result = firewalld_command("--state")
       result =~ /^running/ ? true : false
     end
     def default_zone
       # return: word associated with the name of the default zone
       # example: 'public'
-      firewalld_command('--get-default-zone')
+      firewalld_command("--get-default-zone")
     end
     def has_service_enabled_in_zone?(query_service, query_zone = default_zone)
-      firewalld_command("--zone=#{query_zone} --query-service=#{query_service}") == 'yes'
+      firewalld_command("--zone=#{query_zone} --query-service=#{query_service}") == "yes"
     end
     def service_ports_enabled_in_zone(query_service, query_zone = default_zone)
       # return: String of ports open
       # example: ['22/tcp', '4722/tcp']
-      firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-ports --permanent").split(' ')
+      firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-ports --permanent").split(" ")
     end
     def service_protocols_enabled_in_zone(query_service, query_zone = default_zone)
       # return: String of protocoals open
       # example: ['icmp', 'ipv4', 'igmp']
-      firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-protocols --permanent").split(' ')
+      firewalld_command("--zone=#{query_zone} --service=#{query_service} --get-protocols --permanent").split(" ")
     end
     def has_port_enabled_in_zone?(query_port, query_zone = default_zone)
-      firewalld_command("--zone=#{query_zone} --query-port=#{query_port}") == 'yes'
+      firewalld_command("--zone=#{query_zone} --query-port=#{query_port}") == "yes"
     end
     def has_rule_enabled?(rule, query_zone = default_zone)
-      rule = "rule #{rule}" unless rule.start_with?('rule')
-      firewalld_command("--zone=#{query_zone} --query-rich-rule='#{rule}'") == 'yes'
+      rule = "rule #{rule}" unless rule.start_with?("rule")
+      firewalld_command("--zone=#{query_zone} --query-rich-rule='#{rule}'") == "yes"
     end
     private
@@ -96,7 +96,7 @@ module Inspec::Resources
       # example:
       #   public
       #       interfaces: enp0s3
-      firewalld_command('--get-active-zones')
+      firewalld_command("--get-active-zones")
     end
     def parse_active_zones(content)
@@ -110,29 +110,29 @@ module Inspec::Resources
     def parse_line(line)
       zone = line.split("\n")[0]
       {
-        'zone' => zone,
-        'interfaces' => line.split(':')[1].split(' '),
-        'services' =>   services_bound(zone),
-        'sources' =>    sources_bound(zone),
+        "zone" => zone,
+        "interfaces" => line.split(":")[1].split(" "),
+        "services" => services_bound(zone),
+        "sources" => sources_bound(zone),
       }
     end
     def sources_bound(query_zone)
       # result: a list containing either an ip address or ip address with a mask, or a ipset or an ipset with the ipset prefix.
       # example: ['192.168.0.4', '192.168.0.0/16', '2111:DB28:ABC:12::', '2111:db89:ab3d:0112::0/64']
-      firewalld_command("--zone=#{query_zone} --list-sources").split(' ')
+      firewalld_command("--zone=#{query_zone} --list-sources").split(" ")
     end
     def services_bound(query_zone)
       # result: a list of services bound to a zone.
       # example: ['ssh', 'dhcpv6-client']
-      firewalld_command("--zone=#{query_zone} --list-services").split(' ')
+      firewalld_command("--zone=#{query_zone} --list-services").split(" ")
     end
     def firewalld_command(command)
       command = "firewall-cmd #{command}"
       result = inspec.command(command)
-      if result.stderr != ''
+      if result.stderr != ""
         return "Error on command #{command}: #{result.stderr}"
       end
       result.stdout.strip

data/lib/{resources → inspec/resources}/gem.rb RENAMED

@@ -1,11 +1,11 @@
-# encoding: utf-8
+require "inspec/resources/command"
 module Inspec::Resources
   class GemPackage < Inspec.resource(1)
-    name 'gem'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the gem InSpec audit resource to test if a global gem package is installed.'
+    name "gem"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the gem InSpec audit resource to test if a global gem package is installed."
     example <<~EXAMPLE
       describe gem('rubocop') do
         it { should be_installed }
@@ -19,37 +19,37 @@ module Inspec::Resources
       @package_name = package_name
       @gem_binary = case gem_binary
                     when nil
-                      'gem'
+                      "gem"
                     when :chef
                       if inspec.os.windows?
                         'c:\opscode\chef\embedded\bin\gem.bat'
                       else
-                        '/opt/chef/embedded/bin/gem'
+                        "/opt/chef/embedded/bin/gem"
                       end
                     when :chef_server
-                      '/opt/opscode/embedded/bin/gem'
+                      "/opt/opscode/embedded/bin/gem"
                     else
                       gem_binary
                     end
-      skip_resource 'Unable to retrieve gem information' if info.empty?
+      skip_resource "Unable to retrieve gem information" if info.empty?
     end
     def info
       return @info if defined?(@info)
       cmd = inspec.command("#{@gem_binary} list --local -a -q \^#{@package_name}\$")
-      return {} unless cmd.exit_status.zero?
+      return {} unless cmd.exit_status == 0
       # extract package name and version
       # parses data like winrm (1.3.4, 1.3.3)
       params = /^\s*([^\(]*?)\s*\((.*?)\)\s*$/.match(cmd.stdout.chomp)
       @info = {
         installed: !params.nil?,
-        type: 'gem',
+        type: "gem",
       }
       return @info unless @info[:installed]
-      versions = params[2].split(',').map(&:strip)
+      versions = params[2].split(",").map(&:strip)
       @info[:name] = params[1]
       @info[:version] = versions[0]
       @info[:versions] = versions

data/lib/{resources → inspec/resources}/groups.rb RENAMED

@@ -1,6 +1,7 @@
-# encoding: utf-8
-require 'utils/filter'
+require "inspec/resources/etc_group"
+require "inspec/resources/powershell"
+require "inspec/resources/parse_config"
+require "inspec/utils/filter"
 module Inspec::Resources
   # This file contains two resources, the `group` and `groups` resource.
@@ -24,10 +25,10 @@ module Inspec::Resources
   class Groups < Inspec.resource(1)
     include GroupManagementSelector
-    name 'groups'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the group InSpec audit resource to test groups on the system. Groups can be filtered.'
+    name "groups"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the group InSpec audit resource to test groups on the system. Groups can be filtered."
     example <<~EXAMPLE
       describe groups.where { name == 'root'} do
         its('names') { should eq ['root'] }
@@ -43,19 +44,19 @@ module Inspec::Resources
     def initialize
       # select group manager
       @group_provider = select_group_manager(inspec.os)
-      return skip_resource 'The `groups` resource is not supported on your OS yet.' if @group_provider.nil?
+      return skip_resource "The `groups` resource is not supported on your OS yet." if @group_provider.nil?
     end
     filter = FilterTable.create
     filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
-    filter.register_column(:names,     field: 'name')
-          .register_column(:gids,      field: 'gid')
-          .register_column(:domains,   field: 'domain')
-          .register_column(:members,   field: 'members', style: :simple)
+    filter.register_column(:names,     field: "name")
+          .register_column(:gids,      field: "gid")
+          .register_column(:domains,   field: "domain")
+          .register_column(:members,   field: "members", style: :simple)
     filter.install_filter_methods_on_resource(self, :collect_group_details)
     def to_s
-      'Groups'
+      "Groups"
     end
     private
@@ -76,10 +77,10 @@ module Inspec::Resources
   class Group < Inspec.resource(1)
     include GroupManagementSelector
-    name 'group'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the group InSpec audit resource to test groups on the system.'
+    name "group"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the group InSpec audit resource to test groups on the system."
     example <<~EXAMPLE
       describe group('root') do
         it { should exist }
@@ -96,7 +97,7 @@ module Inspec::Resources
       # select group manager
       @group_provider = select_group_manager(inspec.os)
-      return skip_resource 'The `group` resource is not supported on your OS yet.' if @group_provider.nil?
+      return skip_resource "The `group` resource is not supported on your OS yet." if @group_provider.nil?
     end
     # verifies if a group exists
@@ -105,11 +106,11 @@ module Inspec::Resources
     end
     def gid
-      flatten_entry(group_info, 'gid')
+      flatten_entry(group_info, "gid")
     end
     def members
-      flatten_entry(group_info, 'members')
+      flatten_entry(group_info, "members")
     end
     def local
@@ -130,7 +131,7 @@ module Inspec::Resources
       elsif entries.size == 1
         entries.first.send(prop)
       else
-        raise 'found more than one group with the same name, please use `groups` resource'
+        raise "found more than one group with the same name, please use `groups` resource"
       end
     end
@@ -148,7 +149,7 @@ module Inspec::Resources
     end
     def groups
-      raise 'group provider must implement the `groups` method'
+      raise "group provider must implement the `groups` method"
     end
   end
@@ -163,7 +164,7 @@ module Inspec::Resources
   # This uses `dscacheutil` to get the group info instead of `etc_group`
   class DarwinGroup < GroupInfo
     def groups
-      group_info = inspec.command('dscacheutil -q group').stdout.split("\n\n")
+      group_info = inspec.command("dscacheutil -q group").stdout.split("\n\n")
       groups = []
       regex = /^([^:]*?)\s*:\s(.*?)\s*$/
@@ -172,11 +173,11 @@ module Inspec::Resources
       end
       # Convert the `dscacheutil` groups to match `inspec.etc_group.entries`
-      groups.each { |g| g['gid'] = g['gid'].to_i }
+      groups.each { |g| g["gid"] = g["gid"].to_i }
       groups.each do |g|
-        next if g['users'].nil?
-        g['members'] = g.delete('users')
-        g['members'].tr!(' ', ',')
+        next if g["users"].nil?
+        g["members"] = g.delete("users")
+        g["members"].tr!(" ", ",")
       end
     end
   end

data/lib/{resources → inspec/resources}/grub_conf.rb RENAMED

@@ -1,12 +1,10 @@
-# encoding: utf-8
-require 'utils/simpleconfig'
-require 'utils/file_reader'
+require "inspec/utils/simpleconfig"
+require "inspec/utils/file_reader"
 class GrubConfig < Inspec.resource(1)
-  name 'grub_conf'
-  supports platform: 'unix'
-  desc 'Use the grub_conf InSpec audit resource to test the boot config of Linux systems that use Grub.'
+  name "grub_conf"
+  supports platform: "unix"
+  desc "Use the grub_conf InSpec audit resource to test the boot config of Linux systems that use Grub."
   example <<~EXAMPLE
     describe grub_conf('/etc/grub.conf',  'default') do
       its('kernel') { should include '/vmlinuz-2.6.32-573.7.1.el6.x86_64' }
@@ -28,23 +26,23 @@ class GrubConfig < Inspec.resource(1)
   def initialize(path = nil, kernel = nil)
     config_for_platform(path)
     @content = read_file(@conf_path)
-    @kernel = kernel || 'default'
+    @kernel = kernel || "default"
   rescue UnknownGrubConfig
-    return skip_resource 'The `grub_config` resource is not supported on your OS yet.'
+    skip_resource "The `grub_config` resource is not supported on your OS yet."
   end
   def config_for_platform(path)
     os = inspec.os
-    if os.redhat? || os[:name] == 'fedora'
+    if os.redhat? || os[:name] == "fedora"
       config_for_redhatish(path)
     elsif os.debian?
-      @conf_path = path || '/boot/grub/grub.cfg'
-      @defaults_path = '/etc/default/grub'
-      @grubenv_path = '/boot/grub2/grubenv'
-      @version = 'grub2'
-    elsif os[:name] == 'amazon'
-      @conf_path = path || '/etc/grub.conf'
-      @version = 'legacy'
+      @conf_path = path || "/boot/grub/grub.cfg"
+      @defaults_path = "/etc/default/grub"
+      @grubenv_path = "/boot/grub2/grubenv"
+      @version = "grub2"
+    elsif os[:name] == "amazon"
+      @conf_path = path || "/etc/grub.conf"
+      @version = "legacy"
     else
       raise UnknownGrubConfig
     end
@@ -52,13 +50,13 @@ class GrubConfig < Inspec.resource(1)
   def config_for_redhatish(path)
     if inspec.os[:release].to_f < 7
-      @conf_path = path || '/etc/grub.conf'
-      @version = 'legacy'
+      @conf_path = path || "/etc/grub.conf"
+      @version = "legacy"
     else
-      @conf_path = path || '/boot/grub2/grub.cfg'
-      @defaults_path = '/etc/default/grub'
-      @grubenv_path = '/boot/grub2/grubenv'
-      @version = 'grub2'
+      @conf_path = path || "/boot/grub2/grub.cfg"
+      @defaults_path = "/etc/default/grub"
+      @grubenv_path = "/boot/grub2/grubenv"
+      @version = "grub2"
     end
   end
@@ -67,7 +65,7 @@ class GrubConfig < Inspec.resource(1)
   end
   def to_s
-    'Grub Config'
+    "Grub Config"
   end
   private
@@ -79,10 +77,10 @@ class GrubConfig < Inspec.resource(1)
   def grub2_parse_kernel_lines(content, conf)
     menu_entries = extract_menu_entries(content)
-    if @kernel == 'default'
-      default_menu_entry(menu_entries, conf['GRUB_DEFAULT'])
+    if @kernel == "default"
+      default_menu_entry(menu_entries, conf["GRUB_DEFAULT"])
     else
-      menu_entries.find { |entry| entry['name'] == @kernel }
+      menu_entries.find { |entry| entry["name"] == @kernel }
     end
   end
@@ -93,7 +91,7 @@ class GrubConfig < Inspec.resource(1)
     lines.each_with_index do |line, index|
       next unless line =~ /^menuentry\s+.*/
       entry = {}
-      entry['insmod'] = []
+      entry["insmod"] = []
       # Extract name from menuentry line
       capture_data = line.match(/(?:^|\s+).*menuentry\s*['|"](.*)['|"]\s*--/)
@@ -101,20 +99,20 @@ class GrubConfig < Inspec.resource(1)
         raise Inspec::Exceptions::ResourceFailed "Failed to extract menuentry name from #{line}"
       end
-      entry['name'] = capture_data.captures[0]
+      entry["name"] = capture_data.captures[0]
       # Begin processing from index forward until a `}` line is met
-      lines.drop(index+1).each do |mline|
+      lines.drop(index + 1).each do |mline|
         break if mline =~ /^\s*}\s*$/
         case mline
         when /(?:^|\s*)initrd.*/
-          entry['initrd'] = mline.split(' ')[1]
+          entry["initrd"] = mline.split(" ")[1]
         when /(?:^|\s*)linux.*/
-          entry['kernel'] = mline.split
+          entry["kernel"] = mline.split
         when /(?:^|\s*)set root=.*/
-          entry['root'] = mline.split('=')[1].tr('\'', '')
+          entry["root"] = mline.split("=")[1].tr("'", "")
         when /(?:^|\s*)insmod.*/
-          entry['insmod'] << mline.split(' ')[1]
+          entry["insmod"] << mline.split(" ")[1]
         end
       end
@@ -127,7 +125,7 @@ class GrubConfig < Inspec.resource(1)
   def default_menu_entry(menu_entries, default)
     # If the default entry isn't `saved` then a number is used as an index.
     # By default this is `0`, which would be the first item in the list.
-    return menu_entries[default.to_i] unless default == 'saved'
+    return menu_entries[default.to_i] unless default == "saved"
     grubenv_contents = inspec.file(@grubenv_path).content
@@ -137,8 +135,8 @@ class GrubConfig < Inspec.resource(1)
     # of these reflect the default Grub2 behavior.
     return menu_entries[0] if grubenv_contents.nil?
-    default_name = SimpleConfig.new(grubenv_contents).params['saved_entry']
-    default_entry = menu_entries.select { |k| k['name'] == default_name }[0]
+    default_name = SimpleConfig.new(grubenv_contents).params["saved_entry"]
+    default_entry = menu_entries.select { |k| k["name"] == default_name }[0]
     return default_entry unless default_entry.nil?
     # It is possible for the saved entry to not be valid . For example, grubenv
@@ -157,14 +155,14 @@ class GrubConfig < Inspec.resource(1)
     kernel_opts = {}
     lines.each_with_index do |file_line, index|
       next unless file_line =~ /^title.*/
-      current_kernel = file_line.split(' ', 2)[1]
-      lines.drop(index+1).each do |kernel_line|
+      current_kernel = file_line.split(" ", 2)[1]
+      lines.drop(index + 1).each do |kernel_line|
         if kernel_line =~ /^\s.*/
-          option_type = kernel_line.split(' ')[0]
-          line_options = kernel_line.split(' ').drop(1)
-          if (menu_entry == conf['default'].to_i && @kernel == 'default') || current_kernel == @kernel
-            if option_type == 'kernel'
-              kernel_opts['kernel'] = line_options
+          option_type = kernel_line.split(" ")[0]
+          line_options = kernel_line.split(" ").drop(1)
+          if (menu_entry == conf["default"].to_i && @kernel == "default") || current_kernel == @kernel
+            if option_type == "kernel"
+              kernel_opts["kernel"] = line_options
             else
               kernel_opts[option_type] = line_options[0]
             end
@@ -187,11 +185,11 @@ class GrubConfig < Inspec.resource(1)
     content = read_file(@conf_path)
-    if @version == 'legacy'
+    if @version == "legacy"
       # parse the file
       conf = SimpleConfig.new(
         content,
-        multiple_values: true,
+        multiple_values: true
       ).params
       # convert single entry arrays into strings
       conf.each do |key, value|
@@ -203,13 +201,13 @@ class GrubConfig < Inspec.resource(1)
       @params = conf.merge(kernel_opts)
     end
-    if @version == 'grub2'
+    if @version == "grub2"
       # read defaults
       defaults = read_file(@defaults_path)
       conf = SimpleConfig.new(
         defaults,
-        multiple_values: true,
+        multiple_values: true
       ).params
       # convert single entry arrays into strings