RubyGems - inspec - Versions diffs - 4.3.2 → 4.6.3 - Mend

inspec 4.3.2 → 4.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (368) hide show

checksums.yaml +4 -4
data/Gemfile +36 -38
data/README.md +37 -21
data/etc/deprecations.json +10 -0
data/etc/plugin_filters.json +8 -0
data/inspec.gemspec +38 -39
data/lib/bundles/inspec-compliance/api.rb +1 -1
data/lib/bundles/inspec-compliance/configuration.rb +1 -1
data/lib/bundles/inspec-compliance/http.rb +1 -1
data/lib/bundles/inspec-compliance/support.rb +1 -1
data/lib/bundles/inspec-compliance/target.rb +1 -1
data/lib/bundles/inspec-supermarket.rb +3 -7
data/lib/bundles/inspec-supermarket/api.rb +10 -13
data/lib/bundles/inspec-supermarket/cli.rb +12 -15
data/lib/bundles/inspec-supermarket/target.rb +7 -11
data/lib/fetchers/git.rb +14 -15
data/lib/fetchers/local.rb +6 -10
data/lib/fetchers/mock.rb +3 -5
data/lib/fetchers/url.rb +42 -44
data/lib/inspec.rb +23 -24
data/lib/inspec/archive/tar.rb +2 -6
data/lib/inspec/archive/zip.rb +3 -7
data/lib/inspec/backend.rb +8 -9
data/lib/inspec/base_cli.rb +64 -65
data/lib/inspec/cached_fetcher.rb +2 -3
data/lib/inspec/cli.rb +136 -97
data/lib/inspec/config.rb +71 -61
data/lib/inspec/control_eval_context.rb +22 -18
data/lib/inspec/dependencies/cache.rb +2 -3
data/lib/inspec/dependencies/dependency_set.rb +2 -3
data/lib/inspec/dependencies/lockfile.rb +8 -9
data/lib/inspec/dependencies/requirement.rb +7 -8
data/lib/inspec/dependencies/resolver.rb +5 -7
data/lib/inspec/describe.rb +2 -6
data/lib/inspec/dist.rb +20 -0
data/lib/inspec/dsl.rb +4 -7
data/lib/inspec/dsl_shared.rb +1 -2
data/lib/inspec/env_printer.rb +11 -12
data/lib/inspec/errors.rb +0 -4
data/lib/inspec/exceptions.rb +0 -1
data/lib/inspec/expect.rb +5 -8
data/lib/inspec/fetcher.rb +7 -10
data/lib/inspec/file_provider.rb +24 -24
data/lib/inspec/formatters.rb +3 -3
data/lib/inspec/formatters/base.rb +8 -8
data/lib/inspec/globals.rb +2 -2
data/lib/inspec/impact.rb +5 -7
data/lib/inspec/input_registry.rb +84 -33
data/lib/inspec/library_eval_context.rb +3 -6
data/lib/inspec/log.rb +1 -5
data/lib/inspec/metadata.rb +17 -16
data/lib/inspec/method_source.rb +5 -9
data/lib/inspec/objects.rb +10 -12
data/lib/inspec/objects/control.rb +7 -9
data/lib/inspec/objects/describe.rb +9 -11
data/lib/inspec/objects/each_loop.rb +1 -3
data/lib/inspec/objects/input.rb +24 -26
data/lib/inspec/objects/list.rb +4 -6
data/lib/inspec/objects/or_test.rb +2 -4
data/lib/inspec/objects/ruby_helper.rb +3 -5
data/lib/inspec/objects/tag.rb +0 -2
data/lib/inspec/objects/test.rb +9 -11
data/lib/inspec/objects/value.rb +3 -5
data/lib/inspec/plugin/v1.rb +2 -2
data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
data/lib/inspec/plugin/v1/plugins.rb +15 -19
data/lib/inspec/plugin/v1/registry.rb +0 -4
data/lib/inspec/plugin/v2.rb +8 -8
data/lib/inspec/plugin/v2/activator.rb +1 -1
data/lib/inspec/plugin/v2/config_file.rb +6 -6
data/lib/inspec/plugin/v2/filter.rb +13 -13
data/lib/inspec/plugin/v2/installer.rb +36 -24
data/lib/inspec/plugin/v2/loader.rb +28 -28
data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
data/lib/inspec/plugin/v2/registry.rb +7 -7
data/lib/inspec/polyfill.rb +0 -3
data/lib/inspec/profile.rb +55 -63
data/lib/inspec/profile_context.rb +27 -30
data/lib/inspec/profile_vendor.rb +6 -9
data/lib/inspec/reporters.rb +24 -24
data/lib/inspec/reporters/automate.rb +17 -19
data/lib/inspec/reporters/base.rb +1 -1
data/lib/inspec/reporters/cli.rb +88 -91
data/lib/inspec/reporters/json.rb +2 -4
data/lib/inspec/reporters/json_automate.rb +1 -3
data/lib/inspec/reporters/json_min.rb +1 -3
data/lib/inspec/reporters/junit.rb +26 -28
data/lib/inspec/reporters/yaml.rb +1 -3
data/lib/inspec/require_loader.rb +0 -4
data/lib/inspec/resource.rb +4 -125
data/lib/inspec/resources.rb +121 -0
data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
data/lib/{resources → inspec/resources}/apache.rb +13 -14
data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
data/lib/{resources → inspec/resources}/apt.rb +17 -17
data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
data/lib/{resources → inspec/resources}/auditd.rb +62 -64
data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
data/lib/{resources → inspec/resources}/bash.rb +6 -8
data/lib/{resources → inspec/resources}/bond.rb +15 -14
data/lib/{resources → inspec/resources}/bridge.rb +8 -8
data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
data/lib/{resources → inspec/resources}/command.rb +11 -10
data/lib/{resources → inspec/resources}/cpan.rb +12 -12
data/lib/{resources → inspec/resources}/cran.rb +9 -9
data/lib/{resources → inspec/resources}/crontab.rb +47 -48
data/lib/{resources → inspec/resources}/csv.rb +5 -5
data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
data/lib/{resources → inspec/resources}/directory.rb +5 -7
data/lib/{resources → inspec/resources}/docker.rb +63 -63
data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
data/lib/{resources → inspec/resources}/file.rb +80 -79
data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
data/lib/{resources → inspec/resources}/gem.rb +12 -12
data/lib/{resources → inspec/resources}/groups.rb +28 -27
data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
data/lib/{resources → inspec/resources}/host.rb +31 -29
data/lib/{resources → inspec/resources}/http.rb +24 -24
data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
data/lib/{resources → inspec/resources}/ini.rb +7 -8
data/lib/{resources → inspec/resources}/interface.rb +30 -30
data/lib/{resources → inspec/resources}/iptables.rb +8 -8
data/lib/{resources → inspec/resources}/json.rb +8 -10
data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
data/lib/{resources → inspec/resources}/ksh.rb +6 -8
data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
data/lib/{resources → inspec/resources}/mount.rb +6 -8
data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
data/lib/inspec/resources/mysql.rb +81 -0
data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
data/lib/{resources → inspec/resources}/nginx.rb +16 -17
data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
data/lib/{resources → inspec/resources}/npm.rb +9 -10
data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
data/lib/{resources → inspec/resources}/oneget.rb +8 -8
data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
data/lib/{resources → inspec/resources}/os.rb +6 -8
data/lib/{resources → inspec/resources}/os_env.rb +11 -12
data/lib/{resources → inspec/resources}/package.rb +66 -65
data/lib/{resources → inspec/resources}/packages.rb +13 -13
data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
data/lib/{resources → inspec/resources}/passwd.rb +18 -19
data/lib/{resources → inspec/resources}/pip.rb +19 -19
data/lib/{resources → inspec/resources}/platform.rb +9 -11
data/lib/{resources → inspec/resources}/port.rb +134 -136
data/lib/{resources → inspec/resources}/postgres.rb +40 -32
data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
data/lib/{resources → inspec/resources}/powershell.rb +17 -13
data/lib/{resources → inspec/resources}/processes.rb +29 -29
data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
data/lib/inspec/resources/script.rb +1 -0
data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
data/lib/{resources → inspec/resources}/service.rb +74 -75
data/lib/{resources → inspec/resources}/shadow.rb +44 -45
data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
data/lib/{resources → inspec/resources}/ssl.rb +28 -29
data/lib/inspec/resources/sys_info.rb +30 -0
data/lib/{resources → inspec/resources}/toml.rb +5 -7
data/lib/{resources → inspec/resources}/users.rb +65 -65
data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
data/lib/{resources → inspec/resources}/wmi.rb +7 -8
data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
data/lib/{resources → inspec/resources}/xml.rb +7 -7
data/lib/{resources → inspec/resources}/yaml.rb +5 -6
data/lib/{resources → inspec/resources}/yum.rb +10 -10
data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
data/lib/inspec/rspec_extensions.rb +24 -8
data/lib/inspec/rule.rb +14 -15
data/lib/inspec/runner.rb +28 -28
data/lib/inspec/runner_mock.rb +1 -5
data/lib/inspec/runner_rspec.rb +18 -20
data/lib/inspec/runtime_profile.rb +2 -5
data/lib/inspec/schema.rb +142 -143
data/lib/inspec/secrets.rb +3 -7
data/lib/inspec/secrets/yaml.rb +3 -5
data/lib/inspec/shell.rb +11 -15
data/lib/inspec/shell_detector.rb +6 -7
data/lib/inspec/source_reader.rb +4 -8
data/lib/inspec/ui.rb +33 -39
data/lib/inspec/ui_table_helper.rb +12 -0
data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
data/lib/{utils → inspec/utils}/convert.rb +0 -4
data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
data/lib/inspec/utils/deprecation.rb +6 -0
data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
data/lib/{utils → inspec/utils}/filter.rb +30 -33
data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
data/lib/{utils → inspec/utils}/find_files.rb +9 -12
data/lib/{utils → inspec/utils}/hash.rb +1 -5
data/lib/inspec/utils/json_log.rb +15 -0
data/lib/inspec/utils/latest_version.rb +13 -0
data/lib/{utils → inspec/utils}/modulator.rb +0 -3
data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
data/lib/{utils → inspec/utils}/parser.rb +45 -45
data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
data/lib/{utils → inspec/utils}/spdx.rb +1 -4
data/lib/{utils → inspec/utils}/spdx.txt +0 -0
data/lib/inspec/utils/telemetry.rb +3 -3
data/lib/inspec/utils/telemetry/collector.rb +30 -9
data/lib/inspec/utils/telemetry/data_series.rb +3 -1
data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
data/lib/inspec/version.rb +1 -1
data/lib/matchers/matchers.rb +22 -25
data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +12 -11
data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +12 -14
data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +39 -41
data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +64 -64
data/lib/plugins/inspec-compliance/test/unit/api_test.rb +157 -156
data/lib/plugins/inspec-compliance/test/unit/target_test.rb +85 -85
data/lib/plugins/inspec-habitat/Berksfile +2 -2
data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +1 -1
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +8 -8
data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +17 -17
data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +9 -8
data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +14 -14
data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +4 -4
data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +42 -41
data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +5 -5
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +1 -3
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +2 -2
data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +2 -2
data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +10 -11
data/lib/plugins/inspec-init/templates/profiles/azure/controls/example.rb +4 -5
data/lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb +10 -11
data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +51 -50
data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +35 -33
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +1 -1
data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +281 -271
data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +41 -41
data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +25 -6
data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
data/lib/resource_support/aws.rb +67 -67
data/lib/resource_support/aws/aws_plural_resource_mixin.rb +4 -1
data/lib/resource_support/aws/aws_resource_mixin.rb +4 -3
data/lib/resource_support/aws/aws_singular_resource_mixin.rb +4 -1
data/lib/resources/aws/aws_billing_report.rb +15 -8
data/lib/resources/aws/aws_billing_reports.rb +10 -7
data/lib/resources/aws/aws_cloudtrail_trail.rb +9 -5
data/lib/resources/aws/aws_cloudtrail_trails.rb +9 -5
data/lib/resources/aws/aws_cloudwatch_alarm.rb +9 -5
data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +12 -8
data/lib/resources/aws/aws_config_delivery_channel.rb +13 -9
data/lib/resources/aws/aws_config_recorder.rb +10 -6
data/lib/resources/aws/aws_ebs_volume.rb +12 -8
data/lib/resources/aws/aws_ebs_volumes.rb +9 -5
data/lib/resources/aws/aws_ec2_instance.rb +14 -11
data/lib/resources/aws/aws_ec2_instances.rb +9 -5
data/lib/resources/aws/aws_ecs_cluster.rb +11 -7
data/lib/resources/aws/aws_eks_cluster.rb +13 -9
data/lib/resources/aws/aws_elb.rb +9 -5
data/lib/resources/aws/aws_elbs.rb +9 -5
data/lib/resources/aws/aws_flow_log.rb +17 -13
data/lib/resources/aws/aws_iam_access_key.rb +15 -11
data/lib/resources/aws/aws_iam_access_keys.rb +19 -15
data/lib/resources/aws/aws_iam_group.rb +9 -5
data/lib/resources/aws/aws_iam_groups.rb +9 -5
data/lib/resources/aws/aws_iam_password_policy.rb +13 -10
data/lib/resources/aws/aws_iam_policies.rb +9 -5
data/lib/resources/aws/aws_iam_policy.rb +16 -12
data/lib/resources/aws/aws_iam_role.rb +9 -5
data/lib/resources/aws/aws_iam_root_user.rb +12 -8
data/lib/resources/aws/aws_iam_user.rb +12 -12
data/lib/resources/aws/aws_iam_users.rb +10 -10
data/lib/resources/aws/aws_kms_key.rb +12 -8
data/lib/resources/aws/aws_kms_keys.rb +9 -5
data/lib/resources/aws/aws_rds_instance.rb +11 -8
data/lib/resources/aws/aws_route_table.rb +11 -7
data/lib/resources/aws/aws_route_tables.rb +10 -6
data/lib/resources/aws/aws_s3_bucket.rb +14 -11
data/lib/resources/aws/aws_s3_bucket_object.rb +12 -9
data/lib/resources/aws/aws_s3_buckets.rb +9 -7
data/lib/resources/aws/aws_security_group.rb +16 -12
data/lib/resources/aws/aws_security_groups.rb +12 -8
data/lib/resources/aws/aws_sns_subscription.rb +15 -11
data/lib/resources/aws/aws_sns_topic.rb +10 -6
data/lib/resources/aws/aws_sns_topics.rb +9 -5
data/lib/resources/aws/aws_sqs_queue.rb +18 -14
data/lib/resources/aws/aws_subnet.rb +11 -7
data/lib/resources/aws/aws_subnets.rb +9 -5
data/lib/resources/aws/aws_vpc.rb +10 -6
data/lib/resources/aws/aws_vpcs.rb +9 -5
data/lib/resources/azure/azure_backend.rb +20 -18
data/lib/resources/azure/azure_generic_resource.rb +13 -15
data/lib/resources/azure/azure_resource_group.rb +17 -19
data/lib/resources/azure/azure_virtual_machine.rb +6 -8
data/lib/resources/azure/azure_virtual_machine_data_disk.rb +6 -8
data/lib/source_readers/flat.rb +6 -10
data/lib/source_readers/inspec.rb +8 -12
metadata +141 -142
data/lib/resources/mysql.rb +0 -82
data/lib/resources/sys_info.rb +0 -28
data/lib/utils/deprecation.rb +0 -6
data/lib/utils/json_log.rb +0 -18
data/lib/utils/latest_version.rb +0 -22

data/lib/{resources → inspec/resources}/service.rb RENAMED

@@ -1,7 +1,6 @@
-# encoding: utf-8
-require 'hashie'
-require 'utils/file_reader'
+require "hashie"
+require "inspec/utils/file_reader"
+require "inspec/utils/simpleconfig"
 module Inspec::Resources
   class Runlevels < Hash
@@ -67,10 +66,10 @@ module Inspec::Resources
   #
   # TODO: extend the logic to detect the running init system, independently of OS
   class Service < Inspec.resource(1)
-    name 'service'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the service InSpec audit resource to test if the named service is installed, running and/or enabled.'
+    name "service"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the service InSpec audit resource to test if the named service is installed, running and/or enabled."
     example <<~EXAMPLE
       describe service('service_name') do
         it { should be_installed }
@@ -98,7 +97,7 @@ module Inspec::Resources
       @cache = nil
       @service_mgmt = select_service_mgmt
-      return skip_resource 'The `service` resource is not supported on your OS yet.' if @service_mgmt.nil?
+      return skip_resource "The `service` resource is not supported on your OS yet." if @service_mgmt.nil?
     end
     def select_service_mgmt # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
@@ -132,14 +131,14 @@ module Inspec::Resources
         if version > 7
           Systemd.new(inspec, service_ctl)
         else
-          SysV.new(inspec, service_ctl || '/usr/sbin/service')
+          SysV.new(inspec, service_ctl || "/usr/sbin/service")
         end
       elsif %w{redhat fedora centos oracle cloudlinux}.include?(platform)
         version = os[:release].to_i
-        if (%w{redhat centos oracle cloudlinux}.include?(platform) && version >= 7) || (platform == 'fedora' && version >= 15)
+        if (%w{redhat centos oracle cloudlinux}.include?(platform) && version >= 7) || (platform == "fedora" && version >= 15)
           Systemd.new(inspec, service_ctl)
         else
-          SysV.new(inspec, service_ctl || '/sbin/service')
+          SysV.new(inspec, service_ctl || "/sbin/service")
         end
       elsif %w{wrlinux}.include?(platform)
         SysV.new(inspec, service_ctl)
@@ -157,7 +156,7 @@ module Inspec::Resources
         if os[:release].to_i >= 12
           Systemd.new(inspec, service_ctl)
         else
-          SysV.new(inspec, service_ctl || '/sbin/service')
+          SysV.new(inspec, service_ctl || "/sbin/service")
         end
       elsif %w{aix}.include?(platform)
         SrcMstr.new(inspec)
@@ -202,7 +201,7 @@ module Inspec::Resources
     # get all runlevels that are available and their configuration
     def runlevels(*args)
-      return Runlevels.new(self) if info.nil? or info[:runlevels].nil?
+      return Runlevels.new(self) if info.nil? || info[:runlevels].nil?
       Runlevels.from_hash(self, info[:runlevels], args)
     end
@@ -249,7 +248,7 @@ module Inspec::Resources
   # @see: http://www.freedesktop.org/software/systemd/man/systemd-system.conf.html
   class Systemd < ServiceManager
     def initialize(inspec, service_ctl = nil)
-      @service_ctl = service_ctl || 'systemctl'
+      @service_ctl = service_ctl || "systemctl"
       super
     end
@@ -279,19 +278,19 @@ module Inspec::Resources
       params = SimpleConfig.new(
         cmd.stdout.chomp,
         assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
-        multiple_values: false,
+        multiple_values: false
       ).params
       # LoadState values eg. loaded, not-found
-      installed = params['LoadState'] == 'loaded'
+      installed = params["LoadState"] == "loaded"
       {
-        name: params['Id'],
-        description: params['Description'],
+        name: params["Id"],
+        description: params["Description"],
         installed: installed,
         running: is_active?(service_name),
         enabled: is_enabled?(service_name),
-        type: 'systemd',
+        type: "systemd",
         params: params,
       }
     end
@@ -312,7 +311,7 @@ module Inspec::Resources
         installed: true,
         running: running,
         enabled: enabled?,
-        type: 'srcmstr',
+        type: "srcmstr",
       }
     end
@@ -330,7 +329,7 @@ module Inspec::Resources
     def enabled_rc_tcpip?
       inspec.command(
-        "grep -v ^# /etc/rc.tcpip | grep 'start ' | grep -Eq '(/{0,1}| )#{name} '",
+        "grep -v ^# /etc/rc.tcpip | grep 'start ' | grep -Eq '(/{0,1}| )#{name} '"
       ).exit_status == 0
     end
@@ -344,7 +343,7 @@ module Inspec::Resources
     include FileReader
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'initctl'
+      @service_ctl = service_ctl || "initctl"
       super
     end
@@ -353,7 +352,7 @@ module Inspec::Resources
       status = inspec.command("#{service_ctl} status #{service_name}")
       # fallback for systemv services, those are not handled via `initctl`
-      return SysV.new(inspec).info(service_name) if status.exit_status.to_i != 0 || status.stdout == ''
+      return SysV.new(inspec).info(service_name) if status.exit_status.to_i != 0 || status.stdout == ""
       # @see: http://upstart.ubuntu.com/cookbook/#job-states
       # grep for running to indicate the service is there
@@ -366,7 +365,7 @@ module Inspec::Resources
         installed: true,
         running: running,
         enabled: enabled,
-        type: 'upstart',
+        type: "upstart",
       }
     end
@@ -388,17 +387,17 @@ module Inspec::Resources
   end
   class SysV < ServiceManager
-    RUNLEVELS = { 0=>false, 1=>false, 2=>false, 3=>false, 4=>false, 5=>false, 6=>false }.freeze
+    RUNLEVELS = { 0 => false, 1 => false, 2 => false, 3 => false, 4 => false, 5 => false, 6 => false }.freeze
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'service'
+      @service_ctl = service_ctl || "service"
       super
     end
     def info(service_name)
       # check if service is installed
       # read all available services via ls /etc/init.d/
-      srvlist = inspec.command('ls -1 /etc/init.d/')
+      srvlist = inspec.command("ls -1 /etc/init.d/")
       return nil if srvlist.exit_status != 0
       # check if the service is in list
@@ -412,9 +411,9 @@ module Inspec::Resources
       # bash: for i in `find /etc/rc*.d -name S*`; do basename $i | sed -r 's/^S[0-9]+//'; done | sort | uniq
       enabled_services_cmd = inspec.command('find /etc/rc*.d /etc/init.d/rc*.d -name "S*"').stdout
       service_line = %r{rc(?<runlevel>[0-6])\.d/S[^/]*?#{Regexp.escape service_name}$}
-      all_services = enabled_services_cmd.split("\n").map { |line|
+      all_services = enabled_services_cmd.split("\n").map do |line|
         service_line.match(line)
-      }.compact
+      end.compact
       enabled = !all_services.empty?
       # Determine a list of runlevels which this service is activated for
@@ -434,7 +433,7 @@ module Inspec::Resources
         running: running,
         enabled: enabled,
         runlevels: runlevels,
-        type: 'sysv',
+        type: "sysv",
       }
     end
   end
@@ -443,7 +442,7 @@ module Inspec::Resources
   # @see: https://www.freebsd.org/cgi/man.cgi?query=rc.conf&sektion=5
   class BSDInit < ServiceManager
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'service'
+      @service_ctl = service_ctl || "service"
       super
     end
@@ -473,14 +472,14 @@ module Inspec::Resources
         installed: true,
         running: running,
         enabled: enabled,
-        type: 'bsd-init',
+        type: "bsd-init",
       }
     end
   end
   class Runit < ServiceManager
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'sv'
+      @service_ctl = service_ctl || "sv"
       super
     end
@@ -500,7 +499,7 @@ module Inspec::Resources
         installed: installed,
         running: running,
         enabled: enabled,
-        type: 'runit',
+        type: "runit",
       }
     end
   end
@@ -509,7 +508,7 @@ module Inspec::Resources
   # new launctl on macos 10.10
   class LaunchCtl < ServiceManager
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'launchctl'
+      @service_ctl = service_ctl || "launchctl"
       super
     end
@@ -524,14 +523,14 @@ module Inspec::Resources
       # extract values from service
       parsed_srv = /^(?<pid>[0-9-]+)\t(?<exit>[0-9]+)\t(?<name>\S*)$/.match(srv[0])
-      enabled = !parsed_srv['name'].nil? # it's in the list
+      enabled = !parsed_srv["name"].nil? # it's in the list
       # check if the service is running
-      pid = parsed_srv['pid']
-      running = pid != '-'
+      pid = parsed_srv["pid"]
+      running = pid != "-"
       # extract service label
-      srv = parsed_srv['name'] || service_name
+      srv = parsed_srv["name"] || service_name
       {
         name: srv,
@@ -539,7 +538,7 @@ module Inspec::Resources
         installed: true,
         running: running,
         enabled: enabled,
-        type: 'darwin',
+        type: "darwin",
       }
     end
   end
@@ -590,16 +589,16 @@ module Inspec::Resources
       end
       # check that we got a response
-      return nil if service.nil? || service['Service'].nil?
+      return nil if service.nil? || service["Service"].nil?
       {
-        name: service['Service']['Name'],
-        description: service['Service']['DisplayName'],
+        name: service["Service"]["Name"],
+        description: service["Service"]["DisplayName"],
         installed: true,
         running: service_running?(service),
         enabled: service_enabled?(service),
-        startmode: service['WMI']['StartMode'],
-        type: 'windows',
+        startmode: service["WMI"]["StartMode"],
+        type: "windows",
       }
     end
@@ -607,22 +606,22 @@ module Inspec::Resources
     # detect if service is enabled
     def service_enabled?(service)
-      !service['WMI'].nil? &&
-        !service['WMI']['StartMode'].nil? &&
-        (service['WMI']['StartMode'] == 'Auto' ||
-        service['WMI']['StartMode'] == 'Manual')
+      !service["WMI"].nil? &&
+        !service["WMI"]["StartMode"].nil? &&
+        (service["WMI"]["StartMode"] == "Auto" ||
+        service["WMI"]["StartMode"] == "Manual")
     end
     # detect if service is running
     def service_running?(service)
-      !service['Service']['Status'].nil? && service['Service']['Status'] == 4
+      !service["Service"]["Status"].nil? && service["Service"]["Status"] == 4
     end
   end
   # Solaris services
   class Svcs < ServiceManager
     def initialize(service_name, service_ctl = nil)
-      @service_ctl = service_ctl || 'svcs'
+      @service_ctl = service_ctl || "svcs"
       super
     end
@@ -634,20 +633,20 @@ module Inspec::Resources
       params = SimpleConfig.new(
         cmd.stdout.chomp,
         assignment_regex: /^(\w+)\s*(.*)$/,
-        multiple_values: false,
+        multiple_values: false
       ).params
       installed = cmd.exit_status == 0
-      running = installed && (params['state'] == 'online')
-      enabled = installed && (params['enabled'] == 'true')
+      running = installed && (params["state"] == "online")
+      enabled = installed && (params["enabled"] == "true")
       {
         name: service_name,
-        description: params['name'],
+        description: params["name"],
         installed: installed,
         running: running,
         enabled: enabled,
-        type: 'svcs',
+        type: "svcs",
       }
     end
   end
@@ -655,9 +654,9 @@ module Inspec::Resources
   # specific resources for specific service managers
   class SystemdService < Service
-    name 'systemd_service'
-    supports platform: 'unix'
-    desc 'Use the systemd_service InSpec audit resource to test if the named service (controlled by systemd) is installed, running and/or enabled.'
+    name "systemd_service"
+    supports platform: "unix"
+    desc "Use the systemd_service InSpec audit resource to test if the named service (controlled by systemd) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe systemd_service('service_name') do
@@ -678,9 +677,9 @@ module Inspec::Resources
   end
   class UpstartService < Service
-    name 'upstart_service'
-    supports platform: 'unix'
-    desc 'Use the upstart_service InSpec audit resource to test if the named service (controlled by upstart) is installed, running and/or enabled.'
+    name "upstart_service"
+    supports platform: "unix"
+    desc "Use the upstart_service InSpec audit resource to test if the named service (controlled by upstart) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe upstart_service('service_name') do
@@ -701,9 +700,9 @@ module Inspec::Resources
   end
   class SysVService < Service
-    name 'sysv_service'
-    supports platform: 'unix'
-    desc 'Use the sysv_service InSpec audit resource to test if the named service (controlled by SysV) is installed, running and/or enabled.'
+    name "sysv_service"
+    supports platform: "unix"
+    desc "Use the sysv_service InSpec audit resource to test if the named service (controlled by SysV) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe sysv_service('service_name') do
@@ -724,9 +723,9 @@ module Inspec::Resources
   end
   class BSDService < Service
-    name 'bsd_service'
-    supports platform: 'unix'
-    desc 'Use the bsd_service InSpec audit resource to test if the named service (controlled by BSD init) is installed, running and/or enabled.'
+    name "bsd_service"
+    supports platform: "unix"
+    desc "Use the bsd_service InSpec audit resource to test if the named service (controlled by BSD init) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe bsd_service('service_name') do
@@ -747,9 +746,9 @@ module Inspec::Resources
   end
   class LaunchdService < Service
-    name 'launchd_service'
-    supports platform: 'unix'
-    desc 'Use the launchd_service InSpec audit resource to test if the named service (controlled by launchd) is installed, running and/or enabled.'
+    name "launchd_service"
+    supports platform: "unix"
+    desc "Use the launchd_service InSpec audit resource to test if the named service (controlled by launchd) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe launchd_service('service_name') do
@@ -770,9 +769,9 @@ module Inspec::Resources
   end
   class RunitService < Service
-    name 'runit_service'
-    supports platform: 'unix'
-    desc 'Use the runit_service InSpec audit resource to test if the named service (controlled by runit) is installed, running and/or enabled.'
+    name "runit_service"
+    supports platform: "unix"
+    desc "Use the runit_service InSpec audit resource to test if the named service (controlled by runit) is installed, running and/or enabled."
     example <<~EXAMPLE
       # to override service mgmt auto-detection
       describe runit_service('service_name') do

data/lib/{resources → inspec/resources}/shadow.rb RENAMED

@@ -1,8 +1,7 @@
-# encoding: utf-8
 # copyright: 2016, Chef Software Inc.
-require 'utils/filter'
-require 'utils/file_reader'
+require "inspec/utils/filter"
+require "inspec/utils/file_reader"
 # The file format consists of
 # - user
@@ -16,11 +15,11 @@ require 'utils/file_reader'
 module Inspec::Resources
   class Shadow < Inspec.resource(1)
-    name 'shadow'
-    supports platform: 'unix'
-    desc 'Use the shadow InSpec resource to test the contents of /etc/shadow, '\
-         'which contains information for users that may log into '\
-         'the system and/or as users that own running processes.'
+    name "shadow"
+    supports platform: "unix"
+    desc "Use the shadow InSpec resource to test the contents of /etc/shadow, "\
+         "which contains information for users that may log into "\
+         "the system and/or as users that own running processes."
     example <<~EXAMPLE
       describe shadow do
         its('user') { should_not include 'forbidden_user' }
@@ -36,23 +35,23 @@ module Inspec::Resources
     attr_reader :params
-    def initialize(path = '/etc/shadow', opts = {})
+    def initialize(path = "/etc/shadow", opts = {})
       @opts = opts
-      @path = path || '/etc/shadow'
-      @filters = @opts[:filters] || ''
+      @path = path || "/etc/shadow"
+      @filters = @opts[:filters] || ""
     end
     filtertable = FilterTable.create
     filtertable
-      .register_column(:users, field: 'user')
-      .register_column(:passwords, field: 'password')
-      .register_column(:last_changes, field: 'last_change')
-      .register_column(:min_days, field: 'min_days')
-      .register_column(:max_days, field: 'max_days')
-      .register_column(:warn_days, field: 'warn_days')
-      .register_column(:inactive_days, field: 'inactive_days')
-      .register_column(:expiry_dates, field: 'expiry_date')
-      .register_column(:reserved, field: 'reserved')
+      .register_column(:users, field: "user")
+      .register_column(:passwords, field: "password")
+      .register_column(:last_changes, field: "last_change")
+      .register_column(:min_days, field: "min_days")
+      .register_column(:max_days, field: "max_days")
+      .register_column(:warn_days, field: "warn_days")
+      .register_column(:inactive_days, field: "inactive_days")
+      .register_column(:expiry_dates, field: "expiry_date")
+      .register_column(:reserved, field: "reserved")
     # These are deprecated, but we need to "alias" them
     filtertable
       .register_custom_property(:user) { |table, value| table.resource.user(value) }
@@ -60,18 +59,18 @@ module Inspec::Resources
       .register_custom_property(:last_change) { |table, value| table.resource.last_change(value) }
       .register_custom_property(:expiry_date) { |table, value| table.resource.expiry_date(value) }
-    filtertable.register_custom_property(:content) { |t, _|
+    filtertable.register_custom_property(:content) do |t, _|
       t.entries.map do |e|
-        [e.user, e.password, e.last_change, e.min_days, e.max_days, e.warn_days, e.inactive_days, e.expiry_date].compact.join(':')
+        [e.user, e.password, e.last_change, e.min_days, e.max_days, e.warn_days, e.inactive_days, e.expiry_date].compact.join(":")
       end.join("\n")
-    }
+    end
     filtertable.install_filter_methods_on_resource(self, :set_params)
     def filter(query = {})
       return self if query.nil? || query.empty?
       res = set_params
-      filters = ''
+      filters = ""
       query.each do |attr, condition|
         condition = condition.to_s if condition.is_a? Integer
         filters += " #{attr} = #{condition.inspect}"
@@ -84,39 +83,39 @@ module Inspec::Resources
           end
         end
       end
-      content = res.map { |x| x.values.join(':') }.join("\n")
+      content = res.map { |x| x.values.join(":") }.join("\n")
       Shadow.new(@path, content: content, filters: @filters + filters)
     end
     # Next 4 are deprecated methods.  We define them here so we can emit a deprecation message.
     # They are also defined on the Table, above.
     def user(query = nil)
-      Inspec.deprecate(:properties_shadow, 'The shadow `user` property is deprecated. Please use `users` instead.')
-      query.nil? ? where.users : where('user' => query)
+      Inspec.deprecate(:properties_shadow, "The shadow `user` property is deprecated. Please use `users` instead.")
+      query.nil? ? where.users : where("user" => query)
     end
     def password(query = nil)
-      Inspec.deprecate(:properties_shadow, 'The shadow `password` property is deprecated. Please use `passwords` instead.')
-      query.nil? ? where.passwords : where('password' => query)
+      Inspec.deprecate(:properties_shadow, "The shadow `password` property is deprecated. Please use `passwords` instead.")
+      query.nil? ? where.passwords : where("password" => query)
     end
     def last_change(query = nil)
-      Inspec.deprecate(:properties_shadow, 'The shadow `last_change` property is deprecated. Please use `last_changes` instead.')
-      query.nil? ? where.last_changes : where('last_change' => query)
+      Inspec.deprecate(:properties_shadow, "The shadow `last_change` property is deprecated. Please use `last_changes` instead.")
+      query.nil? ? where.last_changes : where("last_change" => query)
     end
     def expiry_date(query = nil)
-      Inspec.deprecate(:properties_shadow, 'The shadow `expiry_date` property is deprecated. Please use `expiry_dates` instead.')
-      query.nil? ? where.expiry_dates : where('expiry_date' => query)
+      Inspec.deprecate(:properties_shadow, "The shadow `expiry_date` property is deprecated. Please use `expiry_dates` instead.")
+      query.nil? ? where.expiry_dates : where("expiry_date" => query)
     end
     def lines
-      Inspec.deprecate(:properties_shadow, 'The shadow `lines` property is deprecated.')
+      Inspec.deprecate(:properties_shadow, "The shadow `lines` property is deprecated.")
       shadow_content.to_s.split("\n")
     end
     def to_s
-      f = @filters.empty? ? '' : ' with'+@filters
+      f = @filters.empty? ? "" : " with" + @filters
       "#{@path}#{f}"
     end
@@ -139,17 +138,17 @@ module Inspec::Resources
     # @param [String] line a line of /etc/shadow
     # @return [Hash] Map of entries in this line
     def parse_shadow_line(line)
-      x = line.split(':')
+      x = line.split(":")
       {
-        'user'          => x.at(0),
-        'password'      => x.at(1),
-        'last_change'   => x.at(2),
-        'min_days'      => x.at(3),
-        'max_days'      => x.at(4),
-        'warn_days'     => x.at(5),
-        'inactive_days' => x.at(6),
-        'expiry_date'   => x.at(7),
-        'reserved'      => x.at(8),
+        "user" => x.at(0),
+        "password" => x.at(1),
+        "last_change" => x.at(2),
+        "min_days" => x.at(3),
+        "max_days" => x.at(4),
+        "warn_days" => x.at(5),
+        "inactive_days" => x.at(6),
+        "expiry_date" => x.at(7),
+        "reserved" => x.at(8),
       }
     end
   end