inspec 4.3.2 → 4.6.3

data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb}

@@ -1,14 +1,12 @@
-# encoding: utf-8
-
-require 'utils/parser'
-require 'utils/filter'
-require 'utils/file_reader'
+require "inspec/utils/parser"
+require "inspec/utils/filter"
+require "inspec/utils/file_reader"
 
 module Inspec::Resources
   class XinetdConf < Inspec.resource(1)
-    name 'xinetd_conf'
-    supports platform: 'unix'
-    desc 'Xinetd services configuration.'
+    name "xinetd_conf"
+    supports platform: "unix"
+    desc "Xinetd services configuration."
     example <<~EXAMPLE
       describe xinetd_conf.services('chargen') do
         its('socket_types') { should include 'dgram' }
@@ -22,7 +20,7 @@ module Inspec::Resources
     include XinetdParser
     include FileReader
 
-    def initialize(conf_path = '/etc/xinetd.conf')
+    def initialize(conf_path = "/etc/xinetd.conf")
       @conf_path = conf_path
       @contents = {}
       read_content(@conf_path)
@@ -37,14 +35,14 @@ module Inspec::Resources
     end
 
     filter = FilterTable.create
-    filter.register_column(:services,     field: 'service')
-          .register_column(:ids,          field: 'id')
-          .register_column(:socket_types, field: 'socket_type')
-          .register_column(:types,        field: 'type')
-          .register_column(:protocols,    field: 'protocol')
-          .register_column(:wait,         field: 'wait')
-          .register_custom_matcher(:disabled?) { |x| x.where('disable' => 'no').services.empty? }
-          .register_custom_matcher(:enabled?) { |x| x.where('disable' => 'yes').services.empty? }
+    filter.register_column(:services,     field: "service")
+          .register_column(:ids,          field: "id")
+          .register_column(:socket_types, field: "socket_type")
+          .register_column(:types,        field: "type")
+          .register_column(:protocols,    field: "protocol")
+          .register_column(:wait,         field: "wait")
+          .register_custom_matcher(:disabled?) { |x| x.where("disable" => "no").services.empty? }
+          .register_custom_matcher(:enabled?) { |x| x.where("disable" => "yes").services.empty? }
           .install_filter_methods_on_resource(self, :service_lines)
 
     private
@@ -59,7 +57,7 @@ module Inspec::Resources
       return {} if read_content.nil?
       flat_params = parse_xinetd(read_content)
       # we need to map service data in order to use it with filtertable
-      params = { 'services' => {} }
+      params = { "services" => {} }
       # map services that were defined and map it to the service hash
       flat_params.each do |k, v|
         name = k[/^service (.+)$/, 1]
@@ -69,13 +67,13 @@ module Inspec::Resources
         # handle service entries
         else
           # store service
-          params['services'][name] = v
+          params["services"][name] = v
 
           # add the service identifier to its parameters
           if v.is_a?(Array)
-            v.each { |service| service.params['service'] = name }
+            v.each { |service| service.params["service"] = name }
           else
-            v.params['service'] = name
+            v.params["service"] = name
           end
         end
       end
@@ -85,20 +83,20 @@ module Inspec::Resources
     # Method used to derive the default protocol used from the socket_type
     def default_protocol(type)
       case type
-      when 'stream'
-        'tcp'
-      when 'dgram'
-        'udp'
+      when "stream"
+        "tcp"
+      when "dgram"
+        "udp"
       else
-        'unknown'
+        "unknown"
       end
     end
 
     def service_lines
-      @services ||= params['services'].values.flatten.map { |service|
-        service.params['protocol'] ||= default_protocol(service.params['socket_type'])
+      @services ||= params["services"].values.flatten.map do |service|
+        service.params["protocol"] ||= default_protocol(service.params["socket_type"])
         service.params
-      }
+      end
     end
   end
 end

data/lib/{resources → inspec/resources}/xml.rb

@@ -1,11 +1,11 @@
-# encoding: utf-8
+require "inspec/resources/json"
 
 module Inspec::Resources
   class XmlConfig < JsonConfig
-    name 'xml'
-    supports platform: 'unix'
-    supports platform: 'windows'
-    desc 'Use the xml InSpec resource to test configuration data in an XML file'
+    name "xml"
+    supports platform: "unix"
+    supports platform: "windows"
+    desc "Use the xml InSpec resource to test configuration data in an XML file"
     example <<~EXAMPLE
       describe xml('default.xml') do
         its('key/sub_key') { should eq(['value']) }
@@ -14,7 +14,7 @@ module Inspec::Resources
     EXAMPLE
 
     def parse(content)
-      require 'rexml/document'
+      require "rexml/document"
       REXML::Document.new(content)
     rescue => e
       raise Inspec::Exceptions::ResourceFailed, "Unable to parse XML: #{e.message}"
@@ -42,7 +42,7 @@ module Inspec::Resources
     # used by JsonConfig to build up a full to_s method
     # based on whether a file path, content, or command was supplied.
     def resource_base_name
-      'XML'
+      "XML"
     end
   end
 end

data/lib/{resources → inspec/resources}/yaml.rb

@@ -1,6 +1,5 @@
-# encoding: utf-8
-
-require 'yaml'
+require "yaml"
+require "inspec/resources/json"
 
 # Parses a yaml document
 # Usage:
@@ -9,8 +8,8 @@ require 'yaml'
 # end
 module Inspec::Resources
   class YamlConfig < JsonConfig
-    name 'yaml'
-    desc 'Use the yaml InSpec audit resource to test configuration data in a YAML file.'
+    name "yaml"
+    desc "Use the yaml InSpec audit resource to test configuration data in a YAML file."
     example <<~EXAMPLE
       describe yaml('config.yaml') do
         its(['driver', 'name']) { should eq 'vagrant' }
@@ -37,7 +36,7 @@ module Inspec::Resources
     # used by JsonConfig to build up a full to_s method
     # based on whether a file path, content, or command was supplied.
     def resource_base_name
-      'YAML'
+      "YAML"
     end
   end
 end

data/lib/{resources → inspec/resources}/yum.rb

@@ -1,4 +1,4 @@
-# encoding: utf-8
+require "inspec/resources/command"
 
 # Usage:
 # describe yum do
@@ -29,9 +29,9 @@
 
 module Inspec::Resources
   class Yum < Inspec.resource(1)
-    name 'yum'
-    supports platform: 'unix'
-    desc 'Use the yum InSpec audit resource to test the configuration of Yum repositories.'
+    name "yum"
+    supports platform: "unix"
+    desc "Use the yum InSpec audit resource to test the configuration of Yum repositories."
     example <<~EXAMPLE
       describe yum.repo('name') do
         it { should exist }
@@ -49,7 +49,7 @@ module Inspec::Resources
       return @cache if defined?(@cache)
       # parse the repository data from yum
       # we cannot use -C, because this is not reliable and may lead to errors
-      @command_result = inspec.command('yum -v repolist all')
+      @command_result = inspec.command("yum -v repolist all")
       @content = @command_result.stdout
       @cache = []
       repo = {}
@@ -73,7 +73,7 @@ module Inspec::Resources
     end
 
     def repos
-      repositories.map { |repo| repo['id'] }
+      repositories.map { |repo| repo["id"] }
     end
 
     def repo(repo)
@@ -86,7 +86,7 @@ module Inspec::Resources
     end
 
     def to_s
-      'Yum Repository'
+      "Yum Repository"
     end
 
     private
@@ -99,7 +99,7 @@ module Inspec::Resources
     # Optimize the key value
     def repo_key(key)
       return key if key.nil?
-      key.gsub('Repo-', '').downcase
+      key.gsub("Repo-", "").downcase
     end
   end
 
@@ -118,7 +118,7 @@ module Inspec::Resources
 
     def info
       return @cache if defined?(@cache)
-      selection = @yum.repositories.select { |e| e['id'] == @reponame || shortname(e['id']) == @reponame }
+      selection = @yum.repositories.select { |e| e["id"] == @reponame || shortname(e["id"]) == @reponame }
       @cache = selection.empty? ? {} : selection.first
       @cache
     end
@@ -129,7 +129,7 @@ module Inspec::Resources
 
     def enabled?
       return false unless exist?
-      info['status'] == 'enabled'
+      info["status"] == "enabled"
     end
 
     # provide a method for each of the repo metadata items we know about

data/lib/{resources → inspec/resources}/zfs_dataset.rb

@@ -1,9 +1,9 @@
-# encoding: utf-8
+require "inspec/resources/command"
 
 module Inspec::Resources
   class ZfsDataset < Inspec.resource(1)
-    name 'zfs_dataset'
-    supports platform: 'unix'
+    name "zfs_dataset"
+    supports platform: "unix"
     desc "
       Use the zfs_dataset InSpec audit resource to test if the named
       ZFS Dataset is present and/or has certain properties.
@@ -16,7 +16,7 @@ module Inspec::Resources
     EXAMPLE
 
     def initialize(zfs_dataset)
-      return skip_resource 'The `zfs_dataset` resource is not supported on your OS yet.' if !inspec.os.bsd?
+      return skip_resource "The `zfs_dataset` resource is not supported on your OS yet." if !inspec.os.bsd?
       @zfs_dataset = zfs_dataset
 
       @params = gather
@@ -29,7 +29,7 @@ module Inspec::Resources
 
     def mounted?
       return false if !exists?
-      inspec.mount(@params['mountpoint']).mounted?
+      inspec.mount(@params["mountpoint"]).mounted?
     end
 
     def to_s
@@ -49,7 +49,7 @@ module Inspec::Resources
 
     # override method
     def exec
-      @params['exec']
+      @params["exec"]
     end
 
     # expose all parameters

data/lib/{resources → inspec/resources}/zfs_pool.rb

@@ -1,9 +1,9 @@
-# encoding: utf-8
+require "inspec/resources/command"
 
 module Inspec::Resources
   class ZfsPool < Inspec.resource(1)
-    name 'zfs_pool'
-    supports platform: 'unix'
+    name "zfs_pool"
+    supports platform: "unix"
     desc "
       Use the zfs_pool InSpec audit resource to test if the named
       ZFS Pool is present and/or has certain properties.
@@ -15,7 +15,7 @@ module Inspec::Resources
     EXAMPLE
 
     def initialize(zfs_pool)
-      return skip_resource 'The `zfs_pool` resource is not supported on your OS yet.' if !inspec.os.bsd?
+      return skip_resource "The `zfs_pool` resource is not supported on your OS yet." if !inspec.os.bsd?
       @zfs_pool = zfs_pool
 
       @params = gather

data/lib/inspec/rspec_extensions.rb

@@ -1,6 +1,6 @@
-require 'inspec/input_registry'
-require 'inspec/plugin/v2'
-require 'rspec/core/example_group'
+require "inspec/input_registry"
+require "inspec/plugin/v2"
+require "rspec/core/example_group"
 
 # Any additions to RSpec::Core::ExampleGroup (the RSpec class behind describe blocks) should go here.
 
@@ -65,14 +65,30 @@ end
 
 class RSpec::Core::ExampleGroup
   # This DSL method allows us to access the values of inputs within InSpec tests
-  def attribute(name)
-    Inspec::InputRegistry.find_or_register_input(name, self.class.metadata[:profile_id]).value
+  def input(input_name, options = {})
+    profile_id = self.class.metadata[:profile_id]
+    if options.empty?
+      # Simply an access, no event here
+      Inspec::InputRegistry.find_or_register_input(input_name, profile_id).value
+    else
+      options[:priority] = 20
+      options[:provider] = :inline_control_code
+      evt = Inspec::Input.infer_event(options)
+      Inspec::InputRegistry.find_or_register_input(input_name, profile_id, event: evt).value
+    end
   end
-  define_example_method :attribute
-  def input_obj(name)
+  define_example_method :input
+
+  def input_object(name)
     Inspec::InputRegistry.find_or_register_input(name, self.class.metadata[:profile_id])
   end
-  define_example_method :input_obj
+  define_example_method :input_object
+
+  def attribute(name, options = {})
+    Inspec.deprecate(:attrs_dsl, "Input name: #{name}, Profile: #{self.class.metadata[:profile_id]}")
+    input(name, options)
+  end
+  define_example_method :attribute
 
   # Here, we have to ensure our method_missing gets called prior
   # to RSpec::Core::ExampleGroup.method_missing (the class method).

data/lib/inspec/rule.rb

@@ -1,11 +1,10 @@
-# encoding: utf-8
 # copyright: 2015, Dominik Richter
-# author: Dominik Richter
-# author: Christoph Hartmann
 
-require 'method_source'
-require 'inspec/describe'
-require 'inspec/expect'
+require "method_source"
+require "inspec/describe"
+require "inspec/expect"
+require "inspec/resource"
+require "inspec/resources/os"
 
 module Inspec
   class Rule
@@ -58,8 +57,8 @@ module Inspec
         # fail the control. Controls are failed by having a failed resource within
         # them; but since our control block is unsafe (and opaque) to us, let's
         # make a dummy and fail that.
-        location = block.source_location.compact.join(':')
-        describe 'Control Source Code Error' do
+        location = block.source_location.compact.join(":")
+        describe "Control Source Code Error" do
           # Rubocop thinks we are raising an exception - we're actually calling RSpec's fail()
           its(location) { fail e.message } # rubocop: disable Style/SignalException
         end
@@ -160,13 +159,13 @@ module Inspec
           include dsl
         end.new(method(:__add_check))
       else
-        __add_check('describe', values, with_dsl(block))
+        __add_check("describe", values, with_dsl(block))
       end
     end
 
     def expect(value, &block)
       target = Inspec::Expect.new(value, &with_dsl(block))
-      __add_check('expect', [value], target)
+      __add_check("expect", [value], target)
       target
     end
 
@@ -209,14 +208,14 @@ module Inspec
       if skip_check[:message]
         msg = "Skipped control due to only_if condition: #{skip_check[:message]}"
       else
-        msg = 'Skipped control due to only_if condition.'
+        msg = "Skipped control due to only_if condition."
       end
 
       # TODO: we use os as the carrier here, but should consider
       # a separate resource to do skipping
       resource = rule.os
       resource.skip_resource(msg)
-      [['describe', [resource], nil]]
+      [["describe", [resource], nil]]
     end
 
     def self.merge(dst, src) # rubocop:disable Metrics/AbcSize
@@ -251,7 +250,7 @@ module Inspec
       dst.instance_variable_set(:@__merge_count, merge_count(dst) + 1)
       dst.instance_variable_set(
         :@__merge_changes,
-        merge_changes(dst) << src.instance_variable_get(:@__source_location),
+        merge_changes(dst) << src.instance_variable_get(:@__source_location)
       )
     end
 
@@ -299,9 +298,9 @@ module Inspec
     # @param [String] text string which needs to be unindented
     # @return [String] input with indentation removed; '' if input is nil
     def unindent(text)
-      return '' if text.nil?
+      return "" if text.nil?
       len = text.split("\n").reject { |l| l.strip.empty? }.map { |x| x.index(/[^\s]/) }.compact.min
-      text.gsub(/^[[:blank:]]{#{len}}/, '').strip
+      text.gsub(/^[[:blank:]]{#{len}}/, "").strip
     end
 
     # get the source location of the block

data/lib/inspec/runner.rb

@@ -1,16 +1,17 @@
-# encoding: utf-8
 # copyright: 2015, Dominik Richter
-# author: Dominik Richter
-# author: Christoph Hartmann
-
-require 'forwardable'
-require 'uri'
-require 'inspec/backend'
-require 'inspec/profile_context'
-require 'inspec/profile'
-require 'inspec/metadata'
-require 'inspec/config'
-require 'inspec/dependencies/cache'
+
+require "forwardable"
+require "uri"
+require "inspec/backend"
+require "inspec/profile_context"
+require "inspec/profile"
+require "inspec/metadata"
+require "inspec/config"
+require "inspec/dependencies/cache"
+require "inspec/dist"
+require "inspec/resources"
+require "inspec/reporters"
+require "inspec/runner_rspec"
 # spec requirements
 
 module Inspec
@@ -52,7 +53,6 @@ module Inspec
       @cache = Inspec::Cache.new(@conf[:vendor_cache])
 
       @test_collector = @conf.delete(:test_collector) || begin
-        require 'inspec/runner_rspec'
         RunnerRspec.new(@conf)
       end
 
@@ -123,16 +123,16 @@ module Inspec
     end
 
     def render_output(run_data)
-      return if @conf['reporter'].nil?
+      return if @conf["reporter"].nil?
 
-      @conf['reporter'].each do |reporter|
+      @conf["reporter"].each do |reporter|
         result = Inspec::Reporters.render(reporter, run_data)
         raise Inspec::ReporterError, "Error generating reporter '#{reporter[0]}'" if result == false
       end
     end
 
     def report
-      Inspec::Reporters.report(@conf['reporter'].first, @run_data)
+      Inspec::Reporters.report(@conf["reporter"].first, @run_data)
     end
 
     def write_lockfile(profile)
@@ -150,7 +150,7 @@ module Inspec
     def run_tests(with = nil)
       @run_data = @test_collector.run(with)
       # dont output anything if we want a report
-      render_output(@run_data) unless @conf['report']
+      render_output(@run_data) unless @conf["report"]
       @test_collector.exit_code
     end
 
@@ -192,9 +192,9 @@ module Inspec
 
     def supports_profile?(profile)
       if !profile.supports_runtime?
-        raise 'This profile requires InSpec version '\
+        raise "This profile requires #{Inspec::Dist::PRODUCT_NAME} version "\
              "#{profile.metadata.inspec_requirement}. You are running "\
-             "InSpec v#{Inspec::VERSION}.\n"
+             "#{Inspec::Dist::PRODUCT_NAME} v#{Inspec::VERSION}.\n"
       end
 
       true
@@ -218,8 +218,8 @@ module Inspec
     end
 
     def eval_with_virtual_profile(command)
-      require 'fetchers/mock'
-      add_target({ 'inspec.yml' => 'name: inspec-shell' })
+      require "fetchers/mock"
+      add_target({ "inspec.yml" => "name: inspec-shell" })
       our_profile = @target_profiles.first
       ctx = our_profile.runner_context
 
@@ -227,7 +227,7 @@ module Inspec
       # to provide access to local profiles that add resources.
       @depends.each do |dep|
         # support for windows paths
-        dep = dep.tr('\\', '/')
+        dep = dep.tr('\\', "/")
         Inspec::Profile.for_path(dep, { profile_context: ctx }).load_libraries
       end
 
@@ -240,8 +240,8 @@ module Inspec
       return {} if block.nil? || !block.respond_to?(:source_location)
       opts = {}
       file_path, line = block.source_location
-      opts['file_path'] = file_path
-      opts['line_number'] = line
+      opts["file_path"] = file_path
+      opts["line_number"] = line
       opts
     end
 
@@ -286,7 +286,7 @@ module Inspec
     def rspec_failed_block(arg, opts, message)
       @test_collector.example_group(*arg, opts) do
         # Send custom `it` block to RSpec
-        it '' do
+        it "" do
           # Raising here to fail the test and get proper formatting
           raise Inspec::Exceptions::ResourceFailed, message
         end
@@ -295,11 +295,11 @@ module Inspec
 
     def add_resource(method_name, arg, opts, block)
       case method_name
-      when 'describe'
+      when "describe"
         @test_collector.example_group(*arg, opts, &block)
-      when 'expect'
+      when "expect"
         block.example_group
-      when 'describe.one'
+      when "describe.one"
         tests = arg.map do |x|
           @test_collector.example_group(x[1][0], block_source_info(x[2]), &x[2])
         end