inspec 4.3.2 → 4.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +36 -38
- data/README.md +37 -21
- data/etc/deprecations.json +10 -0
- data/etc/plugin_filters.json +8 -0
- data/inspec.gemspec +38 -39
- data/lib/bundles/inspec-compliance/api.rb +1 -1
- data/lib/bundles/inspec-compliance/configuration.rb +1 -1
- data/lib/bundles/inspec-compliance/http.rb +1 -1
- data/lib/bundles/inspec-compliance/support.rb +1 -1
- data/lib/bundles/inspec-compliance/target.rb +1 -1
- data/lib/bundles/inspec-supermarket.rb +3 -7
- data/lib/bundles/inspec-supermarket/api.rb +10 -13
- data/lib/bundles/inspec-supermarket/cli.rb +12 -15
- data/lib/bundles/inspec-supermarket/target.rb +7 -11
- data/lib/fetchers/git.rb +14 -15
- data/lib/fetchers/local.rb +6 -10
- data/lib/fetchers/mock.rb +3 -5
- data/lib/fetchers/url.rb +42 -44
- data/lib/inspec.rb +23 -24
- data/lib/inspec/archive/tar.rb +2 -6
- data/lib/inspec/archive/zip.rb +3 -7
- data/lib/inspec/backend.rb +8 -9
- data/lib/inspec/base_cli.rb +64 -65
- data/lib/inspec/cached_fetcher.rb +2 -3
- data/lib/inspec/cli.rb +136 -97
- data/lib/inspec/config.rb +71 -61
- data/lib/inspec/control_eval_context.rb +22 -18
- data/lib/inspec/dependencies/cache.rb +2 -3
- data/lib/inspec/dependencies/dependency_set.rb +2 -3
- data/lib/inspec/dependencies/lockfile.rb +8 -9
- data/lib/inspec/dependencies/requirement.rb +7 -8
- data/lib/inspec/dependencies/resolver.rb +5 -7
- data/lib/inspec/describe.rb +2 -6
- data/lib/inspec/dist.rb +20 -0
- data/lib/inspec/dsl.rb +4 -7
- data/lib/inspec/dsl_shared.rb +1 -2
- data/lib/inspec/env_printer.rb +11 -12
- data/lib/inspec/errors.rb +0 -4
- data/lib/inspec/exceptions.rb +0 -1
- data/lib/inspec/expect.rb +5 -8
- data/lib/inspec/fetcher.rb +7 -10
- data/lib/inspec/file_provider.rb +24 -24
- data/lib/inspec/formatters.rb +3 -3
- data/lib/inspec/formatters/base.rb +8 -8
- data/lib/inspec/globals.rb +2 -2
- data/lib/inspec/impact.rb +5 -7
- data/lib/inspec/input_registry.rb +84 -33
- data/lib/inspec/library_eval_context.rb +3 -6
- data/lib/inspec/log.rb +1 -5
- data/lib/inspec/metadata.rb +17 -16
- data/lib/inspec/method_source.rb +5 -9
- data/lib/inspec/objects.rb +10 -12
- data/lib/inspec/objects/control.rb +7 -9
- data/lib/inspec/objects/describe.rb +9 -11
- data/lib/inspec/objects/each_loop.rb +1 -3
- data/lib/inspec/objects/input.rb +24 -26
- data/lib/inspec/objects/list.rb +4 -6
- data/lib/inspec/objects/or_test.rb +2 -4
- data/lib/inspec/objects/ruby_helper.rb +3 -5
- data/lib/inspec/objects/tag.rb +0 -2
- data/lib/inspec/objects/test.rb +9 -11
- data/lib/inspec/objects/value.rb +3 -5
- data/lib/inspec/plugin/v1.rb +2 -2
- data/lib/inspec/plugin/v1/plugin_types/cli.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/fetcher.rb +2 -5
- data/lib/inspec/plugin/v1/plugin_types/resource.rb +4 -6
- data/lib/inspec/plugin/v1/plugin_types/secret.rb +1 -5
- data/lib/inspec/plugin/v1/plugin_types/source_reader.rb +1 -5
- data/lib/inspec/plugin/v1/plugins.rb +15 -19
- data/lib/inspec/plugin/v1/registry.rb +0 -4
- data/lib/inspec/plugin/v2.rb +8 -8
- data/lib/inspec/plugin/v2/activator.rb +1 -1
- data/lib/inspec/plugin/v2/config_file.rb +6 -6
- data/lib/inspec/plugin/v2/filter.rb +13 -13
- data/lib/inspec/plugin/v2/installer.rb +36 -24
- data/lib/inspec/plugin/v2/loader.rb +28 -28
- data/lib/inspec/plugin/v2/plugin_base.rb +15 -2
- data/lib/inspec/plugin/v2/plugin_types/cli.rb +5 -5
- data/lib/inspec/plugin/v2/plugin_types/input.rb +34 -0
- data/lib/inspec/plugin/v2/plugin_types/mock.rb +1 -1
- data/lib/inspec/plugin/v2/registry.rb +7 -7
- data/lib/inspec/polyfill.rb +0 -3
- data/lib/inspec/profile.rb +55 -63
- data/lib/inspec/profile_context.rb +27 -30
- data/lib/inspec/profile_vendor.rb +6 -9
- data/lib/inspec/reporters.rb +24 -24
- data/lib/inspec/reporters/automate.rb +17 -19
- data/lib/inspec/reporters/base.rb +1 -1
- data/lib/inspec/reporters/cli.rb +88 -91
- data/lib/inspec/reporters/json.rb +2 -4
- data/lib/inspec/reporters/json_automate.rb +1 -3
- data/lib/inspec/reporters/json_min.rb +1 -3
- data/lib/inspec/reporters/junit.rb +26 -28
- data/lib/inspec/reporters/yaml.rb +1 -3
- data/lib/inspec/require_loader.rb +0 -4
- data/lib/inspec/resource.rb +4 -125
- data/lib/inspec/resources.rb +121 -0
- data/lib/{resources → inspec/resources}/aide_conf.rb +24 -25
- data/lib/{resources → inspec/resources}/apache.rb +13 -14
- data/lib/{resources → inspec/resources}/apache_conf.rb +16 -17
- data/lib/{resources → inspec/resources}/apt.rb +17 -17
- data/lib/{resources → inspec/resources}/audit_policy.rb +7 -6
- data/lib/{resources → inspec/resources}/auditd.rb +62 -64
- data/lib/{resources → inspec/resources}/auditd_conf.rb +7 -8
- data/lib/{resources → inspec/resources}/bash.rb +6 -8
- data/lib/{resources → inspec/resources}/bond.rb +15 -14
- data/lib/{resources → inspec/resources}/bridge.rb +8 -8
- data/lib/{resources → inspec/resources}/chocolatey_package.rb +10 -8
- data/lib/{resources → inspec/resources}/command.rb +11 -10
- data/lib/{resources → inspec/resources}/cpan.rb +12 -12
- data/lib/{resources → inspec/resources}/cran.rb +9 -9
- data/lib/{resources → inspec/resources}/crontab.rb +47 -48
- data/lib/{resources → inspec/resources}/csv.rb +5 -5
- data/lib/{resources → inspec/resources}/dh_params.rb +5 -7
- data/lib/{resources → inspec/resources}/directory.rb +5 -7
- data/lib/{resources → inspec/resources}/docker.rb +63 -63
- data/lib/{resources → inspec/resources}/docker_container.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_image.rb +9 -9
- data/lib/{resources → inspec/resources}/docker_object.rb +8 -13
- data/lib/{resources → inspec/resources}/docker_plugin.rb +6 -6
- data/lib/{resources → inspec/resources}/docker_service.rb +7 -7
- data/lib/{resources → inspec/resources}/elasticsearch.rb +40 -42
- data/lib/{resources → inspec/resources}/etc_fstab.rb +23 -24
- data/lib/{resources → inspec/resources}/etc_group.rb +26 -27
- data/lib/{resources → inspec/resources}/etc_hosts.rb +11 -13
- data/lib/{resources → inspec/resources}/etc_hosts_allow_deny.rb +25 -27
- data/lib/{resources → inspec/resources}/file.rb +80 -79
- data/lib/{resources → inspec/resources}/filesystem.rb +20 -15
- data/lib/{resources → inspec/resources}/firewalld.rb +26 -26
- data/lib/{resources → inspec/resources}/gem.rb +12 -12
- data/lib/{resources → inspec/resources}/groups.rb +28 -27
- data/lib/{resources → inspec/resources}/grub_conf.rb +46 -48
- data/lib/{resources → inspec/resources}/host.rb +31 -29
- data/lib/{resources → inspec/resources}/http.rb +24 -24
- data/lib/{resources → inspec/resources}/iis_app.rb +6 -7
- data/lib/{resources → inspec/resources}/iis_app_pool.rb +21 -19
- data/lib/{resources → inspec/resources}/iis_site.rb +17 -15
- data/lib/{resources → inspec/resources}/inetd_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/ini.rb +7 -8
- data/lib/{resources → inspec/resources}/interface.rb +30 -30
- data/lib/{resources → inspec/resources}/iptables.rb +8 -8
- data/lib/{resources → inspec/resources}/json.rb +8 -10
- data/lib/{resources → inspec/resources}/kernel_module.rb +15 -15
- data/lib/{resources → inspec/resources}/kernel_parameter.rb +8 -8
- data/lib/{resources → inspec/resources}/key_rsa.rb +8 -10
- data/lib/{resources → inspec/resources}/ksh.rb +6 -8
- data/lib/{resources → inspec/resources}/limits_conf.rb +8 -9
- data/lib/{resources/login_def.rb → inspec/resources/login_defs.rb} +9 -10
- data/lib/{resources → inspec/resources}/mount.rb +6 -8
- data/lib/{resources → inspec/resources}/mssql_session.rb +16 -18
- data/lib/inspec/resources/mysql.rb +81 -0
- data/lib/{resources → inspec/resources}/mysql_conf.rb +13 -14
- data/lib/{resources → inspec/resources}/mysql_session.rb +16 -16
- data/lib/{resources → inspec/resources}/nginx.rb +16 -17
- data/lib/{resources → inspec/resources}/nginx_conf.rb +26 -27
- data/lib/{resources → inspec/resources}/npm.rb +9 -10
- data/lib/{resources → inspec/resources}/ntp_conf.rb +9 -10
- data/lib/{resources → inspec/resources}/oneget.rb +8 -8
- data/lib/{resources → inspec/resources}/oracledb_session.rb +33 -34
- data/lib/{resources → inspec/resources}/os.rb +6 -8
- data/lib/{resources → inspec/resources}/os_env.rb +11 -12
- data/lib/{resources → inspec/resources}/package.rb +66 -65
- data/lib/{resources → inspec/resources}/packages.rb +13 -13
- data/lib/{resources → inspec/resources}/parse_config.rb +8 -8
- data/lib/{resources → inspec/resources}/passwd.rb +18 -19
- data/lib/{resources → inspec/resources}/pip.rb +19 -19
- data/lib/{resources → inspec/resources}/platform.rb +9 -11
- data/lib/{resources → inspec/resources}/port.rb +134 -136
- data/lib/{resources → inspec/resources}/postgres.rb +40 -32
- data/lib/{resources → inspec/resources}/postgres_conf.rb +17 -17
- data/lib/{resources → inspec/resources}/postgres_hba_conf.rb +21 -23
- data/lib/{resources → inspec/resources}/postgres_ident_conf.rb +12 -14
- data/lib/{resources → inspec/resources}/postgres_session.rb +8 -9
- data/lib/{resources → inspec/resources}/powershell.rb +17 -13
- data/lib/{resources → inspec/resources}/processes.rb +29 -29
- data/lib/{resources/rabbitmq_conf.rb → inspec/resources/rabbitmq_config.rb} +10 -11
- data/lib/{resources → inspec/resources}/registry_key.rb +14 -14
- data/lib/inspec/resources/script.rb +1 -0
- data/lib/{resources → inspec/resources}/security_identifier.rb +11 -10
- data/lib/{resources → inspec/resources}/security_policy.rb +59 -58
- data/lib/{resources → inspec/resources}/service.rb +74 -75
- data/lib/{resources → inspec/resources}/shadow.rb +44 -45
- data/lib/{resources/ssh_conf.rb → inspec/resources/ssh_config.rb} +16 -17
- data/lib/{resources → inspec/resources}/ssl.rb +28 -29
- data/lib/inspec/resources/sys_info.rb +30 -0
- data/lib/{resources → inspec/resources}/toml.rb +5 -7
- data/lib/{resources → inspec/resources}/users.rb +65 -65
- data/lib/{resources → inspec/resources}/vbscript.rb +8 -9
- data/lib/{resources → inspec/resources}/virtualization.rb +60 -62
- data/lib/{resources → inspec/resources}/windows_feature.rb +9 -9
- data/lib/{resources → inspec/resources}/windows_hotfix.rb +5 -5
- data/lib/{resources → inspec/resources}/windows_task.rb +16 -15
- data/lib/{resources → inspec/resources}/wmi.rb +7 -8
- data/lib/{resources → inspec/resources}/x509_certificate.rb +9 -11
- data/lib/{resources/xinetd.rb → inspec/resources/xinetd_conf.rb} +27 -29
- data/lib/{resources → inspec/resources}/xml.rb +7 -7
- data/lib/{resources → inspec/resources}/yaml.rb +5 -6
- data/lib/{resources → inspec/resources}/yum.rb +10 -10
- data/lib/{resources → inspec/resources}/zfs_dataset.rb +6 -6
- data/lib/{resources → inspec/resources}/zfs_pool.rb +4 -4
- data/lib/inspec/rspec_extensions.rb +24 -8
- data/lib/inspec/rule.rb +14 -15
- data/lib/inspec/runner.rb +28 -28
- data/lib/inspec/runner_mock.rb +1 -5
- data/lib/inspec/runner_rspec.rb +18 -20
- data/lib/inspec/runtime_profile.rb +2 -5
- data/lib/inspec/schema.rb +142 -143
- data/lib/inspec/secrets.rb +3 -7
- data/lib/inspec/secrets/yaml.rb +3 -5
- data/lib/inspec/shell.rb +11 -15
- data/lib/inspec/shell_detector.rb +6 -7
- data/lib/inspec/source_reader.rb +4 -8
- data/lib/inspec/ui.rb +33 -39
- data/lib/inspec/ui_table_helper.rb +12 -0
- data/lib/{utils → inspec/utils}/command_wrapper.rb +4 -8
- data/lib/{utils → inspec/utils}/convert.rb +0 -4
- data/lib/{utils → inspec/utils}/database_helpers.rb +4 -8
- data/lib/inspec/utils/deprecation.rb +6 -0
- data/lib/{utils → inspec/utils}/deprecation/config_file.rb +19 -19
- data/lib/{utils → inspec/utils}/deprecation/deprecator.rb +12 -12
- data/lib/{utils → inspec/utils}/deprecation/errors.rb +1 -1
- data/lib/{utils → inspec/utils}/deprecation/global_method.rb +2 -2
- data/lib/{utils → inspec/utils}/enumerable_delegation.rb +0 -2
- data/lib/{utils → inspec/utils}/erlang_parser.rb +61 -65
- data/lib/{utils → inspec/utils}/file_reader.rb +1 -2
- data/lib/{utils → inspec/utils}/filter.rb +30 -33
- data/lib/{utils → inspec/utils}/filter_array.rb +0 -2
- data/lib/{utils → inspec/utils}/find_files.rb +9 -12
- data/lib/{utils → inspec/utils}/hash.rb +1 -5
- data/lib/inspec/utils/json_log.rb +15 -0
- data/lib/inspec/utils/latest_version.rb +13 -0
- data/lib/{utils → inspec/utils}/modulator.rb +0 -3
- data/lib/{utils → inspec/utils}/nginx_parser.rb +31 -35
- data/lib/{utils → inspec/utils}/object_traversal.rb +0 -3
- data/lib/{utils → inspec/utils}/parser.rb +45 -45
- data/lib/{utils → inspec/utils}/pkey_reader.rb +4 -2
- data/lib/{utils → inspec/utils}/simpleconfig.rb +8 -10
- data/lib/{utils → inspec/utils}/spdx.rb +1 -4
- data/lib/{utils → inspec/utils}/spdx.txt +0 -0
- data/lib/inspec/utils/telemetry.rb +3 -3
- data/lib/inspec/utils/telemetry/collector.rb +30 -9
- data/lib/inspec/utils/telemetry/data_series.rb +3 -1
- data/lib/inspec/utils/telemetry/global_methods.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- data/lib/matchers/matchers.rb +22 -25
- data/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +1 -1
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +52 -45
- data/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +18 -16
- data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +12 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance.rb +1 -1
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +73 -73
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +66 -62
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +59 -57
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/configuration.rb +11 -11
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +20 -22
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/support.rb +2 -4
- data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb +30 -27
- data/lib/plugins/inspec-compliance/test/functional/inspec_compliance_test.rb +12 -14
- data/lib/plugins/inspec-compliance/test/integration/default/cli.rb +39 -41
- data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb +64 -64
- data/lib/plugins/inspec-compliance/test/unit/api_test.rb +157 -156
- data/lib/plugins/inspec-compliance/test/unit/target_test.rb +85 -85
- data/lib/plugins/inspec-habitat/Berksfile +2 -2
- data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb +1 -1
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb +15 -13
- data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +64 -63
- data/lib/plugins/inspec-habitat/templates/habitat/hooks/run.erb +3 -3
- data/lib/plugins/inspec-habitat/templates/habitat/plan.sh.erb +11 -11
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/Berksfile +1 -1
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/metadata.rb +8 -8
- data/lib/plugins/inspec-habitat/test/cookbooks/inspec_habitat_fixture/recipes/default.rb +17 -17
- data/lib/plugins/inspec-habitat/test/functional/inspec_habitat_test.rb +9 -8
- data/lib/plugins/inspec-habitat/test/integration/default/inspec_habitat/controls/inspec_habitat.rb +14 -14
- data/lib/plugins/inspec-habitat/test/support/example_profile/controls/example.rb +4 -4
- data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +42 -41
- data/lib/plugins/inspec-init/lib/inspec-init.rb +1 -1
- data/lib/plugins/inspec-init/lib/inspec-init/cli.rb +6 -8
- data/lib/plugins/inspec-init/lib/inspec-init/cli_plugin.rb +72 -74
- data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +9 -11
- data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +4 -4
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/Gemfile +0 -1
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/inspec-plugin-template.gemspec +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/cli_command.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/plugin.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/lib/inspec-plugin-template/version.rb +0 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/functional/inspec_plugin_template_test.rb +5 -5
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/helper.rb +1 -3
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/cli_args_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/plugins/inspec-plugin-template/test/unit/plugin_def_test.rb +2 -2
- data/lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/azure/controls/example.rb +4 -5
- data/lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb +10 -11
- data/lib/plugins/inspec-init/templates/profiles/os/controls/example.rb +6 -7
- data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +51 -50
- data/lib/plugins/inspec-init/test/functional/inspec_init_profile_test.rb +35 -33
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli.rb +1 -2
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +72 -70
- data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/plugin.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/fixtures/plugins/wrong-name/lib/wrong-name.rb +1 -1
- data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +281 -271
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/cli_args_test.rb +41 -41
- data/lib/plugins/inspec-plugin-manager-cli/test/unit/plugin_def_test.rb +25 -6
- data/lib/plugins/shared/core_plugin_test_helper.rb +43 -38
- data/lib/resource_support/aws.rb +67 -67
- data/lib/resource_support/aws/aws_plural_resource_mixin.rb +4 -1
- data/lib/resource_support/aws/aws_resource_mixin.rb +4 -3
- data/lib/resource_support/aws/aws_singular_resource_mixin.rb +4 -1
- data/lib/resources/aws/aws_billing_report.rb +15 -8
- data/lib/resources/aws/aws_billing_reports.rb +10 -7
- data/lib/resources/aws/aws_cloudtrail_trail.rb +9 -5
- data/lib/resources/aws/aws_cloudtrail_trails.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_alarm.rb +9 -5
- data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +12 -8
- data/lib/resources/aws/aws_config_delivery_channel.rb +13 -9
- data/lib/resources/aws/aws_config_recorder.rb +10 -6
- data/lib/resources/aws/aws_ebs_volume.rb +12 -8
- data/lib/resources/aws/aws_ebs_volumes.rb +9 -5
- data/lib/resources/aws/aws_ec2_instance.rb +14 -11
- data/lib/resources/aws/aws_ec2_instances.rb +9 -5
- data/lib/resources/aws/aws_ecs_cluster.rb +11 -7
- data/lib/resources/aws/aws_eks_cluster.rb +13 -9
- data/lib/resources/aws/aws_elb.rb +9 -5
- data/lib/resources/aws/aws_elbs.rb +9 -5
- data/lib/resources/aws/aws_flow_log.rb +17 -13
- data/lib/resources/aws/aws_iam_access_key.rb +15 -11
- data/lib/resources/aws/aws_iam_access_keys.rb +19 -15
- data/lib/resources/aws/aws_iam_group.rb +9 -5
- data/lib/resources/aws/aws_iam_groups.rb +9 -5
- data/lib/resources/aws/aws_iam_password_policy.rb +13 -10
- data/lib/resources/aws/aws_iam_policies.rb +9 -5
- data/lib/resources/aws/aws_iam_policy.rb +16 -12
- data/lib/resources/aws/aws_iam_role.rb +9 -5
- data/lib/resources/aws/aws_iam_root_user.rb +12 -8
- data/lib/resources/aws/aws_iam_user.rb +12 -12
- data/lib/resources/aws/aws_iam_users.rb +10 -10
- data/lib/resources/aws/aws_kms_key.rb +12 -8
- data/lib/resources/aws/aws_kms_keys.rb +9 -5
- data/lib/resources/aws/aws_rds_instance.rb +11 -8
- data/lib/resources/aws/aws_route_table.rb +11 -7
- data/lib/resources/aws/aws_route_tables.rb +10 -6
- data/lib/resources/aws/aws_s3_bucket.rb +14 -11
- data/lib/resources/aws/aws_s3_bucket_object.rb +12 -9
- data/lib/resources/aws/aws_s3_buckets.rb +9 -7
- data/lib/resources/aws/aws_security_group.rb +16 -12
- data/lib/resources/aws/aws_security_groups.rb +12 -8
- data/lib/resources/aws/aws_sns_subscription.rb +15 -11
- data/lib/resources/aws/aws_sns_topic.rb +10 -6
- data/lib/resources/aws/aws_sns_topics.rb +9 -5
- data/lib/resources/aws/aws_sqs_queue.rb +18 -14
- data/lib/resources/aws/aws_subnet.rb +11 -7
- data/lib/resources/aws/aws_subnets.rb +9 -5
- data/lib/resources/aws/aws_vpc.rb +10 -6
- data/lib/resources/aws/aws_vpcs.rb +9 -5
- data/lib/resources/azure/azure_backend.rb +20 -18
- data/lib/resources/azure/azure_generic_resource.rb +13 -15
- data/lib/resources/azure/azure_resource_group.rb +17 -19
- data/lib/resources/azure/azure_virtual_machine.rb +6 -8
- data/lib/resources/azure/azure_virtual_machine_data_disk.rb +6 -8
- data/lib/source_readers/flat.rb +6 -10
- data/lib/source_readers/inspec.rb +8 -12
- metadata +141 -142
- data/lib/resources/mysql.rb +0 -82
- data/lib/resources/sys_info.rb +0 -28
- data/lib/utils/deprecation.rb +0 -6
- data/lib/utils/json_log.rb +0 -18
- data/lib/utils/latest_version.rb +0 -22
@@ -1,17 +1,17 @@
|
|
1
|
-
|
1
|
+
require "inspec/globals"
|
2
2
|
|
3
3
|
module InspecPlugins
|
4
4
|
module Compliance
|
5
5
|
# stores configuration on local filesystem
|
6
6
|
class Configuration
|
7
7
|
def initialize
|
8
|
-
@config_path = File.join(Inspec.config_dir,
|
8
|
+
@config_path = File.join(Inspec.config_dir, "compliance")
|
9
9
|
# ensure the directory is available
|
10
10
|
unless File.directory?(@config_path)
|
11
11
|
FileUtils.mkdir_p(@config_path)
|
12
12
|
end
|
13
13
|
# set config file path
|
14
|
-
@config_file = File.join(@config_path,
|
14
|
+
@config_file = File.join(@config_path, "/config.json")
|
15
15
|
@config = {}
|
16
16
|
|
17
17
|
# load the data
|
@@ -46,7 +46,7 @@ module InspecPlugins
|
|
46
46
|
|
47
47
|
# stores a hash to json
|
48
48
|
def store
|
49
|
-
File.open(@config_file,
|
49
|
+
File.open(@config_file, "w") do |f|
|
50
50
|
f.chmod(0600)
|
51
51
|
f.write(@config.to_json)
|
52
52
|
end
|
@@ -66,13 +66,13 @@ module InspecPlugins
|
|
66
66
|
sup = version_with_support(feature)
|
67
67
|
|
68
68
|
# we do not know the version, therefore we do not know if its possible to use the feature
|
69
|
-
return if self[
|
69
|
+
return if self["version"].nil? || self["version"]["version"].nil?
|
70
70
|
|
71
71
|
if sup.is_a?(Array)
|
72
|
-
Gem::Version.new(self[
|
73
|
-
Gem::Version.new(self[
|
72
|
+
Gem::Version.new(self["version"]["version"]) >= sup[0] &&
|
73
|
+
Gem::Version.new(self["version"]["version"]) < sup[1]
|
74
74
|
else
|
75
|
-
Gem::Version.new(self[
|
75
|
+
Gem::Version.new(self["version"]["version"]) >= sup
|
76
76
|
end
|
77
77
|
end
|
78
78
|
|
@@ -81,7 +81,7 @@ module InspecPlugins
|
|
81
81
|
return if supported?(feature)
|
82
82
|
|
83
83
|
puts "This feature (#{feature}) is not available for legacy installations."
|
84
|
-
puts
|
84
|
+
puts "Please upgrade to a recent version of Chef Compliance."
|
85
85
|
exit 1
|
86
86
|
end
|
87
87
|
|
@@ -93,9 +93,9 @@ module InspecPlugins
|
|
93
93
|
def version_with_support(feature)
|
94
94
|
case feature.to_sym
|
95
95
|
when :oidc
|
96
|
-
Gem::Version.new(
|
96
|
+
Gem::Version.new("0.16.19")
|
97
97
|
else
|
98
|
-
Gem::Version.new(
|
98
|
+
Gem::Version.new("0.0.0")
|
99
99
|
end
|
100
100
|
end
|
101
101
|
end
|
@@ -1,8 +1,6 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require 'net/http/post/multipart'
|
5
|
-
require 'uri'
|
1
|
+
require "net/http"
|
2
|
+
require "net/http/post/multipart"
|
3
|
+
require "uri"
|
6
4
|
|
7
5
|
module InspecPlugins
|
8
6
|
module Compliance
|
@@ -24,11 +22,11 @@ module InspecPlugins
|
|
24
22
|
uri = _parse_url(url)
|
25
23
|
req = Net::HTTP::Post.new(uri.path)
|
26
24
|
if basic_auth
|
27
|
-
req.basic_auth token,
|
25
|
+
req.basic_auth token, ""
|
28
26
|
else
|
29
|
-
req[
|
27
|
+
req["Authorization"] = "Bearer #{token}"
|
30
28
|
end
|
31
|
-
req.form_data={}
|
29
|
+
req.form_data = {}
|
32
30
|
|
33
31
|
send_request(uri, req, insecure)
|
34
32
|
end
|
@@ -50,7 +48,7 @@ module InspecPlugins
|
|
50
48
|
http = Net::HTTP.new(uri.host, uri.port)
|
51
49
|
|
52
50
|
# set connection flags
|
53
|
-
http.use_ssl = (uri.scheme ==
|
51
|
+
http.use_ssl = (uri.scheme == "https")
|
54
52
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure
|
55
53
|
|
56
54
|
req = Net::HTTP::Post.new(uri.path)
|
@@ -58,13 +56,13 @@ module InspecPlugins
|
|
58
56
|
req.add_field(key, value)
|
59
57
|
end
|
60
58
|
|
61
|
-
req.body_stream=File.open(file_path,
|
62
|
-
req.add_field(
|
63
|
-
req.add_field(
|
59
|
+
req.body_stream = File.open(file_path, "rb")
|
60
|
+
req.add_field("Content-Length", File.size(file_path))
|
61
|
+
req.add_field("Content-Type", "application/x-gzip")
|
64
62
|
|
65
|
-
boundary =
|
66
|
-
req.add_field(
|
67
|
-
res=http.request(req)
|
63
|
+
boundary = "INSPEC-PROFILE-UPLOAD"
|
64
|
+
req.add_field("session", boundary)
|
65
|
+
res = http.request(req)
|
68
66
|
res
|
69
67
|
end
|
70
68
|
|
@@ -74,11 +72,11 @@ module InspecPlugins
|
|
74
72
|
http = Net::HTTP.new(uri.host, uri.port)
|
75
73
|
|
76
74
|
# set connection flags
|
77
|
-
http.use_ssl = (uri.scheme ==
|
75
|
+
http.use_ssl = (uri.scheme == "https")
|
78
76
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE if insecure
|
79
77
|
|
80
78
|
File.open(file_path) do |tar|
|
81
|
-
req = Net::HTTP::Post::Multipart.new(uri,
|
79
|
+
req = Net::HTTP::Post::Multipart.new(uri, "file" => UploadIO.new(tar, "application/x-gzip", File.basename(file_path)))
|
82
80
|
headers.each do |key, value|
|
83
81
|
req.add_field(key, value)
|
84
82
|
end
|
@@ -90,20 +88,20 @@ module InspecPlugins
|
|
90
88
|
# sends a http requests
|
91
89
|
def self.send_request(uri, req, insecure)
|
92
90
|
opts = {
|
93
|
-
use_ssl: uri.scheme ==
|
91
|
+
use_ssl: uri.scheme == "https",
|
94
92
|
}
|
95
93
|
opts[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if insecure
|
96
94
|
|
97
95
|
raise "Unable to parse URI: #{uri}" if uri.nil? || uri.host.nil?
|
98
|
-
res = Net::HTTP.start(uri.host, uri.port, opts)
|
96
|
+
res = Net::HTTP.start(uri.host, uri.port, opts) do |http|
|
99
97
|
http.request(req)
|
100
|
-
|
98
|
+
end
|
101
99
|
res
|
102
100
|
rescue OpenSSL::SSL::SSLError => e
|
103
|
-
raise e unless e.message.include?
|
101
|
+
raise e unless e.message.include? "certificate verify failed"
|
104
102
|
|
105
103
|
puts "Error: Failed to connect to #{uri}."
|
106
|
-
puts
|
104
|
+
puts "If the server uses a self-signed certificate, please re-run the login command with the --insecure option."
|
107
105
|
exit 1
|
108
106
|
end
|
109
107
|
|
@@ -1,5 +1,3 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
module InspecPlugins
|
4
2
|
module Compliance
|
5
3
|
# is a helper that provides information which version of compliance supports
|
@@ -11,9 +9,9 @@ module InspecPlugins
|
|
11
9
|
def self.version_with_support(feature)
|
12
10
|
case feature.to_sym
|
13
11
|
when :oidc # open id connect authentication
|
14
|
-
Gem::Version.new(
|
12
|
+
Gem::Version.new("0.16.19")
|
15
13
|
else
|
16
|
-
Gem::Version.new(
|
14
|
+
Gem::Version.new("0.0.0")
|
17
15
|
end
|
18
16
|
end
|
19
17
|
|
@@ -1,8 +1,7 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require 'inspec/errors'
|
1
|
+
require "uri"
|
2
|
+
require "inspec/fetcher"
|
3
|
+
require "inspec/errors"
|
4
|
+
require "inspec/dist"
|
6
5
|
|
7
6
|
# InSpec Target Helper for Chef Compliance
|
8
7
|
# reuses UrlHelper, but it knows the target server and the access token already
|
@@ -10,13 +9,15 @@ require 'inspec/errors'
|
|
10
9
|
module InspecPlugins
|
11
10
|
module Compliance
|
12
11
|
class Fetcher < Fetchers::Url
|
13
|
-
|
12
|
+
include Inspec::Dist
|
13
|
+
|
14
|
+
name "compliance"
|
14
15
|
priority 500
|
15
16
|
attr_reader :upstream_sha256
|
16
17
|
|
17
18
|
def initialize(target, opts)
|
18
19
|
super(target, opts)
|
19
|
-
@upstream_sha256 =
|
20
|
+
@upstream_sha256 = ""
|
20
21
|
if target.is_a?(Hash) && target.key?(:url)
|
21
22
|
@target = target[:url]
|
22
23
|
@upstream_sha256 = target[:sha256]
|
@@ -30,16 +31,16 @@ module InspecPlugins
|
|
30
31
|
end
|
31
32
|
|
32
33
|
def self.check_compliance_token(uri, config)
|
33
|
-
if config[
|
34
|
-
if config[
|
35
|
-
server =
|
36
|
-
msg =
|
37
|
-
elsif config[
|
38
|
-
server =
|
39
|
-
msg =
|
34
|
+
if config["token"].nil? && config["refresh_token"].nil?
|
35
|
+
if config["server_type"] == "automate"
|
36
|
+
server = "automate"
|
37
|
+
msg = "#{EXEC_NAME} compliance login https://your_automate_server --user USER --ent ENT --dctoken DCTOKEN or --token USERTOKEN"
|
38
|
+
elsif config["server_type"] == "automate2"
|
39
|
+
server = "automate2"
|
40
|
+
msg = "#{EXEC_NAME} compliance login https://your_automate2_server --user USER --token APITOKEN"
|
40
41
|
else
|
41
|
-
server =
|
42
|
-
msg = "
|
42
|
+
server = "compliance"
|
43
|
+
msg = "#{EXEC_NAME} compliance login https://your_compliance_server --user admin --insecure --token 'PASTE TOKEN HERE' "
|
43
44
|
end
|
44
45
|
raise Inspec::FetcherFailure, <<~EOF
|
45
46
|
|
@@ -54,7 +55,7 @@ module InspecPlugins
|
|
54
55
|
end
|
55
56
|
|
56
57
|
def self.get_target_uri(target)
|
57
|
-
if target.is_a?(String) && URI(target).scheme ==
|
58
|
+
if target.is_a?(String) && URI(target).scheme == "compliance"
|
58
59
|
URI(target)
|
59
60
|
elsif target.respond_to?(:key?) && target.key?(:compliance)
|
60
61
|
URI("compliance://#{target[:compliance]}")
|
@@ -84,16 +85,16 @@ module InspecPlugins
|
|
84
85
|
# If version was specified, it will be the first and only result.
|
85
86
|
# Note we are calling the sha256 as a string, not a symbol since
|
86
87
|
# it was returned as json from the Compliance API.
|
87
|
-
profile_info = profile_result.sort_by { |x| Gem::Version.new(x[
|
88
|
-
profile_checksum = profile_info.key?(
|
88
|
+
profile_info = profile_result.sort_by { |x| Gem::Version.new(x["version"]) }[0]
|
89
|
+
profile_checksum = profile_info.key?("sha256") ? profile_info["sha256"] : ""
|
89
90
|
end
|
90
91
|
end
|
91
92
|
# We need to pass the token to the fetcher
|
92
|
-
config[
|
93
|
+
config["token"] = InspecPlugins::Compliance::API.get_token(config)
|
93
94
|
|
94
95
|
# Needed for automate2 post request
|
95
96
|
profile_stub = profile || target[:compliance]
|
96
|
-
config[
|
97
|
+
config["profile"] = InspecPlugins::Compliance::API.profile_split(profile_stub)
|
97
98
|
|
98
99
|
new({ url: profile_fetch_url, sha256: profile_checksum }, config)
|
99
100
|
rescue URI::Error => _e
|
@@ -111,7 +112,7 @@ module InspecPlugins
|
|
111
112
|
end
|
112
113
|
|
113
114
|
def to_s
|
114
|
-
|
115
|
+
"#{COMPLIANCE_PRODUCT_NAME} Profile Loader"
|
115
116
|
end
|
116
117
|
|
117
118
|
private
|
@@ -128,13 +129,15 @@ module InspecPlugins
|
|
128
129
|
|
129
130
|
if InspecPlugins::Compliance::API.is_automate2_server?(@config)
|
130
131
|
m = {}
|
131
|
-
m[:owner] = @config[
|
132
|
-
m[:id] = @config[
|
132
|
+
m[:owner] = @config["profile"][0]
|
133
|
+
m[:id] = @config["profile"][1]
|
133
134
|
end
|
134
135
|
|
135
|
-
|
136
|
-
|
137
|
-
|
136
|
+
if m.nil?
|
137
|
+
raise "Unable to determine compliance profile name. This can be caused by " \
|
138
|
+
"an incorrect server in your configuration. Try to login to compliance " \
|
139
|
+
"via the `#{EXEC_NAME} compliance login` command."
|
140
|
+
end
|
138
141
|
|
139
142
|
"#{m[:owner]}/#{m[:id]}"
|
140
143
|
end
|
@@ -1,43 +1,41 @@
|
|
1
|
-
|
1
|
+
require_relative "../../../shared/core_plugin_test_helper.rb"
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
class ComplianceCli < MiniTest::Test
|
3
|
+
class ComplianceCli < Minitest::Test
|
6
4
|
include CorePluginFunctionalHelper
|
7
5
|
|
8
6
|
def test_help_output
|
9
|
-
out = run_inspec_process(
|
7
|
+
out = run_inspec_process("compliance help")
|
10
8
|
assert_equal out.exit_status, 0
|
11
|
-
assert_includes out.stdout,
|
9
|
+
assert_includes out.stdout, "inspec compliance exec PROFILE"
|
12
10
|
end
|
13
11
|
|
14
12
|
def test_logout_command
|
15
|
-
out = run_inspec_process(
|
13
|
+
out = run_inspec_process("compliance logout")
|
16
14
|
assert_equal out.exit_status, 0
|
17
|
-
assert_includes out.stdout,
|
15
|
+
assert_includes out.stdout, ""
|
18
16
|
end
|
19
17
|
|
20
18
|
def test_error_login_with_invalid_url
|
21
|
-
out = run_inspec_process(
|
19
|
+
out = run_inspec_process("compliance login")
|
22
20
|
assert_equal out.exit_status, 1
|
23
21
|
assert_includes out.stderr, 'ERROR: "inspec compliance login" was called with no arguments'
|
24
22
|
end
|
25
23
|
|
26
24
|
def test_profile_list_without_auth
|
27
|
-
out = run_inspec_process(
|
25
|
+
out = run_inspec_process("compliance profiles")
|
28
26
|
assert_equal out.exit_status, 0 # TODO: make this error
|
29
|
-
assert_includes out.stdout,
|
27
|
+
assert_includes out.stdout, "You need to login first with `inspec compliance login`"
|
30
28
|
end
|
31
29
|
|
32
30
|
def test_error_upload_without_args
|
33
|
-
out = run_inspec_process(
|
31
|
+
out = run_inspec_process("compliance upload")
|
34
32
|
assert_equal out.exit_status, 1
|
35
33
|
assert_includes out.stderr, 'ERROR: "inspec compliance upload" was called with no arguments'
|
36
34
|
end
|
37
35
|
|
38
36
|
def test_error_upload_with_fake_path
|
39
|
-
out = run_inspec_process(
|
37
|
+
out = run_inspec_process("compliance upload /path/to/dir")
|
40
38
|
assert_equal out.exit_status, 0 # TODO: make this error
|
41
|
-
assert_includes out.stdout,
|
39
|
+
assert_includes out.stdout, "You need to login first with `inspec compliance login`"
|
42
40
|
end
|
43
41
|
end
|
@@ -1,93 +1,91 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
# options
|
4
|
-
inspec_bin =
|
5
|
-
api_url =
|
6
|
-
profile =
|
2
|
+
inspec_bin = "BUNDLE_GEMFILE=/inspec/Gemfile bundle exec inspec"
|
3
|
+
api_url = "https://0.0.0.0"
|
4
|
+
profile = "/inspec/examples/profile"
|
7
5
|
|
8
|
-
user = command(
|
9
|
-
pwd = command(
|
6
|
+
user = command("whoami").stdout.strip
|
7
|
+
pwd = command("pwd").stdout.strip
|
10
8
|
puts "Run test as #{user} in path #{pwd}"
|
11
9
|
|
12
10
|
# TODO: determine tokens automatically, define in kitchen yml
|
13
|
-
access_token = ENV[
|
14
|
-
refresh_token = ENV[
|
11
|
+
access_token = ENV["COMPLIANCE_ACCESSTOKEN"]
|
12
|
+
refresh_token = ENV["COMPLIANCE_REFRESHTOKEN"]
|
15
13
|
|
16
14
|
%w{refresh_token access_token}.each do |type| # rubocop:disable Metrics/BlockLength
|
17
15
|
case type
|
18
|
-
when
|
16
|
+
when "access_token"
|
19
17
|
token_options = "--token '#{access_token}'"
|
20
|
-
when
|
18
|
+
when "refresh_token"
|
21
19
|
token_options = "--refresh_token '#{refresh_token}'"
|
22
20
|
end
|
23
21
|
|
24
22
|
# verifies that the help command works
|
25
23
|
describe command("#{inspec_bin} compliance help") do
|
26
|
-
its(
|
27
|
-
its(
|
28
|
-
its(
|
24
|
+
its("stdout") { should include "inspec compliance help [COMMAND]" }
|
25
|
+
its("stderr") { should eq "" }
|
26
|
+
its("exit_status") { should eq 0 }
|
29
27
|
end
|
30
28
|
|
31
29
|
# version command fails gracefully when server not configured
|
32
30
|
describe command("#{inspec_bin} compliance version") do
|
33
|
-
its(
|
34
|
-
its(
|
35
|
-
its(
|
31
|
+
its("stdout") { should include "Server configuration information is missing" }
|
32
|
+
its("stderr") { should eq "" }
|
33
|
+
its("exit_status") { should eq 1 }
|
36
34
|
end
|
37
35
|
|
38
36
|
# submitting a wrong token should have an exit of 0
|
39
37
|
describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' --token 'wrong-token'") do
|
40
|
-
its(
|
38
|
+
its("stdout") { should include "token stored" }
|
41
39
|
end
|
42
40
|
|
43
41
|
# compliance login --help should give an accurate message for login
|
44
42
|
describe command("#{inspec_bin} compliance login --help") do
|
45
|
-
its(
|
46
|
-
its(
|
43
|
+
its("stdout") { should include "inspec compliance login SERVER --insecure --user='USER' --token='TOKEN'" }
|
44
|
+
its("exit_status") { should eq 0 }
|
47
45
|
end
|
48
46
|
|
49
47
|
# profiles command fails gracefully when token/server info is incorrect
|
50
48
|
describe command("#{inspec_bin} compliance profiles") do
|
51
|
-
its(
|
52
|
-
its(
|
53
|
-
its(
|
49
|
+
its("stdout") { should include "401 Unauthorized. Please check your token" }
|
50
|
+
its("stderr") { should eq "" }
|
51
|
+
its("exit_status") { should eq 1 }
|
54
52
|
end
|
55
53
|
|
56
54
|
# login via access token token
|
57
55
|
describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' #{token_options}") do
|
58
|
-
its(
|
59
|
-
its(
|
60
|
-
its(
|
61
|
-
its(
|
56
|
+
its("stdout") { should include "token", "stored" }
|
57
|
+
its("stdout") { should_not include "Your server supports --user and --password only" }
|
58
|
+
its("stderr") { should eq "" }
|
59
|
+
its("exit_status") { should eq 0 }
|
62
60
|
end
|
63
61
|
|
64
62
|
# see available resources
|
65
63
|
describe command("#{inspec_bin} compliance profiles") do
|
66
|
-
its(
|
67
|
-
its(
|
68
|
-
its(
|
64
|
+
its("stdout") { should include "base/ssh" }
|
65
|
+
its("stderr") { should eq "" }
|
66
|
+
its("exit_status") { should eq 0 }
|
69
67
|
end
|
70
68
|
|
71
69
|
# upload a compliance profile
|
72
70
|
describe command("#{inspec_bin} compliance upload #{profile} --overwrite") do
|
73
|
-
its(
|
74
|
-
its(
|
75
|
-
its(
|
76
|
-
its(
|
77
|
-
its(
|
71
|
+
its("stdout") { should include "Profile is valid" }
|
72
|
+
its("stdout") { should include "Successfully uploaded profile" }
|
73
|
+
its("stdout") { should_not include "error(s)" }
|
74
|
+
its("stderr") { should eq "" }
|
75
|
+
its("exit_status") { should eq 0 }
|
78
76
|
end
|
79
77
|
|
80
78
|
# returns the version of the server
|
81
79
|
describe command("#{inspec_bin} compliance version") do
|
82
|
-
its(
|
83
|
-
its(
|
84
|
-
its(
|
80
|
+
its("stdout") { should include "Chef Compliance version:" }
|
81
|
+
its("stderr") { should eq "" }
|
82
|
+
its("exit_status") { should eq 0 }
|
85
83
|
end
|
86
84
|
|
87
85
|
# logout
|
88
86
|
describe command("#{inspec_bin} compliance logout") do
|
89
|
-
its(
|
90
|
-
its(
|
91
|
-
its(
|
87
|
+
its("stdout") { should include "Successfully logged out" }
|
88
|
+
its("stderr") { should eq "" }
|
89
|
+
its("exit_status") { should eq 0 }
|
92
90
|
end
|
93
91
|
end
|