inspec 4.7.3 → 4.7.18

Sign up to get free protection for your applications and to get access to all the features.
Files changed (211) hide show
  1. checksums.yaml +4 -4
  2. data/inspec.gemspec +1 -1
  3. data/lib/bundles/inspec-supermarket/api.rb +2 -1
  4. data/lib/bundles/inspec-supermarket/cli.rb +6 -6
  5. data/lib/bundles/inspec-supermarket/target.rb +1 -0
  6. data/lib/fetchers/git.rb +3 -1
  7. data/lib/fetchers/mock.rb +1 -0
  8. data/lib/fetchers/url.rb +6 -3
  9. data/lib/inspec/backend.rb +1 -0
  10. data/lib/inspec/base_cli.rb +4 -1
  11. data/lib/inspec/cli.rb +5 -4
  12. data/lib/inspec/config.rb +9 -1
  13. data/lib/inspec/control_eval_context.rb +1 -0
  14. data/lib/inspec/dependencies/cache.rb +1 -0
  15. data/lib/inspec/dependencies/dependency_set.rb +2 -0
  16. data/lib/inspec/dependencies/lockfile.rb +1 -0
  17. data/lib/inspec/dependencies/requirement.rb +8 -7
  18. data/lib/inspec/dependencies/resolver.rb +3 -3
  19. data/lib/inspec/describe.rb +1 -0
  20. data/lib/inspec/dsl.rb +1 -1
  21. data/lib/inspec/dsl_shared.rb +1 -1
  22. data/lib/inspec/env_printer.rb +4 -4
  23. data/lib/inspec/fetcher.rb +4 -2
  24. data/lib/inspec/file_provider.rb +18 -8
  25. data/lib/inspec/formatters/base.rb +5 -0
  26. data/lib/inspec/impact.rb +2 -0
  27. data/lib/inspec/input_registry.rb +14 -13
  28. data/lib/inspec/metadata.rb +6 -2
  29. data/lib/inspec/method_source.rb +1 -1
  30. data/lib/inspec/objects/control.rb +4 -1
  31. data/lib/inspec/objects/describe.rb +3 -1
  32. data/lib/inspec/objects/input.rb +6 -5
  33. data/lib/inspec/objects/list.rb +2 -0
  34. data/lib/inspec/objects/test.rb +3 -2
  35. data/lib/inspec/plugin/v1/plugin_types/resource.rb +7 -0
  36. data/lib/inspec/plugin/v1/plugins.rb +4 -3
  37. data/lib/inspec/plugin/v1/registry.rb +3 -2
  38. data/lib/inspec/plugin/v2.rb +1 -0
  39. data/lib/inspec/plugin/v2/activator.rb +2 -0
  40. data/lib/inspec/plugin/v2/config_file.rb +4 -1
  41. data/lib/inspec/plugin/v2/filter.rb +1 -0
  42. data/lib/inspec/plugin/v2/installer.rb +9 -7
  43. data/lib/inspec/plugin/v2/loader.rb +2 -0
  44. data/lib/inspec/plugin/v2/plugin_base.rb +1 -0
  45. data/lib/inspec/plugin/v2/plugin_types/cli.rb +2 -2
  46. data/lib/inspec/plugin/v2/registry.rb +3 -1
  47. data/lib/inspec/profile.rb +13 -6
  48. data/lib/inspec/profile_context.rb +4 -2
  49. data/lib/inspec/reporters/cli.rb +14 -10
  50. data/lib/inspec/reporters/json.rb +1 -0
  51. data/lib/inspec/reporters/json_automate.rb +3 -0
  52. data/lib/inspec/reporters/json_min.rb +2 -0
  53. data/lib/inspec/resource.rb +2 -0
  54. data/lib/inspec/resources/aide_conf.rb +4 -3
  55. data/lib/inspec/resources/apache_conf.rb +1 -1
  56. data/lib/inspec/resources/apt.rb +2 -0
  57. data/lib/inspec/resources/auditd.rb +19 -18
  58. data/lib/inspec/resources/bridge.rb +5 -2
  59. data/lib/inspec/resources/chocolatey_package.rb +2 -0
  60. data/lib/inspec/resources/command.rb +1 -1
  61. data/lib/inspec/resources/crontab.rb +9 -8
  62. data/lib/inspec/resources/csv.rb +1 -1
  63. data/lib/inspec/resources/dh_params.rb +6 -0
  64. data/lib/inspec/resources/docker.rb +37 -34
  65. data/lib/inspec/resources/docker_container.rb +1 -0
  66. data/lib/inspec/resources/docker_image.rb +1 -0
  67. data/lib/inspec/resources/docker_plugin.rb +1 -0
  68. data/lib/inspec/resources/docker_service.rb +1 -0
  69. data/lib/inspec/resources/elasticsearch.rb +24 -24
  70. data/lib/inspec/resources/etc_fstab.rb +8 -7
  71. data/lib/inspec/resources/etc_group.rb +4 -0
  72. data/lib/inspec/resources/etc_hosts.rb +4 -4
  73. data/lib/inspec/resources/etc_hosts_allow_deny.rb +5 -3
  74. data/lib/inspec/resources/file.rb +4 -1
  75. data/lib/inspec/resources/filesystem.rb +5 -3
  76. data/lib/inspec/resources/firewalld.rb +7 -4
  77. data/lib/inspec/resources/groups.rb +6 -4
  78. data/lib/inspec/resources/grub_conf.rb +3 -0
  79. data/lib/inspec/resources/host.rb +5 -3
  80. data/lib/inspec/resources/http.rb +6 -4
  81. data/lib/inspec/resources/iis_app.rb +1 -0
  82. data/lib/inspec/resources/iis_app_pool.rb +1 -1
  83. data/lib/inspec/resources/iis_site.rb +4 -3
  84. data/lib/inspec/resources/interface.rb +10 -7
  85. data/lib/inspec/resources/json.rb +1 -1
  86. data/lib/inspec/resources/kernel_module.rb +1 -1
  87. data/lib/inspec/resources/kernel_parameter.rb +2 -1
  88. data/lib/inspec/resources/key_rsa.rb +5 -0
  89. data/lib/inspec/resources/mount.rb +3 -1
  90. data/lib/inspec/resources/mysql_conf.rb +3 -1
  91. data/lib/inspec/resources/mysql_session.rb +2 -0
  92. data/lib/inspec/resources/nginx.rb +1 -0
  93. data/lib/inspec/resources/nginx_conf.rb +10 -6
  94. data/lib/inspec/resources/ntp_conf.rb +1 -0
  95. data/lib/inspec/resources/oneget.rb +1 -1
  96. data/lib/inspec/resources/oracledb_session.rb +4 -2
  97. data/lib/inspec/resources/os_env.rb +1 -0
  98. data/lib/inspec/resources/package.rb +10 -6
  99. data/lib/inspec/resources/packages.rb +7 -5
  100. data/lib/inspec/resources/passwd.rb +7 -7
  101. data/lib/inspec/resources/pip.rb +2 -0
  102. data/lib/inspec/resources/port.rb +22 -8
  103. data/lib/inspec/resources/postgres.rb +2 -1
  104. data/lib/inspec/resources/postgres_conf.rb +2 -0
  105. data/lib/inspec/resources/postgres_hba_conf.rb +6 -6
  106. data/lib/inspec/resources/postgres_ident_conf.rb +3 -3
  107. data/lib/inspec/resources/processes.rb +16 -15
  108. data/lib/inspec/resources/rabbitmq_config.rb +2 -0
  109. data/lib/inspec/resources/registry_key.rb +8 -3
  110. data/lib/inspec/resources/security_identifier.rb +3 -1
  111. data/lib/inspec/resources/security_policy.rb +2 -1
  112. data/lib/inspec/resources/service.rb +13 -1
  113. data/lib/inspec/resources/shadow.rb +1 -0
  114. data/lib/inspec/resources/ssh_config.rb +2 -0
  115. data/lib/inspec/resources/ssl.rb +12 -11
  116. data/lib/inspec/resources/users.rb +29 -19
  117. data/lib/inspec/resources/virtualization.rb +10 -0
  118. data/lib/inspec/resources/windows_feature.rb +1 -1
  119. data/lib/inspec/resources/windows_hotfix.rb +2 -0
  120. data/lib/inspec/resources/windows_task.rb +4 -0
  121. data/lib/inspec/resources/wmi.rb +2 -1
  122. data/lib/inspec/resources/x509_certificate.rb +8 -0
  123. data/lib/inspec/resources/xinetd_conf.rb +10 -9
  124. data/lib/inspec/resources/yum.rb +15 -11
  125. data/lib/inspec/resources/zfs_dataset.rb +4 -2
  126. data/lib/inspec/resources/zfs_pool.rb +2 -1
  127. data/lib/inspec/rule.rb +11 -1
  128. data/lib/inspec/runner.rb +9 -6
  129. data/lib/inspec/runner_rspec.rb +10 -8
  130. data/lib/inspec/schema.rb +1 -0
  131. data/lib/inspec/secrets.rb +1 -0
  132. data/lib/inspec/secrets/yaml.rb +1 -0
  133. data/lib/inspec/shell.rb +20 -19
  134. data/lib/inspec/shell_detector.rb +1 -1
  135. data/lib/inspec/source_reader.rb +2 -0
  136. data/lib/inspec/ui.rb +1 -0
  137. data/lib/inspec/utils/deprecation/config_file.rb +8 -4
  138. data/lib/inspec/utils/erlang_parser.rb +2 -0
  139. data/lib/inspec/utils/file_reader.rb +1 -1
  140. data/lib/inspec/utils/filter.rb +16 -3
  141. data/lib/inspec/utils/find_files.rb +2 -2
  142. data/lib/inspec/utils/object_traversal.rb +1 -0
  143. data/lib/inspec/utils/parser.rb +2 -0
  144. data/lib/inspec/utils/simpleconfig.rb +4 -1
  145. data/lib/inspec/utils/telemetry/global_methods.rb +1 -0
  146. data/lib/inspec/version.rb +1 -1
  147. data/lib/matchers/matchers.rb +4 -1
  148. data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +12 -11
  149. data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +3 -3
  150. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +15 -11
  151. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +4 -2
  152. data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +13 -12
  153. data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +3 -0
  154. data/lib/plugins/inspec-compliance/test/unit/api_test.rb +28 -28
  155. data/lib/plugins/inspec-compliance/test/unit/target_test.rb +1 -1
  156. data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +1 -1
  157. data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +7 -6
  158. data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +2 -2
  159. data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +1 -0
  160. data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +12 -10
  161. data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +6 -5
  162. data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +1 -0
  163. data/lib/plugins/shared/core_plugin_test_helper.rb +1 -0
  164. data/lib/resource_support/aws/aws_resource_mixin.rb +3 -2
  165. data/lib/resources/aws/aws_billing_report.rb +1 -1
  166. data/lib/resources/aws/aws_billing_reports.rb +8 -7
  167. data/lib/resources/aws/aws_cloudtrail_trail.rb +1 -1
  168. data/lib/resources/aws/aws_cloudtrail_trails.rb +1 -0
  169. data/lib/resources/aws/aws_cloudwatch_alarm.rb +4 -3
  170. data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +2 -1
  171. data/lib/resources/aws/aws_config_delivery_channel.rb +1 -1
  172. data/lib/resources/aws/aws_config_recorder.rb +2 -0
  173. data/lib/resources/aws/aws_ebs_volume.rb +1 -0
  174. data/lib/resources/aws/aws_ebs_volumes.rb +2 -0
  175. data/lib/resources/aws/aws_ec2_instance.rb +2 -0
  176. data/lib/resources/aws/aws_ec2_instances.rb +2 -0
  177. data/lib/resources/aws/aws_ecs_cluster.rb +2 -2
  178. data/lib/resources/aws/aws_eks_cluster.rb +3 -3
  179. data/lib/resources/aws/aws_elb.rb +2 -2
  180. data/lib/resources/aws/aws_elbs.rb +14 -12
  181. data/lib/resources/aws/aws_flow_log.rb +2 -2
  182. data/lib/resources/aws/aws_iam_access_key.rb +3 -1
  183. data/lib/resources/aws/aws_iam_access_keys.rb +18 -16
  184. data/lib/resources/aws/aws_iam_groups.rb +1 -0
  185. data/lib/resources/aws/aws_iam_password_policy.rb +9 -7
  186. data/lib/resources/aws/aws_iam_policies.rb +2 -1
  187. data/lib/resources/aws/aws_iam_policy.rb +10 -1
  188. data/lib/resources/aws/aws_iam_role.rb +1 -0
  189. data/lib/resources/aws/aws_iam_user.rb +5 -2
  190. data/lib/resources/aws/aws_iam_users.rb +12 -11
  191. data/lib/resources/aws/aws_kms_key.rb +2 -2
  192. data/lib/resources/aws/aws_kms_keys.rb +3 -1
  193. data/lib/resources/aws/aws_route_table.rb +2 -2
  194. data/lib/resources/aws/aws_route_tables.rb +2 -1
  195. data/lib/resources/aws/aws_s3_bucket.rb +5 -3
  196. data/lib/resources/aws/aws_s3_bucket_object.rb +3 -1
  197. data/lib/resources/aws/aws_s3_buckets.rb +1 -0
  198. data/lib/resources/aws/aws_security_group.rb +20 -9
  199. data/lib/resources/aws/aws_security_groups.rb +1 -0
  200. data/lib/resources/aws/aws_sns_subscription.rb +1 -1
  201. data/lib/resources/aws/aws_sns_topics.rb +2 -0
  202. data/lib/resources/aws/aws_subnet.rb +2 -2
  203. data/lib/resources/aws/aws_subnets.rb +4 -3
  204. data/lib/resources/aws/aws_vpc.rb +1 -1
  205. data/lib/resources/aws/aws_vpcs.rb +3 -2
  206. data/lib/resources/azure/azure_generic_resource.rb +4 -4
  207. data/lib/resources/azure/azure_resource_group.rb +1 -0
  208. data/lib/resources/azure/azure_virtual_machine_data_disk.rb +13 -12
  209. data/lib/source_readers/flat.rb +1 -0
  210. data/lib/source_readers/inspec.rb +1 -0
  211. metadata +2 -2
@@ -120,6 +120,7 @@ module Inspec::Reporters
120
120
 
121
121
  def convert_descriptions(data)
122
122
  return [] if data.nil?
123
+
123
124
  results = []
124
125
  data.each do |label, text|
125
126
  results.push({ label: label.to_s, data: text })
@@ -36,6 +36,7 @@ module Inspec::Reporters
36
36
  def merge_profiles
37
37
  @profiles.each do |profile|
38
38
  next unless profile.key?(:parent_profile)
39
+
39
40
  parent_profile = find_master_parent(profile)
40
41
  merge_controls(parent_profile, profile)
41
42
  merge_depends(parent_profile, profile)
@@ -62,6 +63,7 @@ module Inspec::Reporters
62
63
  control.each do |name, _value|
63
64
  child_value = child_control[name]
64
65
  next if child_value.nil? || (child_value.respond_to?(:empty?) && child_value.empty?)
66
+
65
67
  control[name] = child_value
66
68
  end
67
69
  end
@@ -69,6 +71,7 @@ module Inspec::Reporters
69
71
 
70
72
  def merge_depends(parent, child)
71
73
  return unless child.key?(:depends)
74
+
72
75
  child[:depends].each do |d|
73
76
  parent[:depends] << d
74
77
  end
@@ -17,9 +17,11 @@ module Inspec::Reporters
17
17
  run_data[:profiles].each do |profile|
18
18
  profile_id = profile[:name]
19
19
  next unless profile[:controls]
20
+
20
21
  profile[:controls].each do |control|
21
22
  control_id = control[:id]
22
23
  next unless control[:results]
24
+
23
25
  control[:results].each do |result|
24
26
  result_for_report = {
25
27
  id: control_id,
@@ -41,6 +41,7 @@ module Inspec
41
41
  end
42
42
 
43
43
  raise ProfileNotFound, "Cannot find profile named: #{profile_name}" if inner_context.nil?
44
+
44
45
  inner_context.resource_registry[resource_name]
45
46
  end
46
47
 
@@ -51,6 +52,7 @@ module Inspec
51
52
 
52
53
  # confirm backend custom resources have access to other custom resources
53
54
  next if backend.respond_to?(id)
55
+
54
56
  backend.class.send(:define_method, id.to_sym) do |*args|
55
57
  r.new(backend, id.to_s, *args)
56
58
  end
@@ -44,7 +44,7 @@ module Inspec::Resources
44
44
 
45
45
  filter = FilterTable.create
46
46
  filter.register_column(:selection_lines, field: "selection_line")
47
- .register_column(:rules, field: "rules")
47
+ .register_column(:rules, field: "rules")
48
48
 
49
49
  filter.install_filter_methods_on_resource(self, :params)
50
50
 
@@ -52,6 +52,7 @@ module Inspec::Resources
52
52
 
53
53
  def read_content
54
54
  return @content unless @content.nil?
55
+
55
56
  @rules = {}
56
57
 
57
58
  raw_conf = read_file_content(@conf_path)
@@ -74,7 +75,7 @@ module Inspec::Resources
74
75
  params = []
75
76
  content.each do |line|
76
77
  param = parse_line(line)
77
- if !param["selection_line"].nil?
78
+ unless param["selection_line"].nil?
78
79
  params.push(param)
79
80
  end
80
81
  end
@@ -116,7 +117,7 @@ module Inspec::Resources
116
117
  rule_list.each_index do |i|
117
118
  hash_list = @rules[rule_list[i]]
118
119
  # Cases where rule respresents one or more other rules
119
- if !hash_list.nil?
120
+ unless hash_list.nil?
120
121
  rule_list[i] = hash_list
121
122
  end
122
123
  rule_list[i] = handle_multi_rule(rule_list, i)
@@ -53,7 +53,7 @@ module Inspec::Resources
53
53
  def filter_comments(data)
54
54
  content = ""
55
55
  data.each_line do |line|
56
- if !line.match(/^\s*#/)
56
+ unless line.match(/^\s*#/)
57
57
  content << line
58
58
  end
59
59
  end
@@ -55,6 +55,7 @@ module Inspec::Resources
55
55
 
56
56
  def enabled?
57
57
  return false if find_repo.count == 0
58
+
58
59
  actives = find_repo.map { |repo| repo[:active] }
59
60
  actives = actives.uniq
60
61
  actives.size == 1 && actives[0] = true
@@ -113,6 +114,7 @@ module Inspec::Resources
113
114
  def determine_ppa_url(ppa_url)
114
115
  # verify if we have the url already, then just return
115
116
  return ppa_url if ppa_url =~ HTTP_URL_RE
117
+
116
118
  # otherwise start generating the ppa url
117
119
 
118
120
  # special care if the name stats with :
@@ -30,7 +30,7 @@ module Inspec::Resources
30
30
  def initialize
31
31
  unless inspec.command("/sbin/auditctl").exist?
32
32
  raise Inspec::Exceptions::ResourceFailed,
33
- "Command `/sbin/auditctl` does not exist"
33
+ "Command `/sbin/auditctl` does not exist"
34
34
  end
35
35
 
36
36
  auditctl_cmd = "/sbin/auditctl -l"
@@ -38,32 +38,32 @@ module Inspec::Resources
38
38
 
39
39
  if result.exit_status != 0
40
40
  raise Inspec::Exceptions::ResourceFailed,
41
- "Command `#{auditctl_cmd}` failed with error: #{result.stderr}"
41
+ "Command `#{auditctl_cmd}` failed with error: #{result.stderr}"
42
42
  end
43
43
 
44
44
  @content = result.stdout
45
45
  @params = []
46
46
 
47
47
  if @content =~ /^LIST_RULES:/
48
- raise Inspec::Exceptions::RsourceFailed,
49
- "The version of audit is outdated." \
50
- "The `auditd` resource supports versions of audit >= 2.3."
48
+ raise Inspec::Exceptions::ResourceFailed,
49
+ "The version of audit is outdated." \
50
+ "The `auditd` resource supports versions of audit >= 2.3."
51
51
  end
52
52
  parse_content
53
53
  end
54
54
 
55
55
  filter = FilterTable.create
56
- filter.register_column(:file, field: "file")
57
- .register_column(:list, field: "list")
58
- .register_column(:action, field: "action")
59
- .register_column(:fields, field: "fields")
60
- .register_column(:fields_nokey, field: "fields_nokey")
61
- .register_column(:syscall, field: "syscall")
62
- .register_column(:key, field: "key")
63
- .register_column(:arch, field: "arch")
64
- .register_column(:path, field: "path")
65
- .register_column(:permissions, field: "permissions")
66
- .register_column(:exit, field: "exit")
56
+ filter.register_column(:file, field: "file")
57
+ .register_column(:list, field: "list")
58
+ .register_column(:action, field: "action")
59
+ .register_column(:fields, field: "fields")
60
+ .register_column(:fields_nokey, field: "fields_nokey")
61
+ .register_column(:syscall, field: "syscall")
62
+ .register_column(:key, field: "key")
63
+ .register_column(:arch, field: "arch")
64
+ .register_column(:path, field: "path")
65
+ .register_column(:permissions, field: "permissions")
66
+ .register_column(:exit, field: "exit")
67
67
 
68
68
  filter.install_filter_methods_on_resource(self, :params)
69
69
 
@@ -73,13 +73,14 @@ module Inspec::Resources
73
73
  # See: https://github.com/inspec/inspec/issues/3113
74
74
  if @status_content =~ /^AUDIT_STATUS/
75
75
  @status_content = @status_content.gsub("AUDIT_STATUS: ", "")
76
- .tr(" ", "\n")
77
- .tr("=", " ")
76
+ .tr(" ", "\n")
77
+ .tr("=", " ")
78
78
  end
79
79
 
80
80
  @status_params ||= Hash[@status_content.scan(/^([^ ]+) (.*)$/)]
81
81
 
82
82
  return @status_params[name] if name
83
+
83
84
  @status_params
84
85
  end
85
86
 
@@ -37,6 +37,7 @@ module Inspec::Resources
37
37
 
38
38
  def has_interface?(interface)
39
39
  return skip_resource "The `bridge` resource does not provide interface detection for Windows yet" if inspec.os.windows?
40
+
40
41
  bridge_info.nil? ? false : bridge_info[:interfaces].include?(interface)
41
42
  end
42
43
 
@@ -52,7 +53,8 @@ module Inspec::Resources
52
53
 
53
54
  def bridge_info
54
55
  return @cache if defined?(@cache)
55
- @cache = @bridge_provider.bridge_info(@bridge_name) if !@bridge_provider.nil?
56
+
57
+ @cache = @bridge_provider.bridge_info(@bridge_name) unless @bridge_provider.nil?
56
58
  end
57
59
  end
58
60
 
@@ -102,7 +104,7 @@ module Inspec::Resources
102
104
  end
103
105
 
104
106
  # ensure we have an array of groups
105
- bridges = [bridges] if !bridges.is_a?(Array)
107
+ bridges = [bridges] unless bridges.is_a?(Array)
106
108
 
107
109
  # select the requested interface
108
110
  bridges = bridges.each_with_object([]) do |adapter, adapter_collection|
@@ -115,6 +117,7 @@ module Inspec::Resources
115
117
  end
116
118
 
117
119
  return nil if bridges.empty?
120
+
118
121
  warn "[Possible Error] detected multiple bridges interfaces with the name #{bridge_name}" if bridges.size > 1
119
122
  bridges[0]
120
123
  end
@@ -20,6 +20,7 @@ module Inspec::Resources
20
20
 
21
21
  def initialize(package_name, _opts = {})
22
22
  raise "Chocolatey is not installed" unless inspec.command("choco").exist?
23
+
23
24
  @package_name = package_name
24
25
  @cache = base_data.update(generate_cache)
25
26
  end
@@ -67,6 +68,7 @@ module Inspec::Resources
67
68
  cmd = inspec.powershell(command.strip)
68
69
 
69
70
  return {} if cmd.exit_status != 0 || cmd.stdout.strip.empty?
71
+
70
72
  out = JSON.parse(cmd.stdout)
71
73
 
72
74
  {
@@ -35,7 +35,7 @@ module Inspec::Resources
35
35
  # Make sure command is replaced so sensitive output isn't shown
36
36
  @command = "ERROR"
37
37
  raise Inspec::Exceptions::ResourceFailed,
38
- "The `redact_regex` option must be a regular expression"
38
+ "The `redact_regex` option must be a regular expression"
39
39
  end
40
40
  @redact_regex = options[:redact_regex]
41
41
  end
@@ -50,7 +50,8 @@ module Inspec::Resources
50
50
 
51
51
  def read_crontab
52
52
  if is_system_crontab?
53
- raise Inspec::Exceptions::ResourceFailed, "Supplied crontab path '#{@path}' must exist!" if !inspec.file(@path).exist?
53
+ raise Inspec::Exceptions::ResourceFailed, "Supplied crontab path '#{@path}' must exist!" unless inspec.file(@path).exist?
54
+
54
55
  ct = inspec.file(@path).content
55
56
  else
56
57
  ct = inspec.command(crontab_cmd).stdout
@@ -70,13 +71,13 @@ module Inspec::Resources
70
71
  end
71
72
 
72
73
  filter = FilterTable.create
73
- filter.register_column(:minutes, field: "minute")
74
- .register_column(:hours, field: "hour")
75
- .register_column(:days, field: "day")
76
- .register_column(:months, field: "month")
77
- .register_column(:weekdays, field: "weekday")
78
- .register_column(:user, field: "user")
79
- .register_column(:commands, field: "command")
74
+ filter.register_column(:minutes, field: "minute")
75
+ .register_column(:hours, field: "hour")
76
+ .register_column(:days, field: "day")
77
+ .register_column(:months, field: "month")
78
+ .register_column(:weekdays, field: "weekday")
79
+ .register_column(:user, field: "user")
80
+ .register_column(:commands, field: "command")
80
81
 
81
82
  # rebuild the crontab line from raw content
82
83
  filter.register_custom_property(:content) do |t, _|
@@ -28,7 +28,7 @@ module Inspec::Resources
28
28
  end
29
29
 
30
30
  # implicit conversion of values
31
- csv = CSV.new(content, headers: true, converters: [:all, :blank_to_nil])
31
+ csv = CSV.new(content, headers: true, converters: %i{all blank_to_nil})
32
32
 
33
33
  # convert to hash
34
34
  csv.to_a.map(&:to_hash)
@@ -36,36 +36,42 @@ class DhParams < Inspec.resource(1)
36
36
  # its('generator') { should eq 2 }
37
37
  def generator
38
38
  return if @dh_params.nil?
39
+
39
40
  @dh_params.g.to_i
40
41
  end
41
42
 
42
43
  # its('modulus') { should eq '00:91:a0:15:89:e5:bc:38:93:12:02:fc:...' }
43
44
  def modulus
44
45
  return if @dh_params.nil?
46
+
45
47
  "00:" + @dh_params.p.to_s(16).downcase.scan(/.{2}/).join(":")
46
48
  end
47
49
 
48
50
  # its('pem') { should eq '-----BEGIN DH PARAMETERS...' }
49
51
  def pem
50
52
  return if @dh_params.nil?
53
+
51
54
  @dh_params.to_pem
52
55
  end
53
56
 
54
57
  # its('prime_length') { should be 2048 }
55
58
  def prime_length
56
59
  return if @dh_params.nil?
60
+
57
61
  @dh_params.p.num_bits
58
62
  end
59
63
 
60
64
  # its('text') { should eq 'human-readable-text' }
61
65
  def text
62
66
  return if @dh_params.nil?
67
+
63
68
  @dh_params.to_text
64
69
  end
65
70
 
66
71
  # it { should be_valid }
67
72
  def valid?
68
73
  return if @dh_params.nil?
74
+
69
75
  @dh_params.params_ok?
70
76
  end
71
77
 
@@ -11,21 +11,21 @@ module Inspec::Resources
11
11
  # use filtertable for containers
12
12
  filter = FilterTable.create
13
13
  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
14
- filter.register_column(:commands, field: "command")
15
- .register_column(:ids, field: "id")
16
- .register_column(:images, field: "image")
17
- .register_column(:labels, field: "labels", style: :simple)
18
- .register_column(:local_volumes, field: "localvolumes")
19
- .register_column(:mounts, field: "mounts")
20
- .register_column(:names, field: "names")
21
- .register_column(:networks, field: "networks")
22
- .register_column(:ports, field: "ports")
23
- .register_column(:running_for, field: "runningfor")
24
- .register_column(:sizes, field: "size")
25
- .register_column(:status, field: "status")
26
- .register_custom_matcher(:running?) do |x|
27
- x.where { status.downcase.start_with?("up") }
28
- end
14
+ filter.register_column(:commands, field: "command")
15
+ .register_column(:ids, field: "id")
16
+ .register_column(:images, field: "image")
17
+ .register_column(:labels, field: "labels", style: :simple)
18
+ .register_column(:local_volumes, field: "localvolumes")
19
+ .register_column(:mounts, field: "mounts")
20
+ .register_column(:names, field: "names")
21
+ .register_column(:networks, field: "networks")
22
+ .register_column(:ports, field: "ports")
23
+ .register_column(:running_for, field: "runningfor")
24
+ .register_column(:sizes, field: "size")
25
+ .register_column(:status, field: "status")
26
+ .register_custom_matcher(:running?) do |x|
27
+ x.where { status.downcase.start_with?("up") }
28
+ end
29
29
  filter.install_filter_methods_on_resource(self, :containers)
30
30
 
31
31
  attr_reader :containers
@@ -37,13 +37,13 @@ module Inspec::Resources
37
37
  class DockerImageFilter
38
38
  filter = FilterTable.create
39
39
  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
40
- filter.register_column(:ids, field: "id")
41
- .register_column(:repositories, field: "repository")
42
- .register_column(:tags, field: "tag")
43
- .register_column(:sizes, field: "size")
44
- .register_column(:digests, field: "digest")
45
- .register_column(:created, field: "createdat")
46
- .register_column(:created_since, field: "createdsize")
40
+ filter.register_column(:ids, field: "id")
41
+ .register_column(:repositories, field: "repository")
42
+ .register_column(:tags, field: "tag")
43
+ .register_column(:sizes, field: "size")
44
+ .register_column(:digests, field: "digest")
45
+ .register_column(:created, field: "createdat")
46
+ .register_column(:created_since, field: "createdsize")
47
47
  filter.install_filter_methods_on_resource(self, :images)
48
48
 
49
49
  attr_reader :images
@@ -54,10 +54,10 @@ module Inspec::Resources
54
54
 
55
55
  class DockerPluginFilter
56
56
  filter = FilterTable.create
57
- filter.add(:ids, field: "id")
58
- .add(:names, field: "name")
59
- .add(:versions, field: "version")
60
- .add(:enabled, field: "enabled")
57
+ filter.add(:ids, field: "id")
58
+ .add(:names, field: "name")
59
+ .add(:versions, field: "version")
60
+ .add(:enabled, field: "enabled")
61
61
  filter.connect(self, :plugins)
62
62
 
63
63
  attr_reader :plugins
@@ -69,12 +69,12 @@ module Inspec::Resources
69
69
  class DockerServiceFilter
70
70
  filter = FilterTable.create
71
71
  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
72
- filter.register_column(:ids, field: "id")
73
- .register_column(:names, field: "name")
74
- .register_column(:modes, field: "mode")
75
- .register_column(:replicas, field: "replicas")
76
- .register_column(:images, field: "image")
77
- .register_column(:ports, field: "ports")
72
+ filter.register_column(:ids, field: "id")
73
+ .register_column(:names, field: "name")
74
+ .register_column(:modes, field: "mode")
75
+ .register_column(:replicas, field: "replicas")
76
+ .register_column(:images, field: "image")
77
+ .register_column(:ports, field: "ports")
78
78
  filter.install_filter_methods_on_resource(self, :services)
79
79
 
80
80
  attr_reader :services
@@ -147,6 +147,7 @@ module Inspec::Resources
147
147
 
148
148
  def version
149
149
  return @version if defined?(@version)
150
+
150
151
  data = {}
151
152
  cmd = inspec.command("docker version --format '{{ json . }}'")
152
153
  data = JSON.parse(cmd.stdout) if cmd.exit_status == 0
@@ -157,6 +158,7 @@ module Inspec::Resources
157
158
 
158
159
  def info
159
160
  return @info if defined?(@info)
161
+
160
162
  data = {}
161
163
  # docke info format is only supported for Docker 17.03+
162
164
  cmd = inspec.command("docker info --format '{{ json . }}'")
@@ -169,6 +171,7 @@ module Inspec::Resources
169
171
  # returns information about docker objects
170
172
  def object(id)
171
173
  return @inspect if defined?(@inspect)
174
+
172
175
  data = JSON.parse(inspec.command("docker inspect #{id}").stdout)
173
176
  data = data[0] if data.is_a?(Array)
174
177
  @inspect = Hashie::Mash.new(data)
@@ -185,7 +188,7 @@ module Inspec::Resources
185
188
  def parse_json_command(labels, subcommand)
186
189
  # build command
187
190
  format = labels.map { |label| "\"#{label}\": {{json .#{label}}}" }
188
- raw = inspec.command("docker #{subcommand} --format '{#{format.join(', ')}}'").stdout
191
+ raw = inspec.command("docker #{subcommand} --format '{#{format.join(", ")}}'").stdout
189
192
  output = []
190
193
  # since docker is not outputting valid json, we need to parse each row
191
194
  raw.each_line do |entry|
@@ -238,7 +241,7 @@ module Inspec::Resources
238
241
 
239
242
  def ensure_keys(entry, labels)
240
243
  labels.each do |key|
241
- entry[key.downcase] = nil if !entry.key?(key.downcase)
244
+ entry[key.downcase] = nil unless entry.key?(key.downcase)
242
245
  end
243
246
  entry
244
247
  end