inspec 4.7.3 → 4.7.18

Sign up to get free protection for your applications and to get access to all the features.
Files changed (211) hide show
  1. checksums.yaml +4 -4
  2. data/inspec.gemspec +1 -1
  3. data/lib/bundles/inspec-supermarket/api.rb +2 -1
  4. data/lib/bundles/inspec-supermarket/cli.rb +6 -6
  5. data/lib/bundles/inspec-supermarket/target.rb +1 -0
  6. data/lib/fetchers/git.rb +3 -1
  7. data/lib/fetchers/mock.rb +1 -0
  8. data/lib/fetchers/url.rb +6 -3
  9. data/lib/inspec/backend.rb +1 -0
  10. data/lib/inspec/base_cli.rb +4 -1
  11. data/lib/inspec/cli.rb +5 -4
  12. data/lib/inspec/config.rb +9 -1
  13. data/lib/inspec/control_eval_context.rb +1 -0
  14. data/lib/inspec/dependencies/cache.rb +1 -0
  15. data/lib/inspec/dependencies/dependency_set.rb +2 -0
  16. data/lib/inspec/dependencies/lockfile.rb +1 -0
  17. data/lib/inspec/dependencies/requirement.rb +8 -7
  18. data/lib/inspec/dependencies/resolver.rb +3 -3
  19. data/lib/inspec/describe.rb +1 -0
  20. data/lib/inspec/dsl.rb +1 -1
  21. data/lib/inspec/dsl_shared.rb +1 -1
  22. data/lib/inspec/env_printer.rb +4 -4
  23. data/lib/inspec/fetcher.rb +4 -2
  24. data/lib/inspec/file_provider.rb +18 -8
  25. data/lib/inspec/formatters/base.rb +5 -0
  26. data/lib/inspec/impact.rb +2 -0
  27. data/lib/inspec/input_registry.rb +14 -13
  28. data/lib/inspec/metadata.rb +6 -2
  29. data/lib/inspec/method_source.rb +1 -1
  30. data/lib/inspec/objects/control.rb +4 -1
  31. data/lib/inspec/objects/describe.rb +3 -1
  32. data/lib/inspec/objects/input.rb +6 -5
  33. data/lib/inspec/objects/list.rb +2 -0
  34. data/lib/inspec/objects/test.rb +3 -2
  35. data/lib/inspec/plugin/v1/plugin_types/resource.rb +7 -0
  36. data/lib/inspec/plugin/v1/plugins.rb +4 -3
  37. data/lib/inspec/plugin/v1/registry.rb +3 -2
  38. data/lib/inspec/plugin/v2.rb +1 -0
  39. data/lib/inspec/plugin/v2/activator.rb +2 -0
  40. data/lib/inspec/plugin/v2/config_file.rb +4 -1
  41. data/lib/inspec/plugin/v2/filter.rb +1 -0
  42. data/lib/inspec/plugin/v2/installer.rb +9 -7
  43. data/lib/inspec/plugin/v2/loader.rb +2 -0
  44. data/lib/inspec/plugin/v2/plugin_base.rb +1 -0
  45. data/lib/inspec/plugin/v2/plugin_types/cli.rb +2 -2
  46. data/lib/inspec/plugin/v2/registry.rb +3 -1
  47. data/lib/inspec/profile.rb +13 -6
  48. data/lib/inspec/profile_context.rb +4 -2
  49. data/lib/inspec/reporters/cli.rb +14 -10
  50. data/lib/inspec/reporters/json.rb +1 -0
  51. data/lib/inspec/reporters/json_automate.rb +3 -0
  52. data/lib/inspec/reporters/json_min.rb +2 -0
  53. data/lib/inspec/resource.rb +2 -0
  54. data/lib/inspec/resources/aide_conf.rb +4 -3
  55. data/lib/inspec/resources/apache_conf.rb +1 -1
  56. data/lib/inspec/resources/apt.rb +2 -0
  57. data/lib/inspec/resources/auditd.rb +19 -18
  58. data/lib/inspec/resources/bridge.rb +5 -2
  59. data/lib/inspec/resources/chocolatey_package.rb +2 -0
  60. data/lib/inspec/resources/command.rb +1 -1
  61. data/lib/inspec/resources/crontab.rb +9 -8
  62. data/lib/inspec/resources/csv.rb +1 -1
  63. data/lib/inspec/resources/dh_params.rb +6 -0
  64. data/lib/inspec/resources/docker.rb +37 -34
  65. data/lib/inspec/resources/docker_container.rb +1 -0
  66. data/lib/inspec/resources/docker_image.rb +1 -0
  67. data/lib/inspec/resources/docker_plugin.rb +1 -0
  68. data/lib/inspec/resources/docker_service.rb +1 -0
  69. data/lib/inspec/resources/elasticsearch.rb +24 -24
  70. data/lib/inspec/resources/etc_fstab.rb +8 -7
  71. data/lib/inspec/resources/etc_group.rb +4 -0
  72. data/lib/inspec/resources/etc_hosts.rb +4 -4
  73. data/lib/inspec/resources/etc_hosts_allow_deny.rb +5 -3
  74. data/lib/inspec/resources/file.rb +4 -1
  75. data/lib/inspec/resources/filesystem.rb +5 -3
  76. data/lib/inspec/resources/firewalld.rb +7 -4
  77. data/lib/inspec/resources/groups.rb +6 -4
  78. data/lib/inspec/resources/grub_conf.rb +3 -0
  79. data/lib/inspec/resources/host.rb +5 -3
  80. data/lib/inspec/resources/http.rb +6 -4
  81. data/lib/inspec/resources/iis_app.rb +1 -0
  82. data/lib/inspec/resources/iis_app_pool.rb +1 -1
  83. data/lib/inspec/resources/iis_site.rb +4 -3
  84. data/lib/inspec/resources/interface.rb +10 -7
  85. data/lib/inspec/resources/json.rb +1 -1
  86. data/lib/inspec/resources/kernel_module.rb +1 -1
  87. data/lib/inspec/resources/kernel_parameter.rb +2 -1
  88. data/lib/inspec/resources/key_rsa.rb +5 -0
  89. data/lib/inspec/resources/mount.rb +3 -1
  90. data/lib/inspec/resources/mysql_conf.rb +3 -1
  91. data/lib/inspec/resources/mysql_session.rb +2 -0
  92. data/lib/inspec/resources/nginx.rb +1 -0
  93. data/lib/inspec/resources/nginx_conf.rb +10 -6
  94. data/lib/inspec/resources/ntp_conf.rb +1 -0
  95. data/lib/inspec/resources/oneget.rb +1 -1
  96. data/lib/inspec/resources/oracledb_session.rb +4 -2
  97. data/lib/inspec/resources/os_env.rb +1 -0
  98. data/lib/inspec/resources/package.rb +10 -6
  99. data/lib/inspec/resources/packages.rb +7 -5
  100. data/lib/inspec/resources/passwd.rb +7 -7
  101. data/lib/inspec/resources/pip.rb +2 -0
  102. data/lib/inspec/resources/port.rb +22 -8
  103. data/lib/inspec/resources/postgres.rb +2 -1
  104. data/lib/inspec/resources/postgres_conf.rb +2 -0
  105. data/lib/inspec/resources/postgres_hba_conf.rb +6 -6
  106. data/lib/inspec/resources/postgres_ident_conf.rb +3 -3
  107. data/lib/inspec/resources/processes.rb +16 -15
  108. data/lib/inspec/resources/rabbitmq_config.rb +2 -0
  109. data/lib/inspec/resources/registry_key.rb +8 -3
  110. data/lib/inspec/resources/security_identifier.rb +3 -1
  111. data/lib/inspec/resources/security_policy.rb +2 -1
  112. data/lib/inspec/resources/service.rb +13 -1
  113. data/lib/inspec/resources/shadow.rb +1 -0
  114. data/lib/inspec/resources/ssh_config.rb +2 -0
  115. data/lib/inspec/resources/ssl.rb +12 -11
  116. data/lib/inspec/resources/users.rb +29 -19
  117. data/lib/inspec/resources/virtualization.rb +10 -0
  118. data/lib/inspec/resources/windows_feature.rb +1 -1
  119. data/lib/inspec/resources/windows_hotfix.rb +2 -0
  120. data/lib/inspec/resources/windows_task.rb +4 -0
  121. data/lib/inspec/resources/wmi.rb +2 -1
  122. data/lib/inspec/resources/x509_certificate.rb +8 -0
  123. data/lib/inspec/resources/xinetd_conf.rb +10 -9
  124. data/lib/inspec/resources/yum.rb +15 -11
  125. data/lib/inspec/resources/zfs_dataset.rb +4 -2
  126. data/lib/inspec/resources/zfs_pool.rb +2 -1
  127. data/lib/inspec/rule.rb +11 -1
  128. data/lib/inspec/runner.rb +9 -6
  129. data/lib/inspec/runner_rspec.rb +10 -8
  130. data/lib/inspec/schema.rb +1 -0
  131. data/lib/inspec/secrets.rb +1 -0
  132. data/lib/inspec/secrets/yaml.rb +1 -0
  133. data/lib/inspec/shell.rb +20 -19
  134. data/lib/inspec/shell_detector.rb +1 -1
  135. data/lib/inspec/source_reader.rb +2 -0
  136. data/lib/inspec/ui.rb +1 -0
  137. data/lib/inspec/utils/deprecation/config_file.rb +8 -4
  138. data/lib/inspec/utils/erlang_parser.rb +2 -0
  139. data/lib/inspec/utils/file_reader.rb +1 -1
  140. data/lib/inspec/utils/filter.rb +16 -3
  141. data/lib/inspec/utils/find_files.rb +2 -2
  142. data/lib/inspec/utils/object_traversal.rb +1 -0
  143. data/lib/inspec/utils/parser.rb +2 -0
  144. data/lib/inspec/utils/simpleconfig.rb +4 -1
  145. data/lib/inspec/utils/telemetry/global_methods.rb +1 -0
  146. data/lib/inspec/version.rb +1 -1
  147. data/lib/matchers/matchers.rb +4 -1
  148. data/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +12 -11
  149. data/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +3 -3
  150. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api.rb +15 -11
  151. data/lib/plugins/inspec-compliance/lib/inspec-compliance/api/login.rb +4 -2
  152. data/lib/plugins/inspec-compliance/lib/inspec-compliance/cli.rb +13 -12
  153. data/lib/plugins/inspec-compliance/lib/inspec-compliance/http.rb +3 -0
  154. data/lib/plugins/inspec-compliance/test/unit/api_test.rb +28 -28
  155. data/lib/plugins/inspec-compliance/test/unit/target_test.rb +1 -1
  156. data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb +1 -1
  157. data/lib/plugins/inspec-habitat/test/unit/profile_test.rb +7 -6
  158. data/lib/plugins/inspec-init/lib/inspec-init/cli_profile.rb +2 -2
  159. data/lib/plugins/inspec-init/lib/inspec-init/renderer.rb +1 -0
  160. data/lib/plugins/inspec-init/test/functional/inspec_init_plugin_test.rb +12 -10
  161. data/lib/plugins/inspec-plugin-manager-cli/lib/inspec-plugin-manager-cli/cli_command.rb +6 -5
  162. data/lib/plugins/inspec-plugin-manager-cli/test/functional/inspec-plugin_test.rb +1 -0
  163. data/lib/plugins/shared/core_plugin_test_helper.rb +1 -0
  164. data/lib/resource_support/aws/aws_resource_mixin.rb +3 -2
  165. data/lib/resources/aws/aws_billing_report.rb +1 -1
  166. data/lib/resources/aws/aws_billing_reports.rb +8 -7
  167. data/lib/resources/aws/aws_cloudtrail_trail.rb +1 -1
  168. data/lib/resources/aws/aws_cloudtrail_trails.rb +1 -0
  169. data/lib/resources/aws/aws_cloudwatch_alarm.rb +4 -3
  170. data/lib/resources/aws/aws_cloudwatch_log_metric_filter.rb +2 -1
  171. data/lib/resources/aws/aws_config_delivery_channel.rb +1 -1
  172. data/lib/resources/aws/aws_config_recorder.rb +2 -0
  173. data/lib/resources/aws/aws_ebs_volume.rb +1 -0
  174. data/lib/resources/aws/aws_ebs_volumes.rb +2 -0
  175. data/lib/resources/aws/aws_ec2_instance.rb +2 -0
  176. data/lib/resources/aws/aws_ec2_instances.rb +2 -0
  177. data/lib/resources/aws/aws_ecs_cluster.rb +2 -2
  178. data/lib/resources/aws/aws_eks_cluster.rb +3 -3
  179. data/lib/resources/aws/aws_elb.rb +2 -2
  180. data/lib/resources/aws/aws_elbs.rb +14 -12
  181. data/lib/resources/aws/aws_flow_log.rb +2 -2
  182. data/lib/resources/aws/aws_iam_access_key.rb +3 -1
  183. data/lib/resources/aws/aws_iam_access_keys.rb +18 -16
  184. data/lib/resources/aws/aws_iam_groups.rb +1 -0
  185. data/lib/resources/aws/aws_iam_password_policy.rb +9 -7
  186. data/lib/resources/aws/aws_iam_policies.rb +2 -1
  187. data/lib/resources/aws/aws_iam_policy.rb +10 -1
  188. data/lib/resources/aws/aws_iam_role.rb +1 -0
  189. data/lib/resources/aws/aws_iam_user.rb +5 -2
  190. data/lib/resources/aws/aws_iam_users.rb +12 -11
  191. data/lib/resources/aws/aws_kms_key.rb +2 -2
  192. data/lib/resources/aws/aws_kms_keys.rb +3 -1
  193. data/lib/resources/aws/aws_route_table.rb +2 -2
  194. data/lib/resources/aws/aws_route_tables.rb +2 -1
  195. data/lib/resources/aws/aws_s3_bucket.rb +5 -3
  196. data/lib/resources/aws/aws_s3_bucket_object.rb +3 -1
  197. data/lib/resources/aws/aws_s3_buckets.rb +1 -0
  198. data/lib/resources/aws/aws_security_group.rb +20 -9
  199. data/lib/resources/aws/aws_security_groups.rb +1 -0
  200. data/lib/resources/aws/aws_sns_subscription.rb +1 -1
  201. data/lib/resources/aws/aws_sns_topics.rb +2 -0
  202. data/lib/resources/aws/aws_subnet.rb +2 -2
  203. data/lib/resources/aws/aws_subnets.rb +4 -3
  204. data/lib/resources/aws/aws_vpc.rb +1 -1
  205. data/lib/resources/aws/aws_vpcs.rb +3 -2
  206. data/lib/resources/azure/azure_generic_resource.rb +4 -4
  207. data/lib/resources/azure/azure_resource_group.rb +1 -0
  208. data/lib/resources/azure/azure_virtual_machine_data_disk.rb +13 -12
  209. data/lib/source_readers/flat.rb +1 -0
  210. data/lib/source_readers/inspec.rb +1 -0
  211. metadata +2 -2
@@ -83,6 +83,7 @@ module Inspec::Resources
83
83
 
84
84
  def object_info
85
85
  return @info if defined?(@info)
86
+
86
87
  opts = @opts
87
88
  @info = inspec.docker.containers.where { names == opts[:name] || (!id.nil? && !opts[:id].nil? && (id == opts[:id] || id.start_with?(opts[:id]))) }
88
89
  end
@@ -74,6 +74,7 @@ module Inspec::Resources
74
74
 
75
75
  def object_info
76
76
  return @info if defined?(@info)
77
+
77
78
  opts = @opts
78
79
  @info = inspec.docker.images.where do
79
80
  (repository == opts[:repo] && tag == opts[:tag]) || (!id.nil? && !opts[:id].nil? && (id == opts[:id] || id.start_with?(opts[:id])))
@@ -54,6 +54,7 @@ module Inspec::Resources
54
54
 
55
55
  def object_info
56
56
  return @info if defined?(@info)
57
+
57
58
  opts = @opts
58
59
  @info = inspec.docker.plugins.where do
59
60
  (name == opts[:name]) || (!id.nil? && !opts[:id].nil? && (id == opts[:id]))
@@ -81,6 +81,7 @@ module Inspec::Resources
81
81
 
82
82
  def object_info
83
83
  return @info if defined?(@info)
84
+
84
85
  opts = @opts
85
86
  @info = inspec.docker.services.where do
86
87
  name == opts[:name] || image == opts[:image] || (!id.nil? && !opts[:id].nil? && (id == opts[:id] || id.start_with?(opts[:id])))
@@ -24,29 +24,29 @@ module Inspec::Resources
24
24
  filter = FilterTable.create
25
25
  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
26
26
  filter.register_column(:cluster_name, field: "cluster_name")
27
- .register_column(:node_name, field: "name")
28
- .register_column(:transport_address, field: "transport_address")
29
- .register_column(:host, field: "host")
30
- .register_column(:ip, field: "ip")
31
- .register_column(:version, field: "version")
32
- .register_column(:build_hash, field: "build_hash")
33
- .register_column(:total_indexing_buffer, field: "total_indexing_buffer")
34
- .register_column(:roles, field: "roles")
35
- .register_column(:settings, field: "settings")
36
- .register_column(:os, field: "os")
37
- .register_column(:process, field: "process")
38
- .register_column(:jvm, field: "jvm")
39
- .register_column(:transport, field: "transport")
40
- .register_column(:http, field: "http")
41
- .register_column(:plugins, field: "plugins")
42
- .register_column(:plugin_list, field: "plugin_list")
43
- .register_column(:modules, field: "modules")
44
- .register_column(:module_list, field: "module_list")
45
- .register_column(:node_id, field: "node_id")
46
- .register_column(:ingest, field: "ingest")
47
- .register_custom_property(:node_count) do |t, _|
48
- t.entries.length
49
- end
27
+ .register_column(:node_name, field: "name")
28
+ .register_column(:transport_address, field: "transport_address")
29
+ .register_column(:host, field: "host")
30
+ .register_column(:ip, field: "ip")
31
+ .register_column(:version, field: "version")
32
+ .register_column(:build_hash, field: "build_hash")
33
+ .register_column(:total_indexing_buffer, field: "total_indexing_buffer")
34
+ .register_column(:roles, field: "roles")
35
+ .register_column(:settings, field: "settings")
36
+ .register_column(:os, field: "os")
37
+ .register_column(:process, field: "process")
38
+ .register_column(:jvm, field: "jvm")
39
+ .register_column(:transport, field: "transport")
40
+ .register_column(:http, field: "http")
41
+ .register_column(:plugins, field: "plugins")
42
+ .register_column(:plugin_list, field: "plugin_list")
43
+ .register_column(:modules, field: "modules")
44
+ .register_column(:module_list, field: "module_list")
45
+ .register_column(:node_id, field: "node_id")
46
+ .register_column(:ingest, field: "ingest")
47
+ .register_custom_property(:node_count) do |t, _|
48
+ t.entries.length
49
+ end
50
50
 
51
51
  filter.install_filter_methods_on_resource(self, :nodes)
52
52
 
@@ -156,7 +156,7 @@ module Inspec::Resources
156
156
 
157
157
  def verify_json_payload!(content)
158
158
  unless content["error"].nil?
159
- raise "#{content['error']['type']}: #{content['error']['reason']}"
159
+ raise "#{content["error"]["type"]}: #{content["error"]["reason"]}"
160
160
  end
161
161
 
162
162
  raise "No successful nodes available in cluster" if content["_nodes"]["successful"] == 0
@@ -37,13 +37,13 @@ module Inspec::Resources
37
37
  end
38
38
 
39
39
  filter = FilterTable.create
40
- filter.register_column(:device_name, field: "device_name")
41
- .register_column(:mount_point, field: "mount_point")
42
- .register_column(:file_system_type, field: "file_system_type")
43
- .register_column(:mount_options, field: "mount_options")
44
- .register_column(:dump_options, field: "dump_options")
45
- .register_column(:file_system_options, field: "file_system_options")
46
- .register_custom_matcher(:configured?) { |x| x.entries.any? }
40
+ filter.register_column(:device_name, field: "device_name")
41
+ .register_column(:mount_point, field: "mount_point")
42
+ .register_column(:file_system_type, field: "file_system_type")
43
+ .register_column(:mount_options, field: "mount_options")
44
+ .register_column(:dump_options, field: "dump_options")
45
+ .register_column(:file_system_options, field: "file_system_options")
46
+ .register_custom_matcher(:configured?) { |x| x.entries.any? }
47
47
 
48
48
  filter.install_filter_methods_on_resource(self, :params)
49
49
 
@@ -53,6 +53,7 @@ module Inspec::Resources
53
53
 
54
54
  def home_mount_options
55
55
  return nil unless where { mount_point == "/home" }.configured?
56
+
56
57
  where { mount_point == "/home" }.entries[0].mount_options
57
58
  end
58
59
 
@@ -56,6 +56,7 @@ module Inspec::Resources
56
56
  def users(filter = nil)
57
57
  entries = filter || @entries
58
58
  return nil if entries.nil?
59
+
59
60
  # filter the user entry
60
61
  res = entries.map do |x|
61
62
  x["members"].split(",") if !x.nil? && !x["members"].nil?
@@ -66,6 +67,7 @@ module Inspec::Resources
66
67
 
67
68
  def where(conditions = {})
68
69
  return if conditions.empty?
70
+
69
71
  fields = {
70
72
  name: "name",
71
73
  group_name: "name",
@@ -81,6 +83,7 @@ module Inspec::Resources
81
83
  conditions.each do |k, v|
82
84
  idx = fields[k.to_sym]
83
85
  next if idx.nil?
86
+
84
87
  res = res.select { |x| x[idx].to_s == v.to_s }
85
88
  end
86
89
  end
@@ -113,6 +116,7 @@ module Inspec::Resources
113
116
  x = line.split(":")
114
117
  # abort if we have an empty or comment line
115
118
  return nil if x.empty?
119
+
116
120
  # map data
117
121
  {
118
122
  "name" => x.at(0), # Name of the group.
@@ -31,10 +31,10 @@ class EtcHosts < Inspec.resource(1)
31
31
  end
32
32
 
33
33
  FilterTable.create
34
- .register_column(:ip_address, field: "ip_address")
35
- .register_column(:primary_name, field: "primary_name")
36
- .register_column(:all_host_names, field: "all_host_names")
37
- .install_filter_methods_on_resource(self, :params)
34
+ .register_column(:ip_address, field: "ip_address")
35
+ .register_column(:primary_name, field: "primary_name")
36
+ .register_column(:all_host_names, field: "all_host_names")
37
+ .install_filter_methods_on_resource(self, :params)
38
38
 
39
39
  private
40
40
 
@@ -27,9 +27,9 @@ module Inspec::Resources
27
27
  end
28
28
 
29
29
  filter = FilterTable.create
30
- filter.register_column(:daemon, field: "daemon")
31
- .register_column(:client_list, field: "client_list")
32
- .register_column(:options, field: "options")
30
+ filter.register_column(:daemon, field: "daemon")
31
+ .register_column(:client_list, field: "client_list")
32
+ .register_column(:options, field: "options")
33
33
 
34
34
  filter.install_filter_methods_on_resource(self, :params)
35
35
 
@@ -47,6 +47,7 @@ module Inspec::Resources
47
47
  content.each do |line|
48
48
  data, = parse_comment_line(line, comment_char: "#", standalone_comments: false)
49
49
  next unless data != ""
50
+
50
51
  data.split(":")[0].split(",").each do |daemon|
51
52
  split_daemons_list.push("#{daemon} : " + line.split(":", 2)[1])
52
53
  end
@@ -98,6 +99,7 @@ module Inspec::Resources
98
99
 
99
100
  def initialize(path = nil)
100
101
  return skip_resource "`etc_hosts_deny` is not supported on your OS" unless inspec.os.linux?
102
+
101
103
  super(path || "/etc/hosts.deny")
102
104
  end
103
105
 
@@ -57,6 +57,7 @@ module Inspec::Resources
57
57
  def content
58
58
  res = file.content
59
59
  return nil if res.nil?
60
+
60
61
  res.force_encoding("utf-8")
61
62
  end
62
63
 
@@ -102,7 +103,7 @@ module Inspec::Resources
102
103
  Inspec.deprecate(:file_resource_be_mounted_matchers, "The file resource `be_mounted.with` and `be_mounted.only_with` matchers are deprecated. Please use the `mount` resource instead")
103
104
 
104
105
  # we cannot read mount data on non-Linux systems
105
- return nil if !inspec.os.linux?
106
+ return nil unless inspec.os.linux?
106
107
 
107
108
  # parse content if we are on linux
108
109
  @mount_options ||= parse_mount_options(mounted.stdout, true)
@@ -171,6 +172,7 @@ module Inspec::Resources
171
172
 
172
173
  def file_permission_granted?(access_type, by_usergroup, by_specific_user)
173
174
  raise "`file_permission_granted?` is not supported on your OS" if @perms_provider.nil?
175
+
174
176
  if by_specific_user.nil? || by_specific_user.empty?
175
177
  @perms_provider.check_file_permission_by_mask(file, access_type, by_usergroup, by_specific_user)
176
178
  else
@@ -215,6 +217,7 @@ module Inspec::Resources
215
217
  flag = permission_flag(access_type)
216
218
  mask = file.unix_mode_mask(usergroup, flag)
217
219
  raise "Invalid usergroup/owner provided" if mask.nil?
220
+
218
221
  (file.mode & mask) != 0
219
222
  end
220
223
 
@@ -39,8 +39,9 @@ module Inspec::Resources
39
39
  end
40
40
 
41
41
  def info
42
- return @cache if !@cache.nil?
42
+ return @cache unless @cache.nil?
43
43
  return {} if @fsman.nil?
44
+
44
45
  @cache = @fsman.info(@partition)
45
46
  end
46
47
 
@@ -119,12 +120,13 @@ module Inspec::Resources
119
120
  EOF
120
121
 
121
122
  raise Inspec::Exceptions::ResourceSkipped, "Unable to get available space for partition #{partition}" if cmd.stdout == "" || cmd.exit_status.to_i != 0
123
+
122
124
  begin
123
125
  fs = JSON.parse(cmd.stdout)
124
126
  rescue JSON::ParserError => e
125
127
  raise Inspec::Exceptions::ResourceFailed,
126
- "Failed to parse JSON from Powershell. " \
127
- "Error: #{e}"
128
+ "Failed to parse JSON from Powershell. " \
129
+ "Error: #{e}"
128
130
  end
129
131
  {
130
132
  name: fs["DeviceID"],
@@ -28,10 +28,10 @@ module Inspec::Resources
28
28
  attr_reader :params
29
29
 
30
30
  filter = FilterTable.create
31
- filter.register_column(:zone, field: "zone")
32
- .register_column(:interfaces, field: "interfaces")
33
- .register_column(:sources, field: "sources")
34
- .register_column(:services, field: "services")
31
+ filter.register_column(:zone, field: "zone")
32
+ .register_column(:interfaces, field: "interfaces")
33
+ .register_column(:sources, field: "sources")
34
+ .register_column(:services, field: "services")
35
35
 
36
36
  filter.install_filter_methods_on_resource(self, :params)
37
37
 
@@ -45,12 +45,14 @@ module Inspec::Resources
45
45
 
46
46
  def has_zone?(query_zone)
47
47
  return false unless installed?
48
+
48
49
  result = firewalld_command("--get-zones").split(" ")
49
50
  result.include?(query_zone)
50
51
  end
51
52
 
52
53
  def running?
53
54
  return false unless installed?
55
+
54
56
  result = firewalld_command("--state")
55
57
  result =~ /^running/ ? true : false
56
58
  end
@@ -135,6 +137,7 @@ module Inspec::Resources
135
137
  if result.stderr != ""
136
138
  return "Error on command #{command}: #{result.stderr}"
137
139
  end
140
+
138
141
  result.stdout.strip
139
142
  end
140
143
  end
@@ -49,10 +49,10 @@ module Inspec::Resources
49
49
 
50
50
  filter = FilterTable.create
51
51
  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
52
- filter.register_column(:names, field: "name")
53
- .register_column(:gids, field: "gid")
54
- .register_column(:domains, field: "domain")
55
- .register_column(:members, field: "members", style: :simple)
52
+ filter.register_column(:names, field: "name")
53
+ .register_column(:gids, field: "gid")
54
+ .register_column(:domains, field: "domain")
55
+ .register_column(:members, field: "members", style: :simple)
56
56
  filter.install_filter_methods_on_resource(self, :collect_group_details)
57
57
 
58
58
  def to_s
@@ -64,6 +64,7 @@ module Inspec::Resources
64
64
  # collects information about every group
65
65
  def collect_group_details
66
66
  return @groups_cache ||= @group_provider.groups unless @group_provider.nil?
67
+
67
68
  []
68
69
  end
69
70
  end
@@ -176,6 +177,7 @@ module Inspec::Resources
176
177
  groups.each { |g| g["gid"] = g["gid"].to_i }
177
178
  groups.each do |g|
178
179
  next if g["users"].nil?
180
+
179
181
  g["members"] = g.delete("users")
180
182
  g["members"].tr!(" ", ",")
181
183
  end
@@ -90,6 +90,7 @@ class GrubConfig < Inspec.resource(1)
90
90
  lines = content.split("\n")
91
91
  lines.each_with_index do |line, index|
92
92
  next unless line =~ /^menuentry\s+.*/
93
+
93
94
  entry = {}
94
95
  entry["insmod"] = []
95
96
 
@@ -104,6 +105,7 @@ class GrubConfig < Inspec.resource(1)
104
105
  # Begin processing from index forward until a `}` line is met
105
106
  lines.drop(index + 1).each do |mline|
106
107
  break if mline =~ /^\s*}\s*$/
108
+
107
109
  case mline
108
110
  when /(?:^|\s*)initrd.*/
109
111
  entry["initrd"] = mline.split(" ")[1]
@@ -155,6 +157,7 @@ class GrubConfig < Inspec.resource(1)
155
157
  kernel_opts = {}
156
158
  lines.each_with_index do |file_line, index|
157
159
  next unless file_line =~ /^title.*/
160
+
158
161
  current_kernel = file_line.split(" ", 2)[1]
159
162
  lines.drop(index + 1).each do |kernel_line|
160
163
  if kernel_line =~ /^\s.*/
@@ -72,7 +72,7 @@ module Inspec::Resources
72
72
  missing_requirements = @host_provider.missing_requirements(protocol)
73
73
  unless missing_requirements.empty?
74
74
  return skip_resource "The following requirements are not met for this resource: " \
75
- "#{missing_requirements.join(', ')}"
75
+ "#{missing_requirements.join(", ")}"
76
76
  end
77
77
  end
78
78
 
@@ -83,7 +83,7 @@ module Inspec::Resources
83
83
 
84
84
  # if we get the IP address, the host is resolvable
85
85
  def resolvable?(type = nil)
86
- warn "The `host` resource ignores #{type} parameters. Continue to resolve host." if !type.nil?
86
+ warn "The `host` resource ignores #{type} parameters. Continue to resolve host." unless type.nil?
87
87
  resolve.nil? || resolve.empty? ? false : true
88
88
  end
89
89
 
@@ -131,7 +131,8 @@ module Inspec::Resources
131
131
 
132
132
  def resolve
133
133
  return @ip_cache if defined?(@ip_cache)
134
- @ip_cache = @host_provider.resolve(hostname) if !@host_provider.nil?
134
+
135
+ @ip_cache = @host_provider.resolve(hostname) unless @host_provider.nil?
135
136
  end
136
137
  end
137
138
 
@@ -248,6 +249,7 @@ module Inspec::Resources
248
249
  cmd.stdout.lines.each do |line|
249
250
  ip, = line.split(/\s+/, 2)
250
251
  next unless ip.match(Resolv::IPv4::Regex) || ip.match(Resolv::IPv6::Regex)
252
+
251
253
  addresses << ip unless addresses.include?(ip)
252
254
  end
253
255
 
@@ -35,8 +35,8 @@ module Inspec::Resources
35
35
  # profiles.
36
36
  if opts.key?(:enable_remote_worker) && !inspec.local_transport?
37
37
  warn "Ignoring `enable_remote_worker` option, the `http` resource ",
38
- "remote worker is enabled by default for remote targets and ",
39
- "cannot be disabled"
38
+ "remote worker is enabled by default for remote targets and ",
39
+ "cannot be disabled"
40
40
  end
41
41
 
42
42
  # Run locally if InSpec is ran locally and remotely if ran remotely
@@ -138,6 +138,7 @@ module Inspec::Resources
138
138
 
139
139
  def response
140
140
  return @response if @response
141
+
141
142
  conn = Faraday.new(url: url, headers: request_headers, params: params, ssl: { verify: ssl_verify? }) do |builder|
142
143
  builder.request :url_encoded
143
144
  builder.use FaradayMiddleware::FollowRedirects, limit: max_redirects if max_redirects > 0
@@ -163,7 +164,7 @@ module Inspec::Resources
163
164
  def initialize(inspec, http_method, url, opts)
164
165
  unless inspec.command("curl").exist?
165
166
  raise Inspec::Exceptions::ResourceSkipped,
166
- "curl is not available on the target machine"
167
+ "curl is not available on the target machine"
167
168
  end
168
169
 
169
170
  @ran_curl = false
@@ -203,6 +204,7 @@ module Inspec::Resources
203
204
  prelude, remainder = response.split("\n\n", 2)
204
205
  loop do
205
206
  break unless remainder =~ %r{^HTTP/}
207
+
206
208
  prelude, remainder = remainder.split("\n\n", 2)
207
209
  end
208
210
  @body = remainder
@@ -248,7 +250,7 @@ module Inspec::Resources
248
250
  if params.nil?
249
251
  cmd << "'#{url}'"
250
252
  else
251
- cmd << "'#{url}?#{params.map { |e| e.join('=') }.join('&')}'"
253
+ cmd << "'#{url}?#{params.map { |e| e.join("=") }.join("&")}'"
252
254
  end
253
255
 
254
256
  cmd.join(" ")
@@ -76,6 +76,7 @@ module Inspec::Resources
76
76
 
77
77
  def iis_app
78
78
  return @cache unless @cache.nil?
79
+
79
80
  command = "Import-Module WebAdministration; Get-WebApplication -Name '#{@path}' -Site '#{@site_name}' | Select-Object * | ConvertTo-Json"
80
81
  cmd = @inspec.command(command)
81
82
 
@@ -117,7 +117,7 @@ class IisAppPool < Inspec.resource(1)
117
117
  e32b: pool["enable32BitAppOnWin64"],
118
118
  mode: pool["managedPipelineMode"],
119
119
  processes: process_model["maxProcesses"],
120
- timeout: "#{idle_timeout['Hours']}:#{idle_timeout['Minutes']}:#{idle_timeout['Seconds']}",
120
+ timeout: "#{idle_timeout["Hours"]}:#{idle_timeout["Minutes"]}:#{idle_timeout["Seconds"]}",
121
121
  timeout_days: idle_timeout["Days"],
122
122
  timeout_hours: idle_timeout["Hours"],
123
123
  timeout_minutes: idle_timeout["Minutes"],