inspec 1.21.0 → 1.22.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 765c8898efac5c64dbba0583086f069eea4b521b
-  data.tar.gz: 28d639d2d72be737cb57366790ac1ee572eedc5c
+  metadata.gz: 474a314003f5f557da8d77561757a2083f6cda14
+  data.tar.gz: a3d427af33967690bee737f8ea3fe6ebc3205fbf
 SHA512:
-  metadata.gz: a48f8574446241505bb8678bedc9069931841bee798e8d5dbeb133151e195191cacaa67bfb48441d219d498ed14752f98dea4273120138298df5530545e9b3d3
-  data.tar.gz: c3f91d119061a9695653ee94f50f8c2588b9c6eb08a262578f2caef1b75ac9bef41d290aaa2af51fe9d0e154be0e093aabae23173e1c583fadaa1714d69f7f35
+  metadata.gz: 5f0cdabdfa5797224c35dc08b0b9159d7f4b5f20f115789618dffd880e9e0665cee0757cd194d2ed98dbee0c0c0bab1df65e23bbe6c6e3b052cb3c412d2a6767
+  data.tar.gz: 7b2add303caa99cda92831422e170805465536cc8e1e6b83fd92003817bc1b4cdd435ef46ee4f2e30635a6031b467396e0f069374443c64c3f2ae78e0433b115

data/CHANGELOG.md

@@ -1,5 +1,57 @@
 # Change Log
 
+## [v1.22.0](https://github.com/chef/inspec/tree/v1.22.0) (2017-04-27)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.21.0...v1.22.0)
+
+**Implemented enhancements:**
+
+- rename `parse\_config` options for clarity [\#1709](https://github.com/chef/inspec/issues/1709)
+- Lackluster type coercion [\#445](https://github.com/chef/inspec/issues/445)
+- Update port documentation to use `cmp` matcher [\#438](https://github.com/chef/inspec/issues/438)
+- Simplify error output [\#437](https://github.com/chef/inspec/issues/437)
+- Follow Gnu Standards for Command Line Interfaces [\#436](https://github.com/chef/inspec/issues/436)
+- Clarify `impact` of controls [\#358](https://github.com/chef/inspec/issues/358)
+- make the default logger readable [\#335](https://github.com/chef/inspec/issues/335)
+- Resolve open points from \#252 [\#334](https://github.com/chef/inspec/issues/334)
+- document all custom RSpec matcher [\#317](https://github.com/chef/inspec/issues/317)
+- Readme: Point to sources of documentation [\#231](https://github.com/chef/inspec/issues/231)
+- Readme: differentiate from Serverspec [\#229](https://github.com/chef/inspec/issues/229)
+- support legacy backend configuration calls \(rspec/serverspec\) [\#187](https://github.com/chef/inspec/issues/187)
+- Some inconsistencies with naming across the resources [\#120](https://github.com/chef/inspec/issues/120)
+- ensure all resources do OS check [\#96](https://github.com/chef/inspec/issues/96)
+- run docker backend in one exec loop [\#81](https://github.com/chef/inspec/issues/81)
+- make all transport configurable and optional [\#65](https://github.com/chef/inspec/issues/65)
+- inspec control.to\_ruby to use newlines instead of `\n` [\#1705](https://github.com/chef/inspec/pull/1705) ([arlimus](https://github.com/arlimus))
+
+**Fixed bugs:**
+
+- bugfix: unindent description misbehaviors [\#1707](https://github.com/chef/inspec/pull/1707) ([arlimus](https://github.com/arlimus))
+
+**Closed issues:**
+
+- Test [\#1721](https://github.com/chef/inspec/issues/1721)
+- Inspec Shell Enhancement - Show universal matchers on HELP MATCHERS command [\#1684](https://github.com/chef/inspec/issues/1684)
+- detecting service enabled on Ubuntu 16.04 \(systemd\) [\#931](https://github.com/chef/inspec/issues/931)
+- Can't get sub key in YAML [\#554](https://github.com/chef/inspec/issues/554)
+- Sharing custom resources? [\#353](https://github.com/chef/inspec/issues/353)
+- Readme: What is being installed? [\#166](https://github.com/chef/inspec/issues/166)
+
+**Merged pull requests:**
+
+- Update GH Pages CNAME [\#1731](https://github.com/chef/inspec/pull/1731) ([adamleff](https://github.com/adamleff))
+- Rakefile updates to support appbundle-updater [\#1730](https://github.com/chef/inspec/pull/1730) ([adamleff](https://github.com/adamleff))
+- use cmp in port docs instead of eq [\#1726](https://github.com/chef/inspec/pull/1726) ([arlimus](https://github.com/arlimus))
+- \[www\] update event on main page [\#1724](https://github.com/chef/inspec/pull/1724) ([adamleff](https://github.com/adamleff))
+- rename SimpleConfig / parse\_config / parse\_config\_file options [\#1723](https://github.com/chef/inspec/pull/1723) ([arlimus](https://github.com/arlimus))
+- Add matchers help to shell, clean up help output [\#1722](https://github.com/chef/inspec/pull/1722) ([adamleff](https://github.com/adamleff))
+- provide `inspec.version` information [\#1719](https://github.com/chef/inspec/pull/1719) ([arlimus](https://github.com/arlimus))
+- provide the `inspec` keyword [\#1718](https://github.com/chef/inspec/pull/1718) ([arlimus](https://github.com/arlimus))
+- print and prettyprint the inspec backend class [\#1717](https://github.com/chef/inspec/pull/1717) ([arlimus](https://github.com/arlimus))
+- describe the value ranges of `impact` [\#1713](https://github.com/chef/inspec/pull/1713) ([arlimus](https://github.com/arlimus))
+- pretty-print multiline control descriptions [\#1711](https://github.com/chef/inspec/pull/1711) ([arlimus](https://github.com/arlimus))
+- document reference to other tools [\#1710](https://github.com/chef/inspec/pull/1710) ([arlimus](https://github.com/arlimus))
+- handle json parse errors in docker resource [\#1706](https://github.com/chef/inspec/pull/1706) ([chris-rock](https://github.com/chris-rock))
+
 ## [v1.21.0](https://github.com/chef/inspec/tree/v1.21.0) (2017-04-24)
 [Full Changelog](https://github.com/chef/inspec/compare/v1.20.0...v1.21.0)
 
@@ -24,6 +76,7 @@
 
 **Merged pull requests:**
 
+- Release 1.21.0 [\#1703](https://github.com/chef/inspec/pull/1703) ([adamleff](https://github.com/adamleff))
 - \[www\] Update www Gemfile.lock [\#1691](https://github.com/chef/inspec/pull/1691) ([adamleff](https://github.com/adamleff))
 - showing how to shellout in docs [\#1689](https://github.com/chef/inspec/pull/1689) ([rshade](https://github.com/rshade))
 - \[www\] Fix docs pages for x509\_certificate and key\_rsa [\#1683](https://github.com/chef/inspec/pull/1683) ([adamleff](https://github.com/adamleff))

data/README.md

@@ -308,6 +308,10 @@ Tutorials/Blogs/Podcasts:
 
  * http://inspec.io/tutorials/
 
+Relationship to other tools (RSpec, Serverspec):
+
+ * http://inspec.io/docs/reference/inspec_and_friends/
+
 ## Share your Profiles
 
 You may share your InSpec Profiles in the [Tools & Plugins section](https://supermarket.chef.io/tools-directory) of the [Chef Supermarket](https://supermarket.chef.io/).  [Sign in](https://supermarket.chef.io/sign-in) and [add the details of your profile](https://supermarket.chef.io/tools/new).

data/Rakefile

@@ -4,19 +4,26 @@
 require 'bundler'
 require 'bundler/gem_tasks'
 require 'rake/testtask'
-require 'rubocop/rake_task'
-require_relative 'tasks/docs'
 require_relative 'tasks/maintainers'
 
-# Rubocop
-desc 'Run Rubocop lint checks'
-task :rubocop do
-  RuboCop::RakeTask.new
+# The docs tasks rely on ruby-progressbar. If we can't load it, then don't
+# load the docs tasks. This is necessary to allow this Rakefile to work
+# when the "tests" gem group in the Gemfile has been excluded, such as
+# during an appbundle-updater run.
+begin
+  require 'ruby-progressbar'
+  require_relative 'tasks/docs'
+rescue LoadError
+  puts 'docs tasks are unavailable because the ruby-progressbar gem is not available.'
 end
 
-# lint the project
-desc 'Run robocop linter'
-task lint: [:rubocop]
+# Rubocop
+begin
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new(:lint)
+rescue LoadError
+  puts 'rubocop is not available. Install the rubocop gem to run the lint tests.'
+end
 
 # update command output for demo
 desc 'Run inspec commands and save results to www/app/responses'

data/docs/dsl_inspec.md

@@ -44,7 +44,10 @@ where
 
 * `'sshd-8'` is the name of the control
 * `impact`, `title`, and `desc` define metadata that fully describes the importance of the control, its purpose, with a succinct and complete description
-* `impact` is an float that measures the importance of the compliance results and must be a value between `0.0` and `1.0`.
+* `impact` is an float that measures the importance of the compliance results and must be a value between `0.0` and `1.0`. The value ranges are:
+    * `0.0 to <0.4` these are controls with minor criticality
+    * `0.4 to <0.7` these are controls with major criticality
+    * `0.7 to 1.0` these are critical controls
 * `tag` is optional meta-information with with key or key-value pairs
 * `ref` is a reference to an external document
 * `describe` is a block that contains at least one test. A `control` block must contain at least one `describe` block, but may contain as many as required

data/docs/inspec_and_friends.md

@@ -42,7 +42,7 @@ end
 
 ## Serverspec
 
-Serverspec can be credited as the first extension of RSpec that enabled
+Serverspec is the first extension of RSpec that enabled
 users to run RSpec tests on servers to verify deployed artifacts. It was
 created in March 2013 by Gosuke Miyashita and has been widely adopted.
 It is also one of the core test frameworks within test-kitchen and has
@@ -60,7 +60,9 @@ Lessons learned from Serverspec include:
 * Support for Windows is a first-class requirement.
 * A command line interface (CLI) is required for faster iteration of test code.
 
-### How is InSpec different than Serverspec
+You can also watch this [podcast](http://foodfightshow.org/2016/02/inspec.html) to find out more on the relationship of InSpec and Serverspec.
+
+### How is InSpec different from Serverspec
 
 One of the key differences is that InSpec targets more user groups. It
 is optimized for DevOps, Security, and Compliance professionals.

data/docs/resources/parse_config.md.erb

@@ -20,7 +20,7 @@ or:
 
     audit = command('/sbin/auditctl -l').stdout
       options = {
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: true
       }
 
@@ -39,15 +39,15 @@ where each test
 
 This InSpec audit resource has the following matchers:
 
-### assignment_re
+### assignment_regex
 
-Use `assignment_re` to test a key value using a regular expression:
+Use `assignment_regex` to test a key value using a regular expression:
 
     'key = value'
 
 may be tested using the following regular expression, which determines assignment from key to value:
 
-    assignment_re: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
+    assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
 
 ### be
 
@@ -71,15 +71,15 @@ Use `comment_char` to test for comments in a configuration file:
 
 <%= partial "/shared/matcher_include" %>
 
-### key_vals
+### key_values
 
-Use `key_vals` to test how many values a key contains:
+Use `key_values` to test how many values a key contains:
 
     key = a b c
 
 contains three values. To test that value to ensure it only contains one, use:
 
-    key_vals: 1
+    key_values: 1
 
 ### match
 

data/docs/resources/parse_config_file.md.erb

@@ -17,7 +17,7 @@ A `parse_config_file` InSpec audit resource block declares the location of the c
 or:
 
     options = {
-      assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+      assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
       multiple_values: true
     }
 
@@ -37,7 +37,7 @@ where each test
 This resource supports the following options for parsing configuration data. Use them in an `options` block stated outside of (and immediately before) the actual test:
 
     options = {
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: true
       }
     describe parse_config_file('path/to/file',  options) do
@@ -48,15 +48,15 @@ This resource supports the following options for parsing configuration data. Use
 
 This InSpec audit resource has the following matchers:
 
-### assignment_re
+### assignment_regex
 
-Use `assignment_re` to test a key value using a regular expression:
+Use `assignment_regex` to test a key value using a regular expression:
 
     'key = value'
 
 may be tested using the following regular expression, which determines assignment from key to value:
 
-    assignment_re: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
+    assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
 
 ### be
 
@@ -80,15 +80,15 @@ Use `comment_char` to test for comments in a configuration file:
 
 <%= partial "/shared/matcher_include" %>
 
-### key_vals
+### key_values
 
-Use `key_vals` to test how many values a key contains:
+Use `key_values` to test how many values a key contains:
 
     key = a b c
 
 contains three values. To test that value to ensure it only contains one, use:
 
-    key_vals: 1
+    key_values: 1
 
 ### match
 

data/docs/resources/port.md.erb

@@ -75,13 +75,13 @@ The `be_listening` matcher tests if the port is listening for traffic:
 
 The `pids` matcher tests the process identifiers (PIDs):
 
-    its('pids') { should eq ['27808'] }
+    its('pids') { should cmp 27808 }
 
 ### processes
 
 The `processes` matcher tests if the named process is running on the system:
 
-    its('processes') { should eq ['syslog'] }
+    its('processes') { should cmp 'syslog' }
 
 ### protocols
 
@@ -101,7 +101,7 @@ The following examples show how to use this InSpec audit resource.
 
     describe port(80) do
       it { should be_listening }
-      its('protocols') {should eq ['tcp']}
+      its('protocols') { should cmp 'tcp' }
     end
 
 ### Test port 80, on a specific address
@@ -123,7 +123,7 @@ or:
 
     describe port(80) do
       it { should be_listening }
-      its('protocols') {should eq ['tcp6']}
+      its('protocols') { should cmp 'tcp6' }
     end
 
 ### Test that only secure ports accept requests
@@ -134,7 +134,7 @@ or:
 
     describe port(443) do
       it { should be_listening }
-      its('protocols') {should eq ['tcp']}
+      its('protocols') { should cmp 'tcp' }
     end
 
 ### Verify port 65432 is not listening

data/lib/inspec/backend.rb

@@ -26,9 +26,27 @@ module Inspec
       end
 
       cls = Class.new do
+        # Ruby internal for printing a nice name for this class
+        def to_s
+          'Inspec::Backend::Class'
+        end
+
+        # Ruby internal for pretty-printing a summary for this class
+        def inspect
+          "Inspec::Backend::Class @transport=#{backend.class}"
+        end
+
+        # Provide a shorthand to retrieve the inspec version from within a profile
+        #
+        # @return [String] inspec version
+        def version
+          Inspec::VERSION
+        end
+
         define_method :backend do
           connection
         end
+
         Inspec::Resource.registry.each do |id, r|
           define_method id.to_sym do |*args|
             r.new(self, id.to_s, *args)

data/lib/inspec/objects/control.rb

@@ -23,7 +23,7 @@ module Inspec
     def to_ruby
       res = ["control #{id.inspect} do"]
       res.push "  title #{title.inspect}" unless title.to_s.empty?
-      res.push "  desc  #{desc.inspect}" unless desc.to_s.empty?
+      res.push "  desc  #{prettyprint_text(desc, 2)}" unless desc.to_s.empty?
       res.push "  impact #{impact}" unless impact.nil?
       tags.each { |t| res.push(indent(t.to_ruby, 2)) }
       tests.each { |t| res.push(indent(t.to_ruby, 2)) }
@@ -33,6 +33,18 @@ module Inspec
 
     private
 
+    # Pretty-print a text block of InSpec code
+    #
+    # @param s [String] should not be empty
+    # @param depth [Int] indentation length for multiline text blocks
+    # @return [String] pretty-printed textblock
+    def prettyprint_text(s, depth)
+      txt = s.to_s.inspect.gsub('\n', "\n")
+      return txt if !txt.include?("\n")
+      middle = indent(txt[1..-2], depth+2)
+      txt[0] + "\n" + middle + "\n" + ' '*depth + txt[-1]
+    end
+
     def indent(txt, d)
       dt = ' '*d
       dt + txt.gsub("\n", "\n"+dt)

data/lib/inspec/resource.rb

@@ -48,6 +48,10 @@ module Inspec
             r.new(backend, id.to_s, *args)
           end
         end
+
+        define_method :inspec do
+          backend
+        end
       end
     end
   end

data/lib/inspec/rule.rb

@@ -231,16 +231,22 @@ module Inspec
       end
     end
 
-    # Idio(ma)tic unindent
-    # TODO: replace this
+    # Idio(ma)tic unindent, behaves similar to Ruby2.3 curly heredocs.
+    # Find the shortest indentation of non-empty lines and strip that from every line
+    # See: https://bugs.ruby-lang.org/issues/9098
+    #
+    # It is implemented here to support pre-Ruby2.3 with this feature and
+    # to not force non-programmers to understand heredocs.
+    #
+    # Please note: tabs are not supported! (they will be removed but they are not
+    # treated the same as in Ruby2.3 heredocs)
     #
     # @param [String] text string which needs to be unindented
-    # @return [String] input with indentation removed
+    # @return [String] input with indentation removed; '' if input is nil
     def unindent(text)
       return '' if text.nil?
-      text.strip.split("\n").map(&:strip)
-          .map { |x| x.empty? ? "\n" : x }
-          .join(' ')
+      len = text.split("\n").reject { |l| l.strip.empty? }.map { |x| x.index(/[^\s]/) }.compact.min
+      text.gsub(/^[[:blank:]]{#{len}}/, '').strip
     end
 
     # get the rule's source code

data/lib/inspec/shell.rb

@@ -9,7 +9,7 @@ module Inspec
   # A pry based shell for inspec. Given a runner (with a configured backend and
   # all that jazz), this shell will produce a pry shell from which you can run
   # inspec/ruby commands that will be run within the context of the runner.
-  class Shell
+  class Shell # rubocop:disable Metrics/ClassLength
     def initialize(runner)
       @runner = runner
     end
@@ -107,8 +107,8 @@ You are currently running on:
 EOF
     end
 
-    def help(resource = nil)
-      if resource.nil?
+    def help(topic = nil)
+      if topic.nil?
 
         puts <<EOF
 
@@ -117,6 +117,7 @@ Available commands:
     `[resource]` - run resource on target machine
     `help resources` - show all available resources that can be used as commands
     `help [resource]` - information about a specific resource
+    `help matchers` - show information about common matchers
     `exit` - exit the InSpec shell
 
 You can use resources in this environment to test the target machine. For example:
@@ -126,32 +127,94 @@ You can use resources in this environment to test the target machine. For exampl
 
 #{print_target_info}
 EOF
-      elsif resource == 'resources'
-        resources
-      elsif !Inspec::Resource.registry[resource].nil?
+      elsif topic == 'resources'
+        resources.sort.each do |resource|
+          puts " - #{resource}"
+        end
+      elsif topic == 'matchers'
+        print_matchers_help
+      elsif !Inspec::Resource.registry[topic].nil?
         puts <<EOF
-#{mark 'Name:'} #{resource}
+#{mark 'Name:'} #{topic}
 
 #{mark 'Description:'}
 
-#{Inspec::Resource.registry[resource].desc}
+#{Inspec::Resource.registry[topic].desc}
 
 #{mark 'Example:'}
-#{print_example(Inspec::Resource.registry[resource].example)}
+#{print_example(Inspec::Resource.registry[topic].example)}
 
 #{mark 'Web Reference:'}
 
-http://inspec.io/docs/reference/resources/#{resource}
+http://inspec.io/docs/reference/resources/#{topic}
 
 EOF
       else
-        puts 'Only the following resources are available:'
-        resources
+        puts "The resource #{topic} does not exist. For a list of valid resources, type: help resources"
       end
     end
 
     def resources
-      puts Inspec::Resource.registry.keys.join(' ')
+      Inspec::Resource.registry.keys
+    end
+
+    def print_matchers_help
+      puts <<-EOL
+Matchers are used to compare resource values to expectations. While some
+resources implement their own custom matchers, the following matchers are
+common amongst all resources:
+
+#{mark 'be'}
+
+The #{mark 'be'} matcher can be used to compare numeric values.
+
+   its('size') { should be >= 10 }
+
+#{mark 'cmp'}
+
+The #{mark 'cmp'} matcher is like #{mark 'eq'} but less restrictive. It will try
+to fit the resource value to the expectation.
+
+"Protocol" likely returns a string, but cmp will ensure it's a number before
+comparing:
+
+  its('Protocol') { should cmp 2 }
+  its('Protocol') { should cmp '2' }
+
+"users" may return an array, but if it contains only one item, cmp will compare
+it as a string or number as needed:
+
+  its('users') { should cmp 'root' }
+
+cmp is not case-sensitive:
+
+  its('log_format') { should cmp 'raw' }
+  its('log_format') { should cmp 'RAW' }
+
+#{mark 'eq'}
+
+The #{mark 'eq'} matcher tests for exact equality of two values. Value type
+(string, number, etc.) is important and must be the same. For a less-restrictive
+comparison matcher, use the #{mark 'cmp'} matcher.
+
+  its('RSAAuthentication') { should_not eq 'no' }
+
+#{mark 'include'}
+
+The #{mark 'include'} matcher tests to see if a value is included in a list.
+
+  its('users') { should include 'my_user' }
+
+#{mark 'match'}
+
+The #{mark 'match'} matcher can be used to test a string for a match using a
+regular expression.
+
+  its('content') { should_not match /^MyKey:\\s+some value/ }
+
+For more examples, see: http://inspec.io/docs/reference/matchers/
+
+      EOL
     end
   end
 end

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '1.21.0'.freeze
+  VERSION = '1.22.0'.freeze
 end

data/lib/resources/apache_conf.rb

@@ -82,7 +82,7 @@ module Inspec::Resources
         # parse include file parameters
         params = SimpleConfig.new(
           raw_conf,
-          assignment_re: /^\s*(\S+)\s+(.*)\s*$/,
+          assignment_regex: /^\s*(\S+)\s+(.*)\s*$/,
           multiple_values: true,
         ).params
         @params.merge!(params)

data/lib/resources/auditd_rules.rb

@@ -12,7 +12,7 @@ module Inspec::Resources
     def initialize(content)
       @content = content
       @opts = {
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: true,
       }
     end
@@ -27,7 +27,7 @@ module Inspec::Resources
 
     def status(name)
       @status_opts = {
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       }
       @status_content ||= inspec.command('/sbin/auditctl -s').stdout.chomp

data/lib/resources/bond.rb

@@ -28,7 +28,7 @@ module Inspec::Resources
       @content = @file.content
       @params = SimpleConfig.new(
         @file.content,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: true,
       ).params if @file.exist?
       @loaded = true

data/lib/resources/docker.rb

@@ -109,12 +109,16 @@ module Inspec::Resources
       return @version if defined?(@version)
       data = JSON.parse(inspec.command('docker version --format \'{{ json . }}\'').stdout)
       @version = Hashie::Mash.new(data)
+    rescue JSON::ParserError => _e
+      return Hashie::Mash.new({})
     end
 
     def info
       return @info if defined?(@info)
       data = JSON.parse(inspec.command('docker info --format \'{{ json . }}\'').stdout)
       @info = Hashie::Mash.new(data)
+    rescue JSON::ParserError => _e
+      return Hashie::Mash.new({})
     end
 
     # returns information about docker objects
@@ -123,6 +127,8 @@ module Inspec::Resources
       data = JSON.parse(inspec.command("docker inspect #{id}").stdout)
       data = data[0] if data.is_a?(Array)
       @inspect = Hashie::Mash.new(data)
+    rescue JSON::ParserError => _e
+      return Hashie::Mash.new({})
     end
 
     def to_s
@@ -144,6 +150,9 @@ module Inspec::Resources
         ps.push(j)
       }
       ps
+    rescue JSON::ParserError => _e
+      warn 'Could not parse `docker ps` output'
+      []
     end
 
     def parse_images
@@ -154,6 +163,9 @@ module Inspec::Resources
         c_images.push(JSON.parse(entry))
       }
       c_images
+    rescue JSON::ParserError => _e
+      warn 'Could not parse `docker images` output'
+      []
     end
   end
 end

data/lib/resources/inetd_conf.rb

@@ -50,8 +50,8 @@ module Inspec::Resources
       # parse the file
       conf = SimpleConfig.new(
         content,
-        assignment_re: /^\s*(\S+?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s*$/,
-        key_vals: 6,
+        assignment_regex: /^\s*(\S+?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s+(.*?)\s*$/,
+        key_values: 6,
         multiple_values: false,
       )
       @params = conf.params

data/lib/resources/limits_conf.rb

@@ -43,8 +43,8 @@ module Inspec::Resources
       # parse the file
       conf = SimpleConfig.new(
         content,
-        assignment_re: /^\s*(\S+?)\s+(.*?)\s+(.*?)\s+(.*?)\s*$/,
-        key_vals: 3,
+        assignment_regex: /^\s*(\S+?)\s+(.*?)\s+(.*?)\s+(.*?)\s*$/,
+        key_values: 3,
         multiple_values: true,
       )
       @params = conf.params

data/lib/resources/login_def.rb

@@ -55,7 +55,7 @@ module Inspec::Resources
       # parse the file
       conf = SimpleConfig.new(
         content,
-        assignment_re: /^\s*(\S+)\s+(\S*)\s*$/,
+        assignment_regex: /^\s*(\S+)\s+(\S*)\s*$/,
         multiple_values: false,
       )
       @params = conf.params

data/lib/resources/ntp_conf.rb

@@ -51,7 +51,7 @@ module Inspec::Resources
       # parse the file
       conf = SimpleConfig.new(
         content,
-        assignment_re: /^\s*(\S+)\s+(.*)\s*$/,
+        assignment_regex: /^\s*(\S+)\s+(.*)\s*$/,
         multiple_values: true,
       )
       @params = conf.params

data/lib/resources/package.rb

@@ -88,7 +88,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
       # If the package is removed and not purged, Status is "deinstall ok config-files" with exit_status 0
@@ -111,7 +111,7 @@ module Inspec::Resources
       return nil if cmd.exit_status.to_i != 0 || cmd.stdout.chomp.empty?
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
       # On some (all?) systems, the linebreak before the vendor line is missing
@@ -161,7 +161,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
 
@@ -261,7 +261,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
 
@@ -282,7 +282,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
 

data/lib/resources/parse_config.rb

@@ -8,7 +8,7 @@
 #
 #  audit = command('/sbin/auditctl -l').stdout
 #  options = {
-#    assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+#    assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
 #    multiple_values: true
 #  }
 #  describe parse_config(audit, options ) do
@@ -26,7 +26,7 @@ module Inspec::Resources
       output2 = command('curl http://127.0.0.1/php_status').stdout
       # php status is in format 'key : value', and we do not allow for multiple values
       options2 = {
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false
       }
 

data/lib/resources/pip.rb

@@ -31,7 +31,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
       @info[:name] = params['Name']

data/lib/resources/postgres_conf.rb

@@ -75,7 +75,7 @@ module Inspec::Resources
         @content += raw_conf
 
         opts = {
-          assignment_re: /^\s*([^=]*?)\s*=\s*[']?\s*(.*?)\s*[']?\s*$/,
+          assignment_regex: /^\s*([^=]*?)\s*=\s*[']?\s*(.*?)\s*[']?\s*$/,
         }
         params = SimpleConfig.new(raw_conf, opts).params
         @params.merge!(params)

data/lib/resources/security_policy.rb

@@ -132,7 +132,7 @@ module Inspec::Resources
 
       conf = SimpleConfig.new(
         @content,
-        assignment_re: /^\s*(.*)=\s*(\S*)\s*$/,
+        assignment_regex: /^\s*(.*)=\s*(\S*)\s*$/,
       )
       @params = convert_hash(conf.params)
     end

data/lib/resources/service.rb

@@ -262,7 +262,7 @@ module Inspec::Resources
       # parse data
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
         multiple_values: false,
       ).params
 
@@ -637,7 +637,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^(\w+)\s*(.*)$/,
+        assignment_regex: /^(\w+)\s*(.*)$/,
         multiple_values: false,
       ).params
 

data/lib/resources/ssh_conf.rb

@@ -76,7 +76,7 @@ module Inspec::Resources
       return @params = {} if read_content.nil?
       conf = SimpleConfig.new(
         read_content,
-        assignment_re: /^\s*(\S+?)\s+(.*?)\s*$/,
+        assignment_regex: /^\s*(\S+?)\s+(.*?)\s*$/,
         multiple_values: true,
       )
       @params = convert_hash(conf.params)

data/lib/resources/users.rb

@@ -358,7 +358,7 @@ module Inspec::Resources
       SimpleConfig.new(
         line,
         line_separator: ',',
-        assignment_re: /^\s*([^\(]*?)\s*\(\s*(.*?)\)*$/,
+        assignment_regex: /^\s*([^\(]*?)\s*\(\s*(.*?)\)*$/,
         group_re: nil,
         multiple_values: false,
       ).params
@@ -372,7 +372,7 @@ module Inspec::Resources
       # parse words
       params = SimpleConfig.new(
         parse_id_entries(cmd.stdout.chomp),
-        assignment_re: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
         group_re: nil,
         multiple_values: false,
       ).params
@@ -419,7 +419,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         group_re: nil,
         multiple_values: false,
       ).params
@@ -512,7 +512,7 @@ module Inspec::Resources
 
       params = SimpleConfig.new(
         cmd.stdout.chomp,
-        assignment_re: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
+        assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
         group_re: nil,
         multiple_values: false,
       ).params

data/lib/utils/simpleconfig.rb

@@ -55,16 +55,28 @@ class SimpleConfig
   end
 
   def parse_params_line(line, opts)
+    # Deprecation handling
+    if opts.key?(:assignment_re)
+      warn '[DEPRECATION] `:assignment_re` is deprecated in favor of `:assignment_regex` '\
+           'and will be removed in the next major version. See: https://github.com/chef/inspec/issues/1709'
+      opts[:assignment_regex] = opts[:assignment_re]
+    end
+    if opts.key?(:key_vals)
+      warn '[DEPRECATION] `:key_vals` is deprecated in favor of `:key_values` '\
+           'and will be removed in the next major version. See: https://github.com/chef/inspec/issues/1709'
+      opts[:key_values] = opts[:key_vals]
+    end
+
     # now line contains what we are interested in parsing
     # check if it is an assignment
-    m = opts[:assignment_re].match(line)
+    m = opts[:assignment_regex].match(line)
     return nil if m.nil?
 
     if opts[:multiple_values]
       @vals[m[1]] ||= []
-      @vals[m[1]].push(parse_values(m, opts[:key_vals]))
+      @vals[m[1]].push(parse_values(m, opts[:key_values]))
     else
-      @vals[m[1]] = parse_values(m, opts[:key_vals])
+      @vals[m[1]] = parse_values(m, opts[:key_values])
     end
   end
 
@@ -111,9 +123,9 @@ class SimpleConfig
       multiline: false,
       comment_char: '#',
       line_separator: nil, # uses this char to seperate lines before parsing
-      assignment_re: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
+      assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/,
       group_re: /\[([^\]]+)\]\s*$/,
-      key_vals: 1, # default for key=value, may require for 'key val1 val2 val3'
+      key_values: 1, # default for key=value, may require for 'key val1 val2 val3'
       standalone_comments: false,
       multiple_values: false,
     }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.21.0
+  version: 1.22.0
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-24 00:00:00.000000000 Z
+date: 2017-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train