inspec/docs/resources/parse_config.md.erb

103 lines
2.5 KiB
Text
Raw Normal View History

2016-09-22 12:43:57 +00:00
---
title: About the parse_config Resource
---
# parse_config
Use the `parse_config` InSpec audit resource to test arbitrary configuration files.
<br>
## Syntax
2016-09-22 12:43:57 +00:00
A `parse_config` resource block declares the location of the configuration setting to be tested, and then what value is to be tested. Because this resource relies on arbitrary configuration files, the test itself is often arbitrary and relies on custom Ruby code:
output = command('some-command').stdout
describe parse_config(output, { data_config_option: value } ) do
its('setting') { should eq 1 }
end
or:
audit = command('/sbin/auditctl -l').stdout
options = {
assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
2016-09-22 12:43:57 +00:00
multiple_values: true
}
describe parse_config(audit, options) do
its('setting') { should eq 1 }
end
where each test
* Must declare the location of the configuration file to be tested
* Must declare one (or more) settings to be tested
* May run a command to `stdout`, and then run the test against that output
* May use options to define how configuration data is to be parsed
<br>
## Matchers
2016-09-22 12:43:57 +00:00
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
2016-09-22 12:43:57 +00:00
### assignment_regex
2016-09-22 12:43:57 +00:00
Use `assignment_regex` to test a key value using a regular expression:
2016-09-22 12:43:57 +00:00
'key = value'
may be tested using the following regular expression, which determines assignment from key to value:
assignment_regex: /^\s*([^=]*?)\s*=\s*(.*?)\s*$/
2016-09-22 12:43:57 +00:00
### comment_char
2016-09-22 12:43:57 +00:00
Use `comment_char` to test for comments in a configuration file:
comment_char: '#'
### key_values
2016-09-22 12:43:57 +00:00
Use `key_values` to test how many values a key contains:
2016-09-22 12:43:57 +00:00
key = a b c
contains three values. To test that value to ensure it only contains one, use:
key_values: 1
2016-09-22 12:43:57 +00:00
### multiple_values
2016-09-22 12:43:57 +00:00
Use `multiple_values` if the source file uses the same key multiple times. All values will be aggregated in an array:
# # file structure:
# key = a
# key = b
# key2 = c
params['key'] = ['a', 'b']
params['key2'] = ['c']
To use plain key value mapping, use `multiple_values: false`:
# # file structure:
# key = a
# key = b
# key2 = c
params['key'] = 'b'
params['key2'] = 'c'
### standalone_comments
2016-09-22 12:43:57 +00:00
Use `standalone_comments` to parse comments as a line, otherwise inline comments are allowed:
'key = value # comment'
params['key'] = 'value # comment'
Use `standalone_comments: false`, to parse the following:
'key = value # comment'
params['key'] = 'value'