Merge pull request #5435 from collinmcneese/profile_init

lib/plugins/inspec-init/templates/profiles/aws/README.md

@@ -2,7 +2,7 @@
 
 This example shows the implementation of an InSpec profile for AWS.
 
-##  Create a profile 
+##  Create a profile
 
 ```
 $ inspec init profile --platform aws my-profile
@@ -15,12 +15,12 @@ Creating new profile at /Users/spaterson/my-profile
  • Creating directory controls
  • Creating file controls/example.rb
  • Creating file inspec.yml
- • Creating file attributes.yml
+ • Creating file inputs.yml
  • Creating file libraries/.gitkeep
- 
+
 ```
 
-## Optionally update `attributes.yml` to point to your custom VPC
+## Optionally update `inputs.yml` to point to your custom VPC
 
 ```
 aws_vpc_id: 'custom-vpc-id'
@@ -32,11 +32,11 @@ The related control will simply be skipped if this is not provided.  See the [In
 
 ### With a VPC Identifier
 
-With a supplied VPC identifier in `attributes.yml` both of the example controls will run.  The 'aws-single-vpc-exists-check' control will only check for a VPC identifier in the currently configured AWS SDK region e.g. `eu-west-2` in the below:
+With a supplied VPC identifier in `inputs.yml` both of the example controls will run.  The 'aws-single-vpc-exists-check' control will only check for a VPC identifier in the currently configured AWS SDK region e.g. `eu-west-2` in the below:
 
 ```
 $ cd my-profile/
-$ inspec exec . -t aws://  --attrs attributes.yml
+$ inspec exec . -t aws://  --input-file=inputs.yml
 
 Profile: AWS InSpec Profile (my-profile)
 Version: 0.1.0
@@ -111,13 +111,13 @@ Test Summary: 53 successful, 0 failures, 0 skipped
 ```
 
 
-### Without Supplying a VPC Identifier 
+### Without Supplying a VPC Identifier
 
-If no VPC identifier is supplied, the 'aws-single-vpc-exists-check' control is skipped and the other control runs.  The `attributes.yml` file does not have to be specified to InSpec in this case.
+If no VPC identifier is supplied, the 'aws-single-vpc-exists-check' control is skipped and the other control runs.  The `inputs.yml` file does not have to be specified to InSpec in this case.
 
 ```
 $ cd my-profile/
-$ inspec exec . -t aws://  
+$ inspec exec . -t aws://
 
 Profile: AWS InSpec Profile (my-profile)
 Version: 0.1.0
@@ -189,4 +189,4 @@ Target:  aws://eu-west-2
 
 Profile Summary: 2 successful controls, 0 control failures, 1 control skipped
 Test Summary: 52 successful, 0 failures, 1 skipped
-```
+```

lib/plugins/inspec-init/templates/profiles/aws/controls/example.rb

@@ -2,11 +2,11 @@
 
 title "Sample Section"
 
-aws_vpc_id = attribute("aws_vpc_id", default: "", description: "Optional AWS VPC identifier.")
+aws_vpc_id = input("aws_vpc_id")
 
 # You add controls here
-control "aws-single-vpc-exists-check" do # A unique ID for this control.
-  only_if { aws_vpc_id != "" } # Only run this control if the `aws_vpc_id` attribute is provided.
+control "aws-single-vpc-exists-check" do                                    # A unique ID for this control.
+  only_if { aws_vpc_id != "" }                                              # Only run this control if the `aws_vpc_id` input is provided.
   impact 1.0                                                                # The criticality, if this control fails.
   title "Check to see if custom VPC exists."                                # A human-readable title.
   describe aws_vpc(aws_vpc_id) do                                           # The test itself.

lib/plugins/inspec-init/templates/profiles/aws/inspec.yml

@@ -7,14 +7,13 @@ license: Apache-2.0
 summary: An InSpec Compliance Profile For AWS
 version: 0.1.0
 inspec_version: '~> 4'
-attributes:
+inputs:
 - name: aws_vpc_id
   required: false
   # Below is deliberately left as a default empty string to allow the profile to run when this is not provided.
   # Please see the README for more details.
-  default: ''
+  value: ''
   description: 'Optional Custom AWS VPC Id'
-  type: string
 depends:
   - name: inspec-aws
     url: https://github.com/inspec/inspec-aws/archive/master.tar.gz

lib/plugins/inspec-init/templates/profiles/gcp/README.md

@@ -2,7 +2,7 @@
 
 This example shows the implementation of an InSpec profile for GCP that depends on the [InSpec GCP Resource Pack](https://github.com/inspec/inspec-gcp).  See the [README](https://github.com/inspec/inspec-gcp) for instructions on setting up appropriate GCP credentials.
 
-##  Create a profile 
+##  Create a profile
 
 ```
 $ inspec init profile --platform gcp my-profile
@@ -12,12 +12,12 @@ Create new profile at /Users/spaterson/my-profile
  * Create directory controls
  * Create file controls/example.rb
  * Create file inspec.yml
- * Create file attributes.yml
- * Create file libraries/.gitkeep 
- 
+ * Create file inputs.yml
+ * Create file libraries/.gitkeep
+
 ```
 
-## Update `attributes.yml` to point to your project
+## Update `inputs.yml` to point to your project
 
 ```
 gcp_project_id: 'my-gcp-project'
@@ -27,7 +27,7 @@ gcp_project_id: 'my-gcp-project'
 
 ```
 $ cd gcp-profile/
-$ inspec exec . -t gcp:// --attrs attributes.yml
+$ inspec exec . -t gcp:// --input-file=inputs.yml
 
 Profile: GCP InSpec Profile (my-profile)
 Version: 0.1.0
@@ -63,4 +63,4 @@ Target:  gcp://local-service-account@my-gcp-project.iam.gserviceaccount.com
 
 Profile Summary: 2 successful controls, 0 control failures, 0 controls skipped
 Test Summary: 18 successful, 0 failures, 0 skipped
-```
+```

lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb

@@ -2,7 +2,7 @@
 
 title "Sample Section"
 
-gcp_project_id = attribute("gcp_project_id")
+gcp_project_id = input("gcp_project_id")
 
 # you add controls here
 control "gcp-single-region-1.0" do                                                    # A unique ID for this control

lib/plugins/inspec-init/templates/profiles/gcp/inspec.yml

@@ -6,14 +6,13 @@ copyright_email: you@example.com
 license: Apache-2.0
 summary: An InSpec Compliance Profile For GCP
 version: 0.1.0
-inspec_version: '>= 2.3.5'
-attributes:
+inspec_version: '>= 4'
+inputs:
 - name: gcp_project_id
   required: true
   description: 'The GCP project identifier.'
-  type: string
 depends:
 - name: inspec-gcp
   url: https://github.com/inspec/inspec-gcp/archive/master.tar.gz
 supports:
-- platform: gcp
+- platform: gcp

test/fixtures/profiles/cloud/test-aws/controls/example.rb

@@ -2,7 +2,7 @@
 
 title "Sample Section"
 
-aws_vpc_id = attribute("aws_vpc_id", default: "", description: "Optional AWS VPC identifier.")
+aws_vpc_id = input("aws_vpc_id", default: "", description: "Optional AWS VPC identifier.")
 
 # You add controls here
 control "aws-single-vpc-exists-check" do # A unique ID for this control.

test/fixtures/profiles/cloud/test-aws/inspec.yml

@@ -7,14 +7,13 @@ license: Apache-2.0
 summary: An InSpec Compliance Profile For AWS
 version: 0.1.0
 inspec_version: '~> 4'
-attributes:
+inputs:
 - name: aws_vpc_id
   required: false
   # Below is deliberately left as a default empty string to allow the profile to run when this is not provided.
   # Please see the README for more details.
-  default: ''
+  value: ''
   description: 'Optional Custom AWS VPC Id'
-  type: string
 depends:
   - name: inspec-aws
     url: https://github.com/inspec/inspec-aws/archive/master.tar.gz

test/fixtures/profiles/cloud/test-gcp/controls/example.rb

@@ -2,7 +2,7 @@
 
 title "Sample Section"
 
-gcp_project_id = attribute("gcp_project_id")
+gcp_project_id = input("gcp_project_id")
 
 # you add controls here
 control "gcp-single-region-1.0" do                                                    # A unique ID for this control

test/fixtures/profiles/cloud/test-gcp/inspec.yml

@@ -6,14 +6,13 @@ copyright_email: you@example.com
 license: Apache-2.0
 summary: An InSpec Compliance Profile For GCP
 version: 0.1.0
-inspec_version: '>= 2.3.5'
-attributes:
+inspec_version: '~> 4'
+inputs:
 - name: gcp_project_id
   required: true
   description: 'The GCP project identifier.'
-  type: string
 depends:
 - name: inspec-gcp
   url: https://github.com/inspec/inspec-gcp/archive/master.tar.gz
 supports:
-- platform: gcp
+- platform: gcp