mirror of
https://github.com/inspec/inspec
synced 2024-11-22 12:43:07 +00:00
Merge pull request #4142 from inspec/zenspider/clean_unnecessary_requires
Clean unnecessary requires
This commit is contained in:
Ryan Davis
GitHub
commit
4790e288a0
300 changed files with 824 additions and 217 deletions
|
|
@ -28,3 +28,4 @@ require 'inspec/base_cli'
|
|||
require 'inspec/fetcher'
|
||||
require 'inspec/source_reader'
|
||||
require 'inspec/resource'
|
||||
require 'inspec/resources'
|
||||
|
|
|
|||
|
|
@ -4,6 +4,9 @@
|
|||
require 'pp'
|
||||
require 'stringio'
|
||||
require 'forwardable'
|
||||
require 'thor'
|
||||
require 'base64'
|
||||
require 'inspec/base_cli'
|
||||
|
||||
module Inspec
|
||||
class Config
|
||||
|
|
|
|||
|
|
@ -81,121 +81,3 @@ end
|
|||
|
||||
# Many resources use FilterTable.
|
||||
require 'inspec/utils/filter'
|
||||
|
||||
# Detect if we are running the stripped-down inspec-core
|
||||
# This relies on AWS being stripped from the inspec-core gem
|
||||
inspec_core_only = !File.exist?(File.join(File.dirname(__FILE__), '..', 'resource_support', 'aws.rb'))
|
||||
|
||||
# Do not attempt to load cloud resources if we are in inspec-core mode
|
||||
unless inspec_core_only
|
||||
require 'resource_support/aws'
|
||||
require 'resources/azure/azure_backend.rb'
|
||||
require 'resources/azure/azure_generic_resource.rb'
|
||||
require 'resources/azure/azure_resource_group.rb'
|
||||
require 'resources/azure/azure_virtual_machine.rb'
|
||||
require 'resources/azure/azure_virtual_machine_data_disk.rb'
|
||||
end
|
||||
|
||||
require 'inspec/resources/aide_conf'
|
||||
require 'inspec/resources/apache'
|
||||
require 'inspec/resources/apache_conf'
|
||||
require 'inspec/resources/apt'
|
||||
require 'inspec/resources/audit_policy'
|
||||
require 'inspec/resources/auditd'
|
||||
require 'inspec/resources/auditd_conf'
|
||||
require 'inspec/resources/bash'
|
||||
require 'inspec/resources/bond'
|
||||
require 'inspec/resources/bridge'
|
||||
require 'inspec/resources/chocolatey_package'
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/resources/cran'
|
||||
require 'inspec/resources/cpan'
|
||||
require 'inspec/resources/crontab'
|
||||
require 'inspec/resources/dh_params'
|
||||
require 'inspec/resources/directory'
|
||||
require 'inspec/resources/docker'
|
||||
require 'inspec/resources/docker_container'
|
||||
require 'inspec/resources/docker_image'
|
||||
require 'inspec/resources/docker_plugin'
|
||||
require 'inspec/resources/docker_service'
|
||||
require 'inspec/resources/elasticsearch'
|
||||
require 'inspec/resources/etc_fstab'
|
||||
require 'inspec/resources/etc_group'
|
||||
require 'inspec/resources/etc_hosts_allow_deny'
|
||||
require 'inspec/resources/etc_hosts'
|
||||
require 'inspec/resources/file'
|
||||
require 'inspec/resources/filesystem'
|
||||
require 'inspec/resources/firewalld'
|
||||
require 'inspec/resources/gem'
|
||||
require 'inspec/resources/groups'
|
||||
require 'inspec/resources/grub_conf'
|
||||
require 'inspec/resources/host'
|
||||
require 'inspec/resources/http'
|
||||
require 'inspec/resources/iis_app'
|
||||
require 'inspec/resources/iis_app_pool'
|
||||
require 'inspec/resources/iis_site'
|
||||
require 'inspec/resources/inetd_conf'
|
||||
require 'inspec/resources/interface'
|
||||
require 'inspec/resources/iptables'
|
||||
require 'inspec/resources/kernel_module'
|
||||
require 'inspec/resources/kernel_parameter'
|
||||
require 'inspec/resources/key_rsa'
|
||||
require 'inspec/resources/ksh'
|
||||
require 'inspec/resources/limits_conf'
|
||||
require 'inspec/resources/login_def'
|
||||
require 'inspec/resources/mount'
|
||||
require 'inspec/resources/mssql_session'
|
||||
require 'inspec/resources/mysql'
|
||||
require 'inspec/resources/mysql_conf'
|
||||
require 'inspec/resources/mysql_session'
|
||||
require 'inspec/resources/nginx'
|
||||
require 'inspec/resources/nginx_conf'
|
||||
require 'inspec/resources/npm'
|
||||
require 'inspec/resources/ntp_conf'
|
||||
require 'inspec/resources/oneget'
|
||||
require 'inspec/resources/oracledb_session'
|
||||
require 'inspec/resources/os'
|
||||
require 'inspec/resources/os_env'
|
||||
require 'inspec/resources/package'
|
||||
require 'inspec/resources/packages'
|
||||
require 'inspec/resources/parse_config'
|
||||
require 'inspec/resources/passwd'
|
||||
require 'inspec/resources/pip'
|
||||
require 'inspec/resources/platform'
|
||||
require 'inspec/resources/port'
|
||||
require 'inspec/resources/postgres'
|
||||
require 'inspec/resources/postgres_conf'
|
||||
require 'inspec/resources/postgres_hba_conf'
|
||||
require 'inspec/resources/postgres_ident_conf'
|
||||
require 'inspec/resources/postgres_session'
|
||||
require 'inspec/resources/powershell'
|
||||
require 'inspec/resources/processes'
|
||||
require 'inspec/resources/rabbitmq_conf'
|
||||
require 'inspec/resources/registry_key'
|
||||
require 'inspec/resources/security_identifier'
|
||||
require 'inspec/resources/security_policy'
|
||||
require 'inspec/resources/service'
|
||||
require 'inspec/resources/shadow'
|
||||
require 'inspec/resources/ssh_conf'
|
||||
require 'inspec/resources/ssl'
|
||||
require 'inspec/resources/sys_info'
|
||||
require 'inspec/resources/toml'
|
||||
require 'inspec/resources/users'
|
||||
require 'inspec/resources/vbscript'
|
||||
require 'inspec/resources/virtualization'
|
||||
require 'inspec/resources/windows_feature'
|
||||
require 'inspec/resources/windows_hotfix'
|
||||
require 'inspec/resources/windows_task'
|
||||
require 'inspec/resources/wmi'
|
||||
require 'inspec/resources/x509_certificate'
|
||||
require 'inspec/resources/xinetd'
|
||||
require 'inspec/resources/yum'
|
||||
require 'inspec/resources/zfs_dataset'
|
||||
require 'inspec/resources/zfs_pool'
|
||||
|
||||
# file formats, depend on json implementation
|
||||
require 'inspec/resources/json'
|
||||
require 'inspec/resources/yaml'
|
||||
require 'inspec/resources/csv'
|
||||
require 'inspec/resources/ini'
|
||||
require 'inspec/resources/xml'
|
||||
|
|
|
|||
119
lib/inspec/resources.rb
Normal file
119
lib/inspec/resources.rb
Normal file
|
|
@ -0,0 +1,119 @@
|
|||
require 'inspec/resource'
|
||||
|
||||
# Detect if we are running the stripped-down inspec-core
|
||||
# This relies on AWS being stripped from the inspec-core gem
|
||||
inspec_core_only = !File.exist?(File.join(File.dirname(__FILE__), '..', 'resource_support', 'aws.rb'))
|
||||
|
||||
# Do not attempt to load cloud resources if we are in inspec-core mode
|
||||
unless inspec_core_only
|
||||
require 'resource_support/aws'
|
||||
require 'resources/azure/azure_backend.rb'
|
||||
require 'resources/azure/azure_generic_resource.rb'
|
||||
require 'resources/azure/azure_resource_group.rb'
|
||||
require 'resources/azure/azure_virtual_machine.rb'
|
||||
require 'resources/azure/azure_virtual_machine_data_disk.rb'
|
||||
end
|
||||
|
||||
require 'inspec/resources/aide_conf'
|
||||
require 'inspec/resources/apache'
|
||||
require 'inspec/resources/apache_conf'
|
||||
require 'inspec/resources/apt'
|
||||
require 'inspec/resources/audit_policy'
|
||||
require 'inspec/resources/auditd'
|
||||
require 'inspec/resources/auditd_conf'
|
||||
require 'inspec/resources/bash'
|
||||
require 'inspec/resources/bond'
|
||||
require 'inspec/resources/bridge'
|
||||
require 'inspec/resources/chocolatey_package'
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/resources/cran'
|
||||
require 'inspec/resources/cpan'
|
||||
require 'inspec/resources/crontab'
|
||||
require 'inspec/resources/dh_params'
|
||||
require 'inspec/resources/directory'
|
||||
require 'inspec/resources/docker'
|
||||
require 'inspec/resources/docker_container'
|
||||
require 'inspec/resources/docker_image'
|
||||
require 'inspec/resources/docker_plugin'
|
||||
require 'inspec/resources/docker_service'
|
||||
require 'inspec/resources/elasticsearch'
|
||||
require 'inspec/resources/etc_fstab'
|
||||
require 'inspec/resources/etc_group'
|
||||
require 'inspec/resources/etc_hosts_allow_deny'
|
||||
require 'inspec/resources/etc_hosts'
|
||||
require 'inspec/resources/file'
|
||||
require 'inspec/resources/filesystem'
|
||||
require 'inspec/resources/firewalld'
|
||||
require 'inspec/resources/gem'
|
||||
require 'inspec/resources/groups'
|
||||
require 'inspec/resources/grub_conf'
|
||||
require 'inspec/resources/host'
|
||||
require 'inspec/resources/http'
|
||||
require 'inspec/resources/iis_app'
|
||||
require 'inspec/resources/iis_app_pool'
|
||||
require 'inspec/resources/iis_site'
|
||||
require 'inspec/resources/inetd_conf'
|
||||
require 'inspec/resources/interface'
|
||||
require 'inspec/resources/iptables'
|
||||
require 'inspec/resources/kernel_module'
|
||||
require 'inspec/resources/kernel_parameter'
|
||||
require 'inspec/resources/key_rsa'
|
||||
require 'inspec/resources/ksh'
|
||||
require 'inspec/resources/limits_conf'
|
||||
require 'inspec/resources/login_defs'
|
||||
require 'inspec/resources/mount'
|
||||
require 'inspec/resources/mssql_session'
|
||||
require 'inspec/resources/mysql'
|
||||
require 'inspec/resources/mysql_conf'
|
||||
require 'inspec/resources/mysql_session'
|
||||
require 'inspec/resources/nginx'
|
||||
require 'inspec/resources/nginx_conf'
|
||||
require 'inspec/resources/npm'
|
||||
require 'inspec/resources/ntp_conf'
|
||||
require 'inspec/resources/oneget'
|
||||
require 'inspec/resources/oracledb_session'
|
||||
require 'inspec/resources/os'
|
||||
require 'inspec/resources/os_env'
|
||||
require 'inspec/resources/package'
|
||||
require 'inspec/resources/packages'
|
||||
require 'inspec/resources/parse_config'
|
||||
require 'inspec/resources/passwd'
|
||||
require 'inspec/resources/pip'
|
||||
require 'inspec/resources/platform'
|
||||
require 'inspec/resources/port'
|
||||
require 'inspec/resources/postgres'
|
||||
require 'inspec/resources/postgres_conf'
|
||||
require 'inspec/resources/postgres_hba_conf'
|
||||
require 'inspec/resources/postgres_ident_conf'
|
||||
require 'inspec/resources/postgres_session'
|
||||
require 'inspec/resources/powershell'
|
||||
require 'inspec/resources/processes'
|
||||
require 'inspec/resources/rabbitmq_config'
|
||||
require 'inspec/resources/registry_key'
|
||||
require 'inspec/resources/security_identifier'
|
||||
require 'inspec/resources/security_policy'
|
||||
require 'inspec/resources/service'
|
||||
require 'inspec/resources/shadow'
|
||||
require 'inspec/resources/ssh_config'
|
||||
require 'inspec/resources/ssl'
|
||||
require 'inspec/resources/sys_info'
|
||||
require 'inspec/resources/toml'
|
||||
require 'inspec/resources/users'
|
||||
require 'inspec/resources/vbscript'
|
||||
require 'inspec/resources/virtualization'
|
||||
require 'inspec/resources/windows_feature'
|
||||
require 'inspec/resources/windows_hotfix'
|
||||
require 'inspec/resources/windows_task'
|
||||
require 'inspec/resources/wmi'
|
||||
require 'inspec/resources/x509_certificate'
|
||||
require 'inspec/resources/xinetd_conf'
|
||||
require 'inspec/resources/yum'
|
||||
require 'inspec/resources/zfs_dataset'
|
||||
require 'inspec/resources/zfs_pool'
|
||||
|
||||
# file formats, depend on json implementation
|
||||
require 'inspec/resources/json'
|
||||
require 'inspec/resources/yaml'
|
||||
require 'inspec/resources/csv'
|
||||
require 'inspec/resources/ini'
|
||||
require 'inspec/resources/xml'
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Verifies apt and ppa repositories
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# copyright: 2015, Vulcano Security GmbH
|
||||
|
||||
# Advanced Auditing:
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
|
||||
require 'inspec/resources/file'
|
||||
require 'inspec/utils/file_reader'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
class Bond < FileResource
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/file'
|
||||
|
||||
# Usage:
|
||||
# describe bridge('br0') do
|
||||
|
|
|
|||
|
|
@ -1,5 +1,8 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/resources/powershell'
|
||||
|
||||
# Check for Chocolatey packages to be installed
|
||||
module Inspec::Resources
|
||||
class ChocoPkg < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Usage:
|
||||
# describe cpan('DBD::Pg') do
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Usage:
|
||||
# describe cran('DBI') do
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/file'
|
||||
require 'inspec/utils/parser'
|
||||
require 'inspec/utils/filter'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/json'
|
||||
|
||||
# Parses a csv document
|
||||
# This implementation was inspired by a blog post
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
# Copyright 2017, Christoph Hartmann
|
||||
#
|
||||
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/utils/filter'
|
||||
require 'hashie/mash'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
#
|
||||
# Copyright 2017, Christoph Hartmann
|
||||
|
||||
require 'inspec/resources/docker'
|
||||
require_relative 'docker_object'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
#
|
||||
# Copyright 2017, Christoph Hartmann
|
||||
|
||||
require 'inspec/resources/docker'
|
||||
require_relative 'docker_object'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/docker'
|
||||
|
||||
module Inspec::Resources
|
||||
class DockerPlugin < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
#
|
||||
# Copyright 2017, Christoph Hartmann
|
||||
|
||||
require 'inspec/resources/docker'
|
||||
require_relative 'docker_object'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# copyright: 2015, Vulcano Security GmbH
|
||||
|
||||
require 'shellwords'
|
||||
require 'inspec/utils/parser'
|
||||
|
||||
module Inspec::Resources
|
||||
module FilePermissionsSelector
|
||||
|
|
@ -13,6 +14,7 @@ module Inspec::Resources
|
|||
end
|
||||
end
|
||||
|
||||
# TODO: rename file_resource.rb
|
||||
class FileResource < Inspec.resource(1)
|
||||
include FilePermissionsSelector
|
||||
include LinuxMountParser
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class FileSystemResource < Inspec.resource(1)
|
||||
name 'filesystem'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class FirewallD < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class GemPackage < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
|
||||
require 'inspec/resources/etc_group'
|
||||
require 'inspec/resources/powershell'
|
||||
require 'inspec/resources/parse_config'
|
||||
require 'inspec/utils/filter'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Usage:
|
||||
# describe host('example.com') do
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
# copyright: 2017, Chef Software Inc
|
||||
# license: Apache v2
|
||||
|
||||
require 'inspec/resources/command'
|
||||
require 'faraday'
|
||||
require 'faraday_middleware'
|
||||
require 'hashie'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'inspec/resources/powershell'
|
||||
|
||||
# check for web applications in IIS
|
||||
# Note: this is only supported in windows 2012 and later
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'inspec/resources/command'
|
||||
|
||||
# check for site in IIS
|
||||
# Usage:
|
||||
# describe iis_site('Default Web Site') do
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/json'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/utils/convert'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
class NetworkInterface < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Usage:
|
||||
# describe iptables do
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class KernelModule < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class KernelParameter < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ require 'inspec/utils/file_reader'
|
|||
# end
|
||||
|
||||
module Inspec::Resources
|
||||
class LoginDef < Inspec.resource(1)
|
||||
class LoginDefs < Inspec.resource(1)
|
||||
name 'login_defs'
|
||||
supports platform: 'unix'
|
||||
desc 'Use the login_defs InSpec audit resource to test configuration settings in the /etc/login.defs file. The logins.defs file defines site-specific configuration for the shadow password suite on Linux and UNIX platforms, such as password expiration ranges, minimum/maximum values for automatic selection of user and group identifiers, or the method with which passwords are encrypted.'
|
||||
|
|
@ -1,6 +1,3 @@
|
|||
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
class Mount < Inspec.resource(1)
|
||||
name 'mount'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/command'
|
||||
require 'hashie/mash'
|
||||
require 'inspec/utils/database_helpers'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
# copyright: 2015, Vulcano Security GmbH
|
||||
|
||||
require 'inspec/resources/command'
|
||||
require 'shellwords'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
|
||||
require 'pathname'
|
||||
require 'hashie/mash'
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class Nginx < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -174,7 +174,7 @@ module Inspec::Resources
|
|||
end
|
||||
end
|
||||
|
||||
class NginxConfServer
|
||||
class NginxConfServer # TODO: rename NginxServer
|
||||
attr_reader :params, :parent
|
||||
def initialize(params, parent)
|
||||
@parent = parent
|
||||
|
|
@ -216,6 +216,7 @@ module Inspec::Resources
|
|||
def to_s
|
||||
location = Array(params['_']).join(' ')
|
||||
# go three levels up: 1. to the server entry, 2. http entry and 3. to the root nginx conf
|
||||
# TODO: fix parent.parent.parent
|
||||
@parent.parent.parent.to_s + ", location #{location.inspect}"
|
||||
end
|
||||
alias inspect to_s
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/command'
|
||||
require 'shellwords'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# This resource talks with OneGet (https://github.com/OneGet/oneget)
|
||||
# Its part of Windows Management Framework 5.0 and part of Windows 10
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/command'
|
||||
require 'hashie/mash'
|
||||
require 'inspec/utils/database_helpers'
|
||||
require 'htmlentities'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
require 'inspec/resources/platform'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
require 'inspec/resources/directory'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
# Resource to determine package information
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# copyright: 2017, Chef Software, Inc. <legal@chef.io>
|
||||
|
||||
require 'inspec/utils/filter'
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class Packages < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@
|
|||
# describe parse_config(audit, options ) do
|
||||
|
||||
require 'inspec/utils/file_reader'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
class PConfig < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,9 +1,10 @@
|
|||
require 'inspec/resources/command'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
# Usage:
|
||||
# describe pip('Jinja2') do
|
||||
# it { should be_installed }
|
||||
# end
|
||||
#
|
||||
|
||||
module Inspec::Resources
|
||||
class PipPackage < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
# copyright: 2015, Vulcano Security GmbH
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class PowershellScript < Cmd
|
||||
class Powershell < Cmd
|
||||
name 'powershell'
|
||||
supports platform: 'windows'
|
||||
supports platform: 'unix'
|
||||
|
|
@ -50,8 +51,10 @@ module Inspec::Resources
|
|||
end
|
||||
end
|
||||
|
||||
PowershellScript = Powershell
|
||||
|
||||
# this is deprecated syntax and will be removed in future versions
|
||||
class LegacyPowershellScript < PowershellScript
|
||||
class LegacyPowershell < Powershell
|
||||
name 'script'
|
||||
|
||||
def initialize(script)
|
||||
|
|
@ -59,4 +62,6 @@ module Inspec::Resources
|
|||
super(script)
|
||||
end
|
||||
end
|
||||
|
||||
LegacyPowershellScript = LegacyPowershell
|
||||
end
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
require 'inspec/utils/filter'
|
||||
require 'ostruct'
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class Processes < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
|
||||
require 'inspec/utils/erlang_parser'
|
||||
require 'inspec/utils/file_reader'
|
||||
|
||||
module Inspec::Resources
|
||||
class RabbitmqConf < Inspec.resource(1)
|
||||
class RabbitmqConfig < Inspec.resource(1)
|
||||
name 'rabbitmq_conf' # TODO: this is an alias. do we want this?
|
||||
name 'rabbitmq_config'
|
||||
supports platform: 'unix'
|
||||
desc 'Use the rabbitmq_config InSpec resource to test configuration data '\
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
# copyright: 2015, Vulcano Security GmbH
|
||||
|
||||
require 'json'
|
||||
require 'inspec/resources/powershell'
|
||||
|
||||
# Three constructor methods are available:
|
||||
# 1. resistry_key(path'):
|
||||
|
|
|
|||
1
lib/inspec/resources/script.rb
Normal file
1
lib/inspec/resources/script.rb
Normal file
|
|
@ -0,0 +1 @@
|
|||
require 'inspec/resources/powershell'
|
||||
|
|
@ -1,5 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class SecurityIdentifier < Inspec.resource(1)
|
||||
name 'security_identifier'
|
||||
|
|
|
|||
|
|
@ -11,6 +11,8 @@
|
|||
# parameters. Therefore we need a combination of Registry and secedit output
|
||||
|
||||
require 'hashie'
|
||||
require 'inspec/resources/command'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
# known and supported MS privilege rights
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
|
||||
require 'hashie'
|
||||
require 'inspec/utils/file_reader'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
||||
module Inspec::Resources
|
||||
class Runlevels < Hash
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ require 'inspec/utils/simpleconfig'
|
|||
require 'inspec/utils/file_reader'
|
||||
|
||||
module Inspec::Resources
|
||||
class SshConf < Inspec.resource(1)
|
||||
class SshConfig < Inspec.resource(1)
|
||||
name 'ssh_config'
|
||||
supports platform: 'unix'
|
||||
desc 'Use the `ssh_config` InSpec audit resource to test OpenSSH client configuration data located at `/etc/ssh/ssh_config` on Linux and Unix platforms.'
|
||||
|
|
@ -75,7 +75,7 @@ module Inspec::Resources
|
|||
end
|
||||
end
|
||||
|
||||
class SshdConf < SshConf
|
||||
class SshdConfig < SshConfig
|
||||
name 'sshd_config'
|
||||
supports platform: 'unix'
|
||||
desc 'Use the sshd_config InSpec audit resource to test configuration data for the Open SSH daemon located at /etc/ssh/sshd_config on Linux and UNIX platforms. sshd---the Open SSH daemon---listens on dedicated ports, starts a daemon for each incoming connection, and then handles encryption, authentication, key exchanges, command execution, and data exchanges.'
|
||||
|
|
@ -1,3 +1,6 @@
|
|||
require 'inspec/resources/command'
|
||||
require 'inspec/resources/powershell'
|
||||
|
||||
module Inspec::Resources
|
||||
# this resource returns additional system informatio
|
||||
class System < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
|
||||
require 'inspec/utils/parser'
|
||||
require 'inspec/utils/convert'
|
||||
require 'inspec/utils/filter'
|
||||
require 'inspec/utils/simpleconfig'
|
||||
require 'inspec/resources/powershell'
|
||||
|
||||
module Inspec::Resources
|
||||
# This file contains two resources, the `user` and `users` resource.
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/powershell'
|
||||
require 'securerandom'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
@ -18,7 +18,7 @@ module Inspec::Resources
|
|||
# Since Windows does not delete tmp files automatically, we remove the VBScript
|
||||
# after we executed it
|
||||
# @see https://msdn.microsoft.com/en-us/library/aa364991.aspx
|
||||
class VBScript < PowershellScript
|
||||
class VBScript < Powershell
|
||||
name 'vbscript'
|
||||
supports platform: 'windows'
|
||||
desc ''
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class WindowsFeature < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/powershell'
|
||||
|
||||
module Inspec::Resources
|
||||
class WindowsHotfix < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
require 'inspec/resources/powershell'
|
||||
|
||||
module Inspec::Resources
|
||||
class WindowsTasks < Inspec.resource(1)
|
||||
class WindowsTasks < Inspec.resource(1) # TODO: rename singular
|
||||
name 'windows_task'
|
||||
supports platform: 'windows'
|
||||
desc 'Use the windows_task InSpec audit resource to test task schedules on Microsoft Windows.'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
|
||||
require 'inspec/resources/powershell'
|
||||
require 'inspec/utils/object_traversal'
|
||||
|
||||
module Inspec::Resources
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/json'
|
||||
|
||||
module Inspec::Resources
|
||||
class XmlConfig < JsonConfig
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
|
||||
require 'yaml'
|
||||
require 'inspec/resources/json'
|
||||
|
||||
# Parses a yaml document
|
||||
# Usage:
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
# Usage:
|
||||
# describe yum do
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class ZfsDataset < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/command'
|
||||
|
||||
module Inspec::Resources
|
||||
class ZfsPool < Inspec.resource(1)
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
require 'method_source'
|
||||
require 'inspec/describe'
|
||||
require 'inspec/expect'
|
||||
require 'inspec/resource'
|
||||
require 'inspec/resources/os'
|
||||
|
||||
module Inspec
|
||||
class Rule
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ require 'inspec/metadata'
|
|||
require 'inspec/config'
|
||||
require 'inspec/dependencies/cache'
|
||||
require 'inspec/dist'
|
||||
require 'inspec/reporters'
|
||||
require 'inspec/runner_rspec'
|
||||
# spec requirements
|
||||
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ module Inspec
|
|||
end
|
||||
elsif topic == 'matchers'
|
||||
print_matchers_help
|
||||
elsif !Inspec::Resource.registry[topic].nil?
|
||||
elsif !Inspec::Resource.registry[topic].nil? # TODO: fix unnecessary logic
|
||||
topic_info = Inspec::Resource.registry[topic]
|
||||
info = "#{mark 'Name:'} #{topic}\n\n"
|
||||
unless topic_info.desc.nil?
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
require 'inspec/resources/file'
|
||||
|
||||
module FileReader
|
||||
def read_file_content(path, allow_empty = false)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
|
||||
require 'inspec/resources/command'
|
||||
|
||||
module PasswdParser
|
||||
# Parse /etc/passwd files.
|
||||
#
|
||||
|
|
@ -269,3 +271,5 @@ module XinetdParser
|
|||
res
|
||||
end
|
||||
end
|
||||
|
||||
require 'inspec/utils/simpleconfig'
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# copyright: 2015, Dominik Richter
|
||||
|
||||
require 'inspec/utils/parser'
|
||||
require 'hashie'
|
||||
|
||||
class SimpleConfig
|
||||
include CommentParser
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
require 'net/http'
|
||||
require 'uri'
|
||||
require 'json'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
require 'inspec/dist'
|
||||
|
||||
require_relative 'api'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,6 @@
|
|||
require 'resource_support/aws/aws_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_factory_mixin'
|
||||
|
||||
module AwsPluralResourceMixin
|
||||
include AwsResourceMixin
|
||||
attr_reader :table
|
||||
|
|
|
|||
|
|
@ -1,3 +1,6 @@
|
|||
require 'resource_support/aws/aws_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_factory_mixin'
|
||||
|
||||
module AwsSingularResourceMixin
|
||||
include AwsResourceMixin
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,10 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
|
||||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-costandusagereportservice.rb'
|
||||
|
||||
class AwsBillingReport < Inspec.resource(1)
|
||||
name 'aws_billing_report'
|
||||
supports platform: 'aws'
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
require 'inspec/utils/filter'
|
||||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-costandusagereportservice'
|
||||
|
||||
class AwsBillingReports < Inspec.resource(1)
|
||||
name 'aws_billing_reports'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-cloudtrail'
|
||||
|
||||
class AwsCloudTrailTrail < Inspec.resource(1)
|
||||
name 'aws_cloudtrail_trail'
|
||||
desc 'Verifies settings for an individual AWS CloudTrail Trail'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-cloudtrail'
|
||||
|
||||
class AwsCloudTrailTrails < Inspec.resource(1)
|
||||
name 'aws_cloudtrail_trails'
|
||||
desc 'Verifies settings for AWS CloudTrail Trails in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-cloudwatch'
|
||||
|
||||
class AwsCloudwatchAlarm < Inspec.resource(1)
|
||||
name 'aws_cloudwatch_alarm'
|
||||
desc <<~EXAMPLE
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-cloudwatchlogs'
|
||||
|
||||
class AwsCloudwatchLogMetricFilter < Inspec.resource(1)
|
||||
name 'aws_cloudwatch_log_metric_filter'
|
||||
desc 'Verifies individual Cloudwatch Log Metric Filters'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-configservice'
|
||||
|
||||
class AwsConfigDeliveryChannel < Inspec.resource(1)
|
||||
name 'aws_config_delivery_channel'
|
||||
desc 'Verifies settings for AWS Config Delivery Channel'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-configservice'
|
||||
|
||||
class AwsConfigurationRecorder < Inspec.resource(1)
|
||||
name 'aws_config_recorder'
|
||||
desc 'Verifies settings for AWS Configuration Recorder'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ec2'
|
||||
|
||||
class AwsEbsVolume < Inspec.resource(1)
|
||||
name 'aws_ebs_volume'
|
||||
desc 'Verifies settings for an EBS volume'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ec2'
|
||||
|
||||
class AwsEbsVolumes < Inspec.resource(1)
|
||||
name 'aws_ebs_volumes'
|
||||
desc 'Verifies settings for AWS EBS Volumes in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ec2'
|
||||
|
||||
class AwsEc2Instance < Inspec.resource(1)
|
||||
name 'aws_ec2_instance'
|
||||
desc 'Verifies settings for an EC2 instance'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ec2'
|
||||
|
||||
class AwsEc2Instances < Inspec.resource(1)
|
||||
name 'aws_ec2_instances'
|
||||
desc 'Verifies settings for AWS EC2 Instances in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ecs'
|
||||
|
||||
class AwsEcsCluster < Inspec.resource(1)
|
||||
name 'aws_ecs_cluster'
|
||||
desc 'Verifies settings for an ECS cluster'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-eks'
|
||||
|
||||
class AwsEksCluster < Inspec.resource(1)
|
||||
name 'aws_eks_cluster'
|
||||
desc 'Verifies settings for an EKS cluster'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-elasticloadbalancing'
|
||||
|
||||
class AwsElb < Inspec.resource(1)
|
||||
name 'aws_elb'
|
||||
desc 'Verifies settings for AWS Elastic Load Balancer'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-elasticloadbalancing'
|
||||
|
||||
class AwsElbs < Inspec.resource(1)
|
||||
name 'aws_elbs'
|
||||
desc 'Verifies settings for AWS ELBs (classic Elastic Load Balancers) in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-ec2'
|
||||
|
||||
class AwsFlowLog < Inspec.resource(1)
|
||||
name 'aws_flow_log'
|
||||
supports platform: 'aws'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-iam'
|
||||
|
||||
class AwsIamAccessKey < Inspec.resource(1)
|
||||
name 'aws_iam_access_key'
|
||||
desc 'Verifies settings for an individual IAM access key'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-iam'
|
||||
|
||||
class AwsIamAccessKeys < Inspec.resource(1)
|
||||
name 'aws_iam_access_keys'
|
||||
desc 'Verifies settings for AWS IAM Access Keys in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-iam'
|
||||
|
||||
class AwsIamGroup < Inspec.resource(1)
|
||||
name 'aws_iam_group'
|
||||
desc 'Verifies settings for AWS IAM Group'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_plural_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-iam'
|
||||
|
||||
class AwsIamGroups < Inspec.resource(1)
|
||||
name 'aws_iam_groups'
|
||||
desc 'Verifies settings for AWS IAM groups in bulk'
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
require 'resource_support/aws/aws_singular_resource_mixin'
|
||||
require 'resource_support/aws/aws_backend_base'
|
||||
require 'aws-sdk-iam'
|
||||
|
||||
class AwsIamPasswordPolicy < Inspec.resource(1)
|
||||
name 'aws_iam_password_policy'
|
||||
desc 'Verifies iam password policy'
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue