Add an oracle_session resource

This adds an oracle_session resource similar to the existing resource
for MySQL and MSSQL.  It assumes the sqlplus tool is installed and in
the path of the user InSpec connects as.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>

docs/resources/oracle_session.md.erb

@@ -0,0 +1,63 @@
+---
+title: About the oracle_session Resource
+---
+
+# oracle_session
+
+Use the `oracle_session` InSpec audit resource to test SQL commands run against a Oracle database.
+
+## Syntax
+
+A `oracle_session` resource block declares the username and password to use for the session with an optional service to connect to, and then the command to be run:
+
+    describe oracle_session('username', 'password').query('QUERY') do
+      its('output') { should eq('') }
+    end
+
+where
+
+* `oracle_session` declares a username and password with permission to run the query, and an optional service name.  If none is specifed, it will use the default service on the instance.
+* `query('QUERY')` contains the query to be run
+* `its('output') { should eq('') }` compares the results of the query against the expected result in the test
+
+## Matchers
+
+This InSpec audit resource has the following matchers:
+
+### be
+
+<%= partial "/shared/matcher_be" %>
+
+### cmp
+
+<%= partial "/shared/matcher_cmp" %>
+
+### eq
+
+<%= partial "/shared/matcher_eq" %>
+
+### include
+
+<%= partial "/shared/matcher_include" %>
+
+### match
+
+<%= partial "/shared/matcher_match" %>
+
+### output
+
+The `output` matcher tests the results of the query:
+
+    its('output') { should eq(/^0/) }
+
+## Examples
+
+The following examples show how to use this InSpec audit resource.
+
+### Test for matching databases
+
+    sql = oracle_session('my_user','password')
+    
+    describe sql.query('SELECT NAME FROM v$database;') do
+      its('stdout') { should_not match(/test/) }
+    end

lib/inspec/resource.rb

@@ -114,6 +114,7 @@ require 'resources/mysql_session'
 require 'resources/npm'
 require 'resources/ntp_conf'
 require 'resources/oneget'
+require 'resources/oracle_session'
 require 'resources/os'
 require 'resources/os_env'
 require 'resources/package'

lib/resources/oracle_session.rb

@@ -0,0 +1,39 @@
+# encoding: utf-8
+# author: Nolan Davidson
+# license: All rights reserved
+
+module Inspec::Resources
+  class OracleSession < Inspec.resource(1)
+    name 'oracle_session'
+    desc 'Use the oracle_session InSpec resource to test commands against an Oracle database'
+    example "
+      sql = oracle_session('my_user','password')
+      describe sql.query('SELECT NAME FROM v$database;') do
+        its('stdout') { should_not match(/test/) }
+      end
+    "
+
+    def initialize(user = nil, pass = nil, service = nil)
+      @user = user
+      @pass = pass
+      @service = service
+      return skip_resource("Can't run Oracle checks without authentication") if user.nil? or pass.nil?
+    end
+
+    def query(q)
+      escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
+
+      cmd = inspec.command("echo \"#{q}\" | sqlplus -s #{@user}/#{@pass}@localhost/#{@service}")
+      out = cmd.stdout + "\n" + cmd.stderr
+      if out.downcase =~ /^error/
+        skip_resource("Can't connect to Oracle instance for SQL checks.")
+      end
+
+      cmd
+    end
+
+    def to_s
+      'Oracle Session'
+    end
+  end
+end