CFINSPEC-73: Initial draft of cgroup resource

Signed-off-by: Sonu Saha <sonu.saha@progress.com>

docs-chef-io/content/inspec/resources/cgroup.md

@@ -0,0 +1,77 @@
++++
+title = "cgroup resource"
+draft = false
+gh_repo = "inspec"
+platform = "linux"
+
+[menu]
+  [menu.inspec]
+    title = "cgroup"
+    identifier = "inspec/resources/os/cgroup.md cgroup resource"
+    parent = "inspec/resources/os"
++++
+
+Use the `cgroup` Chef InSpec audit resource to test the ...
+
+
+## Availability
+
+### Installation
+
+This resource is distributed along with Chef InSpec itself. You can use it automatically.
+
+## Syntax
+
+A `cgroup` Chef InSpec audit resource ...
+
+    describe cgroup do
+      its('shoe_size') { should cmp 42 }
+      it { should be_purple }
+      it { should have_bells }
+    end
+where
+
+- `'shoe_size'` is some property of this resource
+- `42` is the value to test for shoe size
+- `be_purple` is a matcher of this resource
+- `have_bells` is a matcher of this resource
+
+## Properties
+
+- Properties of the resources: `shoe_size`
+
+### shoe_size
+
+The shoe_size property tests ....
+
+## Matchers
+
+For a full list of available matchers, please visit our [matchers page](https://docs.chef.io/inspec/matchers/).
+
+The specific matchers of this resource are: `be_purple`, `have_bells`
+
+### be_purple
+
+The `be_purple` matcher tests the ...:
+
+    it { should be_purple }
+
+## Examples
+The following examples show how to use this Chef InSpec audit resource.
+
+### Example 1
+
+`shoe_size` returns ...
+
+    describe cgroup do
+      its("shoe_size") { should eq 42 }
+    end
+
+### Example 2
+
+`be_purple` checks for ...
+
+    describe cgroup do
+      it { should be_purple }
+    end
+

lib/inspec/resources/cgroup.rb

@@ -0,0 +1,76 @@
+require "inspec/resources/command"
+module Inspec::Resources
+  class Cgroup < Inspec.resource(1)
+    name "cgroup"
+    # Restrict to only run on the below platform
+    supports platform: "linux"
+    desc "Use the cgroup InSpec audit resource to test cgroup subsytem's parameters."
+
+    example <<~EXAMPLE
+      describe cgroup("foo") do
+        its("cpuset.cpus") { should eq 0 }
+        its("memory.limit_in_bytes") { should eq 499712 }
+      end
+      describe cgroup("bar") do
+        its("cpuset.cpus") { should eq 1 }
+        its("memory.limit_in_bytes") { should be <= 500000 }
+      end
+    EXAMPLE
+
+    # Resource initialization.
+    def initialize(cgroup_name)
+      @cgroup_name = cgroup_name
+      @subsystem_unassigned = true
+      @subsystem = ""
+      @subsystem_params = ""
+      return if inspec.os.linux?
+
+      @unsupported_os = true
+      skip_resource "The `cgroup` resource is not supported on your OS yet."
+    end
+
+    def resource_id
+      @cgroup_name
+    end
+
+    def to_s
+      "cgroup #{resource_id}"
+    end
+
+    def method_missing(param)
+      return skip_resource "The `cgroup` resource is not supported on your OS yet." if @unsupported_os
+
+      if @subsystem_unassigned
+        @subsystem = param.to_s
+        @subsystem_unassigned = false
+        self
+      else
+        @subsystem_unassigned = true
+        @subsystem_params = param.to_s
+        find_cgroup_info
+      end
+
+    end
+
+    private
+
+    # Method to find cgget
+    def find_cgget_or_error
+      %w{/usr/sbin/cgget /sbin/cgget cgget}.each do |cmd|
+        return cmd if inspec.command(cmd).exist?
+      end
+
+      raise Inspec::Exceptions::ResourceFailed, "Could not find `cgget`"
+    end
+
+    def find_cgroup_info
+      bin = find_cgget_or_error
+      cgget_cmd = format("%s -n -r %s.%s %s | awk '{print $2}'", bin, @subsystem, @subsystem_params, @cgroup_name).strip
+      cmd = inspec.command(cgget_cmd)
+      return nil if cmd.exit_status.to_i != 0 || cmd.stdout == ""
+
+      param_value = cmd.stdout.strip
+      param_value.match(/^\d+$/) ? param_value.to_i : param_value
+    end
+  end
+end

test/unit/resources/cgroup_test.rb

@@ -0,0 +1,18 @@
+# If we can load the InSpec globals definition file...
+require "inspec/globals"
+# ... we can find the core test unit helper file
+require "#{Inspec.src_root}/test/helper"
+
+# Load (require) the resource library file
+require_relative "../../../lib/inspec/resources/cgroup"
+
+describe Inspec::Resources::Cgroup do
+  it "works correctly with the constructor on the platform" do
+    # Add contructor arguments to load_resource if needed
+    resource = MockLoader.new("linux".to_sym).load_resource("cgroup")
+
+    _(resource.has_bells?).must_equal true
+    _(resource.shoe_size).must_equal 42
+    _(resource.resource_id).must_equal "something special"
+  end
+end