From 402d478f59d04f06edf74b2dfe010c2100e041b5 Mon Sep 17 00:00:00 2001 From: Ian Maddaus Date: Mon, 15 Sep 2025 18:01:02 -0400 Subject: [PATCH 1/3] Reorganize mongodb resource docs Signed-off-by: Ian Maddaus --- docs-chef-io/content/_index.md | 43 +++++++++++++++ .../content}/mongodb_conf.md | 54 +++++++++--------- .../content}/mongodb_session.md | 55 ++++++++++--------- docs-chef-io/go.mod | 3 + 4 files changed, 101 insertions(+), 54 deletions(-) create mode 100644 docs-chef-io/content/_index.md rename {docs/resources => docs-chef-io/content}/mongodb_conf.md (53%) rename {docs/resources => docs-chef-io/content}/mongodb_session.md (70%) create mode 100644 docs-chef-io/go.mod diff --git a/docs-chef-io/content/_index.md b/docs-chef-io/content/_index.md new file mode 100644 index 0000000..e63aec4 --- /dev/null +++ b/docs-chef-io/content/_index.md @@ -0,0 +1,43 @@ ++++ +title = "About Chef InSpec MongoDB resources" +platform = "mongodb" +draft = false +linkTitle = "MongoDB resources" +summary = "Chef InSpec resources for auditing MongoDB" + + +[cascade] + [cascade.params] + gh_repo = "inspec-mongodb-resources" + platform = "mongodb" + +[menu.mongodb] +title = "About resources" +identifier = "inspec/resources/mongodb/about" +parent = "inspec/resources/mongodb" ++++ + +The Chef InSpec MongoDB resources allow you to audit a MongoDB database or configuration file. + +## Support + +The InSpec MongoDB resources were part of InSpec core through InSpec 6. +Starting in InSpec 7, they're released separately as a Ruby gem. + +## Usage + +To add this resource pack to an InSpec profile, add the `inspec-mongodb-resources` gem as a dependency in your `inspec.yml` file: + +```yaml +depends: + - name: inspec-mongodb-resources + gem: inspec-mongodb-resources +``` + +## MongoDB resources + +{{< inspec_resources_filter >}} + +The following Chef InSpec MongoDB resources are available in this resource pack. + +{{< inspec_resources section="mongodb" platform="mongodb" >}} diff --git a/docs/resources/mongodb_conf.md b/docs-chef-io/content/mongodb_conf.md similarity index 53% rename from docs/resources/mongodb_conf.md rename to docs-chef-io/content/mongodb_conf.md index 91df5a8..a204900 100644 --- a/docs/resources/mongodb_conf.md +++ b/docs-chef-io/content/mongodb_conf.md @@ -1,31 +1,25 @@ +++ title = "mongodb_conf resource" draft = false -gh_repo = "inspec" -platform = "os" -[menu] - [menu.inspec] + +[menu.mongodb] title = "mongodb_conf" - identifier = "inspec/resources/os/mongodb_conf.md mongodb_conf resource" - parent = "inspec/resources/os" + identifier = "inspec/resources/mongodb/mongodb_conf.md mongodb_conf resource" + parent = "inspec/resources/mongodb" +++ Use the `mongodb_conf` Chef InSpec audit resource to test the contents of the configuration file for MongoDB, typically located at `/etc/mongod.conf` or `C:\Program Files\MongoDB\Server\\bin\mongod.cfg`, depending on the platform. -## Availability - -### Install - -{{< readfile file="content/inspec/reusable/md/inspec_installation.md" >}} - ## Syntax A `mongodb_conf` resource block declares one (or more) settings in the `mongodb.conf` file, and then compares the setting in the configuration file to the value stated in the test: - describe mongodb_conf('path') do - its('setting') { should eq 'value' } - end +```ruby +describe mongodb_conf('path') do + its('setting') { should eq 'value' } +end +``` where @@ -37,23 +31,29 @@ where The following examples show how to use this Chef InSpec audit resource. -### Test the key management configuration options +Test the key management configuration options: - describe mongodb_conf do - its(["security", "enableEncryption"]) { should eq true } - end +```ruby +describe mongodb_conf do + its(["security", "enableEncryption"]) { should eq true } +end +``` -### Test the port on which MongoDB listens +Test the port on which MongoDB listens: - describe mongodb_conf do - its(["net", "port"]) { should eq 27017 } - end +```ruby +describe mongodb_conf do + its(["net", "port"]) { should eq 27017 } +end +``` -### Test the security configuration options +Test the security configuration options: - describe mongodb_conf do - its(["security", "authorization"]) { should eq "enabled" } - end +```ruby +describe mongodb_conf do + its(["security", "authorization"]) { should eq "enabled" } +end +``` ## Matchers diff --git a/docs/resources/mongodb_session.md b/docs-chef-io/content/mongodb_session.md similarity index 70% rename from docs/resources/mongodb_session.md rename to docs-chef-io/content/mongodb_session.md index db9602f..414cbc2 100644 --- a/docs/resources/mongodb_session.md +++ b/docs-chef-io/content/mongodb_session.md @@ -2,30 +2,25 @@ title = "mongodb_session resource" draft = false gh_repo = "inspec" -platform = "os" +platform = "mongodb" -[menu] - [menu.inspec] +[menu.mongodb] title = "mongodb_session" - identifier = "inspec/resources/os/mongodb_session.md mongodb_session resource" - parent = "inspec/resources/os" + identifier = "inspec/resources/mongodb/mongodb_session.md mongodb_session resource" + parent = "inspec/resources/mongodb" +++ Use the `mongodb_session` Chef InSpec audit resource to run MongoDB command against a MongoDB Database. -## Availability - -### Install - -{{< readfile file="content/inspec/reusable/md/inspec_installation.md" >}} - ## Syntax A `mongodb_session` resource block declares the `user`, `password`, and `database` to use for the session and then the command to be run: - describe mongodb_session(user: "username", password: "password", database: "test").query(key: value) do - its("params") { should match(/expected-result/) } - end +```ruby +describe mongodb_session(user: "username", password: "password", database: "test").query(key: value) do + its("params") { should match(/expected-result/) } +end +``` where @@ -85,24 +80,30 @@ This resource uses the [MongoDB Ruby Driver](https://docs.mongodb.com/ruby-drive The following examples show how to use this Chef InSpec audit resource. -### Test the roles information using the `rolesInfo` command in MongoDB +Test the roles information using the `rolesInfo` command in MongoDB: - describe mongodb_session(user: "foo", password: "bar", database: "test").query(rolesInfo: "dbAdmin").params["roles"].first do - its(["role"]) { should eq "dbAdmin" } - end +```ruby +describe mongodb_session(user: "foo", password: "bar", database: "test").query(rolesInfo: "dbAdmin").params["roles"].first do + its(["role"]) { should eq "dbAdmin" } +end +``` -### Test the MongoDB user role +Test the MongoDB user role: - describe mongodb_session(user: "foo", password: "bar", database: "test").query(usersInfo: "foo").params["users"].first["roles"].first do - its(["role"]) { should eq "readWrite" } - end +```ruby +describe mongodb_session(user: "foo", password: "bar", database: "test").query(usersInfo: "foo").params["users"].first["roles"].first do + its(["role"]) { should eq "readWrite" } +end +``` -### Test the database parameters +Test the database parameters: - describe mongodb_session(user: "foo", password: "bar", database: "test").query(rolesInfo: "dbAdmin") do - its("params") { should_not be_empty } - its("params") { should include "roles" } - end +```ruby +describe mongodb_session(user: "foo", password: "bar", database: "test").query(rolesInfo: "dbAdmin") do + its("params") { should_not be_empty } + its("params") { should include "roles" } +end +``` ## Matchers diff --git a/docs-chef-io/go.mod b/docs-chef-io/go.mod new file mode 100644 index 0000000..c18b28e --- /dev/null +++ b/docs-chef-io/go.mod @@ -0,0 +1,3 @@ +module github.com/inspec/inspec-mongodb-resources/docs-chef-io + +go 1.17 From 1f99a28eb202cd22dc2aee007ee611c0d8fe268e Mon Sep 17 00:00:00 2001 From: Ian Maddaus Date: Mon, 15 Sep 2025 18:18:41 -0400 Subject: [PATCH 2/3] Edit mongodb resource docs Signed-off-by: Ian Maddaus --- docs-chef-io/content/_index.md | 14 ++++++++------ docs-chef-io/content/mongodb_conf.md | 2 +- docs-chef-io/content/mongodb_session.md | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/docs-chef-io/content/_index.md b/docs-chef-io/content/_index.md index e63aec4..826e037 100644 --- a/docs-chef-io/content/_index.md +++ b/docs-chef-io/content/_index.md @@ -3,7 +3,7 @@ title = "About Chef InSpec MongoDB resources" platform = "mongodb" draft = false linkTitle = "MongoDB resources" -summary = "Chef InSpec resources for auditing MongoDB" +summary = "Chef InSpec resources for auditing MongoDB databases and configurations" [cascade] @@ -17,20 +17,22 @@ identifier = "inspec/resources/mongodb/about" parent = "inspec/resources/mongodb" +++ -The Chef InSpec MongoDB resources allow you to audit a MongoDB database or configuration file. +The Chef InSpec MongoDB resources allow you to audit MongoDB database configurations, user permissions, and security settings. ## Support -The InSpec MongoDB resources were part of InSpec core through InSpec 6. -Starting in InSpec 7, they're released separately as a Ruby gem. +The InSpec MongoDB resources are supported in the following InSpec versions: -## Usage +- InSpec 6 and earlier: MongoDB resources were included in the InSpec core installation +- InSpec 7 and later: MongoDB resources are distributed as the separate `inspec-mongodb-resources` gem + +### Add to your InSpec profile To add this resource pack to an InSpec profile, add the `inspec-mongodb-resources` gem as a dependency in your `inspec.yml` file: ```yaml depends: - - name: inspec-mongodb-resources + - name: inspec-mongodb-resources gem: inspec-mongodb-resources ``` diff --git a/docs-chef-io/content/mongodb_conf.md b/docs-chef-io/content/mongodb_conf.md index a204900..19d4f41 100644 --- a/docs-chef-io/content/mongodb_conf.md +++ b/docs-chef-io/content/mongodb_conf.md @@ -57,4 +57,4 @@ end ## Matchers -{{< readfile file="content/inspec/reusable/md/inspec_matchers_link.md" >}} +{{< readfile file="content/reusable/md/inspec_matchers_link.md" >}} diff --git a/docs-chef-io/content/mongodb_session.md b/docs-chef-io/content/mongodb_session.md index 414cbc2..12f6895 100644 --- a/docs-chef-io/content/mongodb_session.md +++ b/docs-chef-io/content/mongodb_session.md @@ -107,7 +107,7 @@ end ## Matchers -{{< readfile file="content/inspec/reusable/md/inspec_matchers_link.md" >}} +{{< readfile file="content/reusable/md/inspec_matchers_link.md" >}} This resource has the following special matchers. From 609f65117d4abcbed7a5398ed909e0623f3d79ad Mon Sep 17 00:00:00 2001 From: Ian Maddaus Date: Tue, 16 Sep 2025 12:39:32 -0400 Subject: [PATCH 3/3] Update menu Signed-off-by: Ian Maddaus --- docs-chef-io/content/_index.md | 16 +++++++--------- docs-chef-io/content/mongodb_session.md | 2 -- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/docs-chef-io/content/_index.md b/docs-chef-io/content/_index.md index 826e037..4f41783 100644 --- a/docs-chef-io/content/_index.md +++ b/docs-chef-io/content/_index.md @@ -1,20 +1,18 @@ +++ -title = "About Chef InSpec MongoDB resources" -platform = "mongodb" +title = "About the Chef InSpec MongoDB resource pack" draft = false -linkTitle = "MongoDB resources" -summary = "Chef InSpec resources for auditing MongoDB databases and configurations" - +linkTitle = "MongoDB resource pack" +summary = "Chef InSpec resources for auditing MongoDB databases and configurations." [cascade] [cascade.params] - gh_repo = "inspec-mongodb-resources" platform = "mongodb" [menu.mongodb] -title = "About resources" -identifier = "inspec/resources/mongodb/about" -parent = "inspec/resources/mongodb" + title = "About MongoDB resources" + identifier = "inspec/resources/mongodb/about" + parent = "inspec/resources/mongodb" + weight = 10 +++ The Chef InSpec MongoDB resources allow you to audit MongoDB database configurations, user permissions, and security settings. diff --git a/docs-chef-io/content/mongodb_session.md b/docs-chef-io/content/mongodb_session.md index 12f6895..9bf02f1 100644 --- a/docs-chef-io/content/mongodb_session.md +++ b/docs-chef-io/content/mongodb_session.md @@ -1,8 +1,6 @@ +++ title = "mongodb_session resource" draft = false -gh_repo = "inspec" -platform = "mongodb" [menu.mongodb] title = "mongodb_session"