Questions tagged [inspec]

Questions related to the InSpec testing framework by Chef.

InSpec is an rspec-based audit testing framework. Based on the specification described in its dsl, the state of a system (mostly a server or container) can be verified, very similar to serverspec.

Links:

InSpec web site: inspec.io
InSpec documentation
InSpec and friends: Relationship to projects like rspec and serverspec
The Road to InSpec: Announcement of InSpec

119 questions

vote

1 answer

Using Chef Inspec is it possible to verify the strength of SSH keys?

On executing the command ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub I am getting a output where the first few digits represent the key strength. Is there a possible way to validate the key strength using Chef inspec? Suppose I get 1024...... as…

chef-infra inspec

asked Feb 25 '21 at 12:39

blueeel

vote

1 answer

How can i pass the '-t azure://' target into a ruby inspec script?

If in my script I want to test azure resources using a ruby library (not inspec binary) running in a container: def my_resource_groups rg = Inspec::Runner.new(conf={:vendor_cache=>'/app'}) rg.add_target('/app/profiles/azure') …

ruby azure containers inspec

asked Feb 02 '21 at 16:37

soapdish

vote

2 answers

Parsing Casandra.yaml in Ruby/Inspec to get seeds value

How do I parse the following yaml from Cassandra.yaml in Ruby (InSpec) profile to get the seeds value. I would to get all the 3 Ipaddress in one sting or the 3 IP addresses in 3 strings. seed_provider: - class_name:…

ruby cassandra chef-infra inspec

asked Aug 02 '20 at 20:49

zxcvb

vote

1 answer

How do I include a custom inspec resource in multiple profiles?

I have written a custom chef inspec resource to work with a proprietary configuration format that the company I work for uses. I have put the resource in the .\myprofile\libraries folder as the documentation dictates that I should[1]. However, I…

ruby chef-infra inspec

asked Feb 12 '20 at 16:40

Jason Thompson

4,643
5
50
74

vote

0 answers

How to setup Chef InSpec on AWS by providing 'ARN' instead of Secret Access Key and Access Key Id?

Is there a way to provide ARN instead of setting up credentials. or How to run chef InSpec profiles on different AWS users/accounts by providing only ARN?. I know using Secret Access Key and Access Key Id we can run checks is there any other way?

amazon-web-services chef-infra inspec

asked Nov 25 '19 at 12:43

Saurabh Dhage

vote

1 answer

Inspec - Control Source Code Error - 503 "Service Unavailable"

We have written inspec control using aws-sdk and ruby to validate the S3 bucket. We are running the inspec against us-east-1 region. But getting Control source code error - 503 service not available. Tried running the same code manually after the s3…

ruby aws-sdk inspec

asked Aug 29 '19 at 06:33

Prashant Shete

vote

2 answers

Why can't we use Ansible only instead of Chef inspect?

Referring to : http://scienceofficersblog.blogspot.com/2016/02/testing-ansible-with-inspec.html There are so many posts mentioning use of Chef inspec for Ansible testing. But they usually give example like: Ansible: - hosts: all user: root …

testing ansible chef-infra roles inspec

asked Jul 08 '19 at 07:38

ZIA UR REHMAN

vote

0 answers

Infrastructure Compliance via Inspec

I am describing in brief the CHEF usage in our env and what we wish to accomplish from Inspec. • We have two generic cookbooks available for Windows and Unix • These generic cookbooks have individual recipes, each of which has the logic defining…

chef-infra inspec

asked Apr 30 '19 at 11:35

maverick

vote

0 answers

Installing chef-dk & Inspec on Solaris

How do I install Chef-DK and Inspec on Solaris? I have Chef-Client (Version 14.5.33) installed on my Solaris machine. I tried executing: curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P inspec and curl…

chef-infra solaris inspec chefdk

asked Nov 09 '18 at 18:09

Larry

vote

1 answer

Linux download wildcard URL

Using my script I'd like to be able to go to Chef Inspec and download the latest version. However the URL they use has versions. The versions will change and eventually, if I hard code the URL, I won't be getting the latest. How do I use the wget…

linux ubuntu chef-infra wildcard inspec

asked Sep 28 '18 at 02:22

user10173891

vote

1 answer

How to make a program that can open mysql

I'm developing an InSpec control that runs CIS compliance commands. While working on MySQL, I'm stuck here: Execute the following SQL statement to determine the value of datadir: show variables where variable_name = 'datadir'; I need to extract the…

mysql ruby inspec

asked May 03 '18 at 10:49

Aicha KERMICHE

vote

1 answer

Inspec (Kitchen) Multiple Control / Target Types

It doesn't seem as if I am able to run Inspec against multiple targets using different controls. For instance I have the following: control "aws" do describe aws_ec2_instance(name: 'Terraform Test Instance') do it { should exist } …

test-kitchen inspec

asked Mar 21 '18 at 12:18

Brian Carpio

vote

2 answers

Handling attributes in InSpec

I was trying to create some basic inspec tests to validate a set of HTTP URLs. The way I started is like this - control 'http-url-checks' do impact 1.0 title 'http-url-checks' desc ' Specify the URLs which need to be up and working. ' …

inspec

asked Mar 01 '18 at 04:20

mmukhe

vote

1 answer

Chef Inspec on 32 bit Windows 2008 servers

We want to Scan our 32 bit Windows 2008 servers using Inspec. But Chef doesn't have a Inspec Client for this version of Windows. Is there a way we can use Inspec in our environment? Cheers

chef-infra inspec

asked Nov 09 '17 at 12:17

IT-Sheriff

vote

2 answers

Chef / InSpec powershell command result within Test

Background I wrote a cookbook that installs Windows Features. Some of the features have dependencies on parent features. The parent features may not have the source files required to install the feature. Within my recipe, I use only_if to call a…

powershell chef-infra inspec

asked Oct 18 '17 at 19:24

Ken Cloutier

Prev 1

3 4 5 6 7 8 Next