Stack Overflow
Stack Overflow

Questions tagged [inspec]

Questions related to the InSpec testing framework by Chef.

InSpec is an -based audit testing framework. Based on the specification described in its , the state of a system (mostly a server or container) can be verified, very similar to .

Links:

119 questions
1
vote
1 answer

User groups got empty array

Wrote an inspec-test for groups. The groups are asigned to the user pi on bash but I got an empty array from inspec-test. Here the bash output: id uid=1000(pi) gid=1000(pi)…
kraeml
  • 11
  • 1
1
vote
2 answers

How to test a chef recipe with encrypted data bags

So in my recipe I have the following: secret = Chef::EncryptedDataBagItem.load_secret("/root/.chef/encrypted_data_bag_secret") # Decrypt the data bag creds = Chef::EncryptedDataBagItem.load("passwords", "mysql-root", secret) How can I override…
sdot257
  • 10,046
  • 26
  • 88
  • 122
1
vote
1 answer

How to parse multiline stdout with ruby, in Inspec test

I have a test : control "cis-0-0-7" do impact 1.0 title "verify chkconfig" desc "verify chkconfig" stdout, stderr, status = Open3.capture3('chkconfig | grep active') puts stdout #stdout { should match /activemq-instance-EL2-ext/…
kamal
  • 9,637
  • 30
  • 101
  • 168
1
vote
1 answer

Chef Inspec test suites to verify Jenkins build node configurations

I currently have a build farm setup using Jenkins 2.46.3 LTS. I have a Jenkins Master installed on a physical server with 4 - 5 virtual machine build nodes running on VirtualBox. I am thinking about managing the configuration of the virtual machines…
J0991
  • 977
  • 2
  • 9
  • 16
1
vote
1 answer

How check the httpd is enabled and running using InSpec with Kitchen-docker on CentOS?

Running my test with InSpec I am unable to test if the httpd is enabled and running. InSpec test describe package 'httpd' do it { should be_installed } end describe service 'httpd' do it { should be_enabled } it { should be_running…
Robert
  • 10,403
  • 14
  • 67
  • 117
1
vote
3 answers

Inspec/Serverspec grabbing multiple stdouts from command and describing them

I'm attempting to create an inspec control that searches through every line that starts with kernel (and ignores whitespace) in /boot/grub/grub.conf and then checking every line to see if it has 'nousb' somewhere in the line. I'd like it to return a…
Blooze
  • 1,987
  • 4
  • 16
  • 19
1
vote
1 answer

Chef + InSpec using only_if for users

I need to go through a list of users and determine whether they are in a locked state, I can do this just fine but my issue is that I don't know how inspec will let me ignore users on my list that don't exist on the operating system. I've tried a…
jblooze
  • 11
  • 4
1
vote
2 answers

Undefined method 'scan' for nil:NilClass (NoMethodError)

Stuck on this one, this layout is for a chef inspec test but leveraging ruby to grab the contents of a file. However with this test I'm not actually testing against a file, so I'm trying to understand how to account for that, heres the…
Blooze
  • 1,987
  • 4
  • 16
  • 19
1
vote
1 answer

Using a Chef InSpec resource before deleting a file

I am running Chef InSpec command resource which matches output of the command with some content from a file. Then I am deleting that file after using the following resource. But the following command returns "" and test fails. describe…
saurg
  • 327
  • 1
  • 3
  • 17
1
vote
2 answers

File names in Chef InSpec

In Ruby, * is used to represent the name of a file. For example, /home/user/*.rb will return all files ending with .rb. I want to do something similar in Chef InSpec. For example: describe file ('home/user/*') do it {should_not exist } end It…
saurg
  • 327
  • 1
  • 3
  • 17
0
votes
0 answers

Inspect doesn't find azure storage network rules

Trying to use inspec to check my storage accounts in azure have vnets attached, but inspec is just returning nulls. Checked the docs here (https://learn.microsoft.com/en-us/cli/azure/storage/account?view=azure-cli-latest) to get the property names…
Stuart.Sklinar
  • 3,683
  • 4
  • 35
  • 89
0
votes
1 answer

Best way to mock methods to main:Object?

We use the inspec framework a lot. It encourages code such as the following, and we have a lot of it: Sample Code rock_critic/controls.rb from https://docs.chef.io/inspec/inputs/#a-simple-example: # Set a default value for an input. This is…
The Alchemist
  • 3,397
  • 21
  • 22
0
votes
0 answers

Make use of variables in chef inspec

Is it possible to make use of environment variable and even concatenating it for describe and match? Below is an example files.rb title "File section" django_project = os_env("DJANGO_PROJECT") control "files.1" do title "Django Settings…
Dean Christian Armada
  • 6,724
  • 9
  • 67
  • 116
0
votes
1 answer

Yocto check which packages are installed on target system

I have a Yocto system where I'm running some Chef InSpec scans. Chef InSpec offers a command to check if a package is installed, however, that doesn't work with Yocto (I imagine it would if you'd install a package manager, but I don't want to do…
Brian
  • 117
  • 1
  • 13
0
votes
0 answers

In Chef Inspec Ruby DSL, undefined method error when using a method defined earlier in the same file

I need to write several Chef Inspec controls that basically do the same checks but against different files and conditionally depending on certain factors (using the only_if syntax). I've written a method to do these checks and so I can call the…
Robert Minnema
  • 15
  • 1
  • 4
1 2
3
4 5 6 7 8