Stack Overflow
Stack Overflow

Questions tagged [inspec]

Questions related to the InSpec testing framework by Chef.

InSpec is an -based audit testing framework. Based on the specification described in its , the state of a system (mostly a server or container) can be verified, very similar to .

Links:

119 questions
0
votes
0 answers

Chef Inspec - How to use describe input('bbb') inside describe command('aaa')

The below code is throwing error stating : expected : "2:30:30 AM" got: # describe command("Get-ScheduledTaskInfo 'Restart'") do it {should exist} input('NextRunTime', value: "2:30:30 AM") describe…
Navya Nagaraj
  • 25
  • 8
0
votes
1 answer

How to Test Cookbook in CHEF using DOCKER

I am trying to test a simple cookbook recipe using docker driver. But, I get an error. Can someone please help? I really gave my all effort trying several things but none of them worked. I had installed docker kitchen driver also using command: chef…
Robin Raj
  • 1
  • 1
0
votes
0 answers

Iterate over json with inspec and only target specific entries for tests

To test if the correct consul version is installed on my servers, I am trying to write an inspec test. The idea is to call this test with mutiple ip addresses, parse it against json (which I get from the consul api) and then check the consul version…
Miyu
  • 1
  • 1
0
votes
0 answers

using bash or variables within Chef Inspec

Im new to Chef /Inspec test writing. What Im trying to do is validate a host name/IP address within a file and match it to what is in DNS. If the IP address in file doesnt match what is in DNS, the test should fail. example describe…
dupa
  • 13
  • 5
0
votes
1 answer

Chef InSpec windows_firewall_rule not recognising displayname of rule but Name is unique per machine

I'm trying to run a windows_firewall_rule InSpec test against multiple Windows servers, however whilst the Displayname of the rule is 'My Rule' on every machine I want to run it against, the 'Name' field is different on every single server and is in…
Lagamorph
  • 1
  • 3
0
votes
1 answer

Achieving skip condition in chef inspec

Am trying to achieve condition that if the group exists in the server it should pass & if not exists it should skip and should not show as failure describe.one do describe 'testgroup' do expect(bash("ipa group-show…
Sivaguru Nathan
  • 11
  • 3
0
votes
1 answer

Build String in Inspec with Input

I want to write an Inspec Profile, in which I can add an input to an existing string. For example, something like: inspec exec test --input user=abcinst Input: abcinst Test: its('home') { should eq '/db2/{input}' } I didn't find anything yet to…
Christopher Feldhues
  • 37
  • 3
0
votes
1 answer

How to integrate azure msi in chef inspec?

We are trying to use chef inspec in the azdo to validate the terraform provisioned resources but here looks like we have to keyin tenantid, secretid, clientid and subscription. Is there any way to we can use azure msi in chef inspec without parsing…
pavaniam
  • 13
  • 5
0
votes
1 answer

Chef: use kitchen input value in inspec command test

I'm attempting to use an input value from .kitchen.yml in an Inspec test like this: /.kitchen.yml - inputs: my_service: some_service_name /tests/my_test.rb describe command('/bin/some_app status (input('my_service'))') its('stdout') { should…
Mike D
  • 365
  • 6
  • 16
0
votes
1 answer

Inspec title at the beginning in control rb files?

Is there a deeper meaning that in some inspec profiles a title is placed at the beginning within the control rb files? inspec |-controls |-example.rb |-meta.rb |-libraries inspec.yaml The example.rb file looks like: # copyright: 2015,…
user5580578
  • 1,134
  • 1
  • 12
  • 28
0
votes
1 answer

How to overwrite DevSec Inspec baseline controls

Question: (How) Is it possible to "overwrite" inspec controls? (specificly in the DevSec Inspec Baselines)? I don't want to rewrite a whole inspec definition, just specific controls in a contro-file. Background: I regularly pull the current…
MacMartin
  • 2,366
  • 1
  • 24
  • 27
0
votes
1 answer

chef inspec output consists of error due to regex

When executing the below chef inspec command getting error. describe command ("cat sql.conf | grep 'log_filename'") do its('stdout') {should match (/^'sql-(\d)+.log'/)} end Expected pattern matching is sql-20201212.log. pls check.
DevopsDevelop
  • 71
  • 6
0
votes
2 answers

In Packer, can you specify a path in a git repo for the Inspec provisioner?

I would like to reference an inspec profile in a folder in the git repo. Something similar to what you can do in Kitchen: inspec_tests: - name: profile-name git: https://user@github.com/org/my_repo.git relative_path:…
kidbrax
  • 2,364
  • 3
  • 30
  • 38
0
votes
1 answer

Using AWS ruby-sdk with Inspec named profiles issue

Trying to clean up some testing for IaC using Inspec, But hardcoding security_group_ids is a no go for obvious reasons. Im trying to use the ruby sdk instead to pull down the id based of a name (ie like you do with Terraform data resources). But we…
Staggerlee011
  • 847
  • 2
  • 13
  • 23
0
votes
1 answer

How To Create a List in Chef-Inspec To Use Matcher be_in

I am trying to write a control that should check a list containing IPs and the config value that I am pulling from should be_in the list. I have no idea where to create this list that the control should reference. control "Approved Management IPs"…
Nick
  • 11
  • 2
1 2 3
4
5 6 7 8