What’s the role of Serverspec and “kitchen verify” now that Chef has Audit Mode?
It seems like anything we can do with a Serverspec integration test spec and “kitchen verify” we can do with “kitchen converge,” a Chef Audit recipe, and a .kitchen.yml file that has Audit Mode enabled with:
provisioner:
name: chef_zero
client_rb:
audit_mode: :enabled
Are there reasons for using Serverspec integration tests vs. Chef Audit recipes?
If your integration test involved creating a new database and trying to connect to it, that would probably be a bad thing to run in production. There is some overlap in what would be called “whiteglove” or “smoke” tests, but true integration tests will often do things that would be Very Very Bad (e.g. deploying data fixtures) in prod. Also audit mode has not seen much uptake in the community and I would imagine most people will gravitate towards Chef Compliance for the kinds of things audit mode was used for in a lot of situations. Compliance and kitchen-inspec can share code via InSpec test profiles.
@coderanger: Thank you, that distinction makes sense to me.
I don’t know anything about Chef Compliance, but I quite like Chef Audit Mode. I’ll check out Chef Compliance.