Inspec GCP issue

Trying to work with GCP and inspec. Hitting a wall. Not sure what i did wrong.

gcp-compliance ➤ cat controls/example.rb
describe google_compute_instance(project: ‘my-proj’, zone: ‘us-east1-b’, name: ‘inspec-test’) do
it { should exist }
its(‘name’) { should eq ‘inspec-test’ }
its(‘machine_type’) { should eq ‘f1-micro’ }
its(‘cpu_platform’) { should match ‘Intel’ }
its(‘status’) { should eq ‘RUNNING’ }
end

gcp-compliance ➤ cat inspec.yml
name: gcp-compliance-new
title: InSpec Profile
maintainer: The Authors
copyright: The Authors
copyright_email: you@example.com
license: Apache-2.0
summary: An InSpec Compliance Profile
version: 0.1.0
depends:

• name: google
  url: https://github.com/inspec/inspec-gcp/archive/master.zip

The following results in

libraries/google_compute_instance.rb:26:in `block in initialize': undefined method `gcp_compute_client' for #<Train::Transports::Local::Connection:0x00007fcac1a532d0> (NoMethodError)
	from libraries/gcp_backend.rb:28:in `catch_gcp_errors'
	from libraries/google_compute_instance.rb:25:in `initialize'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/plugins/resource.rb:68:in `initialize'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/resource.rb:51:in `new'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/resource.rb:51:in `block (3 levels) in create_dsl'
	from ./controls/example.rb:1:in `load_with_context'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile_context.rb:158:in `instance_eval'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile_context.rb:158:in `load_with_context'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile_context.rb:142:in `load_control_file'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile.rb:170:in `block in collect_tests'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile.rb:167:in `each'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/profile.rb:167:in `collect_tests'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/runner.rb:93:in `block in load'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/runner.rb:82:in `each'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/runner.rb:82:in `load'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/runner.rb:103:in `run'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/lib/inspec/cli.rb:168:in `exec'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/command.rb:27:in `run'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/invocation.rb:126:in `invoke_command'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor.rb:387:in `dispatch'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/thor-0.20.0/lib/thor/base.rb:466:in `start'
	from /opt/inspec/embedded/lib/ruby/gems/2.4.0/gems/inspec-2.1.83/bin/inspec:12:in `<top (require

Hi, sorry to hear things aren’t going smoothly! I’ve tried to reproduce locally with the following, similar files:

$ cat inspec.yml
name: gcp-compliance-test
title: InSpec Profile
maintainer: The Authors
copyright: The Authors
copyright_email: you@example.com
license: Apache-2.0
summary: An InSpec Compliance Profile
version: 0.1.0
depends:

• name: google
  url: https://github.com/inspec/inspec-gcp/archive/master.tar.gz

$ cat controls/example.rb
describe google_compute_instance(project: “my-proj”, zone: “us-east1-b”, name: “inspec-test”) do
it { should exist }
its(“name”) { should eq “inspec-test” }
its(“machine_type”) { should eq “f1-micro” }
its(“cpu_platform”) { should match “Intel” }
its(“status”) { should eq “RUNNING” }
end

When I run this via e.g.

$ inspec exec . -t gcp://

Profile: InSpec Profile (gcp-compliance-test)
Version: 0.1.0
Target:  gcp://123455433[edited].1hur.apps.googleusercontent.com

Instance inspec-test
×  Project 1233445[edited] is not found and cannot be used for API calls. If it is recently created, enable Compute Engine API by visiting https://console.developers.google.com/apis/api/compute.googleapis.com/overview?project=12344 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.

    Profile: Google Cloud Platform Resource Pack (inspec-gcp)
Version: 0.2.0
Target:  gcp://238746238423489[edited].apps.googleusercontent.com

No tests executed.

    Test Summary: 0 successful, 1 failure, 0 skipped

Note that the -t gcp:// is very important as it tells train to use the GCP transport. When I try with this missing, I see a similar traceback as above e.g.

$ inspec exec .
    libraries/google_compute_instance.rb:26:in `block in initialize': undefined method `gcp_compute_client' for #<Train::Transports::Local::Connection:0x00007f9a2a8f0d10> (NoMethodError)
  from libraries/gcp_backend.rb:28:in `catch_gcp_errors'
from libraries/google_compute_instance.rb:25:in `initialize'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/plugins/resource.rb:68:in `initialize'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/resource.rb:51:in `new'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/resource.rb:51:in `block (3 levels) in create_dsl'
  from ./controls/example.rb:1:in `load_with_context'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile_context.rb:158:in `instance_eval'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile_context.rb:158:in `load_with_context'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile_context.rb:142:in `load_control_file'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile.rb:170:in `block in collect_tests'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile.rb:167:in `each'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/profile.rb:167:in `collect_tests'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/runner.rb:93:in `block in load'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/runner.rb:82:in `each'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/runner.rb:82:in `load'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/runner.rb:103:in `run'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/lib/inspec/cli.rb:168:in `exec'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/thor-0.20.0/lib/thor/command.rb:27:in `run'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/thor-0.20.0/lib/thor/invocation.rb:126:in `invoke_command'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/thor-0.20.0/lib/thor.rb:387:in `dispatch'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/thor-0.20.0/lib/thor/base.rb:466:in `start'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/ruby/gems/inspec-2.1.83/bin/inspec:12:in `<top (required)>'
from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/bin/inspec:29:in `load'
  from /Users/spaterson/Documents/workspace/gcp/profile-tests/.direnv/bin/inspec:29:in `<main>'

Does that help?

Hello, It looks like you may of forgotten the gcp transport setting:

#Train::Transports::Local::Connection:0x00007fcac1a532d0 (NoMethodError)

Make sure you add -t gcp:// to your inspec exec call.

This works after specifying the transport. Thanks a lot!!

Good news, to make this clearer I’ll update the inspec-gcp readme to include a section on running with inspec.