InSpec profile Library classes

Chef Infra (archive)
1

I’m tying to understand how the example works at https://github.com/chef/inspec/blob/master/examples/profile/libraries/gordon_config.rb.
It raises more questions than it answers and the lack of ANY comments doesn’t help.

  1. Can I use any ruby code here
  2. Can I use chef dsl here (regular chef not InSpec)
  3. Can I put multiple classes in the same file or e.g. gordon_config1, something_else2,etc
  4. How do I return data to the test case say for example a simple string.
  5. Who the heck is Gordon? I see his name all over the place.

Thanks in advance.

2

Hey, thanks for looking into InSpec.

  1. Yes, you can use ruby code in controls and custom resources, but remember of the agentless nature of InSpec. Gems that require execution on the target node will not work. I’ve updated gordon_config.rb with a few lines of ruby and comments.

  2. You can’t use Chef DSL, but you can use InSpec resource DSL. More details under docs/dsl_inspec.rst

  3. Yes you can

  4. Can you please describe the use-case here? You can get detailed test output using --format. For instance:

$ bin/inspec exec examples/profile --controls gordon-1.0 --format fulljson | jq
{
  "version": "3.4.4",
  "examples": [
    {
      "id": "gordon-1.0",
      "title": "Verify the version number of Gordon",
      "desc": "An optional description...",
      "code": "control 'gordon-1.0' do\n  impact 0.7\n  title 'Verify the version number of Gordon'\n  desc 'An optional description...'\n  describe gordon_config do\n    its('version') { should eq('1.0') }\n    its('size') { should <= 20 }\n  end\nend\n",
      "impact": 0.7,
      "status": "pending",
      "code_desc": "gordon_config Can't find file \"/tmp/gordon/config.yaml\"",
      "ref": "examples/profile/controls/gordon.rb",
      "ref_line": 18,
      "run_time": 3.1e-05,
      "start_time": "2016-03-24 20:21:24 +0000",
      "pending": "Can't find file \"/tmp/gordon/config.yaml\""
    }
  ],
  "summary": {
    "duration": 0.000576,
    "example_count": 1,
    "failure_count": 0,
    "pending_count": 1
  },
  "summary_line": "1 example, 0 failures, 1 pending",
  "profiles": [
    {
      "name": "profile",
      "title": "InSpec Example Profile",
      "maintainer": "Chef Software, Inc.",
      "copyright": "Chef Software, Inc.",
      "copyright_email": "support@chef.io",
      "license": "Apache 2 license",
      "summary": "Demonstrates the use of InSpec Compliance Profile",
      "version": "1.0.0",
      "supports": [
        {
          "os-family": "unix"
        }
      ]
    }
  ]
}

-Gordon

3

Thanks for the reply. I really appreciate it.

you asked for a use case with regard to “How do I return data to the test case say for example a simple string.”

lets user take a simple case. the linux (rhel) command: getenforce. It returns a simple string of the current selinux setting. I’d like to write a custom resource that return the string generated by the command. I was using this as a simple test so I could understand how custom resources worked.
I got the class to work but still don’t understand how to get the data from the the custom class to the test case thats calling it from the controls directory.

thanks for the help and the comments to the stuff in github.

4

Sorry for the delay. We’ve been busy here releasing Chef Compliance 1.0.

Will get back to you early next week. Thanks for your understanding.

5

Got some time today to extend the gordon_config custom resource and then consume the values in controls:

Hope this gives you a complete example on how custom resources can expose values and how to consume them in controls. Cheers!

6

Thank @apop. I appreciate the help. This help quite a bit. Thank you.