I am quite new to Inspec & Ruby. I've hit my first blocker that I'm struggling to troubleshoot solo.
I have created a number of Inspec tests using both the host method and the http method. host works fine both in my local environment and via a devbox going through my Jenkins pipeline. However, when I try to run a test using the http method, it doesn't recognise it and Jenkins throws me back a failed exit code 100.
Example of one test which fails:
control "cis-f5-benchmark-1.1.3" do
impact 1.0
title "Configure Secure Password Policy (Manual)"
describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/tm/auth/password-policy",
auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
method: 'GET',
ssl_verify: false).body) do
its('policyEnforcement') { should eq 'enabled' }
its('minimumLength') { should eq 14 }
its('requiredSpecial') { should eq 3 }
its('requiredUppercase') { should eq 3 }
its('requiredLowercase') { should eq 3 }
its('requiredNumeric') { should eq 3 }
its('minDuration') { should eq 0 }
its('maxDuration') { should eq 99999 }
its('passwordMemory') { should eq 5 }
its('maxLoginFailures') { should eq 3 }
end
end