Skip to content

Commit

Permalink
allows kitchen-inspec to work with inspec supermarket and compliance …
Browse files Browse the repository at this point in the history
…plugins
  • Loading branch information
chris-rock committed May 10, 2016
1 parent 7d614e4 commit ceab16a
Show file tree
Hide file tree
Showing 6 changed files with 38 additions and 4 deletions.
17 changes: 17 additions & 0 deletions .kitchen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,20 @@ suites:
verifier:
inspec_tests:
- https://github.com/nathenharvey/tmp_compliance_profile
- name: supermarket
run_list:
- recipe[apt]
- recipe[ssh-hardening]
verifier:
inspec_tests:
- supermarket://hardening/ssh-hardening
# before you are able to use the compliance plugin, you need to run
# insecure is only required if you use self-signed certificates
# $ inspec compliance login https://compliance.test --user admin --insecure --token ''
- name: compliance
run_list:
- recipe[apt]
- recipe[ssh-hardening]
verifier:
inspec_tests:
- compliance://base/ssh
5 changes: 4 additions & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,10 @@ matrix:
- rvm: ruby-head
- rvm: 2.2
bundler_args: "--without guard tools"
script: bundle exec rake test:integration
script: bundle exec rake test:integration OS='default profile contains_inspec'
- rvm: 2.2
bundler_args: "--without guard tools"
script: bundle exec rake test:integration OS='supermarket'
allow_failures:
- rvm: ruby-head
deploy:
Expand Down
3 changes: 3 additions & 0 deletions Berksfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,7 @@

source 'https://supermarket.chef.io'

cookbook 'apt'
cookbook 'yum'
cookbook 'os_prepare', path: './test/cookbooks/os_prepare'
cookbook 'ssh-hardening', git: 'https://github.com/dev-sec/chef-ssh-hardening.git'
4 changes: 2 additions & 2 deletions Rakefile
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ end
namespace :test do
task :integration do
concurrency = ENV['CONCURRENCY'] || 1
path = File.join(File.dirname(__FILE__), 'test', 'integration')
sh('sh', '-c', "bundle exec kitchen test -c #{concurrency}")
os = ENV['OS'] || ''
sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{os}")
end
end
2 changes: 1 addition & 1 deletion kitchen-inspec.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
spec.bindir = 'exe'
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
spec.require_paths = ['lib']
spec.add_dependency 'inspec', '>=0.14.1', '<1.0.0'
spec.add_dependency 'inspec', '>=0.20.0', '<1.0.0'
spec.add_dependency 'test-kitchen', '~> 1.6'
spec.add_development_dependency 'countloc', '~> 0.4'
spec.add_development_dependency 'bundler', '~> 1.10'
Expand Down
11 changes: 11 additions & 0 deletions lib/kitchen/verifier/inspec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,17 @@ def call(state)
# (see Base#load_needed_dependencies!)
def load_needed_dependencies!
require 'inspec'
# TODO: this should be easier. I would expect to load a single class here
# load supermarket plugin, this is part of the inspec gem
require 'bundles/inspec-supermarket/api'
require 'bundles/inspec-supermarket/target'

# load the compliance plugin
require 'bundles/inspec-compliance/configuration'
require 'bundles/inspec-compliance/support'
require 'bundles/inspec-compliance/http'
require 'bundles/inspec-compliance/api'
require 'bundles/inspec-compliance/target'
end

# Returns an Array of test suite filenames for the related suite currently
Expand Down

0 comments on commit ceab16a

Please sign in to comment.