Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Testing Cloud Resources #193

Open
darkn3rd opened this issue Jul 19, 2018 · 2 comments
Open

Support Testing Cloud Resources #193

darkn3rd opened this issue Jul 19, 2018 · 2 comments
Assignees
Labels
Type: Enhancement Adds new functionality.

Comments

@darkn3rd
Copy link

It would be nice to test cloud resources in addition to system resources in effort to support CNI (Cloud Native Infrastructure) patterns. Currently, there is no mechanism to do this, other than a shell verifier with a data directory or another indirect method.

For complete integration testing, it will be necessary to test DNS entries, cloud load balancers, cloud databases, and other infrastructure in conjunction with systems that are configured.

As an example, this would be a sample YAML snippet for Test Kitchen to support testing on GCP.

suites:
  - name: default
    verifier:
      inspec_tests:
        - name: gcp
           path: test/gcp/control/cluster.rb
           transport: gcp://
           attributes:
             project_name: crypto-catfish-192703
             cluster_zone: us-east1-b
             cluster_name: guestbook
           depends:
             name: gcp-resources
             url: https://github.com/inspec/inspec-gcp/archive/master.tar.gz
@williamayerst
Copy link

Is there any movement on this? I just need to be able to supply an inSpec 'target' to the verifier via Kitchen, which I can do easily via command line!

@wyardley
Copy link

wyardley commented Feb 4, 2021

I think this is already supported (at least by kitchen-terraform), unless I'm misunderstanding the request?

newcontext-oss/kitchen-terraform#286 has a bit more detail.

for example, we do something like this

provisioner:
  name: terraform

platforms:
  - name: local

verifier:
  name: terraform
  systems:
    - name: remote-gcp
      backend: gcp
      reporter:
        - progress
      controls:
        - foo
        - bar

there are also some things that GCP's drivers don't support, and for those, we sometimes inspect the plan itself

    - name: local-outputs
      backend: local
      reporter:
        - progress
      controls:
        - foo
        - bar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Enhancement Adds new functionality.
Projects
None yet
Development

No branches or pull requests

6 participants