From 8fcd750b2a0ffb9f9b9a77552d8c44684c68fd36 Mon Sep 17 00:00:00 2001 From: seanlongcc Date: Mon, 8 Jul 2024 14:21:07 -0400 Subject: [PATCH] update actions --- mongo-validate.pkr.hcl | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/mongo-validate.pkr.hcl b/mongo-validate.pkr.hcl index 3b99b53..27fa639 100644 --- a/mongo-validate.pkr.hcl +++ b/mongo-validate.pkr.hcl @@ -63,29 +63,31 @@ build { provisioner "shell-local" { inline = [ "docker ps -a", - "inspec detect -t docker://mongo-hardened" + "cinc-auditor detect -t docker://mongo-hardened", + "docker ps -a" ] } ### SCAN - provisioner "shell-local" { - environment_vars = [ - "PROFILE=${var.scan.inspec_profile}", - "CONTAINER_ID=${var.input_hardened_image.name}", - "REPORT_DIR=${var.scan.report_dir}", - "REPORT_FILE=${var.scan.inspec_report_filename}", - "INPUT_FILE=${var.scan.inspec_input_file}", - "TARGET_IMAGE=${var.input_hardened_image.name}", - ] - valid_exit_codes = [0, 100, 101] # inspec has multiple valid exit codes - script = "spec/scripts/scan.sh" - } + // provisioner "shell-local" { + // environment_vars = [ + // "PROFILE=${var.scan.inspec_profile}", + // "CONTAINER_ID=${var.input_hardened_image.name}", + // "REPORT_DIR=${var.scan.report_dir}", + // "REPORT_FILE=${var.scan.inspec_report_filename}", + // "INPUT_FILE=${var.scan.inspec_input_file}", + // "TARGET_IMAGE=${var.input_hardened_image.name}", + // ] + // valid_exit_codes = [0, 100, 101] # inspec has multiple valid exit codes + // script = "spec/scripts/scan.sh" + // } # docker ps provisioner "shell-local" { inline = [ "docker ps -a", - "inspec detect -t docker://mongo-hardened" + "cinc-auditor detect -t docker://mongo-hardened", + "docker ps -a" ] }