inspec/docs/resources/docker_service.md.erb

---
title: About the docker_service Resource
---

# docker_service

Use the `docker_service` InSpec audit resource to verify a docker swarm service.

<br>

## Syntax

A `docker_service` resource block declares the service by name:

    describe docker_service('foo') do
      it { should exist }
      its('id') { should eq '2ghswegspre1' }
      its('repo') { should eq 'alpine' }
      its('tag') { should eq 'latest' }
    end

The resource allows you to pass in a service id:

    describe docker_service(id: '2ghswegspre1') do
      ...
    end

You can also pass in the fully-qualified image:

    describe docker_service(image: 'localhost:5000/alpine:latest') do
      ...
    end

<br>

## Examples

The following examples show how to use this InSpec `docker_service` resource.

### Test a docker service

    describe docker_service('foo') do
      it { should exist }
      its('id') { should eq '2ghswegspre1' }
      its('repo') { should eq 'alpine' }
      its('tag') { should eq 'latest' }
    end

<br>

## Matchers

This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

### exist

The `exist` matcher tests if the image is available on the node:

    it { should exist }

### id

The `id` matcher returns the service id:

    its('id') { should eq '2ghswegspre1' }

### image

The `image` matcher tests the value of the image. It is a combination of `repository:tag`:

    its('image') { should eq 'alpine:latest' }

### mode

The `mode` matcher tests the value of the service mode:

    its('mode') { should eq 'replicated' }

### name

The `name` matcher tests the value of the service name:

    its('name') { should eq 'foo' }

### ports

The `ports` matcher tests the value of the service's published ports:

    its('ports') { should include '*:8000->8000/tcp' }

### repo

The `repo` matcher tests the value of the repository name:

    its('repo') { should eq 'alpine' }

### replicas

The `replicas` matcher tests the value of the service's replica count:

    its('replicas') { should eq '3/3' }

### tag

The `tag` matcher tests the value of image tag:

    its('tag') { should eq 'latest' }
Docker Swarm service resource (#2456) This change adds the `docker_service` resource for Docker swarm mode services. This branches off some of the common elements (id, exists) into a `DockerObject` module along with a utility function for parsing the image/repo string. That function was implemented separately by `docker_image` and `docker_container`, now with a third resource, it made sense to consolidate that into an included module. I used the most comprehensive implementation. Existing classes had to be slightly modified for the genericization. Signed-off-by: Matt Kulka <mkulka@parchment.com> 2018-01-23 20:30:14 +00:00			`---`
			`title: About the docker_service Resource`
			`---`

			`# docker_service`

			Use the `docker_service` InSpec audit resource to verify a docker swarm service.

			`<br>`

			`## Syntax`

			A `docker_service` resource block declares the service by name:

			`describe docker_service('foo') do`
			`it { should exist }`
			`its('id') { should eq '2ghswegspre1' }`
			`its('repo') { should eq 'alpine' }`
			`its('tag') { should eq 'latest' }`
			`end`

			`The resource allows you to pass in a service id:`

			`describe docker_service(id: '2ghswegspre1') do`
			`...`
			`end`

			`You can also pass in the fully-qualified image:`

			`describe docker_service(image: 'localhost:5000/alpine:latest') do`
			`...`
			`end`

			`<br>`

			`## Examples`

			The following examples show how to use this InSpec `docker_service` resource.

			`### Test a docker service`

			`describe docker_service('foo') do`
			`it { should exist }`
			`its('id') { should eq '2ghswegspre1' }`
			`its('repo') { should eq 'alpine' }`
			`its('tag') { should eq 'latest' }`
			`end`

			`<br>`

			`## Matchers`

			`This InSpec audit resource has the following matchers. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).`

			`### exist`

			The `exist` matcher tests if the image is available on the node:

			`it { should exist }`

			`### id`

			The `id` matcher returns the service id:

			`its('id') { should eq '2ghswegspre1' }`

			`### image`

			The `image` matcher tests the value of the image. It is a combination of `repository:tag`:

			`its('image') { should eq 'alpine:latest' }`

			`### mode`

			The `mode` matcher tests the value of the service mode:

			`its('mode') { should eq 'replicated' }`

			`### name`

			The `name` matcher tests the value of the service name:

			`its('name') { should eq 'foo' }`

			`### ports`

			The `ports` matcher tests the value of the service's published ports:

			`its('ports') { should include '*:8000->8000/tcp' }`

			`### repo`

			The `repo` matcher tests the value of the repository name:

			`its('repo') { should eq 'alpine' }`

			`### replicas`

			The `replicas` matcher tests the value of the service's replica count:

			`its('replicas') { should eq '3/3' }`

			`### tag`

			The `tag` matcher tests the value of image tag:

			`its('tag') { should eq 'latest' }`