mirror of
https://github.com/inspec/inspec
synced 2024-12-18 00:53:22 +00:00
56 lines
1.4 KiB
Markdown
56 lines
1.4 KiB
Markdown
|
---
|
||
|
title: About kitchen-inspec
|
||
|
---
|
||
|
|
||
|
# kitchen-inspec
|
||
|
|
||
|
The `kitchen-inspec` driver enables InSpec to be used as a verifier within Kitchen.
|
||
|
|
||
|
To use InSpec as a verifier, add it to the kitchen.yml file:
|
||
|
|
||
|
verifier:
|
||
|
name: inspec
|
||
|
|
||
|
To define a suite that pulls its run-list from the Chef Compliance server:
|
||
|
|
||
|
suites:
|
||
|
- name: compliance
|
||
|
run_list:
|
||
|
- recipe[ssh-hardening]
|
||
|
verifier:
|
||
|
inspec_tests:
|
||
|
- compliance://base/ssh
|
||
|
|
||
|
and then run the following command:
|
||
|
|
||
|
$ inspec compliance login https://compliance.test --user admin --insecure --token ''
|
||
|
|
||
|
where `--insecure` is required when using self-signed certificates.
|
||
|
|
||
|
To define a suite that pulls its run-list from the Chef Supermarket:
|
||
|
|
||
|
suites:
|
||
|
- name: supermarket
|
||
|
run_list:
|
||
|
- recipe[ssh-hardening]
|
||
|
verifier:
|
||
|
inspec_tests:
|
||
|
- supermarket://hardening/ssh-hardening
|
||
|
|
||
|
The `kitchen-inspec` driver expects tests to be located in the `test/integration` directory in a cookbook. For example::
|
||
|
|
||
|
.
|
||
|
├── Berksfile
|
||
|
├── Gemfile
|
||
|
├── README.md
|
||
|
├── metadata.rb
|
||
|
├── recipes
|
||
|
│ ├── default.rb
|
||
|
│ └── nginx.rb
|
||
|
└── test
|
||
|
└── integration
|
||
|
└── default
|
||
|
├── controls
|
||
|
├── inspec.yml
|
||
|
└── libraries
|