mirror of
https://github.com/inspec/inspec
synced 2024-09-20 06:21:56 +00:00
Document teh credential sets features and config file format
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
This commit is contained in:
parent
7328e82ae6
commit
20ffbffb01
3 changed files with 88 additions and 3 deletions
83
docs/config.md
Normal file
83
docs/config.md
Normal file
|
@ -0,0 +1,83 @@
|
|||
# The InSpec Configuration File
|
||||
|
||||
This documents the InSpec configuration file format introduced in version 3.5 of InSpec.
|
||||
|
||||
## Config File Location
|
||||
|
||||
By default, InSpec looks for a config file in `~/.inspec/config.json`. InSpec does not need a configuration file to run.
|
||||
|
||||
You may also specify the location using `--config`. For example, to run the shell using a config file in `/etc/inspec`, use `inspec shell --config /etc/inspec/config.json`.
|
||||
|
||||
## Config File Format Versions
|
||||
|
||||
Config files must contain a top-level key, `version`, which indicates the file format. This allows us to add new fields without breaking old installations.
|
||||
|
||||
## Version 1.1
|
||||
|
||||
### Complete Example
|
||||
|
||||
```
|
||||
{
|
||||
"version": "1.1",
|
||||
"cli_options":{
|
||||
"color": "true"
|
||||
},
|
||||
"credentials": {
|
||||
"ssh": {
|
||||
"my-target": {
|
||||
"host":"somewhere.there.com",
|
||||
"user":"bob"
|
||||
}
|
||||
}
|
||||
},
|
||||
"reporter": {
|
||||
"automate" : {
|
||||
"stdout" : false,
|
||||
"url" : "https://YOUR_A2_URL/data-collector/v0/",
|
||||
"token" : "YOUR_A2_ADMIN_TOKEN",
|
||||
"insecure" : true,
|
||||
"node_name" : "inspec_test_node",
|
||||
"environment" : "prod"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
### version
|
||||
|
||||
Should have the value '1.1'.
|
||||
|
||||
### cli_options
|
||||
|
||||
In this key, you can place any long-form command line option, without the leading dashes.
|
||||
|
||||
### credentials
|
||||
|
||||
Under this key, you may store any Train-transport-specific options. You store the options keyed first by transport name, then by a name you choose to refer to them later. The combination of transport name and your chosen name can be used in the `--target` option to `inspec exec`, as `--target transport-name://connection-name`.
|
||||
|
||||
For example, if the config file contains:
|
||||
|
||||
```
|
||||
{
|
||||
"credentials": {
|
||||
"winrm": {
|
||||
"myconn": {
|
||||
"user": "Administrator",
|
||||
"host": "prod01.east.example.com",
|
||||
"disable_sspi": true,
|
||||
"connection_retries": 10
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Then you can use `--target winrm://myconn` to connect to the host, with the given extra options.
|
||||
|
||||
Each Train transport offers a variety of options. By using the credential set facility, you are able to easily set options that are not accessible via the Train URI.
|
||||
|
||||
You may have as many credential sets in the config file as you require.
|
||||
|
||||
### reporter
|
||||
|
||||
You may also set output (reporter) options in the config file. See the [Reporters Page](https://www.inspec.io/docs/reference/reporters/) for details.
|
|
@ -6,7 +6,7 @@ title: InSpec Reporters
|
|||
|
||||
Introduced in InSpec 1.51.6
|
||||
|
||||
InSpec allows you to output your test results to one or more reporters. You can configure the reporter(s) using either the `--json-config` option or the `--reporter` option. While you can configure multiple reporters to write to different files, only one reporter can output to the screen(stdout).
|
||||
InSpec allows you to output your test results to one or more reporters. You can configure the reporter(s) using either the `--config` (or `--json-config`, prior to v3.6) option or the `--reporter` option. While you can configure multiple reporters to write to different files, only one reporter can output to the screen(stdout).
|
||||
|
||||
## Syntax
|
||||
|
||||
|
@ -52,7 +52,7 @@ If you wish to pass the profiles directly after specifying the reporters you wil
|
|||
inspec exec --reporter json junit:/tmp/junit.xml -- profile1 profile2
|
||||
```
|
||||
|
||||
If you are using the cli option `--json-config` you can also set reporters.
|
||||
If you are using the cli option `--config`, you can also set reporters.
|
||||
|
||||
Output cli to screen.
|
||||
|
||||
|
@ -124,7 +124,7 @@ This renders html code to view your tests in a browser. It includes all the test
|
|||
|
||||
## Automate Reporter
|
||||
|
||||
The automate reporter type is a special reporter used with the Automate 2 suite. To use this reporter you must pass in the correct configuration via a json config `--json-config`.
|
||||
The automate reporter type is a special reporter used with the Automate 2 suite. To use this reporter you must pass in the correct configuration via a json config `--config`.
|
||||
|
||||
Example config:
|
||||
|
||||
|
|
|
@ -26,6 +26,8 @@ sidebar_links:
|
|||
link: "/docs/reference/matchers.html"
|
||||
- title: Reporters
|
||||
link: "/docs/reference/reporters.html"
|
||||
- title: Configuration
|
||||
link: "/docs/reference/config.html"
|
||||
- title: InSpec DSL
|
||||
link: "/docs/reference/dsl_inspec.html"
|
||||
- title: Profile Style guide
|
||||
|
|
Loading…
Reference in a new issue