Do not use audit cookbook for resource testing

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>

dev-docs/integration-testing.md

@@ -2,7 +2,7 @@
 
 ## Introduction
 
-Chef InSpec uses Test Kitchen for its integration testing. Our current testing uses Docker as our backend. You should install and have Docker running befor you run any tests.
+Chef InSpec uses Test Kitchen for its integration testing. Our current testing uses Docker (kitchen-dokken) as our backend. You should install and have Docker running before you run any tests.
 
 ### How to run specific integrations
 
@@ -23,8 +23,6 @@ bundle exec rake test:integration[default-ubuntu-1604]
 
 We run the test/integration/default profile at the end of each integration test in the verify stage. This confirms that our current code is compatible with test kitchen.
 
-### Audit Testing
+### Why no audit cookbook testing?
 
-For Audit cookbook testing Chef InSpec sets up some special hooks. The integration rake command will bundle up the current checkout into a gem which is passed along to test kitchen in the os_prepare cookbook. When this cookbook is run it will install the local inspec gem. Audit will then use this gem accordingly when running in the post chef-client validators. The .kitchen.yml is setup to export the audit report to a json file which we look for and confirm the structure in the test/integration/default/controls/audit_spec.rb file.
-
-In the validation file we confirm that the file was created from audit and that the structure looks correct. We also validate that the inspec ran with audit is the same that the current branch is using. This validates that audit did not use a older version for some reason.
+Audit cookbook testing is handled in the audit cookbook repo. In addition, the audit cookbook restricts which InSpec gem can be installed, forcing the installation from Rubygems for Chef clients 15+. Since we need to test with the from-source inspec gem, we can't use that approach. Instead, we don't test using audit cookbook here.

kitchen.yml

@@ -1,7 +1,7 @@
 ---
 driver:
   name: dokken
-  chef_version: 14.12.9
+  chef_version: :latest
   privileged: true # because Docker and SystemD/Upstart
 
 transport:
@@ -97,22 +97,11 @@ suites:
 - name: resources-core
   run_list:
   - recipe[os_prepare]
-  - recipe[audit]
   verifier:
     inspec_tests:
-      - test/kitchen/policies/resources-core
+      # TODO - split these out into core, database, unix, and windows resources
+      - test/kitchen/policies/default
   attributes:
-    audit:
-      attributes:
-        audit_attribute: 'Attribute Override!'
-      insecure: true
-      reporter: ['json-file','chef-automate']
-      fetcher: 'chef-automate'
-      json_file:
-        location: /tmp/json_export.json
-      profiles:
-        - name: integration
-          url: https://github.com/inspec/inspec-integration-profile/archive/master.zip
     osprepare:
       docker: true
       application: false

test/kitchen/cookbooks/install_inspec/recipes/default.rb

@@ -8,10 +8,15 @@ cookbook_file "/root/inspec-core-bin.gem" do
   action :create
 end
 
+# Must explicitly remove then re-install as it has an executable file
+# conflict with the incoming package
+chef_gem "inspec-core" do
+  action :remove
+end
 
 chef_gem "inspec-core" do
   source "/root/inspec-core.gem"
-  action :upgrade
+  action :install
 end
 
 chef_gem "inspec-core-bin" do

test/kitchen/policies/default/controls/_debug_spec.rb

@@ -2,6 +2,7 @@ $stderr.puts "-----------------------------------"
 $stderr.puts "        TEST ENVIRONMENT           "
 $stderr.puts "-----------------------------------"
 $stderr.puts "    Docker: #{!ENV['DOCKER'].nil?}"
+$stderr.puts "    InSpec: #{Inspec::VERSION}"
 $stderr.puts "   OS name: #{os[:name] || 'unknown' }"
 $stderr.puts "OS release: #{os[:release] || 'unknown'}"
 $stderr.puts " OS family: #{os[:family] || 'unknown'}"

test/kitchen/policies/default/controls/audit_spec.rb

@@ -1,39 +0,0 @@
-# This file tests the audit validation which runs as part of the
-# chef-client process. This is setup to export to a json file in the .kitchen.yml
-#
-# For more info please see docs/dev/integratin_test.md
-
-control 'Test audit cookbook json exist' do
-  describe file('/tmp/json_export.json') do
-    it { should exist }
-    its('size') { should > 0 }
-  end
-end
-
-# Grab bundled inspec version. This should be the same as the one
-# passed for audit cookbook. If its not, you should do a `bundle install`
-inspec_version = Inspec::VERSION
-# or: Gem.loaded_specs['inspec'].version.to_s rescue Inspec::VERSION
-
-control 'Test audit cookbook json output' do
-  describe json('/tmp/json_export.json') do
-    its(['platform', 'name']) { should eq platform.name }
-    its(['statistics', 'duration']) { should  > 0 }
-    its('version') { should cmp inspec_version }
-  end
-end
-
-# make sure all tests passed
-file = file('/tmp/json_export.json')
-if file.exist?
-  json = JSON.parse(file.content)
-  json['profiles'].first['controls'].each do |child_control|
-    child_control['results'].each do |result|
-      control result['code_desc'] do
-        describe json(content: result.to_json) do
-          its('status') { should cmp 'passed' }
-        end
-      end
-    end
-  end
-end