Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 13:13:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/docs/resources/http.md.erb
Nathan L Smith 0f96c88d88 Add docs for http resource options 
Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-30 11:33:59 -05:00

104 lines
3 KiB
Text
Raw Blame History

---
title: About the http Resource
---
# http
Use the `http` InSpec audit resource to test an http endpoint.
<p class="warning">Currently, this resource always executes on the host on which <code>inspec exec</code> is run, even if you use the <code>--target</code> option to remotely scan a different host.<br>
<br>
This will be corrected in a future version of InSpec. New InSpec releases are posted in the <a href="https://discourse.chef.io/c/chef-release" target="_blank">Release Announcements Category in Discourse</a>.</p>
## Syntax
An `http` resource block declares the configuration settings to be tested:
describe http('url', auth: {user: 'user', pass: 'test'}, params: {params}, method: 'method', headers: {headers}, data: data, open_timeout: 60, read_timeout: 60, ssl_verify: true) do
its('status') { should eq number }
its('body') { should eq 'body' }
its('headers.name') { should eq 'header' }
end
where
* `('url')` is the url to test
* `auth: { user: 'user', pass: 'test' }` may be specified for basic auth request
* `{params}` may be specified for http request parameters
* `'method'` may be specified for http request method (default to 'GET')
* `{headers}` may be specified for http request headers
* `data` may be specified for http request body
* `open_timeout` may be specified for a timeout for opening connections (default to 60)
* `read_timeout` may be specified for a timeout for reading connections (default to 60)
* `ssl_verify` may be specified to enable or disable verification of SSL certificates (default to `true`)
## Matchers
This InSpec audit resource has the following matchers:
### be
<%= partial "/shared/matcher_be" %>
### body
The `body` matcher tests body content of http response:
its('body') { should eq 'hello\n' }
### cmp
<%= partial "/shared/matcher_cmp" %>
### eq
<%= partial "/shared/matcher_eq" %>
### headers
The `headers` matcher returns an hash of all http headers:
its('headers') { should eq {} }
Individual headers can be tested via:
its('headers.Content-Type') { should cmp 'text/html' }
### include
<%= partial "/shared/matcher_include" %>
### match
<%= partial "/shared/matcher_match" %>
### status
The `status` matcher tests status of the http response:
its('status') { should eq 200 }
## Examples
The following examples show how to use this InSpec audit resource.
### Simple http test
For example, a service is listening on default http port can be tested like this:
describe http('http://localhost') do
its('status') { should cmp 200 }
end
### Complex http test
describe http('http://localhost:8080/ping',
auth: {user: 'user', pass: 'test'},
params: {format: 'html'},
method: 'POST',
headers: {'Content-Type' => 'application/json'},
data: '{"data":{"a":"1","b":"five"}}') do
its('status') { should cmp 200 }
its('body') { should cmp 'pong' }
its('headers.Content-Type') { should cmp 'text/html' }
end
Reference in a new issue View git blame Copy permalink