mirror of
https://github.com/inspec/inspec
synced 2024-12-12 06:12:37 +00:00
1cf80737ad
If a repo did not exist, running matchers against it (such as `exist`) were failing due to a bug in `#to_s` when fetching the repo name. The `info` method would return nil and we'd still try to treat it as a hash. This change ensures that info is always a hash, possibly empty if the repo doesn't exist, and uses the repo name provided by the user rather than shortening it to be consistent with our other resources which don't manipulate the user input in the formatter. Also added a method_missing to allow users to interrogate repo options, such as baseurl or gpgcheck. Signed-off-by: Adam Leff <adam@leff.co>
111 lines
2.5 KiB
Text
111 lines
2.5 KiB
Text
---
|
|
title: About the yum Resource
|
|
---
|
|
|
|
# yum
|
|
|
|
Use the `yum` InSpec audit resource to test packages in the Yum repository.
|
|
|
|
## Syntax
|
|
|
|
A `yum` resource block declares a package repo, tests if the package repository is present, and if it that package repository is a valid package source (i.e. "is enabled"):
|
|
|
|
describe yum.repo('name') do
|
|
it { should exist }
|
|
it { should be_enabled }
|
|
end
|
|
|
|
where
|
|
|
|
* `repo('name')` is the (optional) name of a package repo, using either a full identifier (`'updates/7/x86_64'`) or a short identifier (`'updates'`)
|
|
|
|
## Matchers
|
|
|
|
This InSpec audit resource has the following matchers:
|
|
|
|
### be
|
|
|
|
<%= partial "/shared/matcher_be" %>
|
|
|
|
### be_enabled
|
|
|
|
The `be_enabled` matcher tests if the package repository is a valid package source:
|
|
|
|
it { should be_enabled }
|
|
|
|
### cmp
|
|
|
|
<%= partial "/shared/matcher_cmp" %>
|
|
|
|
### eq
|
|
|
|
<%= partial "/shared/matcher_eq" %>
|
|
|
|
### exist
|
|
|
|
The `exist` matcher tests if the package repository exists:
|
|
|
|
it { should exist }
|
|
|
|
### include
|
|
|
|
<%= partial "/shared/matcher_include" %>
|
|
|
|
### match
|
|
|
|
<%= partial "/shared/matcher_match" %>
|
|
|
|
### repo('name')
|
|
|
|
The `repo('name')` matcher names a specific package repository:
|
|
|
|
describe yum.repo('epel') do
|
|
...
|
|
end
|
|
|
|
### repos
|
|
|
|
The `repos` matcher tests if a named repo, using either a full identifier (`'updates/7/x86_64'`) or a short identifier (`'updates'`), is included in the Yum repo:
|
|
|
|
its('repos') { should include 'some_repo' }
|
|
|
|
### shortname
|
|
|
|
The `shortname` matcher names a specific package repository's group identifier. For example, if a repository's group name is "Directory Server", the corresponding group idenfier is typically "directory-server":
|
|
|
|
describe yum.repo('Directory Server') do
|
|
its('shortname') { should eq 'directory-server' }
|
|
end
|
|
|
|
## Examples
|
|
|
|
The following examples show how to use this InSpec audit resource.
|
|
|
|
### Test if the yum repo exists
|
|
|
|
describe yum do
|
|
its('repos') { should exist }
|
|
end
|
|
|
|
### Test if the 'base/7/x86_64' repo exists and is enabled
|
|
|
|
describe yum do
|
|
its('repos') { should include 'base/7/x86_64' }
|
|
its('epel') { should exist }
|
|
its('epel') { should be_enabled }
|
|
end
|
|
|
|
### Test if a specific yum repo exists
|
|
|
|
describe yum.repo('epel') do
|
|
it { should exist }
|
|
it { should be_enabled }
|
|
end
|
|
|
|
### Test a particular repository configuration, such as its Base URL
|
|
|
|
describe yum.repo('mycompany-artifacts') do
|
|
it { should exist }
|
|
it { should be_enabled }
|
|
its('baseurl') { should include 'mycompany.biz' }
|
|
end
|