Simple example of pushing the Chef Environment name over to Inspec
Control:
title 'Forwarders'
environments = yaml(content: inspec.profile.file('forwarders.yml')).params
chef_environment = attribute('chef_environment', description: 'The chef environment for the node', default: 'nope')
control 'fwd-1.0' do
impact 0.7
title 'Create /tmp directory'
desc 'An optional description...'
environments.each do |e|
if e['env_name'] == chef_environment
describe file("/tmp/forwarder") do
its('content') { should match e['forwarder'] }
end
end
end
end
Within the profile, create files/forwarders.yml
Contents:
- env_name: dev
forwarder: useast.example.com
- env_name: prod
forwarder: uswest.example.com
- env_name: test
forwarder: uscentral.example.com
- env_name: nope
forwarder: nope.nope.nope
Within your wrapper cookbook that has the configs for the audit cookbook, add this attribute:
# push chef env over to inspec
node.normal['audit']['attributes']['chef_environment'] = node.chef_environment