Created
April 27, 2016 18:50
-
-
Save nathenharvey/9882c13871ff793cc6dff382c8615e5a to your computer and use it in GitHub Desktop.
InSpec Command and stdout
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# encoding: utf-8 | |
# copyright: 2015, The Authors | |
# license: All rights reserved | |
title 'File System Configuration' | |
# you add controls here | |
control '1.2.1 Verify CentOS GPG Key is Installed' do # A unique ID for this control | |
impact 1.0 # The criticality, if this control fails. | |
title 'Verify CentOS GPG Key is Installed' # A human-readable title | |
desc <<-EOF | |
CentOS cryptographically signs updates with a GPG key to verify that they are valid. | |
It is important to ensure that updates are obtained from a valid source to protect against spoofing that could lead to the inadvertent installation of malware on the system. | |
EOF | |
describe command('/usr/bin/gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6') do | |
its('stdout') { should match /C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ } | |
end | |
describe command('echo hello') do | |
its('stdout') { should match /hello/ } | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ inspec exec filesystem_configuration/controls/example.rb | |
.. | |
Finished in 0.12499 seconds (files took 2.11 seconds to load) | |
2 examples, 0 failures |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Mac: | |
$ inspec version | |
0.19.3 | |
Target Machine | |
$ inspec version | |
0.19.3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ inspec exec filesystem_configuration/controls/example.rb --user USERNAME --password PASSWORD -t TARGET_IP | |
F. | |
Failures: | |
1) Command /usr/bin/gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 stdout should match /C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ | |
Failure/Error: its('stdout') { should match /C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ } | |
expected "" to match /C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ | |
Diff: | |
@@ -1,2 +1,2 @@ | |
-/C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ | |
+"" | |
# filesystem_configuration/controls/example.rb:18:in `block (3 levels) in load' | |
# /Users/nathenharvey/.chefdk/gem/ruby/2.1.0/gems/inspec-0.19.3/lib/inspec/runner_rspec.rb:67:in `run' | |
# /Users/nathenharvey/.chefdk/gem/ruby/2.1.0/gems/inspec-0.19.3/lib/utils/base_cli.rb:70:in `run_tests' | |
# /Users/nathenharvey/.chefdk/gem/ruby/2.1.0/gems/inspec-0.19.3/lib/inspec/cli.rb:113:in `exec' | |
Finished in 0.02803 seconds (files took 1.37 seconds to load) | |
2 examples, 1 failure | |
Failed examples: | |
rspec # Command /usr/bin/gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 stdout should match /C1DA C52D 1664 E8A4 386D BA43 0946 FCA2 C105 B9DE/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment