inspec资源未确定

时间:2018-06-04 06:50:28

标签: ruby infrastructure inspec

我正在使用带有ruby的inspec测试框架进行基础设施测试。我在控件中写了一个测试

这是我的测试:

require 'aws-sdk'

credentials = Aws::AssumeRoleCredentials.new(
   role_arn: 'some_value',
   role_session_name: 'pipeline')

client_params = {
  region: 'ap-southeast-2',
  credentials: credentials
}

ec2_client = Aws::EC2::Resource.new(client_params)
instance = ec2_client.instances(filters: [{name:'tag:component', values: ['api', 'fxsnet', 'admin']}])


puts "ec2 Client is : #{ec2_client}"
puts "list of instances based on tag is: #{instance}"


instance.each do |i| 
  puts 'ID:    ' + i.id
  puts 'State: ' + i.state.name

#for each of the instance check if tmp file exist 
  describe file('/tmp') do                  # The actual test
    it { should exist }
  end 
end

但在执行时,我得到以下错误

An error occurred while loading ./inspec-infra-tests/controls/apiInstances.rb.
Failure/Error:
  describe file('/tmp') do                  # The actual test
    it { should exist }
  end

NoMethodError:
  undefined method `file' for main:Object
  Did you mean?  fail
# ./inspec-infra-tests/controls/apiInstances.rb:46:in `block in <top (required)>'
# ./inspec-infra-tests/controls/apiInstances.rb:35:in `<top (required)>'
No examples found.

0 examples, 0 failures, 0 passed

文件InSpec审计资源,用于测试所有系统文件类型,包括文件,目录,符号链接,命名管道,套接字等。

#InspecWithRuby #inspec #inspecResourcesNotIdentified #InspecResourcesNotFound

2 个答案:

答案 0 :(得分:0)

我认为您试图通过执行inspec而不是随ruby运行来运行inspec exec测试。我可以通过在一个文件中粘贴您的测试来在本地重现:

inspec_example.rb 

  describe file('/tmp') do                  # The actual test
    it { should exist }
  end

直接使用ruby执行

ruby inspec_example.rb给出:

Traceback (most recent call last):
inspec_example.rb:1:in `<main>': undefined method `file' for main:Object (NoMethodError)
Did you mean?  fail

执行inspec exec按预期工作:

inspec exec inspec_example.rb给出:

Profile: tests from inspec_example.rb (tests from inspec_example.rb)
Version: (not specified)
Target:  local://

  File /tmp
     ✔  should exist

答案 1 :(得分:0)

我对AWS开发工具包不熟悉,但是您想要使用InSpec测试一组文件,您可以这样做:

myfiles = %w(temp.err temp.out)

control 'tmp-files-1' do
  title 'Test for a set of temp files.'
  myfiles.each do |myfile|
    describe file('/tmp/' + myfile) do
      it { should exist }
    end
  end
end

如果执行此控件,它将返回以下内容(假设这些文件实际上存在于您的/tmp文件夹中:

  ✔  tmp-files-1: Test for a set of temp files.
     ✔  File /tmp/temp.err should exist
     ✔  File /tmp/temp.out should exist

我希望您可以举这个例子,并使其适应您的AWS需求。

相关问题
最新问题