Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Harmonize profile location targets #111

Closed
chris-rock opened this issue Oct 31, 2016 · 1 comment · Fixed by #113
Closed

Harmonize profile location targets #111

chris-rock opened this issue Oct 31, 2016 · 1 comment · Fixed by #113
Labels
Type: Enhancement Adds new functionality.
Milestone
0.16.0

Comments

@chris-rock
Copy link
Collaborator

Right now we use

kitchen.yml (yml format)

suites:
  - name: contains_inspec
    run_list:
    ...
    verifier:
      inspec_tests:
        - https://github.com/dev-sec/tests-ssh-hardening
        - https://github.com/dev-sec/tests-os-hardening

This format is different from inspec.yml

name: meta-profile
title: Meta Compliance Profile
maintainer: InSpec Authors
copyright: InSpec Authors
copyright_email: [email protected]
license: Apache 2
summary: InSpec Profile that is only consuming dependencies
version: 0.2.0
depends:
  - name: hardening/ssh-hardening  # defaults to supermarket
  - name: os-hardening
    url: https://github.com/dev-sec/tests-os-hardening/archive/master.zip
  - git: https://github.com/dev-sec/ssl-benchmark.git
  - name: windows-patch-benchmark
    git: https://github.com/chris-rock/windows-patch-benchmark.git
  - name: linux
    compliance: base/linux

Therefore we should align those formats to easily allow copy&paste between tools:

suites:
  - name: contains_inspec
    run_list:
    ...
    verifier:
      inspec_tests:
        - name: hardening/ssh-hardening  # defaults to supermarket
        - name: os-hardening
          url: https://github.com/dev-sec/tests-os-hardening/archive/master.zip
        - git: https://github.com/dev-sec/tests-ssh-hardening.git
        - git: https://github.com/dev-sec/tests-os-hardening.git
        - name: hardening/ssh-hardening 
          supermarket_url: https://supermarket.my.com

See inspec/inspec#1227
@chris-rock chris-rock added this to the 0.16.0 milestone Oct 31, 2016
@vjeffrey
Copy link

vjeffrey commented Nov 3, 2016
edited
Loading

since we're doing a straight call to the runner, this is all available already. we just need to update the readme.
this is the .kitchen.yml i used to test, along with following the inspec compliance login instructions that are in the readme

    verifier:
      inspec_tests:
        - name: hardening/ssh-hardening  # defaults to supermarket
        - name: os-hardening
          url: https://github.com/dev-sec/tests-os-hardening/archive/master.zip
        - git: https://github.com/dev-sec/tests-ssh-hardening.git
        - git: https://github.com/dev-sec/tests-os-hardening.git
        - name: ssh
          supermarket: hardening/ssh-hardening
        - name: ssh
          compliance: base/linux

@vjeffrey vjeffrey mentioned this issue Nov 3, 2016
Merged
@tas50 tas50 added Type: Enhancement Adds new functionality. and removed enhancement labels Jan 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Enhancement Adds new functionality.
Projects
None yet
Milestone
0.16.0
Development

Successfully merging a pull request may close this issue.

update readme to reflect harmonization of profile location targets inspec/kitchen-inspec
3 participants
@tas50 @chris-rock @vjeffrey