About kitchen-inspec
Use Chef InSpec as a Test Kitchen verifier with kitchen-inspec
.
For hands-on examples, learn how to use Test Kitchen to run Chef InSpec profiles on the Learn Chef course Validate Infrastructure Code with Test Kitchen.
Add the Chef InSpec verifier to the .kitchen.yml
file:
verifier:
name: inspec
Use a compliance profile from the Chef Compliance server:
suites:
- name: compliance
run_list:
- recipe[ssh-hardening::default]
verifier:
inspec_tests:
- compliance://base/ssh
and then run the following command:
inspec automate login https://compliance.test --user admin --insecure --token ''
where:
--insecure
is required when using self-signed certificates.
inspec compliance
is a backwards compatible alias for inspec automate
and works the same way:
inspec compliance login https://compliance.test --user admin --insecure --token ''
Use a compliance profile from the Chef Supermarket:
suites:
- name: supermarket
run_list:
- recipe[ssh-hardening::default]
verifier:
inspec_tests:
- supermarket://dev-sec/ssh-baseline
Use Chef InSpec tests from the local file system:
suites:
- name: local
run_list:
- recipe[my_cookbook::default]
verifier:
inspec_tests:
- test/integration/default