search

inspec / kitchen-inspec

Test-Kitchen Plugin for InSpec
Other
109 stars 58 forks source link

file content doesn't work properly #244

Open maratsal opened 4 years ago

maratsal commented 4 years ago

Describe the problem

When run kitchen verify it reports that content of the file is not matching. However when I check file content manually - the content is right. Seems when kitchen verify is fetching content of the file it appends ssh last login information to the content of the file: The check:

  describe file('/etc/security/limits.d/95-hardening.conf') do
    it { should be_file }
    its('content') { should match "# FILE MANAGED BY CHEF, DO NOT EDIT\n* hard core 0" }
    its('mode') { should cmp '0644' }
  end

Failure:

  ×  hardening-base: Hardening Checks (1 failed)
     ✔  File /etc/security/limits.d/95-hardening.conf should be file
     ×  File /etc/security/limits.d/95-hardening.conf content should match "# FILE MANAGED BY CHEF, DO NOT EDIT\n* hard core 0"
     expected "# FILE MANAGED BY CHEF, DO NOT EDIT\n* hard core 0Last login: Sat Oct 26 21:09:58 EDT 2019\n" to match "# FILE MANAGED BY CHEF, DO NOT EDIT\n* hard core 0"
     Diff:
     @@ -1,3 +1,3 @@
      # FILE MANAGED BY CHEF, DO NOT EDIT
     -* hard core 0
     +* hard core 0Last login: Sat Oct 26 21:09:58 EDT 2019

chef dk version I use:

$ chef --version
ChefDK version: 4.5.1
Chef Infra Client version: 15.4.45
Chef InSpec version: 4.18.0
Test Kitchen version: 2.3.3
Foodcritic version: 16.1.1
Cookstyle version: 5.9.3

And here is my OS:

$ sw_vers
ProductName:    Mac OS X
ProductVersion: 10.15
BuildVersion:   19A602
maratsal commented 4 years ago

please let me know if any other information is needed.

miah commented 4 years ago

In your example, you use match which expects a regular expression, but you supplied a string.

You may want to try:

its('content') { should cmp "# FILE MANAGED BY CHEF, DO NOT EDIT\n* hard core 0" }

Or use a regexp

its('content') { should match /hard.core.[0]/ }

You can find all the docs on our matchers here: https://www.inspec.io/docs/reference/matchers/

Please let us know if you're still having issues with the file resource.

maratsal commented 4 years ago

for sure will give a try. however I think it is more some additional text added to the string from ssh session Last login: Sat Oct 26 21:09:58 EDT 2019 is causing this mismatch.

miah commented 4 years ago

Ok. I think this issue is something in kitchen-inspec rather than inspec.

maratsal commented 4 years ago

Ok. I think this issue is something in kitchen-inspec rather than inspec.

Is there a way to get more verbose output from kitchen runs to get more details from the verification stage?