| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 |
- ---
- - name: Verify
- hosts: all
- become: true
- vars:
- inspec_download_source_dir: /usr/local/src
- inspec_bin: /opt/inspec/bin/inspec
- inspec_test_directory: "/tmp/molecule/inspec"
- inspec_downloads:
- el6:
- url: https://packages.chef.io/files/stable/inspec/3.6.6/el/6/inspec-3.6.6-1.el6.x86_64.rpm
- sha256: 69b05dd28304b7c915381b88f035b3239d1328d891faef18aa30954266fc4da2
- el7:
- url: https://packages.chef.io/files/stable/inspec/3.6.6/el/7/inspec-3.6.6-1.el7.x86_64.rpm
- sha256: 2a950a2aeecf2c26b16285a2fcec244da97c636d47d5928ee181620e80472cac
- ubuntu1404:
- url: https://packages.chef.io/files/stable/inspec/3.6.6/ubuntu/14.04/inspec_3.6.6-1_amd64.deb
- sha256: 4294bdd3f8cd1aff3e6d912d2c48b345d0ec60ecefd92310cb3ae561b909cfec
- ubuntu1604:
- url: https://packages.chef.io/files/stable/inspec/3.6.6/ubuntu/16.04/inspec_3.6.6-1_amd64.deb
- sha256: 4294bdd3f8cd1aff3e6d912d2c48b345d0ec60ecefd92310cb3ae561b909cfec
- ubuntu1804:
- url: https://packages.chef.io/files/stable/inspec/3.6.6/ubuntu/18.04/inspec_3.6.6-1_amd64.deb
- sha256: 4294bdd3f8cd1aff3e6d912d2c48b345d0ec60ecefd92310cb3ae561b909cfec
- inspec_package_deps:
- - lsof
- - net-tools
- tasks:
- - name: Install system dependencies for Inspec
- package:
- name: "{{ item }}"
- state: present
- loop: "{{ inspec_package_deps }}"
- - name: Download Inspec
- get_url:
- url: "{{ inspec_downloads[inspec_version]['url'] }}"
- dest: "{{ inspec_download_source_dir }}"
- sha256sum: "{{ inspec_downloads[inspec_version]['sha256'] }}"
- mode: 0755
- register: inspec_download
- - name: Install Inspec
- yum:
- name: "{{ inspec_download.dest }}"
- state: latest
- when: ansible_pkg_mgr == 'yum'
- - name: Install Inspec
- dnf:
- name: "{{ inspec_download.dest }}"
- state: latest
- when: ansible_pkg_mgr == 'dnf'
- - name: Install Inspec
- apt:
- deb: "{{ inspec_download.dest }}"
- state: present
- when: ansible_pkg_mgr == 'apt'
- - name: Create Molecule directory for test files
- file:
- path: "{{ inspec_test_directory }}"
- state: directory
- - name: Copy Inspec tests to remote
- copy:
- src: "{{ item }}"
- dest: "{{ inspec_test_directory }}/{{ item | basename }}"
- with_fileglob:
- - "{{ playbook_dir }}/tests/test_*.rb"
- - name: Register test files
- shell: "ls {{ inspec_test_directory }}/test_*.rb"
- register: test_files
- - name: Execute Inspec tests
- command: "{{ inspec_bin }} exec {{ item }} --no-color --reporter progress"
- register: test_results
- loop: "{{ test_files.stdout_lines }}"
- ignore_errors: true
- - name: Display details about the Inspec results
- debug:
- msg: "{{ item.stdout_lines }}"
- loop: "{{ test_results.results }}"
- - name: Fail when tests fail
- fail:
- msg: "Inspec failed to validate"
- when: item.rc != 0
- loop: "{{ test_results.results }}"
|
