If in my script I want to test azure resources using a ruby library (not inspec binary) running in a container:
def my_resource_groups
rg = Inspec::Runner.new(conf={:vendor_cache=>'/app'})
rg.add_target('/app/profiles/azure')
rg.run
end
my_resource_groups()
with this inspec.yml definition
name: inspector
title: Azure InSpec Profile
maintainer: The Authors
copyright: The Authors
copyright_email: [email protected]
license: Apache-2.0
summary: An InSpec Compliance Profile For Azure
version: 0.1.0
inspec_version: '>= 2.2.7'
depends:
- name: inspec-azure
url: https://github.com/inspec/inspec-azure/archive/master.tar.gz
And this test:
title "Azure Resource group spike"
control 'azure_resource_groups' do
describe azure_resource_group do
its('names') { should include 'my_resource_group1' }
end
end
I get:
Skipping profile: 'inspector' on unsupported platform: 'debian/10.7'.
How do I pass the equivalent -t azure:// argument to my ruby script, in the same way as I would if I did this:
sudo docker run \
-v /home/vagrant/scratch/share:/share \
-e AZURE_CLIENT_SECRET="some_secret" \
-e AZURE_CLIENT_ID="some_client_id" \
-e AZURE_TENANT_ID="some_tenant_id" \
-e AZURE_SUBSCRIPTION_ID="some_subscription_id" \
chef/inspec \
exec /share/inspector \
-t azure:// \
--chef-license=accept
just in case anyone else comes across this headache, pass the options as a map into the runner object when you instantiate it. (note the vendor cache was tidied up as well)