New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Chef inspec giving error during client run #300

Closed
adyanthaya17 opened this Issue Dec 27, 2017 · 18 comments

Comments

Projects
None yet
2 participants
@adyanthaya17

adyanthaya17 commented Dec 27, 2017

Hi,

I am trying to run compliance on the client nodes along with the cookbook run. I installed the audit cookbook and have incorporated it with the audit cookbooks. The client run goes successful but I am getting the error regarding to chef inspec as below:

Chef-client version

13.6.4-1

Platform Details

Ubuntu 16.04

Running handlers:
WARN: Unresolved specs during Gem::Specification.reset:
rake (>= 0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
[2017-12-27T21:28:35+05:30] WARN: inspec_backend_cache requires InSpec version >= 1.47.0
[2017-12-27T21:28:35+05:30] ERROR: 404 "Not Found" (Net::HTTPServerException)
/opt/chef/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in error!' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/http.rb:239:in streaming_request'
/var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:90:in block in download_archive_to_temp' /var/chef/cache/cookbooks/audit/libraries/helper.rb:45:in with_http_rescue'
/var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:89:in download_archive_to_temp' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:139:in temp_archive_path'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:122:in sha256' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:112:in cache_key'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:32:in cache_key' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:39:in fetch'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:71:in for_fetcher' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:78:in for_target'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/runner.rb:170:in add_target' /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in block in call'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in each' /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in call'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:66:in report' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:259:in run_report_unsafe'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:84:in run_report_safely' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:125:in block in run_report_handlers'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in each' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in run_report_handlers'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:135:in block in <class:Handler>' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:443:in block in run_completed_successfully'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in each' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in run_completed_successfully'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:301:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:291:in block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:244:in block in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/local_mode.rb:44:in with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:232:in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:469:in sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:458:in block in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in loop'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:441:in run_application'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:59:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/bin/chef-client:26:in <top (required)>'
/usr/bin/chef-client:58:in load' /usr/bin/chef-client:58:in

'
[2017-12-27T21:28:35+05:30] ERROR: Object does not exist on remote server.
[2017-12-27T21:28:35+05:30] ERROR: Received HTTP error 404
[2017-12-27T21:28:35+05:30] ERROR: Report handler Chef::Handler::AuditReport raised #<NoMethodError: undefined method path' for nil:NilClass> [2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:93:in download_archive_to_temp'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:139:in temp_archive_path' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:122:in sha256'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:112:in cache_key' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:32:in cache_key'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:39:in fetch' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:71:in for_fetcher'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:78:in for_target' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/runner.rb:170:in add_target'
[2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in block in call' [2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in each'
[2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in call' [2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:66:in report'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:259:in run_report_unsafe' [2017-12-27T21:28:35+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:84:in run_report_safely'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:125:in block in run_report_handlers' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in each'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in run_report_handlers' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:135:in block in class:Handler'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:443:in block in run_completed_successfully' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in each'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in run_completed_successfully' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:301:in run'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:291:in block in fork_chef_client' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork_chef_client' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:244:in block in run_chef_client'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/local_mode.rb:44:in with_server_connectivity' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:232:in run_chef_client'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:469:in sleep_then_run_chef_client' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:458:in block in interval_run_chef_client'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in loop' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in interval_run_chef_client'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:441:in run_application' [2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:59:in run'
[2017-12-27T21:28:35+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/bin/chef-client:26:in <top (required)>' [2017-12-27T21:28:35+05:30] ERROR: /usr/bin/chef-client:58:in load'
[2017-12-27T21:28:35+05:30] ERROR: /usr/bin/chef-client:58:in `'

  • Chef::Handler::AuditReport
    Running handlers complete
    Chef Client finished, 1/4 resources updated in 04 seconds

Is the audit cookbook missing something?

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 27, 2017

@adyanthaya17 That error looks like the audit cookbook is trying to fetch a profile and getting a 404. Could you post your attributes.rb or the .json where you set your node attributes?

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

Below are the contents in attributes.rb file:

default['audit']['reporter'] = 'automate-server'
case node['os']
when 'linux'
default['audit']['profiles'] = [
{
'name': 'DevSec Linux Security Baseline',
'compliance': 'admin/linux-baseline'
}
]
when 'windows'
default['audit']['profiles'] = [
{
'name': 'DevSec Windows Security Baseline',
'compliance': 'admin/windows-baseline'
}
]
end

I haven't changed anything in the audit file, is there some modification that needs to be done in the audit cookbook? I have only added the audit details in the existing cookbooks which would be run in the nodes.

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Nope, as long as you have the audit cookbook in the runlist then it will read those attributes.

The configuration you are using will pull those profiles from the Automate server, can you verify that those profiles are available? For example, if you login to your Automate server as the admin user do you see that those profiles are downloaded.

Also, I'm noticing that you have the default['audit']['reporter'] attribute set to automate-server this needs to be set to chef-automate or chef-server-automate. I recommend chef-server-automate. Below is a guide on how to use that value:

https://docs.chef.io/perform_compliance_scan.html

Let me know if this solves your issue.

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

When you mean if the profiles are available, I am able to see it in the compliance tab-->Profile Store-->Profiles. Even using CLI:

inspec compliance profiles

== Available profiles:

  • CIS Ubuntu Linux 16.04 LTS Benchmark Level 1 - Server v1.0.0-3 (admin/cis-ubuntu16.04lts-level1-server)
  • DevSec Apache Baseline v2.0.2 (admin/apache-baseline)
  • DevSec SSH Baseline v2.2.0 (admin/ssh-baseline)
  • InSpec Profile v0.1.0 (admin/secureprofile)
  • InSpec Profile v0.1.0 (admin/ssh)

I have a doubt here, you mentioned about the 'chef-automate' to be replaced with 'automate-server', do we use the name as a default and is not to according to what the chef-automate server hostname it has?

Sorry I am quite new and a beginner to chef compliance, and I did go through the guide over and through but unfortunately it seems like something isn't working.

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

@adyanthaya17 No worries, you're being quite awesome to work with. We all are new at the beginning. 😄

Try changing,

default['audit']['reporter'] = 'automate-server'

to

default['audit']['reporter'] = 'chef-server-automate'

Then if you followed the section here: https://docs.chef.io/perform_compliance_scan.html#configure-data-collection-on-chef-server it should work for you.

The reporter attribute configures where the Audit cookbook will send it's results. In this case it is sent to the Chef Server and the Chef Server will send it to Automate.

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

I changed it as suggested and I seem to get this when I run the chef-client. And I have set the data collection :)

Running handlers:
WARN: Unresolved specs during Gem::Specification.reset:
rake (>= 0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
[2017-12-28T08:57:15+05:30] WARN: inspec_backend_cache requires InSpec version >= 1.47.0
[2017-12-28T08:57:15+05:30] ERROR: 404 "Not Found" (Net::HTTPServerException)
/opt/chef/embedded/lib/ruby/2.4.0/net/http/response.rb:122:in error!' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/http.rb:239:in streaming_request'
/var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:90:in block in download_archive_to_temp' /var/chef/cache/cookbooks/audit/libraries/helper.rb:45:in with_http_rescue'
/var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:89:in download_archive_to_temp' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:139:in temp_archive_path'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:122:in sha256' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:112:in cache_key'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:32:in cache_key' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:39:in fetch'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:71:in for_fetcher' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:78:in for_target'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/runner.rb:170:in add_target' /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in block in call'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in each' /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in call'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:66:in report' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:259:in run_report_unsafe'
/var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:84:in run_report_safely' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:125:in block in run_report_handlers'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in each' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in run_report_handlers'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:135:in block in <class:Handler>' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:443:in block in run_completed_successfully'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in each' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in run_completed_successfully'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:301:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:291:in block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:244:in block in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/local_mode.rb:44:in with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:232:in run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:469:in sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:458:in block in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in loop'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in interval_run_chef_client' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:441:in run_application'
/opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:59:in run' /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/bin/chef-client:26:in <top (required)>'
/usr/bin/chef-client:58:in load' /usr/bin/chef-client:58:in

'
[2017-12-28T08:57:15+05:30] ERROR: Object does not exist on remote server.
[2017-12-28T08:57:15+05:30] ERROR: Received HTTP error 404
[2017-12-28T08:57:15+05:30] ERROR: Report handler Chef::Handler::AuditReport raised #<NoMethodError: undefined method path' for nil:NilClass> [2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:93:in download_archive_to_temp'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:139:in temp_archive_path' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:122:in sha256'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/fetchers/url.rb:112:in cache_key' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:32:in cache_key'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/cached_fetcher.rb:39:in fetch' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:71:in for_fetcher'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/profile.rb:78:in for_target' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/inspec-1.42.3/lib/inspec/runner.rb:170:in add_target'
[2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in block in call' [2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in each'
[2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:155:in call' [2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:66:in report'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:259:in run_report_unsafe' [2017-12-28T08:57:15+05:30] ERROR: /var/chef/cache/cookbooks/audit/files/default/handler/audit_report.rb:84:in run_report_safely'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:125:in block in run_report_handlers' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in each'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:123:in run_report_handlers' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/handler.rb:135:in block in class:Handler'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:443:in block in run_completed_successfully' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in each'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:442:in run_completed_successfully' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/client.rb:301:in run'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:291:in block in fork_chef_client' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:279:in fork_chef_client' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:244:in block in run_chef_client'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/local_mode.rb:44:in with_server_connectivity' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:232:in run_chef_client'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:469:in sleep_then_run_chef_client' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:458:in block in interval_run_chef_client'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in loop' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:457:in interval_run_chef_client'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application/client.rb:441:in run_application' [2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/lib/chef/application.rb:59:in run'
[2017-12-28T08:57:15+05:30] ERROR: /opt/chef/embedded/lib/ruby/gems/2.4.0/gems/chef-13.6.4/bin/chef-client:26:in <top (required)>' [2017-12-28T08:57:15+05:30] ERROR: /usr/bin/chef-client:58:in load'
[2017-12-28T08:57:15+05:30] ERROR: /usr/bin/chef-client:58:in `'

  • Chef::Handler::AuditReport
    Running handlers complete
    Chef Client finished, 1/4 resources updated in 04 seconds
@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

But if I place it with just 'chef-automate', this is what I get instead:

Running handlers:
WARN: Unresolved specs during Gem::Specification.reset:
rake (>= 0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
[2017-12-28T09:00:12+05:30] WARN: inspec_backend_cache requires InSpec version >= 1.47.0
[2017-12-28T09:00:12+05:30] ERROR: The compliance profile admin/linux-baseline was not found on the configured compliance server
[2017-12-28T09:00:12+05:30] ERROR: We cannot fetch all profiles: [{:name=>"DevSec Linux Security Baseline", :compliance=>"admin/linux-baseline"}]. Please make sure you're authenticated and the server is reachable.
[2017-12-28T09:00:12+05:30] ERROR: Audit report was not generated properly, skipped reporting

  • Chef::Handler::AuditReport
    Running handlers complete
    Chef Client finished, 1/4 resources updated in 04 seconds
@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Setting the reporter to chef-automate means that the node would have to authenticate to the Automate server directly (which it likely isn't configured to do so) which is why you are getting that error. Using chef-server-automate means it will send it's report through the Chef Server. I suspect you will want the latter since you followed the guide.

Could you post your automate.rb from the Automate server and chef-server.rb from the Chef server? (Be sure to REDACT any sensitive data like the tokens)

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

-->cat /etc/opscode/chef-server.rb
data_collector['root_url'] = 'https://automate-server.UCSBANG6.com/data-collector/v0/'
profiles['root_url'] = 'https://automate-server.UCSBANG6.com'
data_collector["token"] = "root123"

Ah, I think I must be missing the automate.rb file. Does it get configured while installing the automate server, or do we need to configure it?

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Nope, I told you wrong...I meant this file on the Automate Server:

/etc/delivery/delivery.rb

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

cat /etc/delivery/delivery.rb
delivery_fqdn "automate-server"
delivery['chef_username'] = "delivery"
delivery['chef_private_key'] = "/etc/delivery/delivery.pem"
delivery['chef_server'] = "https://chef-server:443/organizations/delivery-org"
insights['enable'] = true
data_collector['token'] = 'root123'

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Hmm...very strange. Assuming all the FQDN's are resolvable (e.g. https://chef-server) I don't see why this isn't working.

Next best bet would be to run chef-server-ctl tail nginx and automate-ctl tail nginx on the Chef and Automate servers to follow the request and look for 404's. I would also try running automate-ctl reconfigure and chef-server-ctl reconfigure.

Since you have Automate, you may be a customer and I would recommend reaching out to Chef Support.

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Actually, let's take a step back, I don't see admin/linux-baseline or admin/windows-baseline in your CLI output earlier. Are we 100% sure those profiles are there?

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

#300 (comment)

Shows admin/ssh-baseline not admin/linux-baseline

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

Aha! That was the issue >.< I am able to run the chef client and get the details updated in the dashboard but it seems like I still see:

Running handlers:
WARN: Unresolved specs during Gem::Specification.reset:
rake (>= 0)
WARN: Clearing out unresolved specs.
Please report a bug if this causes problems.
[2017-12-28T09:32:45+05:30] WARN: inspec_backend_cache requires InSpec version >= 1.47.0

  • Chef::Handler::AuditReport
    Running handlers complete
    Chef Client finished, 1/4 resources updated in 04 seconds

Previously the inspec of audit cookbook wasn't showing up in the chef-client.

@adyanthaya17

This comment has been minimized.

adyanthaya17 commented Dec 28, 2017

By the way I noticed few videos wherein the nodes could be added from the automate server dashboard, but the recent version which I am using doesn't have it. Is there a way where the compliance can be added from the dashboard similar to how cookbooks are added in the chef-server?

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Hah! Sorry for not seeing that earlier.

I think those warning you see can be ignored (though updating InSpec/Chef Client couldn't hurt)

As far as the Automate server dashboard, I'm not an expert but I think that feature is under active development at the moment and is currently in beta. See if: https://docs.chef.io/automate_compliance_scanner.html gets you what you are wanting.

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Dec 28, 2017

Since we've solved this issue, I'm going to close it to keep things tidy.

Feel free to reach out to me on http://community-slack.chef.io/ though. I'm @jerry over there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment