New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Compliance Profile inheritence does not work with audit cookbook #38

Closed
yvovandoorn opened this Issue May 4, 2016 · 3 comments

Comments

Projects
None yet
5 participants
@yvovandoorn

yvovandoorn commented May 4, 2016

Cookbook version

0.6.0

Chef-client version

12.9.41

Platform Details

RHEL 7.2

Scenario:

Attempting to run an audit profile that inherits another profile on the compliance server

Steps to Reproduce:

Run the audit cookbook with a compliance policy that is inherited

Expected Result:

Audit cookbook passes

Actual Result:

* compliance_profile[cis-rhel7-level1-lite] action execute * chef_gem[inspec] action install (up to date) [2016-05-04T11:33:00-04:00] WARN: Using inspec version: (0.20.1) - install/update inspec ================================================================================ Error executing actionexecute` on resource 'compliance_profile[cis-rhel7-level1-lite]'
================================================================================

RuntimeError
------------
You must supply a --profiles-path to inherit from other profiles.

Cookbook Trace:
---------------
/var/chef/cache/cookbooks/audit/libraries/profile.rb:111:in `block (2 levels) in <class:ComplianceProfile>'
/var/chef/cache/cookbooks/audit/libraries/profile.rb:94:in `block in <class:ComplianceProfile>'

Resource Declaration:
---------------------
# In /var/chef/cache/cookbooks/audit/recipes/default.rb

 30:   compliance_profile p do
 31:     owner o
 32:     server server
 33:     token token
 34:     inspec_version node['audit']['inspec_version']
 35:     action [:fetch, :execute]
 36:   end
 37: end

Compiled Resource:
------------------
# Declared in /var/chef/cache/cookbooks/audit/recipes/default.rb:30:in `block in from_file'

compliance_profile("cis-rhel7-level1-lite") do
  action [:fetch, :execute]
  updated true
  retries 0
  retry_delay 2
  default_guard_interpreter :default
  declared_type :compliance_profile
  cookbook_name "audit"
  recipe_name "default"
  owner "thomasrgcheforg"
  inspec_version "latest"
  profile "cis-rhel7-level1-lite"
end

Platform:
---------
x86_64-linux

`

@chris-rock

This comment has been minimized.

Collaborator

chris-rock commented May 4, 2016

related to inspec/inspec#533

@chris-rock chris-rock added the bug label May 4, 2016

@jerryaldrichiii

This comment has been minimized.

Collaborator

jerryaldrichiii commented Jul 20, 2016

+1 to this bug.

Profile inheritance works if using the Compliance WebUI (SSH) to perform the scan but not when using chef-client and this cookbook.

@tas50 tas50 removed the bug label Aug 2, 2016

@cheeseplus cheeseplus added the Type: Bug label Mar 7, 2017

@chris-rock chris-rock referenced this issue Apr 26, 2017

Merged

Always use json format for inspec report #212

4 of 4 tasks complete
@chris-rock

This comment has been minimized.

Collaborator

chris-rock commented May 4, 2017

This should be fixed with 3.1. Please re-open if this continues to be an issue.

@chris-rock chris-rock closed this May 4, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment