Inspec Docker directory test fails

[srjayep]

I am newbie to inspec...need help.

Testing for InSpec audit resource to test if the file type is a directory and it fails. Tried both file and directory resource.

InSpec and Platform Version

inspec (0.32.0) on Mac testing docker container

docker version

Client:
Version: 1.12.0
API version: 1.24
Go version: go1.6.3
Git commit: 8eab29e
Built: Thu Jul 28 21:15:28 2016
OS/Arch: darwin/amd64

Server:
Version: 1.12.0
API version: 1.24
Go version: go1.6.3
Git commit: 8eab29e
Built: Thu Jul 28 21:15:28 2016
OS/Arch: linux/amd64

Tell us which version of InSpec (inspec version or SHA of a commit) and Operating System distribution you are using
0.32.0

Here is the control.

control 'basic-1' do
impact 1.0
title '/etc should be a directory'
describe file('/etc') do
it { should be_directory }
end
end

and failed test o/p.

inspec exec inspec/etc.rb -t docker://6811e2e6ef1f

Target: docker://6811e2e6ef1f4b4642da9610cdba1b0a899d85de82a9d25c85376d141a4cd64a

✖ basic-1: /etc should be a directory (expected File /etc.directory? to return true, got false)

Summary: 0 successful, 1 failures, 0 skipped

ran docker command to make sure dir exists
~/development/mydev> docker exec -ti 6811e2e6ef1f ls -l /etc/
total 216
-rw-r--r-- 1 root root 4 Jun 17 16:39 TZ
-rw-r--r-- 1 root root 6 May 31 14:20 alpine-release
.
.

[chris-rock]

I was able to reproduce this. A first investigation showed that stat on alpine seems to work differently.

[chris-rock]

on alpine we get the following:

/ # uname -a
Linux 2264e35f2a1b 4.4.17-moby #1 SMP Fri Aug 12 22:26:18 UTC 2016 x86_64 Linux
/ # stat -L /etc 2>/dev/null -c '%s\n%f\n%U\n%u\n%G\n%g\n%X\n%Y\n%C'
4096\n41ed\nroot\n0\nroot\n0\n1469548984\n1472638267\nC
/ # stat -L /etc 2>/dev/null -printf '%s\n%f\n%U\n%u\n%G\n%g\n%X\n%Y\n%C'
/ # 

We use -printf for all linux operating systems, but alpine does not support the -printf. Therefore we need to fallback to -c for Alpine

[chris-rock]

With the train fix we get the expected result:

➜  inspec git:(master) ✗ bundle exec inspec shell -t docker://2264e35f2a1b
Welcome to the interactive InSpec Shell
To find out how to use it, type: help

inspec> help

Available commands:

    `[resource]` - run resource on target machine
    `help resources` - show all available resources that can be used as commands
    `help [resource]` - information about a specific resource
    `exit` - exit the InSpec shell

You can use resources in this environment to test the target machine. For example:

    command('uname -a').stdout
    file('/proc/cpuinfo').content => "value",

You are currently running on:

    OS platform:  alpine
    OS family:  alpine
    OS release: 3.4.0

inspec> file('/etc').directory?
=> true
inspec>