Skip to content

Regular Checks

Jump to bottom Edit New page
ken farmer edited this page Sep 29, 2015 · 5 revisions

Regular Checks Objectives

  • Run a rule-type check
  • Run a profile-type check
  • Further references:

Setup Check Requirements

  • Must be in check_dir
  • Filename must start with 'rule_' or 'profile_'
  • Must be identified within registry file for table with a check_type of 'rule' or 'profile'
  • Otherwise can be in written in any language

Runner to Setup Interface:

  • All communication is through environmental variables set by the runner. These env vars come from the registry config, from runner command line arguments, or from a setup-check for that table.
  • Since the test is provided by the local user, it can implement other methods of control - its own config file, its own env vars from .bashrc, etc.
  • Environmental variables set by the runner for a rule check:
    • hapinsp_instance - from runner args
    • hapinsp_database - from runner args
    • hapinsp_table - from runner args or current table runner is checking
    • hapinsp_check_mode - from registry
    • hapinsp_table_mode - from setup checks
    • hapinsp_checkcustom_* - from registry

Check to Runner Interface:

  • All communication back to the runner is through a JSON structure printed by the setup check - and captured by the runner. The only other data captured by the runner is the setup's return code.
  • Example JSON struct printed by setup:
    • { "rc": "0", "violations": "4"}
  • JSON fields:
    • rc - must be a number
    • violations - must be a number
    • mode - one of [full, auto, incremental] - that describes how it actually ran
Add a custom footer
Add a custom sidebar
Clone this wiki locally