Ruby Inspec - describe.one but one of the options requires two describe commands

41 views Asked by At

I have a Ruby Inspec file that isn't very complex, but I can't figure out how to structure it properly. I basically need to check if rsync is not installed or disabled. To check if it's disabled, I run systemctl is-active rsync and systemctl is-enabled rsync. I then match the output to inactive and disabled, respectively.

control "my control" do
  title "title"
  desc "desc"

  describe.one do
    describe package('rsync') do
      it { should_not be_installed }
    end

    # These two should be treated as one option
    describe command('systemctl is-active rsync') do
      its('stdout') { should match "^inactive$" }
    end
    describe command('systemctl is-enabled rsync') do
      its('stdout') { should match "^disabled$" }
    end
  end
end
1

There are 1 answers

1
Randy Simpson On BEST ANSWER

Try something like this:

control "my control" do
  title "title"
  desc "desc"

  if package('rsync').installed?
    # These two should be treated as one option
    describe command('systemctl is-active rsync') do
      its('stdout') { should match "^inactive$" }
    end
    describe command('systemctl is-enabled rsync') do
      its('stdout') { should match "^disabled$" }
    end
  end
end

or you should be able to do something like:

control "my control" do
  title "title"
  desc "desc"

  describe.one do
    describe package('rsync') do
      it { should_not be_installed }
    end

    describe 'rsync is inactive and disabled' do
      # These two should be treated as one option
      describe command('systemctl is-active rsync') do
        its('stdout') { should match "^inactive$" }
      end
      describe command('systemctl is-enabled rsync') do
        its('stdout') { should match "^disabled$" }
      end
    end
  end
end