iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add inspec provisioner hcl2 examples (#9761)

This commit is contained in:
Sylvia Moss 2020-08-13 17:23:56 +02:00 committed by GitHub
parent 29b08e54bc
commit a2277e312f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 101 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
website/pages/docs/provisioners/ansible.mdx
View File

@ -59,17 +59,17 @@ Example Packer template:
```hcl ```hcl
source "digitalocean" "example"{ source "digitalocean" "example"{
api_token = "6a561151587389c7cf8faa2d83e94150a4202da0e2bad34dd2bf236018ffaeeb" api_token = "6a561151587389c7cf8faa2d83e94150a4202da0e2bad34dd2bf236018ffaeeb"
image = "ubuntu-14-04-x64" image = "ubuntu-14-04-x64"
region = "sfo1" region = "sfo1"
} }
build { build {
sources = [ sources = [
"source.digitalocean.example", "source.digitalocean.example"
] ]
provisioner { provisioner "ansible" {
"playbook_file": "./playbook.yml" playbook_file = "./playbook.yml"
} }
} }
``` ```
@ -198,21 +198,21 @@ connection to chroot and running Ansible as root/sudo.
```hcl ```hcl
source "amazon-chroot" "example" { source "amazon-chroot" "example" {
mount_path = "/mnt/packer-amazon-chroot" mount_path = "/mnt/packer-amazon-chroot"
region = "us-east-1" region = "us-east-1"
source_ami = "ami-123456" source_ami = "ami-123456"
} }
build { build {
sources = [ sources = [
"source.amazon-chroot.example" "source.amazon-chroot.example"
] ]
provisioner "ansible" { provisioner "ansible" {
extra_arguments = [ extra_arguments = [
"--connection=chroot", "--connection=chroot",
"--inventory-file=/mnt/packer-amazon-chroot" "--inventory-file=/mnt/packer-amazon-chroot"
] ]
playbook_file = "main.yml" playbook_file = "main.yml"
} }
} }
``` ```

96
website/pages/docs/provisioners/inspec.mdx
View File

@ -21,6 +21,9 @@ by Packer.
This is a fully functional template that will test an image on DigitalOcean. This is a fully functional template that will test an image on DigitalOcean.
Replace the mock `api_token` value with your own. Replace the mock `api_token` value with your own.
<Tabs>
<Tab heading="JSON">
```json ```json
{ {
"provisioners": [ "provisioners": [
@ -41,6 +44,29 @@ Replace the mock `api_token` value with your own.
} }
``` ```
</Tab>
<Tab heading="HCL2">
```hcl
source "digitalocean" "example"{
api_token = "<digital ocean api token>"
image = "ubuntu-14-04-x64"
region = "sfo1"
}
build {
sources = [
"source.digitalocean.example"
]
provisioner "inspec" {
profile = "https://github.com/dev-sec/linux-baseline"
}
}
```
</Tab>
</Tabs>
## Configuration Reference ## Configuration Reference
Required Parameters: Required Parameters:
@ -52,19 +78,44 @@ Optional Parameters:
- `inspec_env_vars` (array of strings) - Environment variables to set before - `inspec_env_vars` (array of strings) - Environment variables to set before
running InSpec. Usage example: running InSpec. Usage example:
<Tabs>
<Tab heading="JSON">
```json ```json
"inspec_env_vars": [ "FOO=bar" ] "inspec_env_vars": [ "FOO=bar" ]
``` ```
</Tab>
<Tab heading="HCL2">
```hcl
inspec_env_vars = [ "FOO=bar" ]
```
</Tab>
</Tabs>
- `command` (string) - The command to invoke InSpec. Defaults to `inspec`. - `command` (string) - The command to invoke InSpec. Defaults to `inspec`.
- `extra_arguments` (array of strings) - Extra arguments to pass to InSpec. - `extra_arguments` (array of strings) - Extra arguments to pass to InSpec.
These arguments _will not_ be passed through a shell and arguments should These arguments _will not_ be passed through a shell and arguments should
not be quoted. Usage example: not be quoted. Usage example:
<Tabs>
<Tab heading="JSON">
```json ```json
"extra_arguments": [ "--sudo", "--reporter", "json" ] "extra_arguments": [ "--sudo", "--reporter", "json" ]
``` ```
</Tab>
<Tab heading="HCL2">
```hcl
extra_arguments = [ "--sudo", "--reporter", "json" ]
```
</Tab>
</Tabs>
- `attributes` (array of strings) - Attribute Files used by InSpec which will - `attributes` (array of strings) - Attribute Files used by InSpec which will
be passed to the `--input-file` argument of the `inspec` command when this be passed to the `--input-file` argument of the `inspec` command when this
@ -111,16 +162,32 @@ Optional Parameters:
Chef InSpec requires accepting the license before starting to use the tool. Chef InSpec requires accepting the license before starting to use the tool.
This can be done via `inspec_env_vars` in the template: This can be done via `inspec_env_vars` in the template:
<Tabs>
<Tab heading="JSON">
```json ```json
"provisioners": [ "provisioners": [
{ {
"type": "inspec", "type": "inspec",
"inspec_env_vars": [ "CHEF_LICENSE=accept"], "inspec_env_vars": [ "CHEF_LICENSE=accept"],
"profile": "https://github.com/dev-sec/linux-baseline" "profile": "https://github.com/dev-sec/linux-baseline"
} }
], ]
``` ```
</Tab>
<Tab heading="HCL2">
```hcl
provisioner "inspec" {
inspec_env_vars = [ "CHEF_LICENSE=accept"]
profile = "https://github.com/dev-sec/linux-baseline"
}
```
</Tab>
</Tabs>
See their [official docs](https://docs.chef.io/chef_license_accept/) to learn other ways to accept the license. See their [official docs](https://docs.chef.io/chef_license_accept/) to learn other ways to accept the license.
## Default Extra Variables ## Default Extra Variables
@ -143,8 +210,19 @@ commonly useful InSpec Attributes:
To debug underlying issues with InSpec, add `"-l"` to `"extra_arguments"` to To debug underlying issues with InSpec, add `"-l"` to `"extra_arguments"` to
enable verbose logging. enable verbose logging.
<Tabs>
<Tab heading="JSON">
```json ```json
{
"extra_arguments": ["-l", "debug"] "extra_arguments": ["-l", "debug"]
}
``` ```
</Tab>
<Tab heading="HCL2">
```hcl
extra_arguments = ["-l", "debug"]
```
</Tab>
</Tabs>