This issue was originally opened by @thompsm in hashicorp/packer#7510 and has been migrated to this repository. The original issue description is below.

Packer inspec provisioner incorrectly determines a files user and owner

• Packer version 1.3.5 and 1.4.0
• Host platform RHEL 6, 7, and Amazon Linux 2, using the amazon-ebs builder

This is my provisioners section of my template:

"provisioners": [{
    "type": "inspec",
    "profile": "./file.rb"
 }]

file.rb has:

describe file('/etc/ssh/sshd_config') do
  its('mode') { should cmp '0600' }
  it { should be_owned_by 'root' }
  its('group') { should eq 'root' }
end

The output from packer shows:

    amazon-ebs:
    amazon-ebs: Profile: tests from ./file.rb (tests from ..file.rb)
    amazon-ebs: Version: (not specified)
    amazon-ebs: Target:  ssh://[email protected]:59032
    amazon-ebs:
    amazon-ebs:   File /etc/ssh/sshd_config
    amazon-ebs:      ×  should be owned by "root"
    amazon-ebs:      expected `File /etc/ssh/sshd_config.owned_by?("root")` to return true, got false
    amazon-ebs:      ✔  mode should cmp == "0600"
    amazon-ebs:      ×  group should eq "root"
    amazon-ebs:
    amazon-ebs:      expected: "root"
    amazon-ebs:           got: "root\r"
    amazon-ebs:
    amazon-ebs:      (compared using ==)
    amazon-ebs:
    amazon-ebs:
    amazon-ebs: Test Summary: 1 successful, 2 failures, 0 skipped
==> amazon-ebs: Error executing Inspec: Non-zero exit status: exit status 100

If I run the same inspec test file, but directly using the inspec command outside of packer to the same host I get:

Version: (not specified)
Target:  ssh://[email protected]:22

  File /etc/ssh/sshd_config
     ✔  should be owned by "root"
     ✔  mode should cmp == "0600"
     ✔  group should eq "root"

Test Summary: 3 successful, 0 failures, 0 skipped

Overview of the Issue

There is not a current release 0.01 or higher so this plugin for inspec does not work with Packer 1.7.3 using the plugins file with
packer init

The changelog from Packer 1.7.3 indicates that this version should be available for Inspec (https://github.com/hashicorp/packer/blob/master/CHANGELOG.md)

Reproduction Steps

Packer init .

using packer.plugins.pkr.hcl

packer {
    required_plugins {
        inspec = {
            version = ">=v0.0.1"
            source = "github.com/hashicorp/inspec"
        }
    }
}

Plugin and Packer version

1.7.3

Operating system and Environment details

Docker image hashicorp/packer:1.7.3

This issue was originally opened by @GavBurke in hashicorp/packer#8042 and has been migrated to this repository. The original issue description is below.

• Packer version from packer version
  1.0.4

• Host platform
  Ubuntu and COS

• The simplest example template and scripts needed to reproduce the bug.
  There isn't any repeatable way, just keep trying until the "random" password from Packer gives you a - at the start of the password, i.e. this one broke our build

inspec exec test-profile --backend winrm --host 10.21.128.67 --port 5986 --user dh-packer-build --password '-r=XQxq%&#%NNs4' --ssl --insecure --self-signed --no-distinct-exit --target-id packer-mswin-f5bfb2d3a0 --show-progress

You get the error back Please provide a value for --password. For example: --password=hello.

This issue was originally opened by @lmayorga1980 in hashicorp/packer#9472 and has been migrated to this repository. The original issue description is below.

It seems like inspec provisioner does not provide more detailed output on why the connection failed or execution expired.

{
      "type": "inspec",
      "inspec_env_vars": [ "CHEF_LICENSE=accept"],
      "backend": "winrm",
      "host":"myremotehost",
      "profile" : "inspec/profile",
      "user": "Administrator",
      "extra_arguments": [ "--user", "{{user `win_user`}}", "--password", "{{user `win_password`}}" , "--port", "5986", "--insecure"]
    }

==> openstack: Provisioning with Inspec...
2020/06/23 20:37:42 packer-provisioner-inspec plugin: SSH proxy: serving on 127.0.0.1:63515
==> openstack: Executing Inspec: inspec exec inspec/profile --backend winrm --host myremotehost --user Administrator --input-file /var/folders/8l/z3xs5ygs1blb5_9z58kmpy_d2gwgq4/T/packer-provisioner-inspec.034262034.yml --user Administrator  --password ****** --port 5986 --insecure
    openstack: execution expired
2020/06/23 20:38:55 packer-provisioner-inspec plugin: shutting down the SSH proxy
2020/06/23 20:38:55 [INFO] (telemetry) ending inspec
==> openstack: Provisioning step had errors: Running the cleanup provisioner, if present...

This issue was originally opened by @ghost in hashicorp/packer#8865 and has been migrated to this repository. The original issue description is below.

Issues on GitHub are intended to be related to bugs or feature requests, so we
recommend using our other community resources instead of asking here if you
have a question.

• Packer Guides: https://www.packer.io/guides/index.html
• Discussion List: https://groups.google.com/group/packer-tool
• Any other questions can be sent to the packer section of the HashiCorp
  forum: https://discuss.hashicorp.com/c/packer
• Packer community links: https://www.packer.io/community.html

This issue was originally opened by @kclinden in hashicorp/packer#10151 and has been migrated to this repository. The original issue description is below.

Description

When using Inspec with Windows and WinRM you have to provide a password using the --password paremter via inspec exec. Instead of making this be sent as an extra argument add a parameter to the provisioner.

Use Case(s)

Using Packer with Windows WinRM and the Inspec Provisioner over WinRM

Potential configuration

  provisioner "inspec" {
    backend                = "winrm"
    password              = {{.WinRMPassword}}
    host                       = "{{build `Host`}}"
    inspec_env_vars   = ["CHEF_LICENSE=accept"]
    profile                   = "https://github.com/kclinden/microsoft-windows-server-2016-stig-baseline"
    user                      = "Administrator"
  }

Potential References

This issue was originally opened by @christianclarke in hashicorp/packer#7619 and has been migrated to this repository. The original issue description is below.

During the packer run, the below Inspect test fails with the following reason:

11671 2019/05/07 15:46:52 packer: 2019/05/07 15:46:52 [INFO] 0 bytes written for 'stdin'
11672 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted:^[[0m
11673 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted: Profile: InSpec Profile (system-setup)^[[0m
11674 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted: Version: 0.1.0^[[0m
11675 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted: Target: ssh://[email protected]:50681^[[0m
11676 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted:^[[0m
11677 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted: ^[[38;5;9m × fstab: Test the content of /etc/fstab is correct^[[0m^[[0m
11678 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted: ^[[38;5;9m × Control Source Code Error ./inspec/system-setup/controls/fstab.rb:3^[[0m
11679 2019/05/07 15:46:52 ui: ^[[0;32m Single_Region_CentOS7_Encrypted:
undefined method `split' for nil:NilClass^[[0m^[[0m

describe etc_fstab.where { mount_point == '/var' } do
its('device_name') { should cmp '/dev/system/var' }
its('file_system_type') { should cmp 'xfs' }
its('mount_options') { should eq [['defaults']] }
its('dump_options') { should cmp [0] }
its('file_system_options') { should cmp [0] }
end

However, if the packer run is ran in debug, if you SSH onto the box

• install Inspec https://packages.chef.io/files/stable/inspec/4.3.2/el/7/inspec-4.3.2-1.el7.x86_64.rpm
• Create an inspec profile manually. (inspec init profile mytests)
• Edit the inspec control ./mytests/controls/example.rb (Copy the same test as above)
• Run the test inspec exec mytests

It Passes.

• Packer version from 1.4.0
• OS X / Windows