我正在尝试创建一个简单的集成测试来测试我的 azure 资源组中是否存在密钥保管库。
我已经安装了 chef、ruby 和 inspec。初始化一个配置文件并在控制文件夹下我有一个 example.rb 文件,我有我的测试,它看起来像这样:
control 'azure_key_vault' do
describe azure_key_vault(resource_group: '<my-resource-group-name', vault_name: "<my-key-vault-name") do
it { should exist }
its('name') { should eq vault_name }
end
end
我已~/.azure/credentials在资源组中设置服务原则下设置我的天蓝色凭据并运行命令
inspec exec ./azure_key_vault.rb -t azure://
但我收到以下错误:
Profile: tests from ./azure_key_vault.rb (tests from ..azure_key_vault.rb)
Version: (not specified)
Target: azure://<subscription-id>
× azure_key_vault: ./azure_key_vault.rb:4
× Control Source Code Error ./azure_key_vault.rb:4
undefined method `azure_key_vault' for #<Inspec::Rule:0x00007fc536b14560>
Profile Summary: 0 successful controls, 1 control failure, 0 controls skipped
Test Summary: 0 successful, 1 failure, 0 skipped
而且我不明白为什么会出现这个错误。首先,我认为错误可能与错误有关,azure_key_vault所以我将其更改为,azurerm_key_vault但我总是得到相同的错误和输出。请问有什么帮助吗?
更新:这里有一些更新。如果我运行命令:
inspec check .
我得到了这个结果:
[2021-03-22T19:06:29+00:00] WARN: DEPRECATION: `azurerm_resource_groups` uses the new resource `azure_resource_groups` under the hood. azurerm_resource_groups will be deprecated soon and it is advised to switch to the fully backward compatible new resource. Please see the documentation for the additional features available.
[2021-03-22T19:06:29+00:00] ERROR: The following must be set in the Environment: [:tenant_id, :client_id, :client_secret, :subscription_id].
Missing: [:tenant_id, :client_id, :client_secret, :subscription_id]
W, [2021-03-22T19:06:29.553721 #15226] WARN -- : Control azurerm_resource_groups has no title
W, [2021-03-22T19:06:29.554013 #15226] WARN -- : Control azurerm_resource_groups has no descriptions
Location : .
Profile : my-azureTests
Controls : 1
Timestamp : 2021-03-22T19:06:29+00:00
Valid : true
! ./controls/resourcegroup.rb:1: Control azurerm_resource_groups has no title
! ./controls/resourcegroup.rb:1: Control azurerm_resource_groups has no descriptions
Summary: 0 errors, 2 warnings
引起了我的ERROR注意。我确信我在credentials里面创建了一个文件(没有任何扩展名)/.azure并传递了我的凭据,如下所示:
[<my-subscription-id>]
client_id="<my-client-id"
client_secret="<my-secret>"
tenant_id="<my-tenant-id>"
没有< >
我真的不明白为什么 inspec 不重新整理我的详细信息