SAF Advanced InSpec Profile Developer Course

13. Add Your Resource to InSpec

June 7, 2022About 1 min

When wanting to make a resource and push it up to InSpec main repository the following steps need to be made:

First you would need to go to the main InSpec Github Repoopen in new window and fork the repository.

Then you would need to make a new branch calling it something unique pertaining to what resource you are making. For example, if we use the file resource, then a useful branch name could be file_resource.

InSpec consists of hundreds of directories and files, which means it can be a bit confusing when making your way around. The top level directory looks like:

$ tree inspec -L 1 -d
inspec
β”œβ”€β”€ contrib
β”œβ”€β”€ docs
β”œβ”€β”€ etc
β”œβ”€β”€ examples
β”œβ”€β”€ habitat
β”œβ”€β”€ inspec-bin
β”œβ”€β”€ kitchen
β”œβ”€β”€ lib
β”œβ”€β”€ omnibus
β”œβ”€β”€ support
β”œβ”€β”€ tasks
β”œβ”€β”€ test
└── www

13 directories

The 3 key directories we need to focus on here are the docs/ directory, the lib/ directory and finally the test/ directory. When developing a resource for upstream InSpec we are required to create the resource itself, create the documentation for the resource and finally create the unit and integration tests for the resource.

The resource contents

When creating this resource.rb file or in this scenario the file.rb, it would be developed and written the same exact way if you had put it in the libraries directory for a local resource so if you already developed the resource for local use but want to push it to upstream, you can copy and paste the file directly to the following location

$ tree -L 1 lib/inspec/resources/
lib/inspec/resources/
...
β”œβ”€β”€ file.rb
...

0 directories, 104 files

This is the helper file you need to adjust for the file resource

$ tree -L 1 lib/inspec/
lib/inspec/
...
β”œβ”€β”€ resources.rb
...

10 directories, 47 files

The resource helper

When adding this line of code be sure to place the resource in alphabetical order as shown in the example below

In the resources.rb file you would add the following line

require "inspec/resources/etc_hosts"
require "inspec/resources/file"
require "inspec/resources/filesystem"

Next you would need to write out your unit and integration tests

$ tree test/integration/default/controls/
test/integration/default/controls/
...
β”œβ”€β”€ file_spec.rb
...

0 directories, 42 files

$ tree test/unit/resources/
test/unit/resources/
...
β”œβ”€β”€ file_test.rb
...

0 directories, 145 files

Finally, you would write up documentation so when others visit the inspec documentation site they are aware of the existence of the resource as well as how to use it

$ tree docs/resources/
docs/resources/
...
β”œβ”€β”€ file.md.erb
...

0 directories, 156 files
Apache-2.0 | Copyright Β© 2022 - The MITRE Corporation
Copyright Β© 2022 Aaron Lippold