Audit coobook via Chef Automate fails to inherit profiles #206

timusmc96 · 2017-04-18T13:22:46Z

Cookbook version

Audit 3.0.0

Chef-client version

12.18.31

Platform Details

Redhat 7.3

Scenario:

Chef Automate execute an inherit profile, but failing on depends

Steps to Reproduce:

...
Running handlers:
[2017-04-18T09:10:01-04:00] INFO: Running report handlers
[2017-04-18T09:10:01-04:00] WARN: Format is json
[2017-04-18T09:10:01-04:00] INFO: Initialize InSpec
[2017-04-18T09:10:01-04:00] INFO: Running tests from: [{:name=>"comp-user window
s", :compliance=>"comp-user/windows"}, {:name=>"mitre-cis-windows2012-baseline",
 :compliance=>"cis/mitre-cis-windows2012-baseline_test"}]
[2017-04-18T09:10:02-04:00] ERROR: Report handler Chef::Handler::AuditReport rai
sed #<TypeError: no implicit conversion of URI::HTTPS into String>
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:109:in `match'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:109:in `chef_server_url'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:82:in `resolved_source'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/cached_fetcher.rb:23:in `resolved_source'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/requirement.rb:63:in `resolved_source
'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/resolver.rb:67:in `block in resolve'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/resolver.rb:59:in `each'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/resolver.rb:59:in `resolve'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/resolver.rb:31:in `resolve'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/dependencies/dependency_set.rb:89:in `vendor'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/profile.rb:385:in `generate_lockfile'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/profile.rb:372:in `lockfile'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/profile.rb:390:in `load_dependencies'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/profile.rb:340:in `locked_dependencies'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/runner.rb:82:in `block in load'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/runner.rb:79:in `each'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/runner.rb:79:in `load'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.20.0/lib/inspec/runner.rb:100:in `run'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:116:in `call'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:47:in `block in report'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:33:in `each'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:33:in `report'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:259:in `run_report_unsa
fe'
[2017-04-18T09:10:02-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:59:in `run_report_safely'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:125:in `block in run_re
port_handlers'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:123:in `each'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:123:in `run_report_hand
lers'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:135:in `block in <class
:Handler>'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:441:in `block in run_com
pleted_successfully'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:440:in `each'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:440:in `run_completed_su
ccessfully'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:299:in `run'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:277:in `run_with_gr
aceful_exit_option'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:253:in `block in ru
n_chef_client'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/local_mode.rb:44:in `with_server_c
onnectivity'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:236:in `run_chef_cl
ient'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:464:in `slee
p_then_run_chef_client'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:451:in `bloc
k in interval_run_chef_client'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:450:in `loop
'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:450:in `inte
rval_run_chef_client'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:434:in `run_
application'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:59:in `run'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/bin/chef-client:26:in `<top (required)>'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/bin/chef-client:68:in `load'
[2017-04-18T09:10:02-04:00] ERROR: C:/opscode/chef/bin/chef-client:68:in `<main>
'
...

Expected Result:

Chef Automate compliance should be able to inherit profile

Actual Result:

Failed to inherit profile with depends

The text was updated successfully, but these errors were encountered:

chris-rock · 2017-04-18T13:31:36Z

@timusmc96 Is that a profile that depends on our internal cis-windows?

timusmc96 · 2017-04-18T13:34:29Z

yes, inspec yml below

---
name:  company-cis-windows2012-baseline_test
title: InSpec Profile
maintainer: The Authors
copyright: The Authors
copyright_email: you@example.com
license: All Rights Reserved
summary: An InSpec Compliance Profile
version: 0.1.0
depends:
   - name: cis-windows2012r2-level1-memberserver
     compliance: cis/cis-windows2012r2-level1-memberserver

timusmc96 · 2017-04-18T13:36:07Z

translated-controls.rb:

include_controls 'cis-windows2012r2-level1-memberserver' do

  skip_control "xccdf_org.cisecurity.benchmarks_rule_1.1.1_L1_Ensure_Enforce_password_history_is_set_to_24_or_more_passwords"

  skip_control "xccdf_org.cisecurity.benchmarks_rule_1.1.2_L1_Ensure_Maximum_password_age_is_set_to_60_or_fewer_days_but_not_0"

  control "xccdf_org.cisecurity.benchmarks_rule_1.1.3_L1_Ensure_Minimum_password_age_is_set_to_1_or_more_days" do
    tag   "MICIS"
    tag   "1.1.3"
    impact 1.0
  end

  skip_control "xccdf_org.cisecurity.benchmarks_rule_1.1.4_L1_Ensure_Minimum_password_length_is_set_to_14_or_more_characters"

  skip_control "xccdf_org.cisecurity.benchmarks_rule_1.1.5_L1_Ensure_Password_must_meet_complexity_requirements_is_set_to_Enabled"

  control "xccdf_org.cisecurity.benchmarks_rule_1.1.6_L1_Ensure_Store_passwords_using_reversible_encryption_is_set_to_Disabled" do
    tag   "MICIS"
    tag   "1.1.6"
    impact 1.0
  end


  control "xccdf_org.cisecurity.benchmarks_rule_1.2.1_L1_Ensure_Account_lockout_duration_is_set_to_15_or_more_minutes" do
    tag   "MITCIS"
    tag   "1.2.1"
    impact 1.0
  end

control "Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'" do
  title "Ensure 'No auto-restart with logged on users for scheduled automatic updates installations' is set to 'Disabled'"
  desc  "This policy setting specifies that Automatic Updates will wait for computers to be restarted by the users who are logged on to them to complete a scheduled installation. If you enable the No auto-restart for scheduled Automatic Updates installations setting, Automatic Updates does not restart computers automatically during scheduled installations. Instead, Automatic Updates notifies users to restart their computers to complete the installations. You should note that Automatic Updates will not be able to detect future updates until restarts occur on the affected computers. If you disable or do not configure this setting, Automatic Updates will notify users that their computers will automatically restart in 5 minutes to complete the installations. The possible values for the No auto-restart for scheduled Automatic Updates installations setting are:- Enabled- Disabled- Not Configured\n                   Note: This setting applies only when you configure Automatic Updates to perform scheduled update installations. If you configure the Configure Automatic Updates setting to Disabled, this setting has no effect. The recommended state for this setting is: Disabled."
  tag   "MICIS"
  tag   "18.9.85.3"
  impact 0.5
  describe registry_key("HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU") do
    its("NoAutoRebootWithLoggedOnUsers") { should cmp == 0 }
  end
end

timusmc96 · 2017-04-18T13:36:59Z

So I have cut the profile down and still issues arises, just doing small include with skip

chris-rock · 2017-04-18T13:37:37Z

Thank you @timusmc96 for providing that example. I'll let you know once I have updates

timusmc96 · 2017-04-18T13:38:12Z

Also FYI, this is working with Chef Compliance, but not Chef Automate

timusmc96 · 2017-04-18T13:46:37Z

Audit cook book fetcher.rb still has

def chef_server_url
  m = %r{^#{@config['server']}/owners/(?<owner>[^/]+)/compliance/(?<id>[^/]+)/tar$}.match(@target)
  "#{m[:owner]}/#{m[:id]}"

inspec was fixed in #1647 to 1.20.0 inspec gem

def compliance_profile_name

 m = %r{^#{@config['server']}/owners/(?<owner>[^/]+)/compliance/(?<id>[^/]+)/tar$}.match(@target)

 m = if @config['server_type'] == 'automate'

       %r{^#{@config['server']}/(?<owner>[^/]+)/(?<id>[^/]+)/tar$}

```
     else
```

       %r{^#{@config['server']}/owners/(?<owner>[^/]+)/compliance/(?<id>[^/]+)/tar$}

     end.match(@target)
 "#{m[:owner]}/#{m[:id]}"

end

chris-rock · 2017-04-18T13:50:57Z

may be related to inspec/inspec#1647

chris-rock · 2017-04-18T13:53:26Z

@timusmc96 That should net be required here. An upload profiles should have all profiles vendored into the profile. If the main profile is downloaded, but InSpec complains about dependencies it should be a different issue

chris-rock · 2017-04-18T13:54:29Z

Can you try if the inherited profile works with the json-file reporter? https://github.com/chef-cookbooks/audit#write-to-file-on-disk

timusmc96 · 2017-04-18T14:12:10Z

We do not have Chef Compliance connected to our Chef Server in this environment

timusmc96 · 2017-04-19T14:00:09Z

Chris, do you have an update?

aaronlippold · 2017-04-19T16:34:17Z

@chris-rock @timusmc96 do you know the next step to take to test @timusmc96

chris-rock · 2017-04-21T09:11:58Z

@timusmc96 and @aaronlippold I started working on this but it seems to be more complex. I need to further investigate this. I expect to have a solution by Monday.

chris-rock · 2017-04-25T23:14:35Z

@timusmc96 is this error happening with Chef Compliance and/or Chef Automate?

timusmc96 · 2017-04-26T01:53:09Z

Chef Automate

chris-rock · 2017-04-26T23:20:04Z

@timusmc96 I was able to report a meta-profile to Chef Automate with this branch: #212 This branch would only work with Chef Automate but not with Chef Compliance yet. Could you test your profile again with that branch?

timusmc96 · 2017-04-26T23:23:24Z

I will test. I only want this inheritance to work with chef automate Thanks

…

On Apr 26, 2017, at 19:20, Christoph Hartmann ***@***.***> wrote: @timusmc96 I was able to report a meta-profile to Chef Automate with this branch: #212 This branch would only work with Chef Automate but not with Chef Compliance yet. Could you test it again with that branch? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

timusmc96 · 2017-04-30T23:40:51Z

Chris, I am working on a test server to test these changes, I also see there are some big changes coming with next version of audit cookbook, example chef-server-visibility => chef-server-automate.

I will give an update tomorrow. Thanks

timusmc96 · 2017-05-01T14:54:12Z

Chris, I pulled in your updates. So to go back, we are trying to read the profiles from chef-automate. This is what the role looks like I have set for calling up the profiles

{
  "audit": {
    "collector": "chef-server-visibility",
    "profiles": [
      {
        "name": "comp-user windows",
        "compliance": "comp-user/windows"
      },
      {
        "name": "mitre-cis-windows2012-baseline",
        "compliance": "cis/mitre-cis-windows2012-baseline_test"
      }
    ]
  }
}

timusmc96 · 2017-05-01T15:29:18Z

Chris here is updated log

C:\windows\system32>chef-client
Starting Chef Client, version 12.18.31
resolving cookbooks for run list: ["r101_all_audit"]
Synchronizing Cookbooks:
  - r101_all_audit (0.1.0)
  - audit (3.0.0)
  - compat_resource (12.16.3)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: audit::inspec
  * inspec_gem[inspec] action install (up to date)
  Converging 1 resources
  * inspec_gem[inspec] action nothing (skipped due to action :nothing)

Running handlers:
[2017-05-01T11:27:17-04:00] ERROR: Report handler Chef::Handler::AuditReport rai
sed #<TypeError: no implicit conversion of URI::HTTPS into String>
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:109:in `match'
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:109:in `chef_server_url'
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/v
endor/chef-server/fetcher.rb:82:in `resolved_source'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/cached_fetcher.rb:23:in `resolved_source'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/requirement.rb:63:in `resolved_source
'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/resolver.rb:67:in `block in resolve'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/resolver.rb:59:in `each'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/resolver.rb:59:in `resolve'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/resolver.rb:31:in `resolve'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/dependencies/dependency_set.rb:89:in `vendor'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/profile.rb:385:in `generate_lockfile'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/profile.rb:372:in `lockfile'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/profile.rb:390:in `load_dependencies'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/profile.rb:340:in `locked_dependencies'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/runner.rb:82:in `block in load'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/runner.rb:79:in `each'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/runner.rb:79:in `load'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/inspec-1.22.0/lib/inspec/runner.rb:100:in `run'
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:118:in `call'
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:45:in `report'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:259:in `run_report_unsa
fe'
[2017-05-01T11:27:17-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/h
andler/audit_report.rb:63:in `run_report_safely'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:125:in `block in run_re
port_handlers'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:123:in `each'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:123:in `run_report_hand
lers'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/handler.rb:135:in `block in <class
:Handler>'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:441:in `block in run_com
pleted_successfully'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:440:in `each'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:440:in `run_completed_su
ccessfully'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/client.rb:299:in `run'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:277:in `run_with_gr
aceful_exit_option'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:253:in `block in ru
n_chef_client'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/local_mode.rb:44:in `with_server_c
onnectivity'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:236:in `run_chef_cl
ient'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:464:in `slee
p_then_run_chef_client'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:451:in `bloc
k in interval_run_chef_client'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:450:in `loop
'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:450:in `inte
rval_run_chef_client'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application/client.rb:434:in `run_
application'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/lib/chef/application.rb:59:in `run'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/
gems/chef-12.18.31-universal-mingw32/bin/chef-client:26:in `<top (required)>'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/bin/chef-client:68:in `load'
[2017-05-01T11:27:17-04:00] ERROR: C:/opscode/chef/bin/chef-client:68:in `<main>
'
  - Chef::Handler::AuditReport
Running handlers complete
Chef Client finished, 0/2 resources updated in 21 seconds

timusmc96 · 2017-05-01T18:30:31Z

Still seeing the same issue C:\windows\system32>chef-clientStarting Chef Client, version 12.18.31resolving cookbooks for run list: ["r101_all_audit"]Synchronizing Cookbooks: - r101_all_audit (0.1.0) - compat_resource (12.16.3) - audit (3.0.0)Installing Cookbook Gems:Compiling Cookbooks...Recipe: audit::inspec * inspec_gem[inspec] action install (up to date) Converging 1 resources * inspec_gem[inspec] action nothing (skipped due to action :nothing) Running handlers:[2017-05-01T14:23:34-04:00] ERROR: Report handler Chef::Handler::AuditReport raised #<TypeError: no implicit conversion of URI::HTTPS into String>[2017-05-01T14:23:34-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:115:in `match'[2017-05-01T14:23:34-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:115:in `chef_server_url'[2017-05-01T14:23:34-04:00] ERROR: C:/chef/cache/cookbooks/audit/files/default/vendor/chef-server/fetcher.rb:74:in `resolved_source'[2017-05-01T14:23:34-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.22.0/lib/inspec/cached_fetcher.rb:23:in `resolved_source'[2017-05-01T14:23:34-04:00] ERROR: C:/opscode/chef/embedded/lib/ruby/gems/2.3.0/gems/inspec-1.22.0/lib/inspec/dependencies/requirement.rb:63:in `resolved_source' Also noticed that your count_controls is not being declared. | # calculate statistics | | | stats = count_controls(JSON.parse(r[:profiles].to_json)) | | | | | | time = 0 | | | time = r[:statistics][:duration] unless r[:statistics].nil? | | | | | | # count controls | | | Chef::Log.info "Summary #{stats['total']} controls: #{stats['passed']['total']} successful, #{stats['failed']['total']} failures, #{stats['skipped']['total']} skipped in #{time} s" Let me know what else we can look at here. Thanks | On Wednesday, April 26, 2017 7:20 PM, Christoph Hartmann <notifications@github.com> wrote: @timusmc96 I was able to report a meta-profile to Chef Automate with this branch: #212 This branch would only work with Chef Automate but not with Chef Compliance yet. Could you test it again with that branch?— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

chris-rock · 2017-05-02T09:02:53Z

@timusmc96 Can you please send me the cis/mitre-cis-windows2012-baseline_test profile? I'd like to use this for testing too

timusmc96 · 2017-05-02T12:09:49Z

Chris here is a snipit, I cut it down or what have you just does not work if I have a depends in inspec.yml and include in the rb Thanks On Tuesday, May 2, 2017 5:02 AM, Christoph Hartmann <notifications@github.com> wrote: @timusmc96 Can you please send me the cis/mitre-cis-windows2012-baseline_test profile? I'd like to use this for testing too— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

chris-rock · 2017-05-04T09:17:57Z

This should be fixed with 3.1. @timusmc96 The issue regarding z-lib is another topic that need to be addressed though.

tas50 added the Type: Bug Does not work as expected. label Apr 25, 2017

chris-rock mentioned this issue Apr 26, 2017

Always use json format for inspec report #212

Merged

4 tasks

chris-rock closed this as completed May 4, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Audit coobook via Chef Automate fails to inherit profiles #206

Audit coobook via Chef Automate fails to inherit profiles #206

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

timusmc96 commented Apr 18, 2017

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

chris-rock commented Apr 18, 2017

chris-rock commented Apr 18, 2017

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

timusmc96 commented Apr 19, 2017

aaronlippold commented Apr 19, 2017

chris-rock commented Apr 21, 2017

chris-rock commented Apr 25, 2017

timusmc96 commented Apr 26, 2017

chris-rock commented Apr 26, 2017 •

edited

Loading

timusmc96 commented Apr 26, 2017 via email

timusmc96 commented Apr 30, 2017

timusmc96 commented May 1, 2017 •

edited by chris-rock

Loading

timusmc96 commented May 1, 2017 •

edited by chris-rock

Loading

timusmc96 commented May 1, 2017 via email •

edited by chris-rock

Loading

chris-rock commented May 2, 2017

timusmc96 commented May 2, 2017 via email

chris-rock commented May 4, 2017

Audit coobook via Chef Automate fails to inherit profiles #206

Audit coobook via Chef Automate fails to inherit profiles #206

Comments

timusmc96 commented Apr 18, 2017 • edited by chris-rock Loading

Cookbook version

Chef-client version

Platform Details

Scenario:

Steps to Reproduce:

Expected Result:

Actual Result:

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017 • edited by chris-rock Loading

timusmc96 commented Apr 18, 2017 • edited by chris-rock Loading

timusmc96 commented Apr 18, 2017

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

chris-rock commented Apr 18, 2017

chris-rock commented Apr 18, 2017

chris-rock commented Apr 18, 2017

timusmc96 commented Apr 18, 2017

timusmc96 commented Apr 19, 2017

aaronlippold commented Apr 19, 2017

chris-rock commented Apr 21, 2017

chris-rock commented Apr 25, 2017

timusmc96 commented Apr 26, 2017

chris-rock commented Apr 26, 2017 • edited Loading

timusmc96 commented Apr 26, 2017 via email

timusmc96 commented Apr 30, 2017

timusmc96 commented May 1, 2017 • edited by chris-rock Loading

timusmc96 commented May 1, 2017 • edited by chris-rock Loading

timusmc96 commented May 1, 2017 via email • edited by chris-rock Loading

chris-rock commented May 2, 2017

timusmc96 commented May 2, 2017 via email

chris-rock commented May 4, 2017

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

timusmc96 commented Apr 18, 2017 •

edited by chris-rock

Loading

chris-rock commented Apr 26, 2017 •

edited

Loading

timusmc96 commented May 1, 2017 •

edited by chris-rock

Loading

timusmc96 commented May 1, 2017 •

edited by chris-rock

Loading

timusmc96 commented May 1, 2017 via email •

edited by chris-rock

Loading