Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

train-aws plugin is not detected when installing the Inspec gem #701

Open
ayashjorden opened this issue Aug 6, 2021 · 0 comments
Open

train-aws plugin is not detected when installing the Inspec gem #701

ayashjorden opened this issue Aug 6, 2021 · 0 comments

Comments

@ayashjorden
Copy link

Cross posting from train-aws - inspec/train-aws#207

Version:

4.38.9

Environment:

Inspec 4.38.9+Train+Train-AWS are used as a AWS Lambda Layer

Scenario:

Hi all,
We are packaging Inspec as part of a Lambda layer. this has worked well so far, coming to upgrade to Inspec 4.38.9.
When installing Inspec 4.38.9, using Ruby 2.7.2 the train-aws gem gets installed as well (0.2.8).

When we launch the Lambda that runs Inspec (all gems are provided as a Lambda Layer, /opt/ruby/gems/2.7.0), we get the error that Train AWS plugin cannot be detected by Inspec.

Is there an environment variable or other Inspec configuration to specify where to lookup the plugins' gems?

Here is the error from Lambda Logs:

{
    "errorMessage": "Can't find train plugin aws. Please install it first.",
    "errorType": "Function<Train::PluginLoadError>",
    "stackTrace": [
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:60:in `rescue in load_transport'",
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:38:in `load_transport'",
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:28:in `options'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/config.rb:159:in `_utc_merge_transport_options'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/config.rb:121:in `unpack_train_credentials'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/backend.rb:31:in `create'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/runner.rb:86:in `configure_transport'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/runner.rb:78:in `initialize'",
        "/var/task/InspecRunner.rb:234:in `new'",
        "/var/task/InspecRunner.rb:234:in `block in lambda_handler'",
        "/var/task/InspecRunner.rb:233:in `each'",
        "/var/task/InspecRunner.rb:233:in `lambda_handler'"
    ]
}

To Reproduce
Steps to reproduce the behavior:

Additional context
We currently use Inspec 4.16 which does not make use of Train based plugins.

Thank you

Steps to Reproduce:

  1. Generate the layer
WORKSPACE="/path/to/some/folder"
AWS_RESOURCEPACK_VERSION="1.58.3"
INSPEC_VERSION="4.38.9"
MINITAR_VERSION="0.9"
TRAIN_AWS_VERSION="0.2.8"
filename="inspec_layer.zip"

rm -rf $WORKSPACE/layer && mkdir $WORKSPACE/layer
cat >$WORKSPACE/layer/Gemfile <<GEMFILE_END
source "https://rubygems.org"
gem "inspec", "${INSPEC_VERSION}"
gem "minitar", "${MINITAR_VERSION}"
gem "train-aws", "${TRAIN_AWS_VERSION}"
GEMFILE_END
echo "Running Inspec layer builder"
docker \
    run \
    -v $WORKSPACE/layer:/var/layer \
    -w /var/layer \
    lambci/lambda:build-ruby2.7 \
    bundle install \
    --gemfile=/var/layer/Gemfile \
    --path=./gems \
    --without development test
#finish making the inspec layer
cd $WORKSPACE/layer
rm -rf ./gems/ruby/2.7.0/cache
mv ./gems/ruby/2.7.0 ./gems/2.7.0
rm -rf ./gems/ruby
mkdir ./ruby
mv ./gems ./ruby/
mkdir ./bin
curl -sLo \
    ./bin/v${AWS_RESOURCEPACK_VERSION}.tar.gz \
    https://github.com/inspec/inspec-aws/archive/v${AWS_RESOURCEPACK_VERSION}.tar.gz
zip -q -r ${filename} bin ruby
  1. Configure the above filename artifact as a layer to a Ruby2.7 Lambda and call
client = Inspec::Runner.new(opts)
client.add_target(inspec_profile_path, opts)
client.run

Expected Result:

Inspec to run the tests

Version Information:

  • InSpec/Chef version: 4.38.9
  • aws-sdk version: installed as dependency from Inspec
  • train-aws plugin version: 0.2.8

Actual Result:

{
    "errorMessage": "Can't find train plugin aws. Please install it first.",
    "errorType": "Function<Train::PluginLoadError>",
    "stackTrace": [
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:60:in `rescue in load_transport'",
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:38:in `load_transport'",
        "/opt/ruby/gems/2.7.0/gems/train-core-3.7.4/lib/train.rb:28:in `options'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/config.rb:159:in `_utc_merge_transport_options'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/config.rb:121:in `unpack_train_credentials'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/backend.rb:31:in `create'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/runner.rb:86:in `configure_transport'",
        "/opt/ruby/gems/2.7.0/gems/inspec-core-4.38.3/lib/inspec/runner.rb:78:in `initialize'",
        "/var/task/InspecRunner.rb:234:in `new'",
        "/var/task/InspecRunner.rb:234:in `block in lambda_handler'",
        "/var/task/InspecRunner.rb:233:in `each'",
        "/var/task/InspecRunner.rb:233:in `lambda_handler'"
    ]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ayashjorden