{"id":50774817,"url":"https://github.com/test-kitchen/kitchen-cinc-auditor","last_synced_at":"2026-06-11T22:30:37.442Z","repository":{"id":362488062,"uuid":"1098301609","full_name":"test-kitchen/kitchen-cinc-auditor","owner":"test-kitchen","description":"A Test Kitchen verifier for Cinc-Auditor","archived":false,"fork":false,"pushed_at":"2026-06-04T11:59:59.000Z","size":78,"stargazers_count":1,"open_issues_count":3,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-04T13:21:40.969Z","etag":null,"topics":["hacktoberfest","managed-by-terraform","ruby","ruby-gem","test-kitchen","testing"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/test-kitchen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-17T14:13:54.000Z","updated_at":"2026-06-04T09:43:59.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/test-kitchen/kitchen-cinc-auditor","commit_stats":null,"previous_names":["test-kitchen/kitchen-cinc-auditor"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/test-kitchen/kitchen-cinc-auditor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/test-kitchen%2Fkitchen-cinc-auditor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/test-kitchen%2Fkitchen-cinc-auditor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/test-kitchen%2Fkitchen-cinc-auditor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/test-kitchen%2Fkitchen-cinc-auditor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/test-kitchen","download_url":"https://codeload.github.com/test-kitchen/kitchen-cinc-auditor/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/test-kitchen%2Fkitchen-cinc-auditor/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34221150,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-11T02:00:06.485Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","managed-by-terraform","ruby","ruby-gem","test-kitchen","testing"],"created_at":"2026-06-11T22:30:36.425Z","updated_at":"2026-06-11T22:30:37.436Z","avatar_url":"https://github.com/test-kitchen.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# kitchen-cinc-auditor\n\nA Test Kitchen verifier for Cinc Auditor.\n\n## Installation\n\nCinc Auditor gems are published from the CINC RubyGems server, so include that source in your bundle:\n\n```ruby\nsource \"https://rubygems.org\"\n\nsource \"https://rubygems.cinc.sh\" do\n  gem \"cinc-auditor-bin\"\nend\n\ngem \"kitchen-cinc-auditor\"\n```\n\n## Usage\n\n```yaml\nverifier:\n  name: cinc_auditor\n```\n\nThe verifier follows the `kitchen-inspec` interface where Cinc Auditor exposes the same runtime API.\n\nThis gem targets Ruby 3.4 or newer, matching the Ruby line used by Chef Workstation 26.\n\nThe runtime dependency is `cinc-auditor-bin` from the CINC RubyGems server. Cinc Auditor still exposes a compatible `Inspec` Ruby namespace internally; this verifier loads the Cinc distribution shim and keeps that namespace use isolated behind its runtime adapter.\n\n## Directory structure\n\nBy default, suite tests are loaded from `test/integration/\u003csuite\u003e`.\n\n```text\ntest\n  integration\n    default\n      controls\n        example.rb\n      inspec.yml\n```\n\nFor cookbook-style layouts, `test/recipes` is preferred when it exists. When a suite includes tests for other frameworks, place the Cinc Auditor profile under `test/integration/\u003csuite\u003e/inspec`, matching the upstream kitchen-inspec layout that Cinc Auditor supports.\n\n```text\ntest\n  integration\n    default\n      inspec\n        controls\n          example.rb\n      serverspec\n        example_spec.rb\n```\n\n## Connection options\n\nSSH, WinRM, Exec, Dokken, and Docker CLI transports are supported. Host and port normally come from Test Kitchen state, but can be overridden:\n\n```yaml\nverifier:\n  name: cinc_auditor\n  host: 192.168.56.40\n  port: 22\n```\n\nSSH sudo, proxy, and forwarding settings are passed through to the Cinc Auditor runner:\n\n```yaml\nverifier:\n  name: cinc_auditor\n  sudo: true\n  sudo_command: sudo -E\n  sudo_options: -H\n  proxy_command: ssh gateway -W %h:%p\n  forward_agent: true\n```\n\n## Profiles and controls\n\nLocal, URL, Git, Supermarket, and Compliance profile references are accepted through `inspec_tests`, matching the profile target shapes accepted by `inspec exec`.\n\n```yaml\nsuites:\n  - name: default\n    verifier:\n      inspec_tests:\n        - path: test/integration/default\n        - url: https://example.test/profile.zip\n        - git: https://github.com/dev-sec/tests-ssh-hardening.git\n        - name: hardening/ssh-hardening\n        - compliance: base/ssh\n      controls:\n        - sshd-46\n```\n\nIf both local suite tests and configured profiles exist, local suite tests are added first and configured `inspec_tests` are added afterward. Duplicate local paths are deduplicated.\n\n## Inputs and waivers\n\nInline inputs and input files are passed to Cinc Auditor using the current runtime option names. Legacy `attributes` and `attrs` aliases are no longer supported; use `inputs` and `input_files`.\n\n```yaml\nverifier:\n  name: cinc_auditor\n  inputs:\n    user: bob\n    debug: false\n  input_files:\n    - test/integration/profile-inputs.yml\n  waiver_files:\n    - test/integration/waivers.yml\n```\n\n## Output and reporting\n\nReporter and output paths support `%{platform}` and `%{suite}` replacements.\n\n```yaml\nverifier:\n  name: cinc_auditor\n  reporter:\n    - cli\n    - junit:path/to/results/%{platform}_%{suite}_cinc_auditor.xml\n  output: /tmp/%{platform}_%{suite}.json\n  format: json\n  profiles_path: /tmp/cinc-auditor-profiles\n```\n\n## Plugins and caching\n\nPlugins are loaded by default before Cinc Auditor config validation. Plugin config is merged when the installed Cinc Auditor runtime supports it.\n\n```yaml\nverifier:\n  name: cinc_auditor\n  load_plugins: true\n  plugin_config:\n    example_plugin:\n      example_setting: value\n```\n\nInput caching follows the compatible Cinc Auditor input registry behavior:\n\n```yaml\nverifier:\n  name: cinc_auditor\n  cache_inputs: false\n```\n\nBackend command/file caching is enabled by default and can be disabled:\n\n```yaml\nverifier:\n  name: cinc_auditor\n  backend_cache: false\n```\n\nChef license key settings are intentionally not forwarded. Cinc Auditor does not need them.\n\n## Development\n\nRun the full local check suite through mise:\n\n```shell\nmise run test\n```\n\nThat task runs the RSpec suite, RuboCop, a syntax check for the verifier entrypoint, and RubyCritic. CI and release workflows run those checks as separate jobs so RSpec, RuboCop, and syntax can run in parallel; RubyCritic runs after RSpec and consumes the SimpleCov result artifact. The local and CI harnesses target Ruby 3.4 to match Chef Workstation 26.\n\nThe spec task writes SimpleCov output to `coverage/`, including `coverage/.resultset.json`. The RubyCritic task consumes that coverage data and enforces a minimum score of 70:\n\n```shell\nmise run rubycritic\n```\n\n## Release process\n\nReleases are managed by release-please. Conventional commits merged to `main` update a release PR; merging that PR updates `CHANGELOG.md`, bumps `lib/kitchen/verifier/cinc_auditor_version.rb`, creates a GitHub release, and publishes the tagged gem.\n\nPublishing uses `actionshub/publish-ruby-gem` with Ruby 3.4. Configure a `rubygems` environment with a `RUBYGEMS_AUTH_TOKEN` secret that has RubyGems.org push access for `kitchen-cinc-auditor`. Add `RELEASE_PLEASE_TOKEN` if release-please PRs should trigger ordinary CI checks; otherwise the workflow falls back to `GITHUB_TOKEN`.\n\n## License compatibility\n\nThis verifier is Apache-2.0 licensed. `kitchen-inspec` is also Apache-2.0 licensed and was used as a behavioral compatibility reference for Test Kitchen verifier options and profile discovery.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftest-kitchen%2Fkitchen-cinc-auditor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftest-kitchen%2Fkitchen-cinc-auditor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftest-kitchen%2Fkitchen-cinc-auditor/lists"}