Condition to skip a test when running in a container

Question

I'm writing an Inspec profile which has a specific control that I want to skip if the control is running inside a docker container. This looks like:

control 'ssh daemon' do
  impact 'critical'
  only_if('not in docker') do
    condition_expression
  end
  describe service('sshd') do
    it { should be_installed }
    it { should be_enabled }
    it { should be_running }
  end
end

I need the condition_expression to return false when in a container. Is there an elegant way to do this with ruby or inspec without shelling out?

score 5 · Accepted Answer · answered Mar 03 '20 at 15:13

5

In Ruby you can use this function:

# return true if we are inside a docker container
def in_container?
  return File.file?('/.dockerenv')
end

answered Mar 03 '20 at 15:13

Hedi Nasr

746
3
7

Condition to skip a test when running in a container

1 Answers1