packer-provisioner-inspec icon indicating copy to clipboard operation
packer-provisioner-inspec copied to clipboard

Support for running on Windows over WinRM

Open linusruth opened this issue 6 years ago • 0 comments

Context

Packer can be used to build Windows host images, and InSpec can be used to test them. In both cases, communication occurs over WinRM. It would be nice if packer-provisioner-inspec worked with Windows over WinRM, too.

Requested Features

  • Support connecting to Windows hosts over WinRM.
  • Provide Windows usage examples in README.

Implementation Suggestions

New parameters:

  • protocol
    • type: string
    • values: ssh, winrm
    • default: ssh
  • password
    • type: string
    • values: string
    • default: empty string

Notes:

  • A case could be made for a third parameter, ssl. Best practice is to use WinRM over SSL, and having a boolean parameter ssl with default true would enforce this. However, the functionality already exists to pass it via "extra_arguments": ["--ssl"]. So perhaps this is best explained with a usage example in the README.

  • Setting "protocol": "ssh" as the default will preserve backwards compatibility with existing configurations.

  • Windows supports user accounts with the password set to the empty string (aka. "no password"). Setting "password": "" as the default means that --password 'VALUE' should always be passed to inspec in the context of "protocol": "winrm", since the password could legitimately be an empty string.

InSpec Usage Examples

inspec exec test.rb -t winrm://user@host --password 'VALUE'

inspec exec test.rb -t winrm://user@host --password 'VALUE' --ssl

linusruth avatar Dec 03 '18 22:12 linusruth