How Chef Inspec Fits in with Today’s DevOps Practices

Inspec: Who’s Adopting It, Why, And How It Fits With Today’s DevOps Practices
At this year’s ChefConf held in May, TNS founder Alex Williams sat down with Dominik Richter, senior product manager at Chef, and Annie Hedgpeth, cloud automation engineer at consulting firm 10th Magnitude, to learn about the expanding use of Chef InSpec, a tool for compliance and security testing. On today’s episode of The New Stack Makers podcast, the trio dove into the discussion of how InSpec fills a gap in today’s DevOps workflow, and the project’s goals for the future.
With the release of InSpec 2 in February, support for testing configurations in cloud environments such as Microsoft Azure and AWS was added, as was speed and tooling improvements. Developers can now use of Chef Automate as a source for compliance profiles, storing InSpec reports for both compliance and security audits. The InSpec website also notes that these results can be exported in JUnit format for integration into CI/CD tools like Jenkins.
“You don’t have that assurance until you do, with InSpec. You don’t really know until you test it all. You can be testing it continually, too. If your desired state is in code, compliance as code, and you’re continually testing it, you know that it’s always staying in in that desired state, and that it’s secure,” said Hedgpeth.
Richter went on to note that as today’s technology stacks continue to evolve, InSpec aims to bring clarity into the space by working across different tools in one’s infrastructure, explaining that, “It’s meant to be simple, it’s meant to describe what’s there.”
With InSpec having come a long way from its roots in the security landscape, Richter went on to note that the community’s contributions and use of InSpec has been intriguing. “The community will take something like this and use it in unexpected and surprising ways. We’ve had users that have taken this from a purely operational standpoint because they wanted to find out how their infrastructure is doing, what they’re running in certain brownfield environments they haven’t had any insights for in years.”
In this Edition:
1:4: An overview of InSpec
4:03: What is Tenth Magnitude?
10:04: What have you historically found with customers managing this manually? Is it a shift for them to try to think about how this is now done automatically?
12:41: Do you see any change in the users out there?
16:57: How development becomes part of this process and the community InSpec is building
20:01: What’s the next evolution of InSpec?
Chef sponsored this podcast.