Skip to main content

podman resource

Use the podman Chef InSpec audit resource to test the configuration of Podman resources.

Syntax

Use the podman Chef InSpec audit resource to test multiple Podman containers.

describe podman.containers do
  its('ids') { should include "591270d8d80d26671fd6ed622f367fbe19004d16e3b519c292313feb5f22e7f7" }
  its('images') { should include "docker.io/library/ubuntu:latest" }
end

Or, if you want to query a specific container:

describe podman.containers.where(id: "591270d8d80d26671fd6ed622f367fbe19004d16e3b519c292313feb5f22e7f7") do
  its('status') { should include "Up 44 hours ago" }
end

where:

  • .where() specifies a specific item and value to which the resource parameters are compared.
  • commands, created_at, ids, images, names, status, image_ids, labels, mounts, networks, pods, ports, running_for, and sizes are valid parameters for containers.

You can also use the podman resource block to test many images.

describe podman.images do
  its('repositories') { should_not include 'docker.io/library/nginx' }
end

Or, if you want to query a specific image:

describe podman.images.where(id: "c7db653c4397e6a4d1e468bb7c6400c022c62623bdb87c173d54bac7995b6d8f") do
  it { should exist }
end

where:

  • .where() specifies a specific filter and expected value, against which parameters are compared.
  • repositories, tags, sizes, digests, history, created_at, history, andcreated_since are valid parameters for images.

You can also use the podman resource block to test multiple networks.

describe podman.networks do
  its("names") { should include "podman" }
end

Or, if you want to query a specific network:

describe podman.networks.where(id: "c7db653c4397e6a4d1e468bb7c6400c022c62623bdb87c173d54bac7995b6d8f") do
  it { should exist }
end

where:

  • .where() specifies a specific filter and expected value, against which parameters are compared.
  • ids, names, drivers, network_interfaces, created, subnets, ipv6_enabled, internal, dns_enabled, options, labels, and ipam_options are valid parameters for networks.

You can use the podman resource block to test many pods.

describe podman.pods do
  its("names") { should include "cranky_allen" }
end

Or, if you want to query a specific pod:

describe podman.pods.where(id: "95cadbb84df71e6374fceb3fd89ee3b8f2c7e1a831062cd9cea7d0e3e4b1dbcc") do
  it { should exist }
end

where:

  • .where() may specify a specific filter and expected value, against which parameters are compared.
  • ids, cgroups, containers, created, infraids, names, namespaces, networks, status, and labels are valid parameters for pods.

Examples

The following examples show how to use this Chef InSpec audit resource.

Return all running containers:

podman.containers.running?.ids.each do |id|
  describe podman.object(id) do
    its('State.Health.Status') { should eq 'healthy' }
  end
end

Return information about containers as returned by podman ps -a:

describe podman.containers do
  its("ids") { should include "591270d8d80d26671fd6ed622f367fbe19004d16e3b519c292313feb5f22e7f7" }
  its("labels") { should include "maintainer" => "NGINX Docker Maintainers \u003cdocker-maint@nginx.com\u003e" }
  its('names') { should include "sweet_mendeleev" }
  its("images") { should include "docker.io/library/nginx:latest" }
end

Return information about a Podman image as returned by podman images -a:

describe podman.images do
  its('ids') { should include 'sha256:c7db653c4397e6a4d1e468bb7c6400c022c62623bdb87c173d54bac7995b6d8f ' }
  its('sizes') { should_not include '80.3 GB' }
  its('repositories") { should include "docker.io/library/nginx"}
end

Return information about pods as returned by podman pod ps.

describe podman.pods do
  its("ids") { should include "95cadbb84df71e6374fceb3fd89ee3b8f2c7e1a831062cd9cea7d0e3e4b1dbcc" }
  its("containers") { should eq [{ "Id" => "a218dfc58fa28e0c58c55e508e5b57084876b42e894b98073c69c45dea06cbb2", "Names" => "95cadbb84df7-infra", "Status" => "running" } ]}
  its("names") { should include "cranky_allen" }
end

Return information about a Podman network as returned by podman network ls:

describe podman.networks do
  its("names") { should include "podman" }
  its("ids") { should include "2f259bab93aaaaa2542ba43ef33eb990d0999ee1b9924b557b7be53c0b7a1bb9" }
  its("ipv6_enabled") { should eq [false] }
end

Return information about a Podman volume as returned by podman volume ls:

describe podman.volumes do
  its('names') { should include 'ae6be9ba838b9b150de47657229bb9b67142dbdb3d1ddbc5efa245cf1e95536a' }
  its('drivers') { should include 'local' }
end

Return the parsed result of podman info.

describe podman.info do
  its("host.os") { should eq "linux" }
end

Return the parsed result of podman version:

describe podman.version do
  its("Client.Version") { should eq "4.1.0"}
  its('Server.Version') { should eq '4.1.0'}
end

Return low-level information about Podman objects as returned by podman inspect:

describe podman.object(id) do
  its('State.Running') { should eq true }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

Thank you for your feedback!

×