Note: For an even faster way of doing this, see: autoadd

Goss is a serverspec-like tool for validating a server's configuration. It eases the process of generating tests by assuming the user already has a properly configured machine from which they can derive system state. Once the test suite is generated they can be executed on any other host for the full TDD experience.

• Goss is EASY! - Goss in 45 seconds
• Goss is FAST! - small-medium test suits are near instantaneous, see benchmarks
• Goss is SMALL! - <2MB single self-contained binary
• Goss is UNIXY! - does one thing and does it well, chainable through pipes

curl -L https://github.com/aelsabbahy/goss/releases/download/v0.1.6/goss-linux-amd64 > /usr/local/bin/goss && chmod +rx /usr/local/bin/goss

Documentation is available here: https://github.com/aelsabbahy/goss/blob/master/docs/manual.md

An initial set of tests can be derived from the system state by using the add or autoadd commands.

Let's write a simple sshd test using autoadd.

$ goss autoadd sshd
Adding Group to 'goss.yaml':

sshd:
  exists: true
  gid: 74


Adding Process to 'goss.yaml':

sshd:
  running: true


Adding Service to 'goss.yaml':

sshd:
  enabled: true
  running: true


Adding User to 'goss.yaml':

sshd:
  exists: true
  uid: 74
  gid: 74
  groups:
  - sshd
  home: /var/empty/sshd

We can now run our test by using goss validate:

$ goss validate
..........

Total Duration: 0.016s
Count: 10, Failed: 0

As you can see goss tests are extremely fast, we were able to validate our system state in 16ms!

Goss files can be manually edited to match:

• Patterns
• Advanced Matchers.
• title and meta (arbitrary data) attributes are persisted when adding other resources with goss add

Some examples:

user:
  sshd:
    title: UID must be between 50-100, GID doesn't matter. home is flexible
    meta:
      desc: Ensure sshd is enabled and running since it's needed for system management
      sev: 5
    exists: true
    uid:
      # Validate that UID is between 50 and 100
      and:
        gt: 50
        lt: 100
    home:
      # Home can be any of the following
      or:
      - /var/empty/sshd
      - /var/run/sshd

package:
  kernel:
    installed: true
    versions:
      # Must have 3 kernels and none of them can be 4.4.0
      and:
      - have-len: 3
      - not:
          contain-element: 4.4.0

• addr - addr is reachable
• command - command, exit status and outputs
• dns - dns is resolvable
• file - file exists, owner/perm, content
• group - group, uid
• package - package is installed, versions
• port - port is listening, listening ip
• process - process is running
• service - running, enabled
• user - uid, home, etc..

• rspecish (default) - Similar to rspec output
• documentation - Verbose test results
• JSON - Detailed test result
• TAP
• JUnit
• nagios - Nagios/Sensu compatible output /w exit code 2 for failures.

• goss-ansible - Ansible module for Goss
• kitchen-goss - A test-kitchen verifier plugin for GOSS
• goss-fpm-files - Might be useful for building goss system packages

Currently goss only runs on Linux.

The following tests have limitations.

Package:

• rpm
• deb
• Alpine apk
• pacman

Service:

• systemd
• sysV init
• OpenRC init
• Upstart