In InSpec You Do not Need a resource to Test

Am using Chef's inspec to validate a server's configuration, and all the examples show you using a resource and testing against a specific set of tests for that resource.

But I am pulling in a YAML file, and want to validate some of the contents (not the YAML itself), so will do that with ruby and return a number of ruby variables I want to test.

The describe block (or here, describe/subject) can just refer to a variable and not an InSpec resource. Here we are checking dups should be an empty array:

control 'validate-nic' do
  impact 0.7
  title 'Validate nic variable structure'
  paths = nic.map{ |k,v| v.dig('path') }
  dups = paths.select{ |e| paths.count(e) > 1 }.uniq

  describe "Check for duplicate path names in nic" do
    subject { dups }
    it { should be_empty }
  end
end

And that works:

Success:
  ✔  validate nic variable structure: Validate nic variable structure
     ✔  Check for duplicate path names in nic should be empty

Failure:

  ×  validate-nic: Validate nic variable structure
     ×  Check for duplicate path names in nic should be empty
     expected `["nic-2-path-a"].empty?` to return true, got false