What is shrift?

shrift is a minimal spec framework for testing your infrastructure using bash.
shrift installs as a single script and executes bash one-liners as a test suite.
No complex setup. No DSL.

# example_spec.sh
test -f /etc/passwd
whoami | grep root

$ ./shrift

3 tests, 0 failed


Download shrift.

# download the script
$ curl -L -o shrift https://github.com/thisendout/shrift/raw/master/shrift
# make executable
$ chmod +x shrift

Write and run your first spec.

# write a passing test
$ echo "test -x ./shrift" > test_spec.sh
# execute with shrift
$ ./shrift test_spec.sh


For more resources on using and running shrift, please consult the project GitHub page.

Spec Files

By default, shrift searches for files matching *_spec.sh in the current directory. You can pass a space-separated list of paths to shrift to expand the suite.

$ ./shrift specs                      # _spec.sh files in a sub-directory
$ ./shrift specs/{common,web}         # _spec.sh split up by role, one per directory
$ ./shrift specs/{common,web}_spec.sh # _spec.sh split up by role, one per file
$ ./shrift specs/**/*.sh              # globbing and wilcards are supported


Spec files must contain one test per line. A test is considered passing when the return code is 0. Any other condition is considered a failure.

# example spec file
test -f /etc/passwd
whoami | grep root
netstat -lntp | grep 80


By default, `shrift` executes the specs locally. shrift can also execute using docker exec and ssh, if the clients are already installed.

$ ./shrift -d [container_id]  # Run specs against a *running* container
$ ./shrift -s [hostname]  # Run specs against a remote host via SSH

For docker and ssh backends, custom client-specific options can be passed using -o 'opts...'.

For the ssh backends, each spec is executed using a separate ssh command. We recommend setting up ControlMaster and ControlPersist to re-use ssh sessions.


Below are a collection of common bash one-liners that can aid you in creating spec files (clicking on a one-liner opens it with explainshell.com). It should be noted that bash has a very useful builtin called test that exposes a number of useful tests. See the full man page by using man test or visit it online.

File exists

Returns true if /etc/passwd exists, regardless of type

test -e /etc/passwd

Directory exists

Returns true if /etc is a directory

test -d /etc

File is symlink

Returns true if /bin/shrift is a symbolic link

test -L /bin/shrift

File is executable

Returns true if /bin/bash is executable by the current user

test -x /bin/bash

File contains string

Returns true if the string root is found in /etc/passwd

grep -q root /etc/passwd

File contains regex pattern

Returns true if the regex pattern ^root: is found in /etc/passwd

grep -E -q '^root:' /etc/passwd

File is specific mode

Returns true if /etc/passwd set to mode 644

test $(stat -c "%a" /etc/passwd) == "644"