chef-dk 0.6.2 → 0.7.0

data/spec/unit/policyfile_demands_spec.rb

@@ -32,7 +32,7 @@ describe ChefDK::PolicyfileCompiler, "when expressing the Policyfile graph deman
       p.default_source(*default_source) if default_source
       p.run_list(*run_list)
 
-      allow(p.default_source).to receive(:universe_graph).and_return(external_cookbook_universe)
+      allow(p.default_source.first).to receive(:universe_graph).and_return(external_cookbook_universe)
     end
 
     policyfile
@@ -71,6 +71,11 @@ describe ChefDK::PolicyfileCompiler, "when expressing the Policyfile graph deman
           "1.1.1" => [ ]
         },
 
+        "remote-cb-two" => {
+          "0.1.0" => [ ],
+          "1.1.1" => [ ]
+        },
+
         "local-cookbook-dep-one" => {
           "1.5.0" => [ ]
         },
@@ -207,6 +212,26 @@ describe ChefDK::PolicyfileCompiler, "when expressing the Policyfile graph deman
 
     let(:run_list) { ["remote-cb"] }
 
+    context "with no default source" do
+
+      it "fails to locate the cookbook" do
+        expect { policyfile.graph_solution }.to raise_error(Solve::Errors::NoSolutionError)
+      end
+
+      context "when the policyfile also has a `cookbook` entry for the run list item" do
+
+        before do
+          policyfile.dsl.cookbook "remote-cb"
+        end
+
+        it "fails to locate the cookbook" do
+          expect { policyfile.graph_solution }.to raise_error(Solve::Errors::NoSolutionError)
+        end
+
+      end
+
+    end
+
     context "And the default source is the community site" do
 
       include_context "community default source"
@@ -632,12 +657,6 @@ describe ChefDK::PolicyfileCompiler, "when expressing the Policyfile graph deman
       expect(policyfile.graph_solution).to eq({"local-cookbook" => "2.3.4", "remote-cb" => "0.1.0"})
     end
 
-    it "builds a policyfile lock from the constraints" do
-      skip
-      expect(policyfile).to receive(:cache_path).and_return(Pathname.new("~/.nopenope/cache"))
-      expect(policyfile.lock).to eq(:wat)
-    end
-
     it "includes the policyfile constraint in the solution dependencies" do
       expected_solution_deps = {
         "Policyfile" => [ [ "remote-cb", "~> 0.1" ], [ "local-cookbook", ">= 0.0.0"] ],
@@ -675,10 +694,183 @@ describe ChefDK::PolicyfileCompiler, "when expressing the Policyfile graph deman
 
   end
 
-  context "Given a run_list with roles" do
-    it "expands the roles from the given role source" do
-      skip
+  context "when using multiple default sources" do
+
+    include_context "community default source"
+
+    let(:run_list) { [ 'repo-cookbook-one', 'remote-cb', 'remote-cb-two' ] }
+
+    before do
+      policyfile.default_source(:chef_repo, "path/to/repo")
+      allow(policyfile.default_source.last).to receive(:universe_graph).and_return(repo_cookbook_universe)
     end
+
+    context "when the graphs don't conflict" do
+
+      before do
+        # This is on the community site
+        policyfile.dsl.cookbook("remote-cb")
+      end
+
+      let(:repo_cookbook_universe) do
+        {
+          "repo-cookbook-one" => {
+            "1.0.0" => [ ]
+          },
+
+          "repo-cookbook-two" => {
+            "9.9.9" => [ ["repo-cookbook-on-community-dep", "= 1.0.0"] ]
+          },
+
+          "private-cookbook" => {
+            "0.1.0" => [ ]
+          }
+        }
+      end
+
+      it "merges the graphs" do
+        merged = policyfile.remote_artifacts_graph
+        expected = external_cookbook_universe.merge(repo_cookbook_universe)
+
+        expect(merged).to eq(expected)
+      end
+
+      it "solves the graph demands using cookbooks from both sources" do
+        expected = {"repo-cookbook-one" => "1.0.0", "remote-cb" => "1.1.1", "remote-cb-two" => "1.1.1"}
+        expect(policyfile.graph_solution).to eq(expected)
+      end
+
+      it "finds the location of a cookbook declared via explicit `cookbook` with no source options" do
+        community_source = policyfile.default_source.first
+
+        expected_source_options = { artifactserver: "https://chef.example/url", version: "1.1.1" }
+
+        expect(community_source).to be_a(ChefDK::Policyfile::CommunityCookbookSource)
+        expect(community_source).to receive(:source_options_for).
+          with("remote-cb", "1.1.1").
+          and_return(expected_source_options)
+
+        location_spec = policyfile.create_spec_for_cookbook("remote-cb", "1.1.1")
+        expect(location_spec.source_options).to eq(expected_source_options)
+      end
+
+      it "sources cookbooks from the correct source when the cookbook doesn't have a `cookbook` entry" do
+        # these don't have `cookbook` entries in the Policyfile.rb, so they are nil
+        expect(policyfile.cookbook_location_spec_for("repo-cookbook-one")).to be_nil
+        expect(policyfile.cookbook_location_spec_for("remote-cb-two")).to be_nil
+
+        # We have to stub #source_options_for or else we'd need to stub the
+        # source options data inside the source object. That's getting a bit
+        # too deep into the source object's internals.
+
+        expected_repo_options = { path: "path/to/cookbook", version: "1.0.0" }
+        repo_source = policyfile.default_source.last
+        expect(repo_source).to be_a(ChefDK::Policyfile::ChefRepoCookbookSource)
+        expect(repo_source).to receive(:source_options_for).
+          with("repo-cookbook-one", "1.0.0").
+          and_return(expected_repo_options)
+
+
+        repo_cb_location = policyfile.create_spec_for_cookbook("repo-cookbook-one", "1.0.0")
+        expect(repo_cb_location.source_options).to eq(expected_repo_options)
+
+        expected_server_options = { artifactserver: "https://chef.example/url", version: "1.1.1" }
+        community_source = policyfile.default_source.first
+        expect(community_source).to be_a(ChefDK::Policyfile::CommunityCookbookSource)
+        expect(community_source).to receive(:source_options_for).
+          with("remote-cb-two", "1.1.1").
+          and_return(expected_server_options)
+
+        remote_cb_location = policyfile.create_spec_for_cookbook("remote-cb-two", "1.1.1")
+        expect(remote_cb_location.source_options).to eq(expected_server_options)
+      end
+
+    end
+
+    context "when the graphs conflict" do
+
+      let(:repo_cookbook_universe) do
+        {
+          "repo-cookbook-one" => {
+            "1.0.0" => [ ]
+          },
+
+          "repo-cookbook-two" => {
+            "9.9.9" => [ ["repo-cookbook-on-community-dep", "= 1.0.0"] ]
+          },
+
+          "private-cookbook" => {
+            "0.1.0" => [ ]
+          },
+
+          # NOTE: cookbooks are considered to conflict when both sources have
+          # cookbooks with the same name, regardless of whether any version
+          # numbers overlap.
+          #
+          # The before block does the equivalent to putting this in the
+          # Policyfile.rb:
+          #
+          #   cookbook "remote-cb"
+          #
+          # This makes the compiler take a slightly different code path than if
+          # the cookbook was just in the dep graphs.
+          "remote-cb" => {
+            "99.99.99" => [ ]
+          },
+
+          # This also conflicts, but only via the graphs
+          "remote-cb-two" => {
+            "1.2.3" => [ ]
+          }
+
+        }
+      end
+
+      context "and no explicit source is given for the conflicting cookbook" do
+
+        before do
+          # This is on the community site
+          policyfile.dsl.cookbook("remote-cb")
+        end
+
+        it "raises an error describing the conflict" do
+          expected_err = <<-ERROR
+Source supermarket(https://supermarket.chef.io) and chef_repo(path/to/repo) contain conflicting cookbooks:
+- remote-cb
+- remote-cb-two
+ERROR
+
+          expect { policyfile.remote_artifacts_graph }.to raise_error do |error|
+            expect(error).to be_a(ChefDK::CookbookSourceConflict)
+            expect(error.message).to eq(expected_err)
+          end
+        end
+      end
+
+      context "and the conflicting cookbook has an explicit source in the Policyfile" do
+
+        before do
+          # This is on the community site
+          policyfile.dsl.cookbook("remote-cb", path: "path/to/remote-cb")
+          policyfile.dsl.cookbook("remote-cb-two", git: "git://git.example:user/remote-cb-two.git")
+          policyfile.error!
+        end
+
+        it "solves the graph" do
+          expect { policyfile.remote_artifacts_graph }.to_not raise_error
+        end
+
+        it "assigns the correct source options to the cookbook" do
+          remote_cb_source_opts = policyfile.cookbook_location_spec_for("remote-cb").source_options
+          expect(remote_cb_source_opts).to eq(path: "path/to/remote-cb")
+
+          remote_cb_two_source_opts = policyfile.cookbook_location_spec_for("remote-cb-two").source_options
+          expect(remote_cb_two_source_opts).to eq(git: "git://git.example:user/remote-cb-two.git")
+        end
+      end
+
+    end
+
   end
 
 end

data/spec/unit/policyfile_evaluation_spec.rb

@@ -171,7 +171,9 @@ E
       end
 
       it "has no default cookbook source" do
-        expect(policyfile.default_source).to be_a(ChefDK::Policyfile::NullCookbookSource)
+        expect(policyfile.default_source).to be_an(Array)
+        expect(policyfile.default_source.size).to eq(1)
+        expect(policyfile.default_source.first).to be_a(ChefDK::Policyfile::NullCookbookSource)
       end
 
       context "with the default source set to the community site" do
@@ -185,7 +187,7 @@ E
 
         it "has a default source" do
           expect(policyfile.errors).to eq([])
-          expected = ChefDK::Policyfile::CommunityCookbookSource.new("https://supermarket.chef.io")
+          expected = [ ChefDK::Policyfile::CommunityCookbookSource.new("https://supermarket.chef.io") ]
           expect(policyfile.default_source).to eq(expected)
         end
 
@@ -200,7 +202,7 @@ E
 
           it "has a default source" do
             expect(policyfile.errors).to eq([])
-            expected = ChefDK::Policyfile::CommunityCookbookSource.new("https://cookbook-api.example.com")
+            expected = [ ChefDK::Policyfile::CommunityCookbookSource.new("https://cookbook-api.example.com") ]
             expect(policyfile.default_source).to eq(expected)
           end
 
@@ -256,7 +258,31 @@ E
 
         it "has a default source" do
           expect(policyfile.errors).to eq([])
-          expected = ChefDK::Policyfile::ChefRepoCookbookSource.new(chef_repo)
+          expected = [ ChefDK::Policyfile::ChefRepoCookbookSource.new(chef_repo) ]
+          expect(policyfile.default_source).to eq(expected)
+        end
+
+      end
+
+      context "with multiple default sources" do
+        let(:chef_repo) { File.expand_path("spec/unit/fixtures/local_path_cookbooks", project_root) }
+
+        let(:policyfile_rb) do
+          <<-EOH
+            run_list "foo", "bar"
+
+            default_source :community
+            default_source :chef_repo, "#{chef_repo}"
+          EOH
+        end
+
+        it "has an array of sources" do
+          expect(policyfile.errors).to eq([])
+
+          community_source = ChefDK::Policyfile::CommunityCookbookSource.new("https://supermarket.chef.io")
+          repo_source = ChefDK::Policyfile::ChefRepoCookbookSource.new(chef_repo)
+          expected = [ community_source, repo_source ]
+
           expect(policyfile.default_source).to eq(expected)
         end
 

data/spec/unit/policyfile_lock_serialization_spec.rb

@@ -336,4 +336,49 @@ describe ChefDK::PolicyfileLock, "when reading a Policyfile.lock" do
     end
   end
 
+  describe "populating lock data from an archive" do
+
+    let(:valid_cookbook_lock) do
+      {
+        "version" => "1.0.0",
+        "identifier" => "68c13b136a49b4e66cfe9d8aa2b5a85167b5bf9b",
+        "dotted_decimal_identifier" => "111.222.333",
+        "cache_key" => nil,
+        "source" => "path/to/foo",
+        "source_options" => { path: "path/to/foo"},
+        "scm_info" => nil
+      }
+    end
+
+    let(:lock_data) do
+      valid_lock_with_cached_cookbook = valid_lock_data.dup
+      valid_cached_cookbook = valid_cookbook_lock.dup
+      valid_cached_cookbook["cache_key"] = nil
+      valid_cached_cookbook["source"] = "path/to/foo"
+      valid_lock_with_cached_cookbook["cookbook_locks"] = { "foo" => valid_cached_cookbook }
+      valid_lock_with_cached_cookbook
+    end
+
+    before do
+      lockfile.build_from_archive(lock_data)
+    end
+
+    it "creates cookbook locks as archived cookbooks" do
+      locks = lockfile.cookbook_locks
+
+      expect(locks).to have_key("foo")
+
+      cb_foo = locks["foo"]
+      expect(cb_foo).to be_a(ChefDK::Policyfile::ArchivedCookbook)
+
+      expected_path = File.join(storage_config.relative_paths_root, "cookbooks", "foo-111.222.333")
+
+      expect(cb_foo.cookbook_path).to eq(expected_path)
+      expect(cb_foo.dotted_decimal_identifier).to eq("111.222.333")
+      expect(locks["foo"].to_lock).to eq(valid_cookbook_lock)
+    end
+
+
+  end
+
 end

data/spec/unit/policyfile_services/clean_policies_spec.rb

@@ -0,0 +1,236 @@
+#
+# Copyright:: Copyright (c) 2015 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+require 'chef-dk/policyfile_services/clean_policies'
+
+describe ChefDK::PolicyfileServices::CleanPolicies do
+
+  let(:chef_config) { double("Chef::Config") }
+
+  let(:policy_lister) do
+    clean_policies_service.policy_lister
+  end
+
+  let(:policies_by_name) { {} }
+  let(:policies_by_group) { {} }
+
+  let(:ui) { TestHelpers::TestUI.new }
+
+  subject(:clean_policies_service) do
+    described_class.new(config: chef_config, ui: ui)
+  end
+
+  describe "when there is an error listing data from the server" do
+
+    let(:http_client) { instance_double(ChefDK::AuthenticatedHTTP) }
+
+    let(:response) do
+      Net::HTTPResponse.send(:response_class, "500").new("1.0", "500", "Internal Server Error").tap do |r|
+        r.instance_variable_set(:@body, "oops")
+      end
+    end
+
+    let(:http_exception) do
+      begin
+        response.error!
+      rescue => e
+        e
+      end
+    end
+
+    before do
+      expect(policy_lister).to receive(:http_client).and_return(http_client)
+      expect(http_client).to receive(:get).and_raise(http_exception)
+    end
+
+    it "raises an error" do
+      expect { clean_policies_service.run }.to raise_error(ChefDK::PolicyfileCleanError)
+    end
+
+  end
+
+  context "when existing policies are listed successfully" do
+
+    let(:http_client) { instance_double(ChefDK::AuthenticatedHTTP) }
+
+    before do
+      policy_lister.set!(policies_by_name, policies_by_group)
+    end
+
+    describe "cleaning unused policy revisions" do
+
+      before do
+        allow(clean_policies_service).to receive(:http_client).and_return(http_client)
+      end
+
+      context "when there are no policies" do
+
+        before do
+          expect(http_client).to_not receive(:delete)
+        end
+
+        it "doesn't delete anything" do
+          clean_policies_service.run
+          expect(ui.output).to eq("No policy revisions deleted\n")
+        end
+
+      end
+
+      context "when there are policies but none are orphans" do
+
+        let(:policies_by_name) do
+          {
+            "appserver" => {
+              "1111111111111111111111111111111111111111111111111111111111111111" => {},
+              "2222222222222222222222222222222222222222222222222222222222222222" => {}
+            },
+            "load-balancer" => {
+              "5555555555555555555555555555555555555555555555555555555555555555" => {},
+              "6666666666666666666666666666666666666666666666666666666666666666" => {}
+            }
+          }
+        end
+
+        let(:policies_by_group) do
+          {
+            "dev" => {
+              "appserver" => "1111111111111111111111111111111111111111111111111111111111111111",
+              "load-balancer" => "5555555555555555555555555555555555555555555555555555555555555555"
+            },
+            "staging" => {
+              "appserver" => "2222222222222222222222222222222222222222222222222222222222222222",
+              "load-balancer" => "5555555555555555555555555555555555555555555555555555555555555555"
+            },
+            "prod" => {
+              "appserver" => "2222222222222222222222222222222222222222222222222222222222222222",
+              "load-balancer" => "6666666666666666666666666666666666666666666666666666666666666666"
+            }
+          }
+        end
+
+        before do
+          expect(http_client).to_not receive(:delete)
+        end
+
+        it "doesn't delete anything" do
+          clean_policies_service.run
+          expect(ui.output).to eq("No policy revisions deleted\n")
+        end
+
+      end
+
+      context "when there are policies and some are orphans" do
+
+        let(:policies_by_name) do
+          {
+            "appserver" => {
+              "1111111111111111111111111111111111111111111111111111111111111111" => {},
+              "2222222222222222222222222222222222222222222222222222222222222222" => {},
+              "4444444444444444444444444444444444444444444444444444444444444444" => {}
+            },
+            "load-balancer" => {
+              "5555555555555555555555555555555555555555555555555555555555555555" => {},
+              "6666666666666666666666666666666666666666666666666666666666666666" => {},
+              "7777777777777777777777777777777777777777777777777777777777777777" => {}
+            }
+          }
+        end
+
+        let(:policies_by_group) do
+          {
+            "dev" => {
+              "appserver" => "1111111111111111111111111111111111111111111111111111111111111111",
+              "load-balancer" => "5555555555555555555555555555555555555555555555555555555555555555"
+            },
+            "staging" => {
+              "appserver" => "2222222222222222222222222222222222222222222222222222222222222222",
+              "load-balancer" => "5555555555555555555555555555555555555555555555555555555555555555"
+            },
+            "prod" => {
+              "appserver" => "2222222222222222222222222222222222222222222222222222222222222222",
+              "load-balancer" => "6666666666666666666666666666666666666666666666666666666666666666"
+            }
+          }
+        end
+
+        describe "and all deletes are successful" do
+
+          before do
+            expect(http_client).to receive(:delete).with("/policies/appserver/revisions/4444444444444444444444444444444444444444444444444444444444444444")
+            expect(http_client).to receive(:delete).with("/policies/load-balancer/revisions/7777777777777777777777777777777777777777777777777777777777777777")
+          end
+
+          it "deletes the orphaned policies" do
+            clean_policies_service.run
+            expected_message = <<-MESSAGE
+DELETE appserver 4444444444444444444444444444444444444444444444444444444444444444
+DELETE load-balancer 7777777777777777777777777777777777777777777777777777777777777777
+MESSAGE
+            expect(ui.output).to eq(expected_message)
+          end
+
+        end
+
+        # For example, a user doesn't have permission on all policy_names
+        describe "when some deletes fail" do
+
+          let(:response) do
+            Net::HTTPResponse.send(:response_class, "403").new("1.0", "403", "Unauthorized").tap do |r|
+              r.instance_variable_set(:@body, "I can't let you do that Dave")
+            end
+          end
+
+          let(:http_exception) do
+            begin
+              response.error!
+            rescue => e
+              e
+            end
+          end
+
+          before do
+            expect(http_client).to receive(:delete).
+              with("/policies/appserver/revisions/4444444444444444444444444444444444444444444444444444444444444444").
+              and_raise(http_exception)
+            expect(http_client).to receive(:delete).with("/policies/load-balancer/revisions/7777777777777777777777777777777777777777777777777777777777777777")
+          end
+
+          it "deletes what it can, then raises an error" do
+            expected_message = <<-ERROR
+Failed to delete some policy revisions:
+- appserver (4444444444444444444444444444444444444444444444444444444444444444): Net::HTTPServerException 403 \"Unauthorized\"
+ERROR
+
+            expect { clean_policies_service.run }.to raise_error do |error|
+              expect(error.message).to eq(expected_message)
+            end
+            expected_message = <<-MESSAGE
+DELETE appserver 4444444444444444444444444444444444444444444444444444444444444444
+DELETE load-balancer 7777777777777777777777777777777777777777777777777777777777777777
+MESSAGE
+            expect(ui.output).to eq(expected_message)
+          end
+
+        end
+
+      end
+    end
+
+  end
+
+end