chef-provisioning-aws 3.0.4 → 3.0.6

data/spec/integration/aws_iam_instance_profile_spec.rb

@@ -1,5 +1,5 @@
-require 'spec_helper'
-require 'securerandom'
+require "spec_helper"
+require "securerandom"
 
 def mk_role_name
   name_postfix = SecureRandom.hex(8)
@@ -7,7 +7,7 @@ def mk_role_name
 end
 
 def ec2_principal
-<<EOF
+  <<EOF
 {
   "Version": "2012-10-17",
   "Statement": [
@@ -29,131 +29,122 @@ describe Chef::Resource::AwsIamRole do
 
   when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
     with_aws "when connected to AWS" do
-
-      let(:instance_name) {
+      let(:instance_name) do
         name_postfix = SecureRandom.hex(8)
         "cp_test_iam_instance_profile_#{name_postfix}"
-      }
+      end
 
       it "creates an aws_iam_instance_profile with minimum attributes" do
-        expect_recipe {
+        expect_recipe do
           aws_iam_instance_profile instance_name do
             path "/"
           end
-        }.to create_an_aws_iam_instance_profile(instance_name,
-          path: "/"
-        ).and be_idempotent
+        end.to create_an_aws_iam_instance_profile(instance_name,
+                                                  path: "/").and be_idempotent
       end
 
       context "with an existing aws_iam_role" do
-        let(:role_name) {
+        let(:role_name) do
           name_postfix = SecureRandom.hex(8)
           "cp_test_iam_role_#{name_postfix}"
-        }
+        end
 
         # See aws_iam_role_spec.rb for explanation
         before(:each) do
-          converge {
+          converge do
             aws_iam_role role_name do
               path "/"
               assume_role_policy_document ec2_principal
             end
-          }
+          end
         end
 
         after(:each) do
-          converge {
+          converge do
             aws_iam_role role_name do
               action :destroy
             end
-          }
+          end
         end
 
         it "creates an aws_iam_instance_profile with maximum attributes" do
-          expect_recipe {
+          expect_recipe do
             aws_iam_instance_profile instance_name do
               path "/"
               role role_name
             end
-          }.to create_an_aws_iam_instance_profile(instance_name,
-            path: "/",
-            roles: [{name: role_name}]
-          ).and be_idempotent
+          end.to create_an_aws_iam_instance_profile(instance_name,
+                                                    path: "/",
+                                                    roles: [{ name: role_name }]).and be_idempotent
         end
 
         context "with an existing aws_iam_instance_profile with an attached role" do
           before(:each) do
-            converge {
+            converge do
               aws_iam_instance_profile instance_name do
                 path "/"
                 role role_name
               end
-            }
+            end
           end
 
           after(:each) do
-            converge {
+            converge do
               aws_iam_instance_profile instance_name do
                 action :destroy
               end
-            }
+            end
           end
 
           it "removes the relationship when the role is deleted" do
-            expect_recipe {
+            expect_recipe do
               aws_iam_role role_name do
                 action :destroy
               end
-            }.to match_an_aws_iam_instance_profile(instance_name,
-              roles: []
-            ).and be_idempotent
+            end.to match_an_aws_iam_instance_profile(instance_name,
+                                                     roles: []).and be_idempotent
           end
 
           it "removes the relationship when the instance_profile is deleted" do
-            expect_recipe {
+            expect_recipe do
               aws_iam_instance_profile instance_name do
                 action :destroy
               end
-            }.to match_an_aws_iam_role(role_name,
-              instance_profiles: []
-            ).and be_idempotent
+            end.to match_an_aws_iam_role(role_name,
+                                         instance_profiles: []).and be_idempotent
           end
 
           context "with a second aws_iam_role" do
             before(:each) do
-              converge {
+              converge do
                 aws_iam_role "#{role_name}2" do
                   path "/"
                   assume_role_policy_document ec2_principal
                 end
-              }
+              end
             end
 
             after(:each) do
-              converge {
+              converge do
                 aws_iam_instance_profile instance_name do
                   action :destroy
                 end
-              }
+              end
             end
 
             it "updates the attached role" do
-              expect_recipe {
+              expect_recipe do
                 aws_iam_instance_profile instance_name do
                   path "/"
                   role "#{role_name}2"
                 end
-              }.to update_an_aws_iam_instance_profile(instance_name,
-                path: "/",
-                roles: [{name: "#{role_name}2"}]
-              ).and be_idempotent
+              end.to update_an_aws_iam_instance_profile(instance_name,
+                                                        path: "/",
+                                                        roles: [{ name: "#{role_name}2" }]).and be_idempotent
             end
           end
-
         end
       end
-
     end
-
   end
 end

data/spec/integration/aws_iam_role_spec.rb

@@ -1,8 +1,8 @@
-require 'spec_helper'
-require 'securerandom'
+require "spec_helper"
+require "securerandom"
 
 def ec2_principal
-<<-EOF
+  <<-EOF
 {
   "Version": "2012-10-17",
   "Statement": [
@@ -16,11 +16,11 @@ def ec2_principal
     }
   ]
 }
-EOF
+  EOF
 end
 
 def rds_principal
-<<-EOF
+  <<-EOF
 {
   "Version": "2012-10-17",
   "Statement": [
@@ -34,11 +34,11 @@ def rds_principal
     }
   ]
 }
-EOF
+  EOF
 end
 
 def rds_role_policy
-<<-EOF
+  <<-EOF
 {
   "Version": "2012-10-17",
   "Statement": [
@@ -54,11 +54,11 @@ def rds_role_policy
     }
   ]
 }
-EOF
+  EOF
 end
 
 def iam_role_policy
-<<-EOF
+  <<-EOF
 {
   "Version": "2012-10-17",
   "Statement": [
@@ -69,7 +69,7 @@ def iam_role_policy
     }
   ]
 }
-EOF
+  EOF
 end
 
 describe Chef::Resource::AwsIamRole do
@@ -77,36 +77,34 @@ describe Chef::Resource::AwsIamRole do
 
   when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
     with_aws "when connected to AWS" do
-
-      let(:role_name) {
+      let(:role_name) do
         name_postfix = SecureRandom.hex(8)
         "cp_test_iam_role_#{name_postfix}"
-      }
+      end
 
       it "creates an aws_iam_role with minimum attributes" do
-        expect_recipe {
+        expect_recipe do
           aws_iam_role role_name do
             assume_role_policy_document ec2_principal
           end
-        }.to create_an_aws_iam_role(role_name) { |aws_object|
+        end.to create_an_aws_iam_role(role_name) { |aws_object|
           expect(Chef::JSONCompat.parse(URI.decode(aws_object.assume_role_policy_document))).to eq(Chef::JSONCompat.parse(ec2_principal))
         }.and be_idempotent
       end
 
       it "creates an aws_iam_role with maximum attributes" do
-        expect_recipe {
+        expect_recipe do
           aws_iam_role role_name do
             path "/"
             assume_role_policy_document ec2_principal
             inline_policies a: iam_role_policy
           end
-        }.to create_an_aws_iam_role(role_name,
-          path: "/",
-          policies: [{name: "a"}]
-        ) { |aws_object|
-          expect(Chef::JSONCompat.parse(URI.decode(aws_object.assume_role_policy_document))).to eq(Chef::JSONCompat.parse(ec2_principal))
-          expect(Chef::JSONCompat.parse(URI.decode(aws_object.policies.first.policy_document))).to eq(Chef::JSONCompat.parse(iam_role_policy))
-        }.and be_idempotent
+        end.to create_an_aws_iam_role(role_name,
+                                      path: "/",
+                                      policies: [{ name: "a" }]) { |aws_object|
+                 expect(Chef::JSONCompat.parse(URI.decode(aws_object.assume_role_policy_document))).to eq(Chef::JSONCompat.parse(ec2_principal))
+                 expect(Chef::JSONCompat.parse(URI.decode(aws_object.policies.first.policy_document))).to eq(Chef::JSONCompat.parse(iam_role_policy))
+               }.and be_idempotent
       end
 
       context "with an existing aws_iam_role" do
@@ -116,62 +114,57 @@ describe Chef::Resource::AwsIamRole do
         # 2) the let(:role_name) cannot be used at the context level, only at
         #    the example/before/after level
         before(:each) do
-          converge {
+          converge do
             aws_iam_role role_name do
               path "/"
               assume_role_policy_document ec2_principal
               inline_policies a: iam_role_policy
             end
-          }
+          end
         end
 
         after(:each) do
-          converge {
+          converge do
             aws_iam_role role_name do
               action :destroy
             end
-          }
+          end
         end
 
-
         it "updates all available fields" do
-          expect_recipe {
+          expect_recipe do
             aws_iam_role role_name do
               assume_role_policy_document rds_principal
               inline_policies b: rds_role_policy
             end
-          }.to create_an_aws_iam_role(role_name,
-            path: "/",
-            policies: [{name: "b"}]
-          ) { |aws_object|
-            expect(Chef::JSONCompat.parse(URI.decode(aws_object.assume_role_policy_document))).to eq(Chef::JSONCompat.parse(rds_principal))
-            expect(Chef::JSONCompat.parse(URI.decode(aws_object.policies.first.policy_document))).to eq(Chef::JSONCompat.parse(rds_role_policy))
-          }.and be_idempotent
+          end.to create_an_aws_iam_role(role_name,
+                                        path: "/",
+                                        policies: [{ name: "b" }]) { |aws_object|
+                   expect(Chef::JSONCompat.parse(URI.decode(aws_object.assume_role_policy_document))).to eq(Chef::JSONCompat.parse(rds_principal))
+                   expect(Chef::JSONCompat.parse(URI.decode(aws_object.policies.first.policy_document))).to eq(Chef::JSONCompat.parse(rds_role_policy))
+                 }.and be_idempotent
         end
 
         it "clears inline_policies with an empty hash" do
-          expect_recipe {
+          expect_recipe do
             aws_iam_role role_name do
-              inline_policies Hash.new
+              inline_policies({})
             end
-          }.to create_an_aws_iam_role(role_name,
-            path: "/",
-            policies: []
-          ).and be_idempotent
+          end.to create_an_aws_iam_role(role_name,
+                                        path: "/",
+                                        policies: []).and be_idempotent
         end
 
         it "deletes the aws_iam_role" do
-          r = recipe {
+          r = recipe do
             aws_iam_role role_name do
               action :destroy
             end
-          }
+          end
           expect(r).to destroy_an_aws_iam_role(role_name)
           expect { driver.iam_client.list_role_policies(role_name: role_name).policy_names }.to raise_error(::Aws::IAM::Errors::NoSuchEntity)
         end
       end
-
     end
-
   end
 end

data/spec/integration/aws_internet_gateway_spec.rb

@@ -1,162 +1,151 @@
-require 'spec_helper'
+require "spec_helper"
 
 describe Chef::Resource::AwsInternetGateway do
   extend AWSSupport
 
-  when_the_chef_12_server 'exists', organization: 'foo', server_scope: :context do
-    with_aws 'with a VPC' do
-
+  when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
+    with_aws "with a VPC" do
       purge_all
-      aws_vpc 'test_vpc_igw_a' do
-        cidr_block '10.0.0.0/24'
+      aws_vpc "test_vpc_igw_a" do
+        cidr_block "10.0.0.0/24"
       end
 
-      aws_vpc 'test_vpc_igw_b' do
-        cidr_block '10.0.1.0/24'
+      aws_vpc "test_vpc_igw_b" do
+        cidr_block "10.0.1.0/24"
       end
 
       it "creates an aws_internet_gateway with no parameters" do
-        expect_recipe {
-          aws_internet_gateway 'test_internet_gateway'
-        }.to create_an_aws_internet_gateway('test_internet_gateway').and be_idempotent
+        expect_recipe do
+          aws_internet_gateway "test_internet_gateway"
+        end.to create_an_aws_internet_gateway("test_internet_gateway").and be_idempotent
       end
 
       it "creates an aws_internet_gateway and attaches it to the specified VPC" do
-        expect_recipe {
-          aws_internet_gateway 'test_internet_gateway' do
+        expect_recipe do
+          aws_internet_gateway "test_internet_gateway" do
             vpc test_vpc_igw_a.aws_object.id
           end
-        }.to create_an_aws_internet_gateway('test_internet_gateway',
-          id: test_vpc_igw_a.aws_object.internet_gateways.first.id
-        ).and be_idempotent
+        end.to create_an_aws_internet_gateway("test_internet_gateway",
+                                              id: test_vpc_igw_a.aws_object.internet_gateways.first.id).and be_idempotent
       end
 
-      context 'with the IGW attached to an existing VPC' do
-        aws_internet_gateway 'test_internet_gateway' do
+      context "with the IGW attached to an existing VPC" do
+        aws_internet_gateway "test_internet_gateway" do
           vpc test_vpc_igw_a.aws_object.id
         end
 
         it "updates it to the new VPC" do
-          expect_recipe {
-            aws_internet_gateway 'test_internet_gateway' do
+          expect_recipe do
+            aws_internet_gateway "test_internet_gateway" do
               vpc test_vpc_igw_b
             end
-          }.to update_an_aws_internet_gateway('test_internet_gateway',
-            id: test_vpc_igw_b.aws_object.internet_gateways.first.id
-          ).and be_idempotent
+          end.to update_an_aws_internet_gateway("test_internet_gateway",
+                                                id: test_vpc_igw_b.aws_object.internet_gateways.first.id).and be_idempotent
         end
       end
 
-      context 'with the IGW attached to an existing VPC' do
-        aws_internet_gateway 'test_internet_gateway' do
+      context "with the IGW attached to an existing VPC" do
+        aws_internet_gateway "test_internet_gateway" do
           vpc test_vpc_igw_a.aws_object.id
         end
 
         it "detaches it from the VPC" do
-          expect_recipe {
-            aws_internet_gateway 'test_internet_gateway' do
+          expect_recipe do
+            aws_internet_gateway "test_internet_gateway" do
               action :detach
             end
-          }.to update_an_aws_internet_gateway('test_internet_gateway',
-            attachments: []
-          ).and be_idempotent
+          end.to update_an_aws_internet_gateway("test_internet_gateway",
+                                                attachments: []).and be_idempotent
         end
       end
 
-      context 'with the IGW attached to an existing VPC' do
-        aws_internet_gateway 'test_internet_gateway' do
+      context "with the IGW attached to an existing VPC" do
+        aws_internet_gateway "test_internet_gateway" do
           vpc test_vpc_igw_a.aws_object.id
         end
 
         it "detaches the VPC and destroys the IGW" do
-          r = recipe {
-            aws_internet_gateway 'test_internet_gateway' do
+          r = recipe do
+            aws_internet_gateway "test_internet_gateway" do
               action :destroy
             end
-          }
-          expect(r).to destroy_an_aws_internet_gateway('test_internet_gateway').and be_idempotent
+          end
+          expect(r).to destroy_an_aws_internet_gateway("test_internet_gateway").and be_idempotent
 
           expect(test_vpc_igw_a.aws_object.internet_gateways.first).to eq(nil)
         end
 
-        context 'with a VPC with its own managed internet gateway' do
-          aws_vpc 'test_vpc_preexisting_igw' do
-            cidr_block '10.0.1.0/24'
+        context "with a VPC with its own managed internet gateway" do
+          aws_vpc "test_vpc_preexisting_igw" do
+            cidr_block "10.0.1.0/24"
             internet_gateway true
           end
 
           it "deletes the old managed IGW and attaches the new one" do
             old_attached_igw = test_vpc_preexisting_igw.aws_object.internet_gateways.first.internet_gateway_id
 
-            expect_recipe {
-              aws_internet_gateway 'test_internet_gateway' do
+            expect_recipe do
+              aws_internet_gateway "test_internet_gateway" do
                 vpc test_vpc_preexisting_igw.aws_object.id
               end
-            }.to create_an_aws_internet_gateway('test_internet_gateway',
-              id: test_vpc_preexisting_igw.aws_object.internet_gateways.first.id
-            ).and be_idempotent
+            end.to create_an_aws_internet_gateway("test_internet_gateway",
+                                                  id: test_vpc_preexisting_igw.aws_object.internet_gateways.first.id).and be_idempotent
 
             current_attached_igw = test_vpc_preexisting_igw.aws_object.internet_gateways.first.internet_gateway_id
             expect(current_attached_igw).not_to eq(old_attached_igw)
           end
         end
 
-        context 'with a VPC and an attached aws_internet_gateway resource' do
-          aws_internet_gateway 'test_internet_gateway'
-          aws_vpc 'test_vpc_preexisting_igw' do
-            cidr_block '10.0.1.0/24'
+        context "with a VPC and an attached aws_internet_gateway resource" do
+          aws_internet_gateway "test_internet_gateway"
+          aws_vpc "test_vpc_preexisting_igw" do
+            cidr_block "10.0.1.0/24"
             internet_gateway test_internet_gateway
           end
 
           it "leaves the attachment alone if internet_gateway is set to true" do
             expect(test_vpc_preexisting_igw.aws_object.internet_gateways.first.internet_gateway_id).to eq(test_internet_gateway.aws_object.id)
-            expect_recipe {
-              aws_vpc 'test_vpc_preexisting_igw' do
-                cidr_block '10.0.1.0/24'
+            expect_recipe do
+              aws_vpc "test_vpc_preexisting_igw" do
+                cidr_block "10.0.1.0/24"
                 internet_gateway true
               end
-            }.to match_an_aws_vpc('test_vpc_preexisting_igw',
-              vpc_id: test_internet_gateway.aws_object.attachments.first.vpc_id
-            ).and be_idempotent
+            end.to match_an_aws_vpc("test_vpc_preexisting_igw",
+                                    vpc_id: test_internet_gateway.aws_object.attachments.first.vpc_id).and be_idempotent
           end
 
           it "deletes the attachment if internet_gateway is set to false" do
-            expect_recipe {
-              aws_vpc 'test_vpc_preexisting_igw' do
-                cidr_block '10.0.1.0/24'
+            expect_recipe do
+              aws_vpc "test_vpc_preexisting_igw" do
+                cidr_block "10.0.1.0/24"
                 internet_gateway false
               end
-            }.to match_an_aws_internet_gateway('test_internet_gateway',
-              attachments: []
-            ).and be_idempotent
+            end.to match_an_aws_internet_gateway("test_internet_gateway",
+                                                 attachments: []).and be_idempotent
             expect(test_vpc_preexisting_igw.aws_object.internet_gateways.entries).to eq([])
           end
         end
 
-        context 'with a VPC and an attached aws_internet_gateway resource' do
-          aws_internet_gateway 'test_internet_gateway1'
-          aws_internet_gateway 'test_internet_gateway2'
-          aws_vpc 'test_vpc_preexisting_igw' do
-            cidr_block '10.0.1.0/24'
+        context "with a VPC and an attached aws_internet_gateway resource" do
+          aws_internet_gateway "test_internet_gateway1"
+          aws_internet_gateway "test_internet_gateway2"
+          aws_vpc "test_vpc_preexisting_igw" do
+            cidr_block "10.0.1.0/24"
             internet_gateway test_internet_gateway1
           end
 
           it "switches the attachment to a newly specified aws_internet_gateway" do
             expect(test_vpc_preexisting_igw.aws_object.internet_gateways.first.internet_gateway_id).to eq(test_internet_gateway1.aws_object.id)
-            expect_recipe {
-              aws_internet_gateway 'test_internet_gateway2' do
-                vpc 'test_vpc_preexisting_igw'
+            expect_recipe do
+              aws_internet_gateway "test_internet_gateway2" do
+                vpc "test_vpc_preexisting_igw"
               end
-            }.to match_an_aws_internet_gateway('test_internet_gateway1',
-              attachments: []
-            ).and match_an_aws_internet_gateway('test_internet_gateway2',
-              id: test_vpc_preexisting_igw.aws_object.internet_gateways.first.id
-            ).and be_idempotent
+            end.to match_an_aws_internet_gateway("test_internet_gateway1",
+                                                 attachments: []).and match_an_aws_internet_gateway("test_internet_gateway2",
+                                                                                                    id: test_vpc_preexisting_igw.aws_object.internet_gateways.first.id).and be_idempotent
           end
-
         end
       end
     end
-
   end
 end