chef 11.12.0.alpha.1 → 11.12.0.rc.1

data/spec/functional/win32/versions_spec.rb

@@ -22,7 +22,7 @@ if Chef::Platform.windows?
   require 'ruby-wmi'
 end
 
-describe "Chef::ReservedNames::Win32::Version", :windows_only do
+describe "Chef::ReservedNames::Win32::Version", :windows_only, :not_supported_on_win2k3 do
   before do
 
     host = WMI::Win32_OperatingSystem.find(:first)
@@ -57,7 +57,7 @@ describe "Chef::ReservedNames::Win32::Version", :windows_only do
       end
     end
   end
-  
+
   context "Win32 version object" do
     it "should have have one method for each marketing version" do
       versions = 0
@@ -88,7 +88,7 @@ describe "Chef::ReservedNames::Win32::Version", :windows_only do
       for_each_windows_version { |method_name| @version.send(method_name.to_sym) }
     end
   end
-  
+
   context "Windows Operating System version" do
     it "should match the version from WMI" do
       @current_os_version.should include(@version.marketing_name)

data/spec/integration/knife/chefignore_spec.rb

@@ -38,14 +38,13 @@ describe 'chefignore tests' do
       file 'data_bags/bag1/chefignore', chefignore
       file 'cookbooks/cookbook1/chefignore', chefignore
 
-      it 'nothing is ignored' do
+      it 'matching files and directories get ignored' do
         # NOTE: many of the "chefignore" files should probably not show up
         # themselves, but we have other tests that talk about that
         knife('list --local -Rfp /').should_succeed <<EOM
 /cookbooks/
 /cookbooks/cookbook1/
 /cookbooks/cookbook1/chefignore
-/cookbooks/cookbook1/x.json
 /data_bags/
 /data_bags/bag1/
 /data_bags/bag1/x.json

data/spec/integration/knife/raw_spec.rb

@@ -22,6 +22,7 @@ require 'chef/knife/show'
 describe 'knife raw' do
   extend IntegrationSupport
   include KnifeSupport
+  include AppServerSupport
 
   when_the_chef_server "has one of each thing" do
     client 'x', '{}'
@@ -55,7 +56,7 @@ EOM
     end
 
     it 'knife raw /blarghle returns 404' do
-      knife('raw /blarghle').should_fail(/ERROR: Server responded with error 404 "Not Found"/)
+      knife('raw /blarghle').should_fail(/ERROR: Server responded with error 404 "Not Found\s*"/)
     end
 
     it 'knife raw -m DELETE /roles/x succeeds', :pending => (RUBY_VERSION < "1.9") do
@@ -165,19 +166,16 @@ EOM
 
     context 'When a server returns raw json' do
       before :each do
-        @real_chef_server_url = Chef::Config.chef_server_url
         Chef::Config.chef_server_url = "http://127.0.0.1:9018"
         app = lambda do |env|
           [200, {'Content-Type' => 'application/json' }, ['{ "x": "y", "a": "b" }'] ]
         end
-        @raw_server = Puma::Server.new(app, Puma::Events.new(STDERR, STDOUT))
-        @raw_server.add_tcp_listener("127.0.0.1", 9018)
-        @raw_server.run
+        @raw_server, @raw_server_thread = start_app_server(app, 9018)
       end
 
       after :each do
-        Chef::Config.chef_server_url = @real_chef_server_url
-        @raw_server.stop(true)
+        @raw_server.shutdown if @raw_server
+        @raw_server_thread.kill if @raw_server_thread
       end
 
       it 'knife raw /blah returns the prettified json', :pending => (RUBY_VERSION < "1.9") do
@@ -198,19 +196,16 @@ EOM
 
     context 'When a server returns text' do
       before :each do
-        @real_chef_server_url = Chef::Config.chef_server_url
         Chef::Config.chef_server_url = "http://127.0.0.1:9018"
         app = lambda do |env|
           [200, {'Content-Type' => 'text' }, ['{ "x": "y", "a": "b" }'] ]
         end
-        @raw_server = Puma::Server.new(app, Puma::Events.new(STDERR, STDOUT))
-        @raw_server.add_tcp_listener("127.0.0.1", 9018)
-        @raw_server.run
+        @raw_server, @raw_server_thread = start_app_server(app, 9018)
       end
 
       after :each do
-        Chef::Config.chef_server_url = @real_chef_server_url
-        @raw_server.stop(true)
+        @raw_server.shutdown if @raw_server
+        @raw_server_thread.kill if @raw_server_thread
       end
 
       it 'knife raw /blah returns the raw text' do

data/spec/integration/knife/redirection_spec.rb

@@ -15,38 +15,30 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-require 'puma'
 require 'support/shared/integration/integration_helper'
 require 'chef/knife/list'
 
 describe 'redirection' do
   extend IntegrationSupport
   include KnifeSupport
+  include AppServerSupport
 
   when_the_chef_server 'has a role' do
     role 'x', {}
 
     context 'and another server redirects to it with 302' do
       before :each do
-        @real_chef_server_url = Chef::Config.chef_server_url
+        real_chef_server_url = Chef::Config.chef_server_url
         Chef::Config.chef_server_url = "http://127.0.0.1:9018"
         app = lambda do |env|
-          [302, {'Content-Type' => 'text','Location' => "#{@real_chef_server_url}#{env['PATH_INFO']}" }, ['302 found'] ]
-        end
-        @redirector_server = Puma::Server.new(app, Puma::Events.new(STDERR, STDOUT))
-        @redirector_server.add_tcp_listener("127.0.0.1", 9018)
-        @redirector_server.run
-        Timeout::timeout(5) do
-          until @redirector_server.running
-            sleep(0.01)
-          end
-          raise @server_error if @server_error
+          [302, {'Content-Type' => 'text','Location' => "#{real_chef_server_url}#{env['PATH_INFO']}" }, ['302 found'] ]
         end
+        @redirector_server, @redirector_server_thread = start_app_server(app, 9018)
       end
 
       after :each do
-        Chef::Config.chef_server_url = @real_chef_server_url
-        @redirector_server.stop(true)
+        @redirector_server.shutdown if @redirector_server
+        @redirector_thread.kill if @redirector_thread
       end
 
       it 'knife list /roles returns the role' do

data/spec/integration/solo/solo_spec.rb

@@ -42,6 +42,25 @@ E
 
   end
 
+  when_the_repository "has a cookbook with an undeclared dependency" do
+    file 'cookbooks/x/metadata.rb', 'version "1.0.0"'
+    file 'cookbooks/x/recipes/default.rb', 'include_recipe "ancient::aliens"'
+
+    file 'cookbooks/ancient/metadata.rb', 'version "1.0.0"'
+    file 'cookbooks/ancient/recipes/aliens.rb', 'print "it was aliens"'
+
+    it "should exit with an error" do
+      file 'config/solo.rb', <<EOM
+cookbook_path "#{path_to('cookbooks')}"
+file_cache_path "#{path_to('config/cache')}"
+EOM
+      result = shell_out("ruby bin/chef-solo -c \"#{path_to('config/solo.rb')}\" -o 'x::default' -l debug", :cwd => chef_dir)
+      result.exitstatus.should == 0 # For CHEF-5120 this becomes 1
+      result.stdout.should include("WARN: MissingCookbookDependency")
+    end
+  end
+
+
   when_the_repository "has a cookbook with a recipe with sleep" do
     directory 'logs'
     file 'logs/runs.log', ''

data/spec/support/shared/functional/windows_script.rb

@@ -38,7 +38,7 @@ shared_context Chef::Resource::WindowsScript do
   end
 
   before(:each) do
-k    File.delete(script_output_path) if File.exists?(script_output_path)
+    File.delete(script_output_path) if File.exists?(script_output_path)
   end
 
   after(:each) do

data/spec/support/shared/integration/app_server_support.rb

@@ -0,0 +1,42 @@
+#
+# Author:: John Keiser (<jkeiser@opscode.com>)
+# Author:: Ho-Sheng Hsiao (<hosh@opscode.com>)
+# Copyright:: Copyright (c) 2012, 2013 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'rack'
+require 'stringio'
+
+module AppServerSupport
+  def start_app_server(app, port)
+    server = nil
+    thread = Thread.new do
+      Rack::Handler::WEBrick.run(app,
+        :Port => 9018,
+        :AccessLog => [],
+        :Logger => WEBrick::Log::new(StringIO.new, 7)
+      ) do |found_server|
+        server = found_server
+      end
+    end
+    Timeout::timeout(5) do
+      until server && server.status == :Running
+        sleep(0.01)
+      end
+    end
+    [server, thread]
+  end
+end

data/spec/support/shared/integration/integration_helper.rb

@@ -23,6 +23,7 @@ require 'chef/config'
 require 'chef_zero/rspec'
 require 'json'
 require 'support/shared/integration/knife_support'
+require 'support/shared/integration/app_server_support'
 require 'spec_helper'
 
 module IntegrationSupport

data/spec/support/shared/unit/script_resource.rb

@@ -48,5 +48,43 @@ shared_examples_for "a script resource" do
     @resource.flags.should eql("-f")
   end
 
+  describe "when executing guards" do
+    let(:resource) { @resource }
+
+    before(:each) do
+      node = Chef::Node.new
+
+      node.automatic[:platform] = "debian"
+      node.automatic[:platform_version] = "6.0"
+
+      events = Chef::EventDispatch::Dispatcher.new
+      run_context = Chef::RunContext.new(node, {}, events)
+      resource.run_context = run_context
+      resource.code 'echo hi'
+    end
+
+    it "inherits exactly the :cwd, :environment, :group, :path, :user, and :umask attributes from a parent resource class" do
+      inherited_difference = Chef::Resource::Script.guard_inherited_attributes -
+        [:cwd, :environment, :group, :path, :user, :umask ]
+
+      inherited_difference.should == []
+    end
+
+    it "when guard_interpreter is set to the default value, the guard command string should be evaluated by command execution and not through a resource" do
+      Chef::Resource::Conditional.any_instance.should_not_receive(:evaluate_block)
+      Chef::Resource::Conditional.any_instance.should_receive(:evaluate_command).and_return(true)
+      Chef::GuardInterpreter::ResourceGuardInterpreter.any_instance.should_not_receive(:evaluate_action)
+      resource.only_if 'echo hi'
+      resource.should_skip?(:run).should == nil
+    end
+
+    it "when a valid guard_interpreter resource is specified, a block should be used to evaluate the guard" do
+      Chef::GuardInterpreter::DefaultGuardInterpreter.any_instance.should_not_receive(:evaluate)
+      Chef::GuardInterpreter::ResourceGuardInterpreter.any_instance.should_receive(:evaluate_action).and_return(true)
+      resource.guard_interpreter :script
+      resource.only_if 'echo hi'
+      resource.should_skip?(:run).should == nil
+    end
+  end
 end
 

data/spec/unit/api_client/registration_spec.rb

@@ -22,16 +22,45 @@ require 'tempfile'
 require 'chef/api_client/registration'
 
 describe Chef::ApiClient::Registration do
+
   let(:key_location) do
     make_tmpname("client-registration-key")
   end
 
-  let(:registration) { Chef::ApiClient::Registration.new("silent-bob", key_location) }
+  let(:client_name) { "silent-bob" }
+
+  subject(:registration) { Chef::ApiClient::Registration.new(client_name, key_location) }
 
-  let :private_key_data do
+  let(:private_key_data) do
     File.open(Chef::Config[:validation_key], "r") {|f| f.read.chomp }
   end
 
+  let(:http_mock) { double("Chef::REST mock") }
+
+  let(:expected_post_data) do
+    { :name => client_name, :admin => false }
+  end
+
+  let(:expected_put_data) do
+    { :name => client_name, :admin => false, :private_key => true }
+  end
+
+  let(:server_v10_response) do
+    {"uri" => "https://chef.local/clients/#{client_name}",
+     "private_key" => "--begin rsa key etc--"}
+  end
+
+  # Server v11 includes `json_class` on all replies
+  let(:server_v11_response) do
+    response = Chef::ApiClient.new
+    response.name(client_name)
+    response.private_key("--begin rsa key etc--")
+    response
+  end
+
+  let(:response_409) { Net::HTTPConflict.new("1.1", "409", "Conflict") }
+  let(:exception_409) { Net::HTTPServerException.new("409 conflict", response_409) }
+
   before do
     Chef::Config[:validation_client_name] = "test-validator"
     Chef::Config[:validation_key] = File.expand_path('ssl/private_key.pem', CHEF_SPEC_DATA)
@@ -39,8 +68,6 @@ describe Chef::ApiClient::Registration do
 
   after do
     File.unlink(key_location) if File.exist?(key_location)
-    Chef::Config[:validation_client_name] = nil
-    Chef::Config[:validation_key] = nil
   end
 
   it "has an HTTP client configured with validator credentials" do
@@ -50,57 +77,107 @@ describe Chef::ApiClient::Registration do
   end
 
   describe "when creating/updating the client on the server" do
-    let(:http_mock) { double("Chef::REST mock") }
-
     before do
       registration.stub(:http_api).and_return(http_mock)
     end
 
     it "creates a new ApiClient on the server using the validator identity" do
-      response = {"uri" => "https://chef.local/clients/silent-bob",
-                  "private_key" => "--begin rsa key etc--"}
       http_mock.should_receive(:post).
-        with("clients", :name => 'silent-bob', :admin => false).
-        and_return(response)
-      registration.create_or_update.should == response
+        with("clients", expected_post_data).
+        and_return(server_v10_response)
+      registration.create_or_update.should == server_v10_response
       registration.private_key.should == "--begin rsa key etc--"
     end
 
     context "and the client already exists on a Chef 10 server" do
       it "requests a new key from the server and saves it" do
-        response = {"name" => "silent-bob", "private_key" => "--begin rsa key etc--" }
-
-        response_409 = Net::HTTPConflict.new("1.1", "409", "Conflict")
-        exception_409 = Net::HTTPServerException.new("409 conflict", response_409)
-
-        http_mock.should_receive(:post).and_raise(exception_409)
+        http_mock.should_receive(:post).with("clients", expected_post_data).
+          and_raise(exception_409)
         http_mock.should_receive(:put).
-          with("clients/silent-bob", :name => 'silent-bob', :admin => false, :private_key => true).
-          and_return(response)
-        registration.create_or_update.should == response
+          with("clients/#{client_name}", expected_put_data).
+          and_return(server_v10_response)
+        registration.create_or_update.should == server_v10_response
         registration.private_key.should == "--begin rsa key etc--"
       end
     end
 
     context "and the client already exists on a Chef 11 server" do
       it "requests a new key from the server and saves it" do
-        response = Chef::ApiClient.new
-        response.name("silent-bob")
-        response.private_key("--begin rsa key etc--")
-
-        response_409 = Net::HTTPConflict.new("1.1", "409", "Conflict")
-        exception_409 = Net::HTTPServerException.new("409 conflict", response_409)
-
         http_mock.should_receive(:post).and_raise(exception_409)
         http_mock.should_receive(:put).
-          with("clients/silent-bob", :name => 'silent-bob', :admin => false, :private_key => true).
-          and_return(response)
-        registration.create_or_update.should == response
+          with("clients/#{client_name}", expected_put_data).
+          and_return(server_v11_response)
+        registration.create_or_update.should == server_v11_response
         registration.private_key.should == "--begin rsa key etc--"
       end
     end
   end
 
+  context "when local key generation is enabled", :nofocus do
+    let(:generated_private_key_pem) { IO.read(File.expand_path('ssl/private_key.pem', CHEF_SPEC_DATA)) }
+    let(:generated_private_key) { OpenSSL::PKey::RSA.new(generated_private_key_pem) }
+    let(:generated_public_key) { generated_private_key.public_key }
+
+    let(:expected_post_data) do
+      { :name => client_name, :admin => false, :public_key => generated_public_key.to_pem }
+    end
+
+    let(:expected_put_data) do
+      { :name => client_name, :admin => false, :public_key => generated_public_key.to_pem }
+    end
+
+    let(:create_with_pkey_response) do
+      {
+        "uri" => "",
+        "public_key" => generated_public_key.to_pem
+      }
+    end
+
+    let(:update_with_pkey_response) do
+      {"name"=>client_name,
+       "admin"=>false,
+       "public_key"=> generated_public_key,
+       "validator"=>false,
+       "private_key"=>false,
+       "clientname"=>client_name}
+    end
+
+
+    before do
+      registration.stub(:http_api).and_return(http_mock)
+      Chef::Config.local_key_generation = true
+      OpenSSL::PKey::RSA.should_receive(:generate).with(2048).and_return(generated_private_key)
+    end
+
+    it "posts a locally generated public key to the server to create a client" do
+      http_mock.should_receive(:post).
+        with("clients", expected_post_data).
+        and_return(create_with_pkey_response)
+      registration.create_or_update.should == create_with_pkey_response
+      registration.private_key.should == generated_private_key_pem
+    end
+
+    it "puts a locally generated public key to the server to update a client" do
+      http_mock.should_receive(:post).
+        with("clients", expected_post_data).
+        and_raise(exception_409)
+      http_mock.should_receive(:put).
+        with("clients/#{client_name}", expected_put_data).
+        and_return(update_with_pkey_response)
+      registration.create_or_update.should == update_with_pkey_response
+      registration.private_key.should == generated_private_key_pem
+    end
+
+    it "writes the generated private key to disk" do
+      http_mock.should_receive(:post).
+        with("clients", expected_post_data).
+        and_return(create_with_pkey_response)
+      registration.run
+      IO.read(key_location).should == generated_private_key_pem
+    end
+
+  end
+
   describe "when writing the private key to disk" do
     before do
       registration.stub(:private_key).and_return('--begin rsa key etc--')
@@ -125,16 +202,12 @@ describe Chef::ApiClient::Registration do
 
   describe "when registering a client" do
 
-    let(:http_mock) { double("Chef::REST mock") }
-
     before do
       registration.stub(:http_api).and_return(http_mock)
     end
 
     it "creates the client on the server and writes the key" do
-      response = {"uri" => "http://chef.local/clients/silent-bob",
-                  "private_key" => "--begin rsa key etc--" }
-      http_mock.should_receive(:post).ordered.and_return(response)
+      http_mock.should_receive(:post).ordered.and_return(server_v10_response)
       registration.run
       IO.read(key_location).should == "--begin rsa key etc--"
     end
@@ -149,9 +222,7 @@ describe Chef::ApiClient::Registration do
       http_mock.should_receive(:post).ordered.and_raise(exception_500) # 4
       http_mock.should_receive(:post).ordered.and_raise(exception_500) # 5
 
-      response = {"uri" => "http://chef.local/clients/silent-bob",
-                  "private_key" => "--begin rsa key etc--" }
-      http_mock.should_receive(:post).ordered.and_return(response)
+      http_mock.should_receive(:post).ordered.and_return(server_v10_response)
       registration.run
       IO.read(key_location).should == "--begin rsa key etc--"
     end