chef 14.8.12-universal-mingw32 → 14.9.13-universal-mingw32

data/spec/unit/knife/data_bag_create_spec.rb

@@ -63,7 +63,7 @@ describe Chef::Knife::DataBagCreate do
       exception = double("404 error", code: "404")
       allow(rest).to receive(:get)
         .with("data/#{bag_name}")
-        .and_raise(Net::HTTPServerException.new("404", exception))
+        .and_raise(Net::HTTPClientException.new("404", exception))
     end
 
     it "tries to create a data bag with an invalid name when given one argument" do
@@ -86,7 +86,7 @@ describe Chef::Knife::DataBagCreate do
         %w{node role client environment}.each do |name|
           allow(rest).to receive(:get)
             .with("data/sudoing_#{name}_admins")
-            .and_raise(Net::HTTPServerException.new("404", exception))
+            .and_raise(Net::HTTPClientException.new("404", exception))
         end
       end
 

data/spec/unit/knife/supermarket_share_spec.rb

@@ -85,7 +85,7 @@ describe Chef::Knife::SupermarketShare do
 
     it "should use a default category when given only 1 argument and cannot determine category" do
       @knife.name_args = ["cookbook_name"]
-      expect(@noauth_rest).to receive(:get).with("https://supermarket.chef.io/api/v1/cookbooks/cookbook_name") { raise Net::HTTPServerException.new("404 Not Found", OpenStruct.new(code: "404")) }
+      expect(@noauth_rest).to receive(:get).with("https://supermarket.chef.io/api/v1/cookbooks/cookbook_name") { raise Net::HTTPClientException.new("404 Not Found", OpenStruct.new(code: "404")) }
       expect(@knife).to receive(:do_upload)
       expect { @knife.run }.to_not raise_error
     end

data/spec/unit/knife/supermarket_unshare_spec.rb

@@ -57,15 +57,15 @@ describe Chef::Knife::SupermarketUnshare do
 
     it "should log an error and exit when forbidden" do
       exception = double('403 "Forbidden"', code: "403")
-      allow(@rest).to receive(:delete).and_raise(Net::HTTPServerException.new('403 "Forbidden"', exception))
+      allow(@rest).to receive(:delete).and_raise(Net::HTTPClientException.new('403 "Forbidden"', exception))
       expect(@knife.ui).to receive(:error)
       expect { @knife.run }.to raise_error(SystemExit)
     end
 
     it "should re-raise any non-forbidden errors on delete" do
       exception = double('500 "Application Error"', code: "500")
-      allow(@rest).to receive(:delete).and_raise(Net::HTTPServerException.new('500 "Application Error"', exception))
-      expect { @knife.run }.to raise_error(Net::HTTPServerException)
+      allow(@rest).to receive(:delete).and_raise(Net::HTTPClientException.new('500 "Application Error"', exception))
+      expect { @knife.run }.to raise_error(Net::HTTPClientException)
     end
 
     it "should log a success message" do

data/spec/unit/knife_spec.rb

@@ -424,7 +424,7 @@ describe Chef::Knife do
       response = Net::HTTPUnauthorized.new("1.1", "401", "Unauthorized")
       response.instance_variable_set(:@read, true) # I hate you, net/http.
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "y u no syncronize your clock?"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("401 Unauthorized", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("401 Unauthorized", response))
       knife.run_with_pretty_exceptions
       expect(stderr.string).to match(/ERROR: Failed to authenticate to/)
       expect(stderr.string).to match(/Response:  y u no syncronize your clock\?/)
@@ -434,7 +434,7 @@ describe Chef::Knife do
       response = Net::HTTPForbidden.new("1.1", "403", "Forbidden")
       response.instance_variable_set(:@read, true) # I hate you, net/http.
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "y u no administrator"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("403 Forbidden", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("403 Forbidden", response))
       allow(knife).to receive(:username).and_return("sadpanda")
       knife.run_with_pretty_exceptions
       expect(stderr.string).to match(%r{ERROR: You authenticated successfully to http.+ as sadpanda but you are not authorized for this action})
@@ -454,7 +454,7 @@ describe Chef::Knife do
         response = Net::HTTPForbidden.new("1.1", "403", "Forbidden")
         response.instance_variable_set(:@read, true)
         allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "y u no administrator"))
-        allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("403 Forbidden", response))
+        allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("403 Forbidden", response))
         allow(knife).to receive(:username).and_return("sadpanda")
         knife.run_with_pretty_exceptions
         expect(stderr.string).to match(%r{ERROR: You authenticated successfully to http.+ as sadpanda but you are not authorized for this action})
@@ -467,7 +467,7 @@ describe Chef::Knife do
       response = Net::HTTPBadRequest.new("1.1", "400", "Bad Request")
       response.instance_variable_set(:@read, true) # I hate you, net/http.
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "y u search wrong"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("400 Bad Request", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("400 Bad Request", response))
       knife.run_with_pretty_exceptions
       expect(stderr.string).to match(%r{ERROR: The data in your request was invalid})
       expect(stderr.string).to match(%r{Response: y u search wrong})
@@ -477,7 +477,7 @@ describe Chef::Knife do
       response = Net::HTTPNotFound.new("1.1", "404", "Not Found")
       response.instance_variable_set(:@read, true) # I hate you, net/http.
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "nothing to see here"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("404 Not Found", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("404 Not Found", response))
       knife.run_with_pretty_exceptions
       expect(stderr.string).to match(%r{ERROR: The object you are looking for could not be found})
       expect(stderr.string).to match(%r{Response: nothing to see here})
@@ -491,7 +491,7 @@ describe Chef::Knife do
       response["x-ops-server-api-version"] = Chef::JSONCompat.to_json(min_version: "0", max_version: "1", request_version: "10000000")
 
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "sad trombone"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("406 Not Acceptable", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("406 Not Acceptable", response))
 
       knife.run_with_pretty_exceptions
       expect(stderr.string).to include("The request that Knife sent was using API version 10000000")
@@ -533,7 +533,7 @@ describe Chef::Knife do
       response = Net::HTTPPaymentRequired.new("1.1", "402", "Payment Required")
       response.instance_variable_set(:@read, true) # I hate you, net/http.
       allow(response).to receive(:body).and_return(Chef::JSONCompat.to_json(error: "nobugfixtillyoubuy"))
-      allow(knife).to receive(:run).and_raise(Net::HTTPServerException.new("402 Payment Required", response))
+      allow(knife).to receive(:run).and_raise(Net::HTTPClientException.new("402 Payment Required", response))
       knife.run_with_pretty_exceptions
       expect(stderr.string).to match(%r{ERROR: Payment Required})
       expect(stderr.string).to match(%r{Response: nobugfixtillyoubuy})

data/spec/unit/mixin/api_version_request_handling_spec.rb

@@ -27,7 +27,7 @@ describe Chef::Mixin::ApiVersionRequestHandling do
 
     context "when the response code is not 406" do
       let(:response) { OpenStruct.new(code: "405") }
-      let(:exception) { Net::HTTPServerException.new("405 Something Else", response) }
+      let(:exception) { Net::HTTPClientException.new("405 Something Else", response) }
 
       it "returns nil" do
         expect(object.server_client_api_version_intersection(exception, default_supported_client_versions))
@@ -38,7 +38,7 @@ describe Chef::Mixin::ApiVersionRequestHandling do
 
     context "when the response code is 406" do
       let(:response) { OpenStruct.new(code: "406") }
-      let(:exception) { Net::HTTPServerException.new("406 Not Acceptable", response) }
+      let(:exception) { Net::HTTPClientException.new("406 Not Acceptable", response) }
 
       context "when x-ops-server-api-version header does not exist" do
         it "returns nil" do

data/spec/unit/node_spec.rb

@@ -53,7 +53,7 @@ describe Chef::Node do
   describe "when the node does not exist on the server" do
     before do
       response = OpenStruct.new(code: "404")
-      exception = Net::HTTPServerException.new("404 not found", response)
+      exception = Net::HTTPClientException.new("404 not found", response)
       allow(Chef::Node).to receive(:load).and_raise(exception)
       node.name("created-node")
     end
@@ -1447,7 +1447,7 @@ describe Chef::Node do
         node.name("monkey")
         allow(node).to receive(:data_for_save).and_return({})
         exception = double("404 error", code: "404")
-        expect(@rest).to receive(:put).and_raise(Net::HTTPServerException.new("foo", exception))
+        expect(@rest).to receive(:put).and_raise(Net::HTTPClientException.new("foo", exception))
         expect(@rest).to receive(:post).with("nodes", {})
         node.save
       end

data/spec/unit/policy_builder/policyfile_spec.rb

@@ -218,7 +218,7 @@ describe Chef::PolicyBuilder::Policyfile do
       end
 
       context "when the deployment group cannot be loaded" do
-        let(:error404) { Net::HTTPServerException.new("404 message", :body) }
+        let(:error404) { Net::HTTPClientException.new("404 message", :body) }
 
         before do
           expect(api_service).to receive(:get)
@@ -738,7 +738,7 @@ describe Chef::PolicyBuilder::Policyfile do
         shared_examples "fetching cookbooks when they don't exist" do
           context "and a cookbook is missing" do
 
-            let(:error404) { Net::HTTPServerException.new("404 message", :body) }
+            let(:error404) { Net::HTTPClientException.new("404 message", :body) }
 
             before do
               policy_builder.finish_load_node(node)

data/spec/unit/provider/group/windows_spec.rb

@@ -49,6 +49,7 @@ describe Chef::Provider::Group::Windows do
   describe "manage_group" do
     before do
       @new_resource.members([ "us" ])
+      @new_resource.comment = "this is group comment"
       @current_resource = Chef::Resource::Group.new("staff")
       @current_resource.members %w{all your base}
       @new_resource.excluded_members %w{all}
@@ -57,6 +58,7 @@ describe Chef::Provider::Group::Windows do
       allow(@net_group).to receive(:local_add_members)
       allow(@net_group).to receive(:local_set_members)
       allow(@provider).to receive(:lookup_account_name)
+      allow(@net_group).to receive(:local_group_set_info)
       allow(@provider).to receive(:validate_member!).and_return(true)
       @provider.current_resource = @current_resource
     end
@@ -73,6 +75,19 @@ describe Chef::Provider::Group::Windows do
       @provider.manage_group
     end
 
+    it "when comment is present, should call @net_group.local_group_set_info" do
+      @new_resource.append(true)
+      expect(@net_group).to receive(:local_group_set_info).with(@new_resource.comment)
+      @provider.manage_group
+    end
+
+    it "when comment is not present, should not call @net_group.local_group_set_info" do
+      @new_resource.comment = nil
+      @new_resource.append(true)
+      expect(@net_group).not_to receive(:local_group_set_info).with(@new_resource.comment)
+      @provider.manage_group
+    end
+
     it "should call @net_group.local_delete_members" do
       @new_resource.append(true)
       allow(@provider).to receive(:lookup_account_name).with("all").and_return("all")

data/spec/unit/provider/remote_file/content_spec.rb

@@ -161,7 +161,7 @@ describe Chef::Provider::RemoteFile::Content do
 
     # https://github.com/chef/chef/pull/1358#issuecomment-40853299
     def create_exception(exception_class)
-      if [ Net::HTTPServerException, Net::HTTPFatalError ].include? exception_class
+      if [ Net::HTTPClientException, Net::HTTPFatalError ].include? exception_class
         exception_class.new("message", { "something" => 1 })
       else
         exception_class.new
@@ -177,7 +177,7 @@ describe Chef::Provider::RemoteFile::Content do
       Errno::ENOENT,
       Errno::EACCES,
       Timeout::Error,
-      Net::HTTPServerException,
+      Net::HTTPClientException,
       Net::HTTPFatalError,
       Net::FTPError,
       Errno::ETIMEDOUT,

data/spec/unit/resource/group_spec.rb

@@ -49,6 +49,10 @@ describe Chef::Resource::Group, "initialize" do
     expect(resource.members).to eql([])
   end
 
+  it "defaults comment to be nil" do
+    expect(resource.comment).to eql(nil)
+  end
+
   it "aliases users to members, also an empty array" do
     expect(resource.users).to eql([])
   end
@@ -146,3 +150,16 @@ describe Chef::Resource::Group, "append" do
     end
   end
 end
+
+describe Chef::Resource::Group, "comment" do
+  let(:resource) { Chef::Resource::Group.new("fakey_fakerton") }
+
+  it "allows an string" do
+    resource.comment "this is a group comment"
+    expect(resource.comment).to eql("this is a group comment")
+  end
+
+  it "does not allow a hash" do
+    expect { resource.send(:comment, { some_other_user: "is freakin awesome" }) }.to raise_error(ArgumentError)
+  end
+end

data/spec/unit/resource/powershell_package_source_spec.rb

@@ -205,13 +205,13 @@ describe Chef::Resource::PowershellPackageSource do
 
   describe "#package_source_exists?" do
     it "returns true if it exists" do
-      allow(provider).to receive(:powershell_out!).with("(Get-PackageSource -Name 'MyGallery').Name").and_return(double("powershell_out!", stdout: "MyGallery\r\n"))
+      allow(provider).to receive(:powershell_out!).with("(Get-PackageSource -Name 'MyGallery' -WarningAction SilentlyContinue).Name").and_return(double("powershell_out!", stdout: "MyGallery\r\n"))
       resource.source_name("MyGallery")
       expect(provider.package_source_exists?).to eql(true)
     end
 
     it "returns false if it doesn't exist" do
-      allow(provider).to receive(:powershell_out!).with("(Get-PackageSource -Name 'MyGallery').Name").and_return(double("powershell_out!", stdout: ""))
+      allow(provider).to receive(:powershell_out!).with("(Get-PackageSource -Name 'MyGallery' -WarningAction SilentlyContinue).Name").and_return(double("powershell_out!", stdout: ""))
       resource.source_name("MyGallery")
       expect(provider.package_source_exists?).to eql(false)
     end

data/spec/unit/resource/windows_certificate.rb

@@ -73,4 +73,11 @@ describe Chef::Resource::WindowsCertificate do
     resource.pfx_password "foo"
     expect(resource.sensitive).to be_truthy
   end
+
+  it "doesn't raise error if pfx_password contains special characters" do
+    resource.pfx_password "chef$123"
+    resource.source "C:\\certs\\test-cert.pfx"
+    resource.store_name "MY"
+    expect { resource.action :create }.not_to raise_error
+  end
 end

data/spec/unit/resource/windows_task_spec.rb

@@ -67,23 +67,70 @@ describe Chef::Resource::WindowsTask, :windows_only do
     end
   end
 
-  context "when user is set but password is not" do
-    before do
-      resource.frequency :hourly
-    end
-    it "raises an error if the user is a non-system user" do
-      resource.user "bob"
-      expect { resource.after_created }.to raise_error(ArgumentError, %q{Cannot specify a user other than the system users without specifying a password!. Valid passwordless users: 'SYSTEM', 'NT AUTHORITY\SYSTEM', 'LOCAL SERVICE', 'NT AUTHORITY\LOCAL SERVICE', 'NETWORK SERVICE', 'NT AUTHORITY\NETWORK SERVICE', 'ADMINISTRATORS', 'BUILTIN\ADMINISTRATORS', 'USERS', 'BUILTIN\USERS', 'GUESTS', 'BUILTIN\GUESTS'})
-    end
+  describe "#validate_user_and_password" do
+    context "a System User" do
+      before do
+        resource.frequency :hourly
+        resource.user 'NT AUTHORITY\SYSTEM'
+      end
 
-    it "does not raise an error if the user is a system user" do
-      resource.user 'NT AUTHORITY\SYSTEM'
-      expect { resource.after_created }.to_not raise_error
+      context "for an interactive task" do
+        before { resource.interactive_enabled true }
+        it "does not require a password" do
+          expect { resource.after_created }.to_not raise_error
+        end
+        it "raises an error when a password is given" do
+          resource.password "XXXX"
+          expect { resource.after_created }.to raise_error(ArgumentError, "Password is not required for system users.")
+        end
+        it "does not raises an error even when user is in lowercase" do
+          resource.user 'nt authority\system'
+          expect { resource.after_created }.to_not raise_error
+        end
+      end
+
+      context "for a non-interactive task" do
+        before { resource.interactive_enabled false }
+        it "does not require a password" do
+          expect { resource.after_created }.to_not raise_error
+        end
+        it "raises an error when a password is given" do
+          resource.password "XXXX"
+          expect { resource.after_created }.to raise_error(ArgumentError, "Password is not required for system users.")
+        end
+        it "does not raises an error even when user is in lowercase" do
+          resource.user 'nt authority\system'
+          expect { resource.after_created }.to_not raise_error
+        end
+      end
     end
 
-    it "does not raise an error if the user is a system user even if lowercase" do
-      resource.user 'nt authority\system'
-      expect { resource.after_created }.to_not raise_error
+    context "a Non-System User" do
+      before do
+        resource.frequency :hourly
+        resource.user "bob"
+      end
+      context "for an interactive task" do
+        before { resource.interactive_enabled true }
+        it "does not require a password" do
+          expect { resource.after_created }.to_not raise_error
+        end
+        it "does not raises an error when a password is given" do
+          resource.password "XXXX"
+          expect { resource.after_created }.to_not raise_error
+        end
+      end
+
+      context "for a non-interactive task" do
+        before { resource.interactive_enabled false }
+        it "require a password" do
+          expect { resource.after_created }.to raise_error(ArgumentError, %q{Please provide a password or check if this task needs to be interactive! Valid passwordless users are: 'SYSTEM', 'NT AUTHORITY\SYSTEM', 'LOCAL SERVICE', 'NT AUTHORITY\LOCAL SERVICE', 'NETWORK SERVICE', 'NT AUTHORITY\NETWORK SERVICE', 'ADMINISTRATORS', 'BUILTIN\ADMINISTRATORS', 'USERS', 'BUILTIN\USERS', 'GUESTS', 'BUILTIN\GUESTS'})
+        end
+        it "does not raises an error when a password is given" do
+          resource.password "XXXX"
+          expect { resource.after_created }.to_not raise_error
+        end
+      end
     end
   end
 
@@ -231,12 +278,6 @@ describe Chef::Resource::WindowsTask, :windows_only do
     end
   end
 
-  context "#validate_interactive_setting" do
-    it "raises error when interactive_enabled is passed without password" do
-      expect { resource.send(:validate_interactive_setting, true, nil) }.to raise_error("Please provide the password when attempting to set interactive/non-interactive.")
-    end
-  end
-
   context "#validate_create_frequency_modifier" do
     context "when frequency is :minute" do
       it "raises error if frequency_modifier > 1439" do

data/spec/unit/resource_reporter_spec.rb

@@ -494,7 +494,7 @@ describe Chef::ResourceReporter do
         @node = Chef::Node.new
         @node.name("spitfire")
         @exception = ArgumentError.new
-        allow(@exception).to receive(:inspect).and_return("Net::HTTPServerException")
+        allow(@exception).to receive(:inspect).and_return("Net::HTTPClientException")
         allow(@exception).to receive(:message).and_return("Object not found")
         allow(@exception).to receive(:backtrace).and_return(@backtrace)
         @resource_reporter.run_list_expand_failed(@node, @exception)
@@ -505,7 +505,7 @@ describe Chef::ResourceReporter do
       it "includes the exception type in the event data" do
         expect(@report).to have_key("data")
         expect(@report["data"]["exception"]).to have_key("class")
-        expect(@report["data"]["exception"]["class"]).to eq("Net::HTTPServerException")
+        expect(@report["data"]["exception"]["class"]).to eq("Net::HTTPClientException")
       end
 
       it "includes the exception message in the event data" do
@@ -615,7 +615,7 @@ describe Chef::ResourceReporter do
       before do
         # 404 getting the run_id
         @response = Net::HTTPNotFound.new("a response body", "404", "Not Found")
-        @error = Net::HTTPServerException.new("404 message", @response)
+        @error = Net::HTTPClientException.new("404 message", @response)
         expect(@rest_client).to receive(:post)
           .with("reports/nodes/spitfire/runs", { action: :start, run_id: @run_id,
                                                  start_time: @start_time.to_s },
@@ -645,7 +645,7 @@ describe Chef::ResourceReporter do
       before do
         # 500 getting the run_id
         @response = Net::HTTPInternalServerError.new("a response body", "500", "Internal Server Error")
-        @error = Net::HTTPServerException.new("500 message", @response)
+        @error = Net::HTTPClientException.new("500 message", @response)
         expect(@rest_client).to receive(:post)
           .with("reports/nodes/spitfire/runs", { action: :start, run_id: @run_id, start_time: @start_time.to_s },
                { "X-Ops-Reporting-Protocol-Version" => Chef::ResourceReporter::PROTOCOL_VERSION })
@@ -675,7 +675,7 @@ describe Chef::ResourceReporter do
         Chef::Config[:enable_reporting_url_fatals] = true
         # 500 getting the run_id
         @response = Net::HTTPInternalServerError.new("a response body", "500", "Internal Server Error")
-        @error = Net::HTTPServerException.new("500 message", @response)
+        @error = Net::HTTPClientException.new("500 message", @response)
         expect(@rest_client).to receive(:post)
           .with("reports/nodes/spitfire/runs", { action: :start, run_id: @run_id, start_time: @start_time.to_s },
                { "X-Ops-Reporting-Protocol-Version" => Chef::ResourceReporter::PROTOCOL_VERSION })
@@ -690,7 +690,7 @@ describe Chef::ResourceReporter do
         expect(Chef::Log).to receive(:error).with(/500/)
         expect do
           @resource_reporter.run_started(@run_status)
-        end.to raise_error(Net::HTTPServerException)
+        end.to raise_error(Net::HTTPClientException)
       end
     end
 
@@ -746,7 +746,7 @@ describe Chef::ResourceReporter do
 
       it "should log 4xx errors" do
         response = Net::HTTPClientError.new("forbidden", "403", "Forbidden")
-        error = Net::HTTPServerException.new("403 message", response)
+        error = Net::HTTPClientException.new("403 message", response)
         allow(@rest_client).to receive(:raw_request).and_raise(error)
         expect(Chef::Log).to receive(:error).with(/403/)
 

data/spec/unit/user_v1_spec.rb

@@ -312,7 +312,7 @@ describe Chef::UserV1 do
 
   describe "Versioned API Interactions" do
     let(:response_406) { OpenStruct.new(code: "406") }
-    let(:exception_406) { Net::HTTPServerException.new("406 Not Acceptable", response_406) }
+    let(:exception_406) { Net::HTTPClientException.new("406 Not Acceptable", response_406) }
 
     before (:each) do
       @user = Chef::UserV1.new
@@ -374,7 +374,7 @@ describe Chef::UserV1 do
 
         context "when the server returns a 400" do
           let(:response_400) { OpenStruct.new(code: "400") }
-          let(:exception_400) { Net::HTTPServerException.new("400 Bad Request", response_400) }
+          let(:exception_400) { Net::HTTPClientException.new("400 Bad Request", response_400) }
 
           context "when the 400 was due to public / private key fields no longer being supported" do
             let(:response_body_400) { '{"error":["Since Server API v1, all keys must be updated via the keys endpoint. "]}' }