chef 16.10.17-universal-mingw32 → 16.14.1-universal-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +7 -4
- data/Rakefile +11 -0
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +1 -1
- data/distro/ruby_bin_folder/AMD64/Chef.PowerShell.Wrapper.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/Chef.PowerShell.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.PowerShell.Wrapper.Core.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.pdb +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.NETCore.App.deps.json +153 -149
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Diagnostics.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Management.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Utility.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.ConsoleHost.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.CoreCLR.Eventing.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.MarkdownRender.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.Messages.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Security.Cryptography.Pkcs.dll +0 -0
- data/distro/ruby_bin_folder/x86/Chef.PowerShell.dll +0 -0
- data/distro/ruby_bin_folder/x86/Chef.Powershell.Wrapper.dll +0 -0
- data/distro/ruby_bin_folder/x86/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.PowerShell.Wrapper.Core.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.pdb +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.NETCore.App.deps.json +153 -149
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Diagnostics.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Management.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Utility.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.ConsoleHost.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.CoreCLR.Eventing.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.MarkdownRender.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.Messages.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Security.Cryptography.Pkcs.dll +0 -0
- data/lib/chef/compliance/default_attributes.rb +6 -2
- data/lib/chef/compliance/runner.rb +6 -1
- data/lib/chef/cookbook/gem_installer.rb +5 -1
- data/lib/chef/knife/core/windows_bootstrap_context.rb +2 -3
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/mount.rb +7 -2
- data/lib/chef/provider/package/dnf/dnf_helper.py +4 -0
- data/lib/chef/provider/package/rubygems.rb +2 -2
- data/lib/chef/provider/package/yum/yum_helper.py +4 -0
- data/lib/chef/provider/service/macosx.rb +3 -3
- data/lib/chef/resource/chef_client_cron.rb +1 -1
- data/lib/chef/resource/chef_client_launchd.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/spec/functional/resource/cron_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +2 -1
- data/spec/spec_helper.rb +1 -0
- data/spec/support/platform_helpers.rb +4 -0
- data/spec/support/shared/unit/provider/file.rb +14 -0
- data/spec/unit/compliance/runner_spec.rb +54 -5
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +3 -3
- data/spec/unit/provider/mount/mount_spec.rb +51 -0
- data/spec/unit/provider/package/rubygems_spec.rb +3 -3
- data/spec/unit/provider/service/macosx_spec.rb +3 -3
- data/spec/unit/resource/chef_client_cron_spec.rb +8 -8
- data/tasks/rspec.rb +1 -1
- metadata +15 -13
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll
CHANGED
Binary file
|
Binary file
|
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll
CHANGED
Binary file
|
Binary file
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# Author:: Stephan Renatus <srenatus@chef.io>
|
2
|
-
# Copyright:: (c)
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc. <legal@chef.io>
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -87,7 +87,11 @@ class Chef
|
|
87
87
|
|
88
88
|
# If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
|
89
89
|
# named `chef_node`.
|
90
|
-
"chef_node_attribute_enabled" => false
|
90
|
+
"chef_node_attribute_enabled" => false,
|
91
|
+
|
92
|
+
# Should the built-in compliance phase run. True and false force the behavior. Nil does magic based on if you have
|
93
|
+
# profiles defined but do not have the audit cookbook enabled.
|
94
|
+
"compliance_phase" => false
|
91
95
|
)
|
92
96
|
end
|
93
97
|
end
|
@@ -22,8 +22,13 @@ class Chef
|
|
22
22
|
|
23
23
|
logger.debug("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
|
24
24
|
logger.debug("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
|
25
|
+
logger.debug("#{self.class}##{__method__}: compliance phase attr? #{node["audit"]["compliance_phase"]}")
|
25
26
|
|
26
|
-
|
27
|
+
if node["audit"]["compliance_phase"].nil?
|
28
|
+
inspec_profiles.any? && !audit_cookbook_present
|
29
|
+
else
|
30
|
+
node["audit"]["compliance_phase"]
|
31
|
+
end
|
27
32
|
end
|
28
33
|
|
29
34
|
def node=(node)
|
@@ -70,7 +70,11 @@ class Chef
|
|
70
70
|
unless Chef::Config[:skip_gem_metadata_installation]
|
71
71
|
# Add additional options to bundle install
|
72
72
|
cmd = [ "bundle", "install", Chef::Config[:gem_installer_bundler_options] ]
|
73
|
-
|
73
|
+
env = {
|
74
|
+
"PATH" => path_with_prepended_ruby_bin,
|
75
|
+
"BUNDLE_SILENCE_ROOT_WARNING" => "1",
|
76
|
+
}
|
77
|
+
so = shell_out!(cmd, cwd: dir, env: env)
|
74
78
|
Chef::Log.info(so.stdout)
|
75
79
|
end
|
76
80
|
end
|
@@ -294,11 +294,10 @@ class Chef
|
|
294
294
|
"%TEMP%\\#{ChefUtils::Dist::Infra::CLIENT}-latest.msi"
|
295
295
|
end
|
296
296
|
|
297
|
-
# Build a URL
|
298
|
-
# Chef Infra msi download.
|
297
|
+
# Build a URL that will redirect to the correct Chef Infra msi download.
|
299
298
|
def msi_url(machine_os = nil, machine_arch = nil, download_context = nil)
|
300
299
|
if config[:msi_url].nil? || config[:msi_url].empty?
|
301
|
-
url = "https://
|
300
|
+
url = "https://omnitruck.chef.io/chef/download?p=windows"
|
302
301
|
url += "&pv=#{machine_os}" unless machine_os.nil?
|
303
302
|
url += "&m=#{machine_arch}" unless machine_arch.nil?
|
304
303
|
url += "&DownloadContext=#{download_context}" unless download_context.nil?
|
data/lib/chef/provider/file.rb
CHANGED
@@ -338,7 +338,7 @@ class Chef
|
|
338
338
|
raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
|
339
339
|
end
|
340
340
|
|
341
|
-
if tempfile
|
341
|
+
if tempfile && contents_changed?
|
342
342
|
new_resource.verify.each do |v|
|
343
343
|
unless v.verify(tempfile.path)
|
344
344
|
backupfile = "#{Chef::Config[:file_cache_path]}/failed_validations/#{::File.basename(tempfile.path)}"
|
data/lib/chef/provider/mount.rb
CHANGED
@@ -175,8 +175,13 @@ class Chef
|
|
175
175
|
|
176
176
|
# Returns the new_resource device as per device_type
|
177
177
|
def device_fstab
|
178
|
-
# Removed "/" from the end of str, because it was causing idempotency issue.
|
179
|
-
device =
|
178
|
+
# Removed "/" from the end of str unless it's a network mount, because it was causing idempotency issue.
|
179
|
+
device =
|
180
|
+
if @new_resource.device == "/" || @new_resource.device.match?(":/$")
|
181
|
+
@new_resource.device
|
182
|
+
else
|
183
|
+
@new_resource.device.chomp("/")
|
184
|
+
end
|
180
185
|
case @new_resource.device_type
|
181
186
|
when :device
|
182
187
|
device
|
@@ -423,11 +423,11 @@ class Chef
|
|
423
423
|
end
|
424
424
|
|
425
425
|
def is_omnibus?
|
426
|
-
if %r{/(
|
426
|
+
if %r{/(#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}|#{ChefUtils::Dist::Infra::SHORT}|#{ChefUtils::Dist::Workstation::DIR_SUFFIX})/embedded/bin}.match?(RbConfig::CONFIG["bindir"])
|
427
427
|
logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
|
428
428
|
# Omnibus installs to a static path because of linking on unix, find it.
|
429
429
|
true
|
430
|
-
elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/
|
430
|
+
elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}/#{ChefUtils::Dist::Infra::SHORT}/embedded/bin"
|
431
431
|
logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
|
432
432
|
# windows, with the drive letter removed
|
433
433
|
true
|
@@ -169,12 +169,12 @@ class Chef
|
|
169
169
|
|
170
170
|
def load_service
|
171
171
|
session = @session_type ? "-S #{@session_type} " : ""
|
172
|
-
cmd = "launchctl load -w " + session + @plist
|
172
|
+
cmd = "/bin/launchctl load -w " + session + @plist
|
173
173
|
shell_out_as_user(cmd)
|
174
174
|
end
|
175
175
|
|
176
176
|
def unload_service
|
177
|
-
cmd = "launchctl unload -w " + @plist
|
177
|
+
cmd = "/bin/launchctl unload -w " + @plist
|
178
178
|
shell_out_as_user(cmd)
|
179
179
|
end
|
180
180
|
|
@@ -190,7 +190,7 @@ class Chef
|
|
190
190
|
def set_service_status
|
191
191
|
return if @plist.nil? || @service_label.to_s.empty?
|
192
192
|
|
193
|
-
cmd = "launchctl list #{@service_label}"
|
193
|
+
cmd = "/bin/launchctl list #{@service_label}"
|
194
194
|
res = shell_out_as_user(cmd)
|
195
195
|
|
196
196
|
if res.exitstatus == 0
|
@@ -213,7 +213,7 @@ class Chef
|
|
213
213
|
#
|
214
214
|
def log_command
|
215
215
|
if new_resource.append_log_file
|
216
|
-
"
|
216
|
+
">> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
217
217
|
else
|
218
218
|
"> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
219
219
|
end
|
@@ -134,7 +134,7 @@ class Chef
|
|
134
134
|
standard_error_path ::File.join(new_resource.log_directory, new_resource.log_file_name)
|
135
135
|
program_arguments ["/bin/bash",
|
136
136
|
"-c",
|
137
|
-
"echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
|
137
|
+
"echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; /bin/launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; /bin/launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
|
138
138
|
action :enable # enable creates the plist & triggers service restarts on change
|
139
139
|
end
|
140
140
|
|
data/lib/chef/version.rb
CHANGED
@@ -4,7 +4,7 @@ require "support/shared/integration/integration_helper"
|
|
4
4
|
require "chef/mixin/shell_out"
|
5
5
|
require "chef-utils/dist"
|
6
6
|
|
7
|
-
describe "chef-client with
|
7
|
+
describe "chef-client with compliance phase" do
|
8
8
|
|
9
9
|
include IntegrationSupport
|
10
10
|
include Chef::Mixin::ShellOut
|
@@ -46,6 +46,7 @@ describe "chef-client with audit mode" do
|
|
46
46
|
file "attributes.json", <<~FILE
|
47
47
|
{
|
48
48
|
"audit": {
|
49
|
+
"compliance_phase": true,
|
49
50
|
"json_file": {
|
50
51
|
"location": "#{report_file}"
|
51
52
|
},
|
data/spec/spec_helper.rb
CHANGED
@@ -145,6 +145,7 @@ RSpec.configure do |config|
|
|
145
145
|
config.filter_run_excluding macos_only: true unless macos?
|
146
146
|
config.filter_run_excluding macos_1013: true unless macos_1013?
|
147
147
|
config.filter_run_excluding macos_gte_1014: true unless macos_gte_1014?
|
148
|
+
config.filter_run_excluding not_macos_gte_11: true if macos_gte_11?
|
148
149
|
config.filter_run_excluding not_supported_on_aix: true if aix?
|
149
150
|
config.filter_run_excluding not_supported_on_solaris: true if solaris?
|
150
151
|
config.filter_run_excluding not_supported_on_gce: true if gce?
|
@@ -479,12 +479,14 @@ shared_examples_for Chef::Provider::File do
|
|
479
479
|
it "calls #verify on each verification with tempfile path" do
|
480
480
|
provider.new_resource.verify windows? ? "REM" : "true"
|
481
481
|
provider.new_resource.verify windows? ? "REM" : "true"
|
482
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
482
483
|
provider.send(:do_validate_content)
|
483
484
|
end
|
484
485
|
|
485
486
|
it "raises an exception if any verification fails" do
|
486
487
|
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
487
488
|
allow(provider).to receive(:tempfile).and_return(tempfile)
|
489
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
488
490
|
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
489
491
|
provider.new_resource.verify.each do |v|
|
490
492
|
allow(v).to receive(:verify).and_return(false)
|
@@ -492,9 +494,21 @@ shared_examples_for Chef::Provider::File do
|
|
492
494
|
expect { provider.send(:do_validate_content) }.to raise_error(Chef::Exceptions::ValidationFailed)
|
493
495
|
end
|
494
496
|
|
497
|
+
it "does not run verifications when the contents did not change" do
|
498
|
+
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
499
|
+
allow(provider).to receive(:tempfile).and_return(tempfile)
|
500
|
+
allow(provider).to receive(:contents_changed?).and_return(false)
|
501
|
+
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
502
|
+
provider.new_resource.verify.each do |v|
|
503
|
+
expect(v).not_to receive(:verify)
|
504
|
+
end
|
505
|
+
provider.send(:do_validate_content)
|
506
|
+
end
|
507
|
+
|
495
508
|
it "does not show verification for sensitive resources" do
|
496
509
|
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
497
510
|
allow(provider).to receive(:tempfile).and_return(tempfile)
|
511
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
498
512
|
provider.new_resource.sensitive true
|
499
513
|
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
500
514
|
provider.new_resource.verify.each do |v|
|
@@ -13,36 +13,85 @@ describe Chef::Compliance::Runner do
|
|
13
13
|
|
14
14
|
describe "#enabled?" do
|
15
15
|
|
16
|
-
it "is true if the node attributes have audit profiles and the audit cookbook is not present" do
|
16
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is nil" do
|
17
17
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
18
|
+
node.normal["audit"]["compliance_phase"] = nil
|
18
19
|
|
19
20
|
expect(runner).to be_enabled
|
20
21
|
end
|
21
22
|
|
22
|
-
it "is
|
23
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is true" do
|
24
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
25
|
+
node.normal["audit"]["compliance_phase"] = true
|
26
|
+
|
27
|
+
expect(runner).to be_enabled
|
28
|
+
end
|
29
|
+
|
30
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is false" do
|
31
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
32
|
+
node.normal["audit"]["compliance_phase"] = false
|
33
|
+
|
34
|
+
expect(runner).not_to be_enabled
|
35
|
+
end
|
36
|
+
|
37
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
23
38
|
stub_const("::Reporter::ChefAutomate", true)
|
24
39
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
40
|
+
node.normal["audit"]["compliance_phase"] = nil
|
25
41
|
|
26
42
|
expect(runner).not_to be_enabled
|
27
43
|
end
|
28
44
|
|
29
|
-
it "is
|
45
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
46
|
+
stub_const("::Reporter::ChefAutomate", true)
|
47
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
48
|
+
node.normal["audit"]["compliance_phase"] = true
|
49
|
+
|
50
|
+
expect(runner).to be_enabled
|
51
|
+
end
|
52
|
+
|
53
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is nil" do
|
30
54
|
node.normal["audit"]["profiles"] = {}
|
55
|
+
node.normal["audit"]["compliance_phase"] = nil
|
31
56
|
|
32
57
|
expect(runner).not_to be_enabled
|
33
58
|
end
|
34
59
|
|
35
|
-
it "is false if the node attributes do not have audit profiles and the audit cookbook is present" do
|
60
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
36
61
|
stub_const("::Reporter::ChefAutomate", true)
|
37
62
|
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
63
|
+
node.normal["audit"]["compliance_phase"] = nil
|
38
64
|
|
39
65
|
expect(runner).not_to be_enabled
|
40
66
|
end
|
41
67
|
|
42
|
-
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present" do
|
68
|
+
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is nil" do
|
43
69
|
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
70
|
+
node.normal["audit"]["compliance_phase"] = nil
|
71
|
+
|
44
72
|
expect(runner).not_to be_enabled
|
45
73
|
end
|
74
|
+
|
75
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is true" do
|
76
|
+
node.normal["audit"]["profiles"] = {}
|
77
|
+
node.normal["audit"]["compliance_phase"] = true
|
78
|
+
|
79
|
+
expect(runner).to be_enabled
|
80
|
+
end
|
81
|
+
|
82
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
83
|
+
stub_const("::Reporter::ChefAutomate", true)
|
84
|
+
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
85
|
+
node.normal["audit"]["compliance_phase"] = true
|
86
|
+
|
87
|
+
expect(runner).to be_enabled
|
88
|
+
end
|
89
|
+
|
90
|
+
it "is true if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is true" do
|
91
|
+
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
92
|
+
node.normal["audit"]["compliance_phase"] = true
|
93
|
+
expect(runner).to be_enabled
|
94
|
+
end
|
46
95
|
end
|
47
96
|
|
48
97
|
describe "#inspec_profiles" do
|
@@ -204,19 +204,19 @@ describe Chef::Knife::Core::WindowsBootstrapContext do
|
|
204
204
|
end
|
205
205
|
|
206
206
|
it "returns a chef.io msi url with minimal url parameters" do
|
207
|
-
reference_url = "https://
|
207
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=stable&v=something"
|
208
208
|
expect(bootstrap_context.msi_url).to eq(reference_url)
|
209
209
|
end
|
210
210
|
|
211
211
|
it "returns a chef.io msi url with provided url parameters substituted" do
|
212
|
-
reference_url = "https://
|
212
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&channel=stable&v=something"
|
213
213
|
expect(bootstrap_context.msi_url("machine", "arch", "ctx")).to eq(reference_url)
|
214
214
|
end
|
215
215
|
|
216
216
|
context "when a channel is provided in config" do
|
217
217
|
let(:config) { { channel: "current" } }
|
218
218
|
it "returns a chef.io msi url with the requested channel" do
|
219
|
-
reference_url = "https://
|
219
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=current&v=something"
|
220
220
|
expect(bootstrap_context.msi_url).to eq(reference_url)
|
221
221
|
end
|
222
222
|
end
|
@@ -506,6 +506,57 @@ describe Chef::Provider::Mount::Mount do
|
|
506
506
|
end
|
507
507
|
end
|
508
508
|
|
509
|
+
context "network mount" do
|
510
|
+
before(:each) do
|
511
|
+
@node = Chef::Node.new
|
512
|
+
@events = Chef::EventDispatch::Dispatcher.new
|
513
|
+
@run_context = Chef::RunContext.new(@node, {}, @events)
|
514
|
+
|
515
|
+
@new_resource = Chef::Resource::Mount.new("/tmp/bar")
|
516
|
+
@new_resource.device "cephserver:6789:/"
|
517
|
+
@new_resource.device_type :device
|
518
|
+
@new_resource.fstype "cephfs"
|
519
|
+
|
520
|
+
@new_resource.supports remount: false
|
521
|
+
|
522
|
+
@provider = Chef::Provider::Mount::Mount.new(@new_resource, @run_context)
|
523
|
+
|
524
|
+
allow(::File).to receive(:exists?).with("cephserver:6789:/").and_return true
|
525
|
+
allow(::File).to receive(:exists?).with("/tmp/bar").and_return true
|
526
|
+
allow(::File).to receive(:realpath).with("cephserver:6789:/").and_return "cephserver:6789:/"
|
527
|
+
allow(::File).to receive(:realpath).with("/tmp/bar").and_return "/tmp/foo"
|
528
|
+
end
|
529
|
+
|
530
|
+
before do
|
531
|
+
@current_resource = Chef::Resource::Mount.new("/tmp/foo")
|
532
|
+
@current_resource.device "cephserver:6789:/"
|
533
|
+
@current_resource.device_type :device
|
534
|
+
@current_resource.fstype "cephfs"
|
535
|
+
|
536
|
+
@provider.current_resource = @current_resource
|
537
|
+
end
|
538
|
+
|
539
|
+
it "should enable network mount if enabled isn't true" do
|
540
|
+
@current_resource.enabled(false)
|
541
|
+
|
542
|
+
@fstab = StringIO.new
|
543
|
+
allow(::File).to receive(:open).with("/etc/fstab", "a").and_yield(@fstab)
|
544
|
+
@provider.enable_fs
|
545
|
+
expect(@fstab.string).to match(%r{^cephserver:6789:/\s+/tmp/bar\s+cephfs\s+defaults\s+0\s+2\s*$})
|
546
|
+
end
|
547
|
+
|
548
|
+
it "should not enable network if enabled is true and resources match" do
|
549
|
+
@current_resource.enabled(true)
|
550
|
+
@current_resource.fstype("cephfs")
|
551
|
+
@current_resource.options(["defaults"])
|
552
|
+
@current_resource.dump(0)
|
553
|
+
@current_resource.pass(2)
|
554
|
+
expect(::File).not_to receive(:open).with("/etc/fstab", "a")
|
555
|
+
|
556
|
+
@provider.enable_fs
|
557
|
+
end
|
558
|
+
end
|
559
|
+
|
509
560
|
# the fstab might contain the mount with the device as a device but the resource has a label.
|
510
561
|
# we should not create two mount lines, but update the existing one
|
511
562
|
# not supported on solaris because it can't cope with a UUID device type
|