chef 16.10.17-universal-mingw32 → 16.14.1-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +7 -4
- data/Rakefile +11 -0
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +1 -1
- data/distro/ruby_bin_folder/AMD64/Chef.PowerShell.Wrapper.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/Chef.PowerShell.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.PowerShell.Wrapper.Core.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.pdb +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.NETCore.App.deps.json +153 -149
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Diagnostics.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Management.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Utility.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.ConsoleHost.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.CoreCLR.Eventing.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.MarkdownRender.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.Messages.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll +0 -0
- data/distro/ruby_bin_folder/AMD64/shared/Microsoft.NETCore.App/5.0.0/System.Security.Cryptography.Pkcs.dll +0 -0
- data/distro/ruby_bin_folder/x86/Chef.PowerShell.dll +0 -0
- data/distro/ruby_bin_folder/x86/Chef.Powershell.Wrapper.dll +0 -0
- data/distro/ruby_bin_folder/x86/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.PowerShell.Wrapper.Core.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Chef.Powershell.Core.pdb +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.NETCore.App.deps.json +153 -149
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Diagnostics.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Management.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Commands.Utility.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.ConsoleHost.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.CoreCLR.Eventing.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.MarkdownRender.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Newtonsoft.Json.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.Messages.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll +0 -0
- data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Security.Cryptography.Pkcs.dll +0 -0
- data/lib/chef/compliance/default_attributes.rb +6 -2
- data/lib/chef/compliance/runner.rb +6 -1
- data/lib/chef/cookbook/gem_installer.rb +5 -1
- data/lib/chef/knife/core/windows_bootstrap_context.rb +2 -3
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/mount.rb +7 -2
- data/lib/chef/provider/package/dnf/dnf_helper.py +4 -0
- data/lib/chef/provider/package/rubygems.rb +2 -2
- data/lib/chef/provider/package/yum/yum_helper.py +4 -0
- data/lib/chef/provider/service/macosx.rb +3 -3
- data/lib/chef/resource/chef_client_cron.rb +1 -1
- data/lib/chef/resource/chef_client_launchd.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/spec/functional/resource/cron_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +2 -1
- data/spec/spec_helper.rb +1 -0
- data/spec/support/platform_helpers.rb +4 -0
- data/spec/support/shared/unit/provider/file.rb +14 -0
- data/spec/unit/compliance/runner_spec.rb +54 -5
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +3 -3
- data/spec/unit/provider/mount/mount_spec.rb +51 -0
- data/spec/unit/provider/package/rubygems_spec.rb +3 -3
- data/spec/unit/provider/service/macosx_spec.rb +3 -3
- data/spec/unit/resource/chef_client_cron_spec.rb +8 -8
- data/tasks/rspec.rb +1 -1
- metadata +15 -13
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.PowerShell.Security.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Management.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/Microsoft.WSMan.Runtime.dll
CHANGED
Binary file
|
Binary file
|
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Diagnostics.EventLog.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Drawing.Common.dll
CHANGED
Binary file
|
data/distro/ruby_bin_folder/x86/shared/Microsoft.NETCore.App/5.0.0/System.Management.Automation.dll
CHANGED
Binary file
|
Binary file
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# Author:: Stephan Renatus <srenatus@chef.io>
|
2
|
-
# Copyright:: (c)
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc. <legal@chef.io>
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -87,7 +87,11 @@ class Chef
|
|
87
87
|
|
88
88
|
# If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
|
89
89
|
# named `chef_node`.
|
90
|
-
"chef_node_attribute_enabled" => false
|
90
|
+
"chef_node_attribute_enabled" => false,
|
91
|
+
|
92
|
+
# Should the built-in compliance phase run. True and false force the behavior. Nil does magic based on if you have
|
93
|
+
# profiles defined but do not have the audit cookbook enabled.
|
94
|
+
"compliance_phase" => false
|
91
95
|
)
|
92
96
|
end
|
93
97
|
end
|
@@ -22,8 +22,13 @@ class Chef
|
|
22
22
|
|
23
23
|
logger.debug("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
|
24
24
|
logger.debug("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
|
25
|
+
logger.debug("#{self.class}##{__method__}: compliance phase attr? #{node["audit"]["compliance_phase"]}")
|
25
26
|
|
26
|
-
|
27
|
+
if node["audit"]["compliance_phase"].nil?
|
28
|
+
inspec_profiles.any? && !audit_cookbook_present
|
29
|
+
else
|
30
|
+
node["audit"]["compliance_phase"]
|
31
|
+
end
|
27
32
|
end
|
28
33
|
|
29
34
|
def node=(node)
|
@@ -70,7 +70,11 @@ class Chef
|
|
70
70
|
unless Chef::Config[:skip_gem_metadata_installation]
|
71
71
|
# Add additional options to bundle install
|
72
72
|
cmd = [ "bundle", "install", Chef::Config[:gem_installer_bundler_options] ]
|
73
|
-
|
73
|
+
env = {
|
74
|
+
"PATH" => path_with_prepended_ruby_bin,
|
75
|
+
"BUNDLE_SILENCE_ROOT_WARNING" => "1",
|
76
|
+
}
|
77
|
+
so = shell_out!(cmd, cwd: dir, env: env)
|
74
78
|
Chef::Log.info(so.stdout)
|
75
79
|
end
|
76
80
|
end
|
@@ -294,11 +294,10 @@ class Chef
|
|
294
294
|
"%TEMP%\\#{ChefUtils::Dist::Infra::CLIENT}-latest.msi"
|
295
295
|
end
|
296
296
|
|
297
|
-
# Build a URL
|
298
|
-
# Chef Infra msi download.
|
297
|
+
# Build a URL that will redirect to the correct Chef Infra msi download.
|
299
298
|
def msi_url(machine_os = nil, machine_arch = nil, download_context = nil)
|
300
299
|
if config[:msi_url].nil? || config[:msi_url].empty?
|
301
|
-
url = "https://
|
300
|
+
url = "https://omnitruck.chef.io/chef/download?p=windows"
|
302
301
|
url += "&pv=#{machine_os}" unless machine_os.nil?
|
303
302
|
url += "&m=#{machine_arch}" unless machine_arch.nil?
|
304
303
|
url += "&DownloadContext=#{download_context}" unless download_context.nil?
|
data/lib/chef/provider/file.rb
CHANGED
@@ -338,7 +338,7 @@ class Chef
|
|
338
338
|
raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
|
339
339
|
end
|
340
340
|
|
341
|
-
if tempfile
|
341
|
+
if tempfile && contents_changed?
|
342
342
|
new_resource.verify.each do |v|
|
343
343
|
unless v.verify(tempfile.path)
|
344
344
|
backupfile = "#{Chef::Config[:file_cache_path]}/failed_validations/#{::File.basename(tempfile.path)}"
|
data/lib/chef/provider/mount.rb
CHANGED
@@ -175,8 +175,13 @@ class Chef
|
|
175
175
|
|
176
176
|
# Returns the new_resource device as per device_type
|
177
177
|
def device_fstab
|
178
|
-
# Removed "/" from the end of str, because it was causing idempotency issue.
|
179
|
-
device =
|
178
|
+
# Removed "/" from the end of str unless it's a network mount, because it was causing idempotency issue.
|
179
|
+
device =
|
180
|
+
if @new_resource.device == "/" || @new_resource.device.match?(":/$")
|
181
|
+
@new_resource.device
|
182
|
+
else
|
183
|
+
@new_resource.device.chomp("/")
|
184
|
+
end
|
180
185
|
case @new_resource.device_type
|
181
186
|
when :device
|
182
187
|
device
|
@@ -423,11 +423,11 @@ class Chef
|
|
423
423
|
end
|
424
424
|
|
425
425
|
def is_omnibus?
|
426
|
-
if %r{/(
|
426
|
+
if %r{/(#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}|#{ChefUtils::Dist::Infra::SHORT}|#{ChefUtils::Dist::Workstation::DIR_SUFFIX})/embedded/bin}.match?(RbConfig::CONFIG["bindir"])
|
427
427
|
logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
|
428
428
|
# Omnibus installs to a static path because of linking on unix, find it.
|
429
429
|
true
|
430
|
-
elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/
|
430
|
+
elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}/#{ChefUtils::Dist::Infra::SHORT}/embedded/bin"
|
431
431
|
logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
|
432
432
|
# windows, with the drive letter removed
|
433
433
|
true
|
@@ -169,12 +169,12 @@ class Chef
|
|
169
169
|
|
170
170
|
def load_service
|
171
171
|
session = @session_type ? "-S #{@session_type} " : ""
|
172
|
-
cmd = "launchctl load -w " + session + @plist
|
172
|
+
cmd = "/bin/launchctl load -w " + session + @plist
|
173
173
|
shell_out_as_user(cmd)
|
174
174
|
end
|
175
175
|
|
176
176
|
def unload_service
|
177
|
-
cmd = "launchctl unload -w " + @plist
|
177
|
+
cmd = "/bin/launchctl unload -w " + @plist
|
178
178
|
shell_out_as_user(cmd)
|
179
179
|
end
|
180
180
|
|
@@ -190,7 +190,7 @@ class Chef
|
|
190
190
|
def set_service_status
|
191
191
|
return if @plist.nil? || @service_label.to_s.empty?
|
192
192
|
|
193
|
-
cmd = "launchctl list #{@service_label}"
|
193
|
+
cmd = "/bin/launchctl list #{@service_label}"
|
194
194
|
res = shell_out_as_user(cmd)
|
195
195
|
|
196
196
|
if res.exitstatus == 0
|
@@ -213,7 +213,7 @@ class Chef
|
|
213
213
|
#
|
214
214
|
def log_command
|
215
215
|
if new_resource.append_log_file
|
216
|
-
"
|
216
|
+
">> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
217
217
|
else
|
218
218
|
"> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
|
219
219
|
end
|
@@ -134,7 +134,7 @@ class Chef
|
|
134
134
|
standard_error_path ::File.join(new_resource.log_directory, new_resource.log_file_name)
|
135
135
|
program_arguments ["/bin/bash",
|
136
136
|
"-c",
|
137
|
-
"echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
|
137
|
+
"echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; /bin/launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; /bin/launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
|
138
138
|
action :enable # enable creates the plist & triggers service restarts on change
|
139
139
|
end
|
140
140
|
|
data/lib/chef/version.rb
CHANGED
@@ -4,7 +4,7 @@ require "support/shared/integration/integration_helper"
|
|
4
4
|
require "chef/mixin/shell_out"
|
5
5
|
require "chef-utils/dist"
|
6
6
|
|
7
|
-
describe "chef-client with
|
7
|
+
describe "chef-client with compliance phase" do
|
8
8
|
|
9
9
|
include IntegrationSupport
|
10
10
|
include Chef::Mixin::ShellOut
|
@@ -46,6 +46,7 @@ describe "chef-client with audit mode" do
|
|
46
46
|
file "attributes.json", <<~FILE
|
47
47
|
{
|
48
48
|
"audit": {
|
49
|
+
"compliance_phase": true,
|
49
50
|
"json_file": {
|
50
51
|
"location": "#{report_file}"
|
51
52
|
},
|
data/spec/spec_helper.rb
CHANGED
@@ -145,6 +145,7 @@ RSpec.configure do |config|
|
|
145
145
|
config.filter_run_excluding macos_only: true unless macos?
|
146
146
|
config.filter_run_excluding macos_1013: true unless macos_1013?
|
147
147
|
config.filter_run_excluding macos_gte_1014: true unless macos_gte_1014?
|
148
|
+
config.filter_run_excluding not_macos_gte_11: true if macos_gte_11?
|
148
149
|
config.filter_run_excluding not_supported_on_aix: true if aix?
|
149
150
|
config.filter_run_excluding not_supported_on_solaris: true if solaris?
|
150
151
|
config.filter_run_excluding not_supported_on_gce: true if gce?
|
@@ -479,12 +479,14 @@ shared_examples_for Chef::Provider::File do
|
|
479
479
|
it "calls #verify on each verification with tempfile path" do
|
480
480
|
provider.new_resource.verify windows? ? "REM" : "true"
|
481
481
|
provider.new_resource.verify windows? ? "REM" : "true"
|
482
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
482
483
|
provider.send(:do_validate_content)
|
483
484
|
end
|
484
485
|
|
485
486
|
it "raises an exception if any verification fails" do
|
486
487
|
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
487
488
|
allow(provider).to receive(:tempfile).and_return(tempfile)
|
489
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
488
490
|
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
489
491
|
provider.new_resource.verify.each do |v|
|
490
492
|
allow(v).to receive(:verify).and_return(false)
|
@@ -492,9 +494,21 @@ shared_examples_for Chef::Provider::File do
|
|
492
494
|
expect { provider.send(:do_validate_content) }.to raise_error(Chef::Exceptions::ValidationFailed)
|
493
495
|
end
|
494
496
|
|
497
|
+
it "does not run verifications when the contents did not change" do
|
498
|
+
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
499
|
+
allow(provider).to receive(:tempfile).and_return(tempfile)
|
500
|
+
allow(provider).to receive(:contents_changed?).and_return(false)
|
501
|
+
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
502
|
+
provider.new_resource.verify.each do |v|
|
503
|
+
expect(v).not_to receive(:verify)
|
504
|
+
end
|
505
|
+
provider.send(:do_validate_content)
|
506
|
+
end
|
507
|
+
|
495
508
|
it "does not show verification for sensitive resources" do
|
496
509
|
allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
|
497
510
|
allow(provider).to receive(:tempfile).and_return(tempfile)
|
511
|
+
allow(provider).to receive(:contents_changed?).and_return(true)
|
498
512
|
provider.new_resource.sensitive true
|
499
513
|
provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
|
500
514
|
provider.new_resource.verify.each do |v|
|
@@ -13,36 +13,85 @@ describe Chef::Compliance::Runner do
|
|
13
13
|
|
14
14
|
describe "#enabled?" do
|
15
15
|
|
16
|
-
it "is true if the node attributes have audit profiles and the audit cookbook is not present" do
|
16
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is nil" do
|
17
17
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
18
|
+
node.normal["audit"]["compliance_phase"] = nil
|
18
19
|
|
19
20
|
expect(runner).to be_enabled
|
20
21
|
end
|
21
22
|
|
22
|
-
it "is
|
23
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is true" do
|
24
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
25
|
+
node.normal["audit"]["compliance_phase"] = true
|
26
|
+
|
27
|
+
expect(runner).to be_enabled
|
28
|
+
end
|
29
|
+
|
30
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is false" do
|
31
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
32
|
+
node.normal["audit"]["compliance_phase"] = false
|
33
|
+
|
34
|
+
expect(runner).not_to be_enabled
|
35
|
+
end
|
36
|
+
|
37
|
+
it "is false if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
23
38
|
stub_const("::Reporter::ChefAutomate", true)
|
24
39
|
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
40
|
+
node.normal["audit"]["compliance_phase"] = nil
|
25
41
|
|
26
42
|
expect(runner).not_to be_enabled
|
27
43
|
end
|
28
44
|
|
29
|
-
it "is
|
45
|
+
it "is true if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
46
|
+
stub_const("::Reporter::ChefAutomate", true)
|
47
|
+
node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
|
48
|
+
node.normal["audit"]["compliance_phase"] = true
|
49
|
+
|
50
|
+
expect(runner).to be_enabled
|
51
|
+
end
|
52
|
+
|
53
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is nil" do
|
30
54
|
node.normal["audit"]["profiles"] = {}
|
55
|
+
node.normal["audit"]["compliance_phase"] = nil
|
31
56
|
|
32
57
|
expect(runner).not_to be_enabled
|
33
58
|
end
|
34
59
|
|
35
|
-
it "is false if the node attributes do not have audit profiles and the audit cookbook is present" do
|
60
|
+
it "is false if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
|
36
61
|
stub_const("::Reporter::ChefAutomate", true)
|
37
62
|
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
63
|
+
node.normal["audit"]["compliance_phase"] = nil
|
38
64
|
|
39
65
|
expect(runner).not_to be_enabled
|
40
66
|
end
|
41
67
|
|
42
|
-
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present" do
|
68
|
+
it "is false if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is nil" do
|
43
69
|
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
70
|
+
node.normal["audit"]["compliance_phase"] = nil
|
71
|
+
|
44
72
|
expect(runner).not_to be_enabled
|
45
73
|
end
|
74
|
+
|
75
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is true" do
|
76
|
+
node.normal["audit"]["profiles"] = {}
|
77
|
+
node.normal["audit"]["compliance_phase"] = true
|
78
|
+
|
79
|
+
expect(runner).to be_enabled
|
80
|
+
end
|
81
|
+
|
82
|
+
it "is true if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
|
83
|
+
stub_const("::Reporter::ChefAutomate", true)
|
84
|
+
node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
|
85
|
+
node.normal["audit"]["compliance_phase"] = true
|
86
|
+
|
87
|
+
expect(runner).to be_enabled
|
88
|
+
end
|
89
|
+
|
90
|
+
it "is true if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is true" do
|
91
|
+
node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
|
92
|
+
node.normal["audit"]["compliance_phase"] = true
|
93
|
+
expect(runner).to be_enabled
|
94
|
+
end
|
46
95
|
end
|
47
96
|
|
48
97
|
describe "#inspec_profiles" do
|
@@ -204,19 +204,19 @@ describe Chef::Knife::Core::WindowsBootstrapContext do
|
|
204
204
|
end
|
205
205
|
|
206
206
|
it "returns a chef.io msi url with minimal url parameters" do
|
207
|
-
reference_url = "https://
|
207
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=stable&v=something"
|
208
208
|
expect(bootstrap_context.msi_url).to eq(reference_url)
|
209
209
|
end
|
210
210
|
|
211
211
|
it "returns a chef.io msi url with provided url parameters substituted" do
|
212
|
-
reference_url = "https://
|
212
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&channel=stable&v=something"
|
213
213
|
expect(bootstrap_context.msi_url("machine", "arch", "ctx")).to eq(reference_url)
|
214
214
|
end
|
215
215
|
|
216
216
|
context "when a channel is provided in config" do
|
217
217
|
let(:config) { { channel: "current" } }
|
218
218
|
it "returns a chef.io msi url with the requested channel" do
|
219
|
-
reference_url = "https://
|
219
|
+
reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=current&v=something"
|
220
220
|
expect(bootstrap_context.msi_url).to eq(reference_url)
|
221
221
|
end
|
222
222
|
end
|
@@ -506,6 +506,57 @@ describe Chef::Provider::Mount::Mount do
|
|
506
506
|
end
|
507
507
|
end
|
508
508
|
|
509
|
+
context "network mount" do
|
510
|
+
before(:each) do
|
511
|
+
@node = Chef::Node.new
|
512
|
+
@events = Chef::EventDispatch::Dispatcher.new
|
513
|
+
@run_context = Chef::RunContext.new(@node, {}, @events)
|
514
|
+
|
515
|
+
@new_resource = Chef::Resource::Mount.new("/tmp/bar")
|
516
|
+
@new_resource.device "cephserver:6789:/"
|
517
|
+
@new_resource.device_type :device
|
518
|
+
@new_resource.fstype "cephfs"
|
519
|
+
|
520
|
+
@new_resource.supports remount: false
|
521
|
+
|
522
|
+
@provider = Chef::Provider::Mount::Mount.new(@new_resource, @run_context)
|
523
|
+
|
524
|
+
allow(::File).to receive(:exists?).with("cephserver:6789:/").and_return true
|
525
|
+
allow(::File).to receive(:exists?).with("/tmp/bar").and_return true
|
526
|
+
allow(::File).to receive(:realpath).with("cephserver:6789:/").and_return "cephserver:6789:/"
|
527
|
+
allow(::File).to receive(:realpath).with("/tmp/bar").and_return "/tmp/foo"
|
528
|
+
end
|
529
|
+
|
530
|
+
before do
|
531
|
+
@current_resource = Chef::Resource::Mount.new("/tmp/foo")
|
532
|
+
@current_resource.device "cephserver:6789:/"
|
533
|
+
@current_resource.device_type :device
|
534
|
+
@current_resource.fstype "cephfs"
|
535
|
+
|
536
|
+
@provider.current_resource = @current_resource
|
537
|
+
end
|
538
|
+
|
539
|
+
it "should enable network mount if enabled isn't true" do
|
540
|
+
@current_resource.enabled(false)
|
541
|
+
|
542
|
+
@fstab = StringIO.new
|
543
|
+
allow(::File).to receive(:open).with("/etc/fstab", "a").and_yield(@fstab)
|
544
|
+
@provider.enable_fs
|
545
|
+
expect(@fstab.string).to match(%r{^cephserver:6789:/\s+/tmp/bar\s+cephfs\s+defaults\s+0\s+2\s*$})
|
546
|
+
end
|
547
|
+
|
548
|
+
it "should not enable network if enabled is true and resources match" do
|
549
|
+
@current_resource.enabled(true)
|
550
|
+
@current_resource.fstype("cephfs")
|
551
|
+
@current_resource.options(["defaults"])
|
552
|
+
@current_resource.dump(0)
|
553
|
+
@current_resource.pass(2)
|
554
|
+
expect(::File).not_to receive(:open).with("/etc/fstab", "a")
|
555
|
+
|
556
|
+
@provider.enable_fs
|
557
|
+
end
|
558
|
+
end
|
559
|
+
|
509
560
|
# the fstab might contain the mount with the device as a device but the resource has a label.
|
510
561
|
# we should not create two mount lines, but update the existing one
|
511
562
|
# not supported on solaris because it can't cope with a UUID device type
|