chef 16.13.16-universal-mingw32 → 17.0.242-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (614) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +9 -10
  3. data/README.md +1 -1
  4. data/Rakefile +2 -2
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +6 -8
  7. data/lib/chef/application/base.rb +1 -1
  8. data/lib/chef/applications.rb +0 -1
  9. data/lib/chef/chef_fs/command_line.rb +5 -2
  10. data/lib/chef/chef_fs/file_system.rb +9 -10
  11. data/lib/chef/client.rb +2 -2
  12. data/lib/chef/compliance/default_attributes.rb +4 -3
  13. data/lib/chef/compliance/fetcher/automate.rb +0 -7
  14. data/lib/chef/compliance/reporter/automate.rb +17 -7
  15. data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
  16. data/lib/chef/compliance/reporter/cli.rb +77 -0
  17. data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
  18. data/lib/chef/compliance/reporter/json_file.rb +8 -1
  19. data/lib/chef/compliance/runner.rb +65 -27
  20. data/lib/chef/cookbook/synchronizer.rb +3 -5
  21. data/lib/chef/cookbook_loader.rb +2 -4
  22. data/lib/chef/cookbook_uploader.rb +0 -1
  23. data/lib/chef/data_bag_item.rb +11 -2
  24. data/lib/chef/delayed_evaluator.rb +4 -0
  25. data/lib/chef/deprecated.rb +4 -0
  26. data/lib/chef/dsl/chef_vault.rb +6 -6
  27. data/lib/chef/dsl/reboot_pending.rb +1 -2
  28. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
  29. data/lib/chef/group.rb +75 -0
  30. data/lib/chef/mixin/get_source_from_package.rb +1 -1
  31. data/lib/chef/node/attribute.rb +6 -4
  32. data/lib/chef/node/immutable_collections.rb +13 -0
  33. data/lib/chef/node/mixin/deep_merge_cache.rb +11 -7
  34. data/lib/chef/org.rb +3 -2
  35. data/lib/chef/property.rb +18 -0
  36. data/lib/chef/provider.rb +1 -1
  37. data/lib/chef/provider/cron.rb +1 -1
  38. data/lib/chef/provider/execute.rb +2 -1
  39. data/lib/chef/provider/file.rb +1 -1
  40. data/lib/chef/provider/git.rb +5 -7
  41. data/lib/chef/provider/group/groupadd.rb +3 -3
  42. data/lib/chef/provider/group/groupmod.rb +3 -3
  43. data/lib/chef/provider/group/pw.rb +3 -3
  44. data/lib/chef/provider/ifconfig.rb +2 -2
  45. data/lib/chef/provider/link.rb +2 -2
  46. data/lib/chef/provider/mount.rb +5 -5
  47. data/lib/chef/provider/mount/aix.rb +3 -3
  48. data/lib/chef/provider/mount/mount.rb +5 -5
  49. data/lib/chef/provider/mount/windows.rb +1 -1
  50. data/lib/chef/provider/package.rb +17 -21
  51. data/lib/chef/provider/package/apt.rb +27 -1
  52. data/lib/chef/provider/package/deb.rb +3 -3
  53. data/lib/chef/provider/package/dnf/dnf_helper.py +1 -1
  54. data/lib/chef/provider/package/portage.rb +2 -2
  55. data/lib/chef/provider/package/rubygems.rb +11 -17
  56. data/lib/chef/provider/package/windows.rb +2 -4
  57. data/lib/chef/provider/package/yum/yum_helper.py +1 -1
  58. data/lib/chef/provider/route.rb +2 -2
  59. data/lib/chef/provider/service.rb +6 -6
  60. data/lib/chef/provider/service/aixinit.rb +1 -1
  61. data/lib/chef/provider/service/debian.rb +1 -1
  62. data/lib/chef/provider/service/freebsd.rb +15 -21
  63. data/lib/chef/provider/service/macosx.rb +4 -4
  64. data/lib/chef/provider/service/systemd.rb +43 -14
  65. data/lib/chef/provider/service/upstart.rb +2 -13
  66. data/lib/chef/provider/service/windows.rb +12 -12
  67. data/lib/chef/provider/subversion.rb +10 -12
  68. data/lib/chef/provider/systemd_unit.rb +36 -10
  69. data/lib/chef/provider/template/content.rb +2 -6
  70. data/lib/chef/provider/user.rb +2 -2
  71. data/lib/chef/provider/user/dscl.rb +1 -1
  72. data/lib/chef/provider/user/mac.rb +17 -20
  73. data/lib/chef/provider/user/pw.rb +1 -1
  74. data/lib/chef/provider/user/windows.rb +1 -1
  75. data/lib/chef/provider/zypper_repository.rb +2 -2
  76. data/lib/chef/providers.rb +0 -1
  77. data/lib/chef/resource/alternatives.rb +6 -6
  78. data/lib/chef/resource/apt_package.rb +1 -1
  79. data/lib/chef/resource/apt_preference.rb +2 -2
  80. data/lib/chef/resource/apt_repository.rb +6 -6
  81. data/lib/chef/resource/apt_update.rb +3 -2
  82. data/lib/chef/resource/archive_file.rb +2 -3
  83. data/lib/chef/resource/breakpoint.rb +1 -1
  84. data/lib/chef/resource/build_essential.rb +2 -6
  85. data/lib/chef/resource/chef_client_config.rb +2 -2
  86. data/lib/chef/resource/chef_client_cron.rb +4 -4
  87. data/lib/chef/resource/chef_client_launchd.rb +3 -3
  88. data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
  89. data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
  90. data/lib/chef/resource/chef_handler.rb +3 -7
  91. data/lib/chef/resource/chef_sleep.rb +1 -1
  92. data/lib/chef/resource/chef_vault_secret.rb +3 -8
  93. data/lib/chef/resource/chocolatey_config.rb +2 -6
  94. data/lib/chef/resource/chocolatey_feature.rb +2 -6
  95. data/lib/chef/resource/chocolatey_source.rb +4 -10
  96. data/lib/chef/resource/cron/_cron_shared.rb +2 -2
  97. data/lib/chef/resource/cron_access.rb +2 -4
  98. data/lib/chef/resource/dmg_package.rb +6 -10
  99. data/lib/chef/resource/dpkg_package.rb +1 -1
  100. data/lib/chef/resource/execute.rb +6 -1
  101. data/lib/chef/resource/file.rb +1 -1
  102. data/lib/chef/resource/group.rb +2 -2
  103. data/lib/chef/resource/homebrew_cask.rb +2 -6
  104. data/lib/chef/resource/homebrew_tap.rb +2 -6
  105. data/lib/chef/resource/hostname.rb +21 -17
  106. data/lib/chef/resource/http_request.rb +1 -1
  107. data/lib/chef/resource/kernel_module.rb +6 -17
  108. data/lib/chef/resource/locale.rb +2 -3
  109. data/lib/chef/resource/lwrp_base.rb +4 -0
  110. data/lib/chef/resource/macos_userdefaults.rb +10 -14
  111. data/lib/chef/resource/mdadm.rb +53 -7
  112. data/lib/chef/resource/mount.rb +2 -1
  113. data/lib/chef/resource/openssl_ec_private_key.rb +2 -2
  114. data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
  115. data/lib/chef/resource/openssl_x509_certificate.rb +2 -2
  116. data/lib/chef/resource/plist.rb +7 -7
  117. data/lib/chef/resource/powershell_script.rb +1 -1
  118. data/lib/chef/resource/remote_file.rb +1 -1
  119. data/lib/chef/resource/rhsm_errata.rb +16 -1
  120. data/lib/chef/resource/rhsm_errata_level.rb +10 -1
  121. data/lib/chef/resource/rhsm_register.rb +12 -6
  122. data/lib/chef/resource/rhsm_repo.rb +2 -6
  123. data/lib/chef/resource/rhsm_subscription.rb +2 -6
  124. data/lib/chef/resource/scm/git.rb +1 -1
  125. data/lib/chef/resource/sudo.rb +6 -6
  126. data/lib/chef/resource/sysctl.rb +2 -6
  127. data/lib/chef/resource/systemd_unit.rb +2 -2
  128. data/lib/chef/resource/template.rb +1 -1
  129. data/lib/chef/resource/timezone.rb +1 -3
  130. data/lib/chef/resource/user/mac_user.rb +1 -1
  131. data/lib/chef/resource/user_ulimit.rb +2 -2
  132. data/lib/chef/resource/windows_ad_join.rb +2 -6
  133. data/lib/chef/resource/windows_audit_policy.rb +1 -1
  134. data/lib/chef/resource/windows_auto_run.rb +2 -5
  135. data/lib/chef/resource/windows_certificate.rb +207 -73
  136. data/lib/chef/resource/windows_dfs_folder.rb +2 -6
  137. data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
  138. data/lib/chef/resource/windows_dfs_server.rb +1 -3
  139. data/lib/chef/resource/windows_dns_record.rb +2 -6
  140. data/lib/chef/resource/windows_dns_zone.rb +2 -6
  141. data/lib/chef/resource/windows_env.rb +5 -4
  142. data/lib/chef/resource/windows_feature.rb +3 -9
  143. data/lib/chef/resource/windows_feature_dism.rb +2 -6
  144. data/lib/chef/resource/windows_feature_powershell.rb +3 -3
  145. data/lib/chef/resource/windows_firewall_profile.rb +4 -4
  146. data/lib/chef/resource/windows_firewall_rule.rb +2 -5
  147. data/lib/chef/resource/windows_font.rb +2 -4
  148. data/lib/chef/resource/windows_pagefile.rb +2 -6
  149. data/lib/chef/resource/windows_path.rb +2 -2
  150. data/lib/chef/resource/windows_printer.rb +4 -4
  151. data/lib/chef/resource/windows_printer_port.rb +6 -6
  152. data/lib/chef/resource/windows_security_policy.rb +53 -40
  153. data/lib/chef/resource/windows_share.rb +14 -21
  154. data/lib/chef/resource/windows_shortcut.rb +4 -6
  155. data/lib/chef/resource/windows_task.rb +17 -5
  156. data/lib/chef/resource/windows_uac.rb +1 -1
  157. data/lib/chef/resource/windows_user_privilege.rb +4 -4
  158. data/lib/chef/resource/windows_workgroup.rb +1 -2
  159. data/lib/chef/resources.rb +0 -1
  160. data/lib/chef/user.rb +0 -1
  161. data/lib/chef/user_v1.rb +3 -4
  162. data/lib/chef/util/dsc/configuration_generator.rb +1 -0
  163. data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
  164. data/lib/chef/version.rb +1 -1
  165. data/lib/chef/win32/registry.rb +4 -2
  166. data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
  167. data/spec/data/lwrp/resources/bar.rb +2 -0
  168. data/spec/data/lwrp/resources/buck_passer.rb +1 -0
  169. data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
  170. data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
  171. data/spec/data/lwrp/resources/foo.rb +2 -0
  172. data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
  173. data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
  174. data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
  175. data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
  176. data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
  177. data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
  178. data/spec/data/lwrp_override/resources/foo.rb +1 -0
  179. data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
  180. data/spec/data/rubygems.org/sexp_processor-info +49 -0
  181. data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
  182. data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
  183. data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
  184. data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
  185. data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
  186. data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
  187. data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
  188. data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
  189. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  190. data/spec/functional/resource/aixinit_service_spec.rb +7 -7
  191. data/spec/functional/resource/apt_package_spec.rb +1 -1
  192. data/spec/functional/resource/chocolatey_package_spec.rb +13 -0
  193. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  194. data/spec/functional/resource/registry_spec.rb +8 -8
  195. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  196. data/spec/functional/resource/windows_certificate_spec.rb +92 -35
  197. data/spec/functional/version_spec.rb +1 -1
  198. data/spec/functional/win32/registry_spec.rb +1 -1
  199. data/spec/integration/client/client_spec.rb +5 -2
  200. data/spec/integration/client/exit_code_spec.rb +1 -1
  201. data/spec/integration/client/ipv6_spec.rb +1 -1
  202. data/spec/integration/compliance/compliance_spec.rb +1 -1
  203. data/spec/integration/ohai/ohai_spec.rb +7 -6
  204. data/spec/integration/recipes/accumulator_spec.rb +13 -1
  205. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
  206. data/spec/integration/recipes/lwrp_spec.rb +3 -1
  207. data/spec/integration/recipes/notifies_spec.rb +15 -1
  208. data/spec/integration/recipes/notifying_block_spec.rb +2 -1
  209. data/spec/integration/recipes/recipe_dsl_spec.rb +9 -9
  210. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  211. data/spec/integration/recipes/use_partial_spec.rb +4 -1
  212. data/spec/spec_helper.rb +10 -13
  213. data/spec/support/chef_helpers.rb +0 -16
  214. data/spec/support/lib/chef/resource/with_state.rb +0 -1
  215. data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
  216. data/spec/support/lib/chef/resource/zen_master.rb +0 -1
  217. data/spec/support/matchers/leak.rb +7 -9
  218. data/spec/support/platform_helpers.rb +1 -8
  219. data/spec/support/shared/integration/integration_helper.rb +0 -1
  220. data/spec/support/shared/unit/script_resource.rb +2 -2
  221. data/spec/unit/application/solo_spec.rb +2 -2
  222. data/spec/unit/chef_fs/diff_spec.rb +1 -1
  223. data/spec/unit/chef_fs/file_system_spec.rb +1 -1
  224. data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
  225. data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
  226. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
  227. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
  228. data/spec/unit/compliance/runner_spec.rb +30 -4
  229. data/spec/unit/data_bag_item_spec.rb +1 -6
  230. data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
  231. data/spec/unit/dsl/registry_helper_spec.rb +1 -1
  232. data/spec/unit/lwrp_spec.rb +1 -1
  233. data/spec/unit/mixin/params_validate_spec.rb +4 -3
  234. data/spec/unit/node/attribute_spec.rb +1 -1
  235. data/spec/unit/node_spec.rb +78 -0
  236. data/spec/unit/org_group_spec.rb +45 -0
  237. data/spec/unit/property_spec.rb +23 -22
  238. data/spec/unit/provider/cron_spec.rb +1 -1
  239. data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
  240. data/spec/unit/provider/group/groupmod_spec.rb +2 -2
  241. data/spec/unit/provider/group/pw_spec.rb +2 -2
  242. data/spec/unit/provider/group_spec.rb +1 -1
  243. data/spec/unit/provider/package/apt_spec.rb +84 -18
  244. data/spec/unit/provider/package/deb_spec.rb +3 -3
  245. data/spec/unit/provider/package/rubygems_spec.rb +21 -33
  246. data/spec/unit/provider/service/arch_service_spec.rb +1 -0
  247. data/spec/unit/provider/service/debian_service_spec.rb +1 -0
  248. data/spec/unit/provider/service/macosx_spec.rb +2 -2
  249. data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
  250. data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
  251. data/spec/unit/provider/service/windows_spec.rb +2 -2
  252. data/spec/unit/provider/subversion_spec.rb +2 -2
  253. data/spec/unit/provider/systemd_unit_spec.rb +79 -60
  254. data/spec/unit/provider/zypper_repository_spec.rb +2 -2
  255. data/spec/unit/provider_spec.rb +0 -8
  256. data/spec/unit/resource/powershell_script_spec.rb +2 -2
  257. data/spec/unit/resource/windows_task_spec.rb +1 -1
  258. data/spec/unit/user_spec.rb +1 -1
  259. data/spec/unit/user_v1_spec.rb +6 -4
  260. data/tasks/rspec.rb +16 -8
  261. metadata +19 -382
  262. data/bin/knife +0 -24
  263. data/lib/chef/application/knife.rb +0 -234
  264. data/lib/chef/application/windows_service.rb +0 -338
  265. data/lib/chef/application/windows_service_manager.rb +0 -205
  266. data/lib/chef/chef_fs/knife.rb +0 -160
  267. data/lib/chef/chef_fs/parallelizer.rb +0 -102
  268. data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
  269. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
  270. data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
  271. data/lib/chef/knife.rb +0 -665
  272. data/lib/chef/knife/acl_add.rb +0 -57
  273. data/lib/chef/knife/acl_base.rb +0 -183
  274. data/lib/chef/knife/acl_bulk_add.rb +0 -78
  275. data/lib/chef/knife/acl_bulk_remove.rb +0 -83
  276. data/lib/chef/knife/acl_remove.rb +0 -62
  277. data/lib/chef/knife/acl_show.rb +0 -56
  278. data/lib/chef/knife/bootstrap.rb +0 -1192
  279. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
  280. data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
  281. data/lib/chef/knife/bootstrap/templates/README.md +0 -11
  282. data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
  283. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
  284. data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
  285. data/lib/chef/knife/client_bulk_delete.rb +0 -104
  286. data/lib/chef/knife/client_create.rb +0 -101
  287. data/lib/chef/knife/client_delete.rb +0 -62
  288. data/lib/chef/knife/client_edit.rb +0 -52
  289. data/lib/chef/knife/client_key_create.rb +0 -73
  290. data/lib/chef/knife/client_key_delete.rb +0 -80
  291. data/lib/chef/knife/client_key_edit.rb +0 -83
  292. data/lib/chef/knife/client_key_list.rb +0 -73
  293. data/lib/chef/knife/client_key_show.rb +0 -80
  294. data/lib/chef/knife/client_list.rb +0 -41
  295. data/lib/chef/knife/client_reregister.rb +0 -58
  296. data/lib/chef/knife/client_show.rb +0 -48
  297. data/lib/chef/knife/config_get.rb +0 -39
  298. data/lib/chef/knife/config_get_profile.rb +0 -37
  299. data/lib/chef/knife/config_list.rb +0 -139
  300. data/lib/chef/knife/config_list_profiles.rb +0 -37
  301. data/lib/chef/knife/config_show.rb +0 -127
  302. data/lib/chef/knife/config_use.rb +0 -61
  303. data/lib/chef/knife/config_use_profile.rb +0 -47
  304. data/lib/chef/knife/configure.rb +0 -150
  305. data/lib/chef/knife/configure_client.rb +0 -48
  306. data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
  307. data/lib/chef/knife/cookbook_delete.rb +0 -151
  308. data/lib/chef/knife/cookbook_download.rb +0 -142
  309. data/lib/chef/knife/cookbook_list.rb +0 -47
  310. data/lib/chef/knife/cookbook_metadata.rb +0 -106
  311. data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
  312. data/lib/chef/knife/cookbook_show.rb +0 -98
  313. data/lib/chef/knife/cookbook_upload.rb +0 -292
  314. data/lib/chef/knife/core/bootstrap_context.rb +0 -264
  315. data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
  316. data/lib/chef/knife/core/formatting_options.rb +0 -49
  317. data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
  318. data/lib/chef/knife/core/generic_presenter.rb +0 -232
  319. data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
  320. data/lib/chef/knife/core/node_editor.rb +0 -130
  321. data/lib/chef/knife/core/node_presenter.rb +0 -133
  322. data/lib/chef/knife/core/object_loader.rb +0 -115
  323. data/lib/chef/knife/core/status_presenter.rb +0 -147
  324. data/lib/chef/knife/core/subcommand_loader.rb +0 -203
  325. data/lib/chef/knife/core/text_formatter.rb +0 -85
  326. data/lib/chef/knife/core/ui.rb +0 -338
  327. data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -406
  328. data/lib/chef/knife/data_bag_create.rb +0 -81
  329. data/lib/chef/knife/data_bag_delete.rb +0 -49
  330. data/lib/chef/knife/data_bag_edit.rb +0 -74
  331. data/lib/chef/knife/data_bag_from_file.rb +0 -113
  332. data/lib/chef/knife/data_bag_list.rb +0 -42
  333. data/lib/chef/knife/data_bag_secret_options.rb +0 -122
  334. data/lib/chef/knife/data_bag_show.rb +0 -69
  335. data/lib/chef/knife/delete.rb +0 -125
  336. data/lib/chef/knife/deps.rb +0 -156
  337. data/lib/chef/knife/diff.rb +0 -83
  338. data/lib/chef/knife/download.rb +0 -84
  339. data/lib/chef/knife/edit.rb +0 -88
  340. data/lib/chef/knife/environment_compare.rb +0 -128
  341. data/lib/chef/knife/environment_create.rb +0 -52
  342. data/lib/chef/knife/environment_delete.rb +0 -44
  343. data/lib/chef/knife/environment_edit.rb +0 -44
  344. data/lib/chef/knife/environment_from_file.rb +0 -84
  345. data/lib/chef/knife/environment_list.rb +0 -41
  346. data/lib/chef/knife/environment_show.rb +0 -47
  347. data/lib/chef/knife/exec.rb +0 -99
  348. data/lib/chef/knife/group_add.rb +0 -55
  349. data/lib/chef/knife/group_create.rb +0 -49
  350. data/lib/chef/knife/group_destroy.rb +0 -53
  351. data/lib/chef/knife/group_list.rb +0 -43
  352. data/lib/chef/knife/group_remove.rb +0 -56
  353. data/lib/chef/knife/group_show.rb +0 -49
  354. data/lib/chef/knife/key_create.rb +0 -112
  355. data/lib/chef/knife/key_create_base.rb +0 -50
  356. data/lib/chef/knife/key_delete.rb +0 -55
  357. data/lib/chef/knife/key_edit.rb +0 -118
  358. data/lib/chef/knife/key_edit_base.rb +0 -55
  359. data/lib/chef/knife/key_list.rb +0 -90
  360. data/lib/chef/knife/key_list_base.rb +0 -45
  361. data/lib/chef/knife/key_show.rb +0 -53
  362. data/lib/chef/knife/list.rb +0 -177
  363. data/lib/chef/knife/node_bulk_delete.rb +0 -75
  364. data/lib/chef/knife/node_create.rb +0 -47
  365. data/lib/chef/knife/node_delete.rb +0 -46
  366. data/lib/chef/knife/node_edit.rb +0 -70
  367. data/lib/chef/knife/node_environment_set.rb +0 -53
  368. data/lib/chef/knife/node_from_file.rb +0 -51
  369. data/lib/chef/knife/node_list.rb +0 -44
  370. data/lib/chef/knife/node_policy_set.rb +0 -79
  371. data/lib/chef/knife/node_run_list_add.rb +0 -104
  372. data/lib/chef/knife/node_run_list_remove.rb +0 -67
  373. data/lib/chef/knife/node_run_list_set.rb +0 -66
  374. data/lib/chef/knife/node_show.rb +0 -63
  375. data/lib/chef/knife/null.rb +0 -12
  376. data/lib/chef/knife/raw.rb +0 -123
  377. data/lib/chef/knife/recipe_list.rb +0 -32
  378. data/lib/chef/knife/rehash.rb +0 -50
  379. data/lib/chef/knife/role_bulk_delete.rb +0 -66
  380. data/lib/chef/knife/role_create.rb +0 -53
  381. data/lib/chef/knife/role_delete.rb +0 -46
  382. data/lib/chef/knife/role_edit.rb +0 -45
  383. data/lib/chef/knife/role_env_run_list_add.rb +0 -87
  384. data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
  385. data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
  386. data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
  387. data/lib/chef/knife/role_env_run_list_set.rb +0 -70
  388. data/lib/chef/knife/role_from_file.rb +0 -51
  389. data/lib/chef/knife/role_list.rb +0 -42
  390. data/lib/chef/knife/role_run_list_add.rb +0 -87
  391. data/lib/chef/knife/role_run_list_clear.rb +0 -55
  392. data/lib/chef/knife/role_run_list_remove.rb +0 -56
  393. data/lib/chef/knife/role_run_list_replace.rb +0 -60
  394. data/lib/chef/knife/role_run_list_set.rb +0 -69
  395. data/lib/chef/knife/role_show.rb +0 -48
  396. data/lib/chef/knife/search.rb +0 -194
  397. data/lib/chef/knife/serve.rb +0 -65
  398. data/lib/chef/knife/show.rb +0 -72
  399. data/lib/chef/knife/ssh.rb +0 -645
  400. data/lib/chef/knife/ssl_check.rb +0 -284
  401. data/lib/chef/knife/ssl_fetch.rb +0 -161
  402. data/lib/chef/knife/status.rb +0 -95
  403. data/lib/chef/knife/supermarket_download.rb +0 -121
  404. data/lib/chef/knife/supermarket_install.rb +0 -192
  405. data/lib/chef/knife/supermarket_list.rb +0 -76
  406. data/lib/chef/knife/supermarket_search.rb +0 -53
  407. data/lib/chef/knife/supermarket_share.rb +0 -166
  408. data/lib/chef/knife/supermarket_show.rb +0 -66
  409. data/lib/chef/knife/supermarket_unshare.rb +0 -61
  410. data/lib/chef/knife/tag_create.rb +0 -52
  411. data/lib/chef/knife/tag_delete.rb +0 -60
  412. data/lib/chef/knife/tag_list.rb +0 -47
  413. data/lib/chef/knife/upload.rb +0 -86
  414. data/lib/chef/knife/user_create.rb +0 -107
  415. data/lib/chef/knife/user_delete.rb +0 -44
  416. data/lib/chef/knife/user_dissociate.rb +0 -42
  417. data/lib/chef/knife/user_edit.rb +0 -52
  418. data/lib/chef/knife/user_invite_add.rb +0 -43
  419. data/lib/chef/knife/user_invite_list.rb +0 -34
  420. data/lib/chef/knife/user_invite_rescind.rb +0 -63
  421. data/lib/chef/knife/user_key_create.rb +0 -73
  422. data/lib/chef/knife/user_key_delete.rb +0 -80
  423. data/lib/chef/knife/user_key_edit.rb +0 -83
  424. data/lib/chef/knife/user_key_list.rb +0 -73
  425. data/lib/chef/knife/user_key_show.rb +0 -80
  426. data/lib/chef/knife/user_list.rb +0 -42
  427. data/lib/chef/knife/user_reregister.rb +0 -59
  428. data/lib/chef/knife/user_show.rb +0 -48
  429. data/lib/chef/knife/xargs.rb +0 -282
  430. data/lib/chef/knife/yaml_convert.rb +0 -91
  431. data/lib/chef/resource/user/dscl_user.rb +0 -35
  432. data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
  433. data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
  434. data/spec/data/knife_subcommand/test_explicit_category.rb +0 -7
  435. data/spec/data/knife_subcommand/test_name_mapping.rb +0 -4
  436. data/spec/data/knife_subcommand/test_yourself.rb +0 -21
  437. data/spec/functional/knife/configure_spec.rb +0 -33
  438. data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
  439. data/spec/functional/knife/exec_spec.rb +0 -55
  440. data/spec/functional/knife/rehash_spec.rb +0 -39
  441. data/spec/functional/knife/smoke_test.rb +0 -42
  442. data/spec/functional/knife/ssh_spec.rb +0 -352
  443. data/spec/functional/resource/user/dscl_spec.rb +0 -188
  444. data/spec/functional/resource/windows_service_spec.rb +0 -105
  445. data/spec/functional/win32/service_manager_spec.rb +0 -220
  446. data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
  447. data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
  448. data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
  449. data/spec/integration/knife/chefignore_spec.rb +0 -301
  450. data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
  451. data/spec/integration/knife/client_create_spec.rb +0 -70
  452. data/spec/integration/knife/client_delete_spec.rb +0 -64
  453. data/spec/integration/knife/client_key_create_spec.rb +0 -66
  454. data/spec/integration/knife/client_key_delete_spec.rb +0 -43
  455. data/spec/integration/knife/client_key_list_spec.rb +0 -61
  456. data/spec/integration/knife/client_key_show_spec.rb +0 -45
  457. data/spec/integration/knife/client_list_spec.rb +0 -49
  458. data/spec/integration/knife/client_show_spec.rb +0 -37
  459. data/spec/integration/knife/common_options_spec.rb +0 -174
  460. data/spec/integration/knife/config_list_spec.rb +0 -220
  461. data/spec/integration/knife/config_show_spec.rb +0 -192
  462. data/spec/integration/knife/config_use_spec.rb +0 -198
  463. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
  464. data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
  465. data/spec/integration/knife/cookbook_download_spec.rb +0 -72
  466. data/spec/integration/knife/cookbook_list_spec.rb +0 -55
  467. data/spec/integration/knife/cookbook_show_spec.rb +0 -149
  468. data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
  469. data/spec/integration/knife/data_bag_create_spec.rb +0 -125
  470. data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
  471. data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
  472. data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
  473. data/spec/integration/knife/data_bag_list_spec.rb +0 -44
  474. data/spec/integration/knife/data_bag_show_spec.rb +0 -95
  475. data/spec/integration/knife/delete_spec.rb +0 -1018
  476. data/spec/integration/knife/deps_spec.rb +0 -703
  477. data/spec/integration/knife/diff_spec.rb +0 -605
  478. data/spec/integration/knife/download_spec.rb +0 -1336
  479. data/spec/integration/knife/environment_compare_spec.rb +0 -75
  480. data/spec/integration/knife/environment_create_spec.rb +0 -41
  481. data/spec/integration/knife/environment_delete_spec.rb +0 -37
  482. data/spec/integration/knife/environment_from_file_spec.rb +0 -116
  483. data/spec/integration/knife/environment_list_spec.rb +0 -42
  484. data/spec/integration/knife/environment_show_spec.rb +0 -77
  485. data/spec/integration/knife/list_spec.rb +0 -1060
  486. data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
  487. data/spec/integration/knife/node_create_spec.rb +0 -47
  488. data/spec/integration/knife/node_delete_spec.rb +0 -48
  489. data/spec/integration/knife/node_environment_set_spec.rb +0 -46
  490. data/spec/integration/knife/node_from_file_spec.rb +0 -59
  491. data/spec/integration/knife/node_list_spec.rb +0 -45
  492. data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
  493. data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
  494. data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
  495. data/spec/integration/knife/node_show_spec.rb +0 -36
  496. data/spec/integration/knife/raw_spec.rb +0 -297
  497. data/spec/integration/knife/redirection_spec.rb +0 -64
  498. data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
  499. data/spec/integration/knife/role_create_spec.rb +0 -41
  500. data/spec/integration/knife/role_delete_spec.rb +0 -48
  501. data/spec/integration/knife/role_from_file_spec.rb +0 -96
  502. data/spec/integration/knife/role_list_spec.rb +0 -45
  503. data/spec/integration/knife/role_show_spec.rb +0 -51
  504. data/spec/integration/knife/search_node_spec.rb +0 -40
  505. data/spec/integration/knife/serve_spec.rb +0 -92
  506. data/spec/integration/knife/show_spec.rb +0 -197
  507. data/spec/integration/knife/upload_spec.rb +0 -1617
  508. data/spec/support/shared/functional/knife.rb +0 -37
  509. data/spec/support/shared/functional/win32_service.rb +0 -57
  510. data/spec/support/shared/integration/knife_support.rb +0 -192
  511. data/spec/support/shared/unit/knife_shared.rb +0 -39
  512. data/spec/unit/application/knife_spec.rb +0 -241
  513. data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
  514. data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
  515. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
  516. data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
  517. data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
  518. data/spec/unit/knife/bootstrap_spec.rb +0 -2220
  519. data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
  520. data/spec/unit/knife/client_create_spec.rb +0 -169
  521. data/spec/unit/knife/client_delete_spec.rb +0 -99
  522. data/spec/unit/knife/client_edit_spec.rb +0 -53
  523. data/spec/unit/knife/client_list_spec.rb +0 -34
  524. data/spec/unit/knife/client_reregister_spec.rb +0 -62
  525. data/spec/unit/knife/client_show_spec.rb +0 -52
  526. data/spec/unit/knife/configure_client_spec.rb +0 -81
  527. data/spec/unit/knife/configure_spec.rb +0 -190
  528. data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
  529. data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
  530. data/spec/unit/knife/cookbook_download_spec.rb +0 -255
  531. data/spec/unit/knife/cookbook_list_spec.rb +0 -88
  532. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
  533. data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
  534. data/spec/unit/knife/cookbook_show_spec.rb +0 -253
  535. data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
  536. data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
  537. data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
  538. data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
  539. data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
  540. data/spec/unit/knife/core/node_editor_spec.rb +0 -211
  541. data/spec/unit/knife/core/object_loader_spec.rb +0 -81
  542. data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
  543. data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
  544. data/spec/unit/knife/core/ui_spec.rb +0 -656
  545. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
  546. data/spec/unit/knife/data_bag_create_spec.rb +0 -175
  547. data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
  548. data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
  549. data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
  550. data/spec/unit/knife/data_bag_show_spec.rb +0 -139
  551. data/spec/unit/knife/environment_compare_spec.rb +0 -112
  552. data/spec/unit/knife/environment_create_spec.rb +0 -91
  553. data/spec/unit/knife/environment_delete_spec.rb +0 -71
  554. data/spec/unit/knife/environment_edit_spec.rb +0 -79
  555. data/spec/unit/knife/environment_from_file_spec.rb +0 -90
  556. data/spec/unit/knife/environment_list_spec.rb +0 -54
  557. data/spec/unit/knife/environment_show_spec.rb +0 -52
  558. data/spec/unit/knife/key_create_spec.rb +0 -223
  559. data/spec/unit/knife/key_delete_spec.rb +0 -133
  560. data/spec/unit/knife/key_edit_spec.rb +0 -264
  561. data/spec/unit/knife/key_helper.rb +0 -74
  562. data/spec/unit/knife/key_list_spec.rb +0 -216
  563. data/spec/unit/knife/key_show_spec.rb +0 -126
  564. data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
  565. data/spec/unit/knife/node_delete_spec.rb +0 -77
  566. data/spec/unit/knife/node_edit_spec.rb +0 -116
  567. data/spec/unit/knife/node_environment_set_spec.rb +0 -61
  568. data/spec/unit/knife/node_from_file_spec.rb +0 -59
  569. data/spec/unit/knife/node_list_spec.rb +0 -62
  570. data/spec/unit/knife/node_policy_set_spec.rb +0 -122
  571. data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
  572. data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
  573. data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
  574. data/spec/unit/knife/node_show_spec.rb +0 -65
  575. data/spec/unit/knife/raw_spec.rb +0 -43
  576. data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
  577. data/spec/unit/knife/role_create_spec.rb +0 -80
  578. data/spec/unit/knife/role_delete_spec.rb +0 -67
  579. data/spec/unit/knife/role_edit_spec.rb +0 -77
  580. data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
  581. data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
  582. data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
  583. data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
  584. data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
  585. data/spec/unit/knife/role_from_file_spec.rb +0 -69
  586. data/spec/unit/knife/role_list_spec.rb +0 -54
  587. data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
  588. data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
  589. data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
  590. data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
  591. data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
  592. data/spec/unit/knife/role_show_spec.rb +0 -59
  593. data/spec/unit/knife/ssh_spec.rb +0 -403
  594. data/spec/unit/knife/ssl_check_spec.rb +0 -256
  595. data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
  596. data/spec/unit/knife/status_spec.rb +0 -112
  597. data/spec/unit/knife/supermarket_download_spec.rb +0 -152
  598. data/spec/unit/knife/supermarket_install_spec.rb +0 -202
  599. data/spec/unit/knife/supermarket_list_spec.rb +0 -70
  600. data/spec/unit/knife/supermarket_search_spec.rb +0 -85
  601. data/spec/unit/knife/supermarket_share_spec.rb +0 -208
  602. data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
  603. data/spec/unit/knife/tag_create_spec.rb +0 -23
  604. data/spec/unit/knife/tag_delete_spec.rb +0 -25
  605. data/spec/unit/knife/tag_list_spec.rb +0 -23
  606. data/spec/unit/knife/user_create_spec.rb +0 -184
  607. data/spec/unit/knife/user_delete_spec.rb +0 -46
  608. data/spec/unit/knife/user_edit_spec.rb +0 -48
  609. data/spec/unit/knife/user_list_spec.rb +0 -36
  610. data/spec/unit/knife/user_reregister_spec.rb +0 -56
  611. data/spec/unit/knife/user_show_spec.rb +0 -46
  612. data/spec/unit/knife_spec.rb +0 -634
  613. data/spec/unit/provider/user/dscl_spec.rb +0 -699
  614. data/spec/unit/windows_service_spec.rb +0 -118
@@ -1,256 +0,0 @@
1
- #
2
- # Author:: Daniel DeLeo (<dan@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require "spec_helper"
20
- require "stringio"
21
-
22
- describe Chef::Knife::SslCheck do
23
-
24
- let(:name_args) { [] }
25
- let(:stdout_io) { StringIO.new }
26
- let(:stderr_io) { StringIO.new }
27
-
28
- def stderr
29
- stderr_io.string
30
- end
31
-
32
- def stdout
33
- stdout_io.string
34
- end
35
-
36
- subject(:ssl_check) do
37
- s = Chef::Knife::SslCheck.new
38
- allow(s.ui).to receive(:stdout).and_return(stdout_io)
39
- allow(s.ui).to receive(:stderr).and_return(stderr_io)
40
- s.name_args = name_args
41
- s
42
- end
43
-
44
- before do
45
- Chef::Config.chef_server_url = "https://example.com:8443/chef-server"
46
- end
47
-
48
- context "when no arguments are given" do
49
- it "uses the chef_server_url as the host to check" do
50
- expect(ssl_check.host).to eq("example.com")
51
- expect(ssl_check.port).to eq(8443)
52
- end
53
- end
54
-
55
- context "when a specific URI is given" do
56
- let(:name_args) { %w{https://example.test:10443/foo} }
57
-
58
- it "checks the SSL configuration against the given host" do
59
- expect(ssl_check.host).to eq("example.test")
60
- expect(ssl_check.port).to eq(10443)
61
- end
62
- end
63
-
64
- context "when an invalid URI is given" do
65
-
66
- let(:name_args) { %w{foo.test} }
67
-
68
- it "prints an error and exits" do
69
- expect { ssl_check.run }.to raise_error(SystemExit)
70
- expected_stdout = <<~E
71
- USAGE: knife ssl check [URL] (options)
72
- E
73
- expected_stderr = <<~E
74
- ERROR: Given URI: `foo.test' is invalid
75
- E
76
- expect(stdout_io.string).to eq(expected_stdout)
77
- expect(stderr_io.string).to eq(expected_stderr)
78
- end
79
-
80
- context "and its malformed enough to make URI.parse barf" do
81
-
82
- let(:name_args) { %w{ftp://lkj\\blah:example.com/blah} }
83
-
84
- it "prints an error and exits" do
85
- expect { ssl_check.run }.to raise_error(SystemExit)
86
- expected_stdout = <<~E
87
- USAGE: knife ssl check [URL] (options)
88
- E
89
- expected_stderr = <<~E
90
- ERROR: Given URI: `#{name_args[0]}' is invalid
91
- E
92
- expect(stdout_io.string).to eq(expected_stdout)
93
- expect(stderr_io.string).to eq(expected_stderr)
94
- end
95
- end
96
- end
97
-
98
- describe "verifying trusted certificate X509 properties" do
99
- let(:name_args) { %w{https://foo.example.com:8443} }
100
-
101
- let(:trusted_certs_dir) { File.join(CHEF_SPEC_DATA, "trusted_certs") }
102
- let(:trusted_cert_file) { File.join(trusted_certs_dir, "example.crt") }
103
-
104
- let(:store) { OpenSSL::X509::Store.new }
105
- let(:certificate) { OpenSSL::X509::Certificate.new(IO.read(trusted_cert_file)) }
106
-
107
- before do
108
- Chef::Config[:trusted_certs_dir] = trusted_certs_dir
109
- allow(ssl_check).to receive(:trusted_certificates).and_return([trusted_cert_file])
110
- allow(store).to receive(:add_cert).with(certificate)
111
- allow(OpenSSL::X509::Store).to receive(:new).and_return(store)
112
- allow(OpenSSL::X509::Certificate).to receive(:new).with(IO.read(trusted_cert_file)).and_return(certificate)
113
- allow(ssl_check).to receive(:verify_cert).and_return(true)
114
- allow(ssl_check).to receive(:verify_cert_host).and_return(true)
115
- end
116
-
117
- context "when the trusted certificates directory is not glob escaped", :windows_only do
118
- let(:trusted_certs_dir) { File.join(CHEF_SPEC_DATA.tr("/", "\\"), "trusted_certs") }
119
-
120
- before do
121
- allow(ssl_check).to receive(:trusted_certificates).and_call_original
122
- allow(store).to receive(:verify).with(certificate).and_return(true)
123
- end
124
-
125
- it "escpaes the trusted certificates directory" do
126
- expect(Dir).to receive(:glob)
127
- .with("#{ChefConfig::PathHelper.escape_glob_dir(trusted_certs_dir)}/*.{crt,pem}")
128
- .and_return([trusted_cert_file])
129
- ssl_check.run
130
- end
131
- end
132
-
133
- context "when the trusted certificates have valid X509 properties" do
134
- before do
135
- allow(store).to receive(:verify).with(certificate).and_return(true)
136
- end
137
-
138
- it "does not generate any X509 warnings" do
139
- expect(ssl_check.ui).not_to receive(:warn).with(/There are invalid certificates in your trusted_certs_dir/)
140
- ssl_check.run
141
- end
142
- end
143
-
144
- context "when the trusted certificates have invalid X509 properties" do
145
- before do
146
- allow(store).to receive(:verify).with(certificate).and_return(false)
147
- allow(store).to receive(:error_string).and_return("unable to get local issuer certificate")
148
- end
149
-
150
- it "generates a warning message with invalid certificate file names" do
151
- expect(ssl_check.ui).to receive(:warn).with(/#{trusted_cert_file}: unable to get local issuer certificate/)
152
- ssl_check.run
153
- end
154
- end
155
- end
156
-
157
- describe "verifying the remote certificate" do
158
- let(:name_args) { %w{https://foo.example.com:8443} }
159
-
160
- let(:tcp_socket) { double(TCPSocket) }
161
- let(:ssl_socket) { double(OpenSSL::SSL::SSLSocket) }
162
-
163
- before do
164
- expect(ssl_check).to receive(:proxified_socket).with("foo.example.com", 8443).and_return(tcp_socket)
165
- expect(OpenSSL::SSL::SSLSocket).to receive(:new).with(tcp_socket, ssl_check.verify_peer_ssl_context).and_return(ssl_socket)
166
- end
167
-
168
- def run
169
- ssl_check.run
170
- rescue Exception
171
- # puts "OUT: #{stdout_io.string}"
172
- # puts "ERR: #{stderr_io.string}"
173
- raise
174
- end
175
-
176
- context "when the remote host's certificate is valid" do
177
-
178
- before do
179
- expect(ssl_check).to receive(:verify_X509).and_return(true) # X509 valid certs (no warn)
180
- expect(ssl_socket).to receive(:connect) # no error
181
- expect(ssl_socket).to receive(:post_connection_check).with("foo.example.com") # no error
182
- expect(ssl_socket).to receive(:hostname=).with("foo.example.com") # no error
183
- end
184
-
185
- it "prints a success message" do
186
- ssl_check.run
187
- expect(stdout_io.string).to include("Successfully verified certificates from `foo.example.com'")
188
- end
189
- end
190
-
191
- describe "and the certificate is not valid" do
192
-
193
- let(:tcp_socket_for_debug) { double(TCPSocket) }
194
- let(:ssl_socket_for_debug) { double(OpenSSL::SSL::SSLSocket) }
195
-
196
- let(:self_signed_crt_path) { File.join(CHEF_SPEC_DATA, "trusted_certs", "example.crt") }
197
- let(:self_signed_crt) { OpenSSL::X509::Certificate.new(File.read(self_signed_crt_path)) }
198
-
199
- before do
200
- @old_signal = trap(:INT, "DEFAULT")
201
-
202
- expect(ssl_check).to receive(:proxified_socket)
203
- .with("foo.example.com", 8443)
204
- .and_return(tcp_socket_for_debug)
205
- expect(OpenSSL::SSL::SSLSocket).to receive(:new)
206
- .with(tcp_socket_for_debug, ssl_check.noverify_peer_ssl_context)
207
- .and_return(ssl_socket_for_debug)
208
- end
209
-
210
- after do
211
- trap(:INT, @old_signal)
212
- end
213
-
214
- context "when the certificate's CN does not match the hostname" do
215
- before do
216
- expect(ssl_check).to receive(:verify_X509).and_return(true) # X509 valid certs
217
- expect(ssl_socket).to receive(:connect) # no error
218
- expect(ssl_socket).to receive(:post_connection_check)
219
- .with("foo.example.com")
220
- .and_raise(OpenSSL::SSL::SSLError)
221
- expect(ssl_socket).to receive(:hostname=).with("foo.example.com") # no error
222
- expect(ssl_socket_for_debug).to receive(:connect)
223
- expect(ssl_socket_for_debug).to receive(:peer_cert).and_return(self_signed_crt)
224
- end
225
-
226
- it "shows the CN used by the certificate and prints an error" do
227
- expect { run }.to raise_error(SystemExit)
228
- expect(stderr).to include("The SSL cert is signed by a trusted authority but is not valid for the given hostname")
229
- expect(stderr).to include("You are attempting to connect to: 'foo.example.com'")
230
- expect(stderr).to include("The server's certificate belongs to 'example.local'")
231
- end
232
-
233
- end
234
-
235
- context "when the cert is not signed by any trusted authority" do
236
- before do
237
- expect(ssl_check).to receive(:verify_X509).and_return(true) # X509 valid certs
238
- expect(ssl_socket).to receive(:connect)
239
- .and_raise(OpenSSL::SSL::SSLError)
240
- expect(ssl_socket).to receive(:hostname=)
241
- .with("foo.example.com") # no error
242
- expect(ssl_socket_for_debug).to receive(:connect)
243
- expect(ssl_socket_for_debug).to receive(:peer_cert).and_return(self_signed_crt)
244
- end
245
-
246
- it "shows the CN used by the certificate and prints an error" do
247
- expect { run }.to raise_error(SystemExit)
248
- expect(stderr).to include("The SSL certificate of foo.example.com could not be verified")
249
- end
250
-
251
- end
252
- end
253
-
254
- end
255
-
256
- end
@@ -1,222 +0,0 @@
1
- #
2
- # Author:: Daniel DeLeo (<dan@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require "spec_helper"
20
- require "chef/knife/ssl_fetch"
21
-
22
- describe Chef::Knife::SslFetch do
23
-
24
- let(:name_args) { [] }
25
- let(:stdout_io) { StringIO.new }
26
- let(:stderr_io) { StringIO.new }
27
-
28
- def stderr
29
- stderr_io.string
30
- end
31
-
32
- def stdout
33
- stdout_io.string
34
- end
35
-
36
- subject(:ssl_fetch) do
37
- s = Chef::Knife::SslFetch.new
38
- s.name_args = name_args
39
- allow(s.ui).to receive(:stdout).and_return(stdout_io)
40
- allow(s.ui).to receive(:stderr).and_return(stderr_io)
41
- s
42
- end
43
-
44
- context "when no arguments are given" do
45
-
46
- before do
47
- Chef::Config.chef_server_url = "https://example.com:8443/chef-server"
48
- end
49
-
50
- it "uses the chef_server_url as the host to fetch" do
51
- expect(ssl_fetch.host).to eq("example.com")
52
- expect(ssl_fetch.port).to eq(8443)
53
- end
54
- end
55
-
56
- context "when a specific URI is given" do
57
- let(:name_args) { %w{https://example.test:10443/foo} }
58
-
59
- it "fetches the SSL configuration against the given host" do
60
- expect(ssl_fetch.host).to eq("example.test")
61
- expect(ssl_fetch.port).to eq(10443)
62
- end
63
- end
64
-
65
- context "when an invalid URI is given" do
66
-
67
- let(:name_args) { %w{foo.test} }
68
-
69
- it "prints an error and exits" do
70
- expect { ssl_fetch.run }.to raise_error(SystemExit)
71
- expected_stdout = <<~E
72
- USAGE: knife ssl fetch [URL] (options)
73
- E
74
- expected_stderr = <<~E
75
- ERROR: Given URI: `foo.test' is invalid
76
- E
77
- expect(stdout_io.string).to eq(expected_stdout)
78
- expect(stderr_io.string).to eq(expected_stderr)
79
- end
80
-
81
- context "and its malformed enough to make URI.parse barf" do
82
-
83
- let(:name_args) { %w{ftp://lkj\\blah:example.com/blah} }
84
-
85
- it "prints an error and exits" do
86
- expect { ssl_fetch.run }.to raise_error(SystemExit)
87
- expected_stdout = <<~E
88
- USAGE: knife ssl fetch [URL] (options)
89
- E
90
- expected_stderr = <<~E
91
- ERROR: Given URI: `#{name_args[0]}' is invalid
92
- E
93
- expect(stdout_io.string).to eq(expected_stdout)
94
- expect(stderr_io.string).to eq(expected_stderr)
95
- end
96
- end
97
- end
98
-
99
- describe "normalizing CNs for use as paths" do
100
-
101
- it "normalizes '*' to 'wildcard'" do
102
- expect(ssl_fetch.normalize_cn("*.example.com")).to eq("wildcard_example_com")
103
- end
104
-
105
- it "normalizes non-alnum and hyphen characters to underscores" do
106
- expect(ssl_fetch.normalize_cn("Billy-Bob's Super Awesome CA!")).to eq("Billy-Bob_s_Super_Awesome_CA_")
107
- end
108
-
109
- end
110
-
111
- describe "#cn_of" do
112
- let(:certificate) { double("Certificate", subject: subject) }
113
-
114
- describe "when the certificate has a common name" do
115
- let(:subject) { [["CN", "common name"]] }
116
- it "returns the common name" do
117
- expect(ssl_fetch.cn_of(certificate)).to eq("common name")
118
- end
119
- end
120
-
121
- describe "when the certificate does not have a common name" do
122
- let(:subject) { [] }
123
- it "returns nil" do
124
- expect(ssl_fetch.cn_of(certificate)).to eq(nil)
125
- end
126
- end
127
- end
128
-
129
- describe "fetching the remote cert chain" do
130
-
131
- let(:name_args) { %w{https://foo.example.com:8443} }
132
-
133
- let(:tcp_socket) { double(TCPSocket) }
134
- let(:ssl_socket) { double(OpenSSL::SSL::SSLSocket) }
135
-
136
- let(:self_signed_crt_path) { File.join(CHEF_SPEC_DATA, "trusted_certs", "example.crt") }
137
- let(:self_signed_crt) { OpenSSL::X509::Certificate.new(File.read(self_signed_crt_path)) }
138
-
139
- let(:trusted_certs_dir) { Dir.mktmpdir }
140
-
141
- def run
142
- ssl_fetch.run
143
- rescue Exception
144
- puts "OUT: #{stdout_io.string}"
145
- puts "ERR: #{stderr_io.string}"
146
- raise
147
- end
148
-
149
- before do
150
- Chef::Config.trusted_certs_dir = trusted_certs_dir
151
- end
152
-
153
- after do
154
- FileUtils.rm_rf(trusted_certs_dir)
155
- end
156
-
157
- context "when the TLS connection is successful" do
158
-
159
- before do
160
- expect(ssl_fetch).to receive(:proxified_socket).with("foo.example.com", 8443).and_return(tcp_socket)
161
- expect(OpenSSL::SSL::SSLSocket).to receive(:new).with(tcp_socket, ssl_fetch.noverify_peer_ssl_context).and_return(ssl_socket)
162
- expect(ssl_socket).to receive(:connect)
163
- expect(ssl_socket).to receive(:peer_cert_chain).and_return([self_signed_crt])
164
- end
165
-
166
- it "fetches the cert chain and writes the certs to the trusted_certs_dir" do
167
- run
168
- stored_cert_path = File.join(trusted_certs_dir, "example_local.crt")
169
- expect(File).to exist(stored_cert_path)
170
- expect(File.read(stored_cert_path)).to eq(File.read(self_signed_crt_path))
171
- end
172
-
173
- end
174
-
175
- context "when connecting to a non-SSL service (like HTTP)" do
176
-
177
- let(:name_args) { %w{http://foo.example.com} }
178
-
179
- let(:unknown_protocol_error) { OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol") }
180
-
181
- before do
182
- expect(ssl_fetch).to receive(:proxified_socket).with("foo.example.com", 80).and_return(tcp_socket)
183
- expect(OpenSSL::SSL::SSLSocket).to receive(:new).with(tcp_socket, ssl_fetch.noverify_peer_ssl_context).and_return(ssl_socket)
184
- expect(ssl_socket).to receive(:connect).and_raise(unknown_protocol_error)
185
-
186
- expect(ssl_fetch).to receive(:exit).with(1)
187
- end
188
-
189
- it "tells the user their URL is for a non-ssl service" do
190
- expected_error_text = <<~ERROR_TEXT
191
- ERROR: The service at the given URI (http://foo.example.com) does not accept SSL connections
192
- ERROR: Perhaps you meant to connect to 'https://foo.example.com'?
193
- ERROR_TEXT
194
-
195
- run
196
- expect(stderr).to include(expected_error_text)
197
- end
198
-
199
- end
200
-
201
- describe "when the certificate does not have a CN" do
202
- let(:self_signed_crt_path) { File.join(CHEF_SPEC_DATA, "trusted_certs", "example_no_cn.crt") }
203
- let(:self_signed_crt) { OpenSSL::X509::Certificate.new(File.read(self_signed_crt_path)) }
204
-
205
- before do
206
- expect(ssl_fetch).to receive(:proxified_socket).with("foo.example.com", 8443).and_return(tcp_socket)
207
- expect(OpenSSL::SSL::SSLSocket).to receive(:new).with(tcp_socket, ssl_fetch.noverify_peer_ssl_context).and_return(ssl_socket)
208
- expect(ssl_socket).to receive(:connect)
209
- expect(ssl_socket).to receive(:peer_cert_chain).and_return([self_signed_crt])
210
- expect(Time).to receive(:new).and_return(1)
211
- end
212
-
213
- it "fetches the certificate and writes it to a file in the trusted_certs_dir" do
214
- run
215
- stored_cert_path = File.join(trusted_certs_dir, "foo.example.com_1.crt")
216
- expect(File).to exist(stored_cert_path)
217
- expect(File.read(stored_cert_path)).to eq(File.read(self_signed_crt_path))
218
- end
219
- end
220
-
221
- end
222
- end