chef 16.4.35 → 16.6.14

data/spec/spec_helper.rb

@@ -68,7 +68,7 @@ end
 
 # If you want to load anything into the testing environment
 # without versioning it, add it to spec/support/local_gems.rb
-require "spec/support/local_gems.rb" if File.exist?(File.join(File.dirname(__FILE__), "support", "local_gems.rb"))
+require "spec/support/local_gems" if File.exist?(File.join(File.dirname(__FILE__), "support", "local_gems.rb"))
 
 # Explicitly require spec helpers that need to load first
 require "spec/support/platform_helpers"
@@ -141,9 +141,10 @@ RSpec.configure do |config|
 
   config.filter_run_excluding windows_only: true unless windows?
   config.filter_run_excluding not_supported_on_windows: true if windows?
-  config.filter_run_excluding not_supported_on_macos: true if mac_osx?
-  config.filter_run_excluding macos_only: true unless mac_osx?
-  config.filter_run_excluding macos_1014: true unless mac_osx_1014?
+  config.filter_run_excluding not_supported_on_macos: true if macos?
+  config.filter_run_excluding macos_only: true unless macos?
+  config.filter_run_excluding macos_1013: true unless macos_1013?
+  config.filter_run_excluding macos_gte_1014: true unless macos_gte_1014?
   config.filter_run_excluding not_supported_on_aix: true if aix?
   config.filter_run_excluding not_supported_on_solaris: true if solaris?
   config.filter_run_excluding not_supported_on_gce: true if gce?
@@ -199,6 +200,7 @@ RSpec.configure do |config|
   # check for particular binaries we need
   config.filter_run_excluding choco_installed: true unless choco_installed?
   config.filter_run_excluding requires_ifconfig: true unless ifconfig?
+  config.filter_run_excluding pwsh_installed: true unless pwsh_installed?
 
   running_platform_arch = `uname -m`.strip unless windows?
 
@@ -242,6 +244,8 @@ RSpec.configure do |config|
 
     Chef::Log.setup!
 
+    Chef::ServerAPIVersions.instance.reset!
+
     Chef::Config[:log_level] = :fatal
     Chef::Log.level(Chef::Config[:log_level])
 
@@ -306,8 +310,6 @@ RSpec.configure do |config|
 end
 
 require "webrick/utils"
-require "thread"
-
 #    Webrick uses a centralized/synchronized timeout manager. It works by
 #    starting a thread to check for timeouts on an interval. The timeout
 #    checker thread cannot be stopped or canceled in any easy way, and it

data/spec/stress/win32/file_spec.rb

@@ -21,7 +21,7 @@ require "chef/win32/file" if windows?
 
 describe "Chef::ReservedNames::Win32::File", :windows_only do
   before(:each) do
-    @path = File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "data", "old_home_dir", "my-dot-emacs"))
+    @path = File.expand_path(File.join(__dir__, "..", "..", "data", "old_home_dir", "my-dot-emacs"))
   end
 
   it "should not leak significant memory", :volatile do

data/spec/support/chef_helpers.rb

@@ -14,8 +14,8 @@
 # limitations under the License.
 #
 
-CHEF_SPEC_DATA = File.expand_path(File.dirname(__FILE__) + "/../data/")
-CHEF_SPEC_ASSETS = File.expand_path(File.dirname(__FILE__) + "/../functional/assets/")
+CHEF_SPEC_DATA = File.expand_path(__dir__ + "/../data/")
+CHEF_SPEC_ASSETS = File.expand_path(__dir__ + "/../functional/assets/")
 CHEF_SPEC_BACKUP_PATH = File.join(Dir.tmpdir, "test-backup-path")
 
 def sha256_checksum(path)

data/spec/support/matchers/leak.rb

@@ -61,10 +61,10 @@ module Matchers
     def profiler
       @profiler ||= begin
         if ChefUtils.windows?
-          require File.join(File.dirname(__FILE__), "..", "platforms", "prof", "win32")
+          require File.join(__dir__, "..", "platforms", "prof", "win32")
           RSpec::Prof::Win32::Profiler.new
         else
-          require File.join(File.dirname(__FILE__), "..", "prof", "gc")
+          require File.join(__dir__, "..", "prof", "gc")
           RSpec::Prof::GC::Profiler.new
         end
       end

data/spec/support/platform_helpers.rb

@@ -3,7 +3,6 @@ require "chef/mixin/shell_out"
 require "ohai/mixin/http_helper"
 require "ohai/mixin/gce_metadata"
 require "chef/mixin/powershell_out"
-require "chef/version_class"
 
 class ShellHelpers
   extend Chef::Mixin::ShellOut
@@ -27,11 +26,11 @@ class DependencyProc < Proc
 end
 
 def ruby_64bit?
-  !!(RbConfig::CONFIG["host_cpu"] =~ /x86_64/)
+  RbConfig::CONFIG["host_cpu"].include?("x86_64")
 end
 
 def ruby_32bit?
-  !!(RbConfig::CONFIG["host_cpu"] =~ /i686/)
+  RbConfig::CONFIG["host_cpu"].include?("i686")
 end
 
 def windows?
@@ -58,17 +57,17 @@ end
 def windows_2012r2?
   return false unless windows?
 
-  (host_version && host_version.start_with?("6.3"))
+  (win32_os_version && win32_os_version.start_with?("6.3"))
 end
 
 def windows_gte_10?
   return false unless windows?
 
-  Gem::Requirement.new(">= 10").satisfied_by?(Gem::Version.new(host_version))
+  Gem::Requirement.new(">= 10").satisfied_by?(Gem::Version.new(win32_os_version))
 end
 
-def host_version
-  @host_version ||= begin
+def win32_os_version
+  @win32_os_version ||= begin
     wmi = WmiLite::Wmi.new
     host = wmi.first_of("Win32_OperatingSystem")
     host["version"]
@@ -95,26 +94,12 @@ def windows_user_right?(right)
   Chef::ReservedNames::Win32::Security.get_account_right(ENV["USERNAME"]).include?(right)
 end
 
-def mac_osx_1014?
-  if mac_osx?
-    ver = Chef::Version.new(ohai[:platform_version])
-    return ver.major == 10 && ver.minor == 14
-  end
-
-  false
+def macos_1013?
+  macos? && Gem::Requirement.new("~> 10.13.0").satisfied_by?(Gem::Version.new(ohai[:platform_version]))
 end
 
-def mac_osx?
-  if File.exist? "/usr/bin/sw_vers"
-    result = ShellHelpers.shell_out("/usr/bin/sw_vers")
-    result.stdout.each_line do |line|
-      if /^ProductName:\sMac OS X.*$/.match?(line)
-        return true
-      end
-    end
-  end
-
-  false
+def macos_gte_1014?
+  macos? && Gem::Requirement.new(">= 10.14").satisfied_by?(Gem::Version.new(ohai[:platform_version]))
 end
 
 # detects if the hardware is 64-bit (evaluates to true in "WOW64" mode in a 32-bit app on a 64-bit system)
@@ -127,26 +112,24 @@ def windows32?
   windows? && !windows64?
 end
 
-# def jruby?
-
 def unix?
   !windows?
 end
 
 def linux?
-  RUBY_PLATFORM.match?(/linux/)
+  RUBY_PLATFORM.include?("linux")
 end
 
 def macos?
-  RUBY_PLATFORM.match?(/darwin/)
+  RUBY_PLATFORM.include?("darwin")
 end
 
 def solaris?
-  RUBY_PLATFORM.match?(/solaris/)
+  RUBY_PLATFORM.include?("solaris")
 end
 
 def freebsd?
-  RUBY_PLATFORM.match?(/freebsd/)
+  RUBY_PLATFORM.include?("freebsd")
 end
 
 def intel_64bit?
@@ -182,7 +165,7 @@ def debian_family?
 end
 
 def aix?
-  RUBY_PLATFORM.match?(/aix/)
+  RUBY_PLATFORM.include?("aix")
 end
 
 def wpar?
@@ -216,8 +199,7 @@ def selinux_enabled?
 end
 
 def suse?
-  ::File.exist?("/etc/SuSE-release") ||
-    ( ::File.exist?("/etc/os-release") && /sles|suse/.match?(File.read("/etc/os-release")) )
+  !!(ohai[:platform_family] == "suse")
 end
 
 def root?
@@ -261,5 +243,10 @@ end
 
 def choco_installed?
   result = ShellHelpers.powershell_out("choco --version")
-  result.stderr.empty? ? true : false
+  result.stderr.empty?
+end
+
+def pwsh_installed?
+  result = ShellHelpers.powershell_out("pwsh.exe --version")
+  result.stderr.empty?
 end

data/spec/support/shared/functional/securable_resource.rb

@@ -242,48 +242,100 @@ shared_examples_for "a securable resource with existing target" do
     include_context "use Windows permissions"
 
     describe "when setting owner" do
-      before do
-        resource.owner(SID.admin_account_name)
-        resource.run_action(:create)
-      end
+      context "with user name" do
+        before do
+          resource.owner(SID.admin_account_name)
+          resource.run_action(:create)
+        end
 
-      it "should set the owner" do
-        expect(descriptor.owner).to eq(SID.Administrator)
+        it "should set the owner" do
+          expect(descriptor.owner).to eq(SID.Administrator)
+        end
+
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
 
-      it "is marked as updated only if changes are made" do
-        expect(resource.updated_by_last_action?).to eq(expect_updated?)
+      context "with SID" do
+        before do
+          resource.owner(SID.Administrator.to_s)
+          resource.run_action(:create)
+        end
+
+        it "should set the owner" do
+          expect(descriptor.owner).to eq(SID.Administrator)
+        end
+
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
     end
 
     describe "when setting group" do
-      before do
-        resource.group("Administrators")
-        resource.run_action(:create)
-      end
+      context "with group name" do
+        before do
+          resource.group("Administrators")
+          resource.run_action(:create)
+        end
+
+        it "should set the group" do
+          expect(descriptor.group).to eq(SID.Administrators)
+        end
 
-      it "should set the group" do
-        expect(descriptor.group).to eq(SID.Administrators)
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
 
-      it "is marked as updated only if changes are made" do
-        expect(resource.updated_by_last_action?).to eq(expect_updated?)
+      context "with group SID" do
+        before do
+          resource.group(SID.Administrators.to_s)
+          resource.run_action(:create)
+        end
+
+        it "should set the group" do
+          expect(descriptor.group).to eq(SID.Administrators)
+        end
+
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
     end
 
     describe "when setting rights and deny_rights" do
-      before do
-        resource.deny_rights(:modify, "Guest")
-        resource.rights(:read, "Guest")
-        resource.run_action(:create)
-      end
+      context "with user name" do
+        before do
+          resource.deny_rights(:modify, "Guest")
+          resource.rights(:read, "Guest")
+          resource.run_action(:create)
+        end
 
-      it "should set the rights and deny_rights" do
-        expect(explicit_aces).to eq(denied_acl(SID.Guest, expected_modify_perms) + allowed_acl(SID.Guest, expected_read_perms))
+        it "should set the rights and deny_rights" do
+          expect(explicit_aces).to eq(denied_acl(SID.Guest, expected_modify_perms) + allowed_acl(SID.Guest, expected_read_perms))
+        end
+
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
 
-      it "is marked as updated only if changes are made" do
-        expect(resource.updated_by_last_action?).to eq(expect_updated?)
+      context "with SID" do
+        before do
+          resource.deny_rights(:modify, SID.Guest.to_s)
+          resource.rights(:read, SID.Guest.to_s)
+          resource.run_action(:create)
+        end
+
+        it "should set the rights and deny_rights" do
+          expect(explicit_aces).to eq(denied_acl(SID.Guest, expected_modify_perms) + allowed_acl(SID.Guest, expected_read_perms))
+        end
+
+        it "is marked as updated only if changes are made" do
+          expect(resource.updated_by_last_action?).to eq(expect_updated?)
+        end
       end
     end
   end
@@ -302,12 +354,18 @@ shared_examples_for "a securable resource without existing target" do
       expect(descriptor.owner).to eq(SID.default_security_object_owner)
     end
 
-    it "sets owner when owner is specified" do
+    it "sets owner when owner is specified by name" do
       resource.owner "Guest"
       resource.run_action(:create)
       expect(descriptor.owner).to eq(SID.Guest)
     end
 
+    it "sets owner when owner is specified by SID" do
+      resource.owner SID.Guest.to_s
+      resource.run_action(:create)
+      expect(descriptor.owner).to eq(SID.Guest)
+    end
+
     it "fails to set owner when owner has invalid characters" do
       expect { resource.owner 'Lance "The Nose" Glindenberry III' }.to raise_error(Chef::Exceptions::ValidationFailed)
     end
@@ -339,12 +397,18 @@ shared_examples_for "a securable resource without existing target" do
       expect(descriptor.group).to eq(SID.default_security_object_group)
     end
 
-    it "sets group when group is specified" do
+    it "sets group when group is specified by name" do
       resource.group "Everyone"
       resource.run_action(:create)
       expect(descriptor.group).to eq(SID.Everyone)
     end
 
+    it "sets group when group is specified by SID" do
+      resource.group SID.Everyone.to_s
+      resource.run_action(:create)
+      expect(descriptor.group).to eq(SID.Everyone)
+    end
+
     it "fails to set group when group has invalid characters" do
       expect { resource.group 'Lance "The Nose" Glindenberry III' }.to raise_error(Chef::Exceptions::ValidationFailed)
     end
@@ -406,6 +470,17 @@ shared_examples_for "a securable resource without existing target" do
             allowed_acl(SID.Guest, expected_modify_perms)
           )
         end
+
+        it "multiple rights with SID" do
+          resource.rights(:read, SID.Everyone.to_s)
+          resource.rights(:modify, SID.Guest.to_s)
+          resource.run_action(:create)
+
+          expect(explicit_aces).to eq(
+            allowed_acl(SID.Everyone, expected_read_perms) +
+            allowed_acl(SID.Guest, expected_modify_perms)
+          )
+        end
       end
     end
 
@@ -443,6 +518,12 @@ shared_examples_for "a securable resource without existing target" do
           expect(explicit_aces).to eq(denied_acl(SID.Guest, expected_full_control_perms))
         end
 
+        it "using SID" do
+          resource.deny_rights(:full_control, SID.Guest.to_s)
+          resource.run_action(:create)
+          expect(explicit_aces).to eq(denied_acl(SID.Guest, expected_full_control_perms))
+        end
+
         it "deny_rights ahead of rights" do
           resource.rights(:read, "Everyone")
           resource.deny_rights(:modify, "Guest")

data/spec/support/shared/functional/win32_service.rb

@@ -42,7 +42,7 @@ shared_context "using Win32::Service" do
       service_name: "spec-service",
       service_display_name: "Spec Test Service",
       service_description: "Service for testing Chef::Application::WindowsServiceManager.",
-      service_file_path: File.expand_path(File.join(File.dirname(__FILE__), "../../platforms/win32/spec_service.rb")),
+      service_file_path: File.expand_path(File.join(__dir__, "../../platforms/win32/spec_service.rb")),
       delayed_start: true,
     }
   end

data/spec/support/shared/unit/application_dot_d.rb

@@ -33,14 +33,16 @@ shared_examples_for "an application that loads a dot d" do
     # make sure that we are correctly globbing.
     let(:client_d_dir) do
       Chef::Util::PathHelper.cleanpath(
-        File.join(File.dirname(__FILE__), "../../../data/client.d_00")
+        File.join(__dir__, "../../../data/client.d_00")
       )
     end
 
     it "loads the configuration in order" do
+      etc_chef_client_rb = Chef::Config.platform_specific_path("#{ChefConfig::Config.etc_chef_dir}/client.rb")
       expect(IO).to receive(:read).with(Pathname.new("#{client_d_dir}/00-foo.rb").cleanpath.to_s).and_return("foo 0")
       expect(IO).to receive(:read).with(Pathname.new("#{client_d_dir}/01-bar.rb").cleanpath.to_s).and_return("bar 0")
       expect(IO).to receive(:read).with(Pathname.new("#{client_d_dir}/02-strings.rb").cleanpath.to_s).and_return("strings 0")
+      allow(app).to receive(:apply_config).with("", etc_chef_client_rb) # for chef-client managed nodes running this spec
       expect(app).to receive(:apply_config).with("foo 0", Pathname.new("#{client_d_dir}/00-foo.rb").cleanpath.to_s).and_call_original.ordered
       expect(app).to receive(:apply_config).with("bar 0", Pathname.new("#{client_d_dir}/01-bar.rb").cleanpath.to_s).and_call_original.ordered
       expect(app).to receive(:apply_config).with("strings 0", Pathname.new("#{client_d_dir}/02-strings.rb").cleanpath.to_s).and_call_original.ordered
@@ -51,7 +53,7 @@ shared_examples_for "an application that loads a dot d" do
   context "when client_d_dir is set to a directory without configuration" do
     let(:client_d_dir) do
       Chef::Util::PathHelper.cleanpath(
-        File.join(File.dirname(__FILE__), "../../data/client.d_01")
+        File.join(__dir__, "../../data/client.d_01")
       )
     end
 
@@ -69,7 +71,7 @@ shared_examples_for "an application that loads a dot d" do
     # foo.rb as a directory should be ignored
     let(:client_d_dir) do
       Chef::Util::PathHelper.cleanpath(
-        File.join(File.dirname(__FILE__), "../../data/client.d_02")
+        File.join(__dir__, "../../data/client.d_02")
       )
     end