chef 16.8.14-universal-mingw32 → 16.9.16-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -3
  3. data/README.md +1 -1
  4. data/chef.gemspec +10 -1
  5. data/lib/chef/compliance/default_attributes.rb +5 -1
  6. data/lib/chef/compliance/fetcher/automate.rb +2 -2
  7. data/lib/chef/compliance/fetcher/chef_server.rb +2 -2
  8. data/lib/chef/compliance/reporter/automate.rb +1 -2
  9. data/lib/chef/compliance/reporter/chef_server_automate.rb +2 -2
  10. data/lib/chef/compliance/runner.rb +7 -2
  11. data/lib/chef/http/ssl_policies.rb +27 -14
  12. data/lib/chef/knife/core/formatting_options.rb +49 -0
  13. data/lib/chef/knife/core/node_presenter.rb +0 -25
  14. data/lib/chef/knife/core/status_presenter.rb +1 -26
  15. data/lib/chef/knife/core/windows_bootstrap_context.rb +1 -1
  16. data/lib/chef/knife/node_show.rb +2 -1
  17. data/lib/chef/knife/search.rb +2 -1
  18. data/lib/chef/knife/status.rb +8 -11
  19. data/lib/chef/policy_builder/policyfile.rb +1 -1
  20. data/lib/chef/provider/package.rb +53 -19
  21. data/lib/chef/provider/package/dnf.rb +39 -12
  22. data/lib/chef/provider/package/dnf/dnf_helper.py +18 -5
  23. data/lib/chef/provider/package/dnf/python_helper.rb +6 -6
  24. data/lib/chef/provider/yum_repository.rb +2 -2
  25. data/lib/chef/resource/chef_gem.rb +2 -2
  26. data/lib/chef/resource/cron/cron_d.rb +1 -0
  27. data/lib/chef/resource/file.rb +1 -1
  28. data/lib/chef/resource/gem_package.rb +2 -2
  29. data/lib/chef/resource/homebrew_cask.rb +3 -3
  30. data/lib/chef/resource/http_request.rb +1 -1
  31. data/lib/chef/resource/locale.rb +1 -1
  32. data/lib/chef/resource/mdadm.rb +2 -2
  33. data/lib/chef/resource/osx_profile.rb +7 -7
  34. data/lib/chef/resource/remote_directory.rb +1 -1
  35. data/lib/chef/resource/ruby.rb +1 -5
  36. data/lib/chef/resource/ruby_block.rb +1 -1
  37. data/lib/chef/resource/user/windows_user.rb +5 -0
  38. data/lib/chef/resource/windows_certificate.rb +2 -12
  39. data/lib/chef/resource/yum_repository.rb +5 -0
  40. data/lib/chef/version.rb +1 -1
  41. data/spec/data/rubygems.org/latest_specs.4.8.gz +0 -0
  42. data/spec/data/rubygems.org/nonexistent_gem +0 -0
  43. data/spec/data/rubygems.org/sexp_processor +0 -0
  44. data/spec/data/rubygems.org/sexp_processor-4.15.1.gemspec.rz +0 -0
  45. data/spec/data/ssl/binary/chef-rspec-der.cert +0 -0
  46. data/spec/data/ssl/binary/chef-rspec-der.key +0 -0
  47. data/spec/functional/resource/dnf_package_spec.rb +319 -16
  48. data/spec/functional/resource/windows_certificate_spec.rb +204 -384
  49. data/spec/unit/compliance/runner_spec.rb +28 -0
  50. data/spec/unit/http/ssl_policies_spec.rb +106 -78
  51. data/spec/unit/knife/bootstrap_spec.rb +5 -17
  52. data/spec/unit/knife/core/status_presenter_spec.rb +54 -0
  53. data/spec/unit/mixin/openssl_helper_spec.rb +0 -7
  54. data/spec/unit/provider/package/rubygems_spec.rb +39 -7
  55. data/spec/unit/resource/user/windows_user_spec.rb +36 -0
  56. metadata +24 -12
  57. data/spec/data/trusted_certs_empty/.gitkeep +0 -0
  58. data/spec/data/trusted_certs_empty/README.md +0 -1
  59. data/spec/scripts/ssl-serve.rb +0 -47
@@ -137,4 +137,32 @@ describe Chef::Compliance::Runner do
137
137
  expect { runner.reporter("tacos") }.to raise_error(/'tacos' is not a supported reporter for Compliance Phase/)
138
138
  end
139
139
  end
140
+
141
+ describe "#inspec_opts" do
142
+ it "does not include chef_node in inputs by default" do
143
+ node.normal["audit"]["attributes"] = {
144
+ "tacos" => "lunch",
145
+ "nachos" => "dinner",
146
+ }
147
+
148
+ inputs = runner.inspec_opts[:inputs]
149
+
150
+ expect(inputs["tacos"]).to eq("lunch")
151
+ expect(inputs.key?("chef_node")).to eq(false)
152
+ end
153
+
154
+ it "includes chef_node in inputs with chef_node_attribute_enabled set" do
155
+ node.normal["audit"]["chef_node_attribute_enabled"] = true
156
+ node.normal["audit"]["attributes"] = {
157
+ "tacos" => "lunch",
158
+ "nachos" => "dinner",
159
+ }
160
+
161
+ inputs = runner.inspec_opts[:inputs]
162
+
163
+ expect(inputs["tacos"]).to eq("lunch")
164
+ expect(inputs["chef_node"]["audit"]["reporter"]).to eq("json-file")
165
+ expect(inputs["chef_node"]["chef_environment"]).to eq("_default")
166
+ end
167
+ end
140
168
  end
@@ -29,91 +29,83 @@ describe "HTTP SSL Policy" do
29
29
  ENV["SSL_CERT_FILE"] = nil
30
30
  end
31
31
 
32
- let(:unconfigured_http_client) { Net::HTTP.new("example.com", 443) }
33
32
  let(:http_client) do
34
- unconfigured_http_client.use_ssl = true
35
- ssl_policy.apply
36
- unconfigured_http_client
33
+ ssl_policy_class.apply_to(Net::HTTP.new("example.com"))
37
34
  end
38
35
 
39
36
  describe Chef::HTTP::DefaultSSLPolicy do
40
37
 
41
- let(:ssl_policy) { Chef::HTTP::DefaultSSLPolicy.new(unconfigured_http_client) }
38
+ let(:ssl_policy_class) { Chef::HTTP::DefaultSSLPolicy }
42
39
 
43
- describe "when configured with :ssl_verify_mode set to :verify peer" do
44
- before do
45
- Chef::Config[:ssl_verify_mode] = :verify_peer
46
- end
47
-
48
- it "configures the HTTP client to use SSL when given a URL with the https protocol" do
49
- expect(http_client.use_ssl?).to be_truthy
50
- end
51
-
52
- it "sets the OpenSSL verify mode to verify_peer" do
53
- expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
54
- end
55
-
56
- it "raises a ConfigurationError if :ssl_ca_path is set to a path that doesn't exist" do
57
- Chef::Config[:ssl_ca_path] = "/dev/null/nothing_here"
58
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
59
- end
40
+ it "raises a ConfigurationError if :ssl_ca_path is set to a path that doesn't exist" do
41
+ Chef::Config[:ssl_ca_path] = "/dev/null/nothing_here"
42
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
43
+ end
60
44
 
61
- it "should set the CA path if that is set in the configuration" do
62
- Chef::Config[:ssl_ca_path] = File.join(CHEF_SPEC_DATA, "ssl")
63
- expect(http_client.ca_path).to eq(File.join(CHEF_SPEC_DATA, "ssl"))
64
- end
45
+ it "should set the CA path if that is set in the configuration" do
46
+ Chef::Config[:ssl_ca_path] = File.join(CHEF_SPEC_DATA, "ssl")
47
+ expect(http_client.ca_path).to eq(File.join(CHEF_SPEC_DATA, "ssl"))
48
+ end
65
49
 
66
- it "raises a ConfigurationError if :ssl_ca_file is set to a file that does not exist" do
67
- Chef::Config[:ssl_ca_file] = "/dev/null/nothing_here"
68
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
69
- end
50
+ it "raises a ConfigurationError if :ssl_ca_file is set to a file that does not exist" do
51
+ Chef::Config[:ssl_ca_file] = "/dev/null/nothing_here"
52
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
53
+ end
70
54
 
71
- it "should set the CA file if that is set in the configuration" do
72
- Chef::Config[:ssl_ca_file] = CHEF_SPEC_DATA + "/ssl/5e707473.0"
73
- expect(http_client.ca_file).to eq(CHEF_SPEC_DATA + "/ssl/5e707473.0")
74
- end
55
+ it "should set the CA file if that is set in the configuration" do
56
+ Chef::Config[:ssl_ca_file] = CHEF_SPEC_DATA + "/ssl/5e707473.0"
57
+ expect(http_client.ca_file).to eq(CHEF_SPEC_DATA + "/ssl/5e707473.0")
58
+ end
75
59
 
76
- it "should set the custom CA file if SSL_CERT_FILE environment variable is set" do
77
- ENV["SSL_CERT_FILE"] = CHEF_SPEC_DATA + "/trusted_certs/intermediate.pem"
78
- expect(http_client.ca_file).to eq(CHEF_SPEC_DATA + "/trusted_certs/intermediate.pem")
79
- end
60
+ it "should set the custom CA file if SSL_CERT_FILE environment variable is set" do
61
+ ENV["SSL_CERT_FILE"] = CHEF_SPEC_DATA + "/trusted_certs/intermediate.pem"
62
+ expect(http_client.ca_file).to eq(CHEF_SPEC_DATA + "/trusted_certs/intermediate.pem")
63
+ end
80
64
 
81
- it "raises a ConfigurationError if SSL_CERT_FILE environment variable is set to a file that does not exist" do
82
- ENV["SSL_CERT_FILE"] = "/dev/null/nothing_here"
83
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
84
- end
65
+ it "raises a ConfigurationError if SSL_CERT_FILE environment variable is set to a file that does not exist" do
66
+ ENV["SSL_CERT_FILE"] = "/dev/null/nothing_here"
67
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
85
68
  end
86
69
 
87
- describe "when configured with :ssl_verify_mode set to :verify peer" do
88
- before do
89
- @url = URI.parse("https://chef.example.com:4443/")
90
- Chef::Config[:ssl_verify_mode] = :verify_none
91
- end
70
+ it "sets the OpenSSL verify mode to verify_peer when configured with :ssl_verify_mode set to :verify_peer" do
71
+ Chef::Config[:ssl_verify_mode] = :verify_peer
72
+ expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
73
+ end
92
74
 
93
- it "sets the OpenSSL verify mode to :verify_none" do
94
- expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
95
- end
75
+ it "sets the OpenSSL verify mode to :verify_none when configured with :ssl_verify_mode set to :verify_none" do
76
+ Chef::Config[:ssl_verify_mode] = :verify_none
77
+ expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
96
78
  end
97
79
 
98
80
  describe "when configured with a client certificate" do
99
- before { @url = URI.parse("https://chef.example.com:4443/") }
100
-
101
81
  it "raises ConfigurationError if the certificate file doesn't exist" do
102
82
  Chef::Config[:ssl_client_cert] = "/dev/null/nothing_here"
103
83
  Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/chef-rspec.key"
104
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
84
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError, /ssl_client_cert .* does not exist/)
105
85
  end
106
86
 
107
- it "raises ConfigurationError if the certificate file doesn't exist" do
87
+ it "raises ConfigurationError if the private key file doesn't exist" do
108
88
  Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/chef-rspec.cert"
109
89
  Chef::Config[:ssl_client_key] = "/dev/null/nothing_here"
110
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
90
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError, /ssl_client_key .* does not exist/)
111
91
  end
112
92
 
113
93
  it "raises a ConfigurationError if one of :ssl_client_cert and :ssl_client_key is set but not both" do
114
94
  Chef::Config[:ssl_client_cert] = "/dev/null/nothing_here"
115
95
  Chef::Config[:ssl_client_key] = nil
116
- expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError)
96
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError, /configure ssl_client_cert and ssl_client_key together/)
97
+ end
98
+
99
+ it "raises a ConfigurationError with a bad cert file" do
100
+ Chef::Config[:ssl_client_cert] = __FILE__
101
+ Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/chef-rspec.key"
102
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError, /Error reading cert file '#{__FILE__}'/)
103
+ end
104
+
105
+ it "raises a ConfigurationError with a bad key file" do
106
+ Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/chef-rspec.cert"
107
+ Chef::Config[:ssl_client_key] = __FILE__
108
+ expect { http_client }.to raise_error(Chef::Exceptions::ConfigurationError, /Error reading key file '#{__FILE__}'/)
117
109
  end
118
110
 
119
111
  it "configures the HTTP client's cert and private key" do
@@ -122,20 +114,31 @@ describe "HTTP SSL Policy" do
122
114
  expect(http_client.cert.to_s).to eq(OpenSSL::X509::Certificate.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.cert")).to_s)
123
115
  expect(http_client.key.to_s).to eq(OpenSSL::PKey::RSA.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.key")).to_s)
124
116
  end
125
- end
126
117
 
127
- context "when additional certs are located in the trusted_certs dir" do
128
- let(:self_signed_crt_path) { File.join(CHEF_SPEC_DATA, "trusted_certs", "example.crt") }
129
- let(:self_signed_crt) { OpenSSL::X509::Certificate.new(File.read(self_signed_crt_path)) }
118
+ it "configures the HTTP client's cert and private key with a DER encoded cert" do
119
+ Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/binary/chef-rspec-der.cert"
120
+ Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/chef-rspec.key"
121
+ expect(http_client.cert.to_s).to eq(OpenSSL::X509::Certificate.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.cert")).to_s)
122
+ expect(http_client.key.to_s).to eq(OpenSSL::PKey::RSA.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.key")).to_s)
123
+ end
130
124
 
131
- let(:additional_pem_path) { File.join(CHEF_SPEC_DATA, "trusted_certs", "opscode.pem") }
132
- let(:additional_pem) { OpenSSL::X509::Certificate.new(File.read(additional_pem_path)) }
125
+ it "configures the HTTP client's cert and private key with a DER encoded key" do
126
+ Chef::Config[:ssl_client_cert] = CHEF_SPEC_DATA + "/ssl/chef-rspec.cert"
127
+ Chef::Config[:ssl_client_key] = CHEF_SPEC_DATA + "/ssl/binary/chef-rspec-der.key"
128
+ expect(http_client.cert.to_s).to eq(OpenSSL::X509::Certificate.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.cert")).to_s)
129
+ expect(http_client.key.to_s).to eq(OpenSSL::PKey::RSA.new(IO.read(CHEF_SPEC_DATA + "/ssl/chef-rspec.key")).to_s)
130
+ end
131
+ end
133
132
 
133
+ context "when additional certs are located in the trusted_certs dir" do
134
134
  before do
135
135
  Chef::Config.trusted_certs_dir = File.join(CHEF_SPEC_DATA, "trusted_certs")
136
136
  end
137
137
 
138
138
  it "enables verification of self-signed certificates" do
139
+ path = File.join(CHEF_SPEC_DATA, "trusted_certs", "example.crt")
140
+ self_signed_crt = OpenSSL::X509::Certificate.new(File.binread(path))
141
+
139
142
  expect(http_client.cert_store.verify(self_signed_crt)).to be_truthy
140
143
  end
141
144
 
@@ -148,39 +151,64 @@ describe "HTTP SSL Policy" do
148
151
  # If the machine running the test doesn't have ruby SSL configured correctly,
149
152
  # then the root cert also has to be loaded for the test to succeed.
150
153
  # The system under test **SHOULD** do both of these things.
154
+ path = File.join(CHEF_SPEC_DATA, "trusted_certs", "opscode.pem")
155
+ additional_pem = OpenSSL::X509::Certificate.new(File.binread(path))
156
+
151
157
  expect(http_client.cert_store.verify(additional_pem)).to be_truthy
152
158
  end
153
159
 
154
- context "and some certs are duplicates" do
155
- it "skips duplicate certs" do
156
- # For whatever reason, OpenSSL errors out when adding a
157
- # cert you already have to the certificate store.
158
- ssl_policy.set_custom_certs
159
- ssl_policy.set_custom_certs # should not raise an error
160
+ it "skips duplicate certs" do
161
+ # For whatever reason, OpenSSL errors out when adding a
162
+ # cert you already have to the certificate store.
163
+ ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com"))
164
+ ssl_policy.set_custom_certs
165
+ ssl_policy.set_custom_certs # should not raise an error
166
+ end
167
+
168
+ it "raises ConfigurationError with a bad cert file in the trusted_certs dir" do
169
+ ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com"))
170
+
171
+ Dir.mktmpdir do |dir|
172
+ bad_cert_file = File.join(dir, "bad_cert_file.crt")
173
+ File.write(bad_cert_file, File.read(__FILE__))
174
+
175
+ Chef::Config.trusted_certs_dir = dir
176
+ expect { ssl_policy.set_custom_certs }.to raise_error(Chef::Exceptions::ConfigurationError, /Error reading cert file/)
160
177
  end
161
178
  end
179
+
180
+ it "works with binary certs" do
181
+ Chef::Config.trusted_certs_dir = File.join(CHEF_SPEC_DATA, "ssl", "binary")
182
+
183
+ ssl_policy = ssl_policy_class.new(Net::HTTP.new("example.com"))
184
+ ssl_policy.set_custom_certs
185
+ end
162
186
  end
163
187
  end
164
188
 
165
189
  describe Chef::HTTP::APISSLPolicy do
166
190
 
167
- let(:ssl_policy) { Chef::HTTP::APISSLPolicy.new(unconfigured_http_client) }
191
+ let(:ssl_policy_class) { Chef::HTTP::APISSLPolicy }
168
192
 
169
- context "when verify_api_cert is set" do
170
- before do
171
- Chef::Config[:verify_api_cert] = true
172
- end
193
+ it "sets the OpenSSL verify mode to verify_peer when configured with :ssl_verify_mode set to :verify_peer" do
194
+ Chef::Config[:ssl_verify_mode] = :verify_peer
195
+ expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
196
+ end
173
197
 
174
- it "sets the OpenSSL verify mode to verify_peer" do
175
- expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
176
- end
198
+ it "sets the OpenSSL verify mode to :verify_none when configured with :ssl_verify_mode set to :verify_none" do
199
+ Chef::Config[:ssl_verify_mode] = :verify_none
200
+ expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
177
201
  end
178
202
 
203
+ it "sets the OpenSSL verify mode to verify_peer when verify_api_cert is set" do
204
+ Chef::Config[:verify_api_cert] = true
205
+ expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
206
+ end
179
207
  end
180
208
 
181
209
  describe Chef::HTTP::VerifyPeerSSLPolicy do
182
210
 
183
- let(:ssl_policy) { Chef::HTTP::VerifyPeerSSLPolicy.new(unconfigured_http_client) }
211
+ let(:ssl_policy_class) { Chef::HTTP::VerifyPeerSSLPolicy }
184
212
 
185
213
  it "sets the OpenSSL verify mode to verify_peer" do
186
214
  expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
@@ -190,7 +218,7 @@ describe "HTTP SSL Policy" do
190
218
 
191
219
  describe Chef::HTTP::VerifyNoneSSLPolicy do
192
220
 
193
- let(:ssl_policy) { Chef::HTTP::VerifyNoneSSLPolicy.new(unconfigured_http_client) }
221
+ let(:ssl_policy_class) { Chef::HTTP::VerifyNoneSSLPolicy }
194
222
 
195
223
  it "sets the OpenSSL verify mode to verify_peer" do
196
224
  expect(http_client.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
@@ -472,21 +472,13 @@ describe Chef::Knife::Bootstrap do
472
472
  end
473
473
 
474
474
  describe "when transferring trusted certificates" do
475
- let(:trusted_certs_dir) { Chef::Util::PathHelper.cleanpath(File.join(__dir__, "../../data/trusted_certs")) }
476
-
477
475
  let(:rendered_template) do
478
476
  knife.merge_configs
479
477
  knife.render_template
480
478
  end
481
479
 
482
480
  before do
483
- Chef::Config[:trusted_certs_dir] = trusted_certs_dir
484
- allow(IO).to receive(:read).and_call_original
485
- allow(IO).to receive(:read).with(File.expand_path(Chef::Config[:validation_key])).and_return("")
486
- end
487
-
488
- def certificates
489
- Dir[File.join(trusted_certs_dir, "*.{crt,pem}")]
481
+ Chef::Config[:trusted_certs_dir] = Chef::Util::PathHelper.cleanpath(File.join(CHEF_SPEC_DATA, "trusted_certs"))
490
482
  end
491
483
 
492
484
  it "creates /etc/chef/trusted_certs" do
@@ -494,27 +486,23 @@ describe Chef::Knife::Bootstrap do
494
486
  end
495
487
 
496
488
  it "copies the certificates in the directory" do
497
- certificates.each do |cert|
498
- expect(IO).to receive(:read).with(File.expand_path(cert))
499
- end
489
+ certificates = Dir[File.join(Chef::Config[:trusted_certs_dir], "*.{crt,pem}")]
500
490
 
501
491
  certificates.each do |cert|
502
492
  expect(rendered_template).to match(%r{cat > /etc/chef/trusted_certs/#{File.basename(cert)} <<'EOP'})
503
493
  end
504
494
  end
505
495
 
506
- context "when :trusted_cets_dir is empty" do
507
- let(:trusted_certs_dir) { Chef::Util::PathHelper.cleanpath(File.join(__dir__, "../../data/trusted_certs_empty")) }
508
- it "doesn't create /etc/chef/trusted_certs if :trusted_certs_dir is empty" do
496
+ it "doesn't create /etc/chef/trusted_certs if :trusted_certs_dir is empty" do
497
+ Dir.mktmpdir do |dir|
498
+ Chef::Config[:trusted_certs_dir] = dir
509
499
  expect(rendered_template).not_to match(%r{mkdir -p /etc/chef/trusted_certs})
510
500
  end
511
501
  end
512
-
513
502
  end
514
503
 
515
504
  context "when doing fips things" do
516
505
  let(:template_file) { File.expand_path(File.join(CHEF_SPEC_DATA, "bootstrap", "no_proxy.erb")) }
517
- let(:trusted_certs_dir) { Chef::Util::PathHelper.cleanpath(File.join(__dir__, "../../data/trusted_certs")) }
518
506
 
519
507
  before do
520
508
  Chef::Config[:knife][:bootstrap_template] = template_file
@@ -0,0 +1,54 @@
1
+ # Copyright:: Copyright (c) Chef Software Inc.
2
+ # License:: Apache License, Version 2.0
3
+ #
4
+ # Licensed under the Apache License, Version 2.0 (the "License");
5
+ # you may not use this file except in compliance with the License.
6
+ # You may obtain a copy of the License at
7
+ #
8
+ # http://www.apache.org/licenses/LICENSE-2.0
9
+ #
10
+ # Unless required by applicable law or agreed to in writing, software
11
+ # distributed under the License is distributed on an "AS IS" BASIS,
12
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
+ # See the License for the specific language governing permissions and
14
+ # limitations under the License.
15
+ #
16
+
17
+ require "spec_helper"
18
+
19
+ describe Chef::Knife::Core::StatusPresenter do
20
+ describe "#summarize_json" do
21
+ let(:presenter) { Chef::Knife::Core::StatusPresenter.new(double(:ui), double(:config, :[] => "")) }
22
+
23
+ let(:node) do
24
+ Chef::Node.new.tap do |n|
25
+ n.automatic_attrs["name"] = "my_node"
26
+ n.automatic_attrs["ipaddress"] = "127.0.0.1"
27
+ end
28
+ end
29
+
30
+ let(:result) { JSON.parse(presenter.summarize_json([node])).first }
31
+
32
+ it "uses the first of public_ipv4_addrs when present" do
33
+ node.automatic_attrs["cloud"] = { "public_ipv4_addrs" => ["2.2.2.2"] }
34
+
35
+ expect(result["ip"]).to eq("2.2.2.2")
36
+ end
37
+
38
+ it "falls back to ipaddress when public_ipv4_addrs is empty" do
39
+ node.automatic_attrs["cloud"] = { "public_ipv4_addrs" => [] }
40
+
41
+ expect(result["ip"]).to eq("127.0.0.1")
42
+ end
43
+
44
+ it "falls back to ipaddress when cloud attributes are empty" do
45
+ node.automatic_attrs["cloud"] = {}
46
+
47
+ expect(result["ip"]).to eq("127.0.0.1")
48
+ end
49
+
50
+ it "falls back to ipaddress when cloud attributes is not present" do
51
+ expect(result["ip"]).to eq("127.0.0.1")
52
+ end
53
+ end
54
+ end
@@ -21,13 +21,6 @@ describe Chef::Mixin::OpenSSLHelper do
21
21
  Class.new { include Chef::Mixin::OpenSSLHelper }.new
22
22
  end
23
23
 
24
- describe ".included" do
25
- it "requires openssl" do
26
- instance
27
- expect(defined?(OpenSSL)).to_not be(false)
28
- end
29
- end
30
-
31
24
  # Path helpers
32
25
  describe "#get_key_filename" do
33
26
  context "When the input is not a string" do
@@ -50,6 +50,8 @@ describe Chef::Provider::Package::Rubygems::CurrentGemEnvironment do
50
50
  before do
51
51
  @gem_env = Chef::Provider::Package::Rubygems::CurrentGemEnvironment.new
52
52
  allow(@gem_env).to receive(:logger).and_return(logger)
53
+
54
+ WebMock.disable_net_connect!
53
55
  end
54
56
 
55
57
  it "determines the gem paths from the in memory rubygems" do
@@ -113,28 +115,55 @@ describe Chef::Provider::Package::Rubygems::CurrentGemEnvironment do
113
115
  end
114
116
 
115
117
  it "finds a matching gem candidate version on rubygems 2.0.0+" do
116
- dep = Gem::Dependency.new("rspec", ">= 0")
118
+ stub_request(:head, "https://rubygems.org/api/v1/dependencies")
119
+
120
+ stub_request(:get, "https://rubygems.org/api/v1/dependencies?gems=sexp_processor")
121
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor")))
122
+
123
+ stub_request(:get, "https://rubygems.org/quick/Marshal.4.8/sexp_processor-4.15.1.gemspec.rz")
124
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor-4.15.1.gemspec.rz")))
125
+
126
+ dep = Gem::Dependency.new("sexp_processor", ">= 0")
117
127
  expect(@gem_env.candidate_version_from_remote(dep)).to be_kind_of(Gem::Version)
118
128
  end
119
129
 
120
130
  it "gives the candidate version as nil if none is found" do
121
- dep = Gem::Dependency.new("lksdjflksdjflsdkfj", ">= 0")
131
+ stub_request(:head, "https://rubygems.org/api/v1/dependencies")
132
+
133
+ stub_request(:get, "https://rubygems.org/api/v1/dependencies?gems=nonexistent_gem")
134
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "nonexistent_gem")))
135
+
136
+ dep = Gem::Dependency.new("nonexistent_gem", ">= 0")
122
137
  expect(@gem_env.candidate_version_from_remote(dep)).to be_nil
123
138
  end
124
139
 
125
140
  it "finds a matching gem from a specific gemserver when explicit sources are given (to a server that doesn't respond to api requests)" do
126
- dep = Gem::Dependency.new("rspec", ">= 0")
127
- expect(@gem_env.candidate_version_from_remote(dep, "https://rubygems.org")).to be_kind_of(Gem::Version)
141
+ stub_request(:head, "https://rubygems2.org/api/v1/dependencies")
142
+
143
+ stub_request(:get, "https://rubygems2.org/api/v1/dependencies?gems=sexp_processor")
144
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor")))
145
+
146
+ stub_request(:get, "https://rubygems2.org/quick/Marshal.4.8/sexp_processor-4.15.1.gemspec.rz")
147
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor-4.15.1.gemspec.rz")))
148
+
149
+ dep = Gem::Dependency.new("sexp_processor", ">= 0")
150
+ expect(@gem_env.candidate_version_from_remote(dep, "https://rubygems2.org")).to be_kind_of(Gem::Version)
128
151
  end
129
152
  end
130
153
 
131
154
  context "old rubygems caching behavior" do
132
155
  before do
133
156
  Chef::Config[:rubygems_cache_enabled] = true
157
+
158
+ stub_request(:get, "https://rubygems.org/latest_specs.4.8.gz")
159
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "latest_specs.4.8.gz")))
134
160
  end
135
161
 
136
162
  it "finds a matching gem candidate version on rubygems 2.0.0+" do
137
- dep = Gem::Dependency.new("rspec", ">= 0")
163
+ stub_request(:get, "https://rubygems.org/quick/Marshal.4.8/sexp_processor-4.15.1.gemspec.rz")
164
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor-4.15.1.gemspec.rz")))
165
+
166
+ dep = Gem::Dependency.new("sexp_processor", ">= 0")
138
167
  expect(@gem_env.candidate_version_from_remote(dep)).to be_kind_of(Gem::Version)
139
168
  end
140
169
 
@@ -144,8 +173,11 @@ describe Chef::Provider::Package::Rubygems::CurrentGemEnvironment do
144
173
  end
145
174
 
146
175
  it "finds a matching gem from a specific gemserver when explicit sources are given" do
147
- dep = Gem::Dependency.new("rspec", ">= 0")
148
- expect(@gem_env.candidate_version_from_remote(dep, "http://production.cf.rubygems.org")).to be_kind_of(Gem::Version)
176
+ stub_request(:get, "https://rubygems.org/quick/Marshal.4.8/sexp_processor-4.15.1.gemspec.rz")
177
+ .to_return(status: 200, body: File.binread(File.join(CHEF_SPEC_DATA, "rubygems.org", "sexp_processor-4.15.1.gemspec.rz")))
178
+
179
+ dep = Gem::Dependency.new("sexp_processor", ">= 0")
180
+ expect(@gem_env.candidate_version_from_remote(dep, "http://rubygems2.org")).to be_kind_of(Gem::Version)
149
181
  end
150
182
  end
151
183