chef 17.10.163 → 18.0.169

data/spec/unit/resource/cron_d_spec.rb

@@ -18,7 +18,11 @@
 require "spec_helper"
 
 describe Chef::Resource::CronD do
-  let(:resource) { Chef::Resource::CronD.new("cronify") }
+  let(:node) { Chef::Node.new }
+  let(:events) { Chef::EventDispatch::Dispatcher.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, events) }
+  let(:resource) { Chef::Resource::CronD.new("cronify", run_context) }
+  let(:provider) { resource.provider_for_action(:create) }
 
   it "has a default action of [:create]" do
     expect(resource.action).to eql([:create])
@@ -34,6 +38,38 @@ describe Chef::Resource::CronD do
     expect(resource.cron_name).to eql("cronify")
   end
 
+  context "on linux" do
+    before(:each) do
+      node.automatic_attrs[:os] = "linux"
+    end
+
+    it "the cron_name property is valid" do
+      provider.define_resource_requirements
+
+      expect { resource.cron_name "cron-job";   provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "cron_job_0"; provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "CronJob";    provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "cron!";      provider.process_resource_requirements }.to raise_error "The cron job name should contain letters, numbers, hyphens and underscores only."
+      expect { resource.cron_name "cron job";   provider.process_resource_requirements }.to raise_error "The cron job name should contain letters, numbers, hyphens and underscores only."
+    end
+  end
+
+  context "not on linux" do
+    before(:each) do
+      node.automatic_attrs[:os] = "aix"
+    end
+
+    it "all cron names are valid" do
+      provider.define_resource_requirements
+
+      expect { resource.cron_name "cron-job";   provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "cron_job_0"; provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "CronJob";    provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "cron!";      provider.process_resource_requirements }.not_to raise_error
+      expect { resource.cron_name "cron job";   provider.process_resource_requirements }.not_to raise_error
+    end
+  end
+
   it "the mode property defaults to '0600'" do
     expect(resource.mode).to eql("0600")
   end

data/spec/unit/resource/macos_user_defaults_spec.rb

@@ -39,12 +39,12 @@ describe Chef::Resource::MacosUserDefaults, :macos_only do
       expect(resource.domain).to eq("NSGlobalDomain")
     end
 
-    it ":all for the host property" do
-      expect(resource.host).to eq(:all)
+    it "nil for the host property" do
+      expect(resource.host).to be_nil
     end
 
-    it ":current for the user property" do
-      expect(resource.user).to eq(:current)
+    it "nil for the user property" do
+      expect(resource.user).to be_nil
     end
 
     it ":write for resource action" do

data/spec/unit/resource/rest_resource_spec.rb

@@ -0,0 +1,381 @@
+#
+# Copyright:: Copyright 2008-2016, Chef, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+require "train"
+require "train-rest"
+
+class RestResourceByQuery < Chef::Resource
+  use "core::rest_resource"
+
+  provides :rest_resource_by_query, target_mode: true
+
+  property :address, String, required: true
+  property :prefix, Integer, required: true
+  property :gateway, String
+
+  rest_api_collection "/api/v1/addresses"
+  rest_api_document   "/api/v1/address/?ip={address}"
+  rest_property_map({
+    address: "address",
+    prefix: "prefix",
+    gateway: "gateway",
+  })
+end
+
+class RestResourceByPath < RestResourceByQuery
+  provides :rest_resource_by_path, target_mode: true
+
+  rest_api_document "/api/v1/address/{address}"
+end
+
+describe "rest_resource using query-based addressing" do
+  let(:train) {
+    Train.create(
+    "rest", {
+      endpoint:   "https://api.example.com/api/v1/",
+      debug_rest: true,
+      logger:     Chef::Log,
+    }
+  ).connection
+  }
+
+  let(:run_context) do
+    cookbook_collection = Chef::CookbookCollection.new([])
+    node = Chef::Node.new
+    node.name "node1"
+    events = Chef::EventDispatch::Dispatcher.new
+    Chef::RunContext.new(node, cookbook_collection, events)
+  end
+
+  let(:resource) do
+    RestResourceByQuery.new("set_address", run_context).tap do |resource|
+      resource.address = "192.0.2.1"
+      resource.prefix = 24
+      resource.action :configure
+    end
+  end
+
+  let(:provider) do
+    resource.provider_for_action(:configure).tap do |provider|
+      provider.current_resource = resource # for some stubby tests that don't call LCR
+      allow(provider).to receive(:api_connection).and_return(train)
+    end
+  end
+
+  before(:each) do
+    allow(Chef::Provider).to receive(:new).and_return(provider)
+  end
+
+  it "should include :configure action" do
+    expect(provider).to respond_to(:action_configure)
+  end
+
+  it "should include :delete action" do
+    expect(provider).to respond_to(:action_delete)
+  end
+
+  it "should include :nothing action" do
+    expect(provider).to respond_to(:action_nothing)
+  end
+
+  it "sets the default action as :configure" do
+    expect(resource.action).to eql([:configure])
+  end
+
+  it "supports :configure action" do
+    expect { resource.action :configure }.not_to raise_error
+  end
+
+  it "supports :delete action" do
+    expect { resource.action :delete }.not_to raise_error
+  end
+
+  it "should mixin RestResourceDSL" do
+    expect(resource.class.ancestors).to include(Chef::DSL::RestResource)
+  end
+
+  describe "#rest_postprocess" do
+    before do
+      provider.singleton_class.send(:public, :rest_postprocess)
+    end
+    it "should have a default rest_postprocess implementation" do
+      expect(provider).to respond_to(:rest_postprocess)
+    end
+
+    it "should have a non-mutating rest_postprocess implementation" do
+      response = "{ data: nil }"
+
+      expect(provider.rest_postprocess(response.dup)).to eq(response)
+    end
+  end
+
+  describe "#rest_errorhandler" do
+    before do
+      provider.singleton_class.send(:public, :rest_errorhandler)
+    end
+
+    it "should have a default rest_errorhandler implementation" do
+      expect(provider).to respond_to(:rest_errorhandler)
+    end
+
+    it "should have a non-mutating rest_errorhandler implementation" do
+      error_obj = StandardError.new
+
+      expect(provider.rest_errorhandler(error_obj.dup)).to eq(error_obj)
+    end
+  end
+
+  describe "#required_properties" do
+    before do
+      provider.singleton_class.send(:public, :required_properties)
+    end
+
+    it "should include required properties only" do
+      expect(provider.required_properties).to contain_exactly(:address, :prefix)
+    end
+  end
+
+  describe "#property_map" do
+    before do
+      provider.singleton_class.send(:public, :property_map)
+    end
+
+    it "should map resource properties to values properly" do
+      expect(provider.property_map).to eq({
+        address: "192.0.2.1",
+        prefix: 24,
+        gateway: nil,
+        name: "set_address",
+      })
+    end
+  end
+
+  describe "#rest_url_collection" do
+    before do
+      provider.singleton_class.send(:public, :rest_url_collection)
+    end
+
+    it "should return collection URLs properly" do
+      expect(provider.rest_url_collection).to eq("/api/v1/addresses")
+    end
+  end
+
+  describe "#rest_url_document" do
+    before do
+      provider.singleton_class.send(:public, :rest_url_document)
+    end
+
+    it "should apply URI templates to document URLs using query syntax properly" do
+      expect(provider.rest_url_document).to eq("/api/v1/address/?ip=192.0.2.1")
+    end
+  end
+
+  # TODO: Test with path-style URLs
+  describe "#rest_identity_implicit" do
+    before do
+      provider.singleton_class.send(:public, :rest_identity_implicit)
+    end
+
+    it "should return implicit identity properties properly" do
+      expect(provider.rest_identity_implicit).to eq({ "ip" => :address })
+    end
+  end
+
+  describe "#rest_identity_values" do
+    before do
+      provider.singleton_class.send(:public, :rest_identity_values)
+    end
+
+    it "should return implicit identity properties and values properly" do
+      expect(provider.rest_identity_values).to eq({ "ip" => "192.0.2.1" })
+    end
+  end
+
+  # TODO: changed_value
+  # TODO: load_current_value
+
+  # this might be a functional test, but it runs on any O/S so I leave it here
+  describe "when managing a resource" do
+    before { WebMock.disable_net_connect! }
+    let(:addresses_exists) { JSON.generate([{ "address": "192.0.2.1" }]) }
+    let(:addresses_other) { JSON.generate([{ "address": "172.16.32.85" }]) }
+    let(:address_exists) { JSON.generate({ "address": "192.0.2.1", "prefix": 24, "gateway": "192.0.2.1" }) }
+    let(:prefix_wrong) { JSON.generate({ "address": "192.0.2.1", "prefix": 25, "gateway": "192.0.2.1" }) }
+
+    it "should be idempotent" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_exists, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: address_exists, headers: { "Content-Type" => "application/json" })
+      resource.run_action(:configure)
+      expect(resource.updated_by_last_action?).to be false
+    end
+
+    it "should PATCH if a property is incorrect" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_exists, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: prefix_wrong, headers: { "Content-Type" => "application/json" })
+      stub_request(:patch, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .with(
+          body: "{\"address\":\"192.0.2.1\",\"prefix\":25}",
+          headers: {
+            "Accept" => "application/json",
+            "Content-Type" => "application/json",
+          }
+        )
+        .to_return(status: 200, body: address_exists, headers: { "Content-Type" => "application/json" })
+      resource.run_action(:configure)
+      expect(resource.updated_by_last_action?).to be true
+    end
+
+    it "should POST if there's no resources at all" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: "[]", headers: { "Content-Type" => "application/json" })
+      stub_request(:post, "https://api.example.com/api/v1/addresses")
+        .with(
+          body: "{\"address\":\"192.0.2.1\",\"prefix\":24,\"ip\":\"192.0.2.1\"}"
+        )
+        .to_return(status: 200, body: address_exists, headers: { "Content-Type" => "application/json" })
+      resource.run_action(:configure)
+      expect(resource.updated_by_last_action?).to be true
+    end
+
+    it "should POST if the specific resource does not exist" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_other, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 404, body: "", headers: {})
+      stub_request(:post, "https://api.example.com/api/v1/addresses")
+        .with(
+          body: "{\"address\":\"192.0.2.1\",\"prefix\":24,\"ip\":\"192.0.2.1\"}"
+        )
+        .to_return(status: 200, body: address_exists, headers: { "Content-Type" => "application/json" })
+      resource.run_action(:configure)
+      expect(resource.updated_by_last_action?).to be true
+    end
+
+    it "should be idempotent if the resouces needs deleting and there are no resources at all" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: "[]", headers: { "Content-Type" => "application/json" })
+      resource.run_action(:delete)
+      expect(resource.updated_by_last_action?).to be false
+    end
+
+    it "should be idempotent if the resource doesn't exist" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_other, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 404, body: "", headers: {})
+      resource.run_action(:delete)
+      expect(resource.updated_by_last_action?).to be false
+    end
+
+    it "should DELETE the resource if it exists and matches" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_exists, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: address_exists, headers: { "Content-Type" => "application/json" })
+      stub_request(:delete, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: "", headers: {})
+      resource.run_action(:delete)
+      expect(resource.updated_by_last_action?).to be true
+    end
+
+    it "should DELETE the resource if it exists and doesn't match" do
+      stub_request(:get, "https://api.example.com/api/v1/addresses")
+        .to_return(status: 200, body: addresses_exists, headers: { "Content-Type" => "application/json" })
+      stub_request(:get, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: prefix_wrong, headers: { "Content-Type" => "application/json" })
+      stub_request(:delete, "https://api.example.com/api/v1/address/?ip=192.0.2.1")
+        .to_return(status: 200, body: "", headers: {})
+      resource.run_action(:delete)
+      expect(resource.updated_by_last_action?).to be true
+    end
+  end
+end
+
+describe "rest_resource using path-based addressing" do
+  let(:train) {
+    Train.create(
+    "rest", {
+      endpoint:   "https://api.example.com/api/v1/",
+      debug_rest: true,
+      logger:     Chef::Log,
+    }
+  ).connection
+  }
+
+  let(:run_context) do
+    cookbook_collection = Chef::CookbookCollection.new([])
+    node = Chef::Node.new
+    node.name "node1"
+    events = Chef::EventDispatch::Dispatcher.new
+    Chef::RunContext.new(node, cookbook_collection, events)
+  end
+
+  let(:resource) do
+    RestResourceByPath.new("set_address", run_context).tap do |resource|
+      resource.address = "192.0.2.1"
+      resource.prefix = 24
+      resource.action :configure
+    end
+  end
+
+  let(:provider) do
+    resource.provider_for_action(:configure).tap do |provider|
+      provider.current_resource = resource # for some stubby tests that don't call LCR
+      allow(provider).to receive(:api_connection).and_return(train)
+    end
+  end
+
+  before(:each) do
+    allow(Chef::Provider).to receive(:new).and_return(provider)
+  end
+
+  describe "#rest_url_document" do
+    before do
+      provider.singleton_class.send(:public, :rest_url_document)
+    end
+
+    it "should apply URI templates to document URLs using path syntax properly" do
+      expect(provider.rest_url_document).to eq("/api/v1/address/192.0.2.1")
+    end
+  end
+
+  describe "#rest_identity_implicit" do
+    before do
+      provider.singleton_class.send(:public, :rest_identity_implicit)
+    end
+
+    it "should return implicit identity properties properly" do
+      expect(provider.rest_identity_implicit).to eq({ "address" => :address })
+    end
+  end
+
+  describe "#rest_identity_values" do
+    before do
+      provider.singleton_class.send(:public, :rest_identity_values)
+    end
+
+    it "should return implicit identity properties and values properly" do
+      expect(provider.rest_identity_values).to eq({ "address" => "192.0.2.1" })
+    end
+  end
+
+end

data/spec/unit/resource/selinux_boolean_spec.rb

@@ -0,0 +1,92 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+
+describe Chef::Resource::SelinuxBoolean do
+  let(:node) { Chef::Node.new }
+  let(:events) { Chef::EventDispatch::Dispatcher.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, events) }
+  let(:resource) { Chef::Resource::SelinuxBoolean.new("fakey_fakerton", run_context) }
+  let(:provider) { resource.provider_for_action(:set) }
+  let(:selinux_state) { double("shellout!", stdout: "permissive") }
+
+  it "sets boolean proprty as name_property" do
+    expect(resource.boolean).to eql("fakey_fakerton")
+  end
+
+  it "sets the default action as :set" do
+    expect(resource.action).to eql([:set])
+  end
+
+  it "supports :set action" do
+    expect { resource.action :set }.not_to raise_error
+  end
+
+  context "coercing value property" do
+    it "should set value properly to 'on' when valid parameter is sent and is literal positive" do
+      resource.value = 1
+      expect(resource.value).to eql("on")
+
+      resource.value = "true"
+      expect(resource.value).to eql("on")
+
+      resource.value = true
+      expect(resource.value).to eql("on")
+    end
+
+    it "should set value properly to 'off' when valid parameter is sent and is literal negative" do
+      resource.value = 0
+      expect(resource.value).to eql("off")
+
+      resource.value = "false"
+      expect(resource.value).to eql("off")
+
+      resource.value = false
+      expect(resource.value).to eql("off")
+    end
+
+    it "should raise an exception if invalid parameter is sent" do
+      expect do
+        resource.value = "ON"
+      end.to raise_error(ArgumentError)
+    end
+  end
+
+  describe "#Chef::SELinux::CommonHelpers" do
+    context "#selinux_permissive?" do
+      it "should return true if selinux_state is :permissive" do
+        allow(provider).to receive(:shell_out!).and_return(selinux_state)
+        expect(provider.selinux_permissive?).to eql(true)
+      end
+    end
+
+    context "#selinux_disabled?" do
+      it "should return false if selinux_state is :permissive" do
+        allow(provider).to receive(:shell_out!).and_return(selinux_state)
+        expect(provider.selinux_disabled?).to eql(false)
+      end
+    end
+
+    context "#selinux_enforcing?" do
+      it "should return false if selinux_state is :permissive" do
+        allow(provider).to receive(:shell_out!).and_return(selinux_state)
+        expect(provider.selinux_enforcing?).to eql(false)
+      end
+    end
+  end
+end

data/spec/unit/resource/selinux_fcontext_spec.rb

@@ -0,0 +1,65 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+
+describe Chef::Resource::SelinuxFcontext do
+  let(:node) { Chef::Node.new }
+  let(:events) { Chef::EventDispatch::Dispatcher.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, events) }
+  let(:resource) { Chef::Resource::SelinuxFcontext.new("fakey_fakerton", run_context) }
+  let(:provider) { resource.provider_for_action(:manage) }
+  let(:restoreconf) { double("shellout", stdout: "restorecon reset /var/www/html/index.html context unconfined_u:object_r:user_home_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0") }
+
+  it "sets file_spec proprty as name_property" do
+    expect(resource.file_spec).to eql("fakey_fakerton")
+  end
+
+  it "sets the default action as :manage" do
+    expect(resource.action).to eql([:manage])
+  end
+
+  it "supports :manage, :addormodify, :add, :modify, :delete actions" do
+    expect { resource.action :manage }.not_to raise_error
+    expect { resource.action :addormodify }.not_to raise_error
+    expect { resource.action :add }.not_to raise_error
+    expect { resource.action :modify }.not_to raise_error
+    expect { resource.action :delete }.not_to raise_error
+  end
+
+  it "checks 'a', 'f', 'd', 'c', 'b', 's', 'l', 'p' as valid file_type property values" do
+    expect { resource.file_type "a" }.not_to raise_error
+    expect { resource.file_type "f" }.not_to raise_error
+    expect { resource.file_type "d" }.not_to raise_error
+    expect { resource.file_type "c" }.not_to raise_error
+    expect { resource.file_type "b" }.not_to raise_error
+    expect { resource.file_type "s" }.not_to raise_error
+    expect { resource.file_type "l" }.not_to raise_error
+    expect { resource.file_type "p" }.not_to raise_error
+  end
+
+  it "sets default value for file_type property to 'a'" do
+    expect(resource.file_type).to eql("a")
+  end
+
+  describe "#relabel_files" do
+    it "returns verbose output with details of the file for which SELinux config is restored" do
+      allow(provider).to receive(:shell_out!).and_return(restoreconf)
+      expect(provider.relabel_files).to eql(restoreconf)
+    end
+  end
+end

data/spec/unit/resource/selinux_install_spec.rb

@@ -0,0 +1,60 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+
+describe Chef::Resource::SelinuxInstall do
+  let(:node) { Chef::Node.new }
+  let(:events) { Chef::EventDispatch::Dispatcher.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, events) }
+  let(:resource) { Chef::Resource::SelinuxInstall.new("fakey_fakerton", run_context) }
+  let(:provider) { resource.provider_for_action(:install) }
+
+  it "sets the default action as :install" do
+    expect(resource.action).to eql([:install])
+  end
+
+  it "supports :install, :upgrade, :remove actions" do
+    expect { resource.action :install }.not_to raise_error
+    expect { resource.action :upgrade }.not_to raise_error
+    expect { resource.action :remove }.not_to raise_error
+  end
+
+  it "sets default packages on 'rhel', 'fedora', 'amazon' platforms" do
+    node.automatic_attrs[:platform_family] = "rhel"
+    expect(resource.packages).to eql(%w{make policycoreutils selinux-policy selinux-policy-targeted selinux-policy-devel libselinux-utils setools-console})
+  end
+
+  it "sets default packages on debian irrespective of platform_version" do
+    node.automatic_attrs[:platform_family] = "debian"
+    expect(resource.packages).to eql(%w{make policycoreutils selinux-basics selinux-policy-default selinux-policy-dev auditd setools})
+  end
+
+  it "sets default packages on ubuntu 18.04 platforms" do
+    node.automatic_attrs[:platform_family] = "debian"
+    node.automatic_attrs[:platform] = "ubuntu"
+    node.automatic_attrs[:platform_version] = 18.04
+    expect(resource.packages).to eql(%w{make policycoreutils selinux selinux-basics selinux-policy-default selinux-policy-dev auditd setools})
+  end
+
+  it "sets default packages on ubuntu platforms and versions other than 18.04" do
+    node.automatic_attrs[:platform_family] = "debian"
+    node.automatic_attrs[:platform] = "ubuntu"
+    node.automatic_attrs[:platform_version] = 20.04
+    expect(resource.packages).to eql(%w{make policycoreutils selinux-basics selinux-policy-default selinux-policy-dev auditd setools})
+  end
+end