chef 17.2.29-universal-mingw32 → 17.3.48-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -3
  3. data/chef.gemspec +1 -0
  4. data/lib/chef/client.rb +1 -1
  5. data/lib/chef/data_bag.rb +1 -2
  6. data/lib/chef/data_bag_item.rb +1 -2
  7. data/lib/chef/deprecated.rb +10 -4
  8. data/lib/chef/dsl.rb +1 -0
  9. data/lib/chef/dsl/render_helpers.rb +44 -0
  10. data/lib/chef/dsl/secret.rb +64 -0
  11. data/lib/chef/dsl/toml.rb +116 -0
  12. data/lib/chef/dsl/universal.rb +5 -0
  13. data/lib/chef/exceptions.rb +22 -0
  14. data/lib/chef/handler/slow_report.rb +1 -1
  15. data/lib/chef/json_compat.rb +1 -1
  16. data/lib/chef/policy_builder/policyfile.rb +88 -45
  17. data/lib/chef/provider/file.rb +2 -2
  18. data/lib/chef/provider/lwrp_base.rb +1 -1
  19. data/lib/chef/provider/package/habitat.rb +168 -0
  20. data/lib/chef/provider/package/powershell.rb +5 -0
  21. data/lib/chef/providers.rb +1 -0
  22. data/lib/chef/resource/chef_client_config.rb +7 -2
  23. data/lib/chef/resource/chef_client_cron.rb +1 -1
  24. data/lib/chef/resource/chef_client_launchd.rb +1 -1
  25. data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
  26. data/lib/chef/resource/chef_client_systemd_timer.rb +1 -1
  27. data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
  28. data/lib/chef/resource/chef_vault_secret.rb +2 -2
  29. data/lib/chef/resource/dsc_resource.rb +1 -1
  30. data/lib/chef/resource/execute.rb +3 -3
  31. data/lib/chef/resource/gem_package.rb +2 -1
  32. data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
  33. data/lib/chef/resource/habitat/habitat_package.rb +129 -0
  34. data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
  35. data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
  36. data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
  37. data/lib/chef/resource/habitat_config.rb +107 -0
  38. data/lib/chef/resource/habitat_install.rb +247 -0
  39. data/lib/chef/resource/habitat_service.rb +451 -0
  40. data/lib/chef/resource/habitat_user_toml.rb +92 -0
  41. data/lib/chef/resource/lwrp_base.rb +1 -1
  42. data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
  43. data/lib/chef/resource/support/client.erb +8 -1
  44. data/lib/chef/resource/support/sup.toml.erb +179 -0
  45. data/lib/chef/resource/windows_defender.rb +163 -0
  46. data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
  47. data/lib/chef/resource/windows_printer.rb +78 -44
  48. data/lib/chef/resource/windows_printer_port.rb +1 -1
  49. data/lib/chef/resource/windows_update_settings.rb +259 -0
  50. data/lib/chef/resources.rb +12 -1
  51. data/lib/chef/secret_fetcher.rb +54 -0
  52. data/lib/chef/secret_fetcher/aws_secrets_manager.rb +53 -0
  53. data/lib/chef/secret_fetcher/azure_key_vault.rb +56 -0
  54. data/lib/chef/secret_fetcher/base.rb +72 -0
  55. data/lib/chef/secret_fetcher/example.rb +46 -0
  56. data/lib/chef/version.rb +1 -1
  57. data/spec/functional/mixin/from_file_spec.rb +1 -1
  58. data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
  59. data/spec/integration/recipes/resource_action_spec.rb +4 -4
  60. data/spec/support/shared/unit/provider/file.rb +2 -8
  61. data/spec/unit/data_bag_item_spec.rb +2 -2
  62. data/spec/unit/data_bag_spec.rb +1 -1
  63. data/spec/unit/dsl/render_helpers_spec.rb +102 -0
  64. data/spec/unit/dsl/secret_spec.rb +65 -0
  65. data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
  66. data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
  67. data/spec/unit/provider/apt_update_spec.rb +3 -1
  68. data/spec/unit/provider/mount/aix_spec.rb +1 -1
  69. data/spec/unit/provider/package/powershell_spec.rb +74 -12
  70. data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
  71. data/spec/unit/resource/windows_defender_spec.rb +71 -0
  72. data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
  73. data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +63 -0
  74. data/spec/unit/secret_fetcher_spec.rb +82 -0
  75. metadata +51 -7
@@ -75,7 +75,9 @@ describe "Chef::Provider::AptUpdate" do
75
75
 
76
76
  describe "#action_periodic" do
77
77
  before do
78
- allow(File).to receive(:exist?)
78
+ allow(File).to receive(:exist?).with(config_file).and_return(true)
79
+ allow(File).to receive(:exist?).with(config_dir).and_return(true)
80
+ allow(File).to receive(:exist?).with(stamp_dir).and_return(true)
79
81
  allow(File).to receive(:exist?).with(Dir.tmpdir).and_return(true)
80
82
  expect(File).to receive(:exist?).with("#{stamp_dir}/update-success-stamp").and_return(true)
81
83
  end
@@ -202,7 +202,7 @@ describe Chef::Provider::Mount::Aix do
202
202
  it "should enable mount if it is mounted and not enabled" do
203
203
  @new_resource.options("nodev,rw")
204
204
  stub_mounted_enabled(@provider, @mounted_output, "")
205
- # Add existing mount to test enable action appends additional mount with seperating blank line
205
+ # Add existing mount to test enable action appends additional mount with separating blank line
206
206
  filesystems = StringIO.new
207
207
  filesystems.puts <<~ETCFILESYSTEMS
208
208
  /tmp/abc:
@@ -105,6 +105,10 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
105
105
  let(:generated_install_cmdlet) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version" }
106
106
  let(:generated_install_cmdlet_with_version) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 1.0.0.0 ).Version" }
107
107
  let(:generated_install_cmdlet_with_source) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -Source MyGallery ).Version" }
108
+ let(:generated_install_cmdlet_with_options) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -AcceptLicense -Verbose ).Version" }
109
+ let(:generated_install_cmdlet_with_version_and_options) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 1.0.0.0 -AcceptLicense -Verbose ).Version" }
110
+ let(:generated_install_cmdlet_with_source_and_options) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -Source MyGallery -AcceptLicense -Verbose ).Version" }
111
+ let(:generated_install_cmdlet_with_source_and_version_and_options) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 1.0.0.0 -Source MyGallery -AcceptLicense -Verbose ).Version" }
108
112
  let(:generated_install_cmdlet_with_source_and_version) { "#{tls_set_command} ( Install-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 1.0.0.0 -Source MyGallery ).Version" }
109
113
  let(:generated_uninstall_cmdlet) { "#{tls_set_command} ( Uninstall-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version" }
110
114
  let(:generated_uninstall_cmdlet_with_version) { "#{tls_set_command} ( Uninstall-Package xNetworking -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 1.0.0.0 ).Version" }
@@ -204,11 +208,11 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
204
208
  end
205
209
 
206
210
  context "when source is nil" do
207
- it "build get commands correctly" do
211
+ it "builds get commands correctly" do
208
212
  expect(provider.build_powershell_package_command("Get-Package xNetworking")).to eql(generated_get_cmdlet)
209
213
  end
210
214
 
211
- it "build get commands correctly when a version is passed" do
215
+ it "builds get commands correctly when a version is passed" do
212
216
  expect(provider.build_powershell_package_command("Get-Package xNetworking", "1.0.0.0")).to eql(generated_get_cmdlet_with_version)
213
217
  end
214
218
 
@@ -220,30 +224,45 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
220
224
  expect(provider.build_powershell_package_command("Find-Package xNetworking", "1.0.0.0")).to eql(generated_find_cmdlet_with_version)
221
225
  end
222
226
 
223
- it "build install commands correctly" do
227
+ it "builds install commands correctly" do
224
228
  expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet)
225
229
  end
226
230
 
227
- it "build install commands correctly when a version is passed" do
231
+ it "builds install commands correctly when a version is passed" do
228
232
  expect(provider.build_powershell_package_command("Install-Package xNetworking", "1.0.0.0")).to eql(generated_install_cmdlet_with_version)
229
233
  end
230
234
 
231
- it "build install commands correctly" do
235
+ it "builds install commands correctly when options are passed" do
236
+ new_resource.options("-AcceptLicense -Verbose")
237
+ expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet_with_options)
238
+ end
239
+
240
+ it "builds install commands correctly when duplicate options are passed" do
241
+ new_resource.options("-WarningAction SilentlyContinue")
242
+ expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet)
243
+ end
244
+
245
+ it "builds install commands correctly when a version and options are passed" do
246
+ new_resource.options("-AcceptLicense -Verbose")
247
+ expect(provider.build_powershell_package_command("Install-Package xNetworking", "1.0.0.0")).to eql(generated_install_cmdlet_with_version_and_options)
248
+ end
249
+
250
+ it "builds install commands correctly" do
232
251
  expect(provider.build_powershell_package_command("Uninstall-Package xNetworking")).to eql(generated_uninstall_cmdlet)
233
252
  end
234
253
 
235
- it "build install commands correctly when a version is passed" do
254
+ it "builds install commands correctly when a version is passed" do
236
255
  expect(provider.build_powershell_package_command("Uninstall-Package xNetworking", "1.0.0.0")).to eql(generated_uninstall_cmdlet_with_version)
237
256
  end
238
257
  end
239
258
 
240
259
  context "when source is set" do
241
- it "build get commands correctly" do
260
+ it "builds get commands correctly" do
242
261
  new_resource.source("MyGallery")
243
262
  expect(provider.build_powershell_package_command("Get-Package xNetworking")).to eql(generated_get_cmdlet)
244
263
  end
245
264
 
246
- it "build get commands correctly when a version is passed" do
265
+ it "builds get commands correctly when a version is passed" do
247
266
  new_resource.source("MyGallery")
248
267
  expect(provider.build_powershell_package_command("Get-Package xNetworking", "1.0.0.0")).to eql(generated_get_cmdlet_with_version)
249
268
  end
@@ -258,22 +277,40 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
258
277
  expect(provider.build_powershell_package_command("Find-Package xNetworking", "1.0.0.0")).to eql(generated_find_cmdlet_with_source_and_version)
259
278
  end
260
279
 
261
- it "build install commands correctly" do
280
+ it "builds install commands correctly" do
262
281
  new_resource.source("MyGallery")
263
282
  expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet_with_source)
264
283
  end
265
284
 
266
- it "build install commands correctly when a version is passed" do
285
+ it "builds install commands correctly when a version is passed" do
267
286
  new_resource.source("MyGallery")
268
287
  expect(provider.build_powershell_package_command("Install-Package xNetworking", "1.0.0.0")).to eql(generated_install_cmdlet_with_source_and_version)
269
288
  end
270
289
 
271
- it "build install commands correctly" do
290
+ it "builds install commands correctly when options are passed" do
291
+ new_resource.source("MyGallery")
292
+ new_resource.options("-AcceptLicense -Verbose")
293
+ expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet_with_source_and_options)
294
+ end
295
+
296
+ it "builds install commands correctly when duplicate options are passed" do
297
+ new_resource.source("MyGallery")
298
+ new_resource.options("-Force -ForceBootstrap")
299
+ expect(provider.build_powershell_package_command("Install-Package xNetworking")).to eql(generated_install_cmdlet_with_source)
300
+ end
301
+
302
+ it "builds install commands correctly when a version and options are passed" do
303
+ new_resource.source("MyGallery")
304
+ new_resource.options("-AcceptLicense -Verbose")
305
+ expect(provider.build_powershell_package_command("Install-Package xNetworking", "1.0.0.0")).to eql(generated_install_cmdlet_with_source_and_version_and_options)
306
+ end
307
+
308
+ it "builds install commands correctly" do
272
309
  new_resource.source("MyGallery")
273
310
  expect(provider.build_powershell_package_command("Uninstall-Package xNetworking")).to eql(generated_uninstall_cmdlet)
274
311
  end
275
312
 
276
- it "build install commands correctly when a version is passed" do
313
+ it "builds install commands correctly when a version is passed" do
277
314
  new_resource.source("MyGallery")
278
315
  expect(provider.build_powershell_package_command("Uninstall-Package xNetworking", "1.0.0.0")).to eql(generated_uninstall_cmdlet_with_version)
279
316
  end
@@ -434,6 +471,19 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
434
471
  provider.run_action(:install)
435
472
  expect(new_resource).to be_updated_by_last_action
436
473
  end
474
+
475
+ it "should install a package using provided options" do
476
+ provider.load_current_resource
477
+ new_resource.package_name(["xCertificate"])
478
+ new_resource.version(nil)
479
+ new_resource.options(%w{-AcceptLicense -Verbose})
480
+ allow(provider).to receive(:powershell_out).with("#{tls_set_command} ( Find-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version", { timeout: new_resource.timeout }).and_return(package_xcertificate_available)
481
+ allow(provider).to receive(:powershell_out).with("#{tls_set_command} ( Get-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version", { timeout: new_resource.timeout }).and_return(package_xcertificate_not_available)
482
+ allow(provider).to receive(:powershell_out).with("$PSVersionTable.PSVersion.Major").and_return(powershell_installed_version)
483
+ expect(provider).to receive(:powershell_out).with("#{tls_set_command} ( Install-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue -RequiredVersion 2.1.0.0 -AcceptLicense -Verbose ).Version", { timeout: new_resource.timeout })
484
+ provider.run_action(:install)
485
+ expect(new_resource).to be_updated_by_last_action
486
+ end
437
487
  end
438
488
 
439
489
  describe "#action_remove" do
@@ -499,5 +549,17 @@ describe Chef::Provider::Package::Powershell, :windows_only, :windows_gte_10 do
499
549
  provider.run_action(:remove)
500
550
  expect(new_resource).to be_updated_by_last_action
501
551
  end
552
+
553
+ it "should remove a package using provided options" do
554
+ new_resource.package_name(["xCertificate"])
555
+ new_resource.options(%w{-AllVersions})
556
+ allow(provider).to receive(:powershell_out).with("#{tls_set_command} ( Find-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version", { timeout: new_resource.timeout }).and_return(package_xcertificate_available)
557
+ allow(provider).to receive(:powershell_out).with("#{tls_set_command} ( Get-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue ).Version", { timeout: new_resource.timeout }).and_return(package_xcertificate_available)
558
+ allow(provider).to receive(:powershell_out).with("$PSVersionTable.PSVersion.Major").and_return(powershell_installed_version)
559
+ provider.load_current_resource
560
+ expect(provider).to receive(:powershell_out).with("#{tls_set_command} ( Uninstall-Package 'xCertificate' -Force -ForceBootstrap -WarningAction SilentlyContinue -AllVersions ).Version", { timeout: new_resource.timeout }).and_return(package_xcertificate_not_available)
561
+ provider.run_action(:remove)
562
+ expect(new_resource).to be_updated_by_last_action
563
+ end
502
564
  end
503
565
  end
@@ -0,0 +1,62 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "spec_helper"
19
+
20
+ describe Chef::Resource::WindowsDefenderExclusion do
21
+ let(:resource) { Chef::Resource::WindowsDefenderExclusion.new("fakey_fakerton") }
22
+
23
+ it "sets resource name as :windows_defender_exclusion" do
24
+ expect(resource.resource_name).to eql(:windows_defender_exclusion)
25
+ end
26
+
27
+ it "sets the default action as :add" do
28
+ expect(resource.action).to eql([:add])
29
+ end
30
+
31
+ it "supports :add, :remove actions" do
32
+ expect { resource.action :add }.not_to raise_error
33
+ expect { resource.action :remove }.not_to raise_error
34
+ end
35
+
36
+ it "paths property defaults to []" do
37
+ expect(resource.paths).to eql([])
38
+ end
39
+
40
+ it "paths coerces strings to arrays" do
41
+ resource.paths "foo,bar"
42
+ expect(resource.paths).to eq(%w{foo bar})
43
+ end
44
+
45
+ it "extensions property defaults to []" do
46
+ expect(resource.extensions).to eql([])
47
+ end
48
+
49
+ it "extensions coerces strings to arrays" do
50
+ resource.extensions "foo,bar"
51
+ expect(resource.extensions).to eq(%w{foo bar})
52
+ end
53
+
54
+ it "process_paths property defaults to []" do
55
+ expect(resource.process_paths).to eql([])
56
+ end
57
+
58
+ it "process_paths coerces strings to arrays" do
59
+ resource.process_paths "foo,bar"
60
+ expect(resource.process_paths).to eq(%w{foo bar})
61
+ end
62
+ end
@@ -0,0 +1,71 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "spec_helper"
19
+
20
+ describe Chef::Resource::WindowsDefender do
21
+ let(:resource) { Chef::Resource::WindowsDefender.new("fakey_fakerton") }
22
+
23
+ it "sets resource name as :windows_defender" do
24
+ expect(resource.resource_name).to eql(:windows_defender)
25
+ end
26
+
27
+ it "sets the default action as :enable" do
28
+ expect(resource.action).to eql([:enable])
29
+ end
30
+
31
+ it "supports :enable, :disable actions" do
32
+ expect { resource.action :enable }.not_to raise_error
33
+ expect { resource.action :disable }.not_to raise_error
34
+ end
35
+
36
+ it "realtime_protection property defaults to true" do
37
+ expect(resource.realtime_protection).to eql(true)
38
+ end
39
+
40
+ it "intrusion_protection_system property defaults to true" do
41
+ expect(resource.intrusion_protection_system).to eql(true)
42
+ end
43
+
44
+ it "lock_ui property defaults to true" do
45
+ expect(resource.lock_ui).to eql(false)
46
+ end
47
+
48
+ it "scan_archives property defaults to true" do
49
+ expect(resource.scan_archives).to eql(true)
50
+ end
51
+
52
+ it "scan_scripts property defaults to true" do
53
+ expect(resource.scan_scripts).to eql(false)
54
+ end
55
+
56
+ it "scan_email property defaults to true" do
57
+ expect(resource.scan_email).to eql(false)
58
+ end
59
+
60
+ it "scan_removable_drives property defaults to true" do
61
+ expect(resource.scan_removable_drives).to eql(false)
62
+ end
63
+
64
+ it "scan_network_files property defaults to true" do
65
+ expect(resource.scan_network_files).to eql(false)
66
+ end
67
+
68
+ it "scan_mapped_drives property defaults to true" do
69
+ expect(resource.scan_mapped_drives).to eql(true)
70
+ end
71
+ end
@@ -0,0 +1,64 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # Author:: Tim Smith (tsmith@chef.io)
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require "spec_helper"
20
+
21
+ describe Chef::Resource::WindowsUpdateSettings do
22
+ let(:resource) { Chef::Resource::WindowsUpdateSettings.new("foobar") }
23
+
24
+ it "sets resource name as :windows_update_settings" do
25
+ expect(resource.resource_name).to eql(:windows_update_settings)
26
+ end
27
+
28
+ it "sets the default action as :set" do
29
+ expect(resource.action).to eql([:set])
30
+ end
31
+
32
+ it "supports :set and legacy :enable actions" do
33
+ expect { resource.action :set }.not_to raise_error
34
+ expect { resource.action :enable }.not_to raise_error
35
+ end
36
+
37
+ it "raises an error if scheduled_install_day isn't a validate day" do
38
+ expect { resource.scheduled_install_day "Saturday" }.not_to raise_error
39
+ expect { resource.scheduled_install_day "Sunday" }.not_to raise_error
40
+ expect { resource.scheduled_install_day "Extraday" }.to raise_error(ArgumentError)
41
+ end
42
+
43
+ it "raises an error if automatic_update_option isn't a validate option" do
44
+ expect { resource.automatic_update_option 2 }.not_to raise_error
45
+ expect { resource.automatic_update_option :notify }.not_to raise_error
46
+ expect { resource.automatic_update_option :nope }.to raise_error(ArgumentError)
47
+ end
48
+
49
+ it "coerces legacy Integer value in automatic_update_option to friendly symbol" do
50
+ resource.automatic_update_option 2
51
+ expect(resource.automatic_update_option).to eql(:notify)
52
+ end
53
+
54
+ it "raises an error if scheduled_install_hour isn't a 24 hour clock hour" do
55
+ expect { resource.scheduled_install_hour 2 }.not_to raise_error
56
+ expect { resource.scheduled_install_hour 0 }.to raise_error(ArgumentError)
57
+ expect { resource.scheduled_install_hour 25 }.to raise_error(ArgumentError)
58
+ end
59
+
60
+ it "raises an error if custom_detection_frequency isn't a valid frequency" do
61
+ expect { resource.custom_detection_frequency 0 }.not_to raise_error
62
+ expect { resource.custom_detection_frequency 23 }.to raise_error(ArgumentError)
63
+ end
64
+ end
@@ -0,0 +1,63 @@
1
+
2
+ #
3
+ # Author:: Marc Paradise <marc@chef.io>
4
+ # Copyright:: Copyright (c) Chef Software Inc.
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../../spec_helper"
21
+ require "chef/secret_fetcher"
22
+ require "chef/secret_fetcher/azure_key_vault"
23
+
24
+ describe Chef::SecretFetcher::AzureKeyVault do
25
+ let(:config) { { vault: "myvault" } }
26
+ let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config) }
27
+
28
+ context "when validating configuration and configuration is missing :vault" do
29
+ context "and configuration does not have a 'vault'" do
30
+ let(:config) { {} }
31
+ it "raises a MissingVaultError error on validate!" do
32
+ expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::MissingVaultName)
33
+ end
34
+ end
35
+ end
36
+
37
+ context "when performing a fetch" do
38
+ let(:body) { "" }
39
+ let(:response_mock) { double("response", body: body) }
40
+ let(:http_mock) { double("http", :get => response_mock, :use_ssl= => nil) }
41
+
42
+ before do
43
+ allow(fetcher).to receive(:fetch_token).and_return "a token"
44
+ allow(Net::HTTP).to receive(:new).and_return(http_mock)
45
+ end
46
+
47
+ context "and a valid response is received" do
48
+ let(:body) { '{ "value" : "my secret value" }' }
49
+ it "returns the expected response" do
50
+ expect(fetcher.fetch("value")).to eq "my secret value"
51
+ end
52
+ end
53
+
54
+ context "and an error response is received in the body" do
55
+ let(:body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
56
+ it "raises FetchFailed" do
57
+ expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
58
+ end
59
+ end
60
+
61
+ end
62
+ end
63
+
@@ -0,0 +1,82 @@
1
+ #
2
+ # Author:: Marc Paradise <marc@chef.io>
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require "chef/secret_fetcher"
20
+ require "chef/secret_fetcher/example"
21
+
22
+ class SecretFetcherImpl < Chef::SecretFetcher::Base
23
+ def do_fetch(name, version)
24
+ name
25
+ end
26
+
27
+ def validate!; end
28
+ end
29
+
30
+ describe Chef::SecretFetcher do
31
+ let(:fetcher_impl) { SecretFetcherImpl.new({}) }
32
+
33
+ before do
34
+ allow(Chef::SecretFetcher::Example).to receive(:new).and_return fetcher_impl
35
+ end
36
+
37
+ context ".for_service" do
38
+ it "resolves the example fetcher without error" do
39
+ Chef::SecretFetcher.for_service(:example, {})
40
+ end
41
+
42
+ it "resolves the Azure Key Vault fetcher without error" do
43
+ Chef::SecretFetcher.for_service(:azure_key_vault, vault: "invalid")
44
+ end
45
+
46
+ it "resolves the AWS fetcher without error" do
47
+ Chef::SecretFetcher.for_service(:aws_secrets_manager, region: "invalid")
48
+ end
49
+
50
+ it "raises Chef::Exceptions::Secret::MissingFetcher when service is blank" do
51
+ expect { Chef::SecretFetcher.for_service(nil, {}) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
52
+ end
53
+
54
+ it "raises Chef::Exceptions::Secret::MissingFetcher when service is nil" do
55
+ expect { Chef::SecretFetcher.for_service("", {}) }.to raise_error(Chef::Exceptions::Secret::MissingFetcher)
56
+ end
57
+
58
+ it "raises Chef::Exceptions::Secret::InvalidFetcher for an unknown fetcher" do
59
+ expect { Chef::SecretFetcher.for_service(:bad_example, {}) }.to raise_error(Chef::Exceptions::Secret::InvalidFetcherService)
60
+ end
61
+
62
+ it "ensures fetcher configuration is valid by invoking validate!" do
63
+ expect(fetcher_impl).to receive(:validate!)
64
+ Chef::SecretFetcher.for_service(:example, {})
65
+ end
66
+ end
67
+
68
+ context "#fetch" do
69
+ let(:fetcher) {
70
+ Chef::SecretFetcher.for_service(:example, { "key1" => "value1" })
71
+ }
72
+
73
+ it "fetches from the underlying service when secret name is provided " do
74
+ expect(fetcher_impl).to receive(:fetch).with("key1", "v1")
75
+ fetcher.fetch("key1", "v1")
76
+ end
77
+
78
+ it "raises an error when the secret name is not provided" do
79
+ expect { fetcher.fetch(nil) }.to raise_error(Chef::Exceptions::Secret::MissingSecretName)
80
+ end
81
+ end
82
+ end