chef 17.2.29-universal-mingw32 → 17.5.22-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (173) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -5
  3. data/chef.gemspec +3 -0
  4. data/lib/chef/application/base.rb +11 -1
  5. data/lib/chef/application.rb +3 -1
  6. data/lib/chef/client.rb +2 -3
  7. data/lib/chef/compliance/default_attributes.rb +5 -3
  8. data/lib/chef/compliance/input.rb +115 -0
  9. data/lib/chef/compliance/input_collection.rb +139 -0
  10. data/lib/chef/compliance/profile.rb +122 -0
  11. data/lib/chef/compliance/profile_collection.rb +109 -0
  12. data/lib/chef/compliance/reporter/automate.rb +1 -1
  13. data/lib/chef/compliance/runner.rb +62 -6
  14. data/lib/chef/compliance/waiver.rb +115 -0
  15. data/lib/chef/compliance/waiver_collection.rb +143 -0
  16. data/lib/chef/data_bag.rb +1 -2
  17. data/lib/chef/data_bag_item.rb +1 -2
  18. data/lib/chef/deprecated.rb +10 -4
  19. data/lib/chef/dsl/compliance.rb +38 -0
  20. data/lib/chef/dsl/reader_helpers.rb +51 -0
  21. data/lib/chef/dsl/recipe.rb +4 -2
  22. data/lib/chef/dsl/render_helpers.rb +44 -0
  23. data/lib/chef/dsl/secret.rb +62 -0
  24. data/lib/chef/dsl/toml.rb +116 -0
  25. data/lib/chef/dsl/universal.rb +7 -0
  26. data/lib/chef/dsl.rb +1 -0
  27. data/lib/chef/event_dispatch/base.rb +44 -2
  28. data/lib/chef/exceptions.rb +20 -0
  29. data/lib/chef/formatters/doc.rb +60 -13
  30. data/lib/chef/formatters/error_mapper.rb +2 -2
  31. data/lib/chef/formatters/minimal.rb +6 -5
  32. data/lib/chef/handler/slow_report.rb +1 -1
  33. data/lib/chef/http/basic_client.rb +15 -7
  34. data/lib/chef/http.rb +12 -8
  35. data/lib/chef/json_compat.rb +1 -1
  36. data/lib/chef/policy_builder/policyfile.rb +88 -45
  37. data/lib/chef/provider/execute.rb +1 -1
  38. data/lib/chef/provider/file.rb +4 -2
  39. data/lib/chef/provider/group/dscl.rb +1 -1
  40. data/lib/chef/provider/launchd.rb +6 -6
  41. data/lib/chef/provider/link.rb +2 -2
  42. data/lib/chef/provider/lwrp_base.rb +1 -1
  43. data/lib/chef/provider/package/habitat.rb +168 -0
  44. data/lib/chef/provider/package/powershell.rb +5 -0
  45. data/lib/chef/provider/registry_key.rb +3 -2
  46. data/lib/chef/provider/remote_file/http.rb +1 -1
  47. data/lib/chef/provider/subversion.rb +4 -4
  48. data/lib/chef/provider/support/yum_repo.erb +1 -1
  49. data/lib/chef/provider/systemd_unit.rb +17 -16
  50. data/lib/chef/provider/template.rb +1 -1
  51. data/lib/chef/provider/user/mac.rb +3 -3
  52. data/lib/chef/provider/yum_repository.rb +27 -43
  53. data/lib/chef/provider/zypper_repository.rb +3 -3
  54. data/lib/chef/provider.rb +26 -1
  55. data/lib/chef/provider_resolver.rb +8 -2
  56. data/lib/chef/providers.rb +1 -0
  57. data/lib/chef/resource/archive_file.rb +17 -14
  58. data/lib/chef/resource/chef_client_config.rb +7 -2
  59. data/lib/chef/resource/chef_client_cron.rb +1 -1
  60. data/lib/chef/resource/chef_client_launchd.rb +1 -1
  61. data/lib/chef/resource/chef_client_scheduled_task.rb +46 -3
  62. data/lib/chef/resource/chef_client_systemd_timer.rb +1 -1
  63. data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
  64. data/lib/chef/resource/chef_vault_secret.rb +2 -2
  65. data/lib/chef/resource/chocolatey_config.rb +13 -13
  66. data/lib/chef/resource/dsc_resource.rb +1 -1
  67. data/lib/chef/resource/execute.rb +5 -5
  68. data/lib/chef/resource/file/verification/json.rb +50 -0
  69. data/lib/chef/resource/file/verification/yaml.rb +52 -0
  70. data/lib/chef/resource/gem_package.rb +2 -1
  71. data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
  72. data/lib/chef/resource/habitat/habitat_package.rb +129 -0
  73. data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
  74. data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
  75. data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
  76. data/lib/chef/resource/habitat_config.rb +107 -0
  77. data/lib/chef/resource/habitat_install.rb +247 -0
  78. data/lib/chef/resource/habitat_service.rb +451 -0
  79. data/lib/chef/resource/habitat_user_toml.rb +92 -0
  80. data/lib/chef/resource/homebrew_cask.rb +1 -1
  81. data/lib/chef/resource/inspec_input.rb +128 -0
  82. data/lib/chef/resource/inspec_waiver.rb +185 -0
  83. data/lib/chef/resource/inspec_waiver_file_entry.rb +2 -2
  84. data/lib/chef/resource/launchd.rb +3 -3
  85. data/lib/chef/resource/lwrp_base.rb +1 -1
  86. data/lib/chef/resource/mount.rb +1 -1
  87. data/lib/chef/resource/registry_key.rb +36 -48
  88. data/lib/chef/resource/remote_file.rb +99 -3
  89. data/lib/chef/resource/rhsm_subscription.rb +5 -5
  90. data/lib/chef/resource/ruby_block.rb +100 -0
  91. data/lib/chef/resource/scm/subversion.rb +1 -1
  92. data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
  93. data/lib/chef/resource/support/client.erb +8 -1
  94. data/lib/chef/resource/support/sup.toml.erb +179 -0
  95. data/lib/chef/resource/sysctl.rb +2 -2
  96. data/lib/chef/resource/systemd_unit.rb +3 -3
  97. data/lib/chef/resource/timezone.rb +2 -2
  98. data/lib/chef/resource/user_ulimit.rb +1 -0
  99. data/lib/chef/resource/windows_defender.rb +163 -0
  100. data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
  101. data/lib/chef/resource/windows_printer.rb +78 -44
  102. data/lib/chef/resource/windows_printer_port.rb +1 -1
  103. data/lib/chef/resource/windows_uac.rb +3 -1
  104. data/lib/chef/resource/windows_update_settings.rb +259 -0
  105. data/lib/chef/resource/windows_user_privilege.rb +1 -1
  106. data/lib/chef/resource/yum_package.rb +1 -5
  107. data/lib/chef/resource.rb +13 -17
  108. data/lib/chef/resource_inspector.rb +6 -2
  109. data/lib/chef/resources.rb +14 -1
  110. data/lib/chef/run_context/cookbook_compiler.rb +112 -28
  111. data/lib/chef/run_context.rb +31 -1
  112. data/lib/chef/secret_fetcher/akeyless_vault.rb +57 -0
  113. data/lib/chef/secret_fetcher/aws_secrets_manager.rb +65 -0
  114. data/lib/chef/secret_fetcher/azure_key_vault.rb +78 -0
  115. data/lib/chef/secret_fetcher/base.rb +76 -0
  116. data/lib/chef/secret_fetcher/example.rb +46 -0
  117. data/lib/chef/secret_fetcher/hashi_vault.rb +100 -0
  118. data/lib/chef/secret_fetcher.rb +61 -0
  119. data/lib/chef/version.rb +1 -1
  120. data/spec/data/archive_file/test_archive.tar.gz +0 -0
  121. data/spec/functional/mixin/from_file_spec.rb +1 -1
  122. data/spec/functional/resource/archive_file_spec.rb +87 -0
  123. data/spec/functional/resource/group_spec.rb +5 -1
  124. data/spec/functional/resource/link_spec.rb +8 -0
  125. data/spec/integration/compliance/compliance_spec.rb +61 -0
  126. data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
  127. data/spec/integration/recipes/resource_action_spec.rb +6 -6
  128. data/spec/spec_helper.rb +3 -0
  129. data/spec/support/platform_helpers.rb +4 -0
  130. data/spec/support/ruby_installer.rb +51 -0
  131. data/spec/support/shared/unit/provider/file.rb +2 -8
  132. data/spec/unit/compliance/input_spec.rb +104 -0
  133. data/spec/unit/compliance/profile_spec.rb +120 -0
  134. data/spec/unit/compliance/runner_spec.rb +46 -2
  135. data/spec/unit/compliance/waiver_spec.rb +104 -0
  136. data/spec/unit/data_bag_item_spec.rb +2 -2
  137. data/spec/unit/data_bag_spec.rb +1 -1
  138. data/spec/unit/dsl/render_helpers_spec.rb +102 -0
  139. data/spec/unit/dsl/secret_spec.rb +71 -0
  140. data/spec/unit/formatters/doc_spec.rb +1 -1
  141. data/spec/unit/http/basic_client_spec.rb +30 -0
  142. data/spec/unit/http_spec.rb +8 -2
  143. data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
  144. data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
  145. data/spec/unit/provider/apt_update_spec.rb +3 -1
  146. data/spec/unit/provider/link_spec.rb +13 -7
  147. data/spec/unit/provider/mount/aix_spec.rb +1 -1
  148. data/spec/unit/provider/package/powershell_spec.rb +74 -12
  149. data/spec/unit/provider/remote_file/http_spec.rb +10 -0
  150. data/spec/unit/provider/template_spec.rb +2 -2
  151. data/spec/unit/provider_spec.rb +23 -0
  152. data/spec/unit/resource/archive_file_spec.rb +414 -3
  153. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +69 -0
  154. data/spec/unit/resource/file/verification/json_spec.rb +72 -0
  155. data/spec/unit/resource/file/verification/yaml_spec.rb +67 -0
  156. data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
  157. data/spec/unit/resource/inspec_input_spec.rb +300 -0
  158. data/spec/unit/resource/inspec_waiver_spec.rb +312 -0
  159. data/spec/unit/resource/mount_spec.rb +10 -0
  160. data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
  161. data/spec/unit/resource/systemd_unit_spec.rb +1 -1
  162. data/spec/unit/resource/user_ulimit_spec.rb +14 -1
  163. data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
  164. data/spec/unit/resource/windows_defender_spec.rb +71 -0
  165. data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
  166. data/spec/unit/resource_spec.rb +19 -8
  167. data/spec/unit/secret_fetcher/akeyless_vault_spec.rb +37 -0
  168. data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
  169. data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +70 -0
  170. data/spec/unit/secret_fetcher/hashi_vault_spec.rb +80 -0
  171. data/spec/unit/secret_fetcher_spec.rb +82 -0
  172. data/tasks/rspec.rb +2 -1
  173. metadata +106 -7
@@ -19,22 +19,40 @@ require "spec_helper"
19
19
 
20
20
  describe Chef::Resource::HomebrewCask do
21
21
 
22
- let(:resource) { Chef::Resource::HomebrewCask.new("fakey_fakerton") }
22
+ context "name with under bar" do
23
+ let(:resource) { Chef::Resource::HomebrewCask.new("fakey_fakerton") }
23
24
 
24
- it "has a resource name of :homebrew_cask" do
25
- expect(resource.resource_name).to eql(:homebrew_cask)
26
- end
25
+ it "has a resource name of :homebrew_cask" do
26
+ expect(resource.resource_name).to eql(:homebrew_cask)
27
+ end
28
+
29
+ it "the cask_name property is the name_property" do
30
+ expect(resource.cask_name).to eql("fakey_fakerton")
31
+ end
32
+
33
+ it "sets the default action as :install" do
34
+ expect(resource.action).to eql([:install])
35
+ end
27
36
 
28
- it "the cask_name property is the name_property" do
29
- expect(resource.cask_name).to eql("fakey_fakerton")
37
+ it "supports :install, :remove actions" do
38
+ expect { resource.action :install }.not_to raise_error
39
+ expect { resource.action :remove }.not_to raise_error
40
+ end
30
41
  end
31
42
 
32
- it "sets the default action as :install" do
33
- expect(resource.action).to eql([:install])
43
+ context "name with high fun" do
44
+ let(:resource) { Chef::Resource::HomebrewCask.new("fakey-fakerton") }
45
+
46
+ it "the cask_name property is the name_property" do
47
+ expect(resource.cask_name).to eql("fakey-fakerton")
48
+ end
34
49
  end
35
50
 
36
- it "supports :install, :remove actions" do
37
- expect { resource.action :install }.not_to raise_error
38
- expect { resource.action :remove }.not_to raise_error
51
+ context "name with at mark" do
52
+ let(:resource) { Chef::Resource::HomebrewCask.new("fakey-fakerton@10") }
53
+
54
+ it "the cask_name property is the name_property" do
55
+ expect(resource.cask_name).to eql("fakey-fakerton@10")
56
+ end
39
57
  end
40
58
  end
@@ -0,0 +1,300 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "spec_helper"
19
+
20
+ describe Chef::Resource::InspecInput do
21
+ def load_input(filename)
22
+ path = "/var/chef/cache/cookbooks/acme_compliance/compliance/inputs/#{filename}"
23
+ run_context.input_collection << Chef::Compliance::Input.from_yaml(events, input_yaml, path, "acme_compliance")
24
+ end
25
+
26
+ let(:node) { Chef::Node.new }
27
+ let(:events) { Chef::EventDispatch::Dispatcher.new }
28
+ let(:run_context) do
29
+ Chef::RunContext.new(node, {}, events).tap do |rc|
30
+ end
31
+ end
32
+ let(:collection) { double("resource collection") }
33
+ let(:input_yaml) do
34
+ <<~EOH
35
+ ssh_custom_path: "/whatever2"
36
+ EOH
37
+ end
38
+ let(:input_json) do
39
+ <<~EOH
40
+ { "ssh_custom_path": "/whatever2" }
41
+ EOH
42
+ end
43
+ let(:input_toml) do
44
+ <<~EOH
45
+ ssh_custom_path = "/whatever2"
46
+ EOH
47
+ end
48
+ let(:input_hash) do
49
+ { ssh_custom_path: "/whatever2" }
50
+ end
51
+ let(:resource) do
52
+ Chef::Resource::InspecInput.new("ssh-01", run_context)
53
+ end
54
+ let(:provider) { resource.provider_for_action(:add) }
55
+
56
+ before do
57
+ allow(run_context).to receive(:resource_collection).and_return(collection)
58
+ end
59
+
60
+ it "sets the default action as :add" do
61
+ expect(resource.action).to eql([:add])
62
+ end
63
+
64
+ context "with a input in a cookbook" do
65
+ it "enables the input by the name of the cookbook" do
66
+ load_input("default.yml")
67
+ resource.name "acme_compliance"
68
+ resource.run_action(:add)
69
+ expect(run_context.input_collection.first).to be_enabled
70
+ expect(resource).not_to be_updated_by_last_action
71
+ end
72
+
73
+ it "enables the input with a regular expression for the cookbook" do
74
+ load_input("default.yml")
75
+ resource.name "acme_comp.*"
76
+ resource.run_action(:add)
77
+ expect(run_context.input_collection.first).to be_enabled
78
+ expect(resource).not_to be_updated_by_last_action
79
+ end
80
+
81
+ it "enables the input with an explicit name" do
82
+ load_input("default.yml")
83
+ resource.name "acme_compliance::default"
84
+ resource.run_action(:add)
85
+ expect(run_context.input_collection.first).to be_enabled
86
+ expect(resource).not_to be_updated_by_last_action
87
+ end
88
+
89
+ it "fails when the cookbook name is wrong" do
90
+ load_input("default.yml")
91
+ resource.name "evil_compliance"
92
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
93
+ expect(resource).not_to be_updated_by_last_action
94
+ end
95
+
96
+ it "enables the input when its not named default" do
97
+ load_input("ssh01.yml")
98
+ resource.name "acme_compliance::ssh01"
99
+ resource.run_action(:add)
100
+ expect(run_context.input_collection.first).to be_enabled
101
+ expect(resource).not_to be_updated_by_last_action
102
+ end
103
+
104
+ it "fails when it is not named default and you attempt to enable the default" do
105
+ load_input("ssh01.yml")
106
+ resource.name "acme_compliance"
107
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
108
+ expect(resource).not_to be_updated_by_last_action
109
+ end
110
+
111
+ it "succeeds with a regexp that matches the cookbook name" do
112
+ load_input("ssh01.yml")
113
+ resource.name "acme_comp.*::ssh01"
114
+ resource.run_action(:add)
115
+ expect(run_context.input_collection.first).to be_enabled
116
+ expect(resource).not_to be_updated_by_last_action
117
+ end
118
+
119
+ it "succeeds with a regexp that matches the file name" do
120
+ load_input("ssh01.yml")
121
+ resource.name "acme_compliance::ssh.*"
122
+ resource.run_action(:add)
123
+ expect(run_context.input_collection.first).to be_enabled
124
+ expect(resource).not_to be_updated_by_last_action
125
+ end
126
+
127
+ it "succeeds with a regexps for both the file name and cookbook name" do
128
+ load_input("ssh01.yml")
129
+ resource.name "acme_comp.*::ssh.*"
130
+ resource.run_action(:add)
131
+ expect(run_context.input_collection.first).to be_enabled
132
+ expect(resource).not_to be_updated_by_last_action
133
+ end
134
+
135
+ it "fails with regexps that do not match" do
136
+ load_input("ssh01.yml")
137
+ resource.name "evil_comp.*::etcd.*"
138
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
139
+ end
140
+
141
+ it "substring matches without regexps should fail when they are at the end" do
142
+ load_input("ssh01.yml")
143
+ resource.name "acme_complianc::ssh0"
144
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
145
+ end
146
+
147
+ it "substring matches without regexps should fail when they are at the start" do
148
+ load_input("ssh01.yml")
149
+ resource.name "cme_compliance::sh01"
150
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
151
+ end
152
+ end
153
+
154
+ context "with a input in a file" do
155
+ it "loads a YAML file" do
156
+ tempfile = Tempfile.new(["spec-compliance-test", ".yaml"])
157
+ tempfile.write input_yaml
158
+ tempfile.close
159
+ resource.name tempfile.path
160
+
161
+ resource.run_action(:add)
162
+
163
+ expect(run_context.input_collection.first).to be_enabled
164
+ expect(run_context.input_collection.size).to be 1
165
+ expect(run_context.input_collection.first.cookbook_name).to be nil
166
+ expect(run_context.input_collection.first.path).to be nil
167
+ expect(run_context.input_collection.first.pathname).to be nil
168
+ expect(resource).not_to be_updated_by_last_action
169
+ end
170
+
171
+ it "loads a YAML file in a source attribute" do
172
+ tempfile = Tempfile.new(["spec-compliance-test", ".yaml"])
173
+ tempfile.write input_yaml
174
+ tempfile.close
175
+ resource.name "my-resource-name"
176
+ resource.source tempfile.path
177
+
178
+ resource.run_action(:add)
179
+
180
+ expect(run_context.input_collection.first).to be_enabled
181
+ expect(run_context.input_collection.size).to be 1
182
+ expect(run_context.input_collection.first.cookbook_name).to be nil
183
+ expect(run_context.input_collection.first.path).to be nil
184
+ expect(run_context.input_collection.first.pathname).to be nil
185
+ expect(resource).not_to be_updated_by_last_action
186
+ end
187
+
188
+ it "loads a YML file" do
189
+ tempfile = Tempfile.new(["spec-compliance-test", ".yml"])
190
+ tempfile.write input_yaml
191
+ tempfile.close
192
+ resource.name tempfile.path
193
+
194
+ resource.run_action(:add)
195
+
196
+ expect(run_context.input_collection.first).to be_enabled
197
+ expect(run_context.input_collection.size).to be 1
198
+ expect(run_context.input_collection.first.cookbook_name).to be nil
199
+ expect(run_context.input_collection.first.path).to be nil
200
+ expect(run_context.input_collection.first.pathname).to be nil
201
+ expect(resource).not_to be_updated_by_last_action
202
+ end
203
+
204
+ it "loads a YML file using the source attribute" do
205
+ tempfile = Tempfile.new(["spec-compliance-test", ".yml"])
206
+ tempfile.write input_yaml
207
+ tempfile.close
208
+ resource.name "my-resource-name"
209
+ resource.source tempfile.path
210
+
211
+ resource.run_action(:add)
212
+
213
+ expect(run_context.input_collection.first).to be_enabled
214
+ expect(run_context.input_collection.size).to be 1
215
+ expect(run_context.input_collection.first.cookbook_name).to be nil
216
+ expect(run_context.input_collection.first.path).to be nil
217
+ expect(run_context.input_collection.first.pathname).to be nil
218
+ expect(resource).not_to be_updated_by_last_action
219
+ end
220
+
221
+ it "loads a JSON file" do
222
+ tempfile = Tempfile.new(["spec-compliance-test", ".json"])
223
+ tempfile.write input_json
224
+ tempfile.close
225
+ resource.name tempfile.path
226
+
227
+ resource.run_action(:add)
228
+
229
+ expect(run_context.input_collection.first).to be_enabled
230
+ expect(run_context.input_collection.size).to be 1
231
+ expect(run_context.input_collection.first.cookbook_name).to be nil
232
+ expect(run_context.input_collection.first.path).to be nil
233
+ expect(run_context.input_collection.first.pathname).to be nil
234
+ expect(resource).not_to be_updated_by_last_action
235
+ end
236
+
237
+ it "loads a JSON file using the source attribute" do
238
+ tempfile = Tempfile.new(["spec-compliance-test", ".json"])
239
+ tempfile.write input_json
240
+ tempfile.close
241
+ resource.name "my-resource-name"
242
+ resource.source tempfile.path
243
+
244
+ resource.run_action(:add)
245
+
246
+ expect(run_context.input_collection.first).to be_enabled
247
+ expect(run_context.input_collection.size).to be 1
248
+ expect(run_context.input_collection.first.cookbook_name).to be nil
249
+ expect(run_context.input_collection.first.path).to be nil
250
+ expect(run_context.input_collection.first.pathname).to be nil
251
+ expect(resource).not_to be_updated_by_last_action
252
+ end
253
+
254
+ it "loads a TOML file" do
255
+ tempfile = Tempfile.new(["spec-compliance-test", ".toml"])
256
+ tempfile.write input_toml
257
+ tempfile.close
258
+ resource.name tempfile.path
259
+
260
+ resource.run_action(:add)
261
+
262
+ expect(run_context.input_collection.first).to be_enabled
263
+ expect(run_context.input_collection.size).to be 1
264
+ expect(run_context.input_collection.first.cookbook_name).to be nil
265
+ expect(run_context.input_collection.first.path).to be nil
266
+ expect(run_context.input_collection.first.pathname).to be nil
267
+ expect(resource).not_to be_updated_by_last_action
268
+ end
269
+
270
+ it "loads a TOML file using the source attribute" do
271
+ tempfile = Tempfile.new(["spec-compliance-test", ".toml"])
272
+ tempfile.write input_toml
273
+ tempfile.close
274
+ resource.name "my-resource-name"
275
+ resource.source tempfile.path
276
+
277
+ resource.run_action(:add)
278
+
279
+ expect(run_context.input_collection.first).to be_enabled
280
+ expect(run_context.input_collection.size).to be 1
281
+ expect(run_context.input_collection.first.cookbook_name).to be nil
282
+ expect(run_context.input_collection.first.path).to be nil
283
+ expect(run_context.input_collection.first.pathname).to be nil
284
+ expect(resource).not_to be_updated_by_last_action
285
+ end
286
+
287
+ it "loads a Hash" do
288
+ resource.source input_hash
289
+
290
+ resource.run_action(:add)
291
+
292
+ expect(run_context.input_collection.first).to be_enabled
293
+ expect(run_context.input_collection.size).to be 1
294
+ expect(run_context.input_collection.first.cookbook_name).to be nil
295
+ expect(run_context.input_collection.first.path).to be nil
296
+ expect(run_context.input_collection.first.pathname).to be nil
297
+ expect(resource).not_to be_updated_by_last_action
298
+ end
299
+ end
300
+ end
@@ -0,0 +1,312 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "spec_helper"
19
+
20
+ describe Chef::Resource::InspecWaiver do
21
+ def load_waiver(filename)
22
+ path = "/var/chef/cache/cookbooks/acme_compliance/compliance/waivers/#{filename}"
23
+ run_context.waiver_collection << Chef::Compliance::Waiver.from_yaml(events, waiver_yaml, path, "acme_compliance")
24
+ end
25
+
26
+ let(:node) { Chef::Node.new }
27
+ let(:events) { Chef::EventDispatch::Dispatcher.new }
28
+ let(:run_context) do
29
+ Chef::RunContext.new(node, {}, events).tap do |rc|
30
+ end
31
+ end
32
+ let(:collection) { double("resource collection") }
33
+ let(:waiver_yaml) do
34
+ <<~EOH
35
+ ssh-01:
36
+ expiration_date: 2033-07-31
37
+ run: false
38
+ justification: "waived, yo"
39
+ EOH
40
+ end
41
+ let(:waiver_json) do
42
+ <<~EOH
43
+ { "ssh-01": {
44
+ "expiration_date": "2033-07-31",
45
+ "run": false,
46
+ "justification": "waived, yo"
47
+ } }
48
+ EOH
49
+ end
50
+ let(:waiver_toml) do
51
+ <<~EOH
52
+ [ssh-01]
53
+ expiration_date = 2033-07-31T00:00:00.000Z
54
+ run = false
55
+ justification = "waived, yo"
56
+ EOH
57
+ end
58
+ let(:waiver_hash) do
59
+ { "ssh-01" => {
60
+ "expiration_date" => "2033-07-31",
61
+ "run" => false,
62
+ "justification" => "waived, yo",
63
+ } }
64
+ end
65
+ let(:resource) do
66
+ Chef::Resource::InspecWaiver.new("ssh-01", run_context)
67
+ end
68
+ let(:provider) { resource.provider_for_action(:add) }
69
+
70
+ before do
71
+ allow(run_context).to receive(:resource_collection).and_return(collection)
72
+ end
73
+
74
+ it "sets the default action as :add" do
75
+ expect(resource.action).to eql([:add])
76
+ end
77
+
78
+ context "with a waiver in a cookbook" do
79
+ it "enables the waiver by the name of the cookbook" do
80
+ load_waiver("default.yml")
81
+ resource.name "acme_compliance"
82
+ resource.run_action(:add)
83
+ expect(run_context.waiver_collection.first).to be_enabled
84
+ expect(resource).not_to be_updated_by_last_action
85
+ end
86
+
87
+ it "enables the waiver with a regular expression for the cookbook" do
88
+ load_waiver("default.yml")
89
+ resource.name "acme_comp.*"
90
+ resource.run_action(:add)
91
+ expect(run_context.waiver_collection.first).to be_enabled
92
+ expect(resource).not_to be_updated_by_last_action
93
+ end
94
+
95
+ it "enables the waiver with an explicit name" do
96
+ load_waiver("default.yml")
97
+ resource.name "acme_compliance::default"
98
+ resource.run_action(:add)
99
+ expect(run_context.waiver_collection.first).to be_enabled
100
+ expect(resource).not_to be_updated_by_last_action
101
+ end
102
+
103
+ it "fails when the cookbook name is wrong" do
104
+ load_waiver("default.yml")
105
+ resource.name "evil_compliance"
106
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
107
+ end
108
+
109
+ it "enables the waiver when its not named default" do
110
+ load_waiver("ssh01.yml")
111
+ resource.name "acme_compliance::ssh01"
112
+ resource.run_action(:add)
113
+ expect(run_context.waiver_collection.first).to be_enabled
114
+ expect(resource).not_to be_updated_by_last_action
115
+ end
116
+
117
+ it "fails when it is not named default and you attempt to enable the default" do
118
+ load_waiver("ssh01.yml")
119
+ resource.name "acme_compliance"
120
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
121
+ end
122
+
123
+ it "succeeds with a regexp that matches the cookbook name" do
124
+ load_waiver("ssh01.yml")
125
+ resource.name "acme_comp.*::ssh01"
126
+ resource.run_action(:add)
127
+ expect(run_context.waiver_collection.first).to be_enabled
128
+ expect(resource).not_to be_updated_by_last_action
129
+ end
130
+
131
+ it "succeeds with a regexp that matches the file name" do
132
+ load_waiver("ssh01.yml")
133
+ resource.name "acme_compliance::ssh.*"
134
+ resource.run_action(:add)
135
+ expect(run_context.waiver_collection.first).to be_enabled
136
+ expect(resource).not_to be_updated_by_last_action
137
+ end
138
+
139
+ it "succeeds with a regexps for both the file name and cookbook name" do
140
+ load_waiver("ssh01.yml")
141
+ resource.name "acme_comp.*::ssh.*"
142
+ resource.run_action(:add)
143
+ expect(run_context.waiver_collection.first).to be_enabled
144
+ expect(resource).not_to be_updated_by_last_action
145
+ end
146
+
147
+ it "fails with regexps that do not match" do
148
+ load_waiver("ssh01.yml")
149
+ resource.name "evil_comp.*::etcd.*"
150
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
151
+ end
152
+
153
+ it "substring matches without regexps should fail when they are at the end" do
154
+ load_waiver("ssh01.yml")
155
+ resource.name "acme_complianc::ssh0"
156
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
157
+ end
158
+
159
+ it "substring matches without regexps should fail when they are at the start" do
160
+ load_waiver("ssh01.yml")
161
+ resource.name "cme_compliance::sh01"
162
+ expect { resource.run_action(:add) }.to raise_error(StandardError)
163
+ end
164
+ end
165
+
166
+ context "with a waiver in a file" do
167
+ it "loads a YAML file" do
168
+ tempfile = Tempfile.new(["spec-compliance-test", ".yaml"])
169
+ tempfile.write waiver_yaml
170
+ tempfile.close
171
+ resource.name tempfile.path
172
+
173
+ resource.run_action(:add)
174
+
175
+ expect(run_context.waiver_collection.first).to be_enabled
176
+ expect(run_context.waiver_collection.size).to be 1
177
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
178
+ expect(run_context.waiver_collection.first.path).to be nil
179
+ expect(run_context.waiver_collection.first.pathname).to be nil
180
+ expect(resource).not_to be_updated_by_last_action
181
+ end
182
+
183
+ it "loads a YAML file in a source attribute" do
184
+ tempfile = Tempfile.new(["spec-compliance-test", ".yaml"])
185
+ tempfile.write waiver_yaml
186
+ tempfile.close
187
+ resource.name "my-resource-name"
188
+ resource.source tempfile.path
189
+
190
+ resource.run_action(:add)
191
+
192
+ expect(run_context.waiver_collection.first).to be_enabled
193
+ expect(run_context.waiver_collection.size).to be 1
194
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
195
+ expect(run_context.waiver_collection.first.path).to be nil
196
+ expect(run_context.waiver_collection.first.pathname).to be nil
197
+ expect(resource).not_to be_updated_by_last_action
198
+ end
199
+
200
+ it "loads a YML file" do
201
+ tempfile = Tempfile.new(["spec-compliance-test", ".yml"])
202
+ tempfile.write waiver_yaml
203
+ tempfile.close
204
+ resource.name tempfile.path
205
+
206
+ resource.run_action(:add)
207
+
208
+ expect(run_context.waiver_collection.first).to be_enabled
209
+ expect(run_context.waiver_collection.size).to be 1
210
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
211
+ expect(run_context.waiver_collection.first.path).to be nil
212
+ expect(run_context.waiver_collection.first.pathname).to be nil
213
+ expect(resource).not_to be_updated_by_last_action
214
+ end
215
+
216
+ it "loads a YML file using the source attribute" do
217
+ tempfile = Tempfile.new(["spec-compliance-test", ".yml"])
218
+ tempfile.write waiver_yaml
219
+ tempfile.close
220
+ resource.name "my-resource-name"
221
+ resource.source tempfile.path
222
+
223
+ resource.run_action(:add)
224
+
225
+ expect(run_context.waiver_collection.first).to be_enabled
226
+ expect(run_context.waiver_collection.size).to be 1
227
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
228
+ expect(run_context.waiver_collection.first.path).to be nil
229
+ expect(run_context.waiver_collection.first.pathname).to be nil
230
+ expect(resource).not_to be_updated_by_last_action
231
+ end
232
+
233
+ it "loads a JSON file" do
234
+ tempfile = Tempfile.new(["spec-compliance-test", ".json"])
235
+ tempfile.write waiver_json
236
+ tempfile.close
237
+ resource.name tempfile.path
238
+
239
+ resource.run_action(:add)
240
+
241
+ expect(run_context.waiver_collection.first).to be_enabled
242
+ expect(run_context.waiver_collection.size).to be 1
243
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
244
+ expect(run_context.waiver_collection.first.path).to be nil
245
+ expect(run_context.waiver_collection.first.pathname).to be nil
246
+ expect(resource).not_to be_updated_by_last_action
247
+ end
248
+
249
+ it "loads a JSON file using the source attribute" do
250
+ tempfile = Tempfile.new(["spec-compliance-test", ".json"])
251
+ tempfile.write waiver_json
252
+ tempfile.close
253
+ resource.name "my-resource-name"
254
+ resource.source tempfile.path
255
+
256
+ resource.run_action(:add)
257
+
258
+ expect(run_context.waiver_collection.first).to be_enabled
259
+ expect(run_context.waiver_collection.size).to be 1
260
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
261
+ expect(run_context.waiver_collection.first.path).to be nil
262
+ expect(run_context.waiver_collection.first.pathname).to be nil
263
+ expect(resource).not_to be_updated_by_last_action
264
+ end
265
+
266
+ it "loads a TOML file" do
267
+ tempfile = Tempfile.new(["spec-compliance-test", ".toml"])
268
+ tempfile.write waiver_toml
269
+ tempfile.close
270
+ resource.name tempfile.path
271
+
272
+ resource.run_action(:add)
273
+
274
+ expect(run_context.waiver_collection.first).to be_enabled
275
+ expect(run_context.waiver_collection.size).to be 1
276
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
277
+ expect(run_context.waiver_collection.first.path).to be nil
278
+ expect(run_context.waiver_collection.first.pathname).to be nil
279
+ expect(resource).not_to be_updated_by_last_action
280
+ end
281
+
282
+ it "loads a TOML file using the source attribute" do
283
+ tempfile = Tempfile.new(["spec-compliance-test", ".toml"])
284
+ tempfile.write waiver_toml
285
+ tempfile.close
286
+ resource.name "my-resource-name"
287
+ resource.source tempfile.path
288
+
289
+ resource.run_action(:add)
290
+
291
+ expect(run_context.waiver_collection.first).to be_enabled
292
+ expect(run_context.waiver_collection.size).to be 1
293
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
294
+ expect(run_context.waiver_collection.first.path).to be nil
295
+ expect(run_context.waiver_collection.first.pathname).to be nil
296
+ expect(resource).not_to be_updated_by_last_action
297
+ end
298
+
299
+ it "loads a Hash" do
300
+ resource.source waiver_hash
301
+
302
+ resource.run_action(:add)
303
+
304
+ expect(run_context.waiver_collection.first).to be_enabled
305
+ expect(run_context.waiver_collection.size).to be 1
306
+ expect(run_context.waiver_collection.first.cookbook_name).to be nil
307
+ expect(run_context.waiver_collection.first.path).to be nil
308
+ expect(run_context.waiver_collection.first.pathname).to be nil
309
+ expect(resource).not_to be_updated_by_last_action
310
+ end
311
+ end
312
+ end
@@ -59,6 +59,16 @@ describe Chef::Resource::Mount do
59
59
  expect(resource.mount_point).to eql("//192.168.11.102/Share/backup")
60
60
  end
61
61
 
62
+ it "does not strip slash when mount_point is root directory" do
63
+ resource.mount_point "/"
64
+ expect(resource.mount_point).to eql("/")
65
+ end
66
+
67
+ it "does not strip slash when mount_point is root of network mount" do
68
+ resource.mount_point "127.0.0.1:/"
69
+ expect(resource.mount_point).to eql("127.0.0.1:/")
70
+ end
71
+
62
72
  it "raises error when mount_point property is not set" do
63
73
  expect { resource.mount_point nil }.to raise_error(Chef::Exceptions::ValidationFailed, "Property mount_point must be one of: String! You passed nil.")
64
74
  end