chef 17.2.29 → 17.3.48

data/spec/unit/data_bag_item_spec.rb

@@ -73,11 +73,11 @@ describe Chef::DataBagItem do
     end
 
     it "should accept alphanum.alphanum for the id" do
-      expect { data_bag_item.raw_data = { "id" => "foo.bar" } }.to raise_error(ArgumentError)
+      expect { data_bag_item.raw_data = { "id" => "foo.bar" } }.not_to raise_error
     end
 
     it "should accept .alphanum for the id" do
-      expect { data_bag_item.raw_data = { "id" => ".bozo" } }.to raise_error(ArgumentError)
+      expect { data_bag_item.raw_data = { "id" => ".bozo" } }.not_to raise_error
     end
 
     it "should raise an exception if the id contains anything but alphanum/-/_" do

data/spec/unit/data_bag_spec.rb

@@ -49,7 +49,7 @@ describe Chef::DataBag do
       expect { @data_bag.name({}) }.to raise_error(ArgumentError)
     end
 
-    ["-", "_", "1"].each do |char|
+    [ ".", "-", "_", "1"].each do |char|
       it "should allow a '#{char}' character in the data bag name" do
         expect(@data_bag.name("clown#{char}clown")).to eq("clown#{char}clown")
       end

data/spec/unit/dsl/render_helpers_spec.rb

@@ -0,0 +1,102 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+require "chef/dsl/render_helpers"
+
+describe Chef::DSL::RenderHelpers do
+
+  hash = {
+          "golf": "hotel",
+          "kilo": %w{lima mike},
+          "india": {
+                    "juliett": "blue",
+                   },
+          "alpha": {
+                    "charlie": true,
+                    "bravo": 10,
+                   },
+          "echo": "foxtrot",
+         }
+
+  context "render_json" do
+    json = Chef::DSL::RenderHelpers.render_json(hash)
+    describe "JSON content" do
+      it "expected JSON output" do
+        expected = <<-EXPECTED
+{
+  "golf": "hotel",
+  "kilo": [
+    "lima",
+    "mike"
+  ],
+  "india": {
+    "juliett": "blue"
+  },
+  "alpha": {
+    "charlie": true,
+    "bravo": 10
+  },
+  "echo": "foxtrot"
+}
+        EXPECTED
+        expect(json).to eq(expected)
+      end
+    end
+  end
+
+  context "render_toml" do
+    toml = Chef::DSL::RenderHelpers.render_toml(hash)
+    describe "TOML content" do
+      it "expected TOML output" do
+        expected = <<-EXPECTED
+echo = "foxtrot"
+golf = "hotel"
+kilo = ["lima", "mike"]
+[alpha]
+bravo = 10
+charlie = true
+[india]
+juliett = "blue"
+        EXPECTED
+        expect(toml).to eq(expected)
+      end
+    end
+  end
+
+  context "render_yaml" do
+    yaml = Chef::DSL::RenderHelpers.render_yaml(hash)
+    describe "YAML content" do
+      it "expected YAML output" do
+        expected = <<-EXPECTED
+---
+golf: hotel
+kilo:
+- lima
+- mike
+india:
+  juliett: blue
+alpha:
+  charlie: true
+  bravo: 10
+echo: foxtrot
+        EXPECTED
+        expect(yaml).to eq(expected)
+      end
+    end
+  end
+end

data/spec/unit/dsl/secret_spec.rb

@@ -0,0 +1,65 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+require "chef/dsl/secret"
+require "chef/secret_fetcher/base"
+class SecretDSLTester
+  include Chef::DSL::Secret
+end
+
+class SecretFetcherImpl < Chef::SecretFetcher::Base
+  def do_fetch(name, version)
+    name
+  end
+end
+
+describe Chef::DSL::Secret do
+  let(:dsl) { SecretDSLTester.new }
+  it "responds to 'secret'" do
+    expect(dsl.respond_to?(:secret)).to eq true
+  end
+
+  it "uses SecretFetcher.for_service to find the fetcher" do
+    substitute_fetcher = SecretFetcherImpl.new({})
+    expect(Chef::SecretFetcher).to receive(:for_service).with(:example, {}).and_return(substitute_fetcher)
+    expect(substitute_fetcher).to receive(:fetch).with("key1", nil)
+    dsl.secret(name: "key1", service: :example, config: {})
+  end
+
+  it "resolves a secret when using the example fetcher" do
+    secret_value = dsl.secret(name: "test1", service: :example, config: { "test1" => "secret value" })
+    expect(secret_value).to eq "secret value"
+  end
+
+  context "when used within a resource" do
+    let(:run_context) {
+      Chef::RunContext.new(Chef::Node.new,
+                           Chef::CookbookCollection.new(Chef::CookbookLoader.new(File.join(CHEF_SPEC_DATA, "cookbooks"))),
+                           Chef::EventDispatch::Dispatcher.new)
+    }
+
+    it "marks that resource as 'sensitive'" do
+      recipe = Chef::Recipe.new("secrets", "test", run_context)
+      recipe.zen_master "secret_test" do
+        peace secret(name: "test1", service: :example, config: { "test1" => true })
+      end
+      expect(run_context.resource_collection.lookup("zen_master[secret_test]").sensitive).to eql(true)
+    end
+  end
+end

data/spec/unit/policy_builder/dynamic_spec.rb

@@ -55,11 +55,6 @@ describe Chef::PolicyBuilder::Dynamic do
         expect(policy_builder).to respond_to(:load_node)
       end
 
-      it "forwards #original_runlist" do
-        expect(implementation).to receive(:original_runlist)
-        policy_builder.original_runlist
-      end
-
       it "forwards #run_context" do
         expect(implementation).to receive(:run_context)
         policy_builder.run_context

data/spec/unit/policy_builder/policyfile_spec.rb

@@ -72,40 +72,40 @@ describe Chef::PolicyBuilder::Policyfile do
 
   let(:policyfile_default_attributes) do
     {
-        "policyfile_default_attr" => "policyfile_default_value",
-        "top_level_attr" => "hat",
-        "baseline_attr" => {
-          "one" => 1,
-          "two" => 2,
-          "deep" => {
-              "three" => 3,
-              "four" => [4],
-              "five" => [5],
-          },
+      "policyfile_default_attr" => "policyfile_default_value",
+      "top_level_attr" => "hat",
+      "baseline_attr" => {
+        "one" => 1,
+        "two" => 2,
+        "deep" => {
+          "three" => 3,
+          "four" => [4],
+          "five" => [5],
         },
-        "policy_group_value" => {
-          "baseline_attr" => {
-            "one" => 111,
-          },
+      },
+      "policy_group_value" => {
+        "baseline_attr" => {
+          "one" => 111,
         },
-      }
+      },
+    }
   end
 
   let(:policyfile_override_attributes) do
     {
-       "policyfile_override_attr" => "policyfile_override_value",
-       "baseline_attr" => {
-         "deep" => {
-           "three" => 333 },
-       },
-       "policy_group_value" => {
-         "top_level_attr" => "cat",
-         "baseline_attr" => {
-           "deep" => {
-             "four" => [444],
-           },
-         },
-       },
+      "policyfile_override_attr" => "policyfile_override_value",
+      "baseline_attr" => {
+        "deep" => {
+          "three" => 333 },
+      },
+      "policy_group_value" => {
+        "top_level_attr" => "cat",
+        "baseline_attr" => {
+          "deep" => {
+            "four" => [444],
+          },
+        },
+      },
     }
   end
 
@@ -146,10 +146,6 @@ describe Chef::PolicyBuilder::Policyfile do
       Chef::PolicyBuilder::Policyfile.new(node_name, ohai_data, json_attribs, override_runlist, events)
     end
 
-    it "always gives `false` for #temporary_policy?" do
-      expect(initialize_pb.temporary_policy?).to be_falsey
-    end
-
     context "chef-solo" do
       before { Chef::Config[:solo_legacy_mode] = true }
 
@@ -161,16 +157,8 @@ describe Chef::PolicyBuilder::Policyfile do
     context "when given an override run_list" do
       let(:override_runlist) { "recipe[foo],recipe[bar]" }
 
-      it "errors on create" do
-        expect { initialize_pb }.to raise_error(err_namespace::UnsupportedFeature)
-      end
-    end
-
-    context "when json_attribs contains a run_list" do
-      let(:json_attribs) { { "run_list" => [] } }
-
-      it "errors on create" do
-        expect { initialize_pb }.to raise_error(err_namespace::UnsupportedFeature)
+      it "does not error" do
+        expect { initialize_pb }.not_to raise_error
       end
     end
 
@@ -206,7 +194,7 @@ describe Chef::PolicyBuilder::Policyfile do
     end
 
     before do
-      Chef::Config[:policy_document_native_api] = false
+      Chef::Config[:policy_document_native_api] = true
       Chef::Config[:deployment_group] = "example-policy-stage"
       allow(policy_builder).to receive(:api_service).and_return(api_service)
     end
@@ -214,6 +202,8 @@ describe Chef::PolicyBuilder::Policyfile do
     describe "when using compatibility mode (policy_document_native_api == false)" do
 
       before do
+        Chef::Config[:policy_document_native_api] = false
+        Chef::Config[:treat_deprecation_warnings_as_errors] = false
         Chef::Config[:deployment_group] = "example-policy-stage"
       end
 
@@ -323,7 +313,7 @@ describe Chef::PolicyBuilder::Policyfile do
           "example2::server@4.2.0 (feab40e)",
         ]
 
-        expect(policy_builder.run_list_with_versions_for_display).to eq(expected)
+        expect(policy_builder.run_list_with_versions_for_display(policy_builder.run_list)).to eq(expected)
       end
 
       it "generates a RunListExpansion-alike object for feeding to the CookbookCompiler" do
@@ -339,15 +329,19 @@ describe Chef::PolicyBuilder::Policyfile do
       end
 
       describe "validating the Policyfile.lock" do
+        before do
+          Chef::Config[:policy_group] = "policy-stage"
+          Chef::Config[:policy_name] = "example"
+        end
 
         it "errors if the policyfile json contains any non-recipe items" do
           parsed_policyfile_json["run_list"] = ["role[foo]"]
           expect { policy_builder.validate_policyfile }.to raise_error(err_namespace::PolicyfileError)
         end
 
-        it "errors if the policyfile json contains non-fully qualified recipe items" do
+        it "does not error if the policyfile json contains non-fully qualified recipe items" do
           parsed_policyfile_json["run_list"] = ["recipe[foo]"]
-          expect { policy_builder.validate_policyfile }.to raise_error(err_namespace::PolicyfileError)
+          expect { policy_builder.validate_policyfile }.not_to raise_error
         end
 
         it "errors if the policyfile doesn't have a run_list key" do
@@ -395,8 +389,8 @@ describe Chef::PolicyBuilder::Policyfile do
             {
               id: "_policy_node",
               run_list: [
-               { type: "recipe", name: "test::default", skipped: false, version: nil },
-               { type: "recipe", name: "test::other", skipped: false, version: nil },
+                { type: "recipe", name: "test::default", skipped: false, version: nil },
+                { type: "recipe", name: "test::other", skipped: false, version: nil },
               ],
             }
           end
@@ -577,11 +571,9 @@ describe Chef::PolicyBuilder::Policyfile do
               expect(node.automatic_attrs[:policy_name]).to eq("policy_name_from_node_json")
               expect(node.automatic_attrs[:policy_group]).to eq("policy_group_from_node_json")
               expect(node.automatic_attrs[:chef_environment]).to eq("policy_group_from_node_json")
-
             end
 
           end
-
         end
 
         it "resets default and override data" do
@@ -664,18 +656,29 @@ describe Chef::PolicyBuilder::Policyfile do
               expect(policy_builder.run_list).to eq([ "recipe[example1::default]" ])
               expected_expansion = Chef::PolicyBuilder::Policyfile::RunListExpansionIsh.new([ "example1::default" ], [])
               expect(policy_builder.run_list_expansion).to eq(expected_expansion)
-              expect(policy_builder.run_list_with_versions_for_display).to eq(["example1::default@2.3.5 (168d210)"])
+              expect(policy_builder.run_list_with_versions_for_display(policy_builder.run_list)).to eq(["example1::default@2.3.5 (168d210)"])
               expect(node.run_list).to eq([ Chef::RunList::RunListItem.new("recipe[example1::default]") ])
               expect(node[:roles]).to eq( [] )
               expect(node[:recipes]).to eq( ["example1::default"] )
             end
 
-            it "disables the cookbook cache cleaner" do
-              expect(Chef::CookbookCacheCleaner.instance.skip_removal).to be(true)
-            end
+          end
+        end
+
+        context "when an override run_list is given" do
+          let(:override_runlist) { [ "recipe[example2::server]" ] }
 
+          before do
+            policy_builder.build_node
           end
 
+          it "gives `true` for #temporary_policy?" do
+            expect(policy_builder.temporary_policy?).to be true
+          end
+
+          it "returns the override_runlist for the run_list" do
+            expect(policy_builder.run_list).to eql override_runlist
+          end
         end
 
         describe "hoisting attribute values" do
@@ -806,6 +809,10 @@ describe Chef::PolicyBuilder::Policyfile do
         context "when using compatibility mode (policy_document_native_api == false)" do
           let(:cookbook1_url) { "cookbooks/example1/#{example1_xyz_version}" }
           let(:cookbook2_url) { "cookbooks/example2/#{example2_xyz_version}" }
+          before do
+            Chef::Config[:policy_document_native_api] = false
+            Chef::Config[:treat_deprecation_warnings_as_errors] = false
+          end
 
           context "when the cookbooks don't exist on the server" do
             include_examples "fetching cookbooks when they don't exist"
@@ -826,6 +833,7 @@ describe Chef::PolicyBuilder::Policyfile do
             end
 
             include_examples "fetching cookbooks when they exist"
+
           end
         end
 
@@ -863,10 +871,90 @@ describe Chef::PolicyBuilder::Policyfile do
           end
 
         end
+      end
 
+      describe "selecting the run_list" do
+        let(:node) do
+          node = Chef::Node.new
+          node.name(node_name)
+          node
+        end
+
+        before do
+          allow(policy_builder).to receive(:node).and_return(node)
+        end
+
+        context "when json_attribs contains a run_list" do
+          let(:json_attribs) { { "run_list" => [ "recipe[something::default]" ] } }
+
+          it "reads the run_list from the json_attribs" do
+            expect(policy_builder.run_list).to eql(json_attribs["run_list"])
+          end
+
+          it "ignores the node.run_list" do
+            node.run_list.reset!("recipe[incorrect::incorrect]")
+            expect(policy_builder.run_list).to eql(json_attribs["run_list"])
+          end
+
+          it "ignores the node.run_list if the Chef::Config value is set" do
+            Chef::Config[:policy_persist_run_list] = true
+            node.run_list.reset!("recipe[incorrect::incorrect]")
+            expect(policy_builder.run_list).to eql(json_attribs["run_list"])
+          end
+        end
+
+        it "reads the run_list from the policyfile" do
+          expect(policy_builder.run_list).to eql(policyfile_run_list)
+        end
+
+        it "ignores the node.run_list by default" do
+          node.run_list.reset!("recipe[incorrect::incorrect]")
+          expect(policy_builder.run_list).to eql(policyfile_run_list)
+        end
+
+        it "uses the node.run_list if the Chef::Config value is set" do
+          Chef::Config[:policy_persist_run_list] = true
+          node.run_list.reset!("recipe[correct::default]")
+          expect(policy_builder.run_list).to eql(node.run_list)
+        end
+
+        it "does not use an empty node.run_list" do
+          Chef::Config[:policy_persist_run_list] = true
+          node.run_list.reset!
+          expect(policy_builder.run_list).to eql(policyfile_run_list)
+        end
+
+        context "with a valid named_run_list" do
+          let(:parsed_policyfile_json) do
+            basic_valid_policy_data.dup.tap do |p|
+              p["named_run_lists"] = {
+                "deploy-app" => [ "recipe[example1::default]" ],
+              }
+            end
+          end
+
+          it "uses the named_run_list over the policyfile" do
+            Chef::Config[:named_run_list] = "deploy-app"
+            expect(policy_builder.run_list).to eq([ "recipe[example1::default]" ])
+          end
+
+          it "is overridden if the run_list is persistent" do
+            Chef::Config[:named_run_list] = "deploy-app"
+            Chef::Config[:policy_persist_run_list] = true
+            node.run_list.reset!("recipe[correct::default]")
+            expect(policy_builder.run_list).to eql(node.run_list)
+          end
+
+          context "when json_attribs contains a run_list" do
+            let(:json_attribs) { { "run_list" => [ "recipe[something::default]" ] } }
+
+            it "overrides the named_run_list" do
+              expect(policy_builder.run_list).to eql(json_attribs["run_list"])
+            end
+          end
+
+        end
       end
     end
-
   end
-
 end