chef 17.3.48-universal-mingw32 → 17.6.15-universal-mingw32

data/spec/unit/resource/powershell_package_source_spec.rb

@@ -33,14 +33,15 @@ describe Chef::Resource::PowershellPackageSource do
     expect(resource.action).to eql([:register])
   end
 
-  it "supports :register and :unregister actions" do
+  it "supports :register, :set and :unregister actions" do
     expect { resource.action :register }.not_to raise_error
+    expect { resource.action :set }.not_to raise_error
     expect { resource.action :unregister }.not_to raise_error
   end
 
   it "the url property accepts strings" do
-    resource.url("https://mygallery.company.co/api/v2/")
-    expect(resource.url).to eql("https://mygallery.company.co/api/v2/")
+    resource.source_location("https://mygallery.company.co/api/v2/")
+    expect(resource.source_location).to eql("https://mygallery.company.co/api/v2/")
   end
 
   it "the trusted property accepts true and false" do
@@ -54,7 +55,7 @@ describe Chef::Resource::PowershellPackageSource do
     expect(resource.trusted).to eql(false)
   end
 
-  it "provider_name accepts 'Programs', 'msi', 'NuGet', 'msu', 'PowerShellGet', 'psl', 'chocolatey'" do
+  it "provider_name accepts 'Programs', 'msi', 'NuGet', 'msu', 'PowerShellGet', 'psl', 'chocolatey', 'winget'" do
     expect { resource.provider_name("Programs") }.not_to raise_error
     expect { resource.provider_name("msi") }.not_to raise_error
     expect { resource.provider_name("NuGet") }.not_to raise_error
@@ -62,6 +63,7 @@ describe Chef::Resource::PowershellPackageSource do
     expect { resource.provider_name("PowerShellGet") }.not_to raise_error
     expect { resource.provider_name("psl") }.not_to raise_error
     expect { resource.provider_name("chocolatey") }.not_to raise_error
+    expect { resource.provider_name("winget") }.not_to raise_error
   end
 
   it "the publish_location property accepts strings" do
@@ -70,75 +72,76 @@ describe Chef::Resource::PowershellPackageSource do
   end
 
   it "the script_source_location property accepts strings" do
-    resource.publish_location("https://mygallery.company.co/api/v2/scripts")
-    expect(resource.publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
+    resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
+    expect(resource.script_source_location).to eql("https://mygallery.company.co/api/v2/scripts")
   end
 
   it "the script_publish_location property accepts strings" do
-    resource.publish_location("https://mygallery.company.co/api/v2/scripts")
-    expect(resource.publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
+    resource.script_publish_location("https://mygallery.company.co/api/v2/scripts")
+    expect(resource.script_publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
   end
 
   describe "#build_ps_repository_command" do
     before do
       resource.source_name("MyGallery")
-      resource.url("https://mygallery.company.co/api/v2/")
+      resource.source_location("https://github.com/chef/powershell_test")
+      resource.provider_name("PowerShellGet")
     end
 
     context "#register" do
       it "builds a minimal command" do
-        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
+        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' | Out-Null")
       end
 
       it "builds a command with trusted set to true" do
         resource.trusted(true)
-        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Trusted' | Out-Null")
+        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Trusted' | Out-Null")
       end
 
       it "builds a command with a publish location" do
-        resource.publish_location("https://mygallery.company.co/api/v2/package")
-        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -PublishLocation 'https://mygallery.company.co/api/v2/package' | Out-Null")
+        resource.publish_location("https://github.com/chef/powershell_test/package")
+        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -PublishLocation 'https://github.com/chef/powershell_test/package' | Out-Null")
       end
 
       it "builds a command with a script source location" do
-        resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
-        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://mygallery.company.co/api/v2/scripts' | Out-Null")
+        resource.script_source_location("https://github.com/chef/powershell_test/scripts")
+        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://github.com/chef/powershell_test/scripts' | Out-Null")
       end
 
       it "builds a command with a script publish location" do
-        resource.script_publish_location("https://mygallery.company.co/api/v2/scripts/package")
-        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://mygallery.company.co/api/v2/scripts/package' | Out-Null")
+        resource.script_publish_location("https://github.com/chef/powershell_test/scripts/package")
+        expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://github.com/chef/powershell_test/scripts/package' | Out-Null")
       end
     end
 
     context "#set" do
       it "builds a minimal command" do
-        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
+        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' | Out-Null")
       end
 
       it "builds a command to change the url" do
-        resource.url("https://othergallery.company.co/api/v2/")
+        resource.source_location("https://othergallery.company.co/api/v2/")
         expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://othergallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
       end
 
       it "builds a command with trusted set to true" do
         resource.trusted(true)
-        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Trusted' | Out-Null")
+        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Trusted' | Out-Null")
       end
 
       it "builds a command with a publish location" do
-        resource.publish_location("https://mygallery.company.co/api/v2/package")
-        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -PublishLocation 'https://mygallery.company.co/api/v2/package' | Out-Null")
+        resource.publish_location("https://github.com/chef/powershell_test/package")
+        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -PublishLocation 'https://github.com/chef/powershell_test/package' | Out-Null")
       end
 
       it "builds a command with a script source location" do
-        resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
-        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://mygallery.company.co/api/v2/scripts' | Out-Null")
+        resource.script_source_location("https://github.com/chef/powershell_test/scripts")
+        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://github.com/chef/powershell_test/scripts' | Out-Null")
       end
 
       it "builds a command with a script publish location" do
-        resource.script_publish_location("https://mygallery.company.co/api/v2/scripts/package")
-        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://mygallery.company.co/api/v2/scripts/package' | Out-Null")
+        resource.script_publish_location("https://github.com/chef/powershell_test/scripts/package")
+        expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://github.com/chef/powershell_test/scripts/package' | Out-Null")
       end
     end
   end
@@ -146,74 +149,72 @@ describe Chef::Resource::PowershellPackageSource do
   describe "#build_package_source_command" do
     before do
       resource.source_name("NuGet")
-      resource.url("http://nuget.org/api/v2/")
+      resource.source_location("http://nuget.org/api/v2/")
     end
 
     context "#register" do
       it "builds a minimal command" do
-        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
+        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -ProviderName 'NuGet' | Out-Null")
       end
 
       it "builds a command with trusted set to true" do
         resource.trusted(true)
-        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$true -ProviderName 'NuGet' | Out-Null")
+        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted -ProviderName 'NuGet' | Out-Null")
       end
 
       it "builds a command with a different provider" do
         resource.source_name("choco")
-        resource.url("https://chocolatey.org/api/v2/")
+        resource.source_location("https://chocolatey.org/api/v2/")
         resource.provider_name("chocolatey")
-        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -Trusted:$false -ProviderName 'chocolatey' | Out-Null")
+        expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -ProviderName 'chocolatey' | Out-Null")
       end
     end
 
     context "#set" do
       it "builds a minimal command" do
-        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
+        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -ProviderName 'NuGet' | Out-Null")
       end
 
       it "builds a command to change the url" do
-        resource.url("https://nuget.company.co/api/v2/")
-        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'https://nuget.company.co/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
+        resource.source_location("https://nuget.company.co/api/v2/")
+        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'https://nuget.company.co/api/v2/' -ProviderName 'NuGet' | Out-Null")
       end
 
       it "builds a command with trusted set to true" do
         resource.trusted(true)
-        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$true -ProviderName 'NuGet' | Out-Null")
+        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted -ProviderName 'NuGet' | Out-Null")
       end
 
       it "builds a command with a different provider" do
         resource.source_name("choco")
-        resource.url("https://chocolatey.org/api/v2/")
+        resource.source_location("https://chocolatey.org/api/v2/")
         resource.provider_name("chocolatey")
-        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -Trusted:$false -ProviderName 'chocolatey' | Out-Null")
+        expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -ProviderName 'chocolatey' | Out-Null")
       end
     end
   end
 
-  describe "#psrepository_cmdlet_appropriate?" do
-    it "returns true if the provider_name is 'PowerShellGet'" do
-      resource.provider_name("PowerShellGet")
-      expect(provider.psrepository_cmdlet_appropriate?).to eql(true)
-    end
-
-    it "returns false if the provider_name is something else" do
-      resource.provider_name("NuGet")
-      expect(provider.psrepository_cmdlet_appropriate?).to eql(false)
-    end
-  end
-
-  describe "#package_source_exists?" do
-    it "returns true if it exists" do
-      allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: "MyGallery\r\n"))
-      resource.source_name("MyGallery")
-      expect(provider.package_source_exists?).to eql(true)
-    end
-
-    it "returns false if it doesn't exist" do
-      allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: ""))
-      resource.source_name("MyGallery")
-      expect(provider.package_source_exists?).to eql(false)
-    end
-  end
+  # describe "get_package_source_details" do
+  #   before do
+  #     resource.source_name("MyGallery")
+  #     resource.source_location("http://nuget.org/api/v2/")
+  #     provider.build_package_source_command("Register", resource)
+  #   end
+
+  #   # stub a call to the package_source_details
+  #   expect(provider).to receive(:get_package_source_details).and_return("PackageSource")
+  #   it "returns packagesource if it exists" do
+  #     # dbl = double("testing PackageSource")
+  #     # let(source_name)
+  #     # # allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: "PackageSource"))
+  #     # resource.source_name("MyGallery")
+  #     expect(provider.get_package_source_details.result).to eql("PackageSource")
+  #   end
+
+  #   it "returns unregistered if it doesn't exist" do
+  #     # allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'Foo' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: ""))
+  #     resource.source_name("Foo")
+  #     expect(provider.get_package_source_details.result).to eql("Unregistered")
+  #   end
+  # end
 end

data/spec/unit/resource/rhsm_subscription_spec.rb

@@ -18,15 +18,24 @@
 require "spec_helper"
 
 describe Chef::Resource::RhsmSubscription do
-  let(:resource) { Chef::Resource::RhsmSubscription.new("fakey_fakerton") }
-  let(:provider) { resource.provider_for_action(:attach) }
+  let(:event_dispatch) { Chef::EventDispatch::Dispatcher.new }
+  let(:node) { Chef::Node.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, event_dispatch) }
+
+  let(:pool_id) { "8a8dd78c766232550226b46e59404aba" }
+  let(:resource) { Chef::Resource::RhsmSubscription.new(pool_id, run_context) }
+  let(:provider) { resource.provider_for_action(Array(resource.action).first) }
+
+  before do
+    allow(resource).to receive(:provider_for_action).with(:attach).and_return(provider)
+  end
 
   it "has a resource name of :rhsm_subscription" do
     expect(resource.resource_name).to eql(:rhsm_subscription)
   end
 
   it "the pool_id property is the name_property" do
-    expect(resource.pool_id).to eql("fakey_fakerton")
+    expect(resource.pool_id).to eql(pool_id)
   end
 
   it "sets the default action as :attach" do
@@ -38,6 +47,44 @@ describe Chef::Resource::RhsmSubscription do
     expect { resource.action :remove }.not_to raise_error
   end
 
+  describe "#action_attach" do
+    let(:yum_package_double) { instance_double("Chef::Resource::YumPackage") }
+    let(:so_double) { instance_double("Mixlib::ShellOut", stdout: "Successfully attached a subscription for: My Subscription", exitstatus: 0, error?: false) }
+
+    before do
+      allow(provider).to receive(:shell_out!).with("subscription-manager attach --pool=#{resource.pool_id}").and_return(so_double)
+      allow(provider).to receive(:build_resource).with(:package, "rhsm_subscription-#{pool_id}-flush_cache").and_return(yum_package_double)
+      allow(yum_package_double).to receive(:run_action).with(:flush_cache)
+    end
+
+    context "when already attached to pool" do
+      before do
+        allow(provider).to receive(:subscription_attached?).with(resource.pool_id).and_return(true)
+      end
+
+      it "does not attach to pool" do
+        expect(provider).not_to receive(:shell_out!)
+        resource.run_action(:attach)
+      end
+    end
+
+    context "when not attached to pool" do
+      before do
+        allow(provider).to receive(:subscription_attached?).with(resource.pool_id).and_return(false)
+      end
+
+      it "attaches to pool" do
+        expect(provider).to receive(:shell_out!).with("subscription-manager attach --pool=#{resource.pool_id}")
+        resource.run_action(:attach)
+      end
+
+      it "flushes package provider cache" do
+        expect(yum_package_double).to receive(:run_action).with(:flush_cache)
+        resource.run_action(:attach)
+      end
+    end
+  end
+
   describe "#subscription_attached?" do
     let(:cmd)    { double("cmd") }
     let(:output) { "Pool ID:    pool123" }

data/spec/unit/resource/systemd_unit_spec.rb

@@ -20,7 +20,7 @@ require "spec_helper"
 
 describe Chef::Resource::SystemdUnit do
   let(:resource) { Chef::Resource::SystemdUnit.new("sysstat-collect.timer") }
-  let(:unit_content_string) { "[Unit]\nDescription = Run system activity accounting tool every 10 minutes\nDocumentation = foo\nDocumentation = bar\n\n[Timer]\nOnCalendar = *:00/10\n\n[Install]\nWantedBy = sysstat.service\n" }
+  let(:unit_content_string) { "[Unit]\nDescription=Run system activity accounting tool every 10 minutes\nDocumentation=foo\nDocumentation=bar\n\n[Timer]\nOnCalendar=*:00/10\n\n[Install]\nWantedBy=sysstat.service\n" }
   let(:unit_content_hash) do
     {
       "Unit" => {

data/spec/unit/resource/user_ulimit_spec.rb

@@ -17,7 +17,6 @@
 #
 
 require "spec_helper"
-
 describe Chef::Resource::UserUlimit do
   let(:node) { Chef::Node.new }
   let(:events) { Chef::EventDispatch::Dispatcher.new }
@@ -50,4 +49,18 @@ describe Chef::Resource::UserUlimit do
     expect { resource.action :create }.not_to raise_error
     expect { resource.action :delete }.not_to raise_error
   end
+
+  describe "sensitive attribute" do
+    context "should be insensitive by default" do
+      it { expect(resource.sensitive).to(be_falsey) }
+    end
+
+    context "when set" do
+      before { resource.sensitive(true) }
+
+      it "should be set on the resource" do
+        expect(resource.sensitive).to(be_truthy)
+      end
+    end
+  end
 end

data/spec/unit/resource_spec.rb

@@ -1172,21 +1172,23 @@ describe Chef::Resource do
       action :base_action3, description: "unmodified base action 3 desc" do; end
     end
 
+    let(:resource_inst) { TestResource.new("TestResource", nil) }
+
     it "returns nil when no description was provided for the action" do
-      expect(TestResource.action_description(:base_action0)).to eql(nil)
+      expect(resource_inst.action_description(:base_action0)).to eql(nil)
     end
 
     context "when action definition is a string" do
       it "returns the description whether a symbol or string is used to look it up" do
-        expect(TestResource.action_description("string_action")).to eql("a string test")
-        expect(TestResource.action_description(:string_action)).to eql("a string test")
+        expect(resource_inst.action_description("string_action")).to eql("a string test")
+        expect(resource_inst.action_description(:string_action)).to eql("a string test")
       end
     end
 
     context "when action definition is a symbol" do
       it "returns the description whether a symbol or string is used to look up" do
-        expect(TestResource.action_description("symbol_action")).to eql("a symbol test")
-        expect(TestResource.action_description(:symbol_action)).to eql("a symbol test")
+        expect(resource_inst.action_description("symbol_action")).to eql("a symbol test")
+        expect(resource_inst.action_description(:symbol_action)).to eql("a symbol test")
       end
     end
 
@@ -1196,14 +1198,23 @@ describe Chef::Resource do
         action :base_action3 do; end
       end
 
+      class TestResourceChild2 < TestResource
+        # We should never see this description
+        action :base_action2, description: "if you see this in an error, TestResourceChild was polluted with this description" do; end
+      end
+      let(:resource_inst) { TestResourceChild.new("TestResource", nil) }
+
       it "returns original description when a described action is not overridden in child resource" do
-        expect(TestResourceChild.action_description(:base_action1)).to eq "unmodified base action 1 desc"
+        expect(resource_inst.action_description(:base_action1)).to eq "unmodified base action 1 desc"
       end
       it "returns original description when the child resource overrides an inherited action but NOT its description" do
-        expect(TestResourceChild.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+        expect(resource_inst.action_description(:base_action3)).to eq "unmodified base action 3 desc"
+      end
+      it "returns new description when the child resource overrides an inherited action and its description" do
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
       it "returns new description when the child resource overrides an inherited action and its description" do
-        expect(TestResourceChild.action_description(:base_action2)).to eq "modified base action 2 desc"
+        expect(resource_inst.action_description(:base_action2)).to eq "modified base action 2 desc"
       end
     end
   end

data/spec/unit/secret_fetcher/akeyless_vault_spec.rb

@@ -0,0 +1,37 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require_relative "../../spec_helper"
+require "chef/secret_fetcher/akeyless_vault"
+
+describe Chef::SecretFetcher::AKeylessVault do
+  let(:node) { {} }
+  let(:run_context) { double("run_context", node: node) }
+
+  context "when validating provided AKeyless Vault configuration" do
+    it "raises ConfigurationInvalid when :secret_access_key is not provided" do
+      fetcher = Chef::SecretFetcher::AKeylessVault.new( { access_id: "provided" }, run_context)
+      expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid, /:secret_access_key/)
+    end
+
+    it "raises ConfigurationInvalid when :access_key_id is not provided" do
+      fetcher = Chef::SecretFetcher::AKeylessVault.new( { access_key: "provided" }, run_context)
+      expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid, /:access_key_id/)
+    end
+  end
+end

data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb

@@ -0,0 +1,70 @@
+#
+# Author:: Marc Paradise <marc@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+
+require_relative "../../spec_helper"
+require "chef/secret_fetcher/aws_secrets_manager"
+
+describe Chef::SecretFetcher::AWSSecretsManager do
+  let(:node) { {} }
+  let(:aws_global_config) { {} }
+  let(:fetcher_config) { {} }
+  let(:run_context) { double("run_context", node: node) }
+  let(:fetcher) {
+    Chef::SecretFetcher::AWSSecretsManager.new( fetcher_config, run_context )
+  }
+
+  before do
+    allow(Aws).to receive(:config).and_return(aws_global_config)
+  end
+
+  context "when region is provided" do
+    let(:fetcher_config) { { region: "region-from-caller" } }
+    it "uses the provided region" do
+      fetcher.validate!
+      expect(fetcher.config[:region]).to eq "region-from-caller"
+    end
+  end
+
+  context "when region is not provided" do
+    context "and no region exists in AWS config or node attributes" do
+      it "raises a ConfigurationInvalid error" do
+        expect { fetcher.validate! }.to raise_error Chef::Exceptions::Secret::ConfigurationInvalid
+      end
+    end
+
+    context "and region exists in AWS config and node attributes" do
+      let(:aws_global_config)  { { region: "region-from-aws-global-config" } }
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-aws-global-config"
+      end
+    end
+
+    context "and region exists only in node attributes" do
+      let(:node) { { "ec2" => { "region" => "region-from-ohai-data" } } }
+      it "uses the region from AWS config" do
+        fetcher.validate!
+        expect(fetcher.config[:region]).to eq "region-from-ohai-data"
+      end
+
+    end
+
+  end
+end

data/spec/unit/secret_fetcher/azure_key_vault_spec.rb

@@ -22,20 +22,11 @@ require "chef/secret_fetcher"
 require "chef/secret_fetcher/azure_key_vault"
 
 describe Chef::SecretFetcher::AzureKeyVault do
-  let(:config) { { vault: "myvault" } }
-  let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config) }
-
-  context "when validating configuration and configuration is missing :vault" do
-    context "and configuration does not have a 'vault'" do
-      let(:config) { {} }
-      it "raises a MissingVaultError error on validate!" do
-        expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::MissingVaultName)
-      end
-    end
-  end
+  let(:config) { { vault: "my_vault" } }
+  let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config, nil) }
 
   context "when performing a fetch" do
-    let(:body) { "" }
+    let(:body) { '{ "value" : "my secret value" }' }
     let(:response_mock) { double("response", body: body) }
     let(:http_mock) { double("http", :get => response_mock, :use_ssl= => nil) }
 
@@ -44,20 +35,36 @@ describe Chef::SecretFetcher::AzureKeyVault do
       allow(Net::HTTP).to receive(:new).and_return(http_mock)
     end
 
-    context "and a valid response is received" do
+    context "and vault name is only provided in the secret name" do
       let(:body) { '{ "value" : "my secret value" }' }
-      it "returns the expected response" do
-        expect(fetcher.fetch("value")).to eq "my secret value"
+      let(:config) { {} }
+      it "fetches the value" do
+        expect(fetcher.fetch("my_vault/value")).to eq "my secret value"
       end
     end
 
+    context "and vault name is not provided in the secret name" do
+      context "and vault name is not provided in config" do
+        let(:config) { {} }
+        it "raises a ConfigurationInvalid exception" do
+          expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
+        end
+      end
+
+      context "and vault name is provided in config" do
+        let(:config) { { vault: "my_vault" } }
+        it "fetches the value" do
+          expect(fetcher.fetch("value")).to eq "my secret value"
+        end
+      end
+    end
     context "and an error response is received in the body" do
+      let(:config) { { vault: "my_vault" } }
       let(:body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
       it "raises FetchFailed" do
         expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
       end
     end
-
   end
 end