chef 17.4.38-universal-mingw32 → 17.7.22-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (138) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -0
  3. data/chef.gemspec +3 -0
  4. data/lib/chef/application/base.rb +11 -1
  5. data/lib/chef/chef_fs/file_pattern.rb +1 -1
  6. data/lib/chef/chef_fs/path_utils.rb +1 -1
  7. data/lib/chef/client.rb +1 -2
  8. data/lib/chef/compliance/input.rb +115 -0
  9. data/lib/chef/compliance/input_collection.rb +139 -0
  10. data/lib/chef/compliance/profile.rb +122 -0
  11. data/lib/chef/compliance/profile_collection.rb +109 -0
  12. data/lib/chef/compliance/runner.rb +47 -5
  13. data/lib/chef/compliance/waiver.rb +115 -0
  14. data/lib/chef/compliance/waiver_collection.rb +143 -0
  15. data/lib/chef/data_collector/run_end_message.rb +1 -1
  16. data/lib/chef/dsl/compliance.rb +38 -0
  17. data/lib/chef/dsl/reader_helpers.rb +51 -0
  18. data/lib/chef/dsl/reboot_pending.rb +1 -1
  19. data/lib/chef/dsl/recipe.rb +4 -2
  20. data/lib/chef/dsl/secret.rb +2 -4
  21. data/lib/chef/dsl/universal.rb +2 -0
  22. data/lib/chef/event_dispatch/base.rb +44 -2
  23. data/lib/chef/exceptions.rb +10 -0
  24. data/lib/chef/formatters/doc.rb +46 -0
  25. data/lib/chef/http/basic_client.rb +15 -7
  26. data/lib/chef/http.rb +7 -3
  27. data/lib/chef/provider/cron.rb +4 -1
  28. data/lib/chef/provider/file.rb +2 -0
  29. data/lib/chef/provider/git.rb +1 -1
  30. data/lib/chef/provider/ifconfig/debian.rb +1 -1
  31. data/lib/chef/provider/link.rb +2 -2
  32. data/lib/chef/provider/registry_key.rb +3 -2
  33. data/lib/chef/provider/remote_file/http.rb +1 -1
  34. data/lib/chef/provider/subversion.rb +5 -5
  35. data/lib/chef/provider/template.rb +1 -1
  36. data/lib/chef/resource/archive_file.rb +17 -14
  37. data/lib/chef/resource/chef_client_scheduled_task.rb +45 -2
  38. data/lib/chef/resource/chocolatey_config.rb +14 -14
  39. data/lib/chef/resource/chocolatey_feature.rb +1 -1
  40. data/lib/chef/resource/chocolatey_source.rb +24 -2
  41. data/lib/chef/resource/directory.rb +1 -1
  42. data/lib/chef/resource/file/verification/json.rb +50 -0
  43. data/lib/chef/resource/file/verification/yaml.rb +52 -0
  44. data/lib/chef/resource/habitat_install.rb +3 -3
  45. data/lib/chef/resource/inspec_input.rb +127 -0
  46. data/lib/chef/resource/inspec_waiver.rb +184 -0
  47. data/lib/chef/resource/inspec_waiver_file_entry.rb +1 -1
  48. data/lib/chef/resource/kernel_module.rb +27 -2
  49. data/lib/chef/resource/macos_userdefaults.rb +43 -128
  50. data/lib/chef/resource/mount.rb +1 -1
  51. data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
  52. data/lib/chef/resource/powershell_package_source.rb +234 -70
  53. data/lib/chef/resource/registry_key.rb +36 -48
  54. data/lib/chef/resource/remote_file.rb +98 -2
  55. data/lib/chef/resource/timezone.rb +2 -2
  56. data/lib/chef/resource/user_ulimit.rb +1 -0
  57. data/lib/chef/resource/windows_auto_run.rb +1 -1
  58. data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
  59. data/lib/chef/resource/windows_printer.rb +1 -1
  60. data/lib/chef/resource/windows_uac.rb +3 -1
  61. data/lib/chef/resource/windows_update_settings.rb +3 -3
  62. data/lib/chef/resource/windows_user_privilege.rb +1 -1
  63. data/lib/chef/resource.rb +1 -1
  64. data/lib/chef/resource_reporter.rb +1 -1
  65. data/lib/chef/resources.rb +2 -0
  66. data/lib/chef/run_context/cookbook_compiler.rb +112 -28
  67. data/lib/chef/run_context.rb +31 -1
  68. data/lib/chef/secret_fetcher/akeyless_vault.rb +57 -0
  69. data/lib/chef/secret_fetcher/aws_secrets_manager.rb +1 -1
  70. data/lib/chef/secret_fetcher/azure_key_vault.rb +63 -9
  71. data/lib/chef/secret_fetcher/base.rb +1 -1
  72. data/lib/chef/secret_fetcher/hashi_vault.rb +100 -0
  73. data/lib/chef/secret_fetcher.rb +8 -3
  74. data/lib/chef/version.rb +1 -1
  75. data/lib/chef/win32/version.rb +2 -1
  76. data/spec/data/archive_file/test_archive.tar.gz +0 -0
  77. data/spec/functional/dsl/reboot_pending_spec.rb +3 -3
  78. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  79. data/spec/functional/resource/archive_file_spec.rb +87 -0
  80. data/spec/functional/resource/dsc_script_spec.rb +2 -2
  81. data/spec/functional/resource/group_spec.rb +5 -1
  82. data/spec/functional/resource/link_spec.rb +8 -0
  83. data/spec/functional/resource/macos_userdefaults_spec.rb +119 -0
  84. data/spec/functional/resource/powershell_package_source_spec.rb +5 -6
  85. data/spec/functional/resource/registry_spec.rb +81 -81
  86. data/spec/functional/win32/registry_spec.rb +8 -8
  87. data/spec/integration/compliance/compliance_spec.rb +60 -0
  88. data/spec/spec_helper.rb +3 -0
  89. data/spec/support/platform_helpers.rb +4 -0
  90. data/spec/support/ruby_installer.rb +51 -0
  91. data/spec/unit/compliance/input_spec.rb +104 -0
  92. data/spec/unit/compliance/profile_spec.rb +120 -0
  93. data/spec/unit/compliance/waiver_spec.rb +104 -0
  94. data/spec/unit/data_collector_spec.rb +24 -1
  95. data/spec/unit/dsl/reboot_pending_spec.rb +1 -1
  96. data/spec/unit/http/basic_client_spec.rb +30 -0
  97. data/spec/unit/http_spec.rb +8 -2
  98. data/spec/unit/mixin/default_paths_spec.rb +1 -1
  99. data/spec/unit/mixin/securable_spec.rb +3 -3
  100. data/spec/unit/provider/cron_spec.rb +45 -0
  101. data/spec/unit/provider/link_spec.rb +13 -7
  102. data/spec/unit/provider/package/rubygems_spec.rb +5 -5
  103. data/spec/unit/provider/package/windows_spec.rb +1 -1
  104. data/spec/unit/provider/registry_key_spec.rb +4 -4
  105. data/spec/unit/provider/remote_file/http_spec.rb +10 -0
  106. data/spec/unit/provider/service/windows_spec.rb +5 -5
  107. data/spec/unit/provider/subversion_spec.rb +4 -4
  108. data/spec/unit/provider/template_spec.rb +2 -2
  109. data/spec/unit/provider/windows_env_spec.rb +1 -1
  110. data/spec/unit/provider/zypper_repository_spec.rb +1 -1
  111. data/spec/unit/resource/archive_file_spec.rb +414 -3
  112. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +69 -0
  113. data/spec/unit/resource/chocolatey_config_spec.rb +1 -1
  114. data/spec/unit/resource/chocolatey_feature_spec.rb +1 -1
  115. data/spec/unit/resource/chocolatey_source_spec.rb +1 -1
  116. data/spec/unit/resource/file/verification/json_spec.rb +72 -0
  117. data/spec/unit/resource/file/verification/yaml_spec.rb +67 -0
  118. data/spec/unit/resource/inspec_input_spec.rb +300 -0
  119. data/spec/unit/resource/inspec_waiver_spec.rb +312 -0
  120. data/spec/unit/resource/kernel_module_spec.rb +2 -1
  121. data/spec/unit/resource/macos_user_defaults_spec.rb +36 -96
  122. data/spec/unit/resource/mount_spec.rb +10 -0
  123. data/spec/unit/resource/powershell_package_source_spec.rb +63 -62
  124. data/spec/unit/resource/registry_key_spec.rb +10 -10
  125. data/spec/unit/resource/user_ulimit_spec.rb +14 -1
  126. data/spec/unit/resource/windows_auto_run_spec.rb +1 -1
  127. data/spec/unit/resource/windows_feature_powershell_spec.rb +1 -1
  128. data/spec/unit/resource/windows_firewall_rule_spec.rb +2 -2
  129. data/spec/unit/resource/windows_task_spec.rb +3 -3
  130. data/spec/unit/resource_reporter_spec.rb +2 -2
  131. data/spec/unit/resource_spec.rb +5 -0
  132. data/spec/unit/secret_fetcher/akeyless_vault_spec.rb +37 -0
  133. data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +99 -20
  134. data/spec/unit/secret_fetcher/hashi_vault_spec.rb +80 -0
  135. data/spec/unit/util/backup_spec.rb +1 -1
  136. data/spec/unit/win32/registry_spec.rb +3 -3
  137. data/tasks/rspec.rb +2 -1
  138. metadata +75 -6
@@ -0,0 +1,100 @@
1
+ #
2
+ # Author:: Marc Paradise (<marc@chef.io>)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "base"
20
+ require "aws-sdk-core" # Support for aws instance profile auth
21
+ require "vault"
22
+ class Chef
23
+ class SecretFetcher
24
+ # == Chef::SecretFetcher::HashiVault
25
+ # A fetcher that fetches a secret from Hashi Vault.
26
+ #
27
+ # Does not yet support fetching with version when a versioned key store is in use.
28
+ # In this initial iteration the only supported authentication is IAM role-based
29
+ #
30
+ # Required config:
31
+ # :auth_method - one of :iam_role, :token. default: :iam_role
32
+ # :vault_addr - the address of a running Vault instance, eg https://vault.example.com:8200
33
+ #
34
+ # For `:token` auth: `:token` - a Vault token valid for authentication.
35
+ #
36
+ # For `:iam_role`: `:role_name` - the name of the role in Vault that was created
37
+ # to support authentication via IAM. See the Vault documentation for details[1].
38
+ # A Terraform example is also available[2]
39
+ #
40
+ #
41
+ # [1] https://www.vaultproject.io/docs/auth/aws#recommended-vault-iam-policy
42
+ # [2] https://registry.terraform.io/modules/hashicorp/vault/aws/latest/examples/vault-iam-auth
43
+ # an IAM principal ARN bound to it.
44
+ #
45
+ # Optional config
46
+ # :namespace - the namespace under which secrets are kept. Only supported in with Vault Enterprise
47
+ #
48
+ # @example
49
+ #
50
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { role_name: "testing-role", vault_addr: https://localhost:8200}, run_context )
51
+ # fetcher.fetch("secretkey1")
52
+ #
53
+ # @example
54
+ #
55
+ # fetcher = SecretFetcher.for_service(:hashi_vault, { auth_method: :token, token: "s.1234abcdef", vault_addr: https://localhost:8200}, run_context )
56
+ # fetcher.fetch("secretkey1")
57
+ SUPPORTED_AUTH_TYPES = %i{iam_role token}.freeze
58
+ class HashiVault < Base
59
+
60
+ # Validate and authenticate the current session using the configured auth strategy and parameters
61
+ def validate!
62
+ if config[:vault_addr].nil?
63
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the Vault address in the configuration as :vault_addr")
64
+ end
65
+
66
+ Vault.address = config[:vault_addr]
67
+ Vault.namespace = config[:namespace] unless config[:namespace].nil?
68
+
69
+ case config[:auth_method]
70
+ when :token
71
+ if config[:token].nil?
72
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the token in the configuration as :token")
73
+ end
74
+
75
+ Vault.auth.token(config[:token])
76
+ when :iam_role, nil
77
+ if config[:role_name].nil?
78
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("You must provide the authenticating Vault role name in the configuration as :role_name")
79
+ end
80
+
81
+ Vault.auth.aws_iam(config[:role_name], Aws::InstanceProfileCredentials.new)
82
+ else
83
+ raise Chef::Exceptions::Secret::ConfigurationInvalid.new("Invalid :auth_method provided. You gave #{config[:auth_method]}, expected one of :#{SUPPORTED_AUTH_TYPES.join(", :")} ")
84
+ end
85
+ end
86
+
87
+ # @param identifier [String] Identifier of the secret to be fetched, which should
88
+ # be the full path of that secret, eg 'secret/example'
89
+ # @param _version [String] not used in this implementation
90
+ # @return [Hash] containing key/value pairs stored at the location given in 'identifier'
91
+ def do_fetch(identifier, _version)
92
+ result = Vault.logical.read(identifier)
93
+ raise Chef::Exceptions::Secret::FetchFailed.new("No secret found at #{identifier}. Check to ensure that there is a secrets engine configured for that path") if result.nil?
94
+
95
+ result.data
96
+ end
97
+ end
98
+ end
99
+ end
100
+
@@ -21,7 +21,7 @@ require_relative "exceptions"
21
21
  class Chef
22
22
  class SecretFetcher
23
23
 
24
- SECRET_FETCHERS = %i{example aws_secrets_manager azure_key_vault}.freeze
24
+ SECRET_FETCHERS = %i{example aws_secrets_manager azure_key_vault hashi_vault akeyless_vault}.freeze
25
25
 
26
26
  # Returns a configured and validated instance
27
27
  # of a [Chef::SecretFetcher::Base] for the given
@@ -42,14 +42,19 @@ class Chef
42
42
  when :azure_key_vault
43
43
  require_relative "secret_fetcher/azure_key_vault"
44
44
  Chef::SecretFetcher::AzureKeyVault.new(config, run_context)
45
+ when :hashi_vault
46
+ require_relative "secret_fetcher/hashi_vault"
47
+ Chef::SecretFetcher::HashiVault.new(config, run_context)
48
+ when :akeyless_vault
49
+ require_relative "secret_fetcher/akeyless_vault"
50
+ Chef::SecretFetcher::AKeylessVault.new(config, run_context)
45
51
  when nil, ""
46
52
  raise Chef::Exceptions::Secret::MissingFetcher.new(SECRET_FETCHERS)
47
53
  else
48
- raise Chef::Exceptions::Secret::InvalidFetcherService.new("Unsupported secret service: #{service}", SECRET_FETCHERS)
54
+ raise Chef::Exceptions::Secret::InvalidFetcherService.new("Unsupported secret service: '#{service}'", SECRET_FETCHERS)
49
55
  end
50
56
  fetcher.validate!
51
57
  fetcher
52
58
  end
53
59
  end
54
60
  end
55
-
data/lib/chef/version.rb CHANGED
@@ -23,7 +23,7 @@ require_relative "version_string"
23
23
 
24
24
  class Chef
25
25
  CHEF_ROOT = File.expand_path("..", __dir__)
26
- VERSION = Chef::VersionString.new("17.4.38")
26
+ VERSION = Chef::VersionString.new("17.7.22")
27
27
  end
28
28
 
29
29
  #
@@ -49,7 +49,8 @@ class Chef
49
49
  private_class_method :method_name_from_marketing_name
50
50
 
51
51
  WIN_VERSIONS = {
52
- "Windows Server 2019" => { major: 10, minor: 0, callable: lambda { |product_type, suite_mask, build_number| product_type != VER_NT_WORKSTATION && build_number >= 17763 } },
52
+ "Windows Server 2022" => { major: 10, minor: 0, callable: lambda { |product_type, suite_mask, build_number| product_type != VER_NT_WORKSTATION && build_number >= 20348 } },
53
+ "Windows Server 2019" => { major: 10, minor: 0, callable: lambda { |product_type, suite_mask, build_number| product_type != VER_NT_WORKSTATION && build_number >= 17763 && build_number < 20348 } },
53
54
  "Windows 10" => { major: 10, minor: 0, callable: lambda { |product_type, suite_mask, build_number| product_type == VER_NT_WORKSTATION } },
54
55
  "Windows Server 2016" => { major: 10, minor: 0, callable: lambda { |product_type, suite_mask, build_number| product_type != VER_NT_WORKSTATION && build_number <= 14393 } },
55
56
  "Windows 8.1" => { major: 6, minor: 3, callable: lambda { |product_type, suite_mask, build_number| product_type == VER_NT_WORKSTATION } },
@@ -39,8 +39,8 @@ describe Chef::DSL::RebootPending, :windows_only do
39
39
  let(:reg_key) { nil }
40
40
  let(:original_set) { false }
41
41
 
42
- describe 'HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations' do
43
- let(:reg_key) { 'HKLM\SYSTEM\CurrentControlSet\Control\Session Manager' }
42
+ describe "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\PendingFileRenameOperations" do
43
+ let(:reg_key) { "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager" }
44
44
  let(:original_set) { registry.value_exists?(reg_key, { name: "PendingFileRenameOperations" }) }
45
45
 
46
46
  it "returns true if the registry value exists" do
@@ -78,7 +78,7 @@ describe Chef::DSL::RebootPending, :windows_only do
78
78
 
79
79
  describe "when there is nothing to indicate a reboot is pending" do
80
80
  it "should return false" do
81
- skip "reboot pending" if registry_value_exists?('HKLM\SYSTEM\CurrentControlSet\Control\Session Manager', { name: "PendingFileRenameOperations" }) ||
81
+ skip "reboot pending" if registry_value_exists?("HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager", { name: "PendingFileRenameOperations" }) ||
82
82
  registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired') ||
83
83
  registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending')
84
84
  expect(recipe.reboot_pending?).to be_falsey
@@ -24,7 +24,7 @@ describe Chef::Resource::RegistryKey, :windows_only do
24
24
  before(:all) do
25
25
  ::Win32::Registry::HKEY_CURRENT_USER.create "Software\\Root"
26
26
  ::Win32::Registry::HKEY_CURRENT_USER.create "Software\\Root\\Branch"
27
- ::Win32::Registry::HKEY_CURRENT_USER.open('Software\\Root', Win32::Registry::KEY_ALL_ACCESS) do |reg|
27
+ ::Win32::Registry::HKEY_CURRENT_USER.open("Software\\Root", Win32::Registry::KEY_ALL_ACCESS) do |reg|
28
28
  reg["RootType1", Win32::Registry::REG_SZ] = "fibrous"
29
29
  reg.write("Roots", Win32::Registry::REG_MULTI_SZ, ["strong roots", "healthy tree"])
30
30
  end
@@ -0,0 +1,87 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require "spec_helper"
19
+ require "tmpdir"
20
+
21
+ # Exclude this test on platforms where ffi-libarchive loading is broken
22
+ describe Chef::Resource::ArchiveFile, :libarchive_loading_broken do
23
+ include RecipeDSLHelper
24
+
25
+ let(:tmp_path) { Dir.mktmpdir }
26
+ let(:extract_destination) { "#{tmp_path}/extract_here" }
27
+ let(:test_archive_path) { File.expand_path("archive_file/test_archive.tar.gz", CHEF_SPEC_DATA) }
28
+
29
+ after do
30
+ FileUtils.remove_entry_secure(extract_destination) if File.exist?(extract_destination)
31
+ end
32
+
33
+ context "when strip_components is 0" do
34
+ it "extracts archive to destination" do
35
+ af = archive_file test_archive_path do
36
+ destination extract_destination
37
+ end
38
+ af.should_be_updated
39
+
40
+ expect(af.strip_components).to eq(0) # Validate defaults haven't changed here
41
+ expect(Dir.glob("#{extract_destination}/**/*").length).to eq(4)
42
+ expect(Dir.exist?("#{extract_destination}/folder-1")).to eq(true)
43
+ expect(File.exist?("#{extract_destination}/folder-1/file-1.txt")).to eq(true)
44
+ expect(Dir.exist?("#{extract_destination}/folder-1/folder-2")).to eq(true)
45
+ expect(File.exist?("#{extract_destination}/folder-1/folder-2/file-2.txt")).to eq(true)
46
+ end
47
+ end
48
+
49
+ context "when strip_components is 1" do
50
+ it "extracts archive to destination, with 1 component stripped" do
51
+ archive_file test_archive_path do
52
+ destination extract_destination
53
+ strip_components 1
54
+ end.should_be_updated
55
+
56
+ expect(Dir.exist?("#{extract_destination}/folder-1")).to eq(false)
57
+ expect(File.exist?("#{extract_destination}/folder-1/file-1.txt")).to eq(false)
58
+ expect(Dir.exist?("#{extract_destination}/folder-1/folder-2")).to eq(false)
59
+ expect(File.exist?("#{extract_destination}/folder-1/folder-2/file-2.txt")).to eq(false)
60
+
61
+ expect(Dir.glob("#{extract_destination}/**/*").length).to eq(3)
62
+ expect(File.exist?("#{extract_destination}/file-1.txt")).to eq(true)
63
+ expect(Dir.exist?("#{extract_destination}/folder-2")).to eq(true)
64
+ expect(File.exist?("#{extract_destination}/folder-2/file-2.txt")).to eq(true)
65
+ end
66
+ end
67
+
68
+ context "when strip_components is 2" do
69
+ it "extracts archive to destination, with 2 components stripped" do
70
+ archive_file test_archive_path do
71
+ destination extract_destination
72
+ strip_components 2
73
+ end.should_be_updated
74
+
75
+ expect(Dir.exist?("#{extract_destination}/folder-1")).to eq(false)
76
+ expect(File.exist?("#{extract_destination}/folder-1/file-1.txt")).to eq(false)
77
+ expect(Dir.exist?("#{extract_destination}/folder-1/folder-2")).to eq(false)
78
+ expect(File.exist?("#{extract_destination}/folder-1/folder-2/file-2.txt")).to eq(false)
79
+ expect(File.exist?("#{extract_destination}/file-1.txt")).to eq(false)
80
+ expect(Dir.exist?("#{extract_destination}/folder-2")).to eq(false)
81
+ expect(File.exist?("#{extract_destination}/folder-2/file-2.txt")).to eq(false)
82
+
83
+ expect(Dir.glob("#{extract_destination}/**/*").length).to eq(1)
84
+ expect(File.exist?("#{extract_destination}/file-2.txt")).to eq(true)
85
+ end
86
+ end
87
+ end
@@ -85,7 +85,7 @@ describe Chef::Resource::DscScript, :windows_powershell_dsc_only, :ruby64_only d
85
85
  let(:dsc_test_resource_base) do
86
86
  Chef::Resource::DscScript.new(dsc_test_resource_name, dsc_test_run_context)
87
87
  end
88
- let(:test_registry_key) { 'HKEY_LOCAL_MACHINE\Software\Chef\Spec\Functional\Resource\dsc_script_spec' }
88
+ let(:test_registry_key) { "HKEY_LOCAL_MACHINE\\Software\\Chef\\Spec\\Functional\\Resource\\dsc_script_spec" }
89
89
  let(:test_registry_value) { "Registration" }
90
90
  let(:test_registry_data1) { "LL927" }
91
91
  let(:test_registry_data2) { "LL928" }
@@ -394,7 +394,7 @@ describe Chef::Resource::DscScript, :windows_powershell_dsc_only, :ruby64_only d
394
394
  dsc_test_run_context.node.consume_external_attrs(OHAI_SYSTEM.data, {})
395
395
  end
396
396
 
397
- let(:configuration_data_path) { 'C:\\configurationdata.psd1' }
397
+ let(:configuration_data_path) { "C:\\configurationdata.psd1" }
398
398
 
399
399
  let(:self_signed_cert_path) do
400
400
  File.join(CHEF_SPEC_DATA, "dsc_lcm.pfx")
@@ -44,6 +44,10 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do
44
44
  members.shift # Get rid of GroupMembership: string
45
45
  members.include?(user)
46
46
  else
47
+ # TODO For some reason our temporary AIX 7.2 system does not correctly report group membership immediately after changes have been made.
48
+ # Adding a 2 second delay for this platform is enough to get correct results.
49
+ # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617
50
+ sleep 2 if aix? && (ohai[:platform_version] == "7.2")
47
51
  Etc.getgrnam(group_name).mem.include?(user)
48
52
  end
49
53
  end
@@ -181,7 +185,7 @@ describe Chef::Resource::Group, :requires_root_or_running_windows do
181
185
 
182
186
  describe "when the users exist" do
183
187
  before do
184
- high_uid = 30000
188
+ high_uid = 40000
185
189
  (spec_members).each do |member|
186
190
  remove_user(member)
187
191
  create_user(member, high_uid)
@@ -345,9 +345,17 @@ describe Chef::Resource::Link do
345
345
  let(:test_user) { "test-link-user" }
346
346
  before do
347
347
  user(test_user).run_action(:create)
348
+ # TODO For some reason our temporary AIX 7.2 system does not correctly report user existence immediately after changes have been made.
349
+ # Adding a 2 second delay for this platform is enough to get correct results.
350
+ # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617
351
+ sleep 2 if aix? && (ohai[:platform_version] == "7.2")
348
352
  end
349
353
  after do
350
354
  user(test_user).run_action(:remove)
355
+ # TODO For some reason our temporary AIX 7.2 system does not correctly report user existence immediately after changes have been made.
356
+ # Adding a 2 second delay for this platform is enough to get correct results.
357
+ # We hope to remove this delay after we get more permanent AIX 7.2 systems in our CI pipeline. reference: https://github.com/chef/release-engineering/issues/1617
358
+ sleep 2 if aix? && (ohai[:platform_version] == "7.2")
351
359
  end
352
360
  before(:each) do
353
361
  resource.owner(test_user)
@@ -0,0 +1,119 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+ require "spec_helper"
18
+
19
+ describe Chef::Resource::MacosUserDefaults, :macos_only, requires_root: true do
20
+ def create_resource
21
+ node = Chef::Node.new
22
+ events = Chef::EventDispatch::Dispatcher.new
23
+ run_context = Chef::RunContext.new(node, {}, events)
24
+ resource = Chef::Resource::MacosUserDefaults.new("test", run_context)
25
+ resource
26
+ end
27
+
28
+ let(:resource) do
29
+ create_resource
30
+ end
31
+
32
+ context "has a default value" do
33
+ it ":macos_userdefaults for resource name" do
34
+ expect(resource.name).to eq("test")
35
+ end
36
+
37
+ it "NSGlobalDomain for the domain property" do
38
+ expect(resource.domain).to eq("NSGlobalDomain")
39
+ end
40
+
41
+ it "nil for the host property" do
42
+ expect(resource.host).to be_nil
43
+ end
44
+
45
+ it "nil for the user property" do
46
+ expect(resource.user).to be_nil
47
+ end
48
+
49
+ it ":write for resource action" do
50
+ expect(resource.action).to eq([:write])
51
+ end
52
+ end
53
+
54
+ it "supports :write, :delete actions" do
55
+ expect { resource.action :write }.not_to raise_error
56
+ expect { resource.action :delete }.not_to raise_error
57
+ end
58
+
59
+ context "can process expected data" do
60
+ it "set array values" do
61
+ resource.domain "/Library/Preferences/ManagedInstalls"
62
+ resource.key "TestArrayValues"
63
+ resource.value [ "/Library/Managed Installs/fake.log", "/Library/Managed Installs/also_fake.log"]
64
+ resource.run_action(:write)
65
+ expect(resource.get_preference resource).to eq([ "/Library/Managed Installs/fake.log", "/Library/Managed Installs/also_fake.log"])
66
+ end
67
+
68
+ it "set dictionary value" do
69
+ resource.domain "/Library/Preferences/ManagedInstalls"
70
+ resource.key "TestDictionaryValues"
71
+ resource.value "User": "/Library/Managed Installs/way_fake.log"
72
+ resource.run_action(:write)
73
+ expect(resource.get_preference resource).to eq("User" => "/Library/Managed Installs/way_fake.log")
74
+ end
75
+
76
+ it "set array of dictionaries" do
77
+ resource.domain "/Library/Preferences/ManagedInstalls"
78
+ resource.key "TestArrayWithDictionary"
79
+ resource.value [ { "User": "/Library/Managed Installs/way_fake.log" } ]
80
+ resource.run_action(:write)
81
+ expect(resource.get_preference resource).to eq([ { "User" => "/Library/Managed Installs/way_fake.log" } ])
82
+ end
83
+
84
+ it "set boolean for preference value" do
85
+ resource.domain "/Library/Preferences/ManagedInstalls"
86
+ resource.key "TestBooleanValue"
87
+ resource.value true
88
+ resource.run_action(:write)
89
+ expect(resource.get_preference resource).to eq(true)
90
+ end
91
+
92
+ it "sets value to global domain when domain is not passed" do
93
+ resource.key "TestKey"
94
+ resource.value 1
95
+ resource.run_action(:write)
96
+ expect(resource.get_preference resource).to eq(1)
97
+ end
98
+
99
+ it "short domain names" do
100
+ resource.domain "com.apple.dock"
101
+ resource.key "titlesize"
102
+ resource.value "20"
103
+ resource.run_action(:write)
104
+ expect(resource.get_preference resource).to eq("20")
105
+ end
106
+ end
107
+
108
+ it "we can delete a preference with full path" do
109
+ resource.domain "/Library/Preferences/ManagedInstalls"
110
+ resource.key "TestKey"
111
+ expect { resource.run_action(:delete) }. to_not raise_error
112
+ end
113
+
114
+ it "we can delete a preference with short name" do
115
+ resource.domain "com.apple.dock"
116
+ resource.key "titlesize"
117
+ expect { resource.run_action(:delete) }. to_not raise_error
118
+ end
119
+ end
@@ -22,7 +22,7 @@ describe Chef::Resource::PowershellPackageSource, :windows_gte_10 do
22
22
  include Chef::Mixin::PowershellExec
23
23
 
24
24
  let(:source_name) { "fake" }
25
- let(:url) { "https://www.nuget.org/api/v2" }
25
+ let(:source_location) { "https://www.nuget.org/api/v2" }
26
26
  let(:trusted) { true }
27
27
 
28
28
  let(:run_context) do
@@ -32,7 +32,7 @@ describe Chef::Resource::PowershellPackageSource, :windows_gte_10 do
32
32
  subject do
33
33
  new_resource = Chef::Resource::PowershellPackageSource.new("test powershell package source", run_context)
34
34
  new_resource.source_name source_name
35
- new_resource.url url
35
+ new_resource.source_location source_location
36
36
  new_resource.trusted trusted
37
37
  new_resource.provider_name provider_name
38
38
  new_resource
@@ -61,7 +61,7 @@ describe Chef::Resource::PowershellPackageSource, :windows_gte_10 do
61
61
  it "updates an existing package source if changed" do
62
62
  subject.run_action(:register)
63
63
  subject.trusted !trusted
64
- subject.run_action(:register)
64
+ subject.run_action(:set)
65
65
  expect(subject).to be_updated_by_last_action
66
66
  end
67
67
  end
@@ -73,9 +73,8 @@ describe Chef::Resource::PowershellPackageSource, :windows_gte_10 do
73
73
  expect(get_installed_package_source_name).to be_empty
74
74
  end
75
75
 
76
- it "does not unregister the package source if not already installed" do
77
- subject.run_action(:unregister)
78
- expect(subject).not_to be_updated_by_last_action
76
+ it "does not unregister the package source if not installed" do
77
+ expect { subject.run_action(:unregister) }.to_not raise_error
79
78
  end
80
79
  end
81
80
  end