chef 17.5.22 → 17.7.29

Sign up to get free protection for your applications and to get access to all the features.
Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -0
  3. data/chef.gemspec +1 -0
  4. data/lib/chef/chef_fs/file_pattern.rb +1 -1
  5. data/lib/chef/chef_fs/path_utils.rb +1 -1
  6. data/lib/chef/data_collector/run_end_message.rb +1 -1
  7. data/lib/chef/dsl/reboot_pending.rb +1 -1
  8. data/lib/chef/exceptions.rb +10 -0
  9. data/lib/chef/provider/cron.rb +4 -1
  10. data/lib/chef/provider/git.rb +1 -1
  11. data/lib/chef/provider/ifconfig/debian.rb +1 -1
  12. data/lib/chef/provider/package/habitat.rb +1 -1
  13. data/lib/chef/provider/subversion.rb +5 -5
  14. data/lib/chef/resource/archive_file.rb +1 -1
  15. data/lib/chef/resource/chef_client_trusted_certificate.rb +1 -0
  16. data/lib/chef/resource/chocolatey_config.rb +1 -1
  17. data/lib/chef/resource/chocolatey_feature.rb +1 -1
  18. data/lib/chef/resource/chocolatey_source.rb +24 -2
  19. data/lib/chef/resource/directory.rb +1 -1
  20. data/lib/chef/resource/habitat_install.rb +5 -5
  21. data/lib/chef/resource/inspec_input.rb +7 -8
  22. data/lib/chef/resource/inspec_waiver.rb +7 -8
  23. data/lib/chef/resource/inspec_waiver_file_entry.rb +1 -1
  24. data/lib/chef/resource/kernel_module.rb +27 -2
  25. data/lib/chef/resource/macos_userdefaults.rb +45 -133
  26. data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
  27. data/lib/chef/resource/powershell_package_source.rb +234 -70
  28. data/lib/chef/resource/windows_auto_run.rb +1 -1
  29. data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
  30. data/lib/chef/resource/windows_update_settings.rb +3 -3
  31. data/lib/chef/resource.rb +1 -1
  32. data/lib/chef/resource_reporter.rb +1 -1
  33. data/lib/chef/secret_fetcher/azure_key_vault.rb +62 -8
  34. data/lib/chef/secret_fetcher.rb +0 -1
  35. data/lib/chef/version.rb +1 -1
  36. data/lib/chef/win32/version.rb +2 -1
  37. data/spec/functional/dsl/reboot_pending_spec.rb +3 -3
  38. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  39. data/spec/functional/resource/dsc_script_spec.rb +2 -2
  40. data/spec/functional/resource/macos_userdefaults_spec.rb +119 -0
  41. data/spec/functional/resource/powershell_package_source_spec.rb +5 -6
  42. data/spec/functional/resource/registry_spec.rb +81 -81
  43. data/spec/functional/win32/registry_spec.rb +8 -8
  44. data/spec/unit/data_collector_spec.rb +24 -1
  45. data/spec/unit/dsl/reboot_pending_spec.rb +1 -1
  46. data/spec/unit/mixin/default_paths_spec.rb +1 -1
  47. data/spec/unit/mixin/securable_spec.rb +3 -3
  48. data/spec/unit/provider/cron_spec.rb +45 -0
  49. data/spec/unit/provider/package/rubygems_spec.rb +5 -5
  50. data/spec/unit/provider/package/windows_spec.rb +1 -1
  51. data/spec/unit/provider/registry_key_spec.rb +4 -4
  52. data/spec/unit/provider/service/windows_spec.rb +5 -5
  53. data/spec/unit/provider/subversion_spec.rb +4 -4
  54. data/spec/unit/provider/windows_env_spec.rb +1 -1
  55. data/spec/unit/provider/zypper_repository_spec.rb +1 -1
  56. data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +14 -0
  57. data/spec/unit/resource/chocolatey_config_spec.rb +1 -1
  58. data/spec/unit/resource/chocolatey_feature_spec.rb +1 -1
  59. data/spec/unit/resource/chocolatey_source_spec.rb +1 -1
  60. data/spec/unit/resource/kernel_module_spec.rb +2 -1
  61. data/spec/unit/resource/macos_user_defaults_spec.rb +36 -96
  62. data/spec/unit/resource/powershell_package_source_spec.rb +63 -62
  63. data/spec/unit/resource/registry_key_spec.rb +10 -10
  64. data/spec/unit/resource/windows_auto_run_spec.rb +1 -1
  65. data/spec/unit/resource/windows_feature_powershell_spec.rb +1 -1
  66. data/spec/unit/resource/windows_firewall_rule_spec.rb +2 -2
  67. data/spec/unit/resource/windows_task_spec.rb +3 -3
  68. data/spec/unit/resource_reporter_spec.rb +2 -2
  69. data/spec/unit/resource_spec.rb +5 -0
  70. data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +99 -20
  71. data/spec/unit/util/backup_spec.rb +1 -1
  72. data/spec/unit/win32/registry_spec.rb +3 -3
  73. metadata +21 -6
@@ -33,14 +33,15 @@ describe Chef::Resource::PowershellPackageSource do
33
33
  expect(resource.action).to eql([:register])
34
34
  end
35
35
 
36
- it "supports :register and :unregister actions" do
36
+ it "supports :register, :set and :unregister actions" do
37
37
  expect { resource.action :register }.not_to raise_error
38
+ expect { resource.action :set }.not_to raise_error
38
39
  expect { resource.action :unregister }.not_to raise_error
39
40
  end
40
41
 
41
42
  it "the url property accepts strings" do
42
- resource.url("https://mygallery.company.co/api/v2/")
43
- expect(resource.url).to eql("https://mygallery.company.co/api/v2/")
43
+ resource.source_location("https://mygallery.company.co/api/v2/")
44
+ expect(resource.source_location).to eql("https://mygallery.company.co/api/v2/")
44
45
  end
45
46
 
46
47
  it "the trusted property accepts true and false" do
@@ -54,7 +55,7 @@ describe Chef::Resource::PowershellPackageSource do
54
55
  expect(resource.trusted).to eql(false)
55
56
  end
56
57
 
57
- it "provider_name accepts 'Programs', 'msi', 'NuGet', 'msu', 'PowerShellGet', 'psl', 'chocolatey'" do
58
+ it "provider_name accepts 'Programs', 'msi', 'NuGet', 'msu', 'PowerShellGet', 'psl', 'chocolatey', 'winget'" do
58
59
  expect { resource.provider_name("Programs") }.not_to raise_error
59
60
  expect { resource.provider_name("msi") }.not_to raise_error
60
61
  expect { resource.provider_name("NuGet") }.not_to raise_error
@@ -62,6 +63,7 @@ describe Chef::Resource::PowershellPackageSource do
62
63
  expect { resource.provider_name("PowerShellGet") }.not_to raise_error
63
64
  expect { resource.provider_name("psl") }.not_to raise_error
64
65
  expect { resource.provider_name("chocolatey") }.not_to raise_error
66
+ expect { resource.provider_name("winget") }.not_to raise_error
65
67
  end
66
68
 
67
69
  it "the publish_location property accepts strings" do
@@ -70,75 +72,76 @@ describe Chef::Resource::PowershellPackageSource do
70
72
  end
71
73
 
72
74
  it "the script_source_location property accepts strings" do
73
- resource.publish_location("https://mygallery.company.co/api/v2/scripts")
74
- expect(resource.publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
75
+ resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
76
+ expect(resource.script_source_location).to eql("https://mygallery.company.co/api/v2/scripts")
75
77
  end
76
78
 
77
79
  it "the script_publish_location property accepts strings" do
78
- resource.publish_location("https://mygallery.company.co/api/v2/scripts")
79
- expect(resource.publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
80
+ resource.script_publish_location("https://mygallery.company.co/api/v2/scripts")
81
+ expect(resource.script_publish_location).to eql("https://mygallery.company.co/api/v2/scripts")
80
82
  end
81
83
 
82
84
  describe "#build_ps_repository_command" do
83
85
  before do
84
86
  resource.source_name("MyGallery")
85
- resource.url("https://mygallery.company.co/api/v2/")
87
+ resource.source_location("https://github.com/chef/powershell_test")
88
+ resource.provider_name("PowerShellGet")
86
89
  end
87
90
 
88
91
  context "#register" do
89
92
  it "builds a minimal command" do
90
- expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
93
+ expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' | Out-Null")
91
94
  end
92
95
 
93
96
  it "builds a command with trusted set to true" do
94
97
  resource.trusted(true)
95
- expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Trusted' | Out-Null")
98
+ expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Trusted' | Out-Null")
96
99
  end
97
100
 
98
101
  it "builds a command with a publish location" do
99
- resource.publish_location("https://mygallery.company.co/api/v2/package")
100
- expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -PublishLocation 'https://mygallery.company.co/api/v2/package' | Out-Null")
102
+ resource.publish_location("https://github.com/chef/powershell_test/package")
103
+ expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -PublishLocation 'https://github.com/chef/powershell_test/package' | Out-Null")
101
104
  end
102
105
 
103
106
  it "builds a command with a script source location" do
104
- resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
105
- expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://mygallery.company.co/api/v2/scripts' | Out-Null")
107
+ resource.script_source_location("https://github.com/chef/powershell_test/scripts")
108
+ expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://github.com/chef/powershell_test/scripts' | Out-Null")
106
109
  end
107
110
 
108
111
  it "builds a command with a script publish location" do
109
- resource.script_publish_location("https://mygallery.company.co/api/v2/scripts/package")
110
- expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://mygallery.company.co/api/v2/scripts/package' | Out-Null")
112
+ resource.script_publish_location("https://github.com/chef/powershell_test/scripts/package")
113
+ expect(provider.build_ps_repository_command("Register", resource)).to eql("Register-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://github.com/chef/powershell_test/scripts/package' | Out-Null")
111
114
  end
112
115
  end
113
116
 
114
117
  context "#set" do
115
118
  it "builds a minimal command" do
116
- expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
119
+ expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' | Out-Null")
117
120
  end
118
121
 
119
122
  it "builds a command to change the url" do
120
- resource.url("https://othergallery.company.co/api/v2/")
123
+ resource.source_location("https://othergallery.company.co/api/v2/")
121
124
  expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://othergallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' | Out-Null")
122
125
  end
123
126
 
124
127
  it "builds a command with trusted set to true" do
125
128
  resource.trusted(true)
126
- expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Trusted' | Out-Null")
129
+ expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Trusted' | Out-Null")
127
130
  end
128
131
 
129
132
  it "builds a command with a publish location" do
130
- resource.publish_location("https://mygallery.company.co/api/v2/package")
131
- expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -PublishLocation 'https://mygallery.company.co/api/v2/package' | Out-Null")
133
+ resource.publish_location("https://github.com/chef/powershell_test/package")
134
+ expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -PublishLocation 'https://github.com/chef/powershell_test/package' | Out-Null")
132
135
  end
133
136
 
134
137
  it "builds a command with a script source location" do
135
- resource.script_source_location("https://mygallery.company.co/api/v2/scripts")
136
- expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://mygallery.company.co/api/v2/scripts' | Out-Null")
138
+ resource.script_source_location("https://github.com/chef/powershell_test/scripts")
139
+ expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptSourceLocation 'https://github.com/chef/powershell_test/scripts' | Out-Null")
137
140
  end
138
141
 
139
142
  it "builds a command with a script publish location" do
140
- resource.script_publish_location("https://mygallery.company.co/api/v2/scripts/package")
141
- expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://mygallery.company.co/api/v2/' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://mygallery.company.co/api/v2/scripts/package' | Out-Null")
143
+ resource.script_publish_location("https://github.com/chef/powershell_test/scripts/package")
144
+ expect(provider.build_ps_repository_command("Set", resource)).to eql("Set-PSRepository -Name 'MyGallery' -SourceLocation 'https://github.com/chef/powershell_test' -InstallationPolicy 'Untrusted' -ScriptPublishLocation 'https://github.com/chef/powershell_test/scripts/package' | Out-Null")
142
145
  end
143
146
  end
144
147
  end
@@ -146,74 +149,72 @@ describe Chef::Resource::PowershellPackageSource do
146
149
  describe "#build_package_source_command" do
147
150
  before do
148
151
  resource.source_name("NuGet")
149
- resource.url("http://nuget.org/api/v2/")
152
+ resource.source_location("http://nuget.org/api/v2/")
150
153
  end
151
154
 
152
155
  context "#register" do
153
156
  it "builds a minimal command" do
154
- expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
157
+ expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -ProviderName 'NuGet' | Out-Null")
155
158
  end
156
159
 
157
160
  it "builds a command with trusted set to true" do
158
161
  resource.trusted(true)
159
- expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$true -ProviderName 'NuGet' | Out-Null")
162
+ expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted -ProviderName 'NuGet' | Out-Null")
160
163
  end
161
164
 
162
165
  it "builds a command with a different provider" do
163
166
  resource.source_name("choco")
164
- resource.url("https://chocolatey.org/api/v2/")
167
+ resource.source_location("https://chocolatey.org/api/v2/")
165
168
  resource.provider_name("chocolatey")
166
- expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -Trusted:$false -ProviderName 'chocolatey' | Out-Null")
169
+ expect(provider.build_package_source_command("Register", resource)).to eql("Register-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -ProviderName 'chocolatey' | Out-Null")
167
170
  end
168
171
  end
169
172
 
170
173
  context "#set" do
171
174
  it "builds a minimal command" do
172
- expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
175
+ expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -ProviderName 'NuGet' | Out-Null")
173
176
  end
174
177
 
175
178
  it "builds a command to change the url" do
176
- resource.url("https://nuget.company.co/api/v2/")
177
- expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'https://nuget.company.co/api/v2/' -Trusted:$false -ProviderName 'NuGet' | Out-Null")
179
+ resource.source_location("https://nuget.company.co/api/v2/")
180
+ expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'https://nuget.company.co/api/v2/' -ProviderName 'NuGet' | Out-Null")
178
181
  end
179
182
 
180
183
  it "builds a command with trusted set to true" do
181
184
  resource.trusted(true)
182
- expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted:$true -ProviderName 'NuGet' | Out-Null")
185
+ expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'NuGet' -Location 'http://nuget.org/api/v2/' -Trusted -ProviderName 'NuGet' | Out-Null")
183
186
  end
184
187
 
185
188
  it "builds a command with a different provider" do
186
189
  resource.source_name("choco")
187
- resource.url("https://chocolatey.org/api/v2/")
190
+ resource.source_location("https://chocolatey.org/api/v2/")
188
191
  resource.provider_name("chocolatey")
189
- expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -Trusted:$false -ProviderName 'chocolatey' | Out-Null")
192
+ expect(provider.build_package_source_command("Set", resource)).to eql("Set-PackageSource -Name 'choco' -Location 'https://chocolatey.org/api/v2/' -ProviderName 'chocolatey' | Out-Null")
190
193
  end
191
194
  end
192
195
  end
193
196
 
194
- describe "#psrepository_cmdlet_appropriate?" do
195
- it "returns true if the provider_name is 'PowerShellGet'" do
196
- resource.provider_name("PowerShellGet")
197
- expect(provider.psrepository_cmdlet_appropriate?).to eql(true)
198
- end
199
-
200
- it "returns false if the provider_name is something else" do
201
- resource.provider_name("NuGet")
202
- expect(provider.psrepository_cmdlet_appropriate?).to eql(false)
203
- end
204
- end
205
-
206
- describe "#package_source_exists?" do
207
- it "returns true if it exists" do
208
- allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: "MyGallery\r\n"))
209
- resource.source_name("MyGallery")
210
- expect(provider.package_source_exists?).to eql(true)
211
- end
212
-
213
- it "returns false if it doesn't exist" do
214
- allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: ""))
215
- resource.source_name("MyGallery")
216
- expect(provider.package_source_exists?).to eql(false)
217
- end
218
- end
197
+ # describe "get_package_source_details" do
198
+ # before do
199
+ # resource.source_name("MyGallery")
200
+ # resource.source_location("http://nuget.org/api/v2/")
201
+ # provider.build_package_source_command("Register", resource)
202
+ # end
203
+
204
+ # # stub a call to the package_source_details
205
+ # expect(provider).to receive(:get_package_source_details).and_return("PackageSource")
206
+ # it "returns packagesource if it exists" do
207
+ # # dbl = double("testing PackageSource")
208
+ # # let(source_name)
209
+ # # # allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'MyGallery' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: "PackageSource"))
210
+ # # resource.source_name("MyGallery")
211
+ # expect(provider.get_package_source_details.result).to eql("PackageSource")
212
+ # end
213
+
214
+ # it "returns unregistered if it doesn't exist" do
215
+ # # allow(provider).to receive(:powershell_exec!).with("(Get-PackageSource -Name 'Foo' -ErrorAction SilentlyContinue).Name").and_return(double("powershell_exec!", result: ""))
216
+ # resource.source_name("Foo")
217
+ # expect(provider.get_package_source_details.result).to eql("Unregistered")
218
+ # end
219
+ # end
219
220
  end
@@ -19,14 +19,14 @@
19
19
  require "spec_helper"
20
20
 
21
21
  describe Chef::Resource::RegistryKey, "initialize" do
22
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
22
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
23
23
 
24
24
  it "sets the resource_name to :registry_key" do
25
25
  expect(resource.resource_name).to eql(:registry_key)
26
26
  end
27
27
 
28
28
  it "the key property is the name_property" do
29
- expect(resource.key).to eql('HKCU\Software\Raxicoricofallapatorius')
29
+ expect(resource.key).to eql("HKCU\\Software\\Raxicoricofallapatorius")
30
30
  end
31
31
 
32
32
  it "sets the default action as :create" do
@@ -60,11 +60,11 @@ describe Chef::Resource::RegistryKey, "initialize" do
60
60
  end
61
61
 
62
62
  describe Chef::Resource::RegistryKey, "key" do
63
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
63
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
64
64
 
65
65
  it "allows a string" do
66
- resource.key 'HKCU\Software\Poosh'
67
- expect(resource.key).to eql('HKCU\Software\Poosh')
66
+ resource.key "HKCU\\Software\\Poosh"
67
+ expect(resource.key).to eql("HKCU\\Software\\Poosh")
68
68
  end
69
69
 
70
70
  it "does not allow an integer" do
@@ -77,7 +77,7 @@ describe Chef::Resource::RegistryKey, "key" do
77
77
  end
78
78
 
79
79
  describe Chef::Resource::RegistryKey, "values" do
80
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
80
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
81
81
 
82
82
  it "allows a single proper hash of registry values" do
83
83
  resource.values( { name: "poosh", type: :string, data: "carmen" } )
@@ -140,7 +140,7 @@ describe Chef::Resource::RegistryKey, "values" do
140
140
  end
141
141
 
142
142
  describe Chef::Resource::RegistryKey, "recursive" do
143
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
143
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
144
144
 
145
145
  it "allows a boolean" do
146
146
  resource.recursive(true)
@@ -165,7 +165,7 @@ describe Chef::Resource::RegistryKey, "recursive" do
165
165
  end
166
166
 
167
167
  describe Chef::Resource::RegistryKey, "architecture" do
168
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
168
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
169
169
 
170
170
  %i{i386 x86_64 machine}.each do |arch|
171
171
  it "allows #{arch} as a symbol" do
@@ -196,7 +196,7 @@ describe Chef::Resource::RegistryKey, "architecture" do
196
196
  end
197
197
 
198
198
  describe Chef::Resource::RegistryKey, ":unscrubbed_values" do
199
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
199
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
200
200
 
201
201
  it "returns unsafe data as-is" do
202
202
  key_values = [ { name: "poosh", type: :binary, data: 255.chr * 1 } ]
@@ -206,7 +206,7 @@ describe Chef::Resource::RegistryKey, ":unscrubbed_values" do
206
206
  end
207
207
 
208
208
  describe Chef::Resource::RegistryKey, "state" do
209
- let(:resource) { Chef::Resource::RegistryKey.new('HKCU\Software\Raxicoricofallapatorius') }
209
+ let(:resource) { Chef::Resource::RegistryKey.new("HKCU\\Software\\Raxicoricofallapatorius") }
210
210
 
211
211
  it "returns scrubbed values" do
212
212
  resource.values([ { name: "poosh", type: :binary, data: 255.chr * 1 } ])
@@ -45,6 +45,6 @@ describe Chef::Resource::WindowsAutorun do
45
45
 
46
46
  it "coerces forward slashes to backslashes for the path" do
47
47
  resource.path "C:/something.exe"
48
- expect(resource.path).to eql('C:\\something.exe')
48
+ expect(resource.path).to eql("C:\\something.exe")
49
49
  end
50
50
  end
@@ -76,7 +76,7 @@ describe Chef::Resource::WindowsFeaturePowershell do
76
76
  node.default["powershell_features_cache"]["disabled"] = ["dhcp"]
77
77
  node.default["powershell_features_cache"]["removed"] = ["snmp"]
78
78
  resource.feature_name "dhcp, snmp"
79
- resource.source 'D:\\sources\\sxs'
79
+ resource.source "D:\\sources\\sxs"
80
80
 
81
81
  expect(provider.features_to_install).to eq(%w{dhcp snmp})
82
82
  end
@@ -377,7 +377,7 @@ describe Chef::Resource::WindowsFirewallRule do
377
377
  resource.icmp_type("Any")
378
378
  resource.firewall_action(:notconfigured)
379
379
  resource.profile(:domain)
380
- resource.program('%WINDIR%\System32\lsass.exe')
380
+ resource.program("%WINDIR%\\System32\\lsass.exe")
381
381
  resource.service("SomeService")
382
382
  resource.interface_type(:remoteaccess)
383
383
  resource.enabled(false)
@@ -499,7 +499,7 @@ describe Chef::Resource::WindowsFirewallRule do
499
499
  resource.icmp_type("Any")
500
500
  resource.firewall_action(:notconfigured)
501
501
  resource.profile(:domain)
502
- resource.program('%WINDIR%\System32\lsass.exe')
502
+ resource.program("%WINDIR%\\System32\\lsass.exe")
503
503
  resource.service("SomeService")
504
504
  resource.interface_type(:remoteaccess)
505
505
  resource.enabled(false)
@@ -75,7 +75,7 @@ describe Chef::Resource::WindowsTask, :windows_only do
75
75
  context "a System User" do
76
76
  before do
77
77
  resource.frequency :hourly
78
- resource.user 'NT AUTHORITY\SYSTEM'
78
+ resource.user "NT AUTHORITY\\SYSTEM"
79
79
  end
80
80
 
81
81
  context "for an interactive task" do
@@ -88,7 +88,7 @@ describe Chef::Resource::WindowsTask, :windows_only do
88
88
  expect { resource.after_created }.to raise_error(ArgumentError, "Password is not required for system users.")
89
89
  end
90
90
  it "does not raises an error even when user is in lowercase" do
91
- resource.user 'nt authority\system'
91
+ resource.user "nt authority\\system"
92
92
  expect { resource.after_created }.to_not raise_error
93
93
  end
94
94
  end
@@ -103,7 +103,7 @@ describe Chef::Resource::WindowsTask, :windows_only do
103
103
  expect { resource.after_created }.to raise_error(ArgumentError, "Password is not required for system users.")
104
104
  end
105
105
  it "does not raises an error even when user is in lowercase" do
106
- resource.user 'nt authority\system'
106
+ resource.user "nt authority\\system"
107
107
  expect { resource.after_created }.to_not raise_error
108
108
  end
109
109
  end
@@ -494,7 +494,7 @@ describe Chef::ResourceReporter do
494
494
 
495
495
  context "when the resource is a RegistryKey with binary data" do
496
496
  let(:new_resource) do
497
- resource = Chef::Resource::RegistryKey.new('Wubba\Lubba\Dub\Dubs')
497
+ resource = Chef::Resource::RegistryKey.new("Wubba\\Lubba\\Dub\\Dubs")
498
498
  resource.values([ { name: "rick", type: :binary, data: 255.chr * 1 } ])
499
499
  allow(resource).to receive(:cookbook_name).and_return(cookbook_name)
500
500
  allow(resource).to receive(:cookbook_version).and_return(cookbook_version)
@@ -502,7 +502,7 @@ describe Chef::ResourceReporter do
502
502
  end
503
503
 
504
504
  let(:current_resource) do
505
- resource = Chef::Resource::RegistryKey.new('Wubba\Lubba\Dub\Dubs')
505
+ resource = Chef::Resource::RegistryKey.new("Wubba\\Lubba\\Dub\\Dubs")
506
506
  resource.values([ { name: "rick", type: :binary, data: 255.chr * 1 } ])
507
507
  resource
508
508
  end
@@ -348,6 +348,11 @@ describe Chef::Resource do
348
348
  it "should recognize dynamically defined resources" do
349
349
  expect(resource.defined_at).to eq("dynamically defined")
350
350
  end
351
+
352
+ it "should return nil for the cookbook_version when the cookbook_name is @recipe_files" do
353
+ resource.cookbook_name = "@recipe_files"
354
+ expect(resource.cookbook_version).to be nil
355
+ end
351
356
  end
352
357
 
353
358
  describe "to_s" do
@@ -20,51 +20,130 @@
20
20
  require_relative "../../spec_helper"
21
21
  require "chef/secret_fetcher"
22
22
  require "chef/secret_fetcher/azure_key_vault"
23
+ require "net/http/responses"
23
24
 
24
25
  describe Chef::SecretFetcher::AzureKeyVault do
25
- let(:config) { { vault: "my_vault" } }
26
+ let(:config) { { vault: "my-vault" } }
26
27
  let(:fetcher) { Chef::SecretFetcher::AzureKeyVault.new(config, nil) }
28
+ let(:secrets_response_body) { '{ "value" : "my secret value" }' }
29
+ let(:secrets_response_mock) do
30
+ rm = Net::HTTPSuccess.new("1.0", "400", "OK")
31
+ allow(rm).to receive(:body).and_return(secrets_response_body)
32
+ rm
33
+ end
34
+ let(:token_response_body) { %Q({"access_token":"#{access_token}","client_id":"#{client_id}","expires_in":"86294","expires_on":"1627761860","ext_expires_in":"86399","not_before":"1627675160","resource":"https://vault.azure.net","token_type":"Bearer"}) }
35
+ let(:access_token) { "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyIsImtpZCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyJ9.eyJhdWQiOiJodHRwczovL3ZhdWx0LmF6dXJlLm5ldCIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2E5ZTY2ZDhkLTA1ZTAtNGMwMC1iOWRkLWM0Yjc3M2U5MWNhNi8iLCJpYXQiOjE2Mjc2NzUxNjAsIm5iZiI6MTYyNzY3NTE2MCwiZXhwIjoxNjI3NzYxODYwLCJhaW8iOiJFMlpnWUhCWGplaTdWS214eEh6bjdoSWpNZFlMQUE9PSIsImFwcGlkIjoiNjU2Mjc1MjEtMzYzYi00ZDk2LTkyMTctMjcIsIm9pZCI6IjNiZjI1NjVhLWY4NWQtNDBiNy1hZWJkLTNlZDA1ZDA0N2FmNiIsInJoIjoiMC5BUk1BalczbXFlQUZBRXk1M2NTM2Mta2NwaUYxWW1VN05wWk5raGNuRGpuZEwxb1RBQUEuIiwic3ViIjoiM2JmMjU2NWEtZjg1ZC00MGI3LWFlYmQtM2VkMDVkMDQ3YWY2IiwidGlkIjoiYTllNjZkOGQtMDVlMC00YzAwLWI5ZGQtYzRiNzczZTkxY2E2IiwidXRpIjoibXlzeHpSRTV3ay1ibTFlYkNqc09BQSIsInZlciI6IjEuMCIsInhtc19taXJpZCI6Ii9zdWJzY3JpcHRpb25zLzYzNDJkZDZkLTc1NTQtNDJjOS04NTM2LTdkZmU3MmY1MWZhZC9yZXNvdXJjZWdyb3Vwcy9pbWFnZS1waXBlbGluZS1ydW5uZXItcWEtZWFzdHVzMi1yZy9wcm92aWRlcnMvTWljcm9zb2Z0Lk1hbmFnZWRJZGVudGl0eS91c2VyQXNzaWduZWRJZGVudGl0aWVzL2ltYWdlLXBpcGVsaW5lLXJ1bm5lci1xYS1lYXN0dXMyLW1pIn0.BquzjN6d0g4zlvkbkdVwNEfRxIXSmxYwCHMk6UG3iza2fVioiOrcoP4Cp9P5--AB4G_CAhIXaP7YIZs3mq05QiDjSvkVAM0t67UPGhEr66sNXkV72iZBnKca_auh6EHsjPfxeVHkE1wdrsncrYdKhzgO4IAj8Jg4N5qjcE2q-OkliadmEuTwrhPhq" }
36
+ let(:token_response_mock) do
37
+ rm = Net::HTTPSuccess.new("1.0", "400", "OK")
38
+ allow(rm).to receive(:body).and_return(token_response_body)
39
+ rm
40
+ end
41
+ let(:client_id) { SecureRandom.uuid }
42
+ let(:http_mock) { instance_double("Net::HTTP", :use_ssl= => nil) }
43
+ let(:token_uri) { URI.parse("http://169.254.169.254/metadata/identity/oauth2/token") }
44
+ let(:vault_name) { "my-vault" }
45
+ let(:secret_name) { "my-secret" }
46
+ let(:vault_secret_uri) { URI.parse("https://#{vault_name}.vault.azure.net/secrets/#{secret_name}/?api-version=7.2") }
47
+
48
+ before do
49
+ # Cache these up front so we can pass into allow statements without hitting:
50
+ # URI received :parse with unexpected arguments
51
+ token_uri
52
+ vault_secret_uri
53
+ end
54
+
55
+ before do
56
+ allow(Net::HTTP).to receive(:new).and_return(http_mock)
57
+ allow(URI).to receive(:parse).with("http://169.254.169.254/metadata/identity/oauth2/token").and_return(token_uri)
58
+ allow(URI).to receive(:parse).with("https://#{vault_name}.vault.azure.net/secrets/#{secret_name}/?api-version=7.2").and_return(vault_secret_uri)
59
+ allow(http_mock).to receive(:get).with(token_uri, { "Metadata" => "true" }).and_return(token_response_mock)
60
+ allow(http_mock).to receive(:get).with(vault_secret_uri, { "Authorization" => "Bearer #{access_token}", "Content-Type" => "application/json" }).and_return(secrets_response_mock)
61
+ end
62
+
63
+ describe "#validate!" do
64
+ it "raises error when more than one is provided: :object_id, :client_id, :mi_res_id" do
65
+ expect { Chef::SecretFetcher::AzureKeyVault.new({ object_id: "abc", client_id: "abc", mi_res_id: "abc" }, nil).validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
66
+ expect { Chef::SecretFetcher::AzureKeyVault.new({ object_id: "abc", client_id: "abc" }, nil).validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
67
+ expect { Chef::SecretFetcher::AzureKeyVault.new({ object_id: "abc", mi_res_id: "abc" }, nil).validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
68
+ expect { Chef::SecretFetcher::AzureKeyVault.new({ client_id: "abc", mi_res_id: "abc" }, nil).validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
69
+ end
70
+ end
27
71
 
28
- context "when performing a fetch" do
29
- let(:body) { '{ "value" : "my secret value" }' }
30
- let(:response_mock) { double("response", body: body) }
31
- let(:http_mock) { double("http", :get => response_mock, :use_ssl= => nil) }
72
+ describe "#fetch_token" do
73
+ context "when Net::HTTPBadRequest is returned and the error description contains \"Identity not found\"" do
74
+ let(:token_response_mock) { Net::HTTPBadRequest.new("1.0", "400", "Bad Request") }
75
+
76
+ before do
77
+ allow(fetcher).to receive(:fetch_token).and_call_original
78
+ allow(token_response_mock).to receive(:body).and_return('{"error":"invalid_request","error_description":"Identity not found"}')
79
+ end
32
80
 
33
- before do
34
- allow(fetcher).to receive(:fetch_token).and_return "a token"
35
- allow(Net::HTTP).to receive(:new).and_return(http_mock)
81
+ it "raises Chef::Exceptions::Secret::Azure::IdentityNotFound" do
82
+ expect { fetcher.send(:fetch_token) }.to raise_error(Chef::Exceptions::Secret::Azure::IdentityNotFound)
83
+ end
36
84
  end
37
85
 
38
- context "and vault name is only provided in the secret name" do
39
- let(:body) { '{ "value" : "my secret value" }' }
86
+ context "when :object_id is provided" do
87
+ let(:object_id) { SecureRandom.uuid }
88
+ let(:config) { { vault: "my-vault", object_id: object_id } }
89
+
90
+ it "adds client_id to request params" do
91
+ fetcher.send(:fetch_token)
92
+ expect(token_uri.query).to match(/object_id=#{object_id}/)
93
+ end
94
+ end
95
+
96
+ context "when :client_id is provided" do
97
+ let(:config) { { vault: "my-vault", client_id: client_id } }
98
+
99
+ it "adds client_id to request params" do
100
+ fetcher.send(:fetch_token)
101
+ expect(token_uri.query).to match(/client_id=#{client_id}/)
102
+ end
103
+ end
104
+
105
+ context "when :mi_res_id is provided" do
106
+ let(:mi_res_id) { SecureRandom.uuid }
107
+ let(:config) { { vault: "my-vault", mi_res_id: mi_res_id } }
108
+
109
+ it "adds client_id to request params" do
110
+ fetcher.send(:fetch_token)
111
+ expect(token_uri.query).to match(/mi_res_id=#{mi_res_id}/)
112
+ end
113
+ end
114
+ end
115
+
116
+ describe "#fetch" do
117
+ context "when vault name is only provided in the secret name" do
118
+ let(:secrets_response_body) { '{ "value" : "my secret value" }' }
40
119
  let(:config) { {} }
41
120
  it "fetches the value" do
42
- expect(fetcher.fetch("my_vault/value")).to eq "my secret value"
121
+ expect(fetcher.fetch("my-vault/my-secret")).to eq "my secret value"
43
122
  end
44
123
  end
45
124
 
46
- context "and vault name is not provided in the secret name" do
125
+ context "when vault name is not provided in the secret name" do
47
126
  context "and vault name is not provided in config" do
48
127
  let(:config) { {} }
49
128
  it "raises a ConfigurationInvalid exception" do
50
- expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
129
+ expect { fetcher.fetch("my-secret") }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
51
130
  end
52
131
  end
53
132
 
54
133
  context "and vault name is provided in config" do
55
- let(:config) { { vault: "my_vault" } }
134
+ let(:config) { { vault: "my-vault" } }
56
135
  it "fetches the value" do
57
- expect(fetcher.fetch("value")).to eq "my secret value"
136
+ expect(fetcher.fetch("my-secret")).to eq "my secret value"
58
137
  end
59
138
  end
60
139
  end
61
- context "and an error response is received in the body" do
62
- let(:config) { { vault: "my_vault" } }
63
- let(:body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
140
+
141
+ context "when an error response is received in the response body" do
142
+ let(:config) { { vault: "my-vault" } }
143
+ let(:secrets_response_body) { '{ "error" : { "code" : 404, "message" : "secret not found" } }' }
64
144
  it "raises FetchFailed" do
65
- expect { fetcher.fetch("value") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
145
+ expect { fetcher.fetch("my-secret") }.to raise_error(Chef::Exceptions::Secret::FetchFailed)
66
146
  end
67
147
  end
68
148
  end
69
149
  end
70
-
@@ -132,7 +132,7 @@ describe Chef::Util::Backup do
132
132
  end
133
133
 
134
134
  it "uses the configured Chef::Config[:file_backup_path] and strips the drive on windows" do
135
- expect(@backup).to receive(:path).and_return('c:\\a\\b\\c.txt')
135
+ expect(@backup).to receive(:path).and_return("c:\\a\\b\\c.txt")
136
136
  Chef::Config[:file_backup_path] = 'c:\backupdir'
137
137
  expect(@backup.send(:backup_path)).to match(%r|^c:\\backupdir[\\/]+a\\b\\c.txt.chef-\d{14}.\d{6}$|)
138
138
  end
@@ -23,12 +23,12 @@ describe Chef::Win32::Registry do
23
23
 
24
24
  let(:value1) { { name: "one", type: :string, data: "1" } }
25
25
  let(:value1_upcase_name) { { name: "ONE", type: :string, data: "1" } }
26
- let(:key_path) { 'HKCU\Software\OpscodeNumbers' }
27
- let(:key) { 'Software\OpscodeNumbers' }
26
+ let(:key_path) { "HKCU\\Software\\OpscodeNumbers" }
27
+ let(:key) { "Software\\OpscodeNumbers" }
28
28
  let(:key_parent) { "Software" }
29
29
  let(:key_to_delete) { "OpscodeNumbers" }
30
30
  let(:sub_key) { "OpscodePrimes" }
31
- let(:missing_key_path) { 'HKCU\Software' }
31
+ let(:missing_key_path) { "HKCU\\Software" }
32
32
  let(:registry) { Chef::Win32::Registry.new }
33
33
  let(:hive_mock) { double("::Win32::Registry::HKEY_CURRENT_USER") }
34
34
  let(:reg_mock) { double("reg") }