chef 17.8.25-universal-mingw32 → 17.9.18-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -65,6 +65,52 @@ describe Chef::SecretFetcher::HashiVault do
65
65
  fetcher.validate!
66
66
  end
67
67
  end
68
+
69
+ context "and using auth_method: :approle" do
70
+ it "raises ConfigurationInvalid message when :approle_name or :approle_id are not specified" do
71
+ fetcher = Chef::SecretFetcher::HashiVault.new( { auth_method: :approle, vault_addr: "https://vault.example.com:8200" }, run_context)
72
+ expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
73
+ end
74
+
75
+ it "authenticates using the approle_id and approle_secret_id during validation when all configuration is correct" do
76
+ fetcher = Chef::SecretFetcher::HashiVault.new({
77
+ auth_method: :approle,
78
+ approle_id: "idguid",
79
+ approle_secret_id: "secretguid",
80
+ vault_addr: "https://vault.example.com:8200" },
81
+ run_context)
82
+ auth = instance_double(Vault::Authenticate)
83
+ allow(auth).to receive(:approle)
84
+ allow(Vault).to receive(:auth).and_return(auth)
85
+ expect(auth).to receive(:approle).with("idguid", "secretguid")
86
+ fetcher.validate!
87
+ end
88
+
89
+ it "looks up the :role_id and :secret_id when all configuration is correct" do
90
+ fetcher = Chef::SecretFetcher::HashiVault.new({
91
+ auth_method: :approle,
92
+ approle_name: "myapprole",
93
+ token: "t.1234abcd",
94
+ vault_addr: "https://vault.example.com:8200" },
95
+ run_context)
96
+ approle = instance_double(Vault::AppRole)
97
+ auth = instance_double(Vault::Authenticate)
98
+ allow(Vault).to receive(:approle).and_return(approle)
99
+ allow(approle).to receive(:role_id).with("myapprole").and_return("idguid")
100
+ allow(approle).to receive(:create_secret_id).with("myapprole").and_return(Vault::Secret.new({
101
+ data: {
102
+ secret_id: "secretguid",
103
+ secret_id_accessor: "accessor_guid",
104
+ secret_id_ttl: 0,
105
+ },
106
+ lease_duration: 0,
107
+ lease_id: "",
108
+ }))
109
+ allow(Vault).to receive(:auth).and_return(auth)
110
+ expect(auth).to receive(:approle).with("idguid", "secretguid")
111
+ fetcher.validate!
112
+ end
113
+ end
68
114
  end
69
115
 
70
116
  context "when fetching a secret from Hashi Vault" do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chef
3
3
  version: !ruby/object:Gem::Version
4
- version: 17.8.25
4
+ version: 17.9.18
5
5
  platform: universal-mingw32
6
6
  authors:
7
7
  - Adam Jacob
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-01 00:00:00.000000000 Z
11
+ date: 2021-12-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-config
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 17.8.25
19
+ version: 17.9.18
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 17.8.25
26
+ version: 17.9.18
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: chef-utils
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - '='
32
32
  - !ruby/object:Gem::Version
33
- version: 17.8.25
33
+ version: 17.9.18
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - '='
39
39
  - !ruby/object:Gem::Version
40
- version: 17.8.25
40
+ version: 17.9.18
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: train-core
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -1648,7 +1648,6 @@ files:
1648
1648
  - lib/chef/provider/group/groupmod.rb
1649
1649
  - lib/chef/provider/group/pw.rb
1650
1650
  - lib/chef/provider/group/solaris.rb
1651
- - lib/chef/provider/group/suse.rb
1652
1651
  - lib/chef/provider/group/usermod.rb
1653
1652
  - lib/chef/provider/group/windows.rb
1654
1653
  - lib/chef/provider/http_request.rb
@@ -2820,7 +2819,6 @@ files:
2820
2819
  - spec/unit/provider/group/groupmod_spec.rb
2821
2820
  - spec/unit/provider/group/pw_spec.rb
2822
2821
  - spec/unit/provider/group/solaris_spec.rb
2823
- - spec/unit/provider/group/suse_spec.rb
2824
2822
  - spec/unit/provider/group/usermod_spec.rb
2825
2823
  - spec/unit/provider/group/windows_spec.rb
2826
2824
  - spec/unit/provider/group_spec.rb
@@ -1,82 +0,0 @@
1
- #
2
- # Author:: AJ Christensen (<aj@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "groupadd"
20
- require "etc" unless defined?(Etc)
21
-
22
- class Chef
23
- class Provider
24
- class Group
25
- class Suse < Chef::Provider::Group::Groupadd
26
- provides :group, platform: "suse", platform_version: "< 12.0"
27
-
28
- def load_current_resource
29
- super
30
- end
31
-
32
- def define_resource_requirements
33
- super
34
- requirements.assert(:all_actions) do |a|
35
- a.assertion { ::File.exist?("/usr/sbin/groupmod") }
36
- a.failure_message Chef::Exceptions::Group, "Could not find binary /usr/sbin/groupmod for #{new_resource.name}"
37
- # No whyrun alternative: this component should be available in the base install of any given system that uses it
38
- end
39
-
40
- requirements.assert(:create, :manage, :modify) do |a|
41
- a.assertion do
42
-
43
- to_add(new_resource.members).all? { |member| Etc.getpwnam(member) }
44
- rescue
45
- false
46
-
47
- end
48
- a.failure_message Chef::Exceptions::Group, "Could not add users #{to_add(new_resource.members).join(", ")} to #{new_resource.group_name}: one of these users does not exist"
49
- a.whyrun "Could not find one of these users: #{to_add(new_resource.members).join(", ")}. Assuming it will be created by a prior step"
50
- end
51
- end
52
-
53
- def set_members(members)
54
- to_remove(members).each do |member|
55
- remove_member(member)
56
- end
57
-
58
- to_add(members).each do |member|
59
- add_member(member)
60
- end
61
- end
62
-
63
- def to_add(members)
64
- members - current_resource.members
65
- end
66
-
67
- def add_member(member)
68
- shell_out!("groupmod", "-A", member, new_resource.group_name)
69
- end
70
-
71
- def to_remove(members)
72
- current_resource.members - members
73
- end
74
-
75
- def remove_member(member)
76
- shell_out!("groupmod", "-R", member, new_resource.group_name)
77
- end
78
-
79
- end
80
- end
81
- end
82
- end
@@ -1,90 +0,0 @@
1
- #
2
- # Author:: Tom Duffield (<tom@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- #      http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require "spec_helper"
20
-
21
- describe Chef::Provider::Group::Suse do
22
- let(:node) { Chef::Node.new }
23
- let(:events) { Chef::EventDispatch::Dispatcher.new }
24
- let(:run_context) { Chef::RunContext.new(node, {}, events) }
25
- let(:new_members) { %w{root new_user} }
26
- let(:new_resource) do
27
- Chef::Resource::Group.new("new_group").tap do |r|
28
- r.gid 50
29
- r.members new_members
30
- r.system false
31
- r.non_unique false
32
- end
33
- end
34
- let(:current_resource) do
35
- Chef::Resource::Group.new("new_group").tap do |r|
36
- r.gid 50
37
- r.members %w{root}
38
- r.system false
39
- r.non_unique false
40
- end
41
- end
42
- let(:provider) do
43
- described_class.new(new_resource, run_context).tap do |p|
44
- p.current_resource = current_resource
45
- end
46
- end
47
-
48
- describe "when determining the current group state" do
49
- before(:each) do
50
- allow(File).to receive(:exist?).and_return(true)
51
- provider.action = :create
52
- provider.define_resource_requirements
53
- end
54
-
55
- # Checking for required binaries is already done in the spec
56
- # for Chef::Provider::Group - no need to repeat it here. We'll
57
- # include only what's specific to this provider.
58
- it "should raise an error if the required binary /usr/sbin/groupmod doesn't exist" do
59
- expect(File).to receive(:exist?).with("/usr/sbin/groupmod").and_return(false)
60
- expect { provider.process_resource_requirements }.to raise_error(Chef::Exceptions::Group)
61
- end
62
-
63
- it "should raise error if one of the member users does not exist" do
64
- expect(Etc).to receive(:getpwnam).with("new_user").and_raise ArgumentError
65
- expect { provider.process_resource_requirements }.to raise_error(Chef::Exceptions::Group)
66
- end
67
- end
68
-
69
- describe "#set_members" do
70
- it "should add missing members and remove deleted members" do
71
- expect(provider).not_to receive(:remove_member)
72
- expect(provider).to receive(:add_member).with("new_user")
73
- provider.set_members(new_members)
74
- end
75
- end
76
-
77
- describe "#add_member" do
78
- it "should call out to groupmod to add user" do
79
- expect(provider).to receive(:shell_out_compacted!).with("groupmod", "-A", "new_user", "new_group")
80
- provider.add_member("new_user")
81
- end
82
- end
83
-
84
- describe "#remove_member" do
85
- it "should call out to groupmod to remove user" do
86
- expect(provider).to receive(:shell_out_compacted!).with("groupmod", "-R", "new_user", "new_group")
87
- provider.remove_member("new_user")
88
- end
89
- end
90
- end