RubyGems - chef - Versions diffs - 17.8.25-universal-mingw32 → 17.9.18-universal-mingw32 - Mend

chef 17.8.25-universal-mingw32 → 17.9.18-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

checksums.yaml +4 -4
data/lib/chef/provider/cron.rb +2 -2
data/lib/chef/provider/directory.rb +2 -2
data/lib/chef/provider/ifconfig.rb +4 -4
data/lib/chef/provider/package/yum/python_helper.rb +81 -25
data/lib/chef/provider/package/yum.rb +39 -12
data/lib/chef/provider/package.rb +4 -4
data/lib/chef/provider.rb +4 -1
data/lib/chef/providers.rb +0 -1
data/lib/chef/resource/apt_package.rb +2 -2
data/lib/chef/resource/chef_client_config.rb +2 -3
data/lib/chef/resource/chocolatey_package.rb +3 -3
data/lib/chef/resource/cron/cron.rb +75 -1
data/lib/chef/resource/cron/cron_d.rb +2 -1
data/lib/chef/resource/homebrew_tap.rb +0 -4
data/lib/chef/resource/powershell_package_source.rb +8 -8
data/lib/chef/resource/rhsm_register.rb +3 -3
data/lib/chef/resource/windows_feature_powershell.rb +1 -2
data/lib/chef/resource/windows_task.rb +25 -10
data/lib/chef/secret_fetcher/azure_key_vault.rb +2 -0
data/lib/chef/secret_fetcher/hashi_vault.rb +37 -3
data/lib/chef/version.rb +1 -1
data/spec/functional/resource/dnf_package_spec.rb +107 -107
data/spec/functional/resource/yum_package_spec.rb +789 -129
data/spec/unit/secret_fetcher/hashi_vault_spec.rb +46 -0
metadata +6 -8
data/lib/chef/provider/group/suse.rb +0 -82
data/spec/unit/provider/group/suse_spec.rb +0 -90

data/spec/unit/secret_fetcher/hashi_vault_spec.rb CHANGED Viewed

@@ -65,6 +65,52 @@ describe Chef::SecretFetcher::HashiVault do
         fetcher.validate!
       end
     end
+    context "and using auth_method: :approle" do
+      it "raises ConfigurationInvalid message when :approle_name or :approle_id are not specified" do
+        fetcher = Chef::SecretFetcher::HashiVault.new( { auth_method: :approle, vault_addr: "https://vault.example.com:8200" }, run_context)
+        expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
+      end
+      it "authenticates using the approle_id and approle_secret_id during validation when all configuration is correct" do
+        fetcher = Chef::SecretFetcher::HashiVault.new({
+          auth_method: :approle,
+          approle_id: "idguid",
+          approle_secret_id: "secretguid",
+          vault_addr: "https://vault.example.com:8200" },
+          run_context)
+        auth = instance_double(Vault::Authenticate)
+        allow(auth).to receive(:approle)
+        allow(Vault).to receive(:auth).and_return(auth)
+        expect(auth).to receive(:approle).with("idguid", "secretguid")
+        fetcher.validate!
+      end
+      it "looks up the :role_id and :secret_id when all configuration is correct" do
+        fetcher = Chef::SecretFetcher::HashiVault.new({
+          auth_method: :approle,
+          approle_name: "myapprole",
+          token: "t.1234abcd",
+          vault_addr: "https://vault.example.com:8200" },
+          run_context)
+        approle = instance_double(Vault::AppRole)
+        auth = instance_double(Vault::Authenticate)
+        allow(Vault).to receive(:approle).and_return(approle)
+        allow(approle).to receive(:role_id).with("myapprole").and_return("idguid")
+        allow(approle).to receive(:create_secret_id).with("myapprole").and_return(Vault::Secret.new({
+          data: {
+            secret_id: "secretguid",
+            secret_id_accessor: "accessor_guid",
+            secret_id_ttl: 0,
+          },
+          lease_duration: 0,
+          lease_id: "",
+        }))
+        allow(Vault).to receive(:auth).and_return(auth)
+        expect(auth).to receive(:approle).with("idguid", "secretguid")
+        fetcher.validate!
+      end
+    end
   end
   context "when fetching a secret from Hashi Vault" do

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 17.8.25
+  version: 17.9.18
 platform: universal-mingw32
 authors:
 - Adam Jacob
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-12-01 00:00:00.000000000 Z
+date: 2021-12-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.8.25
+        version: 17.9.18
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.8.25
+        version: 17.9.18
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.8.25
+        version: 17.9.18
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 17.8.25
+        version: 17.9.18
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -1648,7 +1648,6 @@ files:
 - lib/chef/provider/group/groupmod.rb
 - lib/chef/provider/group/pw.rb
 - lib/chef/provider/group/solaris.rb
-- lib/chef/provider/group/suse.rb
 - lib/chef/provider/group/usermod.rb
 - lib/chef/provider/group/windows.rb
 - lib/chef/provider/http_request.rb
@@ -2820,7 +2819,6 @@ files:
 - spec/unit/provider/group/groupmod_spec.rb
 - spec/unit/provider/group/pw_spec.rb
 - spec/unit/provider/group/solaris_spec.rb
-- spec/unit/provider/group/suse_spec.rb
 - spec/unit/provider/group/usermod_spec.rb
 - spec/unit/provider/group/windows_spec.rb
 - spec/unit/provider/group_spec.rb

data/lib/chef/provider/group/suse.rb DELETED Viewed

@@ -1,82 +0,0 @@
-#
-# Author:: AJ Christensen (<aj@chef.io>)
-# Copyright:: Copyright (c) Chef Software Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-require_relative "groupadd"
-require "etc" unless defined?(Etc)
-class Chef
-  class Provider
-    class Group
-      class Suse < Chef::Provider::Group::Groupadd
-        provides :group, platform: "suse", platform_version: "< 12.0"
-        def load_current_resource
-          super
-        end
-        def define_resource_requirements
-          super
-          requirements.assert(:all_actions) do |a|
-            a.assertion { ::File.exist?("/usr/sbin/groupmod") }
-            a.failure_message Chef::Exceptions::Group, "Could not find binary /usr/sbin/groupmod for #{new_resource.name}"
-            # No whyrun alternative: this component should be available in the base install of any given system that uses it
-          end
-          requirements.assert(:create, :manage, :modify) do |a|
-            a.assertion do
-              to_add(new_resource.members).all? { |member| Etc.getpwnam(member) }
-            rescue
-              false
-            end
-            a.failure_message Chef::Exceptions::Group, "Could not add users #{to_add(new_resource.members).join(", ")} to #{new_resource.group_name}: one of these users does not exist"
-            a.whyrun "Could not find one of these users: #{to_add(new_resource.members).join(", ")}. Assuming it will be created by a prior step"
-          end
-        end
-        def set_members(members)
-          to_remove(members).each do |member|
-            remove_member(member)
-          end
-          to_add(members).each do |member|
-            add_member(member)
-          end
-        end
-        def to_add(members)
-          members - current_resource.members
-        end
-        def add_member(member)
-          shell_out!("groupmod", "-A", member, new_resource.group_name)
-        end
-        def to_remove(members)
-          current_resource.members - members
-        end
-        def remove_member(member)
-          shell_out!("groupmod", "-R", member, new_resource.group_name)
-        end
-      end
-    end
-  end
-end

data/spec/unit/provider/group/suse_spec.rb DELETED Viewed

@@ -1,90 +0,0 @@
-#
-# Author:: Tom Duffield (<tom@chef.io>)
-# Copyright:: Copyright (c) Chef Software Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-require "spec_helper"
-describe Chef::Provider::Group::Suse do
-  let(:node) { Chef::Node.new }
-  let(:events) { Chef::EventDispatch::Dispatcher.new }
-  let(:run_context) { Chef::RunContext.new(node, {}, events) }
-  let(:new_members) { %w{root new_user} }
-  let(:new_resource) do
-    Chef::Resource::Group.new("new_group").tap do |r|
-      r.gid 50
-      r.members new_members
-      r.system false
-      r.non_unique false
-    end
-  end
-  let(:current_resource) do
-    Chef::Resource::Group.new("new_group").tap do |r|
-      r.gid 50
-      r.members %w{root}
-      r.system false
-      r.non_unique false
-    end
-  end
-  let(:provider) do
-    described_class.new(new_resource, run_context).tap do |p|
-      p.current_resource = current_resource
-    end
-  end
-  describe "when determining the current group state" do
-    before(:each) do
-      allow(File).to receive(:exist?).and_return(true)
-      provider.action = :create
-      provider.define_resource_requirements
-    end
-    # Checking for required binaries is already done in the spec
-    # for Chef::Provider::Group - no need to repeat it here.  We'll
-    # include only what's specific to this provider.
-    it "should raise an error if the required binary /usr/sbin/groupmod doesn't exist" do
-      expect(File).to receive(:exist?).with("/usr/sbin/groupmod").and_return(false)
-      expect { provider.process_resource_requirements }.to raise_error(Chef::Exceptions::Group)
-    end
-    it "should raise error if one of the member users does not exist" do
-      expect(Etc).to receive(:getpwnam).with("new_user").and_raise ArgumentError
-      expect { provider.process_resource_requirements }.to raise_error(Chef::Exceptions::Group)
-    end
-  end
-  describe "#set_members" do
-    it "should add missing members and remove deleted members" do
-      expect(provider).not_to receive(:remove_member)
-      expect(provider).to receive(:add_member).with("new_user")
-      provider.set_members(new_members)
-    end
-  end
-  describe "#add_member" do
-    it "should call out to groupmod to add user" do
-      expect(provider).to receive(:shell_out_compacted!).with("groupmod", "-A", "new_user", "new_group")
-      provider.add_member("new_user")
-    end
-  end
-  describe "#remove_member" do
-    it "should call out to groupmod to remove user" do
-      expect(provider).to receive(:shell_out_compacted!).with("groupmod", "-R", "new_user", "new_group")
-      provider.remove_member("new_user")
-    end
-  end
-end