chef 18.4.12 → 18.6.2

data/spec/spec_helper.rb

@@ -138,12 +138,14 @@ RSpec.configure do |config|
 
   config.filter_run_excluding skip_buildkite: true if ENV["BUILDKITE"]
 
-  config.filter_run_excluding fips_mode: !fips_mode_build?
+  config.filter_run_excluding fips_mode_test: true unless fips_mode_build?
+  config.filter_run_excluding fips_mode_negative_test: true # disable all fips_mode negative tests
   # Skip fips on windows
   # config.filter_run_excluding :fips_mode if windows?
 
   config.filter_run_excluding windows_only: true unless windows?
   config.filter_run_excluding not_supported_on_windows: true if windows?
+  config.filter_run_excluding not_supported_on_windows_11: true if windows_11?
   config.filter_run_excluding not_supported_on_macos: true if macos?
   config.filter_run_excluding macos_only: true unless macos?
   config.filter_run_excluding not_macos_gte_11: true if macos_gte_11?
@@ -180,6 +182,7 @@ RSpec.configure do |config|
   config.filter_run_excluding aes_256_gcm_only: true unless aes_256_gcm?
   config.filter_run_excluding broken: true
   config.filter_run_excluding not_wpar: true unless wpar?
+  config.filter_run_excluding not_supported_on_s390x: true unless s390x?
   config.filter_run_excluding not_supported_under_fips: true if fips?
   config.filter_run_excluding rhel: true unless rhel?
   config.filter_run_excluding rhel6: true unless rhel6?

data/spec/support/chef_helpers.rb

@@ -69,8 +69,8 @@ def make_canonical_temp_directory
 end
 
 # Check if a cmd exists on the PATH
-def which(cmd)
-  paths = ENV["PATH"].split(File::PATH_SEPARATOR) + [ "/bin", "/usr/bin", "/sbin", "/usr/sbin" ]
+def which(cmd, prepend_path: nil, extra_path: nil)
+  paths = Array(prepend_path) + ENV["PATH"].split(File::PATH_SEPARATOR) + [ "/bin", "/usr/bin", "/sbin", "/usr/sbin" ] + Array(extra_path)
   paths.each do |path|
     filename = File.join(path, cmd)
     return filename if File.executable?(filename)

data/spec/support/platform_helpers.rb

@@ -65,12 +65,18 @@ def windows_gte_10?
   Gem::Requirement.new(">= 10").satisfied_by?(Gem::Version.new(win32_os_version))
 end
 
+def windows_11?
+  return false unless windows?
+
+  Gem::Requirement.new(">= 10.0.22621").satisfied_by?(Gem::Version.new(win32_os_version))
+end
+
 def win32_os_version
   @win32_os_version ||= begin
-    wmi = WmiLite::Wmi.new
-    host = wmi.first_of("Win32_OperatingSystem")
-    host["version"]
-  end
+                          wmi = WmiLite::Wmi.new
+                          host = wmi.first_of("Win32_OperatingSystem")
+                          host["version"]
+                        end
 end
 
 def windows_powershell_dsc?
@@ -80,7 +86,7 @@ def windows_powershell_dsc?
   begin
     wmi = WmiLite::Wmi.new("root/microsoft/windows/desiredstateconfiguration")
     lcm = wmi.query("SELECT * FROM meta_class WHERE __this ISA 'MSFT_DSCLocalConfigurationManager'")
-    supports_dsc = !! lcm
+    supports_dsc = !!lcm
   rescue WmiLite::WmiException
   end
   supports_dsc
@@ -95,7 +101,7 @@ end
 
 # detects if the hardware is 64-bit (evaluates to true in "WOW64" mode in a 32-bit app on a 64-bit system)
 def windows64?
-  windows? && ( ENV["PROCESSOR_ARCHITECTURE"] == "AMD64" || ENV["PROCESSOR_ARCHITEW6432"] == "AMD64" )
+  windows? && (ENV["PROCESSOR_ARCHITECTURE"] == "AMD64" || ENV["PROCESSOR_ARCHITEW6432"] == "AMD64")
 end
 
 # detects if the hardware is 32-bit
@@ -175,6 +181,10 @@ def wpar?
   !((ohai[:virtualization] || {})[:wpar_no].nil?)
 end
 
+def s390x?
+  RUBY_PLATFORM.include?("s390x")
+end
+
 def supports_cloexec?
   Fcntl.const_defined?(:F_SETFD) && Fcntl.const_defined?(:FD_CLOEXEC)
 end
@@ -224,7 +234,17 @@ def aes_256_gcm?
 end
 
 def fips_mode_build?
-  OpenSSL::OPENSSL_FIPS
+  return false if ENV.fetch("BUILDKITE_PIPELINE_SLUG", "") =~ /verify$/
+
+  if ENV.include?("BUILDKITE_LABEL") # try keying directly off Buildkite environments
+    # regex version of chef/chef-foundation:.expeditor/release.omnibus.yml:fips-platforms
+    [/el-.*-x86_64/, /el-.*-ppc64/, /el-.*aarch/, /ubuntu-/, /windows-/, /amazon-2/].any? do |os_arch|
+      ENV["BUILDKITE_LABEL"].match?(os_arch)
+    end
+  else
+    # if you're testing your local build
+    OpenSSL::OPENSSL_FIPS
+  end
 end
 
 def fips?
@@ -233,6 +253,7 @@ end
 
 class HttpHelper
   extend Ohai::Mixin::HttpHelper
+
   def self.logger
     Chef::Log
   end

data/spec/support/shared/functional/file_resource.rb

@@ -245,14 +245,14 @@ shared_examples_for "a file resource" do
 
     include_context "deploying with move"
 
-    describe "when deploying via tmpdir" do
+    describe "when deploying via tmpdir", :not_supported_on_windows_11 do
 
       include_context "deploying via tmpdir"
 
       it_behaves_like "a configured file resource"
     end
 
-    describe "when deploying via destdir" do
+    describe "when deploying via destdir", :not_supported_on_windows_11 do
 
       include_context "deploying via destdir"
 
@@ -912,7 +912,7 @@ shared_examples_for "a configured file resource" do
     dummy_desc
   end
 
-  it_behaves_like "a securable resource without existing target"
+  it_behaves_like "a securable resource without existing target", :not_supported_on_windows_11
 
   context "when the target file has the wrong content" do
     before(:each) do

data/spec/unit/client_spec.rb

@@ -384,22 +384,6 @@ describe Chef::Client do
     end
   end
 
-  describe "eol release warning" do
-    it "warns when running an EOL release" do
-      stub_const("Chef::VERSION", 15)
-      allow(Time).to receive(:now).and_return(Time.new(2021, 5, 1, 5))
-      expect(logger).to receive(:warn).with(/This release of.*became end of life \(EOL\) on May 1st 2021/)
-      client.warn_if_eol
-    end
-
-    it "does not warn when running an non-EOL release" do
-      stub_const("Chef::VERSION", 15)
-      allow(Time).to receive(:now).and_return(Time.new(2021, 4, 31))
-      expect(logger).to_not receive(:warn).with(/became end of life/)
-      client.warn_if_eol
-    end
-  end
-
   describe "authentication protocol selection" do
     context "when FIPS is disabled" do
       before do

data/spec/unit/file_cache_spec.rb

@@ -94,7 +94,71 @@ describe Chef::FileCache do
     it "searches for cached files by globbing" do
       expect(Chef::FileCache.find("snappy/**/*")).to eq(%w{snappy/patter})
     end
+  end
+
+  describe "#find handles regex-unsafe unix paths" do
+    before(:each) do
+      # Dir.mktmpdir doesn't allow regex unsafe characters (the nerve!), so we'll have to fake file lookups
+      @file_cache_path = "/tmp/[foo* ^bar]"
+      escaped_file_cache_path = '/tmp/\[foo\* ^bar\]'
+      Chef::Config[:file_cache_path] = @file_cache_path
+      allow(Chef::Util::PathHelper).to receive(:escape_glob_dir).and_return(escaped_file_cache_path)
+      allow(Dir).to receive(:[]).with(File.join(escaped_file_cache_path, "snappy/**/*")).and_return([
+        File.join(@file_cache_path, "snappy"),
+        File.join(@file_cache_path, "snappy", "patter"),
+      ])
+      allow(Dir).to receive(:[]).with(escaped_file_cache_path).and_return([
+        @file_cache_path,
+      ])
+      [
+        File.join(@file_cache_path, "snappy", "patter"),
+        File.join(@file_cache_path, "whiz", "bang"),
+      ].each do |f|
+        allow(File).to receive(:file?).with(f).and_return(true)
+      end
+      [
+        File.join(@file_cache_path, "snappy"),
+        File.join(@file_cache_path, "whiz"),
+      ].each do |f|
+        allow(File).to receive(:file?).with(f).and_return(false)
+      end
+    end
+
+    it "searches for cached files by globbing" do
+      expect(Chef::FileCache.find("snappy/**/*")).to eq(%w{snappy/patter})
+    end
+  end
 
+  describe "#find handles Windows paths" do
+    before(:each) do
+      allow(ChefUtils).to receive(:windows?).and_return(true)
+      @file_cache_path = 'C:\tmp\fakecache'
+      escaped_file_cache_path = "C:\\tmp\\fakecache"
+      Chef::Config[:file_cache_path] = @file_cache_path
+      allow(Chef::Util::PathHelper).to receive(:escape_glob_dir).and_return(escaped_file_cache_path)
+      allow(Dir).to receive(:[]).with(File.join(escaped_file_cache_path, "snappy/**/*")).and_return([
+        File.join(@file_cache_path, "snappy"),
+        File.join(@file_cache_path, "snappy", "patter"),
+      ])
+      allow(Dir).to receive(:[]).with(escaped_file_cache_path).and_return([
+        @file_cache_path,
+      ])
+      [
+        File.join(@file_cache_path, "snappy", "patter"),
+        File.join(@file_cache_path, "whiz", "bang"),
+      ].each do |f|
+        allow(File).to receive(:file?).with(f).and_return(true)
+      end
+      [
+        File.join(@file_cache_path, "snappy"),
+        File.join(@file_cache_path, "whiz"),
+      ].each do |f|
+        allow(File).to receive(:file?).with(f).and_return(false)
+      end
+    end
+    it "searches for cached files by globbing" do
+      expect(Chef::FileCache.find("snappy/**/*")).to eq(%w{snappy/patter})
+    end
   end
 
   describe "when checking for the existence of a file" do

data/spec/unit/mixin/homebrew_spec.rb

@@ -0,0 +1,118 @@
+#
+# Author:: Joshua Timberman (<joshua@chef.io>)
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "spec_helper"
+
+describe Chef::Mixin::Homebrew do
+  let(:homebrew) { Class.new { include Chef::Mixin::Homebrew }.new }
+  let(:uid) { 1001 }
+  let(:username) { "foobar" }
+  let(:alt_brew_path) { "/foo" }
+
+  describe "#find_homebrew_uid" do
+    it "returns the provided UID when an integer is given" do
+      expect(File).to receive(:exist?).exactly(0).times
+      expect(homebrew.find_homebrew_uid(uid)).to eq(uid)
+    end
+
+    it "returns the provided UID when username is given" do
+      expect(File).to receive(:exist?).exactly(0).times
+      allow(Etc).to receive(:getpwnam).with(username).and_return(OpenStruct.new(uid: uid))
+      expect(homebrew.find_homebrew_uid(username)).to eq(uid)
+    end
+
+    it "raises an error when the brew executable is not found" do
+      allow(homebrew).to receive(:homebrew_bin_path).and_raise(Chef::Exceptions::CannotDetermineHomebrewPath)
+      expect { homebrew.find_homebrew_uid }.to raise_error(Chef::Exceptions::CannotDetermineHomebrewPath)
+    end
+
+    it "returns the UID of the owner based on the brew executable" do
+      allow(homebrew).to receive(:homebrew_bin_path).and_return(alt_brew_path)
+      allow(File).to receive(:stat).with(alt_brew_path).and_return(OpenStruct.new(uid: uid))
+      allow(Etc).to receive(:getpwuid).with(uid).and_return(OpenStruct.new(name: username))
+      expect(homebrew.find_homebrew_uid).to eq(uid)
+    end
+  end
+
+  describe "#find_homebrew_username" do
+    it "returns the username for the provided UID" do
+      allow(homebrew).to receive(:find_homebrew_uid).and_return(uid)
+      allow(Etc).to receive(:getpwuid).with(uid).and_return(OpenStruct.new(name: username))
+      expect(homebrew.find_homebrew_username(uid)).to eq(username)
+    end
+  end
+
+  describe "#homebrew_bin_path" do
+    it "returns the correct path when a valid path is provided" do
+      allow(File).to receive(:exist?).with(alt_brew_path).and_return(true)
+      expect(homebrew.homebrew_bin_path(alt_brew_path)).to eq(alt_brew_path)
+    end
+
+    it "raises an error when the brew executable is not found" do
+      allow(homebrew).to receive(:which).and_return(false)
+      expect { homebrew.homebrew_bin_path }.to raise_error(Chef::Exceptions::CannotDetermineHomebrewPath)
+    end
+  end
+
+  shared_examples "successfully find executable" do
+    let(:default_brew_path) { "/usr/local/bin/brew" }
+    let(:default_brew_path_arm) { "/opt/homebrew/bin/brew" }
+    let(:default_brew_path_linux) { "/home/linuxbrew/.linuxbrew/bin/brew" }
+
+    context "debug statement prints owner name" do
+
+      before do
+        expect(Etc).to receive(:getpwuid).with(uid).and_return(OpenStruct.new(name: username))
+      end
+
+      it "returns the owner of the brew executable when it is at a default location for x86_64 machines" do
+        allow(homebrew).to receive(:homebrew_bin_path).and_return(default_brew_path)
+        allow(File).to receive(:stat).with(default_brew_path).and_return(OpenStruct.new(uid: uid))
+        expect(homebrew.find_homebrew_uid).to eq(uid)
+      end
+
+      it "returns the owner of the brew executable when it is at a default location for arm machines" do
+        allow(homebrew).to receive(:homebrew_bin_path).and_return(default_brew_path_arm)
+        allow(File).to receive(:stat).with(default_brew_path_arm).and_return(OpenStruct.new(uid: uid))
+        expect(homebrew.find_homebrew_uid).to eq(uid)
+      end
+
+      it "returns the owner of the brew executable when it is at a default location for linux machines" do
+        allow(homebrew).to receive(:homebrew_bin_path).and_return(default_brew_path_linux)
+        allow(File).to receive(:stat).with(default_brew_path_linux).and_return(OpenStruct.new(uid: uid))
+        expect(homebrew.find_homebrew_uid).to eq(uid)
+      end
+
+      it "returns the owner of the brew executable when it is not at a default location" do
+        allow(homebrew).to receive(:homebrew_bin_path).and_return(alt_brew_path)
+        allow(File).to receive(:stat).with(alt_brew_path).and_return(OpenStruct.new(uid: uid))
+        expect(homebrew.find_homebrew_uid).to eq(uid)
+      end
+    end
+  end
+
+  describe "#When the homebrew user is not provided" do
+
+    include_examples "successfully find executable"
+
+    context "the executable is owned by root" do
+      include_examples "successfully find executable" do
+        let(:uid) { 0 }
+      end
+    end
+  end
+end

data/spec/unit/mixin/openssl_helper_spec.rb

@@ -92,7 +92,12 @@ describe Chef::Mixin::OpenSSLHelper do
 
     context "When the dhparam.pem file does exist, and does contain a vaild dhparam key" do
       it "returns true" do
-        @dhparam_file.puts(::OpenSSL::PKey::DH.new(256).to_pem) # this is 256 to speed up specs
+        # bumped this from 256 to 1024 because OpenSSL 3.x will enforce
+        # size
+        #      OpenSSL::PKey::PKeyError:
+        #       EVP_PKEY_paramgen: modulus too small
+        # need to double check that the mixin itself doesn't allow smaller
+        @dhparam_file.puts(::OpenSSL::PKey::DH.new(1024).to_pem)
         @dhparam_file.close
         expect(instance.dhparam_pem_valid?(@dhparam_file.path)).to be_truthy
       end

data/spec/unit/provider/package/chocolatey_spec.rb

@@ -36,9 +36,9 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
   # installed packages (ConEmu is upgradable)
   let(:local_list_stdout) do
     <<~EOF
-      Chocolatey v0.9.9.11
-      chocolatey|0.9.9.11
-      ConEmu|15.10.25.0
+      Chocolatey v0.9.9.10
+      chocolatey|0.9.9.12
+      ConEmu|15.10.25.2
     EOF
   end
 
@@ -47,10 +47,10 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
     allow(provider).to receive(:choco_exe).and_return(choco_exe)
     local_list_obj = double(stdout: local_list_stdout)
     allow(provider).to receive(:shell_out_compacted!).with(choco_exe, "list", "-l", "-r", { returns: [0, 2], timeout: timeout }).and_return(local_list_obj)
-    allow(provider).to receive(:powershell_exec!).with("#{choco_exe} --version").and_return(double(result: "2.1.0"))
+    allow(provider).to receive(:powershell_exec!).with("Get-ItemProperty #{choco_exe} | select-object -expandproperty versioninfo | select-object -expandproperty productversion").and_return(double(result: "2.1.0"))
     # Mock the local file system choco queries
     allow(provider).to receive(:get_local_pkg_dirs).and_return(%w{chocolatey ConEmu})
-    allow(provider).to receive(:fetch_package_versions_local).and_return({ "chocolatey" => "0.9.9.11", "conemu" => "15.10.25.0" })
+    allow(provider).to receive(:fetch_package_versions).and_return({ "chocolatey" => "0.9.9.11", "conemu" => "15.10.25.0" })
   end
 
   after(:each) do
@@ -70,10 +70,13 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
       munin-node|1.6.1.20130823
     EOF
     remote_list_obj = double(stdout: remote_list_stdout)
-    if args
-      allow(provider).to receive(:shell_out_compacted!).with(choco_exe, provider.query_command, "-r", *(package_names.sort + args), { returns: [0, 2], timeout: timeout }).and_return(remote_list_obj)
-    else
-      allow(provider).to receive(:shell_out_compacted!).with(choco_exe, provider.query_command, "-r", *(package_names.sort), { returns: [0, 2], timeout: timeout }).and_return(remote_list_obj)
+
+    package_names.each do |pkg|
+      if args
+        allow(provider).to receive(:shell_out_compacted!).with(choco_exe, provider.query_command, "-r", *([pkg] + args), { returns: [0, 2], timeout: timeout }).and_return(remote_list_obj)
+      else
+        allow(provider).to receive(:shell_out_compacted!).with(choco_exe, provider.query_command, "-r", pkg, { returns: [0, 2], timeout: timeout }).and_return(remote_list_obj)
+      end
     end
   end
 
@@ -89,12 +92,12 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
 
   describe "choco searches change with the version" do
     it "Choco V1 uses List" do
-      allow(provider).to receive(:powershell_exec!).with("#{choco_exe} --version").and_return(double(result: "1.4.0"))
+      allow(provider).to receive(:powershell_exec!).with("Get-ItemProperty #{choco_exe} | select-object -expandproperty versioninfo | select-object -expandproperty productversion").and_return(double(result: "1.3.0"))
       expect(provider.query_command).to eql("list")
     end
 
     it "Choco V2 uses Search" do
-      allow(provider).to receive(:powershell_exec!).with("#{choco_exe} --version").and_return(double(result: "2.1.0"))
+      allow(provider).to receive(:powershell_exec!).with("Get-ItemProperty #{choco_exe} | select-object -expandproperty versioninfo | select-object -expandproperty productversion").and_return(double(result: "2.1.0"))
       expect(provider.query_command).to eql("search")
     end
   end
@@ -168,6 +171,7 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
 
     it "should load and downcase names in the installed_packages hash (with disk provider)" do
       new_resource.use_choco_list(false)
+      provider.invalidate_cache
       provider.load_current_resource
       expect(provider.send(:installed_packages)).to eql(
         { "chocolatey" => "0.9.9.11", "conemu" => "15.10.25.0" }
@@ -176,9 +180,10 @@ describe Chef::Provider::Package::Chocolatey, :windows_only do
 
     it "should load and downcase names in the installed_packages hash (with choco list provider)" do
       new_resource.use_choco_list(true)
+      provider.invalidate_cache
       provider.load_current_resource
       expect(provider.send(:installed_packages)).to eql(
-        { "chocolatey" => "0.9.9.11", "conemu" => "15.10.25.0" }
+        { "chocolatey" => "0.9.9.12", "conemu" => "15.10.25.2" }
       )
     end
 

data/spec/unit/provider/package/homebrew_spec.rb

@@ -19,6 +19,7 @@
 require "spec_helper"
 
 describe Chef::Provider::Package::Homebrew do
+  let(:default_brew_path) { "/usr/local/bin/brew" }
   let(:node) { Chef::Node.new }
   let(:new_resource) { Chef::Resource::HomebrewPackage.new(%w{emacs vim}) }
   let(:current_resource) { Chef::Resource::HomebrewPackage.new("emacs, vim") }
@@ -30,7 +31,6 @@ describe Chef::Provider::Package::Homebrew do
   end
 
   let(:homebrew_uid) { 1001 }
-
   let(:brew_cmd_output_data) { '[{"name":"emacs","full_name":"emacs","oldname":null,"aliases":[],"versioned_formulae":[],"desc":"GNU Emacs text editor","homepage":"https://www.gnu.org/software/emacs/","versions":{"stable":"26.3","devel":null,"head":"HEAD","bottle":true},"urls":{"stable":{"url":"https://ftp.gnu.org/gnu/emacs/emacs-26.3.tar.xz","tag":null,"revision":null}},"revision":0,"version_scheme":0,"bottle":{"stable":{"rebuild":0,"cellar":"/usr/local/Cellar","prefix":"/usr/local","root_url":"https://homebrew.bintray.com/bottles","files":{"catalina":{"url":"https://homebrew.bintray.com/bottles/emacs-26.3.catalina.bottle.tar.gz","sha256":"9ab33f4386ca5f7326a8c28da1324556ec990f682a7ca88641203da0b42dbdae"},"mojave":{"url":"https://homebrew.bintray.com/bottles/emacs-26.3.mojave.bottle.tar.gz","sha256":"8162a26246de7db44c53ea0d0ef0a806140318d19c69e8e5e33aa88ce7e823a8"},"high_sierra":{"url":"https://homebrew.bintray.com/bottles/emacs-26.3.high_sierra.bottle.tar.gz","sha256":"6a2629b6deddf99f81abb1990ecd6c87f0242a0eecbb6b6c2e4c3540e421d4c4"},"sierra":{"url":"https://homebrew.bintray.com/bottles/emacs-26.3.sierra.bottle.tar.gz","sha256":"2a47477e71766d7dd6b16c29ad5ba71817ed80d06212e3261ef3c776e7e9f5a2"}}}},"keg_only":false,"bottle_disabled":false,"options":[],"build_dependencies":["pkg-config"],"dependencies":["gnutls"],"recommended_dependencies":[],"optional_dependencies":[],"uses_from_macos":["libxml2","ncurses"],"requirements":[],"conflicts_with":[],"caveats":null,"installed":[],"linked_keg":null,"pinned":false,"outdated":false},{"name":"vim","full_name":"vim","oldname":null,"aliases":[],"versioned_formulae":[],"desc":"Vi \'workalike\' with many additional features","homepage":"https://www.vim.org/","versions":{"stable":"8.2.0550","devel":null,"head":"HEAD","bottle":true},"urls":{"stable":{"url":"https://github.com/vim/vim/archive/v8.2.0550.tar.gz","tag":null,"revision":null}},"revision":0,"version_scheme":0,"bottle":{"stable":{"rebuild":0,"cellar":"/usr/local/Cellar","prefix":"/usr/local","root_url":"https://homebrew.bintray.com/bottles","files":{"catalina":{"url":"https://homebrew.bintray.com/bottles/vim-8.2.0550.catalina.bottle.tar.gz","sha256":"8f9252500775aa85d8f826af30ca9e1118a56145fc2f961c37abed48bf78cf6b"},"mojave":{"url":"https://homebrew.bintray.com/bottles/vim-8.2.0550.mojave.bottle.tar.gz","sha256":"7566c83b770f3e8c4d4b462a39e5eb26609b37a8f8db6690a2560a3e22ded6b6"},"high_sierra":{"url":"https://homebrew.bintray.com/bottles/vim-8.2.0550.high_sierra.bottle.tar.gz","sha256":"a76e517fc69bf67b6903cb82295bc085c5eb4b46b4659f034c694dd97d2ee2d9"}}}},"keg_only":false,"bottle_disabled":false,"options":[],"build_dependencies":[],"dependencies":["gettext","lua","perl","python","ruby"],"recommended_dependencies":[],"optional_dependencies":[],"uses_from_macos":["ncurses"],"requirements":[],"conflicts_with":["ex-vi","macvim"],"caveats":null,"installed":[{"version":"8.2.0550","used_options":[],"built_as_bottle":true,"poured_from_bottle":true,"runtime_dependencies":[{"full_name":"gettext","version":"0.20.1"},{"full_name":"lua","version":"5.3.5"},{"full_name":"perl","version":"5.30.2"},{"full_name":"gdbm","version":"1.18.1"},{"full_name":"openssl@1.1","version":"1.1.1f"},{"full_name":"readline","version":"8.0.4"},{"full_name":"sqlite","version":"3.31.1"},{"full_name":"xz","version":"5.2.5"},{"full_name":"python","version":"3.7.7"},{"full_name":"libyaml","version":"0.2.2"},{"full_name":"ruby","version":"2.7.1"}],"installed_as_dependency":false,"installed_on_request":true}],"linked_keg":"8.2.0550","pinned":false,"outdated":false}]' }
 
   let(:brew_info_data) do
@@ -297,11 +297,13 @@ describe Chef::Provider::Package::Homebrew do
 
     it "passes a single pkg to the brew command and return stdout" do
       allow(provider).to receive(:shell_out!).and_return(OpenStruct.new(stdout: "zombo"))
+      allow(provider).to receive(:homebrew_bin_path).and_return(default_brew_path)
       expect(provider.brew_cmd_output).to eql("zombo")
     end
 
     it "takes multiple arguments as an array" do
       allow(provider).to receive(:shell_out!).and_return(OpenStruct.new(stdout: "homestarrunner"))
+      allow(provider).to receive(:homebrew_bin_path).and_return(default_brew_path)
       expect(provider.brew_cmd_output("info", "opts", "bananas")).to eql("homestarrunner")
     end
 
@@ -310,6 +312,7 @@ describe Chef::Provider::Package::Homebrew do
 
       it "does not try to read homebrew_user from Package, which does not have it" do
         allow(provider).to receive(:shell_out!).and_return(OpenStruct.new(stdout: "zombo"))
+        allow(provider).to receive(:homebrew_bin_path).and_return(default_brew_path)
         expect(provider.brew_cmd_output).to eql("zombo")
       end
     end

data/spec/unit/provider/package/windows_spec.rb

@@ -106,27 +106,27 @@ describe Chef::Provider::Package::Windows, :windows_only do
         provider.package_provider
       end
 
-      it "sets the package provider to MSI if the the installer type is :msi" do
+      it "sets the package provider to MSI if the installer type is :msi" do
         allow(provider).to receive(:installer_type).and_return(:msi)
         expect(provider.package_provider).to be_a(Chef::Provider::Package::Windows::MSI)
       end
 
-      it "sets the package provider to Exe if the the installer type is :inno" do
+      it "sets the package provider to Exe if the installer type is :inno" do
         allow(provider).to receive(:installer_type).and_return(:inno)
         expect(provider.package_provider).to be_a(Chef::Provider::Package::Windows::Exe)
       end
 
-      it "sets the package provider to Exe if the the installer type is :nsis" do
+      it "sets the package provider to Exe if the installer type is :nsis" do
         allow(provider).to receive(:installer_type).and_return(:nsis)
         expect(provider.package_provider).to be_a(Chef::Provider::Package::Windows::Exe)
       end
 
-      it "sets the package provider to Exe if the the installer type is :wise" do
+      it "sets the package provider to Exe if the installer type is :wise" do
         allow(provider).to receive(:installer_type).and_return(:wise)
         expect(provider.package_provider).to be_a(Chef::Provider::Package::Windows::Exe)
       end
 
-      it "sets the package provider to Exe if the the installer type is :installshield" do
+      it "sets the package provider to Exe if the installer type is :installshield" do
         allow(provider).to receive(:installer_type).and_return(:installshield)
         expect(provider.package_provider).to be_a(Chef::Provider::Package::Windows::Exe)
       end

data/spec/unit/provider/package/zypper_spec.rb

@@ -491,14 +491,4 @@ describe Chef::Provider::Package::Zypper do
       provider.remove_package(%w{emacs vim}, ["1.0", "2.0"])
     end
   end
-
-  describe "resolve_available_version" do
-    it "should return correct version if multiple packages are shown" do
-      status = double(stdout: "S  | Name                     | Type    | Version             | Arch   | Repository\n---+--------------------------+---------+---------------------+--------+-------------------------------------------------------------\n   | apache2-mod_wsgi         | package | 4.7.1-150400.3.3.1  | x86_64 | Update repository with updates from SUSE Linux Enterprise 15\n   | apache2-mod_wsgi         | package | 4.7.1-150400.1.52   | x86_64 | Main Repository\ni+ | apache2-mod_wsgi-python3 | package | 4.5.18-150000.4.6.1 | x86_64 | Update repository with updates from SUSE Linux Enterprise 15\nv  | apache2-mod_wsgi-python3 | package | 4.5.18-4.3.1        | x86_64 | Main Repository\n", exitstatus: 0)
-
-      allow(provider).to receive(:shell_out_compacted!).and_return(status)
-      result = provider.send(:resolve_available_version, "apache2-mod_wsgi-python3", nil)
-      expect(result).to eq("4.5.18-150000.4.6.1")
-    end
-  end
 end

data/spec/unit/provider/user/windows_spec.rb

@@ -158,6 +158,7 @@ describe Chef::Provider::User::Windows do
 
   describe "when removing the user" do
     it "should call @net_user.delete" do
+      allow(Chef::ReservedNames::Win32::Security).to receive(:clear_account_rights)
       expect(@net_user).to receive(:delete)
       @provider.remove_user
     end

data/spec/unit/resource_inspector_spec.rb

@@ -17,6 +17,20 @@
 require "spec_helper"
 require "chef/resource_inspector"
 
+COMBINED_RESOURCE_TEXT = <<~EOF.freeze
+  class Dummy1 < Chef::Resource::LWRPBase
+    resource_name :dummy1
+    description "A dummy resource"
+    property :first, String, description: "My First Property", introduced: "14.0"
+  end
+
+  class Dummy2 < Chef::Resource::LWRPBase
+    resource_name :dummy2
+    description "Another dummy resource"
+    property :second, String, description: "My Second Property", introduced: "14.0"
+  end
+EOF
+
 class DummyResource < Chef::Resource
   resource_name :dummy
   description "A dummy resource"
@@ -62,4 +76,26 @@ describe Chef::ResourceInspector do
       end
     end
   end
+
+  describe "inspecting a multi-resource file" do
+    # Call the inspector with a fake file containing two resources, and ensure that we get
+    # both of them back!
+    subject {
+      Chef::ResourceInspector.load_from_resources([
+        { "full_path" => "/cookbooks/fake_cookbook/resources/big_resource.rb" },
+      ], false)
+    }
+    it "has elephants" do
+      allow(File).to receive(:file?).with("/cookbooks/fake_cookbook/resources/big_resource.rb").and_return(true)
+      allow(File).to receive(:readable?).with("/cookbooks/fake_cookbook/resources/big_resource.rb").and_return(true)
+      allow(IO).to receive(:read).with("/cookbooks/fake_cookbook/resources/big_resource.rb").and_return(COMBINED_RESOURCE_TEXT)
+      expect(subject.keys.count).to be 2
+      expect(subject.keys.sort).to eq(%i{dummy1 dummy2})
+      # This is correct - because they're not fully realised resources at this point, sensitive and friends are not added yet.
+      expect(subject[:dummy1][:properties].count).to be 1
+      expect(subject[:dummy2][:properties].count).to be 1
+      expect(subject[:dummy1][:properties][0][:description]).to eq "My First Property"
+      expect(subject[:dummy2][:properties][0][:description]).to eq "My Second Property"
+    end
+  end
 end