chef 14.9.13 → 14.10.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 526794b697bdaa549867f4a0e1677105d853988a4aabe866304f886c9929ba3b
-  data.tar.gz: d5bebc413c998b69ea27a171946c02da841833404059a2a2c1ecd8c41bdbaaa1
+  metadata.gz: 32c23855c40801eb5aa7d7223ce35f627a350d732937c61021566bf24996eadd
+  data.tar.gz: fa935461c61598ca0b594ab7b28bb0fb2c9b0123fd040299dfbd06ce3c7eae0b
 SHA512:
-  metadata.gz: 6d55687d4035b05bc142d280aa45f3444003d5f231fcc5b587d757e0e096fe41f8ca6d6dccbb22f3bb91e0f18d1c3ba895609dfe31c1b35f5fe412350dcf602b
-  data.tar.gz: 2f05d0bb2ffd3a87b06a14c95c545f2767418e67904e8c06614e0750fb3898331995df8481d323530e521bc971ac66562b936c5455ea9fee0101a02ccfe09d48
+  metadata.gz: 7b0766ff4108d69b9e3b9c7bfe2033be26ac672c18084aed7cd7b81f384fedab22dcedb96db5a09f3fe79388b8e682f5e50b4bc7fba68a746ffd25516f829c67
+  data.tar.gz: 53bf84e5225846e0538b7854d77a23248b1cfce72dae08122d1025e15f0e5dc105b1139340a804086fd2369c18b29a634748ecb728acbbaa3c882e2778f0698a

data/lib/chef/application/client.rb

@@ -376,6 +376,10 @@ class Chef::Application::Client < Chef::Application
     end
 
     if mode = config[:audit_mode] || Chef::Config[:audit_mode]
+      if [:enabled, :audit_only].include?(mode)
+        Chef.deprecated(:audit_mode, "Chef's Audit mode has been deprecated and will be removed in Chef 15 (April 2019). Consider migrating to InSpec as a replacement for this functionality.")
+      end
+
       expected_modes = [:enabled, :disabled, :audit_only]
       unless expected_modes.include?(mode)
         Chef::Application.fatal!(unrecognized_audit_mode(mode))

data/lib/chef/cookbook_loader.rb

@@ -68,8 +68,8 @@ class Chef
 
     def warn_about_cookbook_shadowing
       unless merged_cookbooks.empty?
-        Chef::Log.deprecation "The cookbook(s): #{merged_cookbooks.join(', ')} exist in multiple places in your cookbook_path. " +
-          "A composite version has been compiled.  This has been deprecated since 0.10.4, in Chef 13 this behavior will be REMOVED."
+        Chef.deprecated(:cookbook_shadowing, "The cookbook(s): #{merged_cookbooks.join(', ')} exist in multiple places in your cookbook_path. " +
+          "A composite version has been compiled. This has been deprecated since 0.10.4, in Chef 15 this behavior will be REMOVED.")
       end
     end
 

data/lib/chef/deprecated.rb

@@ -207,12 +207,6 @@ class Chef
       target 23
     end
 
-    class MapCollision < Base
-      target 25
-    end
-
-    # id 3694 was deleted
-
     # Returned when using the deprecated option on a property
     class Property < Base
       target 24
@@ -222,10 +216,24 @@ class Chef
       end
     end
 
+    class MapCollision < Base
+      target 25
+    end
+
     class ShellOut < Base
       target 26
     end
 
+    class AuditMode < Base
+      target 27
+    end
+
+    class CookbookShadowing < Base
+      target 28
+    end
+
+    # id 3694 was deleted and should not be reused
+
     class Generic < Base
       def url
         "https://docs.chef.io/chef_deprecations_client.html"

data/lib/chef/formatters/indentable_output_stream.rb

@@ -24,9 +24,12 @@ class Chef
         end
       end
 
-      # Print text.  This will start a new line and indent if necessary
+      # Print text. This will start a new line and indent if necessary
       # but will not terminate the line (future print and puts statements
       # will start off where this print left off).
+      #
+      # @param string [String]
+      # @param args [Array<Hash,Symbol>]
       def color(string, *args)
         print(string, from_args(args))
       end
@@ -34,18 +37,27 @@ class Chef
       # Print the start of a new line.  This will terminate any existing lines and
       # cause indentation but will not move to the next line yet (future 'print'
       # and 'puts' statements will stay on this line).
+      #
+      # @param string [String]
+      # @param args [Array<Hash,Symbol>]
       def start_line(string, *args)
         print(string, from_args(args, start_line: true))
       end
 
       # Print a line.  This will continue from the last start_line or print,
       # or start a new line and indent if necessary.
+      #
+      # @param string [String]
+      # @param args [Array<Hash,Symbol>]
       def puts(string, *args)
         print(string, from_args(args, end_line: true))
       end
 
       # Print an entire line from start to end.  This will terminate any existing
       # lines and cause indentation.
+      #
+      # @param string [String]
+      # @param args [Array<Hash,Symbol>]
       def puts_line(string, *args)
         print(string, from_args(args, start_line: true, end_line: true))
       end

data/lib/chef/knife/cookbook_site_download.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2009-2016, Chef Software, Inc.
+# Copyright:: Copyright 2009-2019, Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,6 +29,12 @@ class Chef
 
       banner "knife cookbook site download COOKBOOK [VERSION] (options)"
       category "cookbook site"
+
+      def run
+        Chef::Log.warn("knife cookbook site download has been deprecated in favor of knife supermarket download. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_install.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2010-2018, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,6 +30,11 @@ class Chef
       banner "knife cookbook site install COOKBOOK [VERSION] (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site install has been deprecated in favor of knife supermarket install. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_list.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2009-2016, Chef Software Inc.
+# Copyright:: Copyright 2009-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,6 +30,11 @@ class Chef
       banner "knife cookbook site list (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site list has been deprecated in favor of knife supermarket list. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_search.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2009-2016, Chef Software Inc.
+# Copyright:: Copyright 2009-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,6 +30,11 @@ class Chef
       banner "knife cookbook site search QUERY (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site search has been deprecated in favor of knife supermarket search. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_share.rb

@@ -1,7 +1,7 @@
 #
 # Author:: Nuo Yan (<nuo@chef.io>)
 # Author:: Tim Hinderliter (<tim@chef.io>)
-# Copyright:: Copyright 2010-2016, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,11 @@ class Chef
       banner "knife cookbook site share COOKBOOK [CATEGORY] (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site share has been deprecated in favor of knife supermarket share. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_show.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2009-2016, Chef Software Inc.
+# Copyright:: Copyright 2009-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -30,6 +30,11 @@ class Chef
       banner "knife cookbook site show COOKBOOK [VERSION] (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site show has been deprecated in favor of knife supermarket show. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/cookbook_site_unshare.rb

@@ -1,7 +1,7 @@
 #
 # Author:: Stephen Delano (<stephen@chef.io>)
 # Author:: Tim Hinderliter (<tim@chef.io>)
-# Copyright:: Copyright 2010-2016, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,11 @@ class Chef
       banner "knife cookbook site unshare COOKBOOK (options)"
       category "cookbook site"
 
+      def run
+        Chef::Log.warn("knife cookbook site unshare has been deprecated in favor of knife supermarket unshare. In Chef 16 (April 2020) this will result in an error!")
+        super
+      end
+
     end
   end
 end

data/lib/chef/knife/core/bootstrap_context.rb

@@ -62,7 +62,7 @@ class Chef
         end
 
         # Contains commands and content, see trusted_certs_content
-        # TODO: Rename to trusted_certs_script
+        # @todo Rename to trusted_certs_script
         def trusted_certs
           @trusted_certs ||= trusted_certs_content
         end

data/lib/chef/knife/core/generic_presenter.rb

@@ -25,7 +25,7 @@ class Chef
       # Allows includer knife commands to  return multiple attributes
       # @brief knife node show NAME -a ATTR1 -a ATTR2
       module MultiAttributeReturnOption
-        # :nodoc:
+        # @private
         def self.included(includer)
           includer.class_eval do
             option :field_separator,
@@ -45,7 +45,6 @@ class Chef
         end
       end
 
-      #==Chef::Knife::Core::GenericPresenter
       # The base presenter class for displaying structured data in knife commands.
       # This is not an abstract base class, and it is suitable for displaying
       # most kinds of objects that knife needs to display.

data/lib/chef/knife/core/node_presenter.rb

@@ -26,7 +26,7 @@ class Chef
       # This module may be included into a knife subcommand class to automatically
       # add configuration options used by the NodePresenter
       module NodeFormattingOptions
-        # :nodoc:
+        # @private
         # Would prefer to do this in a rational way, but can't be done b/c of
         # Mixlib::CLI's design :(
         def self.included(includer)
@@ -48,7 +48,6 @@ class Chef
         end
       end
 
-      #==Chef::Knife::Core::NodePresenter
       # A customized presenter for Chef::Node objects. Supports variable-length
       # output formats for displaying node data
       class NodePresenter < GenericPresenter

data/lib/chef/knife/core/status_presenter.rb

@@ -26,7 +26,7 @@ class Chef
       # This module may be included into a knife subcommand class to automatically
       # add configuration options used by the StatusPresenter
       module StatusFormattingOptions
-        # :nodoc:
+        # @private
         # Would prefer to do this in a rational way, but can't be done b/c of
         # Mixlib::CLI's design :(
         def self.included(includer)
@@ -48,7 +48,6 @@ class Chef
         end
       end
 
-      #==Chef::Knife::Core::StatusPresenter
       # A customized presenter for Chef::Node objects. Supports variable-length
       # output formats for displaying node data
       class StatusPresenter < GenericPresenter
@@ -148,8 +147,8 @@ class Chef
           ui.color(key_text, :cyan)
         end
 
-        # :nodoc:
-        # TODO: this is duplicated from StatusHelper in the Webui. dedup.
+        # @private
+        # @todo this is duplicated from StatusHelper in the Webui. dedup.
         def time_difference_in_hms(unix_time)
           now = Time.now.to_i
           difference = now - unix_time.to_i

data/lib/chef/knife/core/ui.rb

@@ -26,7 +26,6 @@ require "tempfile"
 class Chef
   class Knife
 
-    #==Chef::Knife::UI
     # The User Interaction class used by knife.
     class UI
 
@@ -64,6 +63,8 @@ class Chef
 
       # Prints a message to stdout. Aliased as +info+ for compatibility with
       # the logger API.
+      #
+      # @param message [String] the text string
       def msg(message)
         stdout.puts message
       rescue Errno::EPIPE => e
@@ -72,6 +73,8 @@ class Chef
       end
 
       # Prints a msg to stderr. Used for info, warn, error, and fatal.
+      #
+      # @param message [String] the text string
       def log(message)
         stderr.puts message
       rescue Errno::EPIPE => e
@@ -83,16 +86,22 @@ class Chef
       alias :err :log
 
       # Print a warning message
+      #
+      # @param message [String] the text string
       def warn(message)
         log("#{color('WARNING:', :yellow, :bold)} #{message}")
       end
 
       # Print an error message
+      #
+      # @param message [String] the text string
       def error(message)
         log("#{color('ERROR:', :red, :bold)} #{message}")
       end
 
       # Print a message describing a fatal error.
+      #
+      # @param message [String] the text string
       def fatal(message)
         log("#{color('FATAL:', :red, :bold)} #{message}")
       end

data/lib/chef/knife/supermarket_install.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Christopher Webber (<cwebber@chef.io>)
-# Copyright:: Copyright (c) 2014-2018 Chef Software, Inc.
+# Copyright:: Copyright (c) 2014-2019 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,15 +18,14 @@
 
 require "chef/knife"
 require "chef/exceptions"
-require "shellwords"
-require "mixlib/archive"
 
 class Chef
   class Knife
     class SupermarketInstall < Knife
 
       deps do
-        require "chef/mixin/shell_out"
+        require "shellwords"
+        require "mixlib/archive"
         require "chef/knife/core/cookbook_scm_repo"
         require "chef/cookbook/metadata"
       end
@@ -71,8 +70,6 @@ class Chef
       attr_reader :vendor_path
 
       def run
-        extend Chef::Mixin::ShellOut
-
         if config[:cookbook_path]
           Chef::Config[:cookbook_path] = config[:cookbook_path]
         else

data/lib/chef/knife/supermarket_share.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Christopher Webber (<cwebber@chef.io>)
-# Copyright:: Copyright (c) 2014-2018 Chef Software, Inc.
+# Copyright:: Copyright (c) 2014-2019 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
 #
 
 require "chef/knife"
-require "chef/mixin/shell_out"
 
 class Chef
   class Knife
@@ -29,11 +28,9 @@ class Chef
         require "chef/cookbook_loader"
         require "chef/cookbook_uploader"
         require "chef/cookbook_site_streaming_uploader"
-        require "mixlib/shellout"
+        require "chef/mixin/shell_out"
       end
 
-      include Chef::Mixin::ShellOut
-
       banner "knife supermarket share COOKBOOK [CATEGORY] (options)"
       category "supermarket"
 

data/lib/chef/provider/apt_repository.rb

@@ -21,6 +21,7 @@ require "chef/dsl/declare_resource"
 require "chef/mixin/shell_out"
 require "chef/http/simple"
 require "chef/provider/noop"
+require "tmpdir"
 
 class Chef
   class Provider
@@ -200,13 +201,15 @@ class Chef
       def install_key_from_uri(key)
         key_name = key.gsub(/[^0-9A-Za-z\-]/, "_")
         cached_keyfile = ::File.join(Chef::Config[:file_cache_path], key_name)
+        tmp_dir = Dir.mktmpdir(".gpg")
+        at_exit { FileUtils.remove_entry(tmp_dir) }
 
         declare_resource(key_type(key), cached_keyfile) do
           source key
           mode "0644"
           sensitive new_resource.sensitive
           action :create
-          verify "gpg %{path}"
+          verify "gpg --homedir #{tmp_dir} %{path}"
         end
 
         declare_resource(:execute, "apt-key add #{cached_keyfile}") do

data/lib/chef/provider/git.rb

@@ -151,7 +151,7 @@ class Chef
       end
 
       def clone
-        converge_by("clone from #{new_resource.repository} into #{cwd}") do
+        converge_by("clone from #{repo_url} into #{cwd}") do
           remote = new_resource.remote
 
           clone_cmd = ["clone"]
@@ -161,7 +161,7 @@ class Chef
           clone_cmd << "\"#{new_resource.repository}\""
           clone_cmd << "\"#{cwd}\""
 
-          logger.info "#{new_resource} cloning repo #{new_resource.repository} to #{cwd}"
+          logger.info "#{new_resource} cloning repo #{repo_url} to #{cwd}"
           git clone_cmd
         end
       end
@@ -342,6 +342,16 @@ class Chef
         string =~ /^[0-9a-f]{40}$/
       end
 
+      # Returns a message for sensitive repository URL if sensitive is true otherwise
+      # repository URL is returned
+      # @return [String]
+      def repo_url
+        if new_resource.sensitive
+          "**Suppressed Sensitive URL**"
+        else
+          new_resource.repository
+        end
+      end
     end
   end
 end

data/lib/chef/resource/windows_certificate.rb

@@ -59,7 +59,19 @@ class Chef
 
       action :create do
         description "Creates or updates a certificate."
-        add_cert(OpenSSL::X509::Certificate.new(raw_source))
+
+        cert_obj = OpenSSL::X509::Certificate.new(raw_source) # A certificate object in memory
+        thumbprint = OpenSSL::Digest::SHA1.new(cert_obj.to_der).to_s # Fetch its thumbprint
+
+        # Need to check if return value is Boolean:true
+        # If not then the given certificate should be added in certstore
+        if verify_cert(thumbprint) == true
+          Chef::Log.debug("Certificate is already present")
+        else
+          converge_by("Adding certificate #{new_resource.source} into Store #{new_resource.store_name}") do
+            add_cert(cert_obj)
+          end
+        end
       end
 
       # acl_add is a modify-if-exists operation : not idempotent
@@ -95,6 +107,8 @@ class Chef
           converge_by("Deleting certificate #{new_resource.source} from Store #{new_resource.store_name}") do
             delete_cert
           end
+        else
+          Chef::Log.debug("Certificate not found")
         end
       end
 
@@ -105,7 +119,7 @@ class Chef
         if cert_obj
           show_or_store_cert(cert_obj)
         else
-          Chef::Log.info("Certificate not found")
+          Chef::Log.debug("Certificate not found")
         end
       end
 
@@ -135,9 +149,14 @@ class Chef
           store.get(new_resource.source)
         end
 
-        def verify_cert
+        # Checks whether a certificate with the given thumbprint
+        # is already present and valid in certificate store
+        # If the certificate is not present, verify_cert returns a String: "Certificate not found"
+        # But if it is present but expired, it returns a Boolean: false
+        # Otherwise, it returns a Boolean: true
+        def verify_cert(thumbprint = new_resource.source)
           store = ::Win32::Certstore.open(new_resource.store_name)
-          store.valid?(new_resource.source)
+          store.valid?(thumbprint)
         end
 
         def show_or_store_cert(cert_obj)
@@ -241,11 +260,15 @@ class Chef
           set_acl_script
         end
 
+        # Returns the certificate string of the given
+        # input certificate in PEM format
         def raw_source
           ext = ::File.extname(new_resource.source)
           convert_pem(ext, new_resource.source)
         end
 
+        # Uses powershell command to convert crt/der/cer/pfx & p7b certificates
+        # In PEM format and returns its certificate content
         def convert_pem(ext, source)
           out = case ext
                 when ".crt", ".der"
@@ -261,6 +284,7 @@ class Chef
           format_raw_out(out)
         end
 
+        # Returns the certificate content
         def format_raw_out(out)
           begin_cert = "-----BEGIN CERTIFICATE-----"
           end_cert = "-----END CERTIFICATE-----"

data/lib/chef/version.rb

@@ -23,7 +23,7 @@ require "chef/version_string"
 
 class Chef
   CHEF_ROOT = File.expand_path("../..", __FILE__)
-  VERSION = Chef::VersionString.new("14.9.13")
+  VERSION = Chef::VersionString.new("14.10.9")
 end
 
 #

data/spec/data/windows_certificates/test.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgDCCAmigAwIBAgIQEyXvJXC8z6lBIxwnT7/d5jANBgkqhkiG9w0BAQsFADBD
+MRwwGgYDVQQDDBNBIER1bW15IENlcnRpZmljYXRlMSMwIQYJKoZIhvcNAQkBFhR0
+ZXN0Ynlyc3BlY0BjaGVmLmNvbTAeFw0xOTAxMjMxODEzNTBaFw0yMDAxMjMxODMz
+NTBaMEMxHDAaBgNVBAMME0EgRHVtbXkgQ2VydGlmaWNhdGUxIzAhBgkqhkiG9w0B
+CQEWFHRlc3RieXJzcGVjQGNoZWYuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA1IPsH+S+HKVsJJDuHsqgSQnWAWp7SsBqwnx/t/NZAM6g41mbwafP
+EZixFB5G6VAIiUosHcLhFwz00uPwVZIDND1Ez4TxACraF0iJQpy2kmriDq449ccu
+fn/d8k417Vj0Hm7mcNpv6uaQrjYhIYFHXKV5aQS/OROQGvwFuWe56uJI25ua9lWR
+8yBR621bgn6oW7elBZ8YDQAH88Y0LNo15FBeL2IDUXHBajEfkIRDE3BH+8zcuK4g
+RnRJYBBkzFCXvTXLcRyr1zXaow31TeECrUdPGgBO+nTpLqWYWTylAv36C1nMYBn2
+5ItKAsswVEpQMIeQ5ysfaab0Ei3DRZIEjQIDAQABo3AwbjAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB4GA1UdEQQXMBWCE3d3
+dy50ZXN0Ynlyc3BlYy5jb20wHQYDVR0OBBYEFMeiyQLCtZBHbmVnvCkoDnRkR+tB
+MA0GCSqGSIb3DQEBCwUAA4IBAQA1hy2yADJ9ULaQMduBt0PiVKP+UKD87OQj0pJK
+vFE7WVSxWaphA4XS15hityJt4eHmGF8R6tNxip7eS2mloGGMguijslqvQLICeeCN
+/7Ov9CsJJG3R8xVrbEZkPExUbV8swJX68GoVxPi4nSj2TFhizBScaOKLedzIXtv5
+hGSXpl3RfETckTq1wmIVEQE9CUoWkea74zvGc5wXTi3r2ZZxof6olGELqT8W/jyT
+vSzUDIC0iwuSVS0AyonBlAnA34ak3Q6a0RCZGK3l1IYz6Cb1JbHHpuCDZPPHooBi
+Hbd+SuvfCH9DLgDFJCAOg+X7WCMQAoy9gCY8Ne5oBTYyjmCz
+-----END CERTIFICATE-----

data/spec/functional/resource/windows_certificate_spec.rb

@@ -0,0 +1,340 @@
+# Author: Nimesh Patni (nimesh.patni@msystechnologies.com)
+# Copyright: Copyright 2008-2018, Chef Software, Inc.
+# License: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "spec_helper"
+require "chef/mixin/powershell_out"
+require "chef/resource/windows_certificate"
+
+module WindowsCertificateHelper
+  include Chef::Mixin::PowershellOut
+
+  def create_store(store)
+    path = "Cert:\\LocalMachine\\" + store
+    command = <<~EOC
+      New-Item -Path #{path}
+    EOC
+    powershell_out(command)
+  end
+
+  def cleanup(store)
+    path = "Cert:\\LocalMachine\\" + store
+    command = <<~EOC
+      Remove-Item -Path #{path} -Recurse
+    EOC
+    powershell_out(command)
+  end
+
+  def no_of_certificates
+    path = "Cert:\\LocalMachine\\" + store
+    command = <<~EOC
+      Write-Host (dir #{path} | measure).Count;
+    EOC
+    powershell_out(command).stdout.to_i
+  end
+end
+
+describe Chef::Resource::WindowsCertificate, :windows_only, :appveyor_only do
+  include WindowsCertificateHelper
+
+  let(:stdout) { StringIO.new }
+  let(:username) { "ChefFunctionalTest" }
+  let(:node) { Chef::Node.new }
+  let(:events) { Chef::EventDispatch::Dispatcher.new }
+  let(:run_context) { Chef::RunContext.new(node, {}, events) }
+  let(:new_resource) { Chef::Resource::WindowsCertificate.new(username, run_context) }
+  let(:password) { "P@ssw0rd!" }
+  let(:store) { "Chef-Functional-Test" }
+  let(:certificate_path) { File.expand_path(File.join(CHEF_SPEC_DATA, "windows_certificates")) }
+  let(:cer_path) { File.join(certificate_path, "test.cer") }
+  let(:pem_path) { File.join(certificate_path, "test.pem") }
+  let(:out_path) { File.join(certificate_path, "testout.pem") }
+  let(:tests_thumbprint) { "3180B3E3217862600BD7B2D28067B03D41576A4F" }
+  let(:other_cer_path) { File.join(certificate_path, "othertest.cer") }
+  let(:others_thumbprint) { "AD393859B2D2D4161D224F16CBD3D16555753A20" }
+
+  before do
+    opts = { store_name: store }
+    key = :store_name
+    to_be = ["TRUSTEDPUBLISHER", "TrustedPublisher", "CLIENTAUTHISSUER",
+             "REMOTE DESKTOP", "ROOT", "TRUSTEDDEVICES", "WEBHOSTING",
+             "CA", "AUTHROOT", "TRUSTEDPEOPLE", "MY", "SMARTCARDROOT", "TRUST",
+             "DISALLOWED"]
+
+    # Byepassing the validation so that we may create a custom store
+    allow_any_instance_of(Chef::Mixin::ParamsValidate)
+          .to receive(:_pv_equal_to)
+          .with(opts, key, to_be)
+          .and_return(true)
+
+    # Creating a custom store for the testing
+    create_store(store)
+
+    allow(Chef::Log).to receive(:info) do |msg|
+      stdout.puts(msg)
+    end
+  end
+
+  after { cleanup(store) }
+
+  subject(:win_certificate) do
+    new_resource.store_name = store
+    new_resource
+  end
+
+  it "Initially there are no certificates" do
+    expect(no_of_certificates).to eq(0)
+  end
+
+  describe "action :create" do
+    before do
+      win_certificate.source = cer_path
+      win_certificate.run_action(:create)
+    end
+
+    context "Adding a certificate" do
+      it "Imports certificate into store" do
+        expect(no_of_certificates).to eq(1)
+      end
+
+      it "Converges while addition" do
+        expect(win_certificate).to be_updated_by_last_action
+      end
+    end
+
+    context "Again adding the same certificate" do
+      before do
+        win_certificate.run_action(:create)
+      end
+      it "Does not imports certificate into store" do
+        expect(no_of_certificates).to eq(1)
+      end
+      it "Idempotent: Does not converge while addition" do
+        expect(no_of_certificates).to eq(1)
+        expect(win_certificate).not_to be_updated_by_last_action
+      end
+    end
+
+    context "Again adding the same certificate of other format" do
+      before do
+        win_certificate.source = pem_path
+        win_certificate.run_action(:create)
+      end
+      it "Does not imports certificate into store" do
+        expect(no_of_certificates).to eq(1)
+      end
+      it "Idempotent: Does not converge while addition" do
+        expect(no_of_certificates).to eq(1)
+        expect(win_certificate).not_to be_updated_by_last_action
+      end
+    end
+
+    context "Adding another certificate" do
+      before do
+        win_certificate.source = other_cer_path
+        win_certificate.run_action(:create)
+      end
+      it "Imports certificate into store" do
+        expect(no_of_certificates).to eq(2)
+      end
+      it "Converges while addition" do
+        expect(no_of_certificates).to eq(2)
+        expect(win_certificate).to be_updated_by_last_action
+      end
+    end
+  end
+
+  describe "action: verify" do
+    context "When a certificate is not present" do
+      before do
+        win_certificate.source = tests_thumbprint
+        win_certificate.run_action(:verify)
+      end
+      it "Initial check if certificate is not present" do
+        expect(no_of_certificates).to eq(0)
+      end
+      it "Displays correct message" do
+        expect(stdout.string.strip).to eq("Certificate not found")
+      end
+      it "Does not converge while verifying" do
+        expect(win_certificate).not_to be_updated_by_last_action
+      end
+    end
+
+    context "When a certificate is present" do
+      before do
+        win_certificate.source = cer_path
+        win_certificate.run_action(:create)
+      end
+
+      context "For a valid thumbprint" do
+        before do
+          win_certificate.source = tests_thumbprint
+          win_certificate.run_action(:verify)
+        end
+        it "Initial check if certificate is present" do
+          expect(no_of_certificates).to eq(1)
+        end
+        it "Displays correct message" do
+          expect(stdout.string.strip).to eq("Certificate is valid")
+        end
+        it "Does not converge while verifying" do
+          expect(win_certificate).not_to be_updated_by_last_action
+        end
+      end
+
+      context "For an invalid thumbprint" do
+        before do
+          win_certificate.source = others_thumbprint
+          win_certificate.run_action(:verify)
+        end
+        it "Initial check if certificate is present" do
+          expect(no_of_certificates).to eq(1)
+        end
+        it "Displays correct message" do
+          expect(stdout.string.strip).to eq("Certificate not found")
+        end
+        it "Does not converge while verifying" do
+          expect(win_certificate).not_to be_updated_by_last_action
+        end
+      end
+    end
+  end
+
+  describe "action: fetch" do
+    context "When a certificate is not present" do
+      before do
+        win_certificate.source = tests_thumbprint
+        win_certificate.run_action(:fetch)
+      end
+      it "Initial check if certificate is not present" do
+        expect(no_of_certificates).to eq(0)
+      end
+      it "Does not show any content" do
+        expect(stdout.string.strip).to be_empty
+      end
+      it "Does not converge while fetching" do
+        expect(win_certificate).not_to be_updated_by_last_action
+      end
+    end
+
+    context "When a certificate is present" do
+      before do
+        win_certificate.source = cer_path
+        win_certificate.run_action(:create)
+      end
+
+      after do
+        if File.exists?(out_path)
+          File.delete(out_path)
+        end
+      end
+
+      context "For a valid thumbprint" do
+        before do
+          win_certificate.source = tests_thumbprint
+          win_certificate.cert_path = out_path
+          win_certificate.run_action(:fetch)
+        end
+        it "Initial check if certificate is present" do
+          expect(no_of_certificates).to eq(1)
+        end
+        it "Stores Certificate content at given path" do
+          expect(File.exists?(out_path)).to be_truthy
+        end
+        it "Does not converge while fetching" do
+          expect(win_certificate).not_to be_updated_by_last_action
+        end
+      end
+
+      context "For an invalid thumbprint" do
+        before do
+          win_certificate.source = others_thumbprint
+          win_certificate.cert_path = out_path
+          win_certificate.run_action(:fetch)
+        end
+        it "Initial check if certificate is present" do
+          expect(no_of_certificates).to eq(1)
+        end
+        it "Does not show any content" do
+          expect(stdout.string.strip).to be_empty
+        end
+        it "Does not store certificate content at given path" do
+          expect(File.exists?(out_path)).to be_falsy
+        end
+        it "Does not converge while fetching" do
+          expect(win_certificate).not_to be_updated_by_last_action
+        end
+      end
+    end
+  end
+
+  describe "action: delete" do
+    context "When a certificate is not present" do
+      before do
+        win_certificate.source = tests_thumbprint
+        win_certificate.run_action(:delete)
+      end
+      it "Initial check if certificate is not present" do
+        expect(no_of_certificates).to eq(0)
+      end
+      it "Does not delete any certificate" do
+        expect(stdout.string.strip).to be_empty
+      end
+    end
+
+    context "When a certificate is present" do
+      before do
+        win_certificate.source = cer_path
+        win_certificate.run_action(:create)
+      end
+      before { win_certificate.source = tests_thumbprint }
+      it "Initial check if certificate is present" do
+        expect(no_of_certificates).to eq(1)
+      end
+      it "Deletes the certificate" do
+        win_certificate.run_action(:delete)
+        expect(no_of_certificates).to eq(0)
+      end
+      it "Converges while deleting" do
+        win_certificate.run_action(:delete)
+        expect(win_certificate).to be_updated_by_last_action
+      end
+      it "Idempotent: Does not converge while deleting again" do
+        win_certificate.run_action(:delete)
+        win_certificate.run_action(:delete)
+        expect(no_of_certificates).to eq(0)
+        expect(win_certificate).not_to be_updated_by_last_action
+      end
+      it "Deletes the valid certificate" do
+        # Add another certificate"
+        win_certificate.source = other_cer_path
+        win_certificate.run_action(:create)
+        expect(no_of_certificates).to eq(2)
+
+        # Delete previously added certificate
+        win_certificate.source = tests_thumbprint
+        win_certificate.run_action(:delete)
+        expect(no_of_certificates).to eq(1)
+
+        # Verify another certificate still exists
+        win_certificate.source = others_thumbprint
+        win_certificate.run_action(:verify)
+        expect(stdout.string.strip).to eq("Certificate is valid")
+      end
+    end
+  end
+end

data/spec/integration/client/client_spec.rb

@@ -434,6 +434,7 @@ EOM
         local_mode true
         cookbook_path "#{path_to('cookbooks')}"
         audit_mode :enabled
+        silence_deprecation_warnings %w{chef-27}
 EOM
     end
 

data/spec/integration/client/exit_code_spec.rb

@@ -39,6 +39,7 @@ EOM
         local_mode true
         cookbook_path "#{path_to('cookbooks')}"
         audit_mode :audit_only
+        silence_deprecation_warnings %w{chef-27}
 EOM
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 14.9.13
+  version: 14.10.9
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-22 00:00:00.000000000 Z
+date: 2019-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 14.9.13
+        version: 14.10.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 14.9.13
+        version: 14.10.9
 - !ruby/object:Gem::Dependency
   name: mixlib-cli
   requirement: !ruby/object:Gem::Requirement
@@ -1696,6 +1696,10 @@ files:
 - spec/data/trusted_certs/intermediate.pem
 - spec/data/trusted_certs/opscode.pem
 - spec/data/trusted_certs/root.pem
+- spec/data/windows_certificates/othertest.cer
+- spec/data/windows_certificates/test.cer
+- spec/data/windows_certificates/test.pem
+- spec/data/windows_certificates/test.pfx
 - spec/functional/application_spec.rb
 - spec/functional/assets/PkgA.1.0.0.0.bff
 - spec/functional/assets/PkgA.2.0.0.0.bff
@@ -1802,6 +1806,7 @@ files:
 - spec/functional/resource/timezone_spec.rb
 - spec/functional/resource/user/dscl_spec.rb
 - spec/functional/resource/user/windows_spec.rb
+- spec/functional/resource/windows_certificate_spec.rb
 - spec/functional/resource/windows_env_spec.rb
 - spec/functional/resource/windows_package_spec.rb
 - spec/functional/resource/windows_path_spec.rb