microwave 1.0.4 → 11.400.2

data/spec/unit/digester_spec.rb

@@ -0,0 +1,50 @@
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Daniel DeLeo (<dan@kallistec.com>)
+# Copyright:: Copyright (c) 2009 Opscode, Inc.
+# Copyright:: Copyright (c) 2009 Daniel DeLeo
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+
+describe Chef::Digester do
+  before(:each) do
+    @cache = Chef::Digester.instance
+  end
+
+  describe "when computing checksums of cookbook files and templates" do
+
+    it "proxies the class method checksum_for_file to the instance" do
+      @cache.should_receive(:checksum_for_file).with("a_file_or_a_fail")
+      Chef::Digester.checksum_for_file("a_file_or_a_fail")
+    end
+
+    it "computes a checksum of a file" do
+      fixture_file = CHEF_SPEC_DATA + "/checksum/random.txt"
+      expected = "09ee9c8cc70501763563bcf9c218d71b2fbf4186bf8e1e0da07f0f42c80a3394"
+      @cache.checksum_for_file(fixture_file).should == expected
+    end
+
+    it "generates a checksum from a non-file IO object" do
+      io = StringIO.new("riseofthemachines\nriseofthechefs\n")
+      expected_md5 = '0e157ac1e2dd73191b76067fb6b4bceb'
+      @cache.generate_md5_checksum(io).should == expected_md5
+    end
+
+  end
+
+end
+

data/spec/unit/dsl/data_query_spec.rb

@@ -0,0 +1,66 @@
+#
+# Author:: Seth Falcon (<seth@opscode.com>)
+# Copyright:: Copyright (c) 2010 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+require 'chef/dsl/data_query'
+
+class DataQueryDSLTester
+  include Chef::DSL::DataQuery
+end
+
+describe Chef::DSL::DataQuery do
+  before(:each) do
+    @language = DataQueryDSLTester.new
+    @node = Hash.new
+    @language.stub!(:node).and_return(@node)
+  end
+
+  describe "when loading data bags and items" do
+    it "lists the items in a data bag" do
+      Chef::DataBag.should_receive(:load).with("bag_name").and_return("item_1" => "http://url_for/item_1", "item_2" => "http://url_for/item_2")
+      @language.data_bag("bag_name").sort.should == %w[item_1 item_2]
+    end
+
+    it "validates the name of the data bag you're trying to load" do
+      lambda {@language.data_bag("!# %^&& ")}.should raise_error(Chef::Exceptions::InvalidDataBagName)
+    end
+
+    it "fetches a data bag item" do
+      @item = Chef::DataBagItem.new
+      @item.data_bag("bag_name")
+      @item.raw_data = {"id" => "item_name", "FUU" => "FUU"}
+      Chef::DataBagItem.should_receive(:load).with("bag_name", "item_name").and_return(@item)
+      @language.data_bag_item("bag_name", "item_name").should == @item
+    end
+
+    it "validates the name of the data bag you're trying to load an item from" do
+      lambda {@language.data_bag_item(" %%^& ", "item_name")}.should raise_error(Chef::Exceptions::InvalidDataBagName)
+    end
+
+    it "validates the id of the data bag item you're trying to load" do
+      lambda {@language.data_bag_item("bag_name", " 987 (*&()")}.should raise_error(Chef::Exceptions::InvalidDataBagItemID)
+    end
+
+    it "validates that the id of the data bag item is not nil" do
+      lambda {@language.data_bag_item("bag_name", nil)}.should raise_error(Chef::Exceptions::InvalidDataBagItemID)
+    end
+
+  end
+
+end
+

data/spec/unit/dsl/platform_introspection_spec.rb

@@ -0,0 +1,130 @@
+#
+# Author:: Seth Falcon (<seth@opscode.com>)
+# Copyright:: Copyright (c) 2010 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+require 'chef/dsl/platform_introspection'
+
+class LanguageTester
+  attr_reader :node
+  def initialize(node)
+    @node = node
+  end
+  include Chef::DSL::PlatformIntrospection
+end
+
+describe "PlatformIntrospection implementors" do
+
+  let(:node) { Chef::Node.new }
+  let(:platform_introspector) { LanguageTester.new(node) }
+
+  it_behaves_like "a platform introspector"
+
+end
+
+describe Chef::DSL::PlatformIntrospection::PlatformDependentValue do
+  before do
+    platform_hash = {
+      :openbsd => {:default => 'free, functional, secure'},
+      [:redhat, :centos, :fedora, :scientific] => {:default => '"stable"'},
+      :ubuntu => {'10.04' => 'using upstart more', :default => 'using init more'},
+      :default => 'bork da bork'
+    }
+    @platform_specific_value = Chef::DSL::PlatformIntrospection::PlatformDependentValue.new(platform_hash)
+  end
+
+  it "returns the default value when the platform doesn't match" do
+    @platform_specific_value.value_for_node(:platform => :dos).should == 'bork da bork'
+  end
+
+  it "returns a value for a platform set as a group" do
+    @platform_specific_value.value_for_node(:platform => :centos).should == '"stable"'
+  end
+
+  it "returns a value for the platform when it was set as a symbol but fetched as a string" do
+    @platform_specific_value.value_for_node(:platform => "centos").should == '"stable"'
+  end
+
+  it "returns a value for a specific platform version" do
+    node = {:platform => 'ubuntu', :platform_version => '10.04'}
+    @platform_specific_value.value_for_node(node).should == 'using upstart more'
+  end
+
+  it "returns a platform-default value if the platform version doesn't match an explicit one" do
+    node = {:platform => 'ubuntu', :platform_version => '9.10' }
+    @platform_specific_value.value_for_node(node).should == 'using init more'
+  end
+
+  it "returns nil if there is no default and no platforms match" do
+    # this matches the behavior in the original implementation.
+    # whether or not it's correct is another matter.
+    platform_specific_value = Chef::DSL::PlatformIntrospection::PlatformDependentValue.new({})
+    platform_specific_value.value_for_node(:platform => 'foo').should be_nil
+  end
+
+  it "raises an argument error if the platform hash is not correctly structured" do
+    bad_hash = {:ubuntu => :foo} # should be :ubuntu => {:default => 'foo'}
+    lambda {Chef::DSL::PlatformIntrospection::PlatformDependentValue.new(bad_hash)}.should raise_error(ArgumentError)
+  end
+
+end
+describe Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue do
+  before do
+    @array_values = [:stop, :start, :reload]
+
+    @platform_family_hash = {
+      "debian" => "debian value",
+      [:rhel, "fedora"] => "redhatty value",
+      "suse" => @array_values,
+      :gentoo => "gentoo value",
+      :default => "default value"
+    }
+
+    @platform_family_value = Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue.new(@platform_family_hash)
+  end
+
+  it "returns the default value when the platform family doesn't match" do
+    @platform_family_value.value_for_node(:platform_family => :os2).should == 'default value'
+  end
+
+
+  it "returns a value for the platform family when it was set as a string but fetched as a symbol" do
+    @platform_family_value.value_for_node(:platform_family => :debian).should == "debian value"
+  end
+
+  it "returns a value for the platform family when it was set as a symbol but fetched as a string" do
+    @platform_family_value.value_for_node(:platform_family => "gentoo").should == "gentoo value"
+  end
+
+  it "returns an array value stored for a platform family" do
+    @platform_family_value.value_for_node(:platform_family => "suse").should == @array_values
+  end
+
+  it "returns a value for the platform family when it was set within an array hash key as a symbol" do
+    @platform_family_value.value_for_node(:platform_family => :rhel).should == "redhatty value"
+  end
+
+  it "returns a value for the platform family when it was set within an array hash key as a string" do
+    @platform_family_value.value_for_node(:platform_family => "fedora").should == "redhatty value"
+  end
+
+  it "returns nil if there is no default and no platforms match" do
+    platform_specific_value = Chef::DSL::PlatformIntrospection::PlatformFamilyDependentValue.new({})
+    platform_specific_value.value_for_node(:platform_family => 'foo').should be_nil
+  end
+
+end

data/spec/unit/dsl/regsitry_helper_spec.rb

@@ -0,0 +1,55 @@
+#
+# Author:: Prajakta Purohit (<prajakta@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef/dsl/registry_helper"
+require "spec_helper"
+
+describe Chef::Resource::RegistryKey do
+
+  before (:all) do
+    events = Chef::EventDispatch::Dispatcher.new
+    node = Chef::Node.new
+    ohai = Ohai::System.new
+    ohai.all_plugins
+    node.consume_external_attrs(ohai.data,{})
+    run_context = Chef::RunContext.new(node, {}, events)
+    @resource = Chef::Resource::new("foo", run_context)
+  end
+
+  context "tests registry dsl" do
+    it "resource can access registry_helper method registry_key_exists" do
+      @resource.respond_to?('registry_key_exists?').should == true
+    end
+    it "resource can access registry_helper method registry_get_values" do
+      @resource.respond_to?('registry_get_values').should == true
+    end
+    it "resource can access registry_helper method registry_has_subkey" do
+      @resource.respond_to?('registry_has_subkeys?').should == true
+    end
+    it "resource can access registry_helper method registry_get_subkeys" do
+      @resource.respond_to?('registry_get_subkeys').should == true
+    end
+    it "resource can access registry_helper method registry_value_exists" do
+      @resource.respond_to?('registry_value_exists?').should == true
+    end
+    it "resource can access registry_helper method data_value_exists" do
+      @resource.respond_to?('registry_data_exists?').should == true
+    end
+  end
+end
+

data/spec/unit/encrypted_data_bag_item_spec.rb

@@ -19,6 +19,115 @@
 require 'spec_helper'
 require 'chef/encrypted_data_bag_item'
 
+module Version1Encryptor
+  def self.encrypt_value(plaintext_data, key)
+    data = plaintext_data.to_yaml
+
+    cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
+    cipher.encrypt
+    cipher.pkcs5_keyivgen(key)
+    encrypted_bytes = cipher.update(data)
+    encrypted_bytes << cipher.final
+    Base64.encode64(encrypted_bytes)
+  end
+end
+
+describe Chef::EncryptedDataBagItem::Encryptor  do
+
+  describe "generating a random IV" do
+    it "generates a new IV for each encryption pass" do
+      encryptor1 = Chef::EncryptedDataBagItem::Encryptor.new({"foo" => "bar"}, "passwd")
+      encryptor2 = Chef::EncryptedDataBagItem::Encryptor.new({"foo" => "bar"}, "passwd")
+
+      # No API in ruby OpenSSL to get the iv it used for the encryption back
+      # out. Instead we test if the encrypted data is the same. If it *is* the
+      # same, we assume the IV was the same each time.
+      encryptor1.encrypted_data.should_not == encryptor2.encrypted_data
+    end
+  end
+
+  describe "when encrypting a non-hash non-array value" do
+    it "serializes the value in a de-serializable way" do
+      encryptor = Chef::EncryptedDataBagItem::Encryptor.new(5, "passwd")
+      Chef::JSONCompat.from_json(encryptor.serialized_data)["json_wrapper"].should == 5
+    end
+
+  end
+
+  describe "wrapping secret values in an envelope" do
+    it "wraps the encrypted data in an envelope with the iv and version" do
+      encryptor = Chef::EncryptedDataBagItem::Encryptor.new({"foo" => "bar"}, "passwd")
+      final_data = encryptor.for_encrypted_item
+      final_data["encrypted_data"].should == encryptor.encrypted_data
+      final_data["iv"].should == Base64.encode64(encryptor.iv)
+      final_data["version"].should == 1
+      final_data["cipher"].should == "aes-256-cbc"
+    end
+
+  end
+
+end
+
+describe Chef::EncryptedDataBagItem::Decryptor do
+  context "when decrypting a version 1 (JSON+aes-256-cbc+random iv) encrypted value" do
+    before do
+      @encryptor = Chef::EncryptedDataBagItem::Encryptor.new({"foo" => "bar"}, "passwd")
+      @encrypted_value = @encryptor.for_encrypted_item
+
+      @decryptor = Chef::EncryptedDataBagItem::Decryptor.for(@encrypted_value, "passwd")
+    end
+
+    it "selects the correct strategy for version 1" do
+      @decryptor.should be_a_kind_of Chef::EncryptedDataBagItem::Decryptor::Version1Decryptor
+    end
+
+    it "decrypts the encrypted value" do
+      @decryptor.decrypted_data.should == {"json_wrapper" => {"foo" => "bar"}}.to_json
+    end
+
+    it "unwraps the encrypted data and returns it" do
+      @decryptor.for_decrypted_item.should == {"foo" => "bar"}
+    end
+
+    context "and the provided key is incorrect" do
+      before do
+        @decryptor = Chef::EncryptedDataBagItem::Decryptor.for(@encrypted_value, "wrong-passwd")
+      end
+
+      it "raises a sensible error" do
+        lambda { @decryptor.for_decrypted_item }.should raise_error(Chef::EncryptedDataBagItem::DecryptionFailure)
+      end
+    end
+
+    context "and the cipher is not supported" do
+      before do
+        @encrypted_value["cipher"] = "aes-256-foo"
+      end
+
+      it "raises a sensible error" do
+        lambda { @decryptor.for_decrypted_item }.should raise_error(Chef::EncryptedDataBagItem::UnsupportedCipher)
+      end
+    end
+
+  end
+
+  context "when decrypting a version 0 (YAML+aes-256-cbc+no iv) encrypted value" do
+    before do
+      @encrypted_value = Version1Encryptor.encrypt_value({"foo" => "bar"}, "passwd")
+
+      @decryptor = Chef::EncryptedDataBagItem::Decryptor.for(@encrypted_value, "passwd")
+    end
+
+    it "selects the correct strategy for version 0" do
+      @decryptor.should be_a_kind_of(Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor)
+    end
+
+    it "decrypts the encrypted value" do
+      @decryptor.for_decrypted_item.should == {"foo" => "bar"}
+    end
+  end
+end
+
 describe Chef::EncryptedDataBagItem do
   before(:each) do
     @secret = "abc123SECRET"
@@ -31,26 +140,33 @@ describe Chef::EncryptedDataBagItem do
                                                                  @secret)
   end
 
+
   describe "encrypting" do
 
     it "should not encrypt the 'id' key" do
       @enc_data["id"].should == "item_name"
     end
 
-    it "should encrypt 'greeting'" do
-      @enc_data["greeting"].should_not == @plain_data["greeting"]
-    end
+    it "should encrypt non-collection objects" do
+      @enc_data["greeting"]["version"].should == 1
+      @enc_data["greeting"].should have_key("iv")
+
+      iv = @enc_data["greeting"]["iv"]
+      encryptor = Chef::EncryptedDataBagItem::Encryptor.new("hello", @secret, iv)
 
-    it "should encrypt 'nested'" do
-      nested = @enc_data["nested"]
-      nested.class.should == String
-      nested.should_not == @plain_data["nested"]
+      @enc_data["greeting"]["encrypted_data"].should == encryptor.for_encrypted_item["encrypted_data"]
     end
 
-    it "from_plain_hash" do
-      eh1 = Chef::EncryptedDataBagItem.from_plain_hash(@plain_data, @secret)
-      eh1.class.should == Chef::EncryptedDataBagItem
+    it "should encrypt nested values" do
+      @enc_data["nested"]["version"].should == 1
+      @enc_data["nested"].should have_key("iv")
+
+      iv = @enc_data["nested"]["iv"]
+      encryptor = Chef::EncryptedDataBagItem::Encryptor.new(@plain_data["nested"], @secret, iv)
+
+      @enc_data["nested"]["encrypted_data"].should == encryptor.for_encrypted_item["encrypted_data"]
     end
+
   end
 
   describe "decrypting" do