poise-hoist 1.1.0 → 1.2.0

data/test/gemfiles/chef-12.18.gemfile

@@ -0,0 +1,20 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
+
+gem 'chef', '~> 12.18.31'
+gem 'cheffish', '< 13'

data/test/gemfiles/chef-12.19.gemfile

@@ -0,0 +1,20 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
+
+gem 'chef', '~> 12.19.36'
+gem 'cheffish', '< 13'

data/test/gemfiles/chef-12.2.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.2.1'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.10.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.3.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.3.0'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.10.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.4.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,11 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.4.3'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.10.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'gh', '0.14.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.5.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.5.1'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.10.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.6.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.6.0'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.10.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.7.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.7.2'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
 gem 'chef-dk', '~> 0.11.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.8.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,4 +17,10 @@
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
 gem 'chef', '~> 12.8.1'
-gem 'chef-dk', '~> 0.12'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
+gem 'chef-dk', '~> 0.12.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.9.gemfile

@@ -0,0 +1,26 @@
+#
+# Copyright 2016-2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
+
+gem 'chef', '~> 12.9.41'
+gem 'rack', '< 2'
+gem 'foodcritic', '< 8'
+gem 'chef-dk', '~> 0.13.0'
+gem 'mixlib-install', '>= 2'
+gem 'fauxhai', '<= 3.9.0'
+gem 'cheffish', '< 13'
+gem 'chefspec', '< 6'

data/test/gemfiles/chef-12.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,5 +16,5 @@
 
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
-gem 'chef', '~> 12.9'
-gem 'chef-dk', '~> 0.12'
+gem 'chef', '~> 12.19'
+gem 'cheffish', '< 13'

data/test/gemfiles/chef-13.0.gemfile

@@ -0,0 +1,19 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
+
+gem 'chef', '~> 13.0.118'

data/test/gemfiles/chef-13.gemfile

@@ -0,0 +1,19 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
+
+gem 'chef', '~> 13.0'

data/test/gemfiles/master.gemfile

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,8 +16,12 @@
 
 eval_gemfile File.expand_path('../../../Gemfile', __FILE__)
 
-gem 'chef', github: 'chef/chef'
-gem 'chef-dk', github: 'chef/chef-dk'
-gem 'halite', github: 'poise/halite'
-# gem 'poise-boiler', github: 'poise/poise-boiler'
-gem 'poise-profiler', github: 'poise/poise-profiler'
+gem 'chef', git: 'https://github.com/chef/chef.git'
+gem 'chef-dk', git: 'https://github.com/chef/chef-dk.git'
+gem 'chefspec', git: 'https://github.com/sethvargo/chefspec.git'
+gem 'fauxhai', git: 'https://github.com/customink/fauxhai.git'
+gem 'foodcritic', git: 'https://github.com/foodcritic/foodcritic.git'
+gem 'halite', git: 'https://github.com/poise/halite.git'
+gem 'ohai', git: 'https://github.com/chef/ohai.git'
+gem 'poise-boiler', git: 'https://github.com/poise/poise-boiler.git'
+gem 'poise-profiler', git: 'https://github.com/poise/poise-profiler.git'

data/test/integration/data_bags/hoist/local.json

@@ -0,0 +1,6 @@
+{
+  "id": "local",
+  "hoist_test": {
+    "four": 44
+  }
+}

data/test/integration/default/default_spec.rb

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,7 +15,7 @@
 #
 
 describe file('/hoist_test') do
-  its(:content) { is_expected.to eq '{"one":11,"two":222,"three":3}' }
+  its(:content) { is_expected.to eq '{"one":11,"two":222,"three":3,"four":44}' }
 end
 
 describe file('/hoist_environment') do

data/test/integration/default_policy.rb

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -22,3 +22,5 @@ default['local']['hoist_test']['one'] = 11
 override['hoist_test']['two'] = 22
 override['other']['hoist_test']['two'] = 220
 override['local']['hoist_test']['two'] = 222
+
+default['poise-hoist']['data_bag'] = 'hoist'

data/test/spec/fixtures/encrypted-node.json

@@ -0,0 +1,10 @@
+{
+  "id": "encrypted-node",
+  "baseline": {
+    "encrypted_data": "V+YNyaskOPd0c0q5GJv9ogtfQahQQz5GJssGoFfjDObbGtgHDYvnNv46AsMn\nlXPVIYfGiZdBDp9aOJUsPY/WRce2\n",
+    "iv": "s1q5jNccDFIj8AI0\n",
+    "auth_tag": "IgKp1wRq9sCQXb8konivDA==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  }
+}

data/test/spec/fixtures/key

@@ -0,0 +1 @@
+bdd5551cd57f85250989dabd53d922acc48aa4ab1675e5190cf493276cb1

data/test/spec/fixtures/mygroup.json

@@ -0,0 +1,7 @@
+{
+  "id": "mygroup",
+  "baseline": {
+    "one": 1111
+  },
+  "top": "flight"
+}

data/test/spec/fixtures/test-node.json

@@ -0,0 +1,10 @@
+{
+  "id": "test-node",
+  "baseline": {
+    "one": 11111,
+    "two": 22222,
+    "deep": {
+      "four": [44444]
+    }
+  }
+}

data/test/spec/poise_hoist_spec.rb

@@ -1,5 +1,5 @@
 #
-# Copyright 2016, Noah Kantrowitz
+# Copyright 2016-2017, Noah Kantrowitz
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,18 +21,19 @@ describe PoiseHoist do
   let(:role_default_attributes) { {} }
   let(:role_override_attributes) { {} }
   let(:node) { chef_run.node }
+  let(:policy_group) { 'mygroup' }
   subject do
-    # Apply our attributes
-    node.role_default.update(role_default_attributes)
-    node.role_override.update(role_override_attributes)
     # Set a policy_group. Run this late so our node doesn't get created before
     # all before blocks get a chance to run.
     if defined?(node.policy_group)
-      node.policy_group = 'mygroup'
+      node.policy_group = policy_group
     else
       # Global side effect. ¯\_(ツ)_/¯
-      Chef::Config[:policy_group] = 'mygroup'
+      Chef::Config[:policy_group] = policy_group
     end
+    # Apply our attributes
+    node.role_default.update(role_default_attributes)
+    node.role_override.update(role_override_attributes)
     # Run the hoist.
     PoiseHoist.hoist!(node)
     # Use the attributes as the subject.
@@ -49,6 +50,19 @@ describe PoiseHoist do
     role_override_attributes['baseline'] ||= {}
     role_override_attributes['baseline']['one'] = 11
     role_override_attributes['top'] = 'hat'
+    # Patch data bag item loading to use the fixtures.
+    allow(Chef::DataBagItem).to receive(:load) do |bag, item|
+      if bag != 'hoist'
+        raise Chef::Exceptions::InvalidDataBagItemID.new("No bag found for #{bag}/#{item}")
+      end
+      path = File.expand_path("../fixtures/#{item}.json", __FILE__)
+      unless File.exist?(path)
+        raise Chef::Exceptions::InvalidDataBagItemID.new("No item found for #{bag}/#{item} at #{path}")
+      end
+      obj = Chef::DataBagItem.from_hash(JSON.parse(IO.read(path)))
+      obj.data_bag(bag)
+      obj
+    end
   end
 
   context 'with no policy attributes' do
@@ -127,6 +141,51 @@ describe PoiseHoist do
     its(%w{top}) { is_expected.to eq 'dog' }
   end # /context with a top-level override policy attribute
 
+  context 'with a data bag' do
+    before { override_attributes['poise-hoist'] = {'data_bag' => 'hoist'} }
+    its(%w{baseline one}) { is_expected.to eq 1111 }
+    its(%w{baseline two}) { is_expected.to eq 2 }
+    its(%w{baseline deep three}) { is_expected.to eq 3 }
+    its(%w{baseline deep four}) { is_expected.to eq [4] }
+    its(%w{top}) { is_expected.to eq 'flight' }
+  end # /context with a data bag
+
+  context 'with a data bag for the node name' do
+    before do
+      override_attributes['poise-hoist'] = {'data_bag' => 'hoist'}
+      node.name('test-node')
+    end
+    its(%w{baseline one}) { is_expected.to eq 11111 }
+    its(%w{baseline two}) { is_expected.to eq 22222 }
+    its(%w{baseline deep three}) { is_expected.to eq 3 }
+    its(%w{baseline deep four}) { is_expected.to eq [44444] }
+    its(%w{top}) { is_expected.to eq 'hat' }
+  end # /context with a data bag for the node name
+
+  context 'with a data bag that does not exist' do
+    before { override_attributes['poise-hoist'] = {'data_bag' => 'notfound'} }
+    it { expect { subject }.to raise_error Chef::Exceptions::InvalidDataBagItemID }
+  end # /context with a data bag that does not exist
+
+  context 'with a data bag that does not match the policy group' do
+    let(:policy_group) { 'othergroup' }
+    before { override_attributes['poise-hoist'] = {'data_bag' => 'hoist'} }
+    it { expect { subject }.to raise_error Chef::Exceptions::InvalidDataBagItemID }
+  end # /context with a data bag that does not match the policy group
+
+  context 'with an encrypted data bag' do
+    before do
+      Chef::Config[:encrypted_data_bag_secret] = File.expand_path('../fixtures/key', __FILE__)
+      override_attributes['poise-hoist'] = {'data_bag' => 'hoist'}
+      node.name('encrypted-node')
+    end
+    its(%w{baseline one}) { is_expected.to eq 11111 }
+    its(%w{baseline two}) { is_expected.to eq 22222 }
+    its(%w{baseline deep three}) { is_expected.to eq 3 }
+    its(%w{baseline deep four}) { is_expected.to eq [44444] }
+    its(%w{top}) { is_expected.to eq 'hat' }
+  end # /context with an encrypted data bag
+
   describe 'patch_chef_environment!' do
     context 'with patching enabled (default)' do
       it { subject; expect(chef_run.node.chef_environment).to eq 'mygroup' }