diff options
author | Bryan McLellan <btm@loftninjas.org> | 2019-05-17 12:59:31 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-05-17 12:59:31 -0400 |
commit | 2d331c351c572b90cbe9d7a7ca64731dbc2ba009 (patch) | |
tree | c48e25928e5d0db34731aa1c60d5a2e0511f429e | |
parent | 0de8b639e354e863e94be7701d991ab411fb27bf (diff) | |
parent | 55e74ea6170a37af9d1e2e64a420bb88c78d18b6 (diff) | |
download | chef-2d331c351c572b90cbe9d7a7ca64731dbc2ba009.tar.gz |
Merge pull request #8526 from chef/btm/14-MSYS-996
Chef 14: Fix for Chef::Exceptions::Win32APIError: The operation completed successfully
-rw-r--r-- | .travis.yml | 61 | ||||
-rw-r--r-- | kitchen-tests/Gemfile | 4 | ||||
-rw-r--r-- | kitchen-tests/README.md | 18 | ||||
-rw-r--r-- | kitchen-tests/kitchen.travis.yml | 27 | ||||
-rw-r--r-- | kitchen-tests/kitchen.yml | 135 | ||||
-rw-r--r-- | lib/chef/win32/security.rb | 2 | ||||
-rw-r--r-- | spec/unit/win32/security_spec.rb | 25 |
7 files changed, 176 insertions, 96 deletions
diff --git a/.travis.yml b/.travis.yml index 84e7159134..4e4bdccfc6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -125,18 +125,9 @@ matrix: script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake rvm: 2.5.5 - env: - TEST_GEM: poise/halite - script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec - rvm: 2.5.5 - - env: TEST_GEM: chef/knife-windows script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake unit_spec rvm: 2.5.5 - # disable this pending a Chef 14 compat version of poise - # - env: - # TEST_GEM: poise/poise - # script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec - # rvm: 2.5.5 ### START TEST KITCHEN ONLY ### - rvm: 2.5.5 services: docker @@ -154,7 +145,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - AMAZON=2 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -171,7 +162,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - AMAZON=201X - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -183,12 +174,12 @@ matrix: - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - cd kitchen-tests script: - - bundle exec kitchen test end-to-end-ubuntu-1404 + - bundle exec kitchen test end-to-end-ubuntu-1604 after_failure: - cat .kitchen/logs/kitchen.log env: - - UBUNTU=14.04 - - KITCHEN_YAML=kitchen.travis.yml + - UBUNTU=16.04 + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -200,12 +191,12 @@ matrix: - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - cd kitchen-tests script: - - bundle exec kitchen test end-to-end-ubuntu-1604 + - bundle exec kitchen test end-to-end-ubuntu-1804 after_failure: - cat .kitchen/logs/kitchen.log env: - - UBUNTU=16.04 - - KITCHEN_YAML=kitchen.travis.yml + - UBUNTU=18.04 + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -217,12 +208,12 @@ matrix: - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - cd kitchen-tests script: - - bundle exec kitchen test end-to-end-ubuntu-1804 + - bundle exec kitchen test end-to-end-debian-8 after_failure: - cat .kitchen/logs/kitchen.log env: - - UBUNTU=18.04 - - KITCHEN_YAML=kitchen.travis.yml + - DEBIAN=8 + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -234,12 +225,12 @@ matrix: - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - cd kitchen-tests script: - - bundle exec kitchen test end-to-end-debian-8 + - bundle exec kitchen test end-to-end-debian-9 after_failure: - cat .kitchen/logs/kitchen.log env: - - DEBIAN=8 - - KITCHEN_YAML=kitchen.travis.yml + - DEBIAN=9 + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -251,12 +242,12 @@ matrix: - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - cd kitchen-tests script: - - bundle exec kitchen test end-to-end-debian-9 + - bundle exec kitchen test end-to-end-debian-10 after_failure: - cat .kitchen/logs/kitchen.log env: - - DEBIAN=9 - - KITCHEN_YAML=kitchen.travis.yml + - DEBIAN=10 + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -273,7 +264,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - CENTOS=6 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -290,7 +281,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - CENTOS=7 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -307,7 +298,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - FEDORA=latest - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -324,7 +315,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - OPENSUSELEAP=42 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 sudo: required before_install: @@ -362,7 +353,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - RSPEC_CENTOS=7 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml - rvm: 2.5.5 services: docker sudo: required @@ -379,7 +370,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - RSPEC_OPENSUSELEAP=42 - - KITCHEN_YAML=kitchen.travis.yml + - KITCHEN_YAML=kitchen.yml allow_failures: - rvm: 2.5.5 services: docker @@ -397,11 +388,7 @@ matrix: - cat .kitchen/logs/kitchen.log env: - RSPEC_OPENSUSELEAP=42 - - KITCHEN_YAML=kitchen.travis.yml - - env: - TEST_GEM: poise/halite - script: bundle exec tasks/bin/run_external_test $TEST_GEM master rake spec - rvm: 2.5.5 + - KITCHEN_YAML=kitchen.yml notifications: on_change: true diff --git a/kitchen-tests/Gemfile b/kitchen-tests/Gemfile index c571298fc2..002dcd3935 100644 --- a/kitchen-tests/Gemfile +++ b/kitchen-tests/Gemfile @@ -4,8 +4,8 @@ gem "rake" # required to build some native extensions gem "chef", path: ".." gem "ohai", git: "https://github.com/chef/ohai.git", branch: "14-stable" # avoids failures when we bump chef major gem "berkshelf", git: "https://github.com/berkshelf/berkshelf.git", branch: "master" -gem "kitchen-appbundle-updater" -gem "kitchen-dokken", "< 2.0" # 2.x fails atm: https://travis-ci.org/chef/chef/jobs/199125787 +gem "kitchen-dokken", "~> 2.0" +gem "kitchen-docker", git: "https://github.com/test-kitchen/kitchen-docker.git", branch: "master" gem "kitchen-inspec", git: "https://github.com/chef/kitchen-inspec.git", branch: "master" gem "kitchen-vagrant", git: "https://github.com/test-kitchen/kitchen-vagrant.git", branch: "master" gem "test-kitchen", git: "https://github.com/test-kitchen/test-kitchen.git", branch: "master" diff --git a/kitchen-tests/README.md b/kitchen-tests/README.md index 95234ca383..9bf20a8fab 100644 --- a/kitchen-tests/README.md +++ b/kitchen-tests/README.md @@ -4,7 +4,7 @@ Here we seek to provide end-to-end testing of Chef Client through cookbooks whic ## Getting started -All the gems needed to run these tests can be installed with Bundler. +These tests run in Docker containers so make sure to install Docker on your workstation. Once docker is installed all the gems needed to run these tests can be installed with Bundler. ```shell chef/kitchen-tests$ bundle install @@ -19,21 +19,21 @@ chef/kitchen-tests$ bundle exec kitchen list You should see output similar to ```shell -Instance Driver Provisioner Verifier Transport Last Action Last Error -end-to-end-amazonlinux Vagrant ChefGithub Inspec Ssh <Not Created> <None> +Instance Driver Provisioner Verifier Transport Last Action Last Error +end-to-end-amazonlinux Dokken Dokken Inspec Dokken <Not Created> <None> ``` ## Testing -We use Test Kitchen to build instances, test client code, and destroy instances. If you are unfamiliar with Test Kitchen we recommend checking out the [tutorial](http://kitchen.ci/) along with the `kitchen-vagrant` [driver documentation](https://github.com/test-kitchen/kitchen-vagrant). Test Kitchen is configured to manipulate instances using [Vagrant](https://www.vagrantup.com/) when testing locally, and Docker via [kitchen-dokken](https://github.com/someara/kitchen-dokken/) when testing pull requests on [Travis CI](https://travis-ci.com/). +We use Test Kitchen to build instances, test client code, and destroy instances. If you are unfamiliar with Test Kitchen we recommend checking out the [tutorial](http://kitchen.ci/) along with the `kitchen-dokken` [driver documentation](https://github.com/someara/kitchen-dokken). Test Kitchen is configured to manipulate instances using [Docker](https://www.docker.com/) when testing locally and when testing pull requests on [Travis CI](https://travis-ci.com/). ### Commands Kitchen instances are led through a series of states. The instance states, and the actions taken to transition into each state, are in order: -- `destroy`: Delete all information for and terminate one or more instances. +- `destroy`: Delete all information for and terminate one or more instances. - This is equivalent to running `vagrant destroy` to stop and delete a Vagrant machine. -- `create`: Start one or more instances. +- `create`: Start one or more instances. - This is equivalent to running `vagrant up --no-provision` to start a Vagrant instance. - `converge`: Use a provisioner to configure one or more instances. - By default, Test Kitchen is configured to use the `ChefSolo` provisioner which: @@ -53,7 +53,7 @@ To see a list of available commands, type `bundle exec kitchen help`. To see mor ### Configuring your tests -Test Kitchen is configured for local testing in the `kitchen.yml` file which resides in this directory. You will need to configure the provisioner before running the tests. +Test Kitchen is configured in the `kitchen.yml` file which resides in this directory. You will need to configure the provisioner before running the tests. The provisioner can be configured to pull client source code from a GitHub repository using any valid Git reference. You are encouraged to modify any of these settings, but please return them to their original values before submitting a pull request for review (unless, of course, your changes are enhancements to the default provisioner settings). @@ -66,8 +66,8 @@ The branch you choose must be accessible on GitHub. You cannot use a local commi ### Testing pull requests -These end-to-end tests are also configured to run on Travis-CI with docker containers when you submit a pull request to `chef/chef`. Kitchen is configured to pull chef client source code from the branch it is testing. There is no need to modify `kitchen.travis.yml` unless you are contributing tests. +These end-to-end tests are also configured to run on Travis-CI with docker containers when you submit a pull request to `chef/chef`. Kitchen is configured to pull chef client source code from the branch it is testing. There is no need to modify `kitchen.yml` unless you are contributing tests. ## Contributing -We would love to fill out our end-to-end testing coverage! If you have cookbooks and tests that you would like to see become a part of client testing, we encourage you to submit a pull request with your additions. We request that you do not add platforms to `kitchen.travis.yml`. Please file a request to add a platform under [Issues](https://github.com/chef/chef/issues). +We would love to fill out our end-to-end testing coverage! If you have cookbooks and tests that you would like to see become a part of client testing, we encourage you to submit a pull request with your additions. We request that you do not add platforms to `kitchen.yml`. Please file a request to add a platform under [Issues](https://github.com/chef/chef/issues). diff --git a/kitchen-tests/kitchen.travis.yml b/kitchen-tests/kitchen.travis.yml index db9323e4a6..64ff400887 100644 --- a/kitchen-tests/kitchen.travis.yml +++ b/kitchen-tests/kitchen.travis.yml @@ -9,22 +9,16 @@ transport: name: dokken provisioner: - name: chef_github - root_path: /opt/kitchen - require_chef_omnibus: latest - chef_omnibus_url: "https://omnitruck.chef.io/install.sh" - chef_omnibus_install_options: "-c current" - github_owner: "chef" - github_repo: "chef" - refname: <%= ENV['TRAVIS_COMMIT'] %> - ohai_refname: "master" - github_access_token: <%= ENV['KITCHEN_GITHUB_TOKEN'] %> - data_path: test/fixtures - chef_license: "accept-no-persist" -# disable file provider diffs so we don't overflow travis' line limit + name: dokken client_rb: diff_disabled: true +lifecycle: + pre_converge: + - remote: /opt/chef/embedded/bin/gem install appbundle-updater + - remote: /opt/chef/embedded/bin/appbundle-updater chef ohai <%= File.readlines('../Gemfile.lock', File.expand_path(File.dirname(__FILE__))).find { |l| l =~ /^\s+ohai \((\d+\.\d+\.\d+)\)/ }; 'v' + $1 %> --tarball --github chef/ohai + - remote: /opt/chef/embedded/bin/appbundle-updater chef chef <%= ENV['TRAVIS_COMMIT'] %> --tarball --github chef/chef + verifier: name: inspec format: progress @@ -80,13 +74,6 @@ platforms: intermediate_instructions: - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers -- name: ubuntu-14.04 - driver: - image: dokken/ubuntu-14.04 - pid_one_command: /sbin/init - intermediate_instructions: - - RUN /usr/bin/apt-get update - - name: ubuntu-16.04 driver: image: dokken/ubuntu-16.04 diff --git a/kitchen-tests/kitchen.yml b/kitchen-tests/kitchen.yml index 0c49201927..3893f082bd 100644 --- a/kitchen-tests/kitchen.yml +++ b/kitchen-tests/kitchen.yml @@ -1,41 +1,122 @@ --- driver: - name: vagrant - customize: - cpus: 4 - memory: 2048 + name: dokken + privileged: true + chef_image: chef/chef + chef_version: current -verifier: - name: inspec - format: progress +transport: + name: dokken provisioner: - name: chef_github - chef_omnibus_url: "https://omnitruck.chef.io/install.sh" - chef_omnibus_install_options: "-c current -v 14" - github_owner: "chef" - github_repo: "chef" - ohai_refname: "master" - refname: <%= %x(git rev-parse HEAD) %> - chef_license: "accept-no-persist" + name: dokken client_rb: diff_disabled: true +lifecycle: + pre_converge: + - remote: echo "Chef container's Chef / Ohai release:" + - remote: /opt/chef/embedded/bin/chef-client -v + - remote: /opt/chef/embedded/bin/ohai -v + - remote: /opt/chef/embedded/bin/gem uninstall -x chef-bin # appbundle-updater doesn't remove this when downgrading to 14 + - remote: /opt/chef/embedded/bin/gem install appbundler appbundle-updater + - remote: /opt/chef/embedded/bin/appbundle-updater chef ohai <%= File.readlines('../Gemfile.lock', File.expand_path(File.dirname(__FILE__))).find { |l| l =~ /^\s+ohai \((\d+\.\d+\.\d+)\)/ }; 'v' + $1 %> --tarball --github chef/ohai + - remote: /opt/chef/embedded/bin/appbundle-updater chef chef <%= ENV['TRAVIS_COMMIT'] || %x(git rev-parse HEAD).chomp %> --tarball --github chef/chef + - remote: echo "Installed Chef / Ohai release:" + - remote: /opt/chef/embedded/bin/chef-client -v + - remote: /opt/chef/embedded/bin/ohai -v + +verifier: + name: inspec + format: progress + platforms: - - name: amazonlinux - driver_config: - box: mvbcoding/awslinux - - name: centos-6 - - name: centos-7 - - name: debian-8 - - name: debian-9 - - name: opensuse-leap-42 - - name: ubuntu-14.04 - - name: ubuntu-16.04 - - name: ubuntu-18.04 +- name: amazonlinux + driver: + image: dokken/amazonlinux + pid_one_command: /sbin/init + intermediate_instructions: + - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers + +- name: amazonlinux-2 + driver: + image: dokken/amazonlinux-2 + pid_one_command: /usr/lib/systemd/systemd + intermediate_instructions: + - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers + +- name: debian-8 + driver: + image: dokken/debian-8 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +- name: debian-9 + driver: + image: dokken/debian-9 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +- name: debian-10 + driver: + image: dokken/debian-10 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +- name: centos-6 + driver: + image: dokken/centos-6 + pid_one_command: /sbin/init + intermediate_instructions: + - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers + +- name: centos-7 + driver: + image: dokken/centos-7 + pid_one_command: /usr/lib/systemd/systemd + intermediate_instructions: + - RUN yum -y install e2fsprogs + - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers + +- name: fedora-latest + driver: + image: dokken/fedora-latest + pid_one_command: /usr/lib/systemd/systemd + intermediate_instructions: + - RUN sed -i -e "s/Defaults.*requiretty.*/Defaults !requiretty/g" /etc/sudoers + +- name: ubuntu-16.04 + driver: + image: dokken/ubuntu-16.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +- name: ubuntu-18.04 + driver: + image: dokken/ubuntu-18.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +- name: opensuse-leap + driver: + image: dokken/opensuse-leap + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/zypper --non-interactive update + - RUN /usr/bin/zypper --non-interactive install cron suites: - name: end-to-end run_list: - recipe[end_to_end::default] - - recipe[end_to_end::tests] + - name: rspec + run_list: + - recipe[rspec] + lifecycle: + post_converge: + - remote: /usr/local/bin/run-chef-rspec diff --git a/lib/chef/win32/security.rb b/lib/chef/win32/security.rb index 879aba7f2b..a633721839 100644 --- a/lib/chef/win32/security.rb +++ b/lib/chef/win32/security.rb @@ -404,7 +404,7 @@ class Chef system_name = system_name.to_wstring if system_name if LookupAccountNameW(system_name, name.to_wstring, nil, sid_size, nil, referenced_domain_name_size, nil) raise "Expected ERROR_INSUFFICIENT_BUFFER from LookupAccountName, and got no error!" - elsif FFI::LastError.error != ERROR_INSUFFICIENT_BUFFER + elsif !([NO_ERROR, ERROR_INSUFFICIENT_BUFFER].include?(FFI::LastError.error)) Chef::ReservedNames::Win32::Error.raise! end diff --git a/spec/unit/win32/security_spec.rb b/spec/unit/win32/security_spec.rb index b5e441f2a0..3c612aef10 100644 --- a/spec/unit/win32/security_spec.rb +++ b/spec/unit/win32/security_spec.rb @@ -106,4 +106,29 @@ describe "Chef::Win32::Security", :windows_only do expect { Chef::ReservedNames::Win32::Security.get_token_information_elevation_type(token) }.to raise_error(Chef::Exceptions::Win32APIError) end end + + describe "self.lookup_account_name" do + let(:security_class) { Chef::ReservedNames::Win32::Security } + + context "when FFI::LastError.error result is ERROR_INSUFFICIENT_BUFFER" do + it "does not raise the exception" do + expect(FFI::LastError).to receive(:error).and_return(122) + expect { security_class.lookup_account_name "system" }.to_not raise_error + end + end + + context "when operation completed successfully and FFI::LastError.error result is NO_ERROR" do + it "does not raise the exception" do + expect(FFI::LastError).to receive(:error).and_return(0) + expect { security_class.lookup_account_name "system" }.to_not raise_error + end + end + + context "when FFI::LastError.error result is not ERROR_INSUFFICIENT_BUFFER and not NO_ERROR" do + it "raises Chef::ReservedNames::Win32::Error.raise! exception" do + expect(FFI::LastError).to receive(:error).and_return(123).at_least(:once) + expect { security_class.lookup_account_name "system" }.to raise_error + end + end + end end |