diff options
| author | Tim Smith <tsmith@chef.io> | 2018-03-05 10:15:46 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-03-05 10:15:46 -0800 |
| commit | 012f732bd53c4426c6ba92d9091cb3b7a96daaa5 (patch) | |
| tree | 80c6a5a1e77df944981f4bc854f0d74588f4ba74 | |
| parent | a96e2311e2bfb59b750ac11cb290cd17d02fef71 (diff) | |
| parent | 3cf017dfd506770d06ad3b5341fca1215ad470a9 (diff) | |
| download | chef-012f732bd53c4426c6ba92d9091cb3b7a96daaa5.tar.gz | |
Merge branch 'master' into misc_resource
| -rw-r--r-- | CHANGELOG.md | 11 | ||||
| -rw-r--r-- | Gemfile.lock | 10 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | chef-config/lib/chef-config/version.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/apt_repository.rb | 154 | ||||
| -rw-r--r-- | lib/chef/provider/package.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/package/macports.rb | 2 | ||||
| -rw-r--r-- | lib/chef/provider/package/portage.rb | 2 | ||||
| -rw-r--r-- | lib/chef/resource/apt_package.rb | 2 | ||||
| -rw-r--r-- | lib/chef/resource/git.rb | 15 | ||||
| -rw-r--r-- | lib/chef/resource/osx_profile.rb | 4 | ||||
| -rw-r--r-- | lib/chef/resource/portage_package.rb | 10 | ||||
| -rw-r--r-- | lib/chef/resource/registry_key.rb | 28 | ||||
| -rw-r--r-- | lib/chef/resource/windows_service.rb | 4 | ||||
| -rw-r--r-- | lib/chef/version.rb | 2 | ||||
| -rw-r--r-- | spec/unit/provider/apt_repository_spec.rb | 139 | ||||
| -rw-r--r-- | spec/unit/resource/portage_package_spec.rb | 6 | ||||
| -rw-r--r-- | spec/unit/resource/registry_key_spec.rb | 6 |
18 files changed, 272 insertions, 129 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f631699eb..c137bd67ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,15 +1,20 @@ <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ --> -<!-- latest_release 14.0.105 --> -## [v14.0.105](https://github.com/chef/chef/tree/v14.0.105) (2018-03-03) +<!-- latest_release 14.0.110 --> +## [v14.0.110](https://github.com/chef/chef/tree/v14.0.110) (2018-03-05) #### Merged Pull Requests -- Add Ubuntu 18.04 Testing in Travis [#6937](https://github.com/chef/chef/pull/6937) ([tas50](https://github.com/tas50)) +- registry_key: Properly limit allowed values for architecture [#6947](https://github.com/chef/chef/pull/6947) ([tas50](https://github.com/tas50)) <!-- latest_release --> <!-- release_rollup since=13.7.16 --> ### Changes since 13.7.16 release #### Merged Pull Requests +- registry_key: Properly limit allowed values for architecture [#6947](https://github.com/chef/chef/pull/6947) ([tas50](https://github.com/tas50)) <!-- 14.0.110 --> +- Modernize provides in the portage_package resource [#6903](https://github.com/chef/chef/pull/6903) ([tas50](https://github.com/tas50)) <!-- 14.0.109 --> +- Set properties in git resource using our resource DSL [#6902](https://github.com/chef/chef/pull/6902) ([tas50](https://github.com/tas50)) <!-- 14.0.108 --> +- Use the existing helper method for package resource classes that don't support allow_downgrade [#6942](https://github.com/chef/chef/pull/6942) ([coderanger](https://github.com/coderanger)) <!-- 14.0.107 --> +- Apt repo cleanup and testing expansion [#6498](https://github.com/chef/chef/pull/6498) ([tas50](https://github.com/tas50)) <!-- 14.0.106 --> - Add Ubuntu 18.04 Testing in Travis [#6937](https://github.com/chef/chef/pull/6937) ([tas50](https://github.com/tas50)) <!-- 14.0.105 --> - Update our tests based on new resources we ship [#6939](https://github.com/chef/chef/pull/6939) ([tas50](https://github.com/tas50)) <!-- 14.0.104 --> - Allow specifying a comment for routes [#6929](https://github.com/chef/chef/pull/6929) ([tomdoherty](https://github.com/tomdoherty)) <!-- 14.0.103 --> diff --git a/Gemfile.lock b/Gemfile.lock index 771ce42307..801d4c7029 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -27,10 +27,10 @@ GIT PATH remote: . specs: - chef (14.0.105) + chef (14.0.110) addressable bundler (>= 1.10) - chef-config (= 14.0.105) + chef-config (= 14.0.110) chef-zero (>= 13.0) diff-lcs (~> 1.2, >= 1.2.4) erubis (~> 2.7) @@ -57,10 +57,10 @@ PATH specinfra (~> 2.10) syslog-logger (~> 1.6) uuidtools (~> 2.1.5) - chef (14.0.105-universal-mingw32) + chef (14.0.110-universal-mingw32) addressable bundler (>= 1.10) - chef-config (= 14.0.105) + chef-config (= 14.0.110) chef-zero (>= 13.0) diff-lcs (~> 1.2, >= 1.2.4) erubis (~> 2.7) @@ -102,7 +102,7 @@ PATH PATH remote: chef-config specs: - chef-config (14.0.105) + chef-config (14.0.110) addressable fuzzyurl mixlib-config (~> 2.0) @@ -1 +1 @@ -14.0.105
\ No newline at end of file +14.0.110
\ No newline at end of file diff --git a/chef-config/lib/chef-config/version.rb b/chef-config/lib/chef-config/version.rb index f3a06a9ee5..c676cdc626 100644 --- a/chef-config/lib/chef-config/version.rb +++ b/chef-config/lib/chef-config/version.rb @@ -21,7 +21,7 @@ module ChefConfig CHEFCONFIG_ROOT = File.expand_path("../..", __FILE__) - VERSION = "14.0.105" + VERSION = "14.0.110" end # diff --git a/lib/chef/provider/apt_repository.rb b/lib/chef/provider/apt_repository.rb index c16f1e5767..1909ed8034 100644 --- a/lib/chef/provider/apt_repository.rb +++ b/lib/chef/provider/apt_repository.rb @@ -29,14 +29,15 @@ class Chef provides :apt_repository, platform_family: "debian" - LIST_APT_KEYS = "apt-key list".freeze LIST_APT_KEY_FINGERPRINTS = "apt-key adv --list-public-keys --with-fingerprint --with-colons".freeze def load_current_resource end action :add do - unless new_resource.key.nil? + if new_resource.key.nil? + Chef::Log.debug "No 'key' property specified skipping key import" + else new_resource.key.each do |k| if is_key_id?(k) && !has_cookbook_file?(k) install_key_from_keyserver(k) @@ -56,16 +57,10 @@ class Chef action :nothing end - components = if is_ppa_url?(new_resource.uri) && new_resource.components.empty? - "main" - else - new_resource.components - end - repo = build_repo( new_resource.uri, new_resource.distribution, - components, + repo_components, new_resource.trusted, new_resource.arch, new_resource.deb_src @@ -96,19 +91,27 @@ class Chef ignore_failure true action :nothing end - end + else + Chef::Log.debug("/etc/apt/sources.list.d/#{new_resource.name}.list does not exist. Nothing to do") end end + # is the provided ID a key ID from a keyserver. Looks at length and HEX only values + # @param [String] id the key value passed by the user that *may* be an ID def is_key_id?(id) id = id[2..-1] if id.start_with?("0x") id =~ /^\h+$/ && [8, 16, 40].include?(id.length) end + # run the specified command and extract the fingerprints from the output + # accepts a command so it can be used to extract both the current key's fingerprints + # and the fingerprint of the new key + # @param [String] cmd the command to run + # + # @return [Array] an array of fingerprints def extract_fingerprints_from_cmd(cmd) so = shell_out(cmd) - so.run_command so.stdout.split(/\n/).map do |t| if z = t.match(/^fpr:+([0-9A-F]+):/) z[1].split.join @@ -116,11 +119,23 @@ class Chef end.compact end - def key_is_valid?(cmd, key) + # see if the keyfile is invalid such as a text file that is not actually a gpg key + # @param [String] keyfile the path to the keyfile + # + # @return [Boolean] is the key file invalid + def keyfile_is_invalid?(keyfile) + so = shell_out("gpg #{keyfile}") + so.error? + end + + # validate the key against the apt keystore to see if that version is expired + # @param [String] key + # + # @return [Boolean] is the key valid or not + def key_is_valid?(key) valid = true - so = shell_out(cmd) - so.run_command + so = shell_out("apt-key list") so.stdout.split(/\n/).map do |t| if t =~ %r{^\/#{key}.*\[expired: .*\]$} Chef::Log.debug "Found expired key: #{t}" @@ -133,14 +148,27 @@ class Chef valid end + # return the specified cookbook name or the cookbook containing the + # resource. + # + # @return [String] name of the cookbook def cookbook_name new_resource.cookbook || new_resource.cookbook_name end + # determine if a cookbook file is available in the run + # @param [String] path the path to the cookbook file + # + # @return [Boolean] cookbook file exists or doesn't def has_cookbook_file?(fn) run_context.has_cookbook_file_in_cookbook?(cookbook_name, fn) end + # determine if there are any new keys by comparing the fingerprints of installed + # keys to those of the passed file + # @param [String] file the keyfile of the new repository + # + # @return [Boolean] true: no new keys in the file. false: there are new keys def no_new_keys?(file) # Now we are using the option --with-colons that works across old os versions # as well as the latest (16.10). This for both `apt-key` and `gpg` commands @@ -149,37 +177,57 @@ class Chef (installed_keys & proposed_keys).sort == proposed_keys.sort end + # Given the provided key URI determine what kind of chef resource we need + # to fetch the key + # @param [String] uri the uri of the gpg key (local path or http URL) + # + # @raise [Chef::Exceptions::FileNotFound] Key isn't remote or found in the current run + # + # @return [Symbol] :remote_file or :cookbook_file + def key_type(uri) + if uri.start_with?("http") + :remote_file + elsif has_cookbook_file?(uri) + :cookbook_file + else + raise Chef::Exceptions::FileNotFound, "Cannot locate key file: #{uri}" + end + end + + # Fetch the key using either cookbook_file or remote_file, validate it, + # and install it with apt-key add + # @param [String] key the key to install + # + # @raise [RuntimeError] Invalid key which can't verify the apt repository + # + # @return [void] def install_key_from_uri(key) key_name = key.gsub(/[^0-9A-Za-z\-]/, "_") cached_keyfile = ::File.join(Chef::Config[:file_cache_path], key_name) - type = if key.start_with?("http") - :remote_file - elsif has_cookbook_file?(key) - :cookbook_file - else - raise Chef::Exceptions::FileNotFound, "Cannot locate key file" - end - declare_resource(type, cached_keyfile) do + declare_resource(key_type(key), cached_keyfile) do source key mode "0644" sensitive new_resource.sensitive action :create end - raise "The key #{cached_keyfile} is invalid and cannot be used to verify an apt repository." unless key_is_valid?("gpg #{cached_keyfile}", "") + raise "The key #{cached_keyfile} is invalid and cannot be used to verify an apt repository." if keyfile_is_invalid?(cached_keyfile) declare_resource(:execute, "apt-key add #{cached_keyfile}") do sensitive new_resource.sensitive action :run - not_if do - no_new_keys?(cached_keyfile) - end + not_if { no_new_keys?(cached_keyfile) } notifies :run, "execute[apt-cache gencaches]", :immediately end end - def install_key_from_keyserver(key, keyserver = new_resource.keyserver) + # build the apt-key command to install the keyserver + # @param [String] key the key to install + # @param [String] keyserver the key server to use + # + # @return [String] the full apt-key command to run + def keyserver_install_cmd(key, keyserver) cmd = "apt-key adv --recv" cmd << " --keyserver-options http-proxy=#{new_resource.key_proxy}" if new_resource.key_proxy cmd << " --keyserver " @@ -190,22 +238,37 @@ class Chef end cmd << " #{key}" + cmd + end + # @param [String] key + # @param [String] keyserver + # + # @raise [RuntimeError] Invalid key which can't verify the apt repository + # + # @return [void] + def install_key_from_keyserver(key, keyserver = new_resource.keyserver) declare_resource(:execute, "install-key #{key}") do - command cmd + command keyserver_install_cmd(key, keyserver) sensitive new_resource.sensitive not_if do present = extract_fingerprints_from_cmd(LIST_APT_KEY_FINGERPRINTS).any? do |fp| fp.end_with? key.upcase end - present && key_is_valid?(LIST_APT_KEYS, key.upcase) + present && key_is_valid?(key.upcase) end notifies :run, "execute[apt-cache gencaches]", :immediately end - raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?(LIST_APT_KEYS, key.upcase) + raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?(key.upcase) end + # @param [String] owner + # @param [String] repo + # + # @raise [RuntimeError] Could not access the Launchpad PPA API + # + # @return [void] def install_ppa_key(owner, repo) url = "https://launchpad.net/api/1.0/~#{owner}/+archive/#{repo}" key_id = Chef::HTTP::Simple.new(url).get("signing_key_fingerprint").delete('"') @@ -214,12 +277,33 @@ class Chef raise "Could not access Launchpad ppa API: #{e.message}" end + # determine if the repository URL is a PPA + # @param [String] url the url of the repository + # + # @return [Boolean] is the repo URL a PPA def is_ppa_url?(url) url.start_with?("ppa:") end + # determine the repository's components: + # - "components" property if defined + # - "main" if "components" not defined and the repo is a PPA URL + # - otherwise nothing + # + # @return [String] the repository component + def repo_components + if is_ppa_url?(new_resource.uri) && new_resource.components.empty? + "main" + else + new_resource.components + end + end + + # given a PPA return a PPA URL in http://ppa.launchpad.net format + # @param [String] ppa the ppa URL + # + # @return [String] full PPA URL def make_ppa_url(ppa) - return unless is_ppa_url?(ppa) owner, repo = ppa[4..-1].split("/") repo ||= "ppa" @@ -227,6 +311,14 @@ class Chef "http://ppa.launchpad.net/#{owner}/#{repo}/ubuntu" end + # build complete repo text that will be written to the config + # @param [String] uri + # @param [Array] components + # @param [Boolean] trusted + # @param [String] arch + # @param [Boolean] add_src + # + # @return [String] complete repo config text def build_repo(uri, distribution, components, trusted, arch, add_src = false) uri = make_ppa_url(uri) if is_ppa_url?(uri) diff --git a/lib/chef/provider/package.rb b/lib/chef/provider/package.rb index df3f2a46b1..9bfe94d5d0 100644 --- a/lib/chef/provider/package.rb +++ b/lib/chef/provider/package.rb @@ -480,7 +480,7 @@ class Chef elsif current_version.nil? Chef::Log.debug("#{new_resource} has no existing installed version. Installing install #{candidate_version}") target_version_array.push(candidate_version) - elsif version_compare(current_version, candidate_version) == 1 && !new_resource.allow_downgrade + elsif version_compare(current_version, candidate_version) == 1 && !allow_downgrade Chef::Log.debug("#{new_resource} #{package_name} has installed version #{current_version}, which is newer than available version #{candidate_version}. Skipping...)") target_version_array.push(nil) else diff --git a/lib/chef/provider/package/macports.rb b/lib/chef/provider/package/macports.rb index ad4be00477..514f3580d4 100644 --- a/lib/chef/provider/package/macports.rb +++ b/lib/chef/provider/package/macports.rb @@ -91,7 +91,7 @@ class Chef raise Chef::Exceptions::Package, "Could not read from STDOUT on command: #{command}" end unless status.exitstatus == 0 || status.exitstatus == 1 - raise Chef::Exceptions::Package, "#{command} failed - #{status.insect}!" + raise Chef::Exceptions::Package, "#{command} failed - #{status.inspect}!" end output end diff --git a/lib/chef/provider/package/portage.rb b/lib/chef/provider/package/portage.rb index 05a5df370e..e43e71f210 100644 --- a/lib/chef/provider/package/portage.rb +++ b/lib/chef/provider/package/portage.rb @@ -17,7 +17,7 @@ # require "chef/provider/package" -require "chef/resource/package" +require "chef/resource/portage_package" require "chef/util/path_helper" class Chef diff --git a/lib/chef/resource/apt_package.rb b/lib/chef/resource/apt_package.rb index ea0c9c6183..22680d5b44 100644 --- a/lib/chef/resource/apt_package.rb +++ b/lib/chef/resource/apt_package.rb @@ -23,7 +23,7 @@ class Chef class Resource class AptPackage < Chef::Resource::Package resource_name :apt_package - provides :package, os: "linux", platform_family: "debian" + provides :package, platform_family: "debian" description "Use the apt_package resource to manage packages on Debian and Ubuntu platforms." diff --git a/lib/chef/resource/git.rb b/lib/chef/resource/git.rb index 9f1702f715..58200815d4 100644 --- a/lib/chef/resource/git.rb +++ b/lib/chef/resource/git.rb @@ -21,27 +21,14 @@ require "chef/resource/scm" class Chef class Resource class Git < Chef::Resource::Scm - description "Use the git resource to manage source control resources that exist"\ " in a git repository. git version 1.6.5 (or higher) is required to"\ " use all of the functionality in the git resource." - def initialize(name, run_context = nil) - super - @additional_remotes = Hash[] - end - - def additional_remotes(arg = nil) - set_or_return( - :additional_remotes, - arg, - :kind_of => Hash - ) - end + property :additional_remotes, Hash, default: {} alias :branch :revision alias :reference :revision - alias :repo :repository end end diff --git a/lib/chef/resource/osx_profile.rb b/lib/chef/resource/osx_profile.rb index a2f880d38d..cf857cec6f 100644 --- a/lib/chef/resource/osx_profile.rb +++ b/lib/chef/resource/osx_profile.rb @@ -24,8 +24,6 @@ class Chef provides :osx_profile, os: "darwin" provides :osx_config_profile, os: "darwin" - identity_attr :profile_name - description "Use the osx_profile resource to manage configuration profiles (.mobileconfig files)"\ " on the macOS platform. The osx_profile resource installs profiles by using"\ " the uuidgen library to generate a unique ProfileUUID, and then using the"\ @@ -35,7 +33,7 @@ class Chef default_action :install allowed_actions :install, :remove - property :profile_name, String, name_property: true + property :profile_name, String, name_property: true, identity: true property :profile, [ String, Hash ] property :identifier, String property :path, String diff --git a/lib/chef/resource/portage_package.rb b/lib/chef/resource/portage_package.rb index a12039b555..6936f5129f 100644 --- a/lib/chef/resource/portage_package.rb +++ b/lib/chef/resource/portage_package.rb @@ -1,6 +1,6 @@ # # Author:: Adam Jacob (<adam@chef.io>) -# Copyright:: Copyright 2008-2016, Chef Software Inc. +# Copyright:: Copyright 2008-2018, Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -22,13 +22,9 @@ class Chef class Resource class PortagePackage < Chef::Resource::Package resource_name :portage_package - description "Use the portage_package resource to manage packages for the Gentoo platform." - - def initialize(name, run_context = nil) - super - @provider = Chef::Provider::Package::Portage - end + provides :portage_package + description "Use the portage_package resource to manage packages for the Gentoo platform." end end end diff --git a/lib/chef/resource/registry_key.rb b/lib/chef/resource/registry_key.rb index 565ff278ea..8ca111bf33 100644 --- a/lib/chef/resource/registry_key.rb +++ b/lib/chef/resource/registry_key.rb @@ -15,14 +15,19 @@ # See the License for the specific language governing permissions and # limitations under the License. # -require "chef/provider/registry_key" + require "chef/resource" require "chef/digester" class Chef class Resource - # Use the registry_key resource to create and delete registry keys in Microsoft Windows. class RegistryKey < Chef::Resource + resource_name :registry_key + provides :registry_key + + description "Use the registry_key resource to create and delete registry keys in Microsoft Windows." + introduced "11.0" + identity_attr :key state_attrs :values @@ -62,8 +67,6 @@ class Chef def initialize(name, run_context = nil) super - @architecture = :machine - @recursive = false @key = name @values, @unscrubbed_values = [], [] end @@ -102,21 +105,8 @@ class Chef end end - def recursive(arg = nil) - set_or_return( - :recursive, - arg, - :kind_of => [TrueClass, FalseClass] - ) - end - - def architecture(arg = nil) - set_or_return( - :architecture, - arg, - :kind_of => Symbol - ) - end + property :recursive, [TrueClass, FalseClass], default: false + property :architecture, Symbol, default: :machine, equal_to: [:machine, :x86_64, :i386] private diff --git a/lib/chef/resource/windows_service.rb b/lib/chef/resource/windows_service.rb index 8a76a716aa..aaa21aa6a7 100644 --- a/lib/chef/resource/windows_service.rb +++ b/lib/chef/resource/windows_service.rb @@ -41,11 +41,9 @@ class Chef allowed_actions :configure_startup, :create, :delete, :configure - identity_attr :service_name - state_attrs :enabled, :running - property :service_name, name_property: true + property :service_name, name_property: true, identity: true # The display name to be used by user interface programs to identify the # service. This string has a maximum length of 256 characters. diff --git a/lib/chef/version.rb b/lib/chef/version.rb index 7bb86374ca..69b6ab16be 100644 --- a/lib/chef/version.rb +++ b/lib/chef/version.rb @@ -23,7 +23,7 @@ require "chef/version_string" class Chef CHEF_ROOT = File.expand_path("../..", __FILE__) - VERSION = Chef::VersionString.new("14.0.105") + VERSION = Chef::VersionString.new("14.0.110") end # diff --git a/spec/unit/provider/apt_repository_spec.rb b/spec/unit/provider/apt_repository_spec.rb index cabf6551c9..ca85831a06 100644 --- a/spec/unit/provider/apt_repository_spec.rb +++ b/spec/unit/provider/apt_repository_spec.rb @@ -47,7 +47,6 @@ EOF describe Chef::Provider::AptRepository do let(:new_resource) { Chef::Resource::AptRepository.new("multiverse") } - let(:shellout_env) { { env: { "LANG" => "en_US", "LANGUAGE" => "en_US" } } } let(:provider) do node = Chef::Node.new events = Chef::EventDispatch::Dispatcher.new @@ -60,15 +59,22 @@ describe Chef::Provider::AptRepository do end let(:apt_key_finger) do - r = double("Mixlib::ShellOut", stdout: APT_KEY_FINGER, exitstatus: 0, live_stream: true) - allow(r).to receive(:run_command) - r + double("shell_out", stdout: APT_KEY_FINGER, exitstatus: 0, error?: false) end let(:gpg_finger) do - r = double("Mixlib::ShellOut", stdout: GPG_FINGER, exitstatus: 0, live_stream: true) - allow(r).to receive(:run_command) - r + double("shell_out", stdout: GPG_FINGER, exitstatus: 0, error?: false) + end + + let(:gpg_shell_out_success) do + double("shell_out", :stdout => "pub 2048R/7BD9BF62 2011-08-19 nginx signing key <signing-key@nginx.com>", + :exitstatus => 0, :error? => false) + end + + let(:gpg_shell_out_failure) do + double("shell_out", :stderr => "gpg: no valid OpenPGP data found.\n + gpg: processing message failed: eof", + :exitstatus => 1, :error? => true) end let(:apt_fingerprints) do @@ -83,35 +89,39 @@ C5986B4F1257FFA86632CBA746181433FBB75451 end describe "#is_key_id?" do - it "should detect a key" do + it "detects a key" do expect(provider.is_key_id?("A4FF2279")).to be_truthy end - it "should detect a key with a hex signifier" do + it "detects a key with a hex signifier" do expect(provider.is_key_id?("0xA4FF2279")).to be_truthy end - it "should reject a key with the wrong length" do + it "rejects a key with the wrong length" do expect(provider.is_key_id?("4FF2279")).to be_falsey end - it "should reject a key with non-hex characters" do + it "rejects a key with non-hex characters" do expect(provider.is_key_id?("A4KF2279")).to be_falsey end end describe "#extract_fingerprints_from_cmd" do - before do - expect(Mixlib::ShellOut).to receive(:new).and_return(apt_key_finger) - end - - it "should run the desired command" do - expect(apt_key_finger).to receive(:run_command) + it "runs the desired command" do + expect(provider).to receive(:shell_out).and_return(apt_key_finger) provider.extract_fingerprints_from_cmd(apt_key_finger_cmd) end - it "should return a list of key fingerprints" do + it "returns a list of key fingerprints" do + expect(provider).to receive(:shell_out).and_return(apt_key_finger) expect(provider.extract_fingerprints_from_cmd(apt_key_finger_cmd)).to eql(apt_fingerprints) end end + describe "#cookbook_name" do + it "returns 'test' when the cookbook property is set" do + new_resource.cookbook("test") + expect(provider.cookbook_name).to eq("test") + end + end + describe "#no_new_keys?" do before do allow(provider).to receive(:extract_fingerprints_from_cmd).with(apt_key_finger_cmd).and_return(apt_fingerprints) @@ -119,14 +129,14 @@ C5986B4F1257FFA86632CBA746181433FBB75451 let(:file) { "/tmp/remote-gpg-keyfile" } - it "should match a set of keys" do + it "matches a set of keys" do allow(provider).to receive(:extract_fingerprints_from_cmd) .with("gpg --with-fingerprint --with-colons #{file}") .and_return(Array(apt_fingerprints.first)) expect(provider.no_new_keys?(file)).to be_truthy end - it "should notice missing keys" do + it "notices missing keys" do allow(provider).to receive(:extract_fingerprints_from_cmd) .with("gpg --with-fingerprint --with-colons #{file}") .and_return(%w{ F36A89E33CC1BD0F71079007327574EE02A818DD }) @@ -134,11 +144,71 @@ C5986B4F1257FFA86632CBA746181433FBB75451 end end + describe "#key_type" do + it "returns :remote_file with an http URL" do + expect(provider.key_type("https://www.chef.io/key")).to eq(:remote_file) + end + + it "returns :cookbook_file with a chef managed file" do + expect(provider).to receive(:has_cookbook_file?).and_return(true) + expect(provider.key_type("/foo/bar.key")).to eq(:cookbook_file) + end + + it "throws exception if an unknown file specified" do + expect(provider).to receive(:has_cookbook_file?).and_return(false) + expect { provider.key_type("/foo/bar.key") }.to raise_error(Chef::Exceptions::FileNotFound) + end + end + + describe "#keyserver_install_cmd" do + it "returns keyserver install command" do + expect(provider.keyserver_install_cmd("ABC", "gpg.mit.edu")).to eq("apt-key adv --recv --keyserver hkp://gpg.mit.edu:80 ABC") + end + + it "uses proxy if key_proxy property is set" do + new_resource.key_proxy("proxy.mycorp.dmz:3128") + expect(provider.keyserver_install_cmd("ABC", "gpg.mit.edu")).to eq("apt-key adv --recv --keyserver-options http-proxy=proxy.mycorp.dmz:3128 --keyserver hkp://gpg.mit.edu:80 ABC") + end + + it "properly handles keyservers passed with hkp:// URIs" do + expect(provider.keyserver_install_cmd("ABC", "hkp://gpg.mit.edu")).to eq("apt-key adv --recv --keyserver hkp://gpg.mit.edu ABC") + end + end + + describe "#is_ppa_url" do + it "returns true if the URL starts with ppa:" do + expect(provider.is_ppa_url?("ppa://example.com")).to be_truthy + end + + it "returns false if the URL does not start with ppa:" do + expect(provider.is_ppa_url?("example.com")).to be_falsey + end + end + + describe "#repo_components" do + it "returns 'main' if a PPA and components property not set" do + expect(provider).to receive(:is_ppa_url?).and_return(true) + expect(provider.repo_components).to eq("main") + end + + it "returns components property if a PPA and components is set" do + new_resource.components(["foo"]) + expect(provider).to receive(:is_ppa_url?).and_return(true) + expect(provider.repo_components).to eq(["foo"]) + end + + it "returns components property if not a PPA" do + new_resource.components(["foo"]) + expect(provider).to receive(:is_ppa_url?).and_return(false) + expect(provider.repo_components).to eq(["foo"]) + end + end + describe "#install_ppa_key" do let(:url) { "https://launchpad.net/api/1.0/~chef/+archive/main" } let(:key) { "C5986B4F1257FFA86632CBA746181433FBB75451" } - it "should get a key" do + it "gets a key" do simples = double("HTTP") allow(simples).to receive(:get).and_return("\"#{key}\"") expect(Chef::HTTP::Simple).to receive(:new).with(url).and_return(simples) @@ -148,42 +218,49 @@ C5986B4F1257FFA86632CBA746181433FBB75451 end describe "#make_ppa_url" do - it "should ignore non-ppa repositories" do - expect(provider.make_ppa_url("some_string")).to be_nil - end - - it "should create a URL" do + it "creates a URL" do expect(provider).to receive(:install_ppa_key).with("chef", "main").and_return(true) expect(provider.make_ppa_url("ppa:chef/main")).to eql("http://ppa.launchpad.net/chef/main/ubuntu") end end describe "#build_repo" do - it "should create a repository string" do + it "creates a repository string" do target = %Q{deb "http://test/uri" unstable main\n} expect(provider.build_repo("http://test/uri", "unstable", "main", false, nil)).to eql(target) end - it "should create a repository string with no distribution" do + it "creates a repository string with no distribution" do target = %Q{deb "http://test/uri" main\n} expect(provider.build_repo("http://test/uri", nil, "main", false, nil)).to eql(target) end - it "should create a repository string with source" do + it "creates a repository string with source" do target = %Q{deb "http://test/uri" unstable main\ndeb-src "http://test/uri" unstable main\n} expect(provider.build_repo("http://test/uri", "unstable", "main", false, nil, true)).to eql(target) end - it "should create a repository string with options" do + it "creates a repository string with options" do target = %Q{deb [trusted=yes] "http://test/uri" unstable main\n} expect(provider.build_repo("http://test/uri", "unstable", "main", true, nil)).to eql(target) end - it "should handle a ppa repo" do + it "handles a ppa repo" do target = %Q{deb "http://ppa.launchpad.net/chef/main/ubuntu" unstable main\n} expect(provider).to receive(:make_ppa_url).with("ppa:chef/main").and_return("http://ppa.launchpad.net/chef/main/ubuntu") expect(provider.build_repo("ppa:chef/main", "unstable", "main", false, nil)).to eql(target) end end + describe "#keyfile_is_invalid?" do + it "returns true if the file is invalid" do + expect(provider).to receive(:shell_out).and_return(gpg_shell_out_failure) + expect(provider.keyfile_is_invalid?("/foo/bar.key")).to be_truthy + end + + it "returns false if the file is valid" do + expect(provider).to receive(:shell_out).and_return(gpg_shell_out_success) + expect(provider.keyfile_is_invalid?("/foo/bar.key")).to be_falsey + end + end end diff --git a/spec/unit/resource/portage_package_spec.rb b/spec/unit/resource/portage_package_spec.rb index 02a7aef39a..a37cfd6e41 100644 --- a/spec/unit/resource/portage_package_spec.rb +++ b/spec/unit/resource/portage_package_spec.rb @@ -1,6 +1,6 @@ # # Author:: Adam Jacob (<adam@chef.io>) -# Copyright:: Copyright 2008-2016, Chef Software Inc. +# Copyright:: Copyright 2008-2018, Chef Software Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,8 +29,4 @@ describe Chef::Resource::PortagePackage, "initialize" do it "sets the resource_name to :portage_package" do expect(resource.resource_name).to eql(:portage_package) end - - it "sets the provider to Chef::Provider::Package::Portage" do - expect(resource.provider).to eql(Chef::Provider::Package::Portage) - end end diff --git a/spec/unit/resource/registry_key_spec.rb b/spec/unit/resource/registry_key_spec.rb index 07ad4f820b..d8eea74ed4 100644 --- a/spec/unit/resource/registry_key_spec.rb +++ b/spec/unit/resource/registry_key_spec.rb @@ -25,7 +25,7 @@ describe Chef::Resource::RegistryKey, "initialize" do expect(resource.resource_name).to eql(:registry_key) end - it "sets the key equal to the argument to initialize" do + it "sets the key property to the resource name" do expect(resource.key).to eql('HKCU\Software\Raxicoricofallapatorius') end @@ -159,6 +159,10 @@ describe Chef::Resource::RegistryKey, "architecture" do end end + it "does not allow other symbols" do + expect { resource.architecture(:nope) }.to raise_error(ArgumentError) + end + it "does not allow a hash" do expect { resource.architecture({ :sonic => :screwdriver }) }.to raise_error(ArgumentError) end |