Test including supported serverspec helpers. Updates per PR comments.

15 files changed, 317 insertions, 37 deletions

diff --git a/.travis.yml b/.travis.yml
index 37418ab621..e9e7c2cdc2 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -8,6 +8,7 @@ branches:
   - 10-stable
   - 11-stable
   - 12-stable
+  - audit-mode
 
 # do not run expensive spec tests on PRs, only on branches
 script: "
diff --git a/kitchen-tests/cookbooks/audit_test/.gitignore b/kitchen-tests/cookbooks/audit_test/.gitignore
new file mode 100644
index 0000000000..ec2a890bd3
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/.gitignore
@@ -0,0 +1,16 @@
+.vagrant
+Berksfile.lock
+*~
+*#
+.#*
+\#*#
+.*.sw[a-z]
+*.un~
+
+# Bundler
+Gemfile.lock
+bin/*
+.bundle/*
+
+.kitchen/
+.kitchen.local.yml
diff --git a/kitchen-tests/cookbooks/audit_test/.kitchen.yml b/kitchen-tests/cookbooks/audit_test/.kitchen.yml
new file mode 100644
index 0000000000..be11e33081
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/.kitchen.yml
@@ -0,0 +1,16 @@
+---
+driver:
+  name: vagrant
+
+provisioner:
+  name: chef_zero
+
+platforms:
+  - name: ubuntu-12.04
+  - name: centos-6.5
+
+suites:
+  - name: default
+    run_list:
+      - recipe[audit_test::default]
+    attributes:
diff --git a/kitchen-tests/cookbooks/audit_test/Berksfile b/kitchen-tests/cookbooks/audit_test/Berksfile
new file mode 100644
index 0000000000..0ac9b78cf7
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/Berksfile
@@ -0,0 +1,3 @@
+source "https://supermarket.getchef.com"
+
+metadata
diff --git a/kitchen-tests/cookbooks/audit_test/README.md b/kitchen-tests/cookbooks/audit_test/README.md
new file mode 100644
index 0000000000..75e2f44808
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/README.md
@@ -0,0 +1,12 @@
+# audit_test
+
+This cookbook has some basic recipes to test audit mode.
+
+In order to run these tests on your dev box:
+
+```
+$ bundle install
+$ bundle exec chef-client -c kitchen-tests/.chef/client.rb -z -o audit_test::default -l debug
+```
+
+Expected JSON output for the tests will be printed to `debug` log.
diff --git a/kitchen-tests/cookbooks/audit_test/chefignore b/kitchen-tests/cookbooks/audit_test/chefignore
new file mode 100644
index 0000000000..80dc2d20ef
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/chefignore
@@ -0,0 +1,95 @@
+# Put files/directories that should be ignored in this file when uploading
+# or sharing to the community site.
+# Lines that start with '# ' are comments.
+
+# OS generated files #
+######################
+.DS_Store
+Icon?
+nohup.out
+ehthumbs.db
+Thumbs.db
+
+# SASS #
+########
+.sass-cache
+
+# EDITORS #
+###########
+\#*
+.#*
+*~
+*.sw[a-z]
+*.bak
+REVISION
+TAGS*
+tmtags
+*_flymake.*
+*_flymake
+*.tmproj
+.project
+.settings
+mkmf.log
+
+## COMPILED ##
+##############
+a.out
+*.o
+*.pyc
+*.so
+*.com
+*.class
+*.dll
+*.exe
+*/rdoc/
+
+# Testing #
+###########
+.watchr
+.rspec
+spec/*
+spec/fixtures/*
+test/*
+features/*
+Guardfile
+Procfile
+
+# SCM #
+#######
+.git
+*/.git
+.gitignore
+.gitmodules
+.gitconfig
+.gitattributes
+.svn
+*/.bzr/*
+*/.hg/*
+*/.svn/*
+
+# Berkshelf #
+#############
+Berksfile
+Berksfile.lock
+cookbooks/*
+tmp
+
+# Cookbooks #
+#############
+CONTRIBUTING
+
+# Strainer #
+############
+Colanderfile
+Strainerfile
+.colander
+.strainer
+
+# Vagrant #
+###########
+.vagrant
+Vagrantfile
+
+# Travis #
+##########
+.travis.yml
diff --git a/kitchen-tests/cookbooks/audit_test/metadata.rb b/kitchen-tests/cookbooks/audit_test/metadata.rb
new file mode 100644
index 0000000000..4a60104e92
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/metadata.rb
@@ -0,0 +1,8 @@
+name             'audit_test'
+maintainer       'The Authors'
+maintainer_email 'you@example.com'
+license          'all_rights'
+description      'Installs/Configures audit_test'
+long_description 'Installs/Configures audit_test'
+version          '0.1.0'
+
diff --git a/kitchen-tests/cookbooks/audit_test/recipes/serverspec_support.rb b/kitchen-tests/cookbooks/audit_test/recipes/serverspec_support.rb
new file mode 100644
index 0000000000..0396cc0de7
--- /dev/null
+++ b/kitchen-tests/cookbooks/audit_test/recipes/serverspec_support.rb
@@ -0,0 +1,37 @@
+#
+# Cookbook Name:: audit_test
+# Recipe:: serverspec_support
+#
+# Copyright (c) 2014 The Authors, All Rights Reserved.
+
+file "/tmp/audit_test_file" do
+  action :create
+  content "Welcome to audit mode."
+end
+
+# package "curl" do
+#   action :install
+# end
+
+controls "serverspec helpers with types" do
+  control "file helper" do
+    it "says welcome" do
+      expect(file("/tmp/audit_test_file")).to contain("Welcome")
+    end
+  end
+
+  control service("com.apple.CoreRAID") do
+    it { is_expected.to be_enabled }
+    it { is_expected.not_to be_running }
+  end
+
+  # describe "package helper" do
+  #   it "works" do
+  #     expect(package("curl")).to be_installed
+  #   end
+  # end
+
+  control package("postgresql") do
+    it { is_expected.to_not be_installed }
+  end
+end
diff --git a/kitchen-tests/cookbooks/webapp/README.md b/kitchen-tests/cookbooks/webapp/README.md
index 5c55542cbf..f19ab46735 100644
--- a/kitchen-tests/cookbooks/webapp/README.md
+++ b/kitchen-tests/cookbooks/webapp/README.md
@@ -1,10 +1,3 @@
 # webapp
 
-This cookbook has some basic recipes to test audit mode.
-
-In order to run these tests on your dev box:
-
-```
-$ bundle install
-$ bundle exec chef-client -c kitchen-tests/.chef/client.rb -z -o audit_test::default
-```
+TODO: Enter the cookbook description here.
diff --git a/lib/chef/audit/audit_reporter.rb b/lib/chef/audit/audit_reporter.rb
index ce4978180e..21ffb62829 100644
--- a/lib/chef/audit/audit_reporter.rb
+++ b/lib/chef/audit/audit_reporter.rb
@@ -64,7 +64,7 @@ class Chef
       end
 
       def run_failed(error)
-        post_reporting_data(error)
+        post_auditing_data(error)
       end
 
       def control_group_started(name)
diff --git a/lib/chef/formatters/doc.rb b/lib/chef/formatters/doc.rb
index 09d04f3aae..99603965a9 100644
--- a/lib/chef/formatters/doc.rb
+++ b/lib/chef/formatters/doc.rb
@@ -163,13 +163,11 @@ class Chef
 
       # Called before audit phase starts
       def audit_phase_start(run_status)
-        puts_line ""
-        puts_line "++ Audit phase starting ++"
+        puts_line "Starting audit phase"
       end
 
       def audit_phase_complete
-        puts_line ""
-        puts_line "++ Audit phase ended ++ "
+        puts_line "Auditing complete"
       end
 
       def audit_phase_failed(error)
diff --git a/lib/chef/version.rb b/lib/chef/version.rb
index a8fc002399..30c3394c2c 100644
--- a/lib/chef/version.rb
+++ b/lib/chef/version.rb
@@ -17,7 +17,7 @@
 
 class Chef
   CHEF_ROOT = File.dirname(File.expand_path(File.dirname(__FILE__)))
-  VERSION = '12.1.0.dev.0'
+  VERSION = '12.2.0.alpha.0'
 end
 
 #
diff --git a/spec/functional/resource/deploy_revision_spec.rb b/spec/functional/resource/deploy_revision_spec.rb
index 05a21c48c7..e5f5341fcd 100644
--- a/spec/functional/resource/deploy_revision_spec.rb
+++ b/spec/functional/resource/deploy_revision_spec.rb
@@ -45,11 +45,10 @@ describe Chef::Resource::DeployRevision, :unix_only => true do
 
   before(:all) do
     @ohai = Ohai::System.new
-    @ohai.all_plugins(@ohai.all_plugins(["platform", "os"]))
+    @ohai.all_plugins(["platform", "os"])
   end
 
   let(:node) do
-
     Chef::Node.new.tap do |n|
       n.name "rspec-test"
       n.consume_external_attrs(@ohai.data, {})
diff --git a/spec/unit/client_spec.rb b/spec/unit/client_spec.rb
index 71c30ed532..8a1246e1f6 100644
--- a/spec/unit/client_spec.rb
+++ b/spec/unit/client_spec.rb
@@ -187,7 +187,7 @@ describe Chef::Client do
   end
 
   describe "a full client run" do
-    shared_examples_for "a successful client run" do
+    shared_context "a client run" do
       let(:http_node_load) { double("Chef::REST (node)") }
       let(:http_cookbook_sync) { double("Chef::REST (cookbook sync)") }
       let(:http_node_save) { double("Chef::REST (node save)") }
@@ -205,7 +205,10 @@ describe Chef::Client do
         # --Client.register
         #   Make sure Client#register thinks the client key doesn't
         #   exist, so it tries to register and create one.
-        expect(File).to receive(:exists?).with(Chef::Config[:client_key]).exactly(1).times.and_return(api_client_exists?)
+        expect(File).to receive(:exists?).
+          with(Chef::Config[:client_key]).
+          exactly(:once).
+          and_return(api_client_exists?)
 
         unless api_client_exists?
           #   Client.register will register with the validation client name.
@@ -219,7 +222,7 @@ describe Chef::Client do
         #   previous step.
         expect(Chef::REST).to receive(:new).
           with(Chef::Config[:chef_server_url], fqdn, Chef::Config[:client_key]).
-          exactly(1).
+          exactly(:once).
           and_return(http_node_load)
 
         # --Client#build_node
@@ -247,23 +250,12 @@ describe Chef::Client do
         # --Client#converge
         expect(Chef::Runner).to receive(:new).and_return(runner)
         expect(runner).to receive(:converge).and_return(true)
-
-        # --ResourceReporter#run_completed
-        #   updates the server with the resource history
-        #   (has its own tests, so stubbing it here.)
-        expect_any_instance_of(Chef::ResourceReporter).to receive(:run_completed)
-
-        # --AuditReporter#audit_phase_complete
-        #   posts the audit data to server.
-        #   (has its own tests, so stubbing it here.)
-        expect_any_instance_of(Chef::Audit::AuditReporter).to receive(:audit_phase_complete)
       end
 
       def stub_for_audit
+        # -- Client#run_audits
         expect(Chef::Audit::Runner).to receive(:new).and_return(audit_runner)
         expect(audit_runner).to receive(:run).and_return(true)
-
-        expect_any_instance_of(Chef::Audit::AuditReporter).to receive(:audit_phase_complete)
       end
 
       def stub_for_node_save
@@ -282,6 +274,15 @@ describe Chef::Client do
         # Post conditions: check that node has been filled in correctly
         expect(client).to receive(:run_started)
         expect(client).to receive(:run_completed_successfully)
+
+        # --ResourceReporter#run_completed
+        #   updates the server with the resource history
+        #   (has its own tests, so stubbing it here.)
+        expect_any_instance_of(Chef::ResourceReporter).to receive(:run_completed)
+        # --AuditReporter#run_completed
+        #   posts the audit data to server.
+        #   (has its own tests, so stubbing it here.)
+        expect_any_instance_of(Chef::Audit::AuditReporter).to receive(:run_completed)
       end
 
       before do
@@ -299,8 +300,12 @@ describe Chef::Client do
         stub_for_node_save
         stub_for_run
       end
+    end
 
-      it "runs ohai, sets up authentication, loads node state, synchronizes policy, and converges" do
+    shared_examples_for "a successful client run" do
+      include_context "a client run"
+
+      it "runs ohai, sets up authentication, loads node state, synchronizes policy, converges, and runs audits" do
         # This is what we're testing.
         client.run
 
@@ -310,16 +315,12 @@ describe Chef::Client do
       end
     end
 
-
     describe "when running chef-client without fork" do
-
       include_examples "a successful client run"
     end
 
     describe "when the client key already exists" do
-
       let(:api_client_exists?) { true }
-
       include_examples "a successful client run"
     end
 
@@ -358,7 +359,6 @@ describe Chef::Client do
     end
 
     describe "when a permanent run list is passed as an option" do
-
       include_examples "a successful client run" do
 
         let(:new_runlist) { "recipe[new_run_list_recipe]" }
@@ -388,6 +388,84 @@ describe Chef::Client do
       end
     end
 
+    describe "when converge fails" do
+      include_context "a client run" do
+        def stub_for_converge
+          expect(Chef::Runner).to receive(:new).and_return(runner)
+          expect(runner).to receive(:converge).and_raise(Exception)
+        end
+
+        def stub_for_node_save
+          expect(client).to_not receive(:save_updated_node)
+        end
+
+        def stub_for_run
+          expect_any_instance_of(Chef::RunLock).to receive(:acquire)
+          expect_any_instance_of(Chef::RunLock).to receive(:save_pid)
+          expect_any_instance_of(Chef::RunLock).to receive(:release)
+
+          # Post conditions: check that node has been filled in correctly
+          expect(client).to receive(:run_started)
+          expect(client).to receive(:run_failed)
+
+          # --ResourceReporter#run_completed
+          #   updates the server with the resource history
+          #   (has its own tests, so stubbing it here.)
+          # TODO: What gets called here?
+          #expect_any_instance_of(Chef::ResourceReporter).to receive(:run_failed)
+          # --AuditReporter#run_completed
+          #   posts the audit data to server.
+          #   (has its own tests, so stubbing it here.)
+          # TODO: What gets called here?
+          #expect_any_instance_of(Chef::Audit::AuditReporter).to receive(:run_failed)
+        end
+      end
+
+      it "runs the audits and raises the error" do
+        expect{ client.run }.to raise_error(Exception)
+      end
+    end
+
+    describe "when the audit phase fails" do
+      context "with an exception" do
+        include_context "a client run" do
+          def stub_for_audit
+            expect(Chef::Audit::Runner).to receive(:new).and_return(audit_runner)
+            expect(audit_runner).to receive(:run).and_raise(Exception)
+          end
+
+          def stub_for_run
+            expect_any_instance_of(Chef::RunLock).to receive(:acquire)
+            expect_any_instance_of(Chef::RunLock).to receive(:save_pid)
+            expect_any_instance_of(Chef::RunLock).to receive(:release)
+
+            # Post conditions: check that node has been filled in correctly
+            expect(client).to receive(:run_started)
+            expect(client).to receive(:run_failed)
+
+            # --ResourceReporter#run_completed
+            #   updates the server with the resource history
+            #   (has its own tests, so stubbing it here.)
+            # TODO: What gets called here?
+            #expect_any_instance_of(Chef::ResourceReporter).to receive(:run_failed)
+            # --AuditReporter#run_completed
+            #   posts the audit data to server.
+            #   (has its own tests, so stubbing it here.)
+            # TODO: What gets called here?
+            #expect_any_instance_of(Chef::Audit::AuditReporter).to receive(:run_failed)
+          end
+        end
+
+        it "should save the node after converge and raise exception" do
+          expect{ client.run }.to raise_error(Exception)
+        end
+      end
+
+      context "with failed audits" do
+        skip("because I don't think we've implemented this yet")
+      end
+    end
+
   end
 
 
diff --git a/spec/unit/dsl/audit_spec.rb b/spec/unit/dsl/audit_spec.rb
new file mode 100644
index 0000000000..7ddffb4e9f
--- /dev/null
+++ b/spec/unit/dsl/audit_spec.rb
@@ -0,0 +1,24 @@
+
+require 'spec_helper'
+require 'chef/dsl/audit'
+
+class AuditDSLTester
+  include Chef::DSL::Audit
+end
+
+describe Chef::DSL::Audit do
+  let(:auditor) { AuditDSLTester.new }
+
+  it "raises an error when a block of audits is not provided" do
+    expect{ auditor.controls "name" }.to raise_error(Chef::Exceptions::NoAuditsProvided)
+  end
+
+  it "raises an error when no audit name is given" do
+    expect{ auditor.controls do end }.to raise_error(Chef::Exceptions::AuditNameMissing)
+  end
+
+  it "raises an error if the audit name is a duplicate" do
+    auditor.controls "unique" do end
+    expect { auditor.controls "unique" do end }.to raise_error(Chef::Exceptions::AuditControlGroupDuplicate)
+  end
+end