diff options
author | Matt Wrock <matt@mattwrock.com> | 2016-04-25 13:14:41 -0700 |
---|---|---|
committer | Matt Wrock <matt@mattwrock.com> | 2016-04-25 13:14:41 -0700 |
commit | de243172e1b47afbc0873769d637caf7d4199114 (patch) | |
tree | 6a16704d430e6ed4c4746a1336346714dd6630cf /chef-config/spec | |
parent | 32fbc8908cc41c218951d5e2c9413e7efc6df5f1 (diff) | |
download | chef-de243172e1b47afbc0873769d637caf7d4199114.tar.gz |
run in fips mode if node is fips enabled
Diffstat (limited to 'chef-config/spec')
-rw-r--r-- | chef-config/spec/unit/config_spec.rb | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/chef-config/spec/unit/config_spec.rb b/chef-config/spec/unit/config_spec.rb index 72c0981eca..8d0bc8f203 100644 --- a/chef-config/spec/unit/config_spec.rb +++ b/chef-config/spec/unit/config_spec.rb @@ -19,6 +19,7 @@ require "spec_helper" require "chef-config/config" +require "ohai" RSpec.describe ChefConfig::Config do before(:each) do @@ -165,6 +166,57 @@ RSpec.describe ChefConfig::Config do allow(ChefConfig::Config).to receive(:path_accessible?).and_return(false) end + describe "ChefConfig::Config[:fips]" do + let(:fips_ohai) { double("Ohai::System", load_plugins: nil, require_plugin: nil) } + let(:fips_ohai_data) do + { + kernel: { + enabled: fips_ohai_value, + }, + } + end + let(:fips_ohai_value) { false } + + before(:all) do + @original_env = ENV.to_hash + end + + after(:all) do + ENV.clear + ENV.update(@original_env) + end + + before(:each) do + ENV["CHEF_FIPS"] = nil + allow(Ohai::System).to receive(:new).and_return(fips_ohai) + allow(fips_ohai).to receive(:[]).with(:fips).and_return(fips_ohai_data) + end + + it "returns false when no environment is set and ohai flag is disabled" do + expect(ChefConfig::Config[:fips]).to eq(false) + ChefConfig::Config.instance_eval { remove_instance_variable(:@sync_value) } + end + + context "when ENV['CHEF_FIPS'] is set" do + before do + ENV["CHEF_FIPS"] = "1" + end + + it "returns true" do + expect(ChefConfig::Config[:fips]).to eq(true) + end + end + + context "when fips is enabled in ohai data" do + let(:fips_ohai_value) { true } + + it "returns true" do + expect(ChefConfig::Config[:fips]).to eq(true) + ChefConfig::Config.instance_eval { remove_instance_variable(:@sync_value) } + end + end + end + describe "ChefConfig::Config[:chef_server_root]" do context "when chef_server_url isn't set manually" do it "returns the default of 'https://localhost:443'" do |