Implement RFC 027 File Verification

This implements usable-suppliable file content verification per RFC 027. Users can supplie a block, string, or symbol to the `verify` resource attribute. Blocks will be called, string will be executed as shell commands (respecing the same options as not_if and only_if), and symbols can be used to access built-in registered validations.
author: Steven Danna <steve@opscode.com> 2014-12-09 13:27:21 +0000
committer: Bryan McLellan <btm@opscode.com> 2015-02-17 08:46:37 -0500
commit: 9b6f1129364ab39dd272ccffd14bbc82f4c32ace (patch)
tree: edf4a8534cef7b646ffc30783c0f3ae08ed6f092 /lib/chef/provider
parent: cd7bac6dc131c958c8f6ccac6e50f2dca655dfd9 (diff)
download: chef-9b6f1129364ab39dd272ccffd14bbc82f4c32ace.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/chef/provider/file.rb b/lib/chef/provider/file.rb
index a9390cc45c..c070d29458 100644
--- a/lib/chef/provider/file.rb
+++ b/lib/chef/provider/file.rb
@@ -345,6 +345,14 @@ class Chef
         if new_resource.checksum && tempfile && ( new_resource.checksum != tempfile_checksum )
           raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
         end
+
+        if tempfile
+          new_resource.verify.each do |v|
+            if ! v.verify(tempfile.path)
+              raise Chef::Exceptions::ValidationFailed.new "Proposed content for #{new_resource.path} failed verification #{v}"
+            end
+          end
+        end
       end
 
       def do_unlink
author	Steven Danna <steve@opscode.com>	2014-12-09 13:27:21 +0000
committer	Bryan McLellan <btm@opscode.com>	2015-02-17 08:46:37 -0500
commit	9b6f1129364ab39dd272ccffd14bbc82f4c32ace (patch)
tree	edf4a8534cef7b646ffc30783c0f3ae08ed6f092 /lib/chef/provider
parent	cd7bac6dc131c958c8f6ccac6e50f2dca655dfd9 (diff)
download	chef-9b6f1129364ab39dd272ccffd14bbc82f4c32ace.tar.gz