diff options
author | Lamont Granquist <lamont@scriptkiddie.org> | 2021-02-26 12:00:56 -0800 |
---|---|---|
committer | Lamont Granquist <lamont@scriptkiddie.org> | 2021-02-26 12:00:56 -0800 |
commit | 77a02393d7301d4e864a82751fab72e4764ee96f (patch) | |
tree | d90fb2e7c4ad323a8e18e10767d6d8247218bc46 /spec/unit/compliance | |
parent | 6fb4dae4f722ee28e17d6b4354c3b6f3fb01946e (diff) | |
download | chef-77a02393d7301d4e864a82751fab72e4764ee96f.tar.gz |
Extend node["audit"]["compliance_phase"] to assert phase on or offlcg/compliance-phase-attr2
The nil default is now the magic behavior while true or false asserts it
and overrides the magic.
Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
Diffstat (limited to 'spec/unit/compliance')
-rw-r--r-- | spec/unit/compliance/runner_spec.rb | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/spec/unit/compliance/runner_spec.rb b/spec/unit/compliance/runner_spec.rb index d46d756b0e..d166f467c8 100644 --- a/spec/unit/compliance/runner_spec.rb +++ b/spec/unit/compliance/runner_spec.rb @@ -19,11 +19,11 @@ describe Chef::Compliance::Runner do expect(runner).to be_enabled end - it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is unset" do + it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is false" do node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" } - node.normal["audit"]["compliance_mode"] = false + node.normal["audit"]["compliance_phase"] = false - expect(runner).to be_enabled + expect(runner).not_to be_enabled end it "is false if the node attributes have audit profiles and the audit cookbook is present" do @@ -33,6 +33,14 @@ describe Chef::Compliance::Runner do expect(runner).not_to be_enabled end + it "is true if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do + stub_const("::Reporter::ChefAutomate", true) + node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" } + node.normal["audit"]["compliance_phase"] = true + + expect(runner).to be_enabled + end + it "is false if the node attributes do not have audit profiles and the audit cookbook is not present" do node.normal["audit"]["profiles"] = {} @@ -50,6 +58,27 @@ describe Chef::Compliance::Runner do node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos } expect(runner).not_to be_enabled end + + it "is true if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is true" do + node.normal["audit"]["profiles"] = {} + node.normal["audit"]["compliance_phase"] = true + + expect(runner).to be_enabled + end + + it "is true if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do + stub_const("::Reporter::ChefAutomate", true) + node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos } + node.normal["audit"]["compliance_phase"] = true + + expect(runner).to be_enabled + end + + it "is true if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is true" do + node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos } + node.normal["audit"]["compliance_phase"] = true + expect(runner).to be_enabled + end end describe "#inspec_profiles" do |