diff options
| author | tyler-ball <tyleraball@gmail.com> | 2014-09-11 14:55:55 -0700 |
|---|---|---|
| committer | tyler-ball <tyleraball@gmail.com> | 2014-09-29 08:31:08 -0700 |
| commit | d24ec65aced97b96188ffcc439f4f3cccdd41443 (patch) | |
| tree | 7d22d0dc156d79650d289416a220af92685c4b74 /spec/unit/dsl | |
| parent | 71f7c6e463220cf492d5ac38c2cfbeb96defbeba (diff) | |
| download | chef-d24ec65aced97b96188ffcc439f4f3cccdd41443.tar.gz | |
Refactoring duplicated code into a separate module. Also making CLI options more informative
Diffstat (limited to 'spec/unit/dsl')
| -rw-r--r-- | spec/unit/dsl/data_query_spec.rb | 118 |
1 files changed, 8 insertions, 110 deletions
diff --git a/spec/unit/dsl/data_query_spec.rb b/spec/unit/dsl/data_query_spec.rb index 8a985437b7..78cd5569e8 100644 --- a/spec/unit/dsl/data_query_spec.rb +++ b/spec/unit/dsl/data_query_spec.rb @@ -86,123 +86,21 @@ describe Chef::DSL::DataQuery do end context "when the item is encrypted" do - let(:default_secret) { "abc123SECRET" } - - let(:encoded_data) { Chef::EncryptedDataBagItem.encrypt_data_bag_item(raw_data, default_secret) } - - let(:item) do - item = Chef::DataBagItem.new - item.data_bag(bag_name) - item.raw_data = encoded_data - item - end + let(:secret) { "abc123SECRET" } + let(:enc_data_bag) { double("Chef::EncryptedDataBagItem") } before do allow( Chef::DataBagItem ).to receive(:load).with(bag_name, item_name).and_return(item) + expect(language).to receive(:encrypted?).and_return(true) + expect( Chef::EncryptedDataBagItem ).to receive(:load_secret).and_return(secret) end - shared_examples_for "encryption detected" do - let(:encoded_data) do - Chef::Config[:data_bag_encrypt_version] = version - Chef::EncryptedDataBagItem.encrypt_data_bag_item(raw_data, default_secret) - end - - before do - allow( Chef::EncryptedDataBagItem ).to receive(:load_secret).and_return(default_secret) - end - - it "detects encrypted data bag" do - expect( encryptor ).to receive(:encryptor_keys).at_least(:once).and_call_original - expect( Chef::Log ).to receive(:debug).with(/Data bag item looks encrypted/) - language.data_bag_item(bag_name, item_name) - end - end - - context "when encryption version is 1" do - include_examples "encryption detected" do - let(:version) { 1 } - let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor } - end - end - - context "when encryption version is 2" do - include_examples "encryption detected" do - let(:version) { 2 } - let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor } - end + it "detects encrypted data bag" do + expect( Chef::EncryptedDataBagItem ).to receive(:new).with(raw_data, secret).and_return(enc_data_bag) + expect( Chef::Log ).to receive(:debug).with(/Data bag item looks encrypted/) + expect(language.data_bag_item(bag_name, item_name)).to eq(enc_data_bag) end - context "when encryption version is 3", :ruby_20_only do - include_examples "encryption detected" do - let(:version) { 3 } - let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor } - end - end - - shared_examples_for "an encrypted data bag item" do - it "returns an encrypted data bag item" do - expect( language.data_bag_item(bag_name, item_name, secret) ).to be_a_kind_of(Chef::EncryptedDataBagItem) - end - - it "decrypts the contents of the data bag item" do - expect( language.data_bag_item(bag_name, item_name, secret).to_hash ).to eql raw_data - end - end - - context "when a secret is supplied" do - include_examples "an encrypted data bag item" do - let(:secret) { default_secret } - end - end - - context "when a secret is not supplied" do - before do - allow( Chef::Config ).to receive(:[]).and_call_original - expect( Chef::Config ).to receive(:[]).with(:encrypted_data_bag_secret).and_return(path) - expect( Chef::EncryptedDataBagItem ).to receive(:load_secret).and_call_original - end - - context "when a secret is located at Chef::Config[:encrypted_data_bag_secret]" do - let(:path) { "/tmp/my_secret" } - - before do - expect( File ).to receive(:exist?).with(path).and_return(true) - expect( IO ).to receive(:read).with(path).and_return(default_secret) - end - - include_examples "an encrypted data bag item" do - let(:secret) { nil } - end - end - - shared_examples_for "no secret file" do - it "should fail to load the data bag item" do - expect( Chef::Log ).to receive(:error).with(/Failed to load secret for encrypted data bag item/) - expect( Chef::Log ).to receive(:error).with(/Failed to load data bag item/) - expect{ language.data_bag_item(bag_name, item_name) }.to raise_error(error_type, error_message) - end - end - - context "when Chef::Config[:encrypted_data_bag_secret] is not configured" do - include_examples "no secret file" do - let(:path) { nil } - let(:error_type) { ArgumentError } - let(:error_message) { /No secret specified and no secret found/ } - end - end - - context "when Chef::Config[:encrypted_data_bag_secret] does not exist" do - include_examples "no secret file" do - before do - expect( File ).to receive(:exist?).with(path).and_return(false) - end - - let(:path) { "/tmp/my_secret" } - let(:error_type) { Errno::ENOENT } - let(:error_message) { /file not found/ } - end - end - end end end end |