diff options
author | Bryan McLellan <btm@loftninjas.org> | 2021-04-21 16:28:27 -0400 |
---|---|---|
committer | Bryan McLellan <btm@loftninjas.org> | 2021-04-21 16:28:27 -0400 |
commit | 59c80b909c35f81c4cbb6bdf102f1869670a1514 (patch) | |
tree | 050a9126df7df014610c6719d9cbc5518ac6f4a3 | |
parent | f75f018be790be19de3c95c8882825724a850051 (diff) | |
download | chef-btm/jfm/final_cert_update.tar.gz |
try the version of the functional test from masterbtm/jfm/final_cert_update
Signed-off-by: Bryan McLellan <btm@loftninjas.org>
-rw-r--r-- | spec/functional/resource/windows_certificate_spec.rb | 127 |
1 files changed, 35 insertions, 92 deletions
diff --git a/spec/functional/resource/windows_certificate_spec.rb b/spec/functional/resource/windows_certificate_spec.rb index df2d1cbec8..b5d0484e0c 100644 --- a/spec/functional/resource/windows_certificate_spec.rb +++ b/spec/functional/resource/windows_certificate_spec.rb @@ -22,44 +22,26 @@ require "chef/resource/windows_certificate" describe Chef::Resource::WindowsCertificate, :windows_only do include Chef::Mixin::PowershellExec - def create_store(store_location: "LocalMachine", store_name: store) + def create_store powershell_exec <<~EOC - New-Item -Path Cert:\\#{store_location}\\#{store_name} + New-Item -Path Cert:\\LocalMachine\\#{store} EOC end - def delete_store(store_location: "LocalMachine", store_name: store) + def delete_store powershell_exec <<~EOC - Remove-Item -Path Cert:\\#{store_location}\\#{store_name} -Recurse + Remove-Item -Path Cert:\\LocalMachine\\#{store} -Recurse EOC end - def certificate_count(store_location: "LocalMachine", store_name: store) + def certificate_count powershell_exec(<<~EOC).result.to_i - (Get-ChildItem -Force -Path Cert:\\#{store_location}\\#{store_name} | measure).Count - EOC - end - - def list_certificates(store_location: "LocalMachine", store_name: store) - powershell_exec(<<~EOC) - Get-ChildItem -Force -Path Cert:\\#{store_location}\\#{store_name} -Recurse - EOC - end - - def refresh_certstore(store_location: "LocalMachine") - powershell_exec(<<~EOC) - Get-ChildItem -Force -Path Cert:\\#{store_location} -Recurse + (Get-ChildItem -Force -Path Cert:\\LocalMachine\\#{store} | measure).Count EOC end let(:password) { "P@ssw0rd!" } let(:store) { "Chef-Functional-Test" } - let(:store_name) { "MY" } - let(:store_location) { "LocalMachine" } - let(:download_cert_url) { "https://testingchef.blob.core.windows.net/files/test.cer" } - let(:cert_output_path) { ::File.join(Chef::Config[:file_cache_path], "output.cer") } - let(:pfx_output_path) { ::File.join(Chef::Config[:file_cache_path], "output.pfx") } - let(:key_output_path) { ::File.join(Chef::Config[:file_cache_path], "output.key") } let(:cer_path) { File.join(CHEF_SPEC_DATA, "windows_certificates", "test.cer") } let(:base64_path) { File.join(CHEF_SPEC_DATA, "windows_certificates", "base64_test.cer") } let(:pem_path) { File.join(CHEF_SPEC_DATA, "windows_certificates", "test.pem") } @@ -86,16 +68,12 @@ describe Chef::Resource::WindowsCertificate, :windows_only do .and_return(true) create_store - end after { delete_store } describe "action: create" do it "starts with no certificates" do - delete_store - create_store - foo = list_certificates expect(certificate_count).to eq(0) end @@ -125,14 +103,6 @@ describe Chef::Resource::WindowsCertificate, :windows_only do expect(resource).to be_updated_by_last_action end - it "can add a certificate from a valid url" do - resource.source = download_cert_url - resource.run_action(:create) - - expect(certificate_count).to eq(1) - expect(resource).to be_updated_by_last_action - end - it "can add a base64 encoded certificate idempotently" do resource.source = base64_path resource.run_action(:create) @@ -187,13 +157,9 @@ describe Chef::Resource::WindowsCertificate, :windows_only do expect { resource.run_action(:create) }.to raise_error(OpenSSL::PKCS12::PKCS12Error) end - after { delete_store } end describe "action: verify" do - before do - create_store - end it "fails with no certificates in the store" do expect(Chef::Log).to receive(:info).with("Certificate not found") @@ -264,13 +230,13 @@ describe Chef::Resource::WindowsCertificate, :windows_only do end describe "action: fetch" do - context "with no certificate in the store" do - it "throws an error with no certificates in the store" do - expect(Chef::Log).not_to receive(:info) - resource.source = others_thumbprint - resource.output_path = cert_output_path - expect { resource.run_action :fetch }.to raise_error(ArgumentError) - end + it "does nothing with no certificates in the store" do + expect(Chef::Log).not_to receive(:info) + + resource.source = tests_thumbprint + resource.run_action(:fetch) + + expect(resource).not_to be_updated_by_last_action end context "with a certificate in the store" do @@ -281,68 +247,45 @@ describe Chef::Resource::WindowsCertificate, :windows_only do it "succeeds with a valid thumbprint" do resource.source = tests_thumbprint - local_output_path = ::File.join(Chef::Config[:file_cache_path], "test.pem") - resource.output_path = local_output_path - resource.run_action(:fetch) - expect(File.exist?(local_output_path)).to be_truthy - end - - it "fails with an invalid thumbprint" do - expect(Chef::Log).not_to receive(:info) - - resource.source = others_thumbprint Dir.mktmpdir do |dir| path = File.join(dir, "test.pem") + expect(Chef::Log).to receive(:info).with("Certificate export in #{path}") - resource.output_path = path - expect { resource.run_action :fetch }.to raise_error(ArgumentError) + resource.cert_path = path + resource.run_action(:fetch) + + expect(File.exist?(path)).to be_truthy end + expect(resource).not_to be_updated_by_last_action end - end - context "with a pfx/pkcs12 object in the store" do - before do - create_store - refresh_certstore - resource.source = pfx_path - resource.pfx_password = password - resource.exportable = true - resource.run_action(:create) - end + it "fails with an invalid thumbprint" do + expect(Chef::Log).not_to receive(:info) - it "exports a PFX file with a valid thumbprint" do - resource.source = tests_thumbprint - resource.pfx_password = password - resource.output_path = pfx_output_path - resource.run_action(:fetch) - expect(File.exist?(pfx_output_path)).to be_truthy - end + resource.source = others_thumbprint - it "exports a key file with a valid thumbprint" do - resource.source = tests_thumbprint - resource.pfx_password = password - resource.output_path = key_output_path - resource.run_action(:fetch) - expect(File.exist?(key_output_path)).to be_truthy - end + Dir.mktmpdir do |dir| + path = File.join(dir, "test.pem") - it "throws an exception when output_path is not specified" do - resource.source = tests_thumbprint - resource.pfx_password = password - expect { resource.run_action :fetch }.to raise_error(::Chef::Exceptions::ResourceNotFound) - end + resource.cert_path = path + resource.run_action(:fetch) - after { delete_store } + expect(File.exist?(path)).to be_falsy + end + expect(resource).not_to be_updated_by_last_action + end end end describe "action: delete" do - it "throws an argument error when attempting to delete a certificate that doesn't exist" do + it "does nothing when attempting to delete a certificate that doesn't exist" do + expect(Chef::Log).to receive(:debug).with("Certificate not found") + resource.source = tests_thumbprint - expect { resource.run_action :delete }.to raise_error(ArgumentError) + resource.run_action(:delete) end it "deletes an existing certificate while leaving other certificates alone" do @@ -360,7 +303,7 @@ describe Chef::Resource::WindowsCertificate, :windows_only do expect(certificate_count).to eq(1) expect(resource).to be_updated_by_last_action - expect { resource.run_action :delete }.to raise_error(ArgumentError) + resource.run_action(:delete) expect(certificate_count).to eq(1) expect(resource).not_to be_updated_by_last_action |