Permalink
Browse files

add specs to apache cookbook

TelekomLabs-DCO-1.1-Signed-off-by: Edmund Haselwanter <me@ehaselwanter.com> (github: ehaselwanter)
  • Loading branch information...
ehaselwanter committed Nov 30, 2014
1 parent 1fdddd9 commit 7b76579bfb2d534c1b9f0b79d0648c42accf38a0
Showing with 61 additions and 0 deletions.
  1. +1 −0 .gitignore
  2. +5 −0 spec/spec_helper.rb
  3. +18 −0 spec/unit/recipes/default_spec.rb
  4. +37 −0 spec/unit/recipes/hardening_spec.rb
View
@@ -5,3 +5,4 @@ Berksfile.lock
.kitchen.local.yml
shared_test_repo/
test/integration
coverage/**/*
View
@@ -2,3 +2,8 @@
require 'chefspec'
require 'chefspec/berkshelf'
require 'coveralls'
# coverage report
Coveralls.wear!
at_exit { ChefSpec::Coverage.report! }
@@ -0,0 +1,18 @@
# encoding: utf-8
require 'spec_helper'
describe 'apache-hardening::default' do
let(:chef_run) { ChefSpec::SoloRunner.converge(described_recipe) }
before do
stub_command('/usr/sbin/apache2 -t')
stub_command("find /etc/apache2 -perm -o+r -type f -o -perm -o+w -type f | wc -l | egrep '^0$'")
end
it 'includes apache-hardening::hardening recipe' do
expect(chef_run).to include_recipe('apache-hardening::hardening')
end
end
@@ -0,0 +1,37 @@
# encoding: utf-8
require 'spec_helper'
describe 'apache-hardening::hardening' do
let(:chef_run) { ChefSpec::SoloRunner.converge(described_recipe) }
before do
stub_command('/usr/sbin/apache2 -t')
stub_command("find /etc/apache2 -perm -o+r -type f -o -perm -o+w -type f | wc -l | egrep '^0$'")
end
it 'creates hardening.conf with correct permissions' do
expect(chef_run).to create_template(File.join(chef_run.node['apache']['dir'], '/conf-enabled/', 'hardening.conf')).with(
user: 'root',
group: chef_run.node['apache']['root_group'],
mode: '0640'
)
end
it 'executes "remove world readable files"' do
stub_command("find /etc/apache2 -perm -o+r -type f -o -perm -o+w -type f | wc -l | egrep '^0$'").and_return(false)
expect(chef_run).to run_execute('remove world readable files')
end
it 'does not execute "remove world readable files"' do
stub_command("find /etc/apache2 -perm -o+r -type f -o -perm -o+w -type f | wc -l | egrep '^0$'").and_return(true)
expect(chef_run).to_not run_execute('remove world readable files')
end
end

0 comments on commit 7b76579

Please sign in to comment.