Could anyone advise how I can write a chefspec test for the following recipe code please?
{'tomcat_exec_t' => '/apps/.*/bin(/.*)?',
'tomcat_unit_file_t' => '/usr/lib/systemd/system/tomcat@.*.service',
'tomcat_cache_t' => '/apps/.*/temp(/.*)?',
'tomcat_cache_t' => '/apps/.*/work(/.*)?',
'etc_t' => '/apps/.*/conf(/.*)?',
'tomcat_log_t' => '/apps/.*/logs(/.*)?',
'tomcat_var_run_t' => '/apps/.*/logs/tomcat.pid',
'lib_t' => '/apps/.*/lib(/.*)?',
'tomcat_var_lib_t' => '/apps/.*/webapps(/.*)?'}.each do |sc, f|
selinux_policy_fcontext f do
secontext sc
end
end
I've tried a couple of things like below but I guess this fails because the execute is carried out by the selinux_policy cookbook.
expect(chef_run).to run_execute('selinux-fcontext-tomcat_exec_t-addormodify')
end
and this fails because there is no method defined:
expect(chef_run).to create_selinux-fcontext('selinux-fcontext-tomcat_exec_t-addormodify').with(
fspec: '/apps/.*/bin(/.*)?',
secontext: 'fcontext'
)
So I'm not really sure what else can be done.
Any help would be really appreciated.
Thanks,
Edward
You may have to write your own matchers depending on whether or not the selinux cookbook provides them for you. Check in the libraries directory.
In either case, you would want
expect(chef_run).to create_selinux_policy_fcontext('selinux-fcontext-tomcat_exec_t-addormodify').with(
fspec: '/apps/.*/bin(/.*)?',
secontext: 'fcontext'
end
I'm assuming that the default action is create, otherwise you'd replace create with the appropriate action