This is my current situation, I have a single cookbook in an internal git repo. In that cookbook I have to keep several policy files and test them, for that I created a directory called policyfiles inside the cookbook, being something like this:
MyCookbook
|--attributes
|--recipes
|--templates
|--spec
|--policyfiles
| |- a.rb
| |- b.rb
|--other files.
My problem is that I have to test those a.rb and b.rb policyfiles with Kitchen, so I tried using chef_zero without any luck reading those policyfiles and then tried policyfile_zero as Kitchen provisioner... in this case it can read a policyfile lock file (For example, a.lock.json) but only if it is placed in the cookbook root directory and renamed to Policyfile.lock.json
This is extremely clunky and not practical, could anyone please provide some insight about how to test policyfiles locally with Kitchen? I can't believe this is the only way to do so.
So answering to my own question, discovered doing further random trial and error, it seems to be a problem in the way I was using chef_zero and telling it where the policyfile is.
Previously with policyfile_zero provisioner, the structure of a suite in chef kitchen could be like:
suites:
- name: MySuite
provisioner:
policyfile: policyfiles/a.rb
Which won't work. However the syntax now for this is:
suites:
- name: MySuite
provisioner:
policyfile_path: policyfiles/a.rb
This will no only work but auto chef install the policyfile, creating a fresh lock file in the policyfile path and apply it without renaming to the provisioned machine.