There are two issues happening right now with running audit cookbooks like the following under Windows with recent Chef and ChefDK (0.5.1+) releases
convert_regexpwindows-specific specinfra method was eating forward slashes found in URLs and anywhere else in the patterns
backslashesBackslashes must be escaped for them to make it into the attempted Powershell match
Change the SpecInfra
convert_regexpmethod's substitution section to look like this in the embedded ruby under
c:/opscode/chef. I'm using ChefDK 0.5.1 and found the file at
C:\opscode\chefdk\embedded\lib\ruby\gems\2.1.0\gems\specinfra-2.30.2\lib\specinfra\backend\powershell\command.rb. I believe you are using v2.36.9 of SpecInfra, and it still looks the same https://github.com/mizzy/specinfra/blob/v2.36.9/lib/specinfra/backend/powershell/command.rb#L20-L27
def convert_regexp(target) case target when Regexp target.source else #target.to_s.gsub '/', '' target.to_s.gsub '(^\/|\/$)', '' end end
Whenever there are literal backslashes in a token, like
E:Inetpub\GLS\docdrop\", you must send that string to chef-audit like this, with three backslashes, to escape the backslash, which is a special character.
The following examples work with the above patch, and not without it.
I had to add the two extra backslashes that would not otherwise be found in the patterns, and the patch above allows URLs and other patterns with forward slashes to be passed unmodified.
control_group "Verify deployment" do
control 'tokens' do
it 'should handle dots and forward slashes and angle brackets' do
expect(file(web_config_file)).to contain '<endpoint address="net.msmq://something.example.local/private/COMET.Enterprise.Trace.Messaging.Service/thingstoseenow.svc" binding="netMsmqBinding" bindingConfiguration="NetMsmqBinding" contract="COMET.Enterprise.Trace.Contracts.Service.ASomethingService" name="Watching"/>'
it 'should handle lots of backslashes' do
expect(file(web_config_file)).to contain '<add key="filebin" value="E:\\\Inetpub\\\SSS\\\docdrop\\\"/>'
it 'should handle URLS and tags' do
expect(file(web_config_file)).to contain '<value>http://something.example.net/Service.asmx</value>'
The ChefDK ticket for the convert_regexp method issue can be found at https://github.com/chef/chef-dk/issues/526