beaker-puppet_install_helper 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ec929df57e9e89b0437647e33b6b5de9c39e05c5
-  data.tar.gz: af13f6d801db9af6f1e4331301aefb4a536a9cf4
+  metadata.gz: 17e6a51cd929ad47b6650028e546f4e0e5708111
+  data.tar.gz: b782f88f97d51b289c7198683e0ed3c7829e96a2
 SHA512:
-  metadata.gz: 34c259057ac90949d402553098a775ff5845f68241684a4599f27b484da56f18ad864a9fbb2434e60b99cf5fd11e9126cc03c75c8500e950439de719e62bcafe
-  data.tar.gz: 3f71c81936136c1d16a8649048f264a6db35204e585cfd20b9ea97a1a831464c30c9f9c9dece882863550f9619e4abfc5fced19285a2ce43524bb938cc2c1795
+  metadata.gz: 8d1fccdeb2a26047783bb3d6be89788195aefe060520edaeca7bddfd8b32e19e1bfed1f5664a676267a1d8e5d504aa30661f370a50fc4a8b2498aa8efcb25210
+  data.tar.gz: e357f54eca20d2e932d7c8664db898b0a0897eeecfbde0eab44fbb9897c4d7b556de8194a02915d0eef54b7dedbffc276028f3bbe517427ef778b83420fb4cea

data/.gitignore

@@ -1,3 +1,5 @@
 Gemfile.lock
+Gemfile.local
 .bundle
 *.swp
+.idea

data/CONTRIBUTING.md

@@ -0,0 +1,7 @@
+### Contributing and adding features
+
+This package is frozen on 0.x and guaranteed to disappear in the future, so contributing features is not something you probably want to spend time on.
+
+On the other hand, it exists to fill a void in beaker until such time as beaker fills it, so any bugfixes contributed via a github pull request are welcome.
+
+Discussion is available in #puppet-dev on Freenode

data/Gemfile

@@ -1,3 +1,8 @@
 source ENV['GEM_SOURCE'] || "https://rubygems.org"
 
 gemspec
+
+if File.exists? "#{__FILE__}.local"
+  eval(File.read("#{__FILE__}.local"), binding)
+end
+

data/README.md

@@ -2,6 +2,8 @@
 
 This gem is simply an abstraction for the various ways that we install puppet from the `spec/spec_helper_acceptance.rb` files across the modules.
 
+### `run_puppet_install_helper`
+
 The way to use this is to declare either `run_puppet_install_helper()` or `run_puppet_install_helper_on(hosts)` and set environment variables `PUPPET_VERSION` and/or `PUPPET_INSTALL_TYPE` in the following combinations to have puppet installed on the desired hosts:
 
 - `PUPPET_INSTALL_TYPE` is unset: it will look at the default node's type (ie, `default.is_pe?` and choose either foss or pe methods below.
@@ -13,5 +15,18 @@ The way to use this is to declare either `run_puppet_install_helper()` or `run_p
 
 The best way is explicitly set `PUPPET_INSTALL_TYPE` and `PUPPET_VERSION` to what you want. It'll probably do what you expect.
 
+### `install_ca_certs`
+
+Install Certificate Authority Certs on Windows and OSX for Geotrust, User Trust Network, and Equifax
+On Windows it currently is limited to hosts that use cygwin
+
+### `install_ca_certs_on`
+
+Install certs on a given host(s)
+
+### Support
+
+No support is supplied or implied. Use at your own risk.
+
 ### TODO
 - Add support for ci-ready builds

data/beaker-puppet_install_helper.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = "beaker-puppet_install_helper"
-  s.version     = '0.2.1'
+  s.version     = '0.3.0'
   s.authors     = ["Puppetlabs"]
   s.email       = ["hunter@puppetlabs.com"]
   s.homepage    = "https://github.com/puppetlabs/beaker-puppet_install_helper"

data/lib/beaker/ca_cert_helper.rb

@@ -0,0 +1,129 @@
+require 'beaker'
+require 'beaker/dsl/helpers/host_helpers'
+
+module Beaker::CaCertHelper
+
+  def install_ca_certs
+    install_ca_certs_on(hosts)
+  end
+
+
+  ##
+  # Install certs on Windows and OSX Hosts
+  #
+  # @param Array<Host>
+  #
+  ##
+  def install_ca_certs_on(hosts)
+    Array[hosts].each do |host|
+      get_cert_hash.each do |cert_name, ca|
+        create_cert_on_host(host, cert_name, ca)
+        if host['platform'] =~ /windows/i
+          add_windows_cert host, cert_name
+        end
+      end
+    end
+  end
+
+  ##
+  # create the remote file and ensure proper rights
+  #
+  def create_cert_on_host(host, cert_name, ca)
+    create_remote_file(host, cert_name, ca)
+    on host, "chmod 644 #{cert_name}"
+  end
+
+  ##
+  # Install cert, assumes cygwin currently
+  ##
+  def add_windows_cert(host, ca_filename)
+    on host, "cmd /c certutil -v -addstore Root `cygpath -w #{ca_filename}`"
+  end
+
+  ##
+  # Returns a hash of certificates where the Key is the pem cert name, and the value is the certificate
+  # @return Hash<String,String>
+  ##
+  def get_cert_hash
+    certs = {}
+    certs['geotrustglobal.pem'] = <<-EOM
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
+YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
+R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
+9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
+fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
+iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
+1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
+MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
+ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
+uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
+Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
+tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
+PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
+hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
+5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
+-----END CERTIFICATE-----
+    EOM
+
+    certs['usertrust-network.pem'] = <<-EOM
+-----BEGIN CERTIFICATE-----
+MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
+lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
+Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
+dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
+SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
+A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
+MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
+d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
+cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
+0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
+M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
+MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
+oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
+DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
+oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
+VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
+bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
+BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
+//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
+CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
+CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
+3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
+KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
+-----END CERTIFICATE-----
+    EOM
+
+    certs['equifax.pem'] = <<-EOM
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
+UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
+MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
+dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
+BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
+cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
+AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
+aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
+ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
+IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
+MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
+A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
+7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
+1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
+-----END CERTIFICATE-----
+    EOM
+
+    certs
+  end
+
+
+end
+
+include Beaker::CaCertHelper

data/lib/beaker/puppet_install_helper.rb

@@ -1,4 +1,5 @@
 require 'beaker'
+require 'beaker/ca_cert_helper'
 
 module Beaker::PuppetInstallHelper
   def run_puppet_install_helper(type_arg=find_install_type,version=ENV["PUPPET_VERSION"])

data/spec/unit/beaker/ca_cert_helper_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+describe 'beaker::ca_cert_helper' do
+  let :subject do
+    Class.new { include Beaker::CaCertHelper }
+  end
+
+
+  describe 'install_ca_certs_on' do
+    before :each do
+      allow(subject).to receive(:get_cert_hash).and_return(
+                            {'geotrustglobal.pem' => 'my cert string',
+                             'usertrust-network.pem' => 'my user trust cert'})
+    end
+
+    it "windows 2003 node" do
+      w2k3 = {"platform" => 'windows-2003r2-64', 'distmoduledir' => '/dne', 'hieraconf' => '/dne'}
+
+      expect(subject).to receive(:add_windows_cert).with(w2k3, 'geotrustglobal.pem')
+      expect(subject).to receive(:create_cert_on_host).with(w2k3, 'geotrustglobal.pem', 'my cert string')
+      expect(subject).to receive(:add_windows_cert).with(w2k3, 'usertrust-network.pem')
+      expect(subject).to receive(:create_cert_on_host).with(w2k3, 'usertrust-network.pem', 'my user trust cert')
+      subject.install_ca_certs_on w2k3
+    end
+  end
+
+  describe 'add_windows_cert' do
+    it {
+      host = {"platform" => 'windows-2003r2-64', 'distmoduledir' => '/dne', 'hieraconf' => '/dne'}
+      expect(subject).to receive(:on).with(host, 'cmd /c certutil -v -addstore Root `cygpath -w geotrustglobal.pem`')
+      subject.add_windows_cert host, 'geotrustglobal.pem'
+    }
+  end
+
+  describe 'get_cert_hash' do
+    it 'should contain 3 certs' do
+      cert_hash = subject.get_cert_hash
+      expect(cert_hash.length).to equal(3)
+      expect(cert_hash.class).to eq(Hash)
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: beaker-puppet_install_helper
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.0
 platform: ruby
 authors:
 - Puppetlabs
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-30 00:00:00.000000000 Z
+date: 2015-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -47,12 +47,15 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".travis.yml"
+- CONTRIBUTING.md
 - Gemfile
 - LICENSE
 - README.md
 - beaker-puppet_install_helper.gemspec
+- lib/beaker/ca_cert_helper.rb
 - lib/beaker/puppet_install_helper.rb
 - spec/spec_helper.rb
+- spec/unit/beaker/ca_cert_helper_spec.rb
 - spec/unit/beaker/puppet_install_helper_spec.rb
 homepage: https://github.com/puppetlabs/beaker-puppet_install_helper
 licenses:
@@ -80,4 +83,5 @@ specification_version: 4
 summary: Puppet install helper for Beaker
 test_files:
 - spec/spec_helper.rb
+- spec/unit/beaker/ca_cert_helper_spec.rb
 - spec/unit/beaker/puppet_install_helper_spec.rb