chef-config 14.10.9 → 14.11.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +201 -201
- data/Rakefile +13 -13
- data/chef-config.gemspec +35 -35
- data/lib/chef-config.rb +20 -20
- data/lib/chef-config/config.rb +1145 -1145
- data/lib/chef-config/exceptions.rb +27 -27
- data/lib/chef-config/fips.rb +51 -51
- data/lib/chef-config/logger.rb +62 -62
- data/lib/chef-config/mixin/credentials.rb +98 -98
- data/lib/chef-config/mixin/dot_d.rb +43 -43
- data/lib/chef-config/mixin/fuzzy_hostname_matcher.rb +41 -41
- data/lib/chef-config/path_helper.rb +322 -322
- data/lib/chef-config/version.rb +34 -34
- data/lib/chef-config/windows.rb +28 -28
- data/lib/chef-config/workstation_config_loader.rb +281 -281
- data/spec/spec_helper.rb +75 -75
- data/spec/unit/config_spec.rb +1235 -1212
- data/spec/unit/fips_spec.rb +128 -128
- data/spec/unit/path_helper_spec.rb +307 -307
- data/spec/unit/workstation_config_loader_spec.rb +602 -602
- metadata +3 -3
@@ -1,27 +1,27 @@
|
|
1
|
-
#
|
2
|
-
# Copyright:: Copyright 2015-2016, Chef Software, Inc.
|
3
|
-
# License:: Apache License, Version 2.0
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
#
|
17
|
-
|
18
|
-
require "chef-config/windows"
|
19
|
-
require "chef-config/logger"
|
20
|
-
|
21
|
-
module ChefConfig
|
22
|
-
|
23
|
-
class ConfigurationError < ArgumentError; end
|
24
|
-
class InvalidPath < StandardError; end
|
25
|
-
class UnparsableConfigOption < StandardError; end
|
26
|
-
|
27
|
-
end
|
1
|
+
#
|
2
|
+
# Copyright:: Copyright 2015-2016, Chef Software, Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require "chef-config/windows"
|
19
|
+
require "chef-config/logger"
|
20
|
+
|
21
|
+
module ChefConfig
|
22
|
+
|
23
|
+
class ConfigurationError < ArgumentError; end
|
24
|
+
class InvalidPath < StandardError; end
|
25
|
+
class UnparsableConfigOption < StandardError; end
|
26
|
+
|
27
|
+
end
|
data/lib/chef-config/fips.rb
CHANGED
@@ -1,51 +1,51 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Matt Wrock (<matt@mattwrock.com>)
|
3
|
-
# Copyright:: Copyright (c) 2016 Chef Software, Inc.
|
4
|
-
# License:: Apache License, Version 2.0
|
5
|
-
#
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
-
# you may not use this file except in compliance with the License.
|
8
|
-
# You may obtain a copy of the License at
|
9
|
-
#
|
10
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
-
#
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
-
# See the License for the specific language governing permissions and
|
16
|
-
# limitations under the License.
|
17
|
-
#
|
18
|
-
|
19
|
-
module ChefConfig
|
20
|
-
|
21
|
-
def self.fips?
|
22
|
-
if ChefConfig.windows?
|
23
|
-
begin
|
24
|
-
require "win32/registry"
|
25
|
-
rescue LoadError
|
26
|
-
return false
|
27
|
-
end
|
28
|
-
|
29
|
-
# from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx
|
30
|
-
reg_type =
|
31
|
-
case ::RbConfig::CONFIG["target_cpu"]
|
32
|
-
when "i386"
|
33
|
-
Win32::Registry::KEY_READ | 0x100
|
34
|
-
when "x86_64"
|
35
|
-
Win32::Registry::KEY_READ | 0x200
|
36
|
-
else
|
37
|
-
Win32::Registry::KEY_READ
|
38
|
-
end
|
39
|
-
begin
|
40
|
-
Win32::Registry::HKEY_LOCAL_MACHINE.open('System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy', reg_type) do |policy|
|
41
|
-
policy["Enabled"] != 0
|
42
|
-
end
|
43
|
-
rescue Win32::Registry::Error
|
44
|
-
false
|
45
|
-
end
|
46
|
-
else
|
47
|
-
fips_path = "/proc/sys/crypto/fips_enabled"
|
48
|
-
File.exist?(fips_path) && File.read(fips_path).chomp != "0"
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
1
|
+
#
|
2
|
+
# Author:: Matt Wrock (<matt@mattwrock.com>)
|
3
|
+
# Copyright:: Copyright (c) 2016 Chef Software, Inc.
|
4
|
+
# License:: Apache License, Version 2.0
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
#
|
18
|
+
|
19
|
+
module ChefConfig
|
20
|
+
|
21
|
+
def self.fips?
|
22
|
+
if ChefConfig.windows?
|
23
|
+
begin
|
24
|
+
require "win32/registry"
|
25
|
+
rescue LoadError
|
26
|
+
return false
|
27
|
+
end
|
28
|
+
|
29
|
+
# from http://msdn.microsoft.com/en-us/library/windows/desktop/aa384129(v=vs.85).aspx
|
30
|
+
reg_type =
|
31
|
+
case ::RbConfig::CONFIG["target_cpu"]
|
32
|
+
when "i386"
|
33
|
+
Win32::Registry::KEY_READ | 0x100
|
34
|
+
when "x86_64"
|
35
|
+
Win32::Registry::KEY_READ | 0x200
|
36
|
+
else
|
37
|
+
Win32::Registry::KEY_READ
|
38
|
+
end
|
39
|
+
begin
|
40
|
+
Win32::Registry::HKEY_LOCAL_MACHINE.open('System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy', reg_type) do |policy|
|
41
|
+
policy["Enabled"] != 0
|
42
|
+
end
|
43
|
+
rescue Win32::Registry::Error
|
44
|
+
false
|
45
|
+
end
|
46
|
+
else
|
47
|
+
fips_path = "/proc/sys/crypto/fips_enabled"
|
48
|
+
File.exist?(fips_path) && File.read(fips_path).chomp != "0"
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
data/lib/chef-config/logger.rb
CHANGED
@@ -1,62 +1,62 @@
|
|
1
|
-
#
|
2
|
-
# Copyright:: Copyright 2015-2016, Chef Software, Inc.
|
3
|
-
# License:: Apache License, Version 2.0
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
#
|
17
|
-
|
18
|
-
module ChefConfig
|
19
|
-
|
20
|
-
# Implements enough of Logger's API that we can use it in place of a real
|
21
|
-
# logger for `ChefConfig.logger`
|
22
|
-
class NullLogger
|
23
|
-
|
24
|
-
def <<(_msg)
|
25
|
-
end
|
26
|
-
|
27
|
-
def add(_severity, _message = nil, _progname = nil)
|
28
|
-
end
|
29
|
-
|
30
|
-
def trace(_progname = nil, &block)
|
31
|
-
end
|
32
|
-
|
33
|
-
def debug(_progname = nil, &block)
|
34
|
-
end
|
35
|
-
|
36
|
-
def info(_progname = nil, &block)
|
37
|
-
end
|
38
|
-
|
39
|
-
def warn(_progname = nil, &block)
|
40
|
-
end
|
41
|
-
|
42
|
-
def deprecation(_progname = nil, &block)
|
43
|
-
end
|
44
|
-
|
45
|
-
def error(_progname = nil, &block)
|
46
|
-
end
|
47
|
-
|
48
|
-
def fatal(_progname = nil, &block)
|
49
|
-
end
|
50
|
-
|
51
|
-
end
|
52
|
-
|
53
|
-
@logger = NullLogger.new
|
54
|
-
|
55
|
-
def self.logger=(new_logger)
|
56
|
-
@logger = new_logger
|
57
|
-
end
|
58
|
-
|
59
|
-
def self.logger
|
60
|
-
@logger
|
61
|
-
end
|
62
|
-
end
|
1
|
+
#
|
2
|
+
# Copyright:: Copyright 2015-2016, Chef Software, Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
module ChefConfig
|
19
|
+
|
20
|
+
# Implements enough of Logger's API that we can use it in place of a real
|
21
|
+
# logger for `ChefConfig.logger`
|
22
|
+
class NullLogger
|
23
|
+
|
24
|
+
def <<(_msg)
|
25
|
+
end
|
26
|
+
|
27
|
+
def add(_severity, _message = nil, _progname = nil)
|
28
|
+
end
|
29
|
+
|
30
|
+
def trace(_progname = nil, &block)
|
31
|
+
end
|
32
|
+
|
33
|
+
def debug(_progname = nil, &block)
|
34
|
+
end
|
35
|
+
|
36
|
+
def info(_progname = nil, &block)
|
37
|
+
end
|
38
|
+
|
39
|
+
def warn(_progname = nil, &block)
|
40
|
+
end
|
41
|
+
|
42
|
+
def deprecation(_progname = nil, &block)
|
43
|
+
end
|
44
|
+
|
45
|
+
def error(_progname = nil, &block)
|
46
|
+
end
|
47
|
+
|
48
|
+
def fatal(_progname = nil, &block)
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
52
|
+
|
53
|
+
@logger = NullLogger.new
|
54
|
+
|
55
|
+
def self.logger=(new_logger)
|
56
|
+
@logger = new_logger
|
57
|
+
end
|
58
|
+
|
59
|
+
def self.logger
|
60
|
+
@logger
|
61
|
+
end
|
62
|
+
end
|
@@ -1,98 +1,98 @@
|
|
1
|
-
#
|
2
|
-
# Copyright:: Copyright 2017, Chef Software, Inc.
|
3
|
-
# License:: Apache License, Version 2.0
|
4
|
-
#
|
5
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
-
# you may not use this file except in compliance with the License.
|
7
|
-
# You may obtain a copy of the License at
|
8
|
-
#
|
9
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
-
#
|
11
|
-
# Unless required by applicable law or agreed to in writing, software
|
12
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
-
# See the License for the specific language governing permissions and
|
15
|
-
# limitations under the License.
|
16
|
-
#
|
17
|
-
|
18
|
-
require "tomlrb"
|
19
|
-
require "chef-config/path_helper"
|
20
|
-
|
21
|
-
module ChefConfig
|
22
|
-
module Mixin
|
23
|
-
# Helper methods for working with credentials files.
|
24
|
-
#
|
25
|
-
# @since 13.7
|
26
|
-
# @api internal
|
27
|
-
module Credentials
|
28
|
-
# Compute the active credentials profile name.
|
29
|
-
#
|
30
|
-
# The lookup order is argument (from --profile), environment variable
|
31
|
-
# ($CHEF_PROFILE), context file (~/.chef/context), and then "default" as
|
32
|
-
# a fallback.
|
33
|
-
#
|
34
|
-
# @since 14.4
|
35
|
-
# @param profile [String, nil] Optional override for the active profile,
|
36
|
-
# normally set via a command-line option.
|
37
|
-
# @return [String]
|
38
|
-
def credentials_profile(profile = nil)
|
39
|
-
context_file = PathHelper.home(".chef", "context").freeze
|
40
|
-
if !profile.nil?
|
41
|
-
profile
|
42
|
-
elsif ENV.include?("CHEF_PROFILE")
|
43
|
-
ENV["CHEF_PROFILE"]
|
44
|
-
elsif File.file?(context_file)
|
45
|
-
File.read(context_file).strip
|
46
|
-
else
|
47
|
-
"default"
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
# Compute the path to the credentials file.
|
52
|
-
#
|
53
|
-
# @since 14.4
|
54
|
-
# @return [String]
|
55
|
-
def credentials_file_path
|
56
|
-
PathHelper.home(".chef", "credentials").freeze
|
57
|
-
end
|
58
|
-
|
59
|
-
# Load and parse the credentials file.
|
60
|
-
#
|
61
|
-
# Returns `nil` if the credentials file is unavailable.
|
62
|
-
#
|
63
|
-
# @since 14.4
|
64
|
-
# @return [String, nil]
|
65
|
-
def parse_credentials_file
|
66
|
-
credentials_file = credentials_file_path
|
67
|
-
return nil unless File.file?(credentials_file)
|
68
|
-
begin
|
69
|
-
Tomlrb.load_file(credentials_file)
|
70
|
-
rescue => e
|
71
|
-
# TOML's error messages are mostly rubbish, so we'll just give a generic one
|
72
|
-
message = "Unable to parse Credentials file: #{credentials_file}\n"
|
73
|
-
message << e.message
|
74
|
-
raise ChefConfig::ConfigurationError, message
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
# Load and process the active credentials.
|
79
|
-
#
|
80
|
-
# @see WorkstationConfigLoader#apply_credentials
|
81
|
-
# @param profile [String, nil] Optional override for the active profile,
|
82
|
-
# normally set via a command-line option.
|
83
|
-
# @return [void]
|
84
|
-
def load_credentials(profile = nil)
|
85
|
-
profile = credentials_profile(profile)
|
86
|
-
config = parse_credentials_file
|
87
|
-
return if config.nil? # No credentials, nothing to do here.
|
88
|
-
if config[profile].nil?
|
89
|
-
# Unknown profile name. For "default" just silently ignore, otherwise
|
90
|
-
# raise an error.
|
91
|
-
return if profile == "default"
|
92
|
-
raise ChefConfig::ConfigurationError, "Profile #{profile} doesn't exist. Please add it to #{credentials_file}."
|
93
|
-
end
|
94
|
-
apply_credentials(config[profile], profile)
|
95
|
-
end
|
96
|
-
end
|
97
|
-
end
|
98
|
-
end
|
1
|
+
#
|
2
|
+
# Copyright:: Copyright 2017, Chef Software, Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require "tomlrb"
|
19
|
+
require "chef-config/path_helper"
|
20
|
+
|
21
|
+
module ChefConfig
|
22
|
+
module Mixin
|
23
|
+
# Helper methods for working with credentials files.
|
24
|
+
#
|
25
|
+
# @since 13.7
|
26
|
+
# @api internal
|
27
|
+
module Credentials
|
28
|
+
# Compute the active credentials profile name.
|
29
|
+
#
|
30
|
+
# The lookup order is argument (from --profile), environment variable
|
31
|
+
# ($CHEF_PROFILE), context file (~/.chef/context), and then "default" as
|
32
|
+
# a fallback.
|
33
|
+
#
|
34
|
+
# @since 14.4
|
35
|
+
# @param profile [String, nil] Optional override for the active profile,
|
36
|
+
# normally set via a command-line option.
|
37
|
+
# @return [String]
|
38
|
+
def credentials_profile(profile = nil)
|
39
|
+
context_file = PathHelper.home(".chef", "context").freeze
|
40
|
+
if !profile.nil?
|
41
|
+
profile
|
42
|
+
elsif ENV.include?("CHEF_PROFILE")
|
43
|
+
ENV["CHEF_PROFILE"]
|
44
|
+
elsif File.file?(context_file)
|
45
|
+
File.read(context_file).strip
|
46
|
+
else
|
47
|
+
"default"
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# Compute the path to the credentials file.
|
52
|
+
#
|
53
|
+
# @since 14.4
|
54
|
+
# @return [String]
|
55
|
+
def credentials_file_path
|
56
|
+
PathHelper.home(".chef", "credentials").freeze
|
57
|
+
end
|
58
|
+
|
59
|
+
# Load and parse the credentials file.
|
60
|
+
#
|
61
|
+
# Returns `nil` if the credentials file is unavailable.
|
62
|
+
#
|
63
|
+
# @since 14.4
|
64
|
+
# @return [String, nil]
|
65
|
+
def parse_credentials_file
|
66
|
+
credentials_file = credentials_file_path
|
67
|
+
return nil unless File.file?(credentials_file)
|
68
|
+
begin
|
69
|
+
Tomlrb.load_file(credentials_file)
|
70
|
+
rescue => e
|
71
|
+
# TOML's error messages are mostly rubbish, so we'll just give a generic one
|
72
|
+
message = "Unable to parse Credentials file: #{credentials_file}\n"
|
73
|
+
message << e.message
|
74
|
+
raise ChefConfig::ConfigurationError, message
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
# Load and process the active credentials.
|
79
|
+
#
|
80
|
+
# @see WorkstationConfigLoader#apply_credentials
|
81
|
+
# @param profile [String, nil] Optional override for the active profile,
|
82
|
+
# normally set via a command-line option.
|
83
|
+
# @return [void]
|
84
|
+
def load_credentials(profile = nil)
|
85
|
+
profile = credentials_profile(profile)
|
86
|
+
config = parse_credentials_file
|
87
|
+
return if config.nil? # No credentials, nothing to do here.
|
88
|
+
if config[profile].nil?
|
89
|
+
# Unknown profile name. For "default" just silently ignore, otherwise
|
90
|
+
# raise an error.
|
91
|
+
return if profile == "default"
|
92
|
+
raise ChefConfig::ConfigurationError, "Profile #{profile} doesn't exist. Please add it to #{credentials_file}."
|
93
|
+
end
|
94
|
+
apply_credentials(config[profile], profile)
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|