chef-config 14.2.0 → 14.3.37

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 82a2d07937047a9e9d9fea817417563a68368e7c87671308a463de5bcc49f282
-  data.tar.gz: d365d128642d35f31debfae00cb1bf2910f4821c57cdcc0df61b7b370fe368b5
+  metadata.gz: 8143b86ea4c5fd0ec8d4b8623aee402b2c0ade39738133a99c14f7338ff3327d
+  data.tar.gz: 607162e7ef57736d7ecd7154a27c4ee132bd8c61452c758084b4dcb16768ce26
 SHA512:
-  metadata.gz: 6d46bf5104d8b214c37a9088528257ac9c84a4da29b35365b37655f2ef50fa75d6ceb6b649bc105e4aa19f2a48a809908e5fa40bd73a0094b32933bc94fc4b8d
-  data.tar.gz: 742a71ca0bca091bfb7c8aba9e96cdcfb120d958c1518d8e907717f0c699db2459b4b2e08aa17abcb3cdadca285f64920763c508d7449eff622dd3f6bfabc675
+  metadata.gz: 81d3a5a11e0281b00c0ae18da2298e3c0227df063597734431423febe7728c0f805a815e4f6d2fd74f465724ee2a1da45bb3fbbc5022a29758e322810e1d26c1
+  data.tar.gz: b88d7a8a2d4fa5d5abf31839763cee4437e51bff8369ac17061f695f55b9fd3145399f98027801c9e8f0a2752e546184d764581c662f3146bdbb65caf8459624

data/Rakefile

@@ -4,7 +4,7 @@ ChefConfig::PackageTask.new(File.expand_path("..", __FILE__), "ChefConfig", "che
   package.module_path = "chef-config"
 end
 
-task :default => :spec
+task default: :spec
 
 begin
   require "rspec/core/rake_task"

data/chef-config.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "mixlib-shellout", "~> 2.0"
-  spec.add_dependency "mixlib-config", "~> 2.0"
+  spec.add_dependency "mixlib-config", ">= 2.2.12", "< 3.0"
   spec.add_dependency "fuzzyurl"
   spec.add_dependency "addressable"
   spec.add_dependency "tomlrb", "~> 1.2"

data/lib/chef-config/config.rb

@@ -286,7 +286,7 @@ module ChefConfig
         # the cache path.
         unless path_accessible?(primary_cache_path) || path_accessible?(primary_cache_root)
           secondary_cache_path = PathHelper.join(user_home, ".chef")
-          ChefConfig.logger.info("Unable to access cache at #{primary_cache_path}. Switching cache to #{secondary_cache_path}")
+          ChefConfig.logger.trace("Unable to access cache at #{primary_cache_path}. Switching cache to #{secondary_cache_path}")
           secondary_cache_path
         else
           primary_cache_path
@@ -656,7 +656,15 @@ module ChefConfig
     #
     # If chef-zero is enabled, this defaults to nil (no authentication).
     default(:validation_key) { chef_zero.enabled ? nil : platform_specific_path("/etc/chef/validation.pem") }
-    default :validation_client_name, "chef-validator"
+    default :validation_client_name do
+      # If the URL is set and looks like a normal Chef Server URL, extract the
+      # org name and use that as part of the default.
+      if chef_server_url.to_s =~ %r{/organizations/(.*)$}
+        "#{$1}-validator"
+      else
+        "chef-validator"
+      end
+    end
 
     default :validation_key_contents, nil
     # When creating a new client via the validation_client account, Chef 11
@@ -698,7 +706,7 @@ module ChefConfig
 
     # Deprecated:
     # Move this to the default value of syntax_cache_path when this is removed.
-    default(:cache_options) { { :path => PathHelper.join(config_dir, "syntaxcache") } }
+    default(:cache_options) { { path: PathHelper.join(config_dir, "syntaxcache") } }
 
     # Whether errors should be raised for deprecation warnings. When set to
     # `false` (the default setting), a warning is emitted but code using
@@ -715,6 +723,11 @@ module ChefConfig
       ENV.key?("CHEF_TREAT_DEPRECATION_WARNINGS_AS_ERRORS")
     end
 
+    # Which deprecations warnings to silence. Can be set to `true` to silence
+    # all warnings, or an array of strings like either `"deprecation_type"` or
+    # `"filename.rb:lineno"`.
+    default :silence_deprecation_warnings, []
+
     # Whether the resource count should be updated for log resource
     # on running chef-client
     default :count_log_resource_updates, true
@@ -957,10 +970,10 @@ module ChefConfig
     # TODO add some post-file-parsing logic that automatically calls this so
     # users don't have to
     def self.export_proxies
-      export_proxy("http", http_proxy, http_proxy_user, http_proxy_pass) if http_proxy
-      export_proxy("https", https_proxy, https_proxy_user, https_proxy_pass) if https_proxy
-      export_proxy("ftp", ftp_proxy, ftp_proxy_user, ftp_proxy_pass) if ftp_proxy
-      export_no_proxy(no_proxy) if no_proxy
+      export_proxy("http", http_proxy, http_proxy_user, http_proxy_pass) if key?(:http_proxy) && http_proxy
+      export_proxy("https", https_proxy, https_proxy_user, https_proxy_pass) if key?(:https_proxy) && https_proxy
+      export_proxy("ftp", ftp_proxy, ftp_proxy_user, ftp_proxy_pass) if key?(:ftp_proxy) && ftp_proxy
+      export_no_proxy(no_proxy) if key?(:no_proxy) && no_proxy
     end
 
     # Character classes for Addressable

data/lib/chef-config/mixin/credentials.rb

@@ -28,7 +28,7 @@ module ChefConfig
 
         return unless File.file?(credentials_file)
 
-        context = File.read(context_file) if File.file?(context_file)
+        context = File.read(context_file).strip if File.file?(context_file)
 
         environment = ENV.fetch("CHEF_PROFILE", nil)
 

data/lib/chef-config/mixin/dot_d.rb

@@ -19,17 +19,22 @@ require "chef-config/path_helper"
 module ChefConfig
   module Mixin
     module DotD
+      # Find available configuration files in a `.d/` style include directory.
+      #
+      # @api internal
+      # @param path [String] Base .d/ path to load from.
+      # @return [Array<String>]
+      def find_dot_d(path)
+        Dir["#{PathHelper.escape_glob_dir(path)}/*.rb"].select { |entry| File.file?(entry) }.sort
+      end
+
+      # Load configuration from a `.d/` style include directory.
+      #
+      # @api internal
+      # @param path [String] Base .d/ path to load from.
+      # @return [void]
       def load_dot_d(path)
-        dot_d_files =
-          begin
-            entries = Array.new
-            entries << Dir.glob(File.join(
-              ChefConfig::PathHelper.escape_glob_dir(path), "*.rb"))
-            entries.flatten.select do |entry|
-              File.file?(entry)
-            end
-          end
-        dot_d_files.sort.map do |conf|
+        find_dot_d(path).each do |conf|
           apply_config(IO.read(conf), conf)
         end
       end

data/lib/chef-config/package_task.rb

@@ -131,10 +131,10 @@ module ChefConfig
         end
       end
 
-      task :package => :package_components
+      task package: :package_components
 
       desc "Build and install component dependencies"
-      task :install_components => :package_components do
+      task install_components: :package_components do
         component_full_paths.each do |component_path|
           Dir.chdir(component_path) do
             sh "rake install"
@@ -142,7 +142,7 @@ module ChefConfig
         end
       end
 
-      task :install => :install_components
+      task install: :install_components
 
       desc "Clean up builds of component dependencies"
       task :clobber_component_packages do
@@ -153,7 +153,7 @@ module ChefConfig
         end
       end
 
-      task :clobber_package => :clobber_component_packages
+      task clobber_package: :clobber_component_packages
 
       desc "Update the version number for component dependencies"
       task :update_components_versions do
@@ -166,12 +166,12 @@ module ChefConfig
 
       namespace :version do
         desc "Regenerate lib/#{module_path}/version.rb from VERSION file"
-        task :update => :update_components_versions do
+        task update: :update_components_versions do
           update_version_rb
           update_gemfile_lock
         end
 
-        task :bump => %w{version:bump_patch version:update}
+        task bump: %w{version:bump_patch version:update}
 
         task :show do
           puts version
@@ -201,41 +201,41 @@ module ChefConfig
 
         def update_version_rb # rubocop:disable Lint/NestedMethodDefinition
           puts "Updating #{version_rb_path} to include version #{version} ..."
-          contents = <<-VERSION_RB
-# Copyright:: Copyright 2010-2016, Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-# NOTE: This file is generated by running `rake version` in the top level of
-# this repo. Do not edit this manually. Edit the VERSION file and run the rake
-# task instead.
-#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-#{"\nrequire \"chef/version_string\"\n" if use_versionstring}
-#{class_or_module} #{module_name}
-  #{module_name.upcase}_ROOT = File.expand_path("../..", __FILE__)
-  VERSION = #{use_versionstring ? "Chef::VersionString.new(\"#{version}\")" : "\"#{version}\""}
-end
+          contents = <<~VERSION_RB
+            # Copyright:: Copyright 2010-2016, Chef Software, Inc.
+            # License:: Apache License, Version 2.0
+            #
+            # Licensed under the Apache License, Version 2.0 (the "License");
+            # you may not use this file except in compliance with the License.
+            # You may obtain a copy of the License at
+            #
+            #     http://www.apache.org/licenses/LICENSE-2.0
+            #
+            # Unless required by applicable law or agreed to in writing, software
+            # distributed under the License is distributed on an "AS IS" BASIS,
+            # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+            # See the License for the specific language governing permissions and
+            # limitations under the License.
+
+            #!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+            # NOTE: This file is generated by running `rake version` in the top level of
+            # this repo. Do not edit this manually. Edit the VERSION file and run the rake
+            # task instead.
+            #!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+            #{"\nrequire \"chef/version_string\"\n" if use_versionstring}
+            #{class_or_module} #{module_name}
+              #{module_name.upcase}_ROOT = File.expand_path("../..", __FILE__)
+              VERSION = #{use_versionstring ? "Chef::VersionString.new(\"#{version}\")" : "\"#{version}\""}
+            end
 
-#
-# NOTE: the Chef::Version class is defined in version_class.rb
-#
-# NOTE: DO NOT Use the Chef::Version class on #{module_name}::VERSIONs.  The
-#       Chef::Version class is for _cookbooks_ only, and cannot handle
-#       pre-release versions like "10.14.0.rc.2".  Please use Rubygem's
-#       Gem::Version class instead.
-#
+            #
+            # NOTE: the Chef::Version class is defined in version_class.rb
+            #
+            # NOTE: DO NOT Use the Chef::Version class on #{module_name}::VERSIONs.  The
+            #       Chef::Version class is for _cookbooks_ only, and cannot handle
+            #       pre-release versions like "10.14.0.rc.2".  Please use Rubygem's
+            #       Gem::Version class instead.
+            #
           VERSION_RB
           IO.write(version_rb_path, contents)
         end
@@ -252,7 +252,7 @@ end
         end
       end
 
-      task :version => "version:update"
+      task version: "version:update"
 
       gemspec_platform_to_install = ""
       Dir[File.expand_path("*.gemspec", root_path)].reverse_each do |gemspec_path|
@@ -264,7 +264,7 @@ end
       end
 
       desc "Build and install a #{module_path} gem"
-      task :install => [:package] do
+      task install: [:package] do
         with_clean_env do
           full_module_path = File.join(full_package_dir, module_path)
           sh %{gem install #{full_module_path}-#{version}#{gemspec_platform_to_install}.gem --no-rdoc --no-ri}
@@ -276,7 +276,7 @@ end
       end
 
       desc "Build it, tag it and ship it"
-      task :ship => [:clobber_package, :gem] do
+      task ship: [:clobber_package, :gem] do
         sh("git tag #{version}")
         sh("git push #{git_remote} --tags")
         Dir[File.expand_path("*.gem", full_package_dir)].reverse_each do |built_gem|

data/lib/chef-config/path_helper.rb

@@ -172,6 +172,18 @@ module ChefConfig
       Pathname.new(cleanpath(to)).relative_path_from(Pathname.new(cleanpath(from)))
     end
 
+    # Set the project-specific home directory environment variable.
+    #
+    # This can be used to allow per-tool home directory aliases like $KNIFE_HOME.
+    #
+    # @param [env_var] Key for an environment variable to use.
+    # @return [nil]
+    def self.per_tool_home_environment=(env_var)
+      @@per_tool_home_environment = env_var
+      # Reset this in case .home was already called.
+      @@home_dir = nil
+    end
+
     # Retrieves the "home directory" of the current user while trying to ascertain the existence
     # of said directory.  The path returned uses / for all separators (the ruby standard format).
     # If the home directory doesn't exist or an error is otherwise encountered, nil is returned.
@@ -185,7 +197,9 @@ module ChefConfig
     # Home-path discovery is performed once.  If a path is discovered, that value is memoized so
     # that subsequent calls to home_dir don't bounce around.
     #
-    # See self.all_homes.
+    # @see all_homes
+    # @param args [Array<String>] Path components to look for under the home directory.
+    # @return [String]
     def self.home(*args)
       @@home_dir ||= all_homes { |p| break p }
       if @@home_dir
@@ -203,6 +217,8 @@ module ChefConfig
     # if no block is provided.
     def self.all_homes(*args)
       paths = []
+      paths << ENV[@@per_tool_home_environment] if defined?(@@per_tool_home_environment) && @@per_tool_home_environment && ENV[@@per_tool_home_environment]
+      paths << ENV["CHEF_HOME"] if ENV["CHEF_HOME"]
       if ChefConfig.windows?
         # By default, Ruby uses the the following environment variables to determine Dir.home:
         # HOME

data/lib/chef-config/version.rb

@@ -13,15 +13,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # NOTE: This file is generated by running `rake version` in the top level of
 # this repo. Do not edit this manually. Edit the VERSION file and run the rake
 # task instead.
-#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 module ChefConfig
   CHEFCONFIG_ROOT = File.expand_path("../..", __FILE__)
-  VERSION = "14.2.0"
+  VERSION = "14.3.37".freeze
 end
 
 #

data/lib/chef-config/workstation_config_loader.rb

@@ -83,6 +83,8 @@ module ChefConfig
       end
 
       load_dot_d(Config[:config_d_dir]) if Config[:config_d_dir]
+
+      apply_defaults
     end
 
     # (Private API, public for test purposes)
@@ -147,31 +149,36 @@ module ChefConfig
     end
 
     def apply_credentials(creds, profile)
+      # Store the profile used in case other things want it.
       Config.profile ||= profile
+      # Validate the credentials data.
       if creds.key?("node_name") && creds.key?("client_name")
         raise ChefConfig::ConfigurationError, "Do not specify both node_name and client_name. You should prefer client_name."
       end
-      Config.node_name = creds.fetch("node_name") if creds.key?("node_name")
-      Config.node_name = creds.fetch("client_name") if creds.key?("client_name")
-      Config.chef_server_url = creds.fetch("chef_server_url") if creds.key?("chef_server_url")
-      Config.validation_client_name = creds.fetch("validation_client_name") if creds.key?("validation_client_name")
-
-      Config.knife.merge!(Hash[creds.fetch("knife", {}).map { |k, v| [k.to_sym, v] }])
-
-      extract_key(creds, "validation_key", :validation_key, :validation_key_contents)
-      extract_key(creds, "validator_key", :validation_key, :validation_key_contents)
-      extract_key(creds, "client_key", :client_key, :client_key_contents)
+      # Load credentials data into the Chef configuration.
+      creds.each do |key, value|
+        case key.to_s
+        when "client_name"
+          # Special case because it's weird to set your username via `node_name`.
+          Config.node_name = value
+        when "validation_key", "validator_key"
+          extract_key(value, :validation_key, :validation_key_contents)
+        when "client_key"
+          extract_key(value, :client_key, :client_key_contents)
+        when "knife"
+          Config.knife.merge!(Hash[value.map { |k, v| [k.to_sym, v] }])
+        else
+          Config[key.to_sym] = value
+        end
+      end
       @credentials_found = true
     end
 
-    def extract_key(creds, name, config_path, config_contents)
-      return unless creds.has_key?(name)
-
-      val = creds.fetch(name)
-      if val.start_with?("-----BEGIN RSA PRIVATE KEY-----")
-        Config.send(config_contents, val)
+    def extract_key(key_value, config_path, config_contents)
+      if key_value.start_with?("-----BEGIN RSA PRIVATE KEY-----")
+        Config.send(config_contents, key_value)
       else
-        abs_path = Pathname.new(val).expand_path(home_chef_dir)
+        abs_path = Pathname.new(key_value).expand_path(home_chef_dir)
         Config.send(config_path, abs_path)
       end
     end
@@ -205,6 +212,54 @@ module ChefConfig
       raise ChefConfig::ConfigurationError, message
     end
 
+    # Apply default configuration values for workstation-style tools.
+    #
+    # Global defaults should go in {ChefConfig::Config} instead, this is only
+    # for things like `knife` and `chef`.
+    #
+    # @api private
+    # @since 14.3
+    # @return [void]
+    def apply_defaults
+      # If we don't have a better guess use the username.
+      Config[:node_name] ||= Etc.getlogin
+      # If we don't have a key (path or inline) check user.pem and $node_name.pem.
+      unless Config.key?(:client_key) || Config.key?(:client_key_contents)
+        Config[:client_key] = find_default_key(["#{Config[:node_name]}.pem", "user.pem"])
+      end
+      # Similarly look for a validation key file, though this should be less
+      # common these days.
+      unless Config.key?(:validation_key) || Config.key?(:validation_key_contents)
+        Config[:validation_key] = find_default_key(["#{Config[:validation_client_name]}.pem", "validator.pem", "validation.pem"])
+      end
+    end
+
+    # Look for a default key file.
+    #
+    # This searches for any of a list of possible default keys, checking both
+    # the local `.chef/` folder and the home directory `~/.chef/`. Returns `nil`
+    # if no matching file is found.
+    #
+    # @api private
+    # @since 14.3
+    # @param key_names [Array<String>] A list of possible filenames to check for.
+    #   The first one found will be returned.
+    # @return [String, nil]
+    def find_default_key(key_names)
+      key_names.each do |filename|
+        path = Pathname.new(filename)
+        # If we have a config location (like ./.chef/), look there first.
+        if config_location
+          local_path = path.expand_path(File.dirname(config_location))
+          return local_path.to_s if local_path.exist?
+        end
+        # Then check ~/.chef.
+        home_path = path.expand_path(home_chef_dir)
+        return home_path.to_s if home_path.exist?
+      end
+      nil
+    end
+
     def highlight_config_error(file, line)
       config_file_lines = []
       IO.readlines(file).each_with_index { |l, i| config_file_lines << "#{(i + 1).to_s.rjust(3)}: #{l.chomp}" }

data/spec/spec_helper.rb

@@ -32,8 +32,8 @@ RSpec.configure do |config|
   config.filter_run :focus
   config.run_all_when_everything_filtered = true
 
-  config.filter_run_excluding :windows_only => true unless ChefConfig.windows?
-  config.filter_run_excluding :unix_only => true if ChefConfig.windows?
+  config.filter_run_excluding windows_only: true unless ChefConfig.windows?
+  config.filter_run_excluding unix_only: true if ChefConfig.windows?
 
   # Limits the available syntax to the non-monkey patched syntax that is
   # recommended. For more details, see:

data/spec/unit/config_spec.rb

@@ -1191,4 +1191,22 @@ RSpec.describe ChefConfig::Config do
 
   end
 
+  describe "validation_client_name" do
+    context "with a normal server URL" do
+      before { ChefConfig::Config[:chef_server_url] = "https://chef.example/organizations/myorg" }
+
+      it "sets the validation client to myorg-validator" do
+        expect(ChefConfig::Config[:validation_client_name]).to eq "myorg-validator"
+      end
+    end
+
+    context "with an unusual server URL" do
+      before { ChefConfig::Config[:chef_server_url] = "https://chef.example/myorg" }
+
+      it "sets the validation client to chef-validator" do
+        expect(ChefConfig::Config[:validation_client_name]).to eq "chef-validator"
+      end
+    end
+  end
+
 end

data/spec/unit/workstation_config_loader_spec.rb

@@ -271,6 +271,70 @@ RSpec.describe ChefConfig::WorkstationConfigLoader do
           config_loader.load
           expect(ChefConfig::Config.config_file).to eq(explicit_config_location)
         end
+
+        it "loads a default value for node_name" do
+          allow(Etc).to receive(:getlogin).and_return("notauser")
+          config_loader.load
+          expect(ChefConfig::Config.node_name).to eq("notauser")
+        end
+
+        context "with a user.pem" do
+          before do
+            allow(Etc).to receive(:getlogin).and_return("notauser")
+            allow(FileTest).to receive(:exist?).and_call_original
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../notauser.pem", explicit_config_location)).and_return(false)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../user.pem", explicit_config_location)).and_return(true)
+          end
+
+          it "loads a default value for client_key" do
+            config_loader.load
+            expect(ChefConfig::Config.client_key).to eq(File.expand_path("../user.pem", explicit_config_location))
+          end
+        end
+
+        context "with a notauser.pem" do
+          before do
+            allow(Etc).to receive(:getlogin).and_return("notauser")
+            allow(FileTest).to receive(:exist?).and_call_original
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../notauser.pem", explicit_config_location)).and_return(true)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../user.pem", explicit_config_location)).and_return(false)
+          end
+
+          it "loads a default value for client_key" do
+            config_loader.load
+            expect(ChefConfig::Config.client_key).to eq(File.expand_path("../notauser.pem", explicit_config_location))
+          end
+        end
+
+        context "with a valclient.pem" do
+          before do
+            ChefConfig::Config.validation_client_name = "valclient"
+            allow(FileTest).to receive(:exist?).and_call_original
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../valclient.pem", explicit_config_location)).and_return(true)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../validator.pem", explicit_config_location)).and_return(false)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../validation.pem", explicit_config_location)).and_return(false)
+          end
+
+          it "loads a default value for validation_key" do
+            config_loader.load
+            expect(ChefConfig::Config.validation_key).to eq(File.expand_path("../valclient.pem", explicit_config_location))
+          end
+        end
+
+        context "with a validator.pem" do
+          before do
+            ChefConfig::Config.validation_client_name = "valclient"
+            allow(FileTest).to receive(:exist?).and_call_original
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../valclient.pem", explicit_config_location)).and_return(false)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../validator.pem", explicit_config_location)).and_return(true)
+            allow(FileTest).to receive(:exist?).with(File.expand_path("../validation.pem", explicit_config_location)).and_return(false)
+          end
+
+          it "loads a default value for validation_key" do
+            config_loader.load
+            expect(ChefConfig::Config.validation_key).to eq(File.expand_path("../validator.pem", explicit_config_location))
+          end
+        end
       end
 
       context "and has a syntax error" do
@@ -389,11 +453,12 @@ RSpec.describe ChefConfig::WorkstationConfigLoader do
 
       context "and has a default profile" do
         let(:content) do
-          content = <<EOH
-[default]
-node_name = 'barney'
-client_key = "barney_rubble.pem"
-chef_server_url = "https://api.chef.io/organizations/bedrock"
+          content = <<~EOH
+            [default]
+            node_name = 'barney'
+            client_key = "barney_rubble.pem"
+            chef_server_url = "https://api.chef.io/organizations/bedrock"
+            invalid_config_option1234 = "foobar"
 EOH
           content
         end
@@ -403,21 +468,22 @@ EOH
           expect(ChefConfig::Config.chef_server_url).to eq("https://api.chef.io/organizations/bedrock")
           expect(ChefConfig::Config.client_key.to_s).to eq("#{home}/.chef/barney_rubble.pem")
           expect(ChefConfig::Config.profile.to_s).to eq("default")
+          expect(ChefConfig::Config[:invalid_config_option1234]).to eq("foobar")
         end
       end
 
       context "and has a default profile with knife settings" do
         let(:content) do
-          content = <<EOH
-[default]
-node_name = 'barney'
-client_key = "barney_rubble.pem"
-chef_server_url = "https://api.chef.io/organizations/bedrock"
-knife = {
-  secret_file = "/home/barney/.chef/encrypted_data_bag_secret.pem"
-}
-[default.knife]
-ssh_user = "knife_ssh_user"
+          content = <<~EOH
+            [default]
+            node_name = 'barney'
+            client_key = "barney_rubble.pem"
+            chef_server_url = "https://api.chef.io/organizations/bedrock"
+            knife = {
+              secret_file = "/home/barney/.chef/encrypted_data_bag_secret.pem"
+            }
+            [default.knife]
+            ssh_user = "knife_ssh_user"
 EOH
           content
         end
@@ -434,21 +500,21 @@ EOH
 
       context "and has a profile containing a full key" do
         let(:content) do
-          content = <<EOH
-[default]
-client_key = """
------BEGIN RSA PRIVATE KEY-----
-foo
-"""
+          content = <<~EOH
+            [default]
+            client_key = """
+            -----BEGIN RSA PRIVATE KEY-----
+            foo
+            """
 EOH
           content
         end
 
         it "applies the expected config" do
           expect { config_loader.load_credentials }.not_to raise_error
-          expect(ChefConfig::Config.client_key_contents).to eq(<<EOH
------BEGIN RSA PRIVATE KEY-----
-foo
+          expect(ChefConfig::Config.client_key_contents).to eq(<<~EOH
+            -----BEGIN RSA PRIVATE KEY-----
+            foo
 EOH
 )
         end
@@ -456,15 +522,15 @@ EOH
 
       context "and has several profiles" do
         let(:content) do
-          content = <<EOH
-[default]
-client_name = "default"
-[environment]
-client_name = "environment"
-[explicit]
-client_name = "explicit"
-[context]
-client_name = "context"
+          content = <<~EOH
+            [default]
+            client_name = "default"
+            [environment]
+            client_name = "environment"
+            [explicit]
+            client_name = "explicit"
+            [context]
+            client_name = "context"
 EOH
           content
         end
@@ -503,10 +569,10 @@ EOH
 
       context "and contains both node_name and client_name" do
         let(:content) do
-          content = <<EOH
-[default]
-node_name = 'barney'
-client_name = 'barney'
+          content = <<~EOH
+            [default]
+            node_name = 'barney'
+            client_name = 'barney'
 EOH
           content
         end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef-config
 version: !ruby/object:Gem::Version
-  version: 14.2.0
+  version: 14.3.37
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-06-04 00:00:00.000000000 Z
+date: 2018-07-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mixlib-shellout
@@ -28,16 +28,22 @@ dependencies:
   name: mixlib-config
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.2.12
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.2.12
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: fuzzyurl
   requirement: !ruby/object:Gem::Requirement