chef-config 15.5.17 → 15.6.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cad5ad982c7167847692c7f2c8aa94e5bd9ab9ca6183c6066a63c7bc8543c62b
-  data.tar.gz: 4910a3310c355f260d93f12c7e86beaf3b42267ea1ae9bf085e1129e65c5ba68
+  metadata.gz: 2d425ace521aa941649fe24dc24ced0b1de4b40cb75ecfeccd076d639979778c
+  data.tar.gz: 64acf5dbac1da768ffd2d4ffc8f2ea52cc230ccc633b72333b94a4b332d29c6d
 SHA512:
-  metadata.gz: bfd9a40ef4cab8faed13a506031fb6728da19c841241fd08aac5e3a11cfb45743492ad417c99c08020e6733d0451009eb4198ffb078c12ebc074846b6a46d4a9
-  data.tar.gz: 662a82a08abd838368474b3ff23390fcb3a3527bc9f304be9cf264b0362e13fbf4883ba736f4065ae5bcaaaab1c14200f206df2da73d89e07ba885245a806a80
+  metadata.gz: 54f37fb7448045119182c9ff3b94e95deb909783ec00ffcfe29a2ecaae6352b9e3fb9597f92355ac09d37f3be80878708a15b980792f275cfa511c43f1024671
+  data.tar.gz: e7082041aaf60be9444d5060ac521796a41c9b2942b5c3dc6288cb31834656d04962e3a32f92e823126a1634852e9782bf6324f362c2d27685ebeae71de1a7b6

data/lib/chef-config/config.rb

@@ -34,6 +34,7 @@ require "uri" unless defined?(URI)
 require "addressable/uri" unless defined?(Addressable::URI)
 require "openssl" unless defined?(OpenSSL)
 require "yaml"
+require_relative "dist"
 
 module ChefConfig
 
@@ -73,6 +74,31 @@ module ChefConfig
       path
     end
 
+    # On *nix, /etc/chef
+    def self.etc_chef_dir
+      path = ChefUtils.windows? ? c_chef_dir : PathHelper.join("/etc", ChefConfig::Dist::DIR_SUFFIX)
+      PathHelper.cleanpath(path)
+    end
+
+    # On *nix, /var/chef
+    def self.var_chef_dir
+      path = ChefUtils.windows? ? c_chef_dir : PathHelper.join("/var", ChefConfig::Dist::DIR_SUFFIX)
+      PathHelper.cleanpath(path)
+    end
+
+    # On *nix, the root of /var/, used to test if we can create and write in /var/chef
+    def self.var_root_dir
+      path = ChefUtils.windows? ? c_chef_dir : "/var"
+      PathHelper.cleanpath(path)
+    end
+
+    # On windows, C:/chef/
+    def self.c_chef_dir
+      drive = windows_installation_drive || "C:"
+      path = PathHelper.join(drive, ChefConfig::Dist::DIR_SUFFIX)
+      PathHelper.cleanpath(path)
+    end
+
     # the drive where Chef is installed on a windows host. This is determined
     # either by the drive containing the current file or by the SYSTEMDRIVE ENV
     # variable
@@ -108,12 +134,20 @@ module ChefConfig
           # Split including whitespace if someone does truly odd like
           # --config-option "foo = bar"
           key, value = option.split(/\s*=\s*/, 2)
+
           # Call to_sym because Chef::Config expects only symbol keys. Also
           # runs a simple parse on the string for some common types.
           memo[key.to_sym] = YAML.safe_load(value)
           memo
         end
-        merge!(extra_parsed_options)
+        set_extra_config_options(extra_parsed_options)
+      end
+    end
+
+    # We use :[]= assignment here to not bypass any coercions that happen via mixlib-config writes_value callbacks
+    def self.set_extra_config_options(extra_parsed_options)
+      extra_parsed_options.each do |key, value|
+        self[key.to_sym] = value
       end
     end
 
@@ -156,6 +190,20 @@ module ChefConfig
     # properly.
     configurable(:daemonize).writes_value { |v| v }
 
+    def self.expand_relative_paths(path)
+      unless path.nil?
+        if path.is_a?(String)
+          File.expand_path(path)
+        else
+          Array(path).map { |path| File.expand_path(path) }
+        end
+      end
+    end
+
+    configurable(:cookbook_path).writes_value { |path| expand_relative_paths(path) }
+
+    configurable(:chef_repo_path).writes_value { |path| expand_relative_paths(path) }
+
     # The root where all local chef object data is stored.  cookbooks, data bags,
     # environments are all assumed to be in separate directories under this.
     # chef-solo uses these directories for input data.  knife commands
@@ -204,23 +252,23 @@ module ChefConfig
 
     # Location of acls on disk. String or array of strings.
     # Defaults to <chef_repo_path>/acls.
-    default(:acl_path) { derive_path_from_chef_repo_path("acls") }
+    default(:acl_path) { derive_path_from_chef_repo_path("acls") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of clients on disk. String or array of strings.
     # Defaults to <chef_repo_path>/clients.
-    default(:client_path) { derive_path_from_chef_repo_path("clients") }
+    default(:client_path) { derive_path_from_chef_repo_path("clients") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of client keys on disk. String or array of strings.
     # Defaults to <chef_repo_path>/client_keys.
-    default(:client_key_path) { derive_path_from_chef_repo_path("client_keys") }
+    default(:client_key_path) { derive_path_from_chef_repo_path("client_keys") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of containers on disk. String or array of strings.
     # Defaults to <chef_repo_path>/containers.
-    default(:container_path) { derive_path_from_chef_repo_path("containers") }
+    default(:container_path) { derive_path_from_chef_repo_path("containers") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of cookbook_artifacts on disk. String or array of strings.
     # Defaults to <chef_repo_path>/cookbook_artifacts.
-    default(:cookbook_artifact_path) { derive_path_from_chef_repo_path("cookbook_artifacts") }
+    default(:cookbook_artifact_path) { derive_path_from_chef_repo_path("cookbook_artifacts") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of cookbooks on disk. String or array of strings.
     # Defaults to <chef_repo_path>/cookbooks.  If chef_repo_path
@@ -236,35 +284,35 @@ module ChefConfig
 
     # Location of data bags on disk. String or array of strings.
     # Defaults to <chef_repo_path>/data_bags.
-    default(:data_bag_path) { derive_path_from_chef_repo_path("data_bags") }
+    default(:data_bag_path) { derive_path_from_chef_repo_path("data_bags") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of environments on disk. String or array of strings.
     # Defaults to <chef_repo_path>/environments.
-    default(:environment_path) { derive_path_from_chef_repo_path("environments") }
+    default(:environment_path) { derive_path_from_chef_repo_path("environments") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of groups on disk. String or array of strings.
     # Defaults to <chef_repo_path>/groups.
-    default(:group_path) { derive_path_from_chef_repo_path("groups") }
+    default(:group_path) { derive_path_from_chef_repo_path("groups") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of nodes on disk. String or array of strings.
     # Defaults to <chef_repo_path>/nodes.
-    default(:node_path) { derive_path_from_chef_repo_path("nodes") }
+    default(:node_path) { derive_path_from_chef_repo_path("nodes") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of policies on disk. String or array of strings.
     # Defaults to <chef_repo_path>/policies.
-    default(:policy_path) { derive_path_from_chef_repo_path("policies") }
+    default(:policy_path) { derive_path_from_chef_repo_path("policies") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of policy_groups on disk. String or array of strings.
     # Defaults to <chef_repo_path>/policy_groups.
-    default(:policy_group_path) { derive_path_from_chef_repo_path("policy_groups") }
+    default(:policy_group_path) { derive_path_from_chef_repo_path("policy_groups") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of roles on disk. String or array of strings.
     # Defaults to <chef_repo_path>/roles.
-    default(:role_path) { derive_path_from_chef_repo_path("roles") }
+    default(:role_path) { derive_path_from_chef_repo_path("roles") }.writes_value { |path| expand_relative_paths(path) }
 
     # Location of users on disk. String or array of strings.
     # Defaults to <chef_repo_path>/users.
-    default(:user_path) { derive_path_from_chef_repo_path("users") }
+    default(:user_path) { derive_path_from_chef_repo_path("users") }.writes_value { |path| expand_relative_paths(path) }
 
     # Turn on "path sanity" by default.
     default :enforce_path_sanity, false
@@ -284,8 +332,8 @@ module ChefConfig
       if local_mode
         PathHelper.join(config_dir, "local-mode-cache")
       else
-        primary_cache_root = platform_specific_path("/var")
-        primary_cache_path = platform_specific_path("/var/chef")
+        primary_cache_root = var_root_dir
+        primary_cache_path = var_chef_dir
         # Use /var/chef as the cache path only if that folder exists and we can read and write
         # into it, or /var exists and we can read and write into it (we'll create /var/chef later).
         # Otherwise, we'll create .chef under the user's home directory and use that as
@@ -312,7 +360,7 @@ module ChefConfig
     default(:checksum_path) { PathHelper.join(cache_path, "checksums") }
 
     # Where chef's cache files should be stored
-    default(:file_cache_path) { PathHelper.join(cache_path, "cache") }
+    default(:file_cache_path) { PathHelper.join(cache_path, "cache") }.writes_value { |path| expand_relative_paths(path) }
 
     # Where backups of chef-managed files should go
     default(:file_backup_path) { PathHelper.join(cache_path, "backup") }
@@ -564,6 +612,16 @@ module ChefConfig
     # be validated.
     default :ssl_verify_mode, :verify_peer
 
+    # Needed to coerce string value to a symbol when loading settings from the
+    # credentials toml files which doesn't allow ruby symbol values
+    configurable(:ssl_verify_mode).writes_value do |value|
+      if value.is_a?(String) && value[0] == ":"
+        value[1..-1].to_sym
+      else
+        value.to_sym
+      end
+    end
+
     # Whether or not to verify the SSL cert for HTTPS requests to the Chef
     # server API. If set to `true`, the server's cert will be validated
     # regardless of the :ssl_verify_mode setting. This is set to `true` when
@@ -645,9 +703,9 @@ module ChefConfig
       if chef_zero.enabled
         nil
       elsif target_mode?
-        platform_specific_path("/etc/chef/#{target_mode.host}/client.pem")
+        PathHelper.cleanpath("#{etc_chef_dir}/#{target_mode.host}/client.pem")
       else
-        platform_specific_path("/etc/chef/client.pem")
+        PathHelper.cleanpath("#{etc_chef_dir}/client.pem")
       end
     end
 
@@ -669,10 +727,10 @@ module ChefConfig
 
     # This secret is used to decrypt encrypted data bag items.
     default(:encrypted_data_bag_secret) do
-      if target_mode? && File.exist?(platform_specific_path("/etc/chef/#{target_mode.host}/encrypted_data_bag_secret"))
-        platform_specific_path("/etc/chef/#{target_mode.host}/encrypted_data_bag_secret")
-      elsif File.exist?(platform_specific_path("/etc/chef/encrypted_data_bag_secret"))
-        platform_specific_path("/etc/chef/encrypted_data_bag_secret")
+      if target_mode? && File.exist?(PathHelper.cleanpath("#{etc_chef_dir}/#{target_mode.host}/encrypted_data_bag_secret"))
+        PathHelper.cleanpath("#{etc_chef_dir}/#{target_mode.host}/encrypted_data_bag_secret")
+      elsif File.exist?(PathHelper.cleanpath("#{etc_chef_dir}/encrypted_data_bag_secret"))
+        PathHelper.cleanpath("#{etc_chef_dir}/encrypted_data_bag_secret")
       else
         nil
       end
@@ -699,7 +757,7 @@ module ChefConfig
     # The `validation_key` is never used if the `client_key` exists.
     #
     # If chef-zero is enabled, this defaults to nil (no authentication).
-    default(:validation_key) { chef_zero.enabled ? nil : platform_specific_path("/etc/chef/validation.pem") }
+    default(:validation_key) { chef_zero.enabled ? nil : PathHelper.cleanpath("#{etc_chef_dir}/validation.pem") }
     default :validation_client_name do
       # If the URL is set and looks like a normal Chef Server URL, extract the
       # org name and use that as part of the default.
@@ -746,7 +804,7 @@ module ChefConfig
     # the new (and preferred) configuration setting. If not set, knife will
     # fall back to using cache_options[:path], which is deprecated but exists in
     # many client configs generated by pre-Chef-11 bootstrappers.
-    default(:syntax_check_cache_path) { cache_options[:path] }
+    default(:syntax_check_cache_path) { cache_options[:path] }.writes_value { |path| expand_relative_paths(path) }
 
     # Deprecated:
     # Move this to the default value of syntax_cache_path when this is removed.

data/lib/chef-config/dist.rb

@@ -0,0 +1,10 @@
+module ChefConfig
+  class Dist
+    # The chef executable name. Also used in directory names.
+    EXEC = "chef".freeze
+
+    # The suffix for Chef's /etc/chef, /var/chef and C:\\Chef directories
+    # "cinc" => /etc/cinc, /var/cinc, C:\\cinc
+    DIR_SUFFIX = "chef".freeze
+  end
+end

data/lib/chef-config/version.rb

@@ -15,5 +15,5 @@
 
 module ChefConfig
   CHEFCONFIG_ROOT = File.expand_path("../..", __FILE__)
-  VERSION = "15.5.17".freeze
+  VERSION = "15.6.10".freeze
 end

data/spec/unit/config_spec.rb

@@ -151,6 +151,38 @@ RSpec.describe ChefConfig::Config do
 
     end
 
+    describe "expand relative paths" do
+      let(:current_directory) { Dir.pwd }
+
+      context "when given cookbook_path" do
+        let(:extra_config_options) { [ "cookbook_path=cookbooks/" ] }
+
+        it "expanded cookbook_path" do
+          apply_config
+          expect(described_class[:cookbook_path]).to eq("#{current_directory}/cookbooks")
+        end
+      end
+
+      context "when passes multiple config options" do
+        let(:extra_config_options) { ["data_bag_path=data_bags/", "cookbook_path=cookbooks", "chef_repo_path=."] }
+
+        it "expanded paths" do
+          apply_config
+          expect(described_class[:data_bag_path]).to eq("#{current_directory}/data_bags")
+          expect(described_class[:cookbook_path]).to eq("#{current_directory}/cookbooks")
+          expect(described_class[:chef_repo_path]).to eq("#{current_directory}")
+        end
+      end
+
+      context "when passes multiple cookbook_paths in config options" do
+        let(:extra_config_options) { ["cookbook_path=[first_cookbook, secound_cookbooks]"] }
+
+        it "expanded paths" do
+          apply_config
+          expect(described_class[:cookbook_path]).to eq(["#{current_directory}/first_cookbook", "#{current_directory}/secound_cookbooks"])
+        end
+      end
+    end
   end
 
   describe "when configuring formatters" do
@@ -196,9 +228,6 @@ RSpec.describe ChefConfig::Config do
   [ false, true ].each do |is_windows|
 
     context "On #{is_windows ? "Windows" : "Unix"}" do
-      def to_platform(*args)
-        ChefConfig::Config.platform_specific_path(*args)
-      end
 
       before :each do
         allow(ChefUtils).to receive(:windows?).and_return(is_windows)
@@ -277,7 +306,7 @@ RSpec.describe ChefConfig::Config do
         end
 
         describe "ChefConfig::Config[:client_key]" do
-          let(:path_to_client_key) { to_platform("/etc/chef") + ChefConfig::PathHelper.path_separator }
+          let(:path_to_client_key) { ChefConfig::Config.etc_chef_dir + ChefConfig::PathHelper.path_separator }
 
           it "sets the default path to the client key" do
             expect(ChefConfig::Config.client_key).to eq(path_to_client_key + "client.pem")
@@ -412,7 +441,7 @@ RSpec.describe ChefConfig::Config do
 
           context "when /var/chef exists and is accessible" do
             before do
-              allow(ChefConfig::Config).to receive(:path_accessible?).with(to_platform("/var/chef")).and_return(true)
+              allow(ChefConfig::Config).to receive(:path_accessible?).with(ChefConfig::Config.var_chef_dir).and_return(true)
             end
 
             it "defaults to /var/chef" do
@@ -430,25 +459,25 @@ RSpec.describe ChefConfig::Config do
 
           context "when /var/chef does not exist and /var is accessible" do
             it "defaults to /var/chef" do
-              allow(File).to receive(:exists?).with(to_platform("/var/chef")).and_return(false)
-              allow(ChefConfig::Config).to receive(:path_accessible?).with(to_platform("/var")).and_return(true)
+              allow(File).to receive(:exists?).with(ChefConfig::Config.var_chef_dir).and_return(false)
+              allow(ChefConfig::Config).to receive(:path_accessible?).with(ChefConfig::Config.var_root_dir).and_return(true)
               expect(ChefConfig::Config[:cache_path]).to eq(primary_cache_path)
             end
           end
 
           context "when /var/chef does not exist and /var is not accessible" do
             it "defaults to $HOME/.chef" do
-              allow(File).to receive(:exists?).with(to_platform("/var/chef")).and_return(false)
-              allow(ChefConfig::Config).to receive(:path_accessible?).with(to_platform("/var")).and_return(false)
+              allow(File).to receive(:exists?).with(ChefConfig::Config.var_chef_dir).and_return(false)
+              allow(ChefConfig::Config).to receive(:path_accessible?).with(ChefConfig::Config.var_root_dir).and_return(false)
               expect(ChefConfig::Config[:cache_path]).to eq(secondary_cache_path)
             end
           end
 
           context "when /var/chef exists and is not accessible" do
             before do
-              allow(File).to receive(:exists?).with(to_platform("/var/chef")).and_return(true)
-              allow(File).to receive(:readable?).with(to_platform("/var/chef")).and_return(true)
-              allow(File).to receive(:writable?).with(to_platform("/var/chef")).and_return(false)
+              allow(File).to receive(:exists?).with(ChefConfig::Config.var_chef_dir).and_return(true)
+              allow(File).to receive(:readable?).with(ChefConfig::Config.var_chef_dir).and_return(true)
+              allow(File).to receive(:writable?).with(ChefConfig::Config.var_chef_dir).and_return(false)
             end
 
             it "defaults to $HOME/.chef" do
@@ -471,21 +500,21 @@ RSpec.describe ChefConfig::Config do
 
             context "and config_dir is /a/b/c" do
               before do
-                ChefConfig::Config.config_dir to_platform("/a/b/c")
+                ChefConfig::Config.config_dir ChefConfig::PathHelper.cleanpath("/a/b/c")
               end
 
               it "cache_path is /a/b/c/local-mode-cache" do
-                expect(ChefConfig::Config.cache_path).to eq(to_platform("/a/b/c/local-mode-cache"))
+                expect(ChefConfig::Config.cache_path).to eq(ChefConfig::PathHelper.cleanpath("/a/b/c/local-mode-cache"))
               end
             end
 
             context "and config_dir is /a/b/c/" do
               before do
-                ChefConfig::Config.config_dir to_platform("/a/b/c/")
+                ChefConfig::Config.config_dir ChefConfig::PathHelper.cleanpath("/a/b/c/")
               end
 
               it "cache_path is /a/b/c/local-mode-cache" do
-                expect(ChefConfig::Config.cache_path).to eq(to_platform("/a/b/c/local-mode-cache"))
+                expect(ChefConfig::Config.cache_path).to eq(ChefConfig::PathHelper.cleanpath("/a/b/c/local-mode-cache"))
               end
             end
           end
@@ -651,15 +680,15 @@ RSpec.describe ChefConfig::Config do
             end
 
             it "expands the path when determining config_dir" do
-              # config_dir goes through PathHelper.canonical_path, which
+              # config_dir goes through ChefConfig::PathHelper.canonical_path, which
               # downcases on windows because the FS is case insensitive, so we
               # have to downcase expected and actual to make the tests work.
-              expect(ChefConfig::Config.config_dir.downcase).to eq(to_platform(Dir.pwd).downcase)
+              expect(ChefConfig::Config.config_dir.downcase).to eq(ChefConfig::PathHelper.cleanpath(Dir.pwd).downcase)
             end
 
             it "does not set derived paths at FS root" do
               ChefConfig::Config.local_mode = true
-              expect(ChefConfig::Config.cache_path.downcase).to eq(to_platform(File.join(Dir.pwd, "local-mode-cache")).downcase)
+              expect(ChefConfig::Config.cache_path.downcase).to eq(ChefConfig::PathHelper.cleanpath(File.join(Dir.pwd, "local-mode-cache")).downcase)
             end
 
           end
@@ -667,13 +696,13 @@ RSpec.describe ChefConfig::Config do
           context "when the config file is /etc/chef/client.rb" do
 
             before do
-              config_location = to_platform("/etc/chef/client.rb").downcase
+              config_location = ChefConfig::PathHelper.cleanpath(ChefConfig::PathHelper.join(ChefConfig::Config.etc_chef_dir, "client.rb")).downcase
               allow(File).to receive(:absolute_path).with(config_location).and_return(config_location)
               ChefConfig::Config.config_file = config_location
             end
 
             it "config_dir is /etc/chef" do
-              expect(ChefConfig::Config.config_dir).to eq(to_platform("/etc/chef").downcase)
+              expect(ChefConfig::Config.config_dir).to eq(ChefConfig::Config.etc_chef_dir.downcase)
             end
 
             context "and chef is running in local mode" do
@@ -682,17 +711,17 @@ RSpec.describe ChefConfig::Config do
               end
 
               it "config_dir is /etc/chef" do
-                expect(ChefConfig::Config.config_dir).to eq(to_platform("/etc/chef").downcase)
+                expect(ChefConfig::Config.config_dir).to eq(ChefConfig::Config.etc_chef_dir.downcase)
               end
             end
 
             context "when config_dir is set to /other/config/dir/" do
               before do
-                ChefConfig::Config.config_dir = to_platform("/other/config/dir/")
+                ChefConfig::Config.config_dir = ChefConfig::PathHelper.cleanpath("/other/config/dir/")
               end
 
               it "yields the explicit value" do
-                expect(ChefConfig::Config.config_dir).to eq(to_platform("/other/config/dir/"))
+                expect(ChefConfig::Config.config_dir).to eq(ChefConfig::PathHelper.cleanpath("/other/config/dir/"))
               end
             end
 
@@ -721,7 +750,7 @@ RSpec.describe ChefConfig::Config do
           if is_windows
             context "when the user's home dir is windows specific" do
               before do
-                ChefConfig::Config.user_home = to_platform("/home/charlie/")
+                ChefConfig::Config.user_home = ChefConfig::PathHelper.cleanpath("/home/charlie/")
               end
 
               it "config_dir is with backslashes" do
@@ -777,7 +806,7 @@ RSpec.describe ChefConfig::Config do
 
       describe "ChefConfig::Config[:user_home]" do
         it "should set when HOME is provided" do
-          expected = to_platform("/home/kitten")
+          expected = ChefConfig::PathHelper.cleanpath("/home/kitten")
           allow(ChefConfig::PathHelper).to receive(:home).and_return(expected)
           expect(ChefConfig::Config[:user_home]).to eq(expected)
         end
@@ -789,7 +818,7 @@ RSpec.describe ChefConfig::Config do
       end
 
       describe "ChefConfig::Config[:encrypted_data_bag_secret]" do
-        let(:db_secret_default_path) { to_platform("/etc/chef/encrypted_data_bag_secret") }
+        let(:db_secret_default_path) { ChefConfig::PathHelper.cleanpath("#{ChefConfig::Config.etc_chef_dir}/encrypted_data_bag_secret") }
 
         before do
           allow(File).to receive(:exist?).with(db_secret_default_path).and_return(secret_exists)

data/spec/unit/workstation_config_loader_spec.rb

@@ -583,6 +583,36 @@ RSpec.describe ChefConfig::WorkstationConfigLoader do
         end
       end
 
+      context "and ssl_verify_mode is a symbol string" do
+        let(:content) do
+          content = <<~EOH
+            [default]
+            ssl_verify_mode = ":verify_none"
+          EOH
+          content
+        end
+
+        it "raises a ConfigurationError" do
+          expect { config_loader.load_credentials }.not_to raise_error
+          expect(ChefConfig::Config.ssl_verify_mode).to eq(:verify_none)
+        end
+      end
+
+      context "and ssl_verify_mode is a string" do
+        let(:content) do
+          content = <<~EOH
+            [default]
+            ssl_verify_mode = "verify_none"
+          EOH
+          content
+        end
+
+        it "raises a ConfigurationError" do
+          expect { config_loader.load_credentials }.not_to raise_error
+          expect(ChefConfig::Config.ssl_verify_mode).to eq(:verify_none)
+        end
+      end
+
       context "and has a syntax error" do
         let(:content) { "<<<<<" }
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef-config
 version: !ruby/object:Gem::Version
-  version: 15.5.17
+  version: 15.6.10
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-21 00:00:00.000000000 Z
+date: 2019-12-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-utils
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 15.5.17
+        version: 15.6.10
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 15.5.17
+        version: 15.6.10
 - !ruby/object:Gem::Dependency
   name: mixlib-shellout
   requirement: !ruby/object:Gem::Requirement
@@ -174,6 +174,7 @@ files:
 - chef-config.gemspec
 - lib/chef-config.rb
 - lib/chef-config/config.rb
+- lib/chef-config/dist.rb
 - lib/chef-config/exceptions.rb
 - lib/chef-config/fips.rb
 - lib/chef-config/logger.rb