chef-vault-testfixtures 0.3.0.20150417141427 → 0.4.0.20150424123749
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/History.md +4 -0
- data/README.md +12 -0
- data/chef-vault-testfixtures.gemspec +3 -3
- data/lib/chef-vault/test_fixtures.rb +32 -3
- data/spec/lib/chef-vault/test_fixtures_spec.rb +18 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1cab73c11ad8e6ff474d55781924adac92429b55
|
|
4
|
+
data.tar.gz: 6706ff2bd9cc0a310b8c39b366fbb1b8baf9872f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 98b1322d292df41c7d124c39c7042075cc2322b98059f2820466210c97d6ed2ced8e544014cd56040992bbc3d5bade1af3f37261ecddfcb6fae011ab1f848b46
|
|
7
|
+
data.tar.gz: 0fea9ed27ed577f828cee69cb2c290334fc43bb2712d6c0cb09f807e81f684289651ce081886e5eb08b4eed092a29c8a935f8239568b90c8bcb84f6aedcdf98a
|
data/History.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
# Changelog for chef-vault-testfixtures
|
|
2
2
|
|
|
3
|
+
## 0.4.0
|
|
4
|
+
|
|
5
|
+
* add stubs for Chef::DataBagItem.load and Chef::DataBag.load for compatibility with code that probes the data bag to determine if it is a vault (e.g. chef-vault cookbook ~> 1.3)
|
|
6
|
+
|
|
3
7
|
## 0.3.0
|
|
4
8
|
|
|
5
9
|
* completely re-work to use JSON data bag files in test/integration for compatibility with the fallback mechanism in the chef-vault cookbook
|
data/README.md
CHANGED
|
@@ -71,6 +71,18 @@ The recipe that the example tests:
|
|
|
71
71
|
The helper will call `ChefVault::Item.load`, which will be stubbed using
|
|
72
72
|
the data bag from the test/integration/data_bags directory.
|
|
73
73
|
|
|
74
|
+
## VAULT PROBING
|
|
75
|
+
|
|
76
|
+
Some recipes and helpers attempt to determine if a data bag is a vault
|
|
77
|
+
by checking the raw data bag item to see if one of the values contains
|
|
78
|
+
encrypted data, then checking for the existence of the `_keys` data bag
|
|
79
|
+
item to go along with the normal item. The [sensu cookbook](https://github.com/sensu/sensu-chef/blob/35ee3aa6fa4ad578cdf751fe6822e3d2b3890d94/libraries/sensu_helpers.rb#L39-55) is a good example
|
|
80
|
+
of this:
|
|
81
|
+
|
|
82
|
+
The helper also stubs these methods, so that the probe mechanism should
|
|
83
|
+
consider the data bag to be a vault and call ChefVault::Item.load, which
|
|
84
|
+
is stubbed as described above.
|
|
85
|
+
|
|
74
86
|
## DEPENDENCIES
|
|
75
87
|
|
|
76
88
|
It may seem strange that chef isn't a runtime dependency of this gem.
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
|
2
|
-
# stub: chef-vault-testfixtures 0.
|
|
2
|
+
# stub: chef-vault-testfixtures 0.4.0.20150424123749 ruby lib
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |s|
|
|
5
5
|
s.name = "chef-vault-testfixtures"
|
|
6
|
-
s.version = "0.
|
|
6
|
+
s.version = "0.4.0.20150424123749"
|
|
7
7
|
|
|
8
8
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
9
9
|
s.require_paths = ["lib"]
|
|
10
10
|
s.authors = ["James FitzGibbon"]
|
|
11
|
-
s.date = "2015-04-
|
|
11
|
+
s.date = "2015-04-24"
|
|
12
12
|
s.description = "chef-vault-testfixtures provides an RSpec shared context that\nstubs access to chef-vault encrypted data bags using the same\nfallback mechanism as the `chef_vault_item` helper from the\n[chef-vault cookbook](https://supermarket.chef.io/cookbooks/chef-vault)"
|
|
13
13
|
s.email = ["james.i.fitzgibbon@nordstrom.com"]
|
|
14
14
|
s.extra_rdoc_files = ["History.md", "Manifest.txt", "README.md"]
|
|
@@ -8,7 +8,7 @@ require 'chef-vault'
|
|
|
8
8
|
class ChefVault
|
|
9
9
|
# dynamic RSpec contexts for cookbooks that use chef-vault
|
|
10
10
|
class TestFixtures
|
|
11
|
-
VERSION = '0.
|
|
11
|
+
VERSION = '0.4.0'
|
|
12
12
|
|
|
13
13
|
# dynamically creates a memoized RSpec shared context
|
|
14
14
|
# that when included into an example group will stub
|
|
@@ -44,21 +44,50 @@ class ChefVault
|
|
|
44
44
|
|
|
45
45
|
def stub_vault_item(vault, item, json)
|
|
46
46
|
content = JSON.parse(json)
|
|
47
|
+
db = make_fakedatabag(vault, item)
|
|
48
|
+
dbi = make_fakedatabagitem(vault, item)
|
|
47
49
|
vi = make_fakevault(vault, item)
|
|
50
|
+
|
|
48
51
|
# stub lookup of each of the vault item keys
|
|
49
52
|
content.each do |k, v|
|
|
50
53
|
next if 'id' == k
|
|
54
|
+
dbi[k] = { 'encrypted_data' => '...' }
|
|
51
55
|
allow(vi).to receive(:[]).with(k).and_return(v)
|
|
52
56
|
end
|
|
53
|
-
|
|
54
|
-
#
|
|
57
|
+
|
|
58
|
+
# stub ChefVault and Chef::DataBag to return the doubles
|
|
59
|
+
# via both symbol and string forms of the data bag name
|
|
55
60
|
[vault, vault.to_sym].each do |dbname|
|
|
56
61
|
allow(ChefVault::Item).to(
|
|
57
62
|
receive(:load)
|
|
58
63
|
.with(dbname, item)
|
|
59
64
|
.and_return(vi)
|
|
60
65
|
)
|
|
66
|
+
allow(Chef::DataBagItem).to(
|
|
67
|
+
receive(:load)
|
|
68
|
+
.with(dbname, item)
|
|
69
|
+
.and_return(dbi)
|
|
70
|
+
)
|
|
71
|
+
allow(Chef::DataBag).to(
|
|
72
|
+
receive(:load)
|
|
73
|
+
.with(dbname)
|
|
74
|
+
.and_return(db)
|
|
75
|
+
)
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def make_fakedatabagitem(_, _)
|
|
80
|
+
{}
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def make_fakedatabag(vault, item)
|
|
84
|
+
db = double "databag #{vault}"
|
|
85
|
+
%w(key? has_key?).each do |pred|
|
|
86
|
+
allow(db).to(receive(pred.to_sym)
|
|
87
|
+
.with("#{item}_keys")
|
|
88
|
+
.and_return(true))
|
|
61
89
|
end
|
|
90
|
+
db
|
|
62
91
|
end
|
|
63
92
|
|
|
64
93
|
def make_fakevault(vault, item)
|
|
@@ -36,7 +36,7 @@ RSpec.describe ChefVault::TestFixtures do
|
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
-
describe '
|
|
39
|
+
describe 'stub ChefVault::Item.load' do
|
|
40
40
|
it 'should stub the foo/bar vault item' do
|
|
41
41
|
baz = ChefVault::Item.load('foo', 'bar')['baz']
|
|
42
42
|
expect(baz).to eq(2)
|
|
@@ -79,4 +79,21 @@ RSpec.describe ChefVault::TestFixtures do
|
|
|
79
79
|
item.save
|
|
80
80
|
end
|
|
81
81
|
end
|
|
82
|
+
|
|
83
|
+
describe 'stub Chef::DataBagItem.load' do
|
|
84
|
+
it 'should present the foo/bar data bag item as encrypted' do
|
|
85
|
+
dbi = Chef::DataBagItem.load('foo', 'bar')
|
|
86
|
+
encrypted = dbi.detect do |_, v|\
|
|
87
|
+
v.is_a?(Hash) && v.key?('encrypted_data')
|
|
88
|
+
end
|
|
89
|
+
expect(encrypted).to be_truthy
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
describe 'stub Chef::DataBag.load' do
|
|
94
|
+
it 'should fake the foo/bar_keys data bag item' do
|
|
95
|
+
db = Chef::DataBag.load('foo')
|
|
96
|
+
expect(db.key?('bar_keys')).to be_truthy
|
|
97
|
+
end
|
|
98
|
+
end
|
|
82
99
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: chef-vault-testfixtures
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0.20150424123749
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James FitzGibbon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-04-
|
|
11
|
+
date: 2015-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|