chef-vault-testfixtures 0.3.0.20150417141427 → 0.4.0.20150424123749
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +4 -0
- data/README.md +12 -0
- data/chef-vault-testfixtures.gemspec +3 -3
- data/lib/chef-vault/test_fixtures.rb +32 -3
- data/spec/lib/chef-vault/test_fixtures_spec.rb +18 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1cab73c11ad8e6ff474d55781924adac92429b55
|
|
4
|
+
data.tar.gz: 6706ff2bd9cc0a310b8c39b366fbb1b8baf9872f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 98b1322d292df41c7d124c39c7042075cc2322b98059f2820466210c97d6ed2ced8e544014cd56040992bbc3d5bade1af3f37261ecddfcb6fae011ab1f848b46
|
|
7
|
+
data.tar.gz: 0fea9ed27ed577f828cee69cb2c290334fc43bb2712d6c0cb09f807e81f684289651ce081886e5eb08b4eed092a29c8a935f8239568b90c8bcb84f6aedcdf98a
|
data/History.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
# Changelog for chef-vault-testfixtures
|
|
2
2
|
|
|
3
|
+
## 0.4.0
|
|
4
|
+
|
|
5
|
+
* add stubs for Chef::DataBagItem.load and Chef::DataBag.load for compatibility with code that probes the data bag to determine if it is a vault (e.g. chef-vault cookbook ~> 1.3)
|
|
6
|
+
|
|
3
7
|
## 0.3.0
|
|
4
8
|
|
|
5
9
|
* completely re-work to use JSON data bag files in test/integration for compatibility with the fallback mechanism in the chef-vault cookbook
|
data/README.md
CHANGED
|
@@ -71,6 +71,18 @@ The recipe that the example tests:
|
|
|
71
71
|
The helper will call `ChefVault::Item.load`, which will be stubbed using
|
|
72
72
|
the data bag from the test/integration/data_bags directory.
|
|
73
73
|
|
|
74
|
+
## VAULT PROBING
|
|
75
|
+
|
|
76
|
+
Some recipes and helpers attempt to determine if a data bag is a vault
|
|
77
|
+
by checking the raw data bag item to see if one of the values contains
|
|
78
|
+
encrypted data, then checking for the existence of the `_keys` data bag
|
|
79
|
+
item to go along with the normal item. The [sensu cookbook](https://github.com/sensu/sensu-chef/blob/35ee3aa6fa4ad578cdf751fe6822e3d2b3890d94/libraries/sensu_helpers.rb#L39-55) is a good example
|
|
80
|
+
of this:
|
|
81
|
+
|
|
82
|
+
The helper also stubs these methods, so that the probe mechanism should
|
|
83
|
+
consider the data bag to be a vault and call ChefVault::Item.load, which
|
|
84
|
+
is stubbed as described above.
|
|
85
|
+
|
|
74
86
|
## DEPENDENCIES
|
|
75
87
|
|
|
76
88
|
It may seem strange that chef isn't a runtime dependency of this gem.
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
|
2
|
-
# stub: chef-vault-testfixtures 0.
|
|
2
|
+
# stub: chef-vault-testfixtures 0.4.0.20150424123749 ruby lib
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |s|
|
|
5
5
|
s.name = "chef-vault-testfixtures"
|
|
6
|
-
s.version = "0.
|
|
6
|
+
s.version = "0.4.0.20150424123749"
|
|
7
7
|
|
|
8
8
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
9
9
|
s.require_paths = ["lib"]
|
|
10
10
|
s.authors = ["James FitzGibbon"]
|
|
11
|
-
s.date = "2015-04-
|
|
11
|
+
s.date = "2015-04-24"
|
|
12
12
|
s.description = "chef-vault-testfixtures provides an RSpec shared context that\nstubs access to chef-vault encrypted data bags using the same\nfallback mechanism as the `chef_vault_item` helper from the\n[chef-vault cookbook](https://supermarket.chef.io/cookbooks/chef-vault)"
|
|
13
13
|
s.email = ["james.i.fitzgibbon@nordstrom.com"]
|
|
14
14
|
s.extra_rdoc_files = ["History.md", "Manifest.txt", "README.md"]
|
|
@@ -8,7 +8,7 @@ require 'chef-vault'
|
|
|
8
8
|
class ChefVault
|
|
9
9
|
# dynamic RSpec contexts for cookbooks that use chef-vault
|
|
10
10
|
class TestFixtures
|
|
11
|
-
VERSION = '0.
|
|
11
|
+
VERSION = '0.4.0'
|
|
12
12
|
|
|
13
13
|
# dynamically creates a memoized RSpec shared context
|
|
14
14
|
# that when included into an example group will stub
|
|
@@ -44,21 +44,50 @@ class ChefVault
|
|
|
44
44
|
|
|
45
45
|
def stub_vault_item(vault, item, json)
|
|
46
46
|
content = JSON.parse(json)
|
|
47
|
+
db = make_fakedatabag(vault, item)
|
|
48
|
+
dbi = make_fakedatabagitem(vault, item)
|
|
47
49
|
vi = make_fakevault(vault, item)
|
|
50
|
+
|
|
48
51
|
# stub lookup of each of the vault item keys
|
|
49
52
|
content.each do |k, v|
|
|
50
53
|
next if 'id' == k
|
|
54
|
+
dbi[k] = { 'encrypted_data' => '...' }
|
|
51
55
|
allow(vi).to receive(:[]).with(k).and_return(v)
|
|
52
56
|
end
|
|
53
|
-
|
|
54
|
-
#
|
|
57
|
+
|
|
58
|
+
# stub ChefVault and Chef::DataBag to return the doubles
|
|
59
|
+
# via both symbol and string forms of the data bag name
|
|
55
60
|
[vault, vault.to_sym].each do |dbname|
|
|
56
61
|
allow(ChefVault::Item).to(
|
|
57
62
|
receive(:load)
|
|
58
63
|
.with(dbname, item)
|
|
59
64
|
.and_return(vi)
|
|
60
65
|
)
|
|
66
|
+
allow(Chef::DataBagItem).to(
|
|
67
|
+
receive(:load)
|
|
68
|
+
.with(dbname, item)
|
|
69
|
+
.and_return(dbi)
|
|
70
|
+
)
|
|
71
|
+
allow(Chef::DataBag).to(
|
|
72
|
+
receive(:load)
|
|
73
|
+
.with(dbname)
|
|
74
|
+
.and_return(db)
|
|
75
|
+
)
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def make_fakedatabagitem(_, _)
|
|
80
|
+
{}
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def make_fakedatabag(vault, item)
|
|
84
|
+
db = double "databag #{vault}"
|
|
85
|
+
%w(key? has_key?).each do |pred|
|
|
86
|
+
allow(db).to(receive(pred.to_sym)
|
|
87
|
+
.with("#{item}_keys")
|
|
88
|
+
.and_return(true))
|
|
61
89
|
end
|
|
90
|
+
db
|
|
62
91
|
end
|
|
63
92
|
|
|
64
93
|
def make_fakevault(vault, item)
|
|
@@ -36,7 +36,7 @@ RSpec.describe ChefVault::TestFixtures do
|
|
|
36
36
|
end
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
-
describe '
|
|
39
|
+
describe 'stub ChefVault::Item.load' do
|
|
40
40
|
it 'should stub the foo/bar vault item' do
|
|
41
41
|
baz = ChefVault::Item.load('foo', 'bar')['baz']
|
|
42
42
|
expect(baz).to eq(2)
|
|
@@ -79,4 +79,21 @@ RSpec.describe ChefVault::TestFixtures do
|
|
|
79
79
|
item.save
|
|
80
80
|
end
|
|
81
81
|
end
|
|
82
|
+
|
|
83
|
+
describe 'stub Chef::DataBagItem.load' do
|
|
84
|
+
it 'should present the foo/bar data bag item as encrypted' do
|
|
85
|
+
dbi = Chef::DataBagItem.load('foo', 'bar')
|
|
86
|
+
encrypted = dbi.detect do |_, v|\
|
|
87
|
+
v.is_a?(Hash) && v.key?('encrypted_data')
|
|
88
|
+
end
|
|
89
|
+
expect(encrypted).to be_truthy
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
describe 'stub Chef::DataBag.load' do
|
|
94
|
+
it 'should fake the foo/bar_keys data bag item' do
|
|
95
|
+
db = Chef::DataBag.load('foo')
|
|
96
|
+
expect(db.key?('bar_keys')).to be_truthy
|
|
97
|
+
end
|
|
98
|
+
end
|
|
82
99
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: chef-vault-testfixtures
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0.20150424123749
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- James FitzGibbon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-04-
|
|
11
|
+
date: 2015-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|