chef-vault 4.1.3 → 4.1.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 19add775da291b1eb9dc767f149c98e477f5048ea30e4a525ff1e143918f5847
-  data.tar.gz: 483d87a0e56f4209fc532be68a11add44a2b7a968ce9ee0c37729e241cb723c5
+  metadata.gz: f6931a0011e0829b7920dfdab68f8c445a4ffed1533a15f530aca518df8a6aca
+  data.tar.gz: beae925bc1d474a7f01b8e2d5d640594f33f0326a22cfda12bf26d9a4f847cc6
 SHA512:
-  metadata.gz: 70423d48be58261e55b09b0cba47df51366571795d2bd9b1c60c0255b26f1e796e3d52c8c3cb32f13ae33e07860c88c67b2d124e74b432b8ac0bfc00c6b9b4a4
-  data.tar.gz: 89400da10b9840bd63b9ff626abbb32bea9f40897efa989f70c5ee63e6e533a21807491a936358d35652af30c67ceb67c4a9e5345393758217b7f9c42320bd58
+  metadata.gz: e7a7a8ba29f67856dd66dc2a97aed27b13c6895062b0ba716a31398042482e0b4bc189e52d00b6effe286bf7328234b45ecc861304154a84abb8132aa0f5b872
+  data.tar.gz: ab3dcc738ce3afafc436c43056bb5de4d946bc274421410cbacce56a5ec69be51825320829144218afc260646a1f40553088bf3f1bf8962d4668ea2cb5ff67a0

data/Gemfile

@@ -4,13 +4,22 @@ gemspec
 
 group :development do
   gem "chefstyle"
-  gem "chef-zero"
   gem "rake"
-  gem "rspec", "~> 3.4"
-  gem "aruba", "~> 0.6"
-  gem "chef", "~> 14.0" # avoids test failures on license acceptance
   gem "contracts", "~> 0.16.1" # pin until we drop ruby < 2.7
-  gem "chef-utils", "= 16.6.14" # pin until we drop ruby 2.5
+  if Gem::Version.new(RUBY_VERSION) < Gem::Version.new("3.0.0")
+    gem "chef-zero"
+    gem "rspec", "~> 3.4"
+    gem "aruba", "~> 0.6"
+    gem "chef", "~> 14.0"
+    gem "chef-utils", "17.10.0" # pin until we drop ruby 2.5
+  else
+    gem "chef-zero", ">= 15.0.4"
+    gem "chef", "~> 17.0"
+    gem "rspec", "~> 3.10.0"
+    gem "aruba", "~> 1.1"
+    gem "knife", "~> 17.0"
+    gem "chef-utils", "17.10.0" # pin until we drop ruby >=3
+  end
 end
 
 group :docs do
@@ -22,6 +31,8 @@ end
 group :debug do
   gem "pry"
   gem "pry-byebug"
-  gem "pry-stack_explorer", "~> 0.4.0" # pin until we drop ruby < 2.6
+  gem "pry-stack_explorer", "~> 0.6.1" # pin until we drop ruby < 2.6
   gem "rb-readline"
 end
+
+gem "simplecov", require: false

data/bin/chef-vault

@@ -88,7 +88,7 @@ require "chef-vault"
 
 ChefVault::Log.init(STDOUT)
 ChefVault.load_config(options[:chef])
-item = ChefVault::Item.load(options[:vault], options[:item])
+item = ChefVault::Item.load(options[:vault], options[:item], options)
 
 ChefVault::Log.info "#{options[:vault]}/#{options[:item]}"
 

data/chef-vault.gemspec

@@ -31,5 +31,5 @@ Gem::Specification.new do |s|
   s.bindir           = "bin"
   s.executables      = %w{ chef-vault }
 
-  s.required_ruby_version = ">= 2.4"
+  s.required_ruby_version = ">= 2.6"
 end

data/lib/chef/knife/vault_create.rb

@@ -14,15 +14,11 @@
 # limitations under the License.
 
 require_relative "vault_base"
-require_relative "vault_admins"
-require_relative "vault_clients"
 
 class Chef
   class Knife
     class VaultCreate < Knife
       include Chef::Knife::VaultBase
-      include Chef::Knife::VaultAdmins
-      include Chef::Knife::VaultClients
 
       banner "knife vault create VAULT ITEM VALUES (options)"
 
@@ -55,6 +51,13 @@ class Chef
         long: "--file FILE",
         description: "File to be added to vault item as file-content"
 
+      deps do
+        require_relative "vault_admins"
+        require_relative "vault_clients"
+        include Chef::Knife::VaultAdmins
+        include Chef::Knife::VaultClients
+      end
+
       def run
         vault = @name_args[0]
         item = @name_args[1]

data/lib/chef/knife/vault_delete.rb

@@ -30,13 +30,15 @@ class Chef
 
         if vault && item
           delete_object(ChefVault::Item, "#{vault}/#{item}", "chef_vault_item") do
-
-            ChefVault::Item.load(vault, item).destroy
-          rescue ChefVault::Exceptions::KeysNotFound,
-                 ChefVault::Exceptions::ItemNotFound
-            raise ChefVault::Exceptions::ItemNotFound,
-              "#{vault}/#{item} not found."
-
+            # rubocop:disable all
+            begin
+              ChefVault::Item.load(vault, item).destroy
+            rescue ChefVault::Exceptions::KeysNotFound,
+              ChefVault::Exceptions::ItemNotFound
+              raise ChefVault::Exceptions::ItemNotFound,
+                "#{vault}/#{item} not found."
+            end
+            # rubocop:enable all
           end
         else
           show_usage

data/lib/chef/knife/vault_remove.rb

@@ -14,13 +14,11 @@
 # limitations under the License.
 
 require_relative "vault_base"
-require_relative "vault_clients"
 
 class Chef
   class Knife
     class VaultRemove < Knife
       include Chef::Knife::VaultBase
-      include Chef::Knife::VaultClients
 
       banner "knife vault remove VAULT ITEM VALUES (options)"
 
@@ -43,6 +41,11 @@ class Chef
         long: "--clean-unknown-clients",
         description: "Remove unknown clients during key rotation"
 
+      deps do
+        require_relative "vault_clients"
+        include Chef::Knife::VaultClients
+      end
+
       def run
         vault = @name_args[0]
         item = @name_args[1]

data/lib/chef/knife/vault_update.rb

@@ -14,15 +14,11 @@
 # limitations under the License.
 
 require_relative "vault_base"
-require_relative "vault_admins"
-require_relative "vault_clients"
 
 class Chef
   class Knife
     class VaultUpdate < Knife
       include Chef::Knife::VaultBase
-      include Chef::Knife::VaultAdmins
-      include Chef::Knife::VaultClients
 
       banner "knife vault update VAULT ITEM VALUES (options)"
 
@@ -59,6 +55,13 @@ class Chef
         long: "--keys-mode KEYS_MODE",
         description: "Mode in which to save vault keys"
 
+      deps do
+        require_relative "vault_admins"
+        require_relative "vault_clients"
+        include Chef::Knife::VaultAdmins
+        include Chef::Knife::VaultClients
+      end
+
       def run
         vault = @name_args[0]
         item = @name_args[1]

data/lib/chef-vault/actor.rb

@@ -39,7 +39,7 @@ class ChefVault
     def get_admin_key
       # chef vault currently only supports using the default key
       get_key("users")
-    rescue Net::HTTPServerException => http_error
+    rescue Net::HTTPClientException => http_error
       # if we failed to find an admin key, attempt to load a client key by the same name
       case http_error.response.code
       when "403"
@@ -49,7 +49,7 @@ class ChefVault
         begin
           ChefVault::Log.warn "The default key for #{name} not found in users, trying client keys."
           get_key("clients")
-        rescue Net::HTTPServerException => http_error
+        rescue Net::HTTPClientException => http_error
           case http_error.response.code
           when "404"
             raise ChefVault::Exceptions::AdminNotFound,
@@ -68,7 +68,7 @@ class ChefVault
 
     def get_client_key
       get_key("clients")
-    rescue Net::HTTPServerException => http_error
+    rescue Net::HTTPClientException => http_error
       if http_error.response.code.eql?("403")
         print_forbidden_error
         raise http_error
@@ -114,7 +114,7 @@ class ChefVault
     def get_key(request_actor_type)
       api.org_scoped_rest_v1.get("#{request_actor_type}/#{name}/keys/default").fetch("public_key")
     # If the keys endpoint doesn't exist, try getting it directly from the V0 chef object.
-    rescue Net::HTTPServerException => http_error
+    rescue Net::HTTPClientException => http_error
       raise http_error unless http_error.response.code.eql?("404")
 
       if request_actor_type.eql?("clients")

data/lib/chef-vault/item.rb

@@ -89,12 +89,14 @@ class ChefVault
         handle_client_action(search_or_client, action)
       else
         search_or_client.each do |name|
-
-          client = load_actor(name, "clients")
-          handle_client_action(client, action)
-        rescue ChefVault::Exceptions::ClientNotFound
-          ChefVault::Log.warn "node '#{name}' has no 'default' public key; skipping"
-
+          # rubocop:disable all
+          begin
+            client = load_actor(name, "clients")
+            handle_client_action(client, action)
+          rescue ChefVault::Exceptions::ClientNotFound
+            ChefVault::Log.warn "node '#{name}' has no 'default' public key; skipping"
+          end
+          # rubocop:enable all
         end
       end
     end
@@ -229,7 +231,7 @@ class ChefVault
       else
         begin
           Chef::DataBag.load(data_bag)
-        rescue Net::HTTPServerException => http_error
+        rescue Net::HTTPClientException => http_error
           if http_error.response.code == "404"
             chef_data_bag = Chef::DataBag.new
             chef_data_bag.name data_bag
@@ -293,7 +295,7 @@ class ChefVault
       begin
         item.raw_data =
           Chef::EncryptedDataBagItem.load(vault, name, item.secret).to_hash
-      rescue Net::HTTPServerException => http_error
+      rescue Net::HTTPClientException => http_error
         if http_error.response.code == "404"
           raise ChefVault::Exceptions::ItemNotFound,
             "#{vault}/#{name} could not be found"
@@ -304,10 +306,17 @@ class ChefVault
         raise ChefVault::Exceptions::ItemNotFound,
           "#{vault}/#{name} could not be found"
       end
-
+      format_output(opts[:values], item) if opts[:values]
       item
     end
 
+    def self.format_output(values, item)
+      values.split(",").each do |value|
+        value.strip!
+        $stdout.puts("#{value}: #{item[value]}")
+      end
+    end
+
     def delete_client(client_name)
       client_key = load_actor(client_name, "clients")
       keys.delete(client_key)
@@ -342,7 +351,7 @@ class ChefVault
       # and https://github.com/sensu/sensu-chef/blob/2.9.0/libraries/sensu_helpers.rb
       begin
         dbi = Chef::DataBagItem.load(vault, name)
-      rescue Net::HTTPServerException => http_error
+      rescue Net::HTTPClientException => http_error
         if http_error.response.code == "404"
           raise ChefVault::Exceptions::ItemNotFound,
             "#{vault}/#{name} not found"
@@ -445,7 +454,7 @@ class ChefVault
     def client_exists?(clientname)
       Chef::ApiClient.load(clientname)
       true
-    rescue Net::HTTPServerException => http_error
+    rescue Net::HTTPClientException => http_error
       return false if http_error.response.code == "404"
 
       raise http_error

data/lib/chef-vault/item_keys.rb

@@ -122,7 +122,7 @@ class ChefVault
       unless Chef::Config[:solo_legacy_mode]
         begin
           Chef::DataBag.load(data_bag)
-        rescue Net::HTTPServerException => http_error
+        rescue Net::HTTPClientException => http_error
           if http_error.response.code == "404"
             chef_data_bag = Chef::DataBag.new
             chef_data_bag.name data_bag
@@ -143,7 +143,7 @@ class ChefVault
               Chef::DataBagItem.from_hash("data_bag" => data_bag,
                                           "id" => sparse_id(key))
                 .destroy(data_bag, sparse_id(key))
-            rescue Net::HTTPServerException => http_error
+            rescue Net::HTTPClientException => http_error
               raise http_error unless http_error.response.code == "404"
             end
           end
@@ -234,7 +234,7 @@ class ChefVault
     def self.load(vault, name)
       begin
         data_bag_item = Chef::DataBagItem.load(vault, name)
-      rescue Net::HTTPServerException => http_error
+      rescue Net::HTTPClientException => http_error
         if http_error.response.code == "404"
           raise ChefVault::Exceptions::KeysNotFound,
             "#{vault}/#{name} could not be found"
@@ -265,7 +265,7 @@ class ChefVault
       else
         begin
           Chef::DataBagItem.load(@data_bag, sid)
-        rescue Net::HTTPServerException => http_error
+        rescue Net::HTTPClientException => http_error
           nil if http_error.response.code == "404"
         end
       end

data/lib/chef-vault/version.rb

@@ -15,6 +15,6 @@
 # limitations under the License.
 
 class ChefVault
-  VERSION = "4.1.3"
+  VERSION = "4.1.10"
   MAJOR, MINOR, TINY = VERSION.split(".")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef-vault
 version: !ruby/object:Gem::Version
-  version: 4.1.3
+  version: 4.1.10
 platform: ruby
 authors:
 - Thom May
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-09-01 00:00:00.000000000 Z
+date: 2022-04-12 00:00:00.000000000 Z
 dependencies: []
 description: Data encryption support for Chef Infra using data bags
 email:
@@ -61,7 +61,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="