chef-vault 1.2.4 → 1.2.5
Sign up to get free protection for your applications and to get access to all the features.
- data/Changelog.md +4 -0
- data/lib/chef-vault/version.rb +1 -1
- data/lib/chef/knife/EncryptCert.rb +1 -2
- data/lib/chef/knife/EncryptPassword.rb +1 -2
- data/lib/chef/knife/compat.rb +22 -5
- metadata +2 -2
data/Changelog.md
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
## Unreleased
|
2
2
|
|
3
|
+
## v1.2.5 / 2013-07-22
|
4
|
+
* Update compat to be class ChefVault not module ChefVault to remove knife errors
|
5
|
+
* Allow nodes/clients to be used as Admins
|
6
|
+
|
3
7
|
## v1.2.4 / 2013-07-01
|
4
8
|
* Move compat include into the lazy-load deps
|
5
9
|
* Modify open file commands in knife commands to avoid file locking on windows
|
data/lib/chef-vault/version.rb
CHANGED
@@ -117,8 +117,7 @@ class EncryptCert < Chef::Knife
|
|
117
117
|
puts("INFO: Skipping #{user} as it is already in the data bag")
|
118
118
|
else
|
119
119
|
puts("INFO: Adding #{user} to public_key array...")
|
120
|
-
|
121
|
-
keyfob[user] = OpenSSL::PKey::RSA.new public_key
|
120
|
+
keyfob[user] = get_user_public_key(user)
|
122
121
|
end
|
123
122
|
rescue Exception => user_error
|
124
123
|
puts("WARNING: Caught exception: #{user_error.message} while processing #{user}, so skipping...")
|
@@ -115,8 +115,7 @@ class EncryptPassword < Chef::Knife
|
|
115
115
|
puts("INFO: Skipping #{user} as it is already in the data bag")
|
116
116
|
else
|
117
117
|
puts("INFO: Adding #{user} to public_key array...")
|
118
|
-
|
119
|
-
keyfob[user] = OpenSSL::PKey::RSA.new public_key
|
118
|
+
keyfob[user] = get_user_public_key(user)
|
120
119
|
end
|
121
120
|
rescue Exception => user_error
|
122
121
|
puts("WARNING: Caught exception: #{user_error.message} while processing #{user}, so skipping...")
|
data/lib/chef/knife/compat.rb
CHANGED
@@ -15,7 +15,7 @@
|
|
15
15
|
|
16
16
|
# Make a wraper to chef10/11 "shef/shell" changes
|
17
17
|
|
18
|
-
|
18
|
+
class ChefVault
|
19
19
|
module Compat
|
20
20
|
require 'chef/version'
|
21
21
|
def extend_context_object(obj)
|
@@ -29,21 +29,38 @@ module ChefVault
|
|
29
29
|
end
|
30
30
|
|
31
31
|
def get_client_public_key(client)
|
32
|
-
|
32
|
+
get_public_key(api.get("clients/#{client}"))
|
33
|
+
end
|
33
34
|
|
35
|
+
def get_user_public_key(user)
|
36
|
+
begin
|
37
|
+
user = api.get("users/#{user}")
|
38
|
+
rescue Exception
|
39
|
+
puts("INFO: Could not locate user #{user}, searching for client key instead")
|
40
|
+
user = api.get("clients/#{user}")
|
41
|
+
end
|
42
|
+
get_public_key(user)
|
43
|
+
end
|
44
|
+
|
45
|
+
def get_public_key(client)
|
34
46
|
# Check the response back from the api call to see if
|
35
47
|
# we get 'certificate' which is Chef 10 or just
|
36
48
|
# 'public_key' which is Chef 11
|
37
49
|
unless client.is_a?(Chef::ApiClient)
|
38
50
|
name = client['name']
|
39
51
|
certificate = client['certificate']
|
52
|
+
public_key = client['public_key']
|
53
|
+
|
40
54
|
client = Chef::ApiClient.new
|
41
55
|
client.name name
|
42
56
|
client.admin false
|
43
57
|
|
44
|
-
|
45
|
-
|
46
|
-
|
58
|
+
if certificate
|
59
|
+
cert_der = OpenSSL::X509::Certificate.new certificate
|
60
|
+
client.public_key cert_der.public_key.to_s
|
61
|
+
else
|
62
|
+
client.public_key public_key
|
63
|
+
end
|
47
64
|
end
|
48
65
|
|
49
66
|
public_key = OpenSSL::PKey::RSA.new client.public_key
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chef-vault
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.5
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-07-
|
12
|
+
date: 2013-07-22 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: chef
|