chef-zero 3.2.1 → 4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +3 -0
- data/lib/chef_zero/data_store/memory_store_v2.rb +1 -1
- data/lib/chef_zero/data_store/v1_to_v2_adapter.rb +6 -2
- data/lib/chef_zero/endpoints/policies_endpoint.rb +126 -0
- data/lib/chef_zero/server.rb +2 -1
- data/lib/chef_zero/version.rb +1 -1
- data/spec/run_oc_pedant.rb +3 -0
- data/spec/run_pedant.rb +2 -0
- data/spec/support/pedant.rb +4 -0
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9303597115a96be3764f56348da326bd663b4950
|
|
4
|
+
data.tar.gz: 0d6db19f14312ea7cad130819512153ec56eb9b8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9591446989226c5792ffe7c7bb9e0b3489b2601d1829d1dfdce7f6081fd3c8a11f68524ef7c59775ff35193ba82f3d13655c65360b95aa4b3326831acac520cf
|
|
7
|
+
data.tar.gz: 878fcd44f84e77c8ba2906336d6a9f1a101cbdf0b9476670baf2be8f7bef3c6ca7effc886119ffc936995680a197ec4c384dd1dad4c87c77dbf81d56c1fb7122
|
data/Rakefile
CHANGED
|
@@ -5,14 +5,17 @@ require 'chef_zero/version'
|
|
|
5
5
|
|
|
6
6
|
task :default => :pedant
|
|
7
7
|
|
|
8
|
+
desc "run specs"
|
|
8
9
|
task :spec do
|
|
9
10
|
system('rspec spec/*_spec.rb')
|
|
10
11
|
end
|
|
11
12
|
|
|
13
|
+
desc "run pedant"
|
|
12
14
|
task :pedant do
|
|
13
15
|
require File.expand_path('spec/run_pedant')
|
|
14
16
|
end
|
|
15
17
|
|
|
18
|
+
desc "run oc pedant"
|
|
16
19
|
task :oc_pedant do
|
|
17
20
|
require File.expand_path('spec/run_oc_pedant')
|
|
18
21
|
end
|
|
@@ -112,9 +112,13 @@ module ChefZero
|
|
|
112
112
|
begin
|
|
113
113
|
yield
|
|
114
114
|
rescue DataAlreadyExistsError => e
|
|
115
|
-
|
|
115
|
+
err = DataAlreadyExistsError.new([ 'organizations', single_org ] + e.path, e)
|
|
116
|
+
err.set_backtrace(e.backtrace)
|
|
117
|
+
raise err
|
|
116
118
|
rescue DataNotFoundError => e
|
|
117
|
-
|
|
119
|
+
err = DataNotFoundError.new([ 'organizations', single_org ] + e.path, e)
|
|
120
|
+
err.set_backtrace(e.backtrace)
|
|
121
|
+
raise e
|
|
118
122
|
end
|
|
119
123
|
end
|
|
120
124
|
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
require 'ffi_yajl'
|
|
2
|
+
require 'chef_zero/endpoints/rest_object_endpoint'
|
|
3
|
+
require 'chef_zero/chef_data/data_normalizer'
|
|
4
|
+
|
|
5
|
+
module ChefZero
|
|
6
|
+
module Endpoints
|
|
7
|
+
# /policies/:group/:name
|
|
8
|
+
class PoliciesEndpoint < RestObjectEndpoint
|
|
9
|
+
def initialize(server)
|
|
10
|
+
super(server, 'id')
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def get(request)
|
|
14
|
+
already_json_response(200, get_data(request))
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
# Right now we're allowing PUT to create.
|
|
18
|
+
def put(request)
|
|
19
|
+
error = validate(request)
|
|
20
|
+
return error if error
|
|
21
|
+
|
|
22
|
+
code =
|
|
23
|
+
if data_store.exists?(request.rest_path)
|
|
24
|
+
set_data(request, request.rest_path, request.body, :data_store_exceptions)
|
|
25
|
+
200
|
|
26
|
+
else
|
|
27
|
+
name = request.rest_path[4]
|
|
28
|
+
data_store.create(request.rest_path[0..3], name, request.body, :create_dir)
|
|
29
|
+
201
|
|
30
|
+
end
|
|
31
|
+
already_json_response(code, request.body)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def delete(request)
|
|
35
|
+
result = get_data(request, request.rest_path)
|
|
36
|
+
delete_data(request, request.rest_path, :data_store_exceptions)
|
|
37
|
+
already_json_response(200, result)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
private
|
|
41
|
+
|
|
42
|
+
def validate(request)
|
|
43
|
+
req_object = validate_json(request.body)
|
|
44
|
+
validate_name(request, req_object) ||
|
|
45
|
+
validate_run_list(req_object) ||
|
|
46
|
+
validate_each_run_list_item(req_object) ||
|
|
47
|
+
validate_cookbook_locks_collection(req_object) ||
|
|
48
|
+
validate_each_cookbook_locks_item(req_object)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def validate_json(request_body)
|
|
52
|
+
FFI_Yajl::Parser.parse(request_body)
|
|
53
|
+
# TODO: rescue parse error, return 400
|
|
54
|
+
# error(400, "Must specify #{identity_keys.map { |k| k.inspect }.join(' or ')} in JSON")
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def validate_name(request, req_object)
|
|
58
|
+
if !req_object.key?("name")
|
|
59
|
+
error(400, "Must specify 'name' in JSON")
|
|
60
|
+
elsif req_object["name"] != URI.decode(request.rest_path[4])
|
|
61
|
+
error(400, "'name' field in JSON must match the policy name in the URL")
|
|
62
|
+
elsif req_object["name"].size > 255
|
|
63
|
+
error(400, "'name' field in JSON must be 255 characters or fewer")
|
|
64
|
+
elsif req_object["name"] !~ /^[\-[:alnum:]_\.\:]+$/
|
|
65
|
+
error(400, "'name' field in JSON must be contain only alphanumeric, hypen, underscore, and dot characters")
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def validate_run_list(req_object)
|
|
70
|
+
if !req_object.key?("run_list")
|
|
71
|
+
error(400, "Must specify 'run_list' in JSON")
|
|
72
|
+
elsif !req_object["run_list"].kind_of?(Array)
|
|
73
|
+
error(400, "'run_list' must be an Array of run list items")
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def validate_each_run_list_item(req_object)
|
|
78
|
+
req_object["run_list"].each do |run_list_item|
|
|
79
|
+
if res_400 = validate_run_list_item(run_list_item)
|
|
80
|
+
return res_400
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
nil
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def validate_run_list_item(run_list_item)
|
|
87
|
+
if !run_list_item.kind_of?(String)
|
|
88
|
+
error(400, "Items in run_list must be strings in fully qualified recipe format, like recipe[cookbook::recipe]")
|
|
89
|
+
elsif run_list_item !~ /\Arecipe\[[^\s]+::[^\s]+\]\Z/
|
|
90
|
+
error(400, "Items in run_list must be strings in fully qualified recipe format, like recipe[cookbook::recipe]")
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
def validate_cookbook_locks_collection(req_object)
|
|
95
|
+
if !req_object.key?("cookbook_locks")
|
|
96
|
+
error(400, "Must specify 'cookbook_locks' in JSON")
|
|
97
|
+
elsif !req_object["cookbook_locks"].kind_of?(Hash)
|
|
98
|
+
error(400, "'cookbook_locks' must be a JSON object of cookbook_name: lock_data pairs")
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
def validate_each_cookbook_locks_item(req_object)
|
|
103
|
+
req_object["cookbook_locks"].each do |cookbook_name, lock|
|
|
104
|
+
if res_400 = validate_cookbook_locks_item(cookbook_name, lock)
|
|
105
|
+
return res_400
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
nil
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
def validate_cookbook_locks_item(cookbook_name, lock)
|
|
112
|
+
if !lock.kind_of?(Hash)
|
|
113
|
+
error(400, "cookbook_lock entries must be a JSON object")
|
|
114
|
+
elsif !lock.key?("identifier")
|
|
115
|
+
error(400, "cookbook_lock entries must contain an 'identifier' field")
|
|
116
|
+
elsif !lock.key?("dotted_decimal_identifier")
|
|
117
|
+
error(400, "cookbook_lock entries must contain an 'dotted_decimal_identifier' field")
|
|
118
|
+
elsif lock["identifier"].size > 255
|
|
119
|
+
error(400, "cookbook_lock entries 'identifier' field must be 255 or fewer characters")
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
|
data/lib/chef_zero/server.rb
CHANGED
|
@@ -69,6 +69,7 @@ require 'chef_zero/endpoints/organization_users_endpoint'
|
|
|
69
69
|
require 'chef_zero/endpoints/organization_user_endpoint'
|
|
70
70
|
require 'chef_zero/endpoints/organization_validator_key_endpoint'
|
|
71
71
|
require 'chef_zero/endpoints/principal_endpoint'
|
|
72
|
+
require 'chef_zero/endpoints/policies_endpoint'
|
|
72
73
|
require 'chef_zero/endpoints/role_endpoint'
|
|
73
74
|
require 'chef_zero/endpoints/role_environments_endpoint'
|
|
74
75
|
require 'chef_zero/endpoints/sandboxes_endpoint'
|
|
@@ -358,7 +359,6 @@ module ChefZero
|
|
|
358
359
|
# }
|
|
359
360
|
# }
|
|
360
361
|
def load_data(contents, org_name = nil)
|
|
361
|
-
passed_org = !!org_name
|
|
362
362
|
org_name ||= options[:single_org]
|
|
363
363
|
if org_name.nil? && contents.keys != [ 'users' ]
|
|
364
364
|
raise "Must pass an org name to load_data or run in single_org mode"
|
|
@@ -516,6 +516,7 @@ module ChefZero
|
|
|
516
516
|
[ "/organizations/*/environments/*/roles/*", EnvironmentRoleEndpoint.new(self) ],
|
|
517
517
|
[ "/organizations/*/nodes", RestListEndpoint.new(self) ],
|
|
518
518
|
[ "/organizations/*/nodes/*", NodeEndpoint.new(self) ],
|
|
519
|
+
[ "/organizations/*/policies/*/*", PoliciesEndpoint.new(self) ],
|
|
519
520
|
[ "/organizations/*/principals/*", PrincipalEndpoint.new(self) ],
|
|
520
521
|
[ "/organizations/*/roles", RestListEndpoint.new(self) ],
|
|
521
522
|
[ "/organizations/*/roles/*", RoleEndpoint.new(self) ],
|
data/lib/chef_zero/version.rb
CHANGED
data/spec/run_oc_pedant.rb
CHANGED
data/spec/run_pedant.rb
CHANGED
|
@@ -72,11 +72,13 @@ begin
|
|
|
72
72
|
|
|
73
73
|
Pedant.config.suite = 'api'
|
|
74
74
|
Pedant.config[:config_file] = 'spec/support/pedant.rb'
|
|
75
|
+
|
|
75
76
|
Pedant.setup([
|
|
76
77
|
'--skip-knife',
|
|
77
78
|
'--skip-validation',
|
|
78
79
|
'--skip-authentication',
|
|
79
80
|
'--skip-authorization',
|
|
81
|
+
'--skip-keys',
|
|
80
82
|
'--skip-omnibus'
|
|
81
83
|
])
|
|
82
84
|
|
data/spec/support/pedant.rb
CHANGED
|
@@ -75,6 +75,10 @@ superuser_name 'admin'
|
|
|
75
75
|
superuser_key key
|
|
76
76
|
webui_key key
|
|
77
77
|
|
|
78
|
+
# The Policies endpoint is feature-flagged during development. Zero supports
|
|
79
|
+
# the policies endpoint, so turn it on:
|
|
80
|
+
policies? true
|
|
81
|
+
|
|
78
82
|
# Set the platform_class
|
|
79
83
|
platform_class Pedant::OpenSourcePlatform
|
|
80
84
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: chef-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: '4.0'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- John Keiser
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-02-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: mixlib-log
|
|
@@ -171,6 +171,7 @@ files:
|
|
|
171
171
|
- lib/chef_zero/endpoints/organization_users_endpoint.rb
|
|
172
172
|
- lib/chef_zero/endpoints/organization_validator_key_endpoint.rb
|
|
173
173
|
- lib/chef_zero/endpoints/organizations_endpoint.rb
|
|
174
|
+
- lib/chef_zero/endpoints/policies_endpoint.rb
|
|
174
175
|
- lib/chef_zero/endpoints/principal_endpoint.rb
|
|
175
176
|
- lib/chef_zero/endpoints/rest_list_endpoint.rb
|
|
176
177
|
- lib/chef_zero/endpoints/rest_object_endpoint.rb
|
|
@@ -229,9 +230,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
229
230
|
version: '0'
|
|
230
231
|
requirements: []
|
|
231
232
|
rubyforge_project:
|
|
232
|
-
rubygems_version: 2.
|
|
233
|
+
rubygems_version: 2.2.2
|
|
233
234
|
signing_key:
|
|
234
235
|
specification_version: 4
|
|
235
236
|
summary: Self-contained, easy-setup, fast-start in-memory Chef server for testing
|
|
236
237
|
and solo setup purposes
|
|
237
238
|
test_files: []
|
|
239
|
+
has_rdoc:
|