chef 16.8.9-universal-mingw32 → 16.9.29-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +6 -4
- data/README.md +1 -1
- data/chef.gemspec +11 -2
- data/lib/chef/compliance/default_attributes.rb +5 -1
- data/lib/chef/compliance/fetcher/automate.rb +2 -2
- data/lib/chef/compliance/fetcher/chef_server.rb +2 -2
- data/lib/chef/compliance/reporter/automate.rb +1 -2
- data/lib/chef/compliance/reporter/chef_server_automate.rb +4 -2
- data/lib/chef/compliance/runner.rb +53 -39
- data/lib/chef/http/ssl_policies.rb +27 -14
- data/lib/chef/knife/core/formatting_options.rb +49 -0
- data/lib/chef/knife/core/node_presenter.rb +0 -25
- data/lib/chef/knife/core/status_presenter.rb +1 -26
- data/lib/chef/knife/core/windows_bootstrap_context.rb +1 -1
- data/lib/chef/knife/node_show.rb +2 -1
- data/lib/chef/knife/search.rb +2 -1
- data/lib/chef/knife/ssh.rb +2 -0
- data/lib/chef/knife/status.rb +8 -11
- data/lib/chef/policy_builder/policyfile.rb +1 -1
- data/lib/chef/provider/package.rb +53 -19
- data/lib/chef/provider/package/dnf.rb +39 -12
- data/lib/chef/provider/package/dnf/dnf_helper.py +18 -5
- data/lib/chef/provider/package/dnf/python_helper.rb +6 -6
- data/lib/chef/provider/package/freebsd/pkgng.rb +3 -1
- data/lib/chef/provider/yum_repository.rb +2 -2
- data/lib/chef/resource/chef_gem.rb +2 -2
- data/lib/chef/resource/cron/cron_d.rb +1 -0
- data/lib/chef/resource/file.rb +1 -1
- data/lib/chef/resource/gem_package.rb +2 -2
- data/lib/chef/resource/homebrew_cask.rb +3 -3
- data/lib/chef/resource/http_request.rb +1 -1
- data/lib/chef/resource/locale.rb +1 -1
- data/lib/chef/resource/mdadm.rb +2 -2
- data/lib/chef/resource/osx_profile.rb +7 -7
- data/lib/chef/resource/remote_directory.rb +1 -1
- data/lib/chef/resource/ruby.rb +1 -5
- data/lib/chef/resource/ruby_block.rb +1 -1
- data/lib/chef/resource/user/windows_user.rb +5 -0
- data/lib/chef/resource/windows_certificate.rb +2 -12
- data/lib/chef/resource/yum_repository.rb +5 -0
- data/lib/chef/shell.rb +32 -1
- data/lib/chef/version.rb +1 -1
- data/spec/data/rubygems.org/latest_specs.4.8.gz +0 -0
- data/spec/data/rubygems.org/nonexistent_gem +0 -0
- data/spec/data/rubygems.org/sexp_processor +0 -0
- data/spec/data/rubygems.org/sexp_processor-4.15.1.gemspec.rz +0 -0
- data/spec/data/ssl/binary/chef-rspec-der.cert +0 -0
- data/spec/data/ssl/binary/chef-rspec-der.key +0 -0
- data/spec/functional/resource/dnf_package_spec.rb +319 -16
- data/spec/functional/resource/ohai_spec.rb +2 -10
- data/spec/functional/resource/windows_certificate_spec.rb +204 -384
- data/spec/spec_helper.rb +1 -1
- data/spec/unit/compliance/runner_spec.rb +60 -7
- data/spec/unit/http/ssl_policies_spec.rb +106 -78
- data/spec/unit/knife/bootstrap_spec.rb +5 -17
- data/spec/unit/knife/core/status_presenter_spec.rb +54 -0
- data/spec/unit/mixin/openssl_helper_spec.rb +0 -7
- data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
- data/spec/unit/provider/package/rubygems_spec.rb +39 -7
- data/spec/unit/resource/user/windows_user_spec.rb +36 -0
- metadata +32 -14
- data/spec/data/trusted_certs_empty/.gitkeep +0 -0
- data/spec/data/trusted_certs_empty/README.md +0 -1
- data/spec/scripts/ssl-serve.rb +0 -47
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6f564e93ffc06c2936ab1b862940251210177cf04ec0f53cbbb32933dd22d635
|
4
|
+
data.tar.gz: 3f625168ed2dc1f0df2caec6ecf87c541c444b425b90547a0af6404fb0c50859
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 79b495255e7fe547acd85215ec25c47704b2bae4133c5c203068e886cade61a660de0902bcb86ab2f2a29868b109046566db8d76a3303be21cef98c49131a724
|
7
|
+
data.tar.gz: e87c0defd82aba56492ac2c4a71fd59a1a2a404e9d922ab5111cfa8136c15dd23853c600b850f4922d42229a8342cd209099d2b88801a756dd3986f13642c623
|
data/Gemfile
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
source "https://rubygems.org"
|
2
2
|
|
3
|
+
# pin until issues with Windows builds in 1.14.2 are resolved
|
4
|
+
gem "ffi", "=1.13.1"
|
5
|
+
|
3
6
|
# Note we do not use the gemspec DSL which restricts to the
|
4
7
|
# gemspec for the current platform and filters out other platforms
|
5
8
|
# during a bundle lock operation. We actually want dependencies from
|
@@ -7,7 +10,7 @@ source "https://rubygems.org"
|
|
7
10
|
# of bundler versions prior to 1.12.0 (https://github.com/bundler/bundler/commit/193a14fe5e0d56294c7b370a0e59f93b2c216eed)
|
8
11
|
gem "chef", path: "."
|
9
12
|
|
10
|
-
gem "ohai", git: "https://github.com/chef/ohai.git", branch: "
|
13
|
+
gem "ohai", git: "https://github.com/chef/ohai.git", branch: "16-stable"
|
11
14
|
|
12
15
|
gem "chef-utils", path: File.expand_path("chef-utils", __dir__) if File.exist?(File.expand_path("chef-utils", __dir__))
|
13
16
|
gem "chef-config", path: File.expand_path("chef-config", __dir__) if File.exist?(File.expand_path("chef-config", __dir__))
|
@@ -50,14 +53,13 @@ end
|
|
50
53
|
|
51
54
|
group(:development, :test) do
|
52
55
|
gem "rake"
|
53
|
-
gem "rspec"
|
56
|
+
gem "rspec", "=3.9.0" # remove pin once https://github.com/chef/chef/issues/10817 is resolved
|
54
57
|
gem "webmock"
|
55
58
|
gem "fauxhai-ng" # for chef-utils gem
|
56
59
|
end
|
57
60
|
|
58
61
|
group(:chefstyle) do
|
59
|
-
|
60
|
-
gem "chefstyle", git: "https://github.com/chef/chefstyle.git", branch: "master"
|
62
|
+
gem "chefstyle", "= 1.5.9"
|
61
63
|
end
|
62
64
|
|
63
65
|
instance_eval(ENV["GEMFILE_MOD"]) if ENV["GEMFILE_MOD"]
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Chef Infra
|
2
2
|
[![Code Climate](https://codeclimate.com/github/chef/chef.svg)](https://codeclimate.com/github/chef/chef)
|
3
|
-
[![Build Status](https://badge.buildkite.com/c82093430ceec7d27af05febb9dcafe3aa331fff9d74c0ab9d.svg?branch=
|
3
|
+
[![Build Status](https://badge.buildkite.com/c82093430ceec7d27af05febb9dcafe3aa331fff9d74c0ab9d.svg?branch=chef-16)](https://buildkite.com/chef-oss/chef-chef-chef-16-verify)
|
4
4
|
[![Gem Version](https://badge.fury.io/rb/chef.svg)](https://badge.fury.io/rb/chef)
|
5
5
|
[![](https://img.shields.io/badge/Release%20Policy-Cadence%20Release-brightgreen.svg)](https://github.com/chef/chef/blob/master/docs/dev/design_documents/client_release_cadence.md)
|
6
6
|
|
data/chef.gemspec
CHANGED
@@ -35,7 +35,7 @@ Gem::Specification.new do |s|
|
|
35
35
|
s.add_dependency "net-ssh-multi", "~> 1.2", ">= 1.2.1"
|
36
36
|
s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0"
|
37
37
|
s.add_dependency "ed25519", "~> 1.2" # ed25519 ssh key support
|
38
|
-
s.add_dependency "bcrypt_pbkdf", "= 1.1.0.
|
38
|
+
s.add_dependency "bcrypt_pbkdf", "= 1.1.0.rc2" # ed25519 ssh key support
|
39
39
|
s.add_dependency "highline", ">= 1.6.9", "< 3"
|
40
40
|
s.add_dependency "tty-prompt", "~> 0.21" # knife ui.ask prompt
|
41
41
|
s.add_dependency "tty-screen", "~> 0.6" # knife list
|
@@ -51,7 +51,7 @@ Gem::Specification.new do |s|
|
|
51
51
|
s.add_dependency "iniparse", "~> 1.4"
|
52
52
|
s.add_dependency "addressable"
|
53
53
|
s.add_dependency "syslog-logger", "~> 1.6"
|
54
|
-
s.add_dependency "uuidtools", "
|
54
|
+
s.add_dependency "uuidtools", ">= 2.1.5", "< 3.0"
|
55
55
|
|
56
56
|
s.add_dependency "proxifier", "~> 1.0"
|
57
57
|
|
@@ -67,4 +67,13 @@ Gem::Specification.new do |s|
|
|
67
67
|
Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) } +
|
68
68
|
Dir.glob("*.gemspec") +
|
69
69
|
Dir.glob("tasks/rspec.rb")
|
70
|
+
|
71
|
+
s.metadata = {
|
72
|
+
"bug_tracker_uri" => "https://github.com/chef/chef/issues",
|
73
|
+
"changelog_uri" => "https://github.com/chef/chef/blob/master/CHANGELOG.md",
|
74
|
+
"documentation_uri" => "https://docs.chef.io/",
|
75
|
+
"homepage_uri" => "https://www.chef.io",
|
76
|
+
"mailing_list_uri" => "https://discourse.chef.io/",
|
77
|
+
"source_code_uri" => "https://github.com/chef/chef/",
|
78
|
+
}
|
70
79
|
end
|
@@ -83,7 +83,11 @@ class Chef
|
|
83
83
|
|
84
84
|
# The array of results per control will be truncated at this limit to avoid large reports that cannot be
|
85
85
|
# processed by Chef Automate. A summary of removed results will be sent with each impacted control.
|
86
|
-
"control_results_limit" => 50
|
86
|
+
"control_results_limit" => 50,
|
87
|
+
|
88
|
+
# If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
|
89
|
+
# named `chef_node`.
|
90
|
+
"chef_node_attribute_enabled" => false
|
87
91
|
)
|
88
92
|
end
|
89
93
|
end
|
@@ -7,8 +7,8 @@ class Chef
|
|
7
7
|
class Automate < ::InspecPlugins::Compliance::Fetcher
|
8
8
|
name "chef-automate"
|
9
9
|
|
10
|
-
#
|
11
|
-
#
|
10
|
+
# Positions this fetcher before Chef InSpec's `compliance` fetcher.
|
11
|
+
# Only load this file if you want to use Compliance Phase in Chef Solo with Chef Automate.
|
12
12
|
priority 502
|
13
13
|
|
14
14
|
CONFIG = {
|
@@ -95,11 +95,11 @@ class Chef
|
|
95
95
|
def handle_http_error_code(code)
|
96
96
|
case code
|
97
97
|
when /401|403/
|
98
|
-
Chef::Log.error "Auth issue: see
|
98
|
+
Chef::Log.error "Auth issue: see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting)."
|
99
99
|
when /404/
|
100
100
|
Chef::Log.error "Object does not exist on remote server."
|
101
101
|
when /413/
|
102
|
-
Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see
|
102
|
+
Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting) or the Chef Infra Server configuration documentation (https://docs.chef.io/server/config_rb_server/)"
|
103
103
|
when /429/
|
104
104
|
Chef::Log.error "This error typically means the data sent was larger than #{ChefUtils::Dist::Automate::PRODUCT}'s limit (4 MB). Run InSpec locally to identify any controls producing large diffs."
|
105
105
|
end
|
@@ -36,8 +36,7 @@ class Chef
|
|
36
36
|
end
|
37
37
|
|
38
38
|
unless @url && @token
|
39
|
-
Chef::Log.warn "data_collector.token and data_collector.server_url must be defined in client.rb!"
|
40
|
-
Chef::Log.warn "Further information: https://github.com/chef-cookbooks/audit#direct-reporting-to-chef-automate"
|
39
|
+
Chef::Log.warn "data_collector.token and data_collector.server_url must be defined in client.rb! Further information: https://docs.chef.io/chef_compliance_phase/#direct-reporting-to-chef-automate"
|
41
40
|
return false
|
42
41
|
end
|
43
42
|
|
@@ -7,6 +7,8 @@ class Chef
|
|
7
7
|
# Used to send inspec reports to Chef Automate server via Chef Server
|
8
8
|
#
|
9
9
|
class ChefServerAutomate < Chef::Compliance::Reporter::Automate
|
10
|
+
attr_reader :url
|
11
|
+
|
10
12
|
def initialize(opts)
|
11
13
|
@entity_uuid = opts[:entity_uuid]
|
12
14
|
@run_id = opts[:run_id]
|
@@ -74,11 +76,11 @@ class Chef
|
|
74
76
|
def handle_http_error_code(code)
|
75
77
|
case code
|
76
78
|
when /401|403/
|
77
|
-
Chef::Log.error "Auth issue: see
|
79
|
+
Chef::Log.error "Auth issue: see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting)."
|
78
80
|
when /404/
|
79
81
|
Chef::Log.error "Object does not exist on remote server."
|
80
82
|
when /413/
|
81
|
-
Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see
|
83
|
+
Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting) or the Chef Infra Server configuration documentation (https://docs.chef.io/server/config_rb_server/)"
|
82
84
|
when /429/
|
83
85
|
Chef::Log.error "This error typically means the data sent was larger than #{ChefUtils::Dist::Automate::PRODUCT}'s limit (4 MB). Run InSpec locally to identify any controls producing large diffs."
|
84
86
|
end
|
@@ -11,12 +11,14 @@ class Chef
|
|
11
11
|
class Runner < EventDispatch::Base
|
12
12
|
extend Forwardable
|
13
13
|
|
14
|
-
attr_accessor :run_id
|
14
|
+
attr_accessor :run_id
|
15
15
|
attr_reader :node
|
16
16
|
def_delegators :node, :logger
|
17
17
|
|
18
18
|
def enabled?
|
19
|
-
|
19
|
+
# Did we parse the libraries file from the audit cookbook? This class dates back to when Chef Automate was
|
20
|
+
# renamed from Chef Visibility in 2017, so should capture all modern versions of the audit cookbook.
|
21
|
+
audit_cookbook_present = defined?(::Reporter::ChefAutomate)
|
20
22
|
|
21
23
|
logger.info("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
|
22
24
|
logger.info("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
|
@@ -37,10 +39,6 @@ class Chef
|
|
37
39
|
self.run_id = run_status.run_id
|
38
40
|
end
|
39
41
|
|
40
|
-
def run_list_expanded(run_list_expansion)
|
41
|
-
self.recipes = run_list_expansion.recipes
|
42
|
-
end
|
43
|
-
|
44
42
|
def run_completed(_node, _run_status)
|
45
43
|
return unless enabled?
|
46
44
|
|
@@ -61,7 +59,6 @@ class Chef
|
|
61
59
|
|
62
60
|
DEPRECATED_CONFIG_VALUES = %w{
|
63
61
|
attributes_save
|
64
|
-
chef_node_attribute_enabled
|
65
62
|
fail_if_not_present
|
66
63
|
inspec_gem_source
|
67
64
|
inspec_version
|
@@ -93,9 +90,15 @@ class Chef
|
|
93
90
|
end
|
94
91
|
|
95
92
|
def inspec_opts
|
93
|
+
inputs = node["audit"]["attributes"].to_h
|
94
|
+
if node["audit"]["chef_node_attribute_enabled"]
|
95
|
+
inputs["chef_node"] = node.to_h
|
96
|
+
inputs["chef_node"]["chef_environment"] = node.chef_environment
|
97
|
+
end
|
98
|
+
|
96
99
|
{
|
97
100
|
backend_cache: node["audit"]["inspec_backend_cache"],
|
98
|
-
inputs:
|
101
|
+
inputs: inputs,
|
99
102
|
logger: logger,
|
100
103
|
output: node["audit"]["quiet"] ? ::File::NULL : STDOUT,
|
101
104
|
report: true,
|
@@ -178,6 +181,8 @@ class Chef
|
|
178
181
|
|
179
182
|
# extracts relevant node data
|
180
183
|
def node_info
|
184
|
+
chef_server_uri = URI(Chef::Config[:chef_server_url])
|
185
|
+
|
181
186
|
runlist_roles = node.run_list.select { |item| item.type == :role }.map(&:name)
|
182
187
|
runlist_recipes = node.run_list.select { |item| item.type == :recipe }.map(&:name)
|
183
188
|
{
|
@@ -199,52 +204,61 @@ class Chef
|
|
199
204
|
}
|
200
205
|
end
|
201
206
|
|
202
|
-
def send_report(
|
203
|
-
logger.info "Reporting to #{
|
207
|
+
def send_report(reporter_type, report)
|
208
|
+
logger.info "Reporting to #{reporter_type}"
|
209
|
+
|
210
|
+
reporter = reporter(reporter_type)
|
204
211
|
|
205
|
-
|
206
|
-
|
207
|
-
control_results_limit = node["audit"]["control_results_limit"]
|
212
|
+
reporter.send_report(report) if reporter
|
213
|
+
end
|
208
214
|
|
209
|
-
|
215
|
+
def reporter(reporter_type)
|
216
|
+
case reporter_type
|
210
217
|
when "chef-automate"
|
211
218
|
opts = {
|
219
|
+
control_results_limit: node["audit"]["control_results_limit"],
|
212
220
|
entity_uuid: node["chef_guid"],
|
213
|
-
|
221
|
+
insecure: node["audit"]["insecure"],
|
214
222
|
node_info: node_info,
|
215
|
-
|
216
|
-
run_time_limit: run_time_limit,
|
217
|
-
control_results_limit: control_results_limit,
|
223
|
+
run_id: run_id,
|
224
|
+
run_time_limit: node["audit"]["run_time_limit"],
|
218
225
|
}
|
219
|
-
Chef::Compliance::Reporter::Automate.new(opts)
|
226
|
+
Chef::Compliance::Reporter::Automate.new(opts)
|
220
227
|
when "chef-server-automate"
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
run_time_limit: run_time_limit,
|
232
|
-
control_results_limit: control_results_limit,
|
233
|
-
}
|
234
|
-
Chef::Compliance::Reporter::ChefServer.new(opts).send_report(report)
|
235
|
-
else
|
236
|
-
logger.warn "Unable to determine #{ChefUtils::Dist::Server::PRODUCT} url required by #{Inspec::Dist::PRODUCT_NAME} report collector '#{reporter}'. Skipping..."
|
237
|
-
end
|
228
|
+
opts = {
|
229
|
+
control_results_limit: node["audit"]["control_results_limit"],
|
230
|
+
entity_uuid: node["chef_guid"],
|
231
|
+
insecure: node["audit"]["insecure"],
|
232
|
+
node_info: node_info,
|
233
|
+
run_id: run_id,
|
234
|
+
run_time_limit: node["audit"]["run_time_limit"],
|
235
|
+
url: chef_server_automate_url,
|
236
|
+
}
|
237
|
+
Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
|
238
238
|
when "json-file"
|
239
239
|
path = node["audit"]["json_file"]["location"]
|
240
240
|
logger.info "Writing compliance report to #{path}"
|
241
|
-
Chef::Compliance::Reporter::JsonFile.new(file: path)
|
241
|
+
Chef::Compliance::Reporter::JsonFile.new(file: path)
|
242
242
|
when "audit-enforcer"
|
243
|
-
Chef::Compliance::Reporter::ComplianceEnforcer.new
|
243
|
+
Chef::Compliance::Reporter::ComplianceEnforcer.new
|
244
244
|
else
|
245
|
-
|
245
|
+
raise "'#{reporter_type}' is not a supported reporter for Compliance Phase."
|
246
246
|
end
|
247
247
|
end
|
248
|
+
|
249
|
+
def chef_server_automate_url
|
250
|
+
url = if node["audit"]["server"]
|
251
|
+
URI(node["audit"]["server"])
|
252
|
+
else
|
253
|
+
URI(Chef::Config[:chef_server_url]).tap do |u|
|
254
|
+
u.path = ""
|
255
|
+
end
|
256
|
+
end
|
257
|
+
|
258
|
+
org = Chef::Config[:chef_server_url].split("/").last
|
259
|
+
url.path = File.join(url.path, "organizations/#{org}/data-collector")
|
260
|
+
url
|
261
|
+
end
|
248
262
|
end
|
249
263
|
end
|
250
264
|
end
|
@@ -85,28 +85,41 @@ class Chef
|
|
85
85
|
http_client.cert_store.set_default_paths
|
86
86
|
end
|
87
87
|
if config.trusted_certs_dir
|
88
|
-
certs = Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(config.trusted_certs_dir), "*.{crt,pem}"))
|
88
|
+
certs = Dir.glob(::File.join(Chef::Util::PathHelper.escape_glob_dir(config.trusted_certs_dir), "*.{crt,pem}"))
|
89
89
|
certs.each do |cert_file|
|
90
|
-
cert =
|
90
|
+
cert = begin
|
91
|
+
OpenSSL::X509::Certificate.new(::File.binread(cert_file))
|
92
|
+
rescue OpenSSL::X509::CertificateError => e
|
93
|
+
raise Chef::Exceptions::ConfigurationError, "Error reading cert file '#{cert_file}', original error '#{e.class}: #{e.message}'"
|
94
|
+
end
|
91
95
|
add_trusted_cert(cert)
|
92
96
|
end
|
93
97
|
end
|
94
98
|
end
|
95
99
|
|
96
100
|
def set_client_credentials
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
101
|
+
return unless config[:ssl_client_cert] || config[:ssl_client_key]
|
102
|
+
|
103
|
+
unless config[:ssl_client_cert] && config[:ssl_client_key]
|
104
|
+
raise Chef::Exceptions::ConfigurationError, "You must configure ssl_client_cert and ssl_client_key together"
|
105
|
+
end
|
106
|
+
unless ::File.exists?(config[:ssl_client_cert])
|
107
|
+
raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_cert #{config[:ssl_client_cert]} does not exist"
|
108
|
+
end
|
109
|
+
unless ::File.exists?(config[:ssl_client_key])
|
110
|
+
raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_key #{config[:ssl_client_key]} does not exist"
|
111
|
+
end
|
112
|
+
|
113
|
+
begin
|
114
|
+
http_client.cert = OpenSSL::X509::Certificate.new(::File.binread(config[:ssl_client_cert]))
|
115
|
+
rescue OpenSSL::X509::CertificateError => e
|
116
|
+
raise Chef::Exceptions::ConfigurationError, "Error reading cert file '#{config[:ssl_client_cert]}', original error '#{e.class}: #{e.message}'"
|
117
|
+
end
|
107
118
|
|
108
|
-
|
109
|
-
http_client.key = OpenSSL::PKey::RSA.new(::File.
|
119
|
+
begin
|
120
|
+
http_client.key = OpenSSL::PKey::RSA.new(::File.binread(config[:ssl_client_key]))
|
121
|
+
rescue OpenSSL::PKey::RSAError => e
|
122
|
+
raise Chef::Exceptions::ConfigurationError, "Error reading key file '#{config[:ssl_client_key]}', original error '#{e.class}: #{e.message}'"
|
110
123
|
end
|
111
124
|
end
|
112
125
|
|
@@ -0,0 +1,49 @@
|
|
1
|
+
#
|
2
|
+
# Author:: Nicolas DUPEUX (<nicolas.dupeux@arkea.com>)
|
3
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
4
|
+
# License:: Apache License, Version 2.0
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
#
|
18
|
+
|
19
|
+
class Chef
|
20
|
+
class Knife
|
21
|
+
module Core
|
22
|
+
|
23
|
+
# This module may be included into a knife subcommand class to automatically
|
24
|
+
# add configuration options used by the StatusPresenter and NodePresenter.
|
25
|
+
module FormattingOptions
|
26
|
+
# @private
|
27
|
+
# Would prefer to do this in a rational way, but can't be done b/c of
|
28
|
+
# Mixlib::CLI's design :(
|
29
|
+
def self.included(includer)
|
30
|
+
includer.class_eval do
|
31
|
+
option :medium_output,
|
32
|
+
short: "-m",
|
33
|
+
long: "--medium",
|
34
|
+
boolean: true,
|
35
|
+
default: false,
|
36
|
+
description: "Include normal attributes in the output"
|
37
|
+
|
38
|
+
option :long_output,
|
39
|
+
short: "-l",
|
40
|
+
long: "--long",
|
41
|
+
boolean: true,
|
42
|
+
default: false,
|
43
|
+
description: "Include all attributes in the output"
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -23,31 +23,6 @@ class Chef
|
|
23
23
|
class Knife
|
24
24
|
module Core
|
25
25
|
|
26
|
-
# This module may be included into a knife subcommand class to automatically
|
27
|
-
# add configuration options used by the NodePresenter
|
28
|
-
module NodeFormattingOptions
|
29
|
-
# @private
|
30
|
-
# Would prefer to do this in a rational way, but can't be done b/c of
|
31
|
-
# Mixlib::CLI's design :(
|
32
|
-
def self.included(includer)
|
33
|
-
includer.class_eval do
|
34
|
-
option :medium_output,
|
35
|
-
short: "-m",
|
36
|
-
long: "--medium",
|
37
|
-
boolean: true,
|
38
|
-
default: false,
|
39
|
-
description: "Include normal attributes in the output"
|
40
|
-
|
41
|
-
option :long_output,
|
42
|
-
short: "-l",
|
43
|
-
long: "--long",
|
44
|
-
boolean: true,
|
45
|
-
default: false,
|
46
|
-
description: "Include all attributes in the output"
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
26
|
# A customized presenter for Chef::Node objects. Supports variable-length
|
52
27
|
# output formats for displaying node data
|
53
28
|
class NodePresenter < GenericPresenter
|