chef 16.8.9 → 16.9.29

Sign up to get free protection for your applications and to get access to all the features.
Files changed (65) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -4
  3. data/README.md +1 -1
  4. data/chef.gemspec +11 -2
  5. data/lib/chef/compliance/default_attributes.rb +5 -1
  6. data/lib/chef/compliance/fetcher/automate.rb +2 -2
  7. data/lib/chef/compliance/fetcher/chef_server.rb +2 -2
  8. data/lib/chef/compliance/reporter/automate.rb +1 -2
  9. data/lib/chef/compliance/reporter/chef_server_automate.rb +4 -2
  10. data/lib/chef/compliance/runner.rb +53 -39
  11. data/lib/chef/http/ssl_policies.rb +27 -14
  12. data/lib/chef/knife/core/formatting_options.rb +49 -0
  13. data/lib/chef/knife/core/node_presenter.rb +0 -25
  14. data/lib/chef/knife/core/status_presenter.rb +1 -26
  15. data/lib/chef/knife/core/windows_bootstrap_context.rb +1 -1
  16. data/lib/chef/knife/node_show.rb +2 -1
  17. data/lib/chef/knife/search.rb +2 -1
  18. data/lib/chef/knife/ssh.rb +2 -0
  19. data/lib/chef/knife/status.rb +8 -11
  20. data/lib/chef/policy_builder/policyfile.rb +1 -1
  21. data/lib/chef/provider/package.rb +53 -19
  22. data/lib/chef/provider/package/dnf.rb +39 -12
  23. data/lib/chef/provider/package/dnf/dnf_helper.py +18 -5
  24. data/lib/chef/provider/package/dnf/python_helper.rb +6 -6
  25. data/lib/chef/provider/package/freebsd/pkgng.rb +3 -1
  26. data/lib/chef/provider/yum_repository.rb +2 -2
  27. data/lib/chef/resource/chef_gem.rb +2 -2
  28. data/lib/chef/resource/cron/cron_d.rb +1 -0
  29. data/lib/chef/resource/file.rb +1 -1
  30. data/lib/chef/resource/gem_package.rb +2 -2
  31. data/lib/chef/resource/homebrew_cask.rb +3 -3
  32. data/lib/chef/resource/http_request.rb +1 -1
  33. data/lib/chef/resource/locale.rb +1 -1
  34. data/lib/chef/resource/mdadm.rb +2 -2
  35. data/lib/chef/resource/osx_profile.rb +7 -7
  36. data/lib/chef/resource/remote_directory.rb +1 -1
  37. data/lib/chef/resource/ruby.rb +1 -5
  38. data/lib/chef/resource/ruby_block.rb +1 -1
  39. data/lib/chef/resource/user/windows_user.rb +5 -0
  40. data/lib/chef/resource/windows_certificate.rb +2 -12
  41. data/lib/chef/resource/yum_repository.rb +5 -0
  42. data/lib/chef/shell.rb +32 -1
  43. data/lib/chef/version.rb +1 -1
  44. data/spec/data/rubygems.org/latest_specs.4.8.gz +0 -0
  45. data/spec/data/rubygems.org/nonexistent_gem +0 -0
  46. data/spec/data/rubygems.org/sexp_processor +0 -0
  47. data/spec/data/rubygems.org/sexp_processor-4.15.1.gemspec.rz +0 -0
  48. data/spec/data/ssl/binary/chef-rspec-der.cert +0 -0
  49. data/spec/data/ssl/binary/chef-rspec-der.key +0 -0
  50. data/spec/functional/resource/dnf_package_spec.rb +319 -16
  51. data/spec/functional/resource/ohai_spec.rb +2 -10
  52. data/spec/functional/resource/windows_certificate_spec.rb +204 -384
  53. data/spec/spec_helper.rb +1 -1
  54. data/spec/unit/compliance/runner_spec.rb +60 -7
  55. data/spec/unit/http/ssl_policies_spec.rb +106 -78
  56. data/spec/unit/knife/bootstrap_spec.rb +5 -17
  57. data/spec/unit/knife/core/status_presenter_spec.rb +54 -0
  58. data/spec/unit/mixin/openssl_helper_spec.rb +0 -7
  59. data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
  60. data/spec/unit/provider/package/rubygems_spec.rb +39 -7
  61. data/spec/unit/resource/user/windows_user_spec.rb +36 -0
  62. metadata +32 -14
  63. data/spec/data/trusted_certs_empty/.gitkeep +0 -0
  64. data/spec/data/trusted_certs_empty/README.md +0 -1
  65. data/spec/scripts/ssl-serve.rb +0 -47
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c13a95870faf2ddc93377295ea1821d3ee962c422af54147a9a5852266ef9abc
4
- data.tar.gz: 06d9ed38997dd63cef3a9d54cf7ffb064c5ca13b668cbea8ee42173ba757d880
3
+ metadata.gz: a6c9dab60254692aea21043a64b8defac066d6015d89519c9f41300490a895e8
4
+ data.tar.gz: 7f8211a80bc69ee02923040b39b6b43a7888dbd7e0ff2b395f40370968ddb6ea
5
5
  SHA512:
6
- metadata.gz: ed8ed48612596fdd94dfab56edda9b66ba3adff6bcca4475bf4d4a9b5ab9dc51f59b3db9d54aa6f468ab33aa4a8f2821a5ab9942379c0d70f641a04f8bfb48d0
7
- data.tar.gz: 8f1ebbbdbfe60ed00c66edab06a41821f5d8e9f62ab74d4c322b187b75e4f894e0f59cdf90c61b034a8496ece30e0a6eb71c3c91336a40e966fb6f9001e26d9a
6
+ metadata.gz: c2200a9759a88bd183f509a6ac2b8d9f8862f275d4da3bb73f67ea4aef2c39d5c053c3ed9925b9071b90d102d8cae30e83ec7d343f8e1446365250176119fb68
7
+ data.tar.gz: f5afad866181ddaf33ead7ddc7b877c4c25809080e88f6f788ac78a1356cc63b930c052187ca4bfd7830ff59f6455d9cd513dd29996efb743e4afeba7595f67a
data/Gemfile CHANGED
@@ -1,5 +1,8 @@
1
1
  source "https://rubygems.org"
2
2
 
3
+ # pin until issues with Windows builds in 1.14.2 are resolved
4
+ gem "ffi", "=1.13.1"
5
+
3
6
  # Note we do not use the gemspec DSL which restricts to the
4
7
  # gemspec for the current platform and filters out other platforms
5
8
  # during a bundle lock operation. We actually want dependencies from
@@ -7,7 +10,7 @@ source "https://rubygems.org"
7
10
  # of bundler versions prior to 1.12.0 (https://github.com/bundler/bundler/commit/193a14fe5e0d56294c7b370a0e59f93b2c216eed)
8
11
  gem "chef", path: "."
9
12
 
10
- gem "ohai", git: "https://github.com/chef/ohai.git", branch: "master"
13
+ gem "ohai", git: "https://github.com/chef/ohai.git", branch: "16-stable"
11
14
 
12
15
  gem "chef-utils", path: File.expand_path("chef-utils", __dir__) if File.exist?(File.expand_path("chef-utils", __dir__))
13
16
  gem "chef-config", path: File.expand_path("chef-config", __dir__) if File.exist?(File.expand_path("chef-config", __dir__))
@@ -50,14 +53,13 @@ end
50
53
 
51
54
  group(:development, :test) do
52
55
  gem "rake"
53
- gem "rspec"
56
+ gem "rspec", "=3.9.0" # remove pin once https://github.com/chef/chef/issues/10817 is resolved
54
57
  gem "webmock"
55
58
  gem "fauxhai-ng" # for chef-utils gem
56
59
  end
57
60
 
58
61
  group(:chefstyle) do
59
- # for testing new chefstyle rules
60
- gem "chefstyle", git: "https://github.com/chef/chefstyle.git", branch: "master"
62
+ gem "chefstyle", "= 1.5.9"
61
63
  end
62
64
 
63
65
  instance_eval(ENV["GEMFILE_MOD"]) if ENV["GEMFILE_MOD"]
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Chef Infra
2
2
  [![Code Climate](https://codeclimate.com/github/chef/chef.svg)](https://codeclimate.com/github/chef/chef)
3
- [![Build Status](https://badge.buildkite.com/c82093430ceec7d27af05febb9dcafe3aa331fff9d74c0ab9d.svg?branch=master)](https://buildkite.com/chef-oss/chef-chef-master-verify)
3
+ [![Build Status](https://badge.buildkite.com/c82093430ceec7d27af05febb9dcafe3aa331fff9d74c0ab9d.svg?branch=chef-16)](https://buildkite.com/chef-oss/chef-chef-chef-16-verify)
4
4
  [![Gem Version](https://badge.fury.io/rb/chef.svg)](https://badge.fury.io/rb/chef)
5
5
  [![](https://img.shields.io/badge/Release%20Policy-Cadence%20Release-brightgreen.svg)](https://github.com/chef/chef/blob/master/docs/dev/design_documents/client_release_cadence.md)
6
6
 
@@ -35,7 +35,7 @@ Gem::Specification.new do |s|
35
35
  s.add_dependency "net-ssh-multi", "~> 1.2", ">= 1.2.1"
36
36
  s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0"
37
37
  s.add_dependency "ed25519", "~> 1.2" # ed25519 ssh key support
38
- s.add_dependency "bcrypt_pbkdf", "= 1.1.0.rc1" # ed25519 ssh key support
38
+ s.add_dependency "bcrypt_pbkdf", "= 1.1.0.rc2" # ed25519 ssh key support
39
39
  s.add_dependency "highline", ">= 1.6.9", "< 3"
40
40
  s.add_dependency "tty-prompt", "~> 0.21" # knife ui.ask prompt
41
41
  s.add_dependency "tty-screen", "~> 0.6" # knife list
@@ -51,7 +51,7 @@ Gem::Specification.new do |s|
51
51
  s.add_dependency "iniparse", "~> 1.4"
52
52
  s.add_dependency "addressable"
53
53
  s.add_dependency "syslog-logger", "~> 1.6"
54
- s.add_dependency "uuidtools", "~> 2.1.5"
54
+ s.add_dependency "uuidtools", ">= 2.1.5", "< 3.0"
55
55
 
56
56
  s.add_dependency "proxifier", "~> 1.0"
57
57
 
@@ -67,4 +67,13 @@ Gem::Specification.new do |s|
67
67
  Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject { |f| File.directory?(f) } +
68
68
  Dir.glob("*.gemspec") +
69
69
  Dir.glob("tasks/rspec.rb")
70
+
71
+ s.metadata = {
72
+ "bug_tracker_uri" => "https://github.com/chef/chef/issues",
73
+ "changelog_uri" => "https://github.com/chef/chef/blob/master/CHANGELOG.md",
74
+ "documentation_uri" => "https://docs.chef.io/",
75
+ "homepage_uri" => "https://www.chef.io",
76
+ "mailing_list_uri" => "https://discourse.chef.io/",
77
+ "source_code_uri" => "https://github.com/chef/chef/",
78
+ }
70
79
  end
@@ -83,7 +83,11 @@ class Chef
83
83
 
84
84
  # The array of results per control will be truncated at this limit to avoid large reports that cannot be
85
85
  # processed by Chef Automate. A summary of removed results will be sent with each impacted control.
86
- "control_results_limit" => 50
86
+ "control_results_limit" => 50,
87
+
88
+ # If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
89
+ # named `chef_node`.
90
+ "chef_node_attribute_enabled" => false
87
91
  )
88
92
  end
89
93
  end
@@ -7,8 +7,8 @@ class Chef
7
7
  class Automate < ::InspecPlugins::Compliance::Fetcher
8
8
  name "chef-automate"
9
9
 
10
- # it positions itself before `compliance` fetcher
11
- # only load it, if you want to use audit cookbook in Chef Solo with Chef Automate
10
+ # Positions this fetcher before Chef InSpec's `compliance` fetcher.
11
+ # Only load this file if you want to use Compliance Phase in Chef Solo with Chef Automate.
12
12
  priority 502
13
13
 
14
14
  CONFIG = {
@@ -95,11 +95,11 @@ class Chef
95
95
  def handle_http_error_code(code)
96
96
  case code
97
97
  when /401|403/
98
- Chef::Log.error "Auth issue: see audit cookbook TROUBLESHOOTING.md"
98
+ Chef::Log.error "Auth issue: see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting)."
99
99
  when /404/
100
100
  Chef::Log.error "Object does not exist on remote server."
101
101
  when /413/
102
- Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see audit cookbook TROUBLESHOOTING.md OR https://docs.chef.io/config_rb_server.html"
102
+ Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting) or the Chef Infra Server configuration documentation (https://docs.chef.io/server/config_rb_server/)"
103
103
  when /429/
104
104
  Chef::Log.error "This error typically means the data sent was larger than #{ChefUtils::Dist::Automate::PRODUCT}'s limit (4 MB). Run InSpec locally to identify any controls producing large diffs."
105
105
  end
@@ -36,8 +36,7 @@ class Chef
36
36
  end
37
37
 
38
38
  unless @url && @token
39
- Chef::Log.warn "data_collector.token and data_collector.server_url must be defined in client.rb!"
40
- Chef::Log.warn "Further information: https://github.com/chef-cookbooks/audit#direct-reporting-to-chef-automate"
39
+ Chef::Log.warn "data_collector.token and data_collector.server_url must be defined in client.rb! Further information: https://docs.chef.io/chef_compliance_phase/#direct-reporting-to-chef-automate"
41
40
  return false
42
41
  end
43
42
 
@@ -7,6 +7,8 @@ class Chef
7
7
  # Used to send inspec reports to Chef Automate server via Chef Server
8
8
  #
9
9
  class ChefServerAutomate < Chef::Compliance::Reporter::Automate
10
+ attr_reader :url
11
+
10
12
  def initialize(opts)
11
13
  @entity_uuid = opts[:entity_uuid]
12
14
  @run_id = opts[:run_id]
@@ -74,11 +76,11 @@ class Chef
74
76
  def handle_http_error_code(code)
75
77
  case code
76
78
  when /401|403/
77
- Chef::Log.error "Auth issue: see audit cookbook TROUBLESHOOTING.md"
79
+ Chef::Log.error "Auth issue: see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting)."
78
80
  when /404/
79
81
  Chef::Log.error "Object does not exist on remote server."
80
82
  when /413/
81
- Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see audit cookbook TROUBLESHOOTING.md OR https://docs.chef.io/config_rb_server.html"
83
+ Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see the Compliance Phase troubleshooting documentation (http://docs.chef.io/chef_compliance_phase/#troubleshooting) or the Chef Infra Server configuration documentation (https://docs.chef.io/server/config_rb_server/)"
82
84
  when /429/
83
85
  Chef::Log.error "This error typically means the data sent was larger than #{ChefUtils::Dist::Automate::PRODUCT}'s limit (4 MB). Run InSpec locally to identify any controls producing large diffs."
84
86
  end
@@ -11,12 +11,14 @@ class Chef
11
11
  class Runner < EventDispatch::Base
12
12
  extend Forwardable
13
13
 
14
- attr_accessor :run_id, :recipes
14
+ attr_accessor :run_id
15
15
  attr_reader :node
16
16
  def_delegators :node, :logger
17
17
 
18
18
  def enabled?
19
- audit_cookbook_present = recipes.include?("audit::default")
19
+ # Did we parse the libraries file from the audit cookbook? This class dates back to when Chef Automate was
20
+ # renamed from Chef Visibility in 2017, so should capture all modern versions of the audit cookbook.
21
+ audit_cookbook_present = defined?(::Reporter::ChefAutomate)
20
22
 
21
23
  logger.info("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
22
24
  logger.info("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
@@ -37,10 +39,6 @@ class Chef
37
39
  self.run_id = run_status.run_id
38
40
  end
39
41
 
40
- def run_list_expanded(run_list_expansion)
41
- self.recipes = run_list_expansion.recipes
42
- end
43
-
44
42
  def run_completed(_node, _run_status)
45
43
  return unless enabled?
46
44
 
@@ -61,7 +59,6 @@ class Chef
61
59
 
62
60
  DEPRECATED_CONFIG_VALUES = %w{
63
61
  attributes_save
64
- chef_node_attribute_enabled
65
62
  fail_if_not_present
66
63
  inspec_gem_source
67
64
  inspec_version
@@ -93,9 +90,15 @@ class Chef
93
90
  end
94
91
 
95
92
  def inspec_opts
93
+ inputs = node["audit"]["attributes"].to_h
94
+ if node["audit"]["chef_node_attribute_enabled"]
95
+ inputs["chef_node"] = node.to_h
96
+ inputs["chef_node"]["chef_environment"] = node.chef_environment
97
+ end
98
+
96
99
  {
97
100
  backend_cache: node["audit"]["inspec_backend_cache"],
98
- inputs: node["audit"]["attributes"],
101
+ inputs: inputs,
99
102
  logger: logger,
100
103
  output: node["audit"]["quiet"] ? ::File::NULL : STDOUT,
101
104
  report: true,
@@ -178,6 +181,8 @@ class Chef
178
181
 
179
182
  # extracts relevant node data
180
183
  def node_info
184
+ chef_server_uri = URI(Chef::Config[:chef_server_url])
185
+
181
186
  runlist_roles = node.run_list.select { |item| item.type == :role }.map(&:name)
182
187
  runlist_recipes = node.run_list.select { |item| item.type == :recipe }.map(&:name)
183
188
  {
@@ -199,52 +204,61 @@ class Chef
199
204
  }
200
205
  end
201
206
 
202
- def send_report(reporter, report)
203
- logger.info "Reporting to #{reporter}"
207
+ def send_report(reporter_type, report)
208
+ logger.info "Reporting to #{reporter_type}"
209
+
210
+ reporter = reporter(reporter_type)
204
211
 
205
- insecure = node["audit"]["insecure"]
206
- run_time_limit = node["audit"]["run_time_limit"]
207
- control_results_limit = node["audit"]["control_results_limit"]
212
+ reporter.send_report(report) if reporter
213
+ end
208
214
 
209
- case reporter
215
+ def reporter(reporter_type)
216
+ case reporter_type
210
217
  when "chef-automate"
211
218
  opts = {
219
+ control_results_limit: node["audit"]["control_results_limit"],
212
220
  entity_uuid: node["chef_guid"],
213
- run_id: run_id,
221
+ insecure: node["audit"]["insecure"],
214
222
  node_info: node_info,
215
- insecure: insecure,
216
- run_time_limit: run_time_limit,
217
- control_results_limit: control_results_limit,
223
+ run_id: run_id,
224
+ run_time_limit: node["audit"]["run_time_limit"],
218
225
  }
219
- Chef::Compliance::Reporter::Automate.new(opts).send_report(report)
226
+ Chef::Compliance::Reporter::Automate.new(opts)
220
227
  when "chef-server-automate"
221
- chef_url = node["audit"]["server"] || base_chef_server_url
222
- chef_org = Chef::Config[:chef_server_url].split("/").last
223
- if chef_url
224
- url = construct_url(chef_url, File.join("organizations", chef_org, "data-collector"))
225
- opts = {
226
- entity_uuid: node["chef_guid"],
227
- run_id: run_id,
228
- node_info: node_info,
229
- insecure: insecure,
230
- url: url,
231
- run_time_limit: run_time_limit,
232
- control_results_limit: control_results_limit,
233
- }
234
- Chef::Compliance::Reporter::ChefServer.new(opts).send_report(report)
235
- else
236
- logger.warn "Unable to determine #{ChefUtils::Dist::Server::PRODUCT} url required by #{Inspec::Dist::PRODUCT_NAME} report collector '#{reporter}'. Skipping..."
237
- end
228
+ opts = {
229
+ control_results_limit: node["audit"]["control_results_limit"],
230
+ entity_uuid: node["chef_guid"],
231
+ insecure: node["audit"]["insecure"],
232
+ node_info: node_info,
233
+ run_id: run_id,
234
+ run_time_limit: node["audit"]["run_time_limit"],
235
+ url: chef_server_automate_url,
236
+ }
237
+ Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
238
238
  when "json-file"
239
239
  path = node["audit"]["json_file"]["location"]
240
240
  logger.info "Writing compliance report to #{path}"
241
- Chef::Compliance::Reporter::JsonFile.new(file: path).send_report(report)
241
+ Chef::Compliance::Reporter::JsonFile.new(file: path)
242
242
  when "audit-enforcer"
243
- Chef::Compliance::Reporter::ComplianceEnforcer.new.send_report(report)
243
+ Chef::Compliance::Reporter::ComplianceEnforcer.new
244
244
  else
245
- logger.warn "#{reporter} is not a supported #{Inspec::Dist::PRODUCT_NAME} report collector"
245
+ raise "'#{reporter_type}' is not a supported reporter for Compliance Phase."
246
246
  end
247
247
  end
248
+
249
+ def chef_server_automate_url
250
+ url = if node["audit"]["server"]
251
+ URI(node["audit"]["server"])
252
+ else
253
+ URI(Chef::Config[:chef_server_url]).tap do |u|
254
+ u.path = ""
255
+ end
256
+ end
257
+
258
+ org = Chef::Config[:chef_server_url].split("/").last
259
+ url.path = File.join(url.path, "organizations/#{org}/data-collector")
260
+ url
261
+ end
248
262
  end
249
263
  end
250
264
  end
@@ -85,28 +85,41 @@ class Chef
85
85
  http_client.cert_store.set_default_paths
86
86
  end
87
87
  if config.trusted_certs_dir
88
- certs = Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(config.trusted_certs_dir), "*.{crt,pem}"))
88
+ certs = Dir.glob(::File.join(Chef::Util::PathHelper.escape_glob_dir(config.trusted_certs_dir), "*.{crt,pem}"))
89
89
  certs.each do |cert_file|
90
- cert = OpenSSL::X509::Certificate.new(File.read(cert_file))
90
+ cert = begin
91
+ OpenSSL::X509::Certificate.new(::File.binread(cert_file))
92
+ rescue OpenSSL::X509::CertificateError => e
93
+ raise Chef::Exceptions::ConfigurationError, "Error reading cert file '#{cert_file}', original error '#{e.class}: #{e.message}'"
94
+ end
91
95
  add_trusted_cert(cert)
92
96
  end
93
97
  end
94
98
  end
95
99
 
96
100
  def set_client_credentials
97
- if config[:ssl_client_cert] || config[:ssl_client_key]
98
- unless config[:ssl_client_cert] && config[:ssl_client_key]
99
- raise Chef::Exceptions::ConfigurationError, "You must configure ssl_client_cert and ssl_client_key together"
100
- end
101
- unless ::File.exists?(config[:ssl_client_cert])
102
- raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_cert #{config[:ssl_client_cert]} does not exist"
103
- end
104
- unless ::File.exists?(config[:ssl_client_key])
105
- raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_key #{config[:ssl_client_key]} does not exist"
106
- end
101
+ return unless config[:ssl_client_cert] || config[:ssl_client_key]
102
+
103
+ unless config[:ssl_client_cert] && config[:ssl_client_key]
104
+ raise Chef::Exceptions::ConfigurationError, "You must configure ssl_client_cert and ssl_client_key together"
105
+ end
106
+ unless ::File.exists?(config[:ssl_client_cert])
107
+ raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_cert #{config[:ssl_client_cert]} does not exist"
108
+ end
109
+ unless ::File.exists?(config[:ssl_client_key])
110
+ raise Chef::Exceptions::ConfigurationError, "The configured ssl_client_key #{config[:ssl_client_key]} does not exist"
111
+ end
112
+
113
+ begin
114
+ http_client.cert = OpenSSL::X509::Certificate.new(::File.binread(config[:ssl_client_cert]))
115
+ rescue OpenSSL::X509::CertificateError => e
116
+ raise Chef::Exceptions::ConfigurationError, "Error reading cert file '#{config[:ssl_client_cert]}', original error '#{e.class}: #{e.message}'"
117
+ end
107
118
 
108
- http_client.cert = OpenSSL::X509::Certificate.new(::File.read(config[:ssl_client_cert]))
109
- http_client.key = OpenSSL::PKey::RSA.new(::File.read(config[:ssl_client_key]))
119
+ begin
120
+ http_client.key = OpenSSL::PKey::RSA.new(::File.binread(config[:ssl_client_key]))
121
+ rescue OpenSSL::PKey::RSAError => e
122
+ raise Chef::Exceptions::ConfigurationError, "Error reading key file '#{config[:ssl_client_key]}', original error '#{e.class}: #{e.message}'"
110
123
  end
111
124
  end
112
125
 
@@ -0,0 +1,49 @@
1
+ #
2
+ # Author:: Nicolas DUPEUX (<nicolas.dupeux@arkea.com>)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ class Chef
20
+ class Knife
21
+ module Core
22
+
23
+ # This module may be included into a knife subcommand class to automatically
24
+ # add configuration options used by the StatusPresenter and NodePresenter.
25
+ module FormattingOptions
26
+ # @private
27
+ # Would prefer to do this in a rational way, but can't be done b/c of
28
+ # Mixlib::CLI's design :(
29
+ def self.included(includer)
30
+ includer.class_eval do
31
+ option :medium_output,
32
+ short: "-m",
33
+ long: "--medium",
34
+ boolean: true,
35
+ default: false,
36
+ description: "Include normal attributes in the output"
37
+
38
+ option :long_output,
39
+ short: "-l",
40
+ long: "--long",
41
+ boolean: true,
42
+ default: false,
43
+ description: "Include all attributes in the output"
44
+ end
45
+ end
46
+ end
47
+ end
48
+ end
49
+ end
@@ -23,31 +23,6 @@ class Chef
23
23
  class Knife
24
24
  module Core
25
25
 
26
- # This module may be included into a knife subcommand class to automatically
27
- # add configuration options used by the NodePresenter
28
- module NodeFormattingOptions
29
- # @private
30
- # Would prefer to do this in a rational way, but can't be done b/c of
31
- # Mixlib::CLI's design :(
32
- def self.included(includer)
33
- includer.class_eval do
34
- option :medium_output,
35
- short: "-m",
36
- long: "--medium",
37
- boolean: true,
38
- default: false,
39
- description: "Include normal attributes in the output"
40
-
41
- option :long_output,
42
- short: "-l",
43
- long: "--long",
44
- boolean: true,
45
- default: false,
46
- description: "Include all attributes in the output"
47
- end
48
- end
49
- end
50
-
51
26
  # A customized presenter for Chef::Node objects. Supports variable-length
52
27
  # output formats for displaying node data
53
28
  class NodePresenter < GenericPresenter