cheffish 1.1.2 → 1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/cheffish/chef_run.rb +13 -0
- data/lib/cheffish/rspec.rb +8 -0
- data/lib/cheffish/rspec/chef_run_support.rb +19 -52
- data/lib/cheffish/rspec/matchers.rb +4 -81
- data/lib/cheffish/rspec/matchers/be_idempotent.rb +16 -0
- data/lib/cheffish/rspec/matchers/emit_no_warnings_or_errors.rb +15 -0
- data/lib/cheffish/rspec/matchers/have_updated.rb +37 -0
- data/lib/cheffish/rspec/matchers/partially_match.rb +63 -0
- data/lib/cheffish/rspec/recipe_run_wrapper.rb +2 -2
- data/lib/cheffish/rspec/repository_support.rb +1 -1
- data/lib/cheffish/version.rb +1 -1
- data/spec/integration/chef_acl_spec.rb +384 -420
- data/spec/integration/chef_client_spec.rb +18 -24
- data/spec/integration/chef_container_spec.rb +4 -6
- data/spec/integration/chef_group_spec.rb +30 -46
- data/spec/integration/chef_mirror_spec.rb +60 -89
- data/spec/integration/chef_node_spec.rb +96 -124
- data/spec/integration/chef_organization_spec.rb +38 -57
- data/spec/integration/chef_user_spec.rb +16 -22
- data/spec/integration/private_key_spec.rb +120 -168
- data/spec/integration/recipe_dsl_spec.rb +4 -6
- data/spec/support/spec_support.rb +1 -2
- metadata +13 -8
- data/lib/cheffish/rspec/chef_run_wrapper.rb +0 -5
|
@@ -12,10 +12,9 @@ describe Chef::Resource::ChefOrganization do
|
|
|
12
12
|
user 'u2', {}
|
|
13
13
|
|
|
14
14
|
it 'chef_organization "x" creates the organization' do
|
|
15
|
-
|
|
15
|
+
expect_recipe {
|
|
16
16
|
chef_organization 'x'
|
|
17
|
-
|
|
18
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
17
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
19
18
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
20
19
|
end
|
|
21
20
|
end
|
|
@@ -32,40 +31,36 @@ describe Chef::Resource::ChefOrganization do
|
|
|
32
31
|
user 'u2', {}
|
|
33
32
|
|
|
34
33
|
it 'chef_organization "x" creates the organization' do
|
|
35
|
-
|
|
34
|
+
expect_recipe {
|
|
36
35
|
chef_organization 'x'
|
|
37
|
-
|
|
38
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
36
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
39
37
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
40
38
|
end
|
|
41
39
|
|
|
42
40
|
it 'chef_organization "x" with full_name creates the organization' do
|
|
43
|
-
|
|
41
|
+
expect_recipe {
|
|
44
42
|
chef_organization 'x' do
|
|
45
43
|
full_name 'Hi'
|
|
46
44
|
end
|
|
47
|
-
|
|
48
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
45
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
49
46
|
expect(get('/organizations/x')['full_name']).to eq('Hi')
|
|
50
47
|
end
|
|
51
48
|
|
|
52
49
|
it 'chef_organization "x" and inviting users creates the invites' do
|
|
53
|
-
|
|
50
|
+
expect_recipe {
|
|
54
51
|
chef_organization 'x' do
|
|
55
52
|
invites 'u', 'u2'
|
|
56
53
|
end
|
|
57
|
-
|
|
58
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
54
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
59
55
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(u u2))
|
|
60
56
|
end
|
|
61
57
|
|
|
62
58
|
it 'chef_organization "x" adds members' do
|
|
63
|
-
|
|
59
|
+
expect_recipe {
|
|
64
60
|
chef_organization 'x' do
|
|
65
61
|
members 'u', 'u2'
|
|
66
62
|
end
|
|
67
|
-
|
|
68
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
63
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
69
64
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(u u2))
|
|
70
65
|
end
|
|
71
66
|
end
|
|
@@ -84,156 +79,142 @@ describe Chef::Resource::ChefOrganization do
|
|
|
84
79
|
end
|
|
85
80
|
|
|
86
81
|
it 'chef_organization "x" changes nothing' do
|
|
87
|
-
|
|
82
|
+
expect_recipe {
|
|
88
83
|
chef_organization 'x'
|
|
89
|
-
|
|
90
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
84
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
91
85
|
expect(get('/organizations/x')['full_name']).to eq('Lo')
|
|
92
86
|
end
|
|
93
87
|
|
|
94
88
|
it 'chef_organization "x" with "complete true" reverts the full_name' do
|
|
95
|
-
|
|
89
|
+
expect_recipe {
|
|
96
90
|
chef_organization 'x' do
|
|
97
91
|
complete true
|
|
98
92
|
end
|
|
99
|
-
|
|
100
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
93
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
101
94
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
102
95
|
end
|
|
103
96
|
|
|
104
97
|
it 'chef_organization "x" with new full_name updates the organization' do
|
|
105
|
-
|
|
98
|
+
expect_recipe {
|
|
106
99
|
chef_organization 'x' do
|
|
107
100
|
full_name 'Hi'
|
|
108
101
|
end
|
|
109
|
-
|
|
110
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
102
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
111
103
|
expect(get('/organizations/x')['full_name']).to eq('Hi')
|
|
112
104
|
end
|
|
113
105
|
|
|
114
106
|
context 'invites and membership tests' do
|
|
115
107
|
it 'chef_organization "x" and inviting users creates the invites' do
|
|
116
|
-
|
|
108
|
+
expect_recipe {
|
|
117
109
|
chef_organization 'x' do
|
|
118
110
|
invites 'u', 'u2'
|
|
119
111
|
end
|
|
120
|
-
|
|
121
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
112
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
122
113
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2 u u2))
|
|
123
114
|
end
|
|
124
115
|
|
|
125
116
|
it 'chef_organization "x" adds members' do
|
|
126
|
-
|
|
117
|
+
expect_recipe {
|
|
127
118
|
chef_organization 'x' do
|
|
128
119
|
members 'u', 'u2'
|
|
129
120
|
end
|
|
130
|
-
|
|
131
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
121
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
132
122
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2 u u2))
|
|
133
123
|
end
|
|
134
124
|
|
|
135
125
|
it 'chef_organization "x" does nothing when inviting already-invited users and members' do
|
|
136
|
-
|
|
126
|
+
expect_recipe {
|
|
137
127
|
chef_organization 'x' do
|
|
138
128
|
invites 'invited', 'member'
|
|
139
129
|
end
|
|
140
|
-
|
|
141
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
130
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
142
131
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
143
132
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
144
133
|
end
|
|
145
134
|
|
|
146
135
|
it 'chef_organization "x" does nothing when adding members who are already members' do
|
|
147
|
-
|
|
136
|
+
expect_recipe {
|
|
148
137
|
chef_organization 'x' do
|
|
149
138
|
members 'member'
|
|
150
139
|
end
|
|
151
|
-
|
|
152
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
140
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
153
141
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
154
142
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
155
143
|
end
|
|
156
144
|
|
|
157
145
|
it 'chef_organization "x" upgrades invites to members when asked' do
|
|
158
|
-
|
|
146
|
+
expect_recipe {
|
|
159
147
|
chef_organization 'x' do
|
|
160
148
|
members 'invited'
|
|
161
149
|
end
|
|
162
|
-
|
|
163
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
150
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
164
151
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(invited member member2))
|
|
165
152
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited2))
|
|
166
153
|
end
|
|
167
154
|
|
|
168
155
|
it 'chef_organization "x" removes members and invites when asked' do
|
|
169
|
-
|
|
156
|
+
expect_recipe {
|
|
170
157
|
chef_organization 'x' do
|
|
171
158
|
remove_members 'invited', 'member'
|
|
172
159
|
end
|
|
173
|
-
|
|
174
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
160
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
175
161
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited2))
|
|
176
162
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member2))
|
|
177
163
|
end
|
|
178
164
|
|
|
179
165
|
it 'chef_organization "x" does nothing when asked to remove non-members' do
|
|
180
|
-
|
|
166
|
+
expect_recipe {
|
|
181
167
|
chef_organization 'x' do
|
|
182
168
|
remove_members 'u', 'u2'
|
|
183
169
|
end
|
|
184
|
-
|
|
185
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
170
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
186
171
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
187
172
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
188
173
|
end
|
|
189
174
|
|
|
190
175
|
it 'chef_organization "x" with "complete true" reverts the full_name but does not remove invites or members' do
|
|
191
|
-
|
|
176
|
+
expect_recipe {
|
|
192
177
|
chef_organization 'x' do
|
|
193
178
|
complete true
|
|
194
179
|
end
|
|
195
|
-
|
|
196
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
180
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
197
181
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
198
182
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
199
183
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
200
184
|
end
|
|
201
185
|
|
|
202
186
|
it 'chef_organization "x" with members [] and "complete true" removes invites and members' do
|
|
203
|
-
|
|
187
|
+
expect_recipe {
|
|
204
188
|
chef_organization 'x' do
|
|
205
189
|
members []
|
|
206
190
|
complete true
|
|
207
191
|
end
|
|
208
|
-
|
|
209
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
192
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
210
193
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
211
194
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq([])
|
|
212
195
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq([])
|
|
213
196
|
end
|
|
214
197
|
|
|
215
198
|
it 'chef_organization "x" with members [] and "complete true" removes invites but not members' do
|
|
216
|
-
|
|
199
|
+
expect_recipe {
|
|
217
200
|
chef_organization 'x' do
|
|
218
201
|
invites []
|
|
219
202
|
complete true
|
|
220
203
|
end
|
|
221
|
-
|
|
222
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
204
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
223
205
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
224
206
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq([])
|
|
225
207
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
226
208
|
end
|
|
227
209
|
|
|
228
210
|
it 'chef_organization "x" with invites, members and "complete true" removes all non-specified invites and members' do
|
|
229
|
-
|
|
211
|
+
expect_recipe {
|
|
230
212
|
chef_organization 'x' do
|
|
231
213
|
invites 'invited', 'u'
|
|
232
214
|
members 'member', 'u2'
|
|
233
215
|
complete true
|
|
234
216
|
end
|
|
235
|
-
|
|
236
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
217
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
237
218
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
238
219
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited u))
|
|
239
220
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member u2))
|
|
@@ -9,20 +9,18 @@ repo_path = Dir.mktmpdir('chef_repo')
|
|
|
9
9
|
describe Chef::Resource::ChefUser do
|
|
10
10
|
extend Cheffish::RSpec::ChefRunSupport
|
|
11
11
|
|
|
12
|
-
|
|
12
|
+
with_converge do
|
|
13
13
|
private_key "#{repo_path}/blah.pem"
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
when_the_chef_server 'is empty' do
|
|
17
17
|
context 'and we run a recipe that creates user "blah"'do
|
|
18
|
-
with_converge do
|
|
19
|
-
chef_user 'blah' do
|
|
20
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
|
|
24
18
|
it 'the user gets created' do
|
|
25
|
-
|
|
19
|
+
expect_recipe {
|
|
20
|
+
chef_user 'blah' do
|
|
21
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
22
|
+
end
|
|
23
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
26
24
|
user = get('/users/blah')
|
|
27
25
|
expect(user['name']).to eq('blah')
|
|
28
26
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -48,14 +46,12 @@ describe Chef::Resource::ChefUser do
|
|
|
48
46
|
when_the_chef_12_server 'is in multi-org mode' do
|
|
49
47
|
context 'and chef_server_url is pointed at the top level' do
|
|
50
48
|
context 'and we run a recipe that creates user "blah"'do
|
|
51
|
-
with_converge do
|
|
52
|
-
chef_user 'blah' do
|
|
53
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
|
|
57
49
|
it 'the user gets created' do
|
|
58
|
-
|
|
50
|
+
expect_recipe {
|
|
51
|
+
chef_user 'blah' do
|
|
52
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
53
|
+
end
|
|
54
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
59
55
|
user = get('/users/blah')
|
|
60
56
|
expect(user['name']).to eq('blah')
|
|
61
57
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -72,14 +68,12 @@ describe Chef::Resource::ChefUser do
|
|
|
72
68
|
end
|
|
73
69
|
|
|
74
70
|
context 'and we run a recipe that creates user "blah"'do
|
|
75
|
-
with_converge do
|
|
76
|
-
chef_user 'blah' do
|
|
77
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
71
|
it 'the user gets created' do
|
|
82
|
-
|
|
72
|
+
expect_recipe {
|
|
73
|
+
chef_user 'blah' do
|
|
74
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
75
|
+
end
|
|
76
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
83
77
|
user = get('/users/blah')
|
|
84
78
|
expect(user['name']).to eq('blah')
|
|
85
79
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -17,12 +17,10 @@ describe Chef::Resource::PrivateKey do
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
context 'with a recipe with a private_key' do
|
|
20
|
-
with_recipe do
|
|
21
|
-
private_key "#{repo_path}/blah"
|
|
22
|
-
end
|
|
23
|
-
|
|
24
20
|
it 'the private_key is created in pem format' do
|
|
25
|
-
|
|
21
|
+
expect_recipe {
|
|
22
|
+
private_key "#{repo_path}/blah"
|
|
23
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
26
24
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
27
25
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
28
26
|
end
|
|
@@ -34,12 +32,10 @@ describe Chef::Resource::PrivateKey do
|
|
|
34
32
|
Chef::Config.private_key_paths = [ repo_path, "#{repo_path}/other_keys" ]
|
|
35
33
|
end
|
|
36
34
|
|
|
37
|
-
with_recipe do
|
|
38
|
-
private_key 'blah'
|
|
39
|
-
end
|
|
40
|
-
|
|
41
35
|
it 'the private key is created in the private_key_write_path' do
|
|
42
|
-
|
|
36
|
+
expect_recipe {
|
|
37
|
+
private_key 'blah'
|
|
38
|
+
}.to have_updated "private_key[blah]", :create
|
|
43
39
|
expect(Chef::Config.private_key_write_path).to eq(repo_path)
|
|
44
40
|
expect(File.exist?("#{repo_path}/blah")).to be true
|
|
45
41
|
expect(File.exist?("#{repo_path}/other_keys/blah")).to be false
|
|
@@ -49,13 +45,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
49
45
|
|
|
50
46
|
context 'and the private key already exists somewhere not in the write path' do
|
|
51
47
|
before :each do
|
|
52
|
-
|
|
53
|
-
private_key "#{repo_path}/other_keys/blah"
|
|
54
|
-
end
|
|
48
|
+
recipe { private_key "#{repo_path}/other_keys/blah" }.converge
|
|
55
49
|
end
|
|
56
50
|
|
|
57
51
|
it 'the private expect(key).to not update' do
|
|
58
|
-
|
|
52
|
+
expect_recipe {
|
|
53
|
+
private_key 'blah'
|
|
54
|
+
}.not_to have_updated "private_key[blah]", :create
|
|
59
55
|
|
|
60
56
|
expect(File.exist?("#{repo_path}/blah")).to be false
|
|
61
57
|
expect(File.exist?("#{repo_path}/other_keys/blah")).to be true
|
|
@@ -71,15 +67,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
71
67
|
end
|
|
72
68
|
|
|
73
69
|
context 'and a private_key that copies it in der format' do
|
|
74
|
-
with_converge do
|
|
75
|
-
private_key "#{repo_path}/blah.der" do
|
|
76
|
-
source_key_path "#{repo_path}/blah"
|
|
77
|
-
format :der
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
70
|
it 'the private_key is copied in der format and is identical' do
|
|
82
|
-
|
|
71
|
+
expect_recipe {
|
|
72
|
+
private_key "#{repo_path}/blah.der" do
|
|
73
|
+
source_key_path "#{repo_path}/blah"
|
|
74
|
+
format :der
|
|
75
|
+
end
|
|
76
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
83
77
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
84
78
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
85
79
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -88,14 +82,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
88
82
|
end
|
|
89
83
|
|
|
90
84
|
it 'a private_key that copies it from in-memory as a string succeeds' do
|
|
91
|
-
|
|
85
|
+
expect_recipe {
|
|
92
86
|
private_key "#{repo_path}/blah.der" do
|
|
93
87
|
source_key IO.read("#{repo_path}/blah")
|
|
94
88
|
format :der
|
|
95
89
|
end
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
90
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
99
91
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
100
92
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
101
93
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -104,14 +96,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
104
96
|
|
|
105
97
|
it 'a private_key that copies it from in-memory as a key succeeds' do
|
|
106
98
|
key = OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))
|
|
107
|
-
|
|
99
|
+
expect_recipe {
|
|
108
100
|
private_key "#{repo_path}/blah.der" do
|
|
109
101
|
source_key key
|
|
110
102
|
format :der
|
|
111
103
|
end
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
104
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
115
105
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
116
106
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
117
107
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -119,14 +109,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
119
109
|
end
|
|
120
110
|
|
|
121
111
|
context 'and a public_key recipe' do
|
|
122
|
-
with_converge do
|
|
123
|
-
public_key "#{repo_path}/blah.pub" do
|
|
124
|
-
source_key_path "#{repo_path}/blah"
|
|
125
|
-
end
|
|
126
|
-
end
|
|
127
|
-
|
|
128
112
|
it 'the public_key is created' do
|
|
129
|
-
|
|
113
|
+
expect_recipe {
|
|
114
|
+
public_key "#{repo_path}/blah.pub" do
|
|
115
|
+
source_key_path "#{repo_path}/blah"
|
|
116
|
+
end
|
|
117
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
130
118
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
131
119
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
132
120
|
end
|
|
@@ -142,28 +130,24 @@ describe Chef::Resource::PrivateKey do
|
|
|
142
130
|
end
|
|
143
131
|
|
|
144
132
|
context 'and public_key resource based off the public key file' do
|
|
145
|
-
with_converge do
|
|
146
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
147
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
148
|
-
end
|
|
149
|
-
end
|
|
150
|
-
|
|
151
133
|
it 'the second public_key is created' do
|
|
152
|
-
|
|
134
|
+
expect_recipe {
|
|
135
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
136
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
137
|
+
end
|
|
138
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
153
139
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
154
140
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
155
141
|
end
|
|
156
142
|
end
|
|
157
143
|
|
|
158
144
|
context 'and another public_key based off the first public_key in-memory in a string' do
|
|
159
|
-
with_converge do
|
|
160
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
161
|
-
source_key IO.read("#{repo_path}/blah.pub")
|
|
162
|
-
end
|
|
163
|
-
end
|
|
164
|
-
|
|
165
145
|
it 'the second public_key is created' do
|
|
166
|
-
|
|
146
|
+
expect_recipe {
|
|
147
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
148
|
+
source_key IO.read("#{repo_path}/blah.pub")
|
|
149
|
+
end
|
|
150
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
167
151
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
168
152
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
169
153
|
end
|
|
@@ -172,42 +156,36 @@ describe Chef::Resource::PrivateKey do
|
|
|
172
156
|
it 'and another public_key based off the first public_key in-memory in a key, the second public_key is created' do
|
|
173
157
|
key, format = Cheffish::KeyFormatter.decode(IO.read("#{repo_path}/blah.pub"))
|
|
174
158
|
|
|
175
|
-
|
|
159
|
+
expect_recipe {
|
|
176
160
|
public_key "#{repo_path}/blah.pub2" do
|
|
177
161
|
source_key key
|
|
178
162
|
end
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
expect(chef_run).to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
163
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
182
164
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
183
165
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
184
166
|
end
|
|
185
167
|
|
|
186
168
|
context 'and another public_key in :pem format based off the first public_key' do
|
|
187
|
-
with_converge do
|
|
188
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
189
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
190
|
-
format :pem
|
|
191
|
-
end
|
|
192
|
-
end
|
|
193
|
-
|
|
194
169
|
it 'the second public_key is created' do
|
|
195
|
-
|
|
170
|
+
expect_recipe {
|
|
171
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
172
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
173
|
+
format :pem
|
|
174
|
+
end
|
|
175
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
196
176
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
197
177
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
198
178
|
end
|
|
199
179
|
end
|
|
200
180
|
|
|
201
181
|
context 'and another public_key in :der format based off the first public_key' do
|
|
202
|
-
with_converge do
|
|
203
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
204
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
205
|
-
format :pem
|
|
206
|
-
end
|
|
207
|
-
end
|
|
208
|
-
|
|
209
182
|
it 'the second public_key is created' do
|
|
210
|
-
|
|
183
|
+
expect_recipe {
|
|
184
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
185
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
186
|
+
format :pem
|
|
187
|
+
end
|
|
188
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
211
189
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
212
190
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
213
191
|
end
|
|
@@ -215,30 +193,26 @@ describe Chef::Resource::PrivateKey do
|
|
|
215
193
|
end
|
|
216
194
|
|
|
217
195
|
context 'and a public_key resource in pem format' do
|
|
218
|
-
with_converge do
|
|
219
|
-
public_key "#{repo_path}/blah.pub" do
|
|
220
|
-
source_key_path "#{repo_path}/blah"
|
|
221
|
-
format :pem
|
|
222
|
-
end
|
|
223
|
-
end
|
|
224
|
-
|
|
225
196
|
it 'the public_key is created' do
|
|
226
|
-
|
|
197
|
+
expect_recipe {
|
|
198
|
+
public_key "#{repo_path}/blah.pub" do
|
|
199
|
+
source_key_path "#{repo_path}/blah"
|
|
200
|
+
format :pem
|
|
201
|
+
end
|
|
202
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
227
203
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('-----BEGIN')
|
|
228
204
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
229
205
|
end
|
|
230
206
|
end
|
|
231
207
|
|
|
232
208
|
context 'and a public_key resource in der format' do
|
|
233
|
-
with_converge do
|
|
234
|
-
public_key "#{repo_path}/blah.pub" do
|
|
235
|
-
source_key_path "#{repo_path}/blah"
|
|
236
|
-
format :der
|
|
237
|
-
end
|
|
238
|
-
end
|
|
239
|
-
|
|
240
209
|
it 'the public_key is created in openssh format' do
|
|
241
|
-
|
|
210
|
+
expect_recipe {
|
|
211
|
+
public_key "#{repo_path}/blah.pub" do
|
|
212
|
+
source_key_path "#{repo_path}/blah"
|
|
213
|
+
format :der
|
|
214
|
+
end
|
|
215
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
242
216
|
expect(IO.read("#{repo_path}/blah.pub")).not_to start_with('-----BEGIN')
|
|
243
217
|
expect(IO.read("#{repo_path}/blah.pub")).not_to start_with('ssh-rsa')
|
|
244
218
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
@@ -247,14 +221,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
247
221
|
end
|
|
248
222
|
|
|
249
223
|
context 'with a recipe with a private_key in der format' do
|
|
250
|
-
with_recipe do
|
|
251
|
-
private_key "#{repo_path}/blah" do
|
|
252
|
-
format :der
|
|
253
|
-
end
|
|
254
|
-
end
|
|
255
|
-
|
|
256
224
|
it 'the private_key is created' do
|
|
257
|
-
|
|
225
|
+
expect_recipe {
|
|
226
|
+
private_key "#{repo_path}/blah" do
|
|
227
|
+
format :der
|
|
228
|
+
end
|
|
229
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
258
230
|
expect(IO.read("#{repo_path}/blah")).not_to start_with('-----BEGIN')
|
|
259
231
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
260
232
|
end
|
|
@@ -270,14 +242,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
270
242
|
end
|
|
271
243
|
|
|
272
244
|
context 'and a public_key' do
|
|
273
|
-
with_converge do
|
|
274
|
-
public_key "#{repo_path}/blah.pub" do
|
|
275
|
-
source_key_path "#{repo_path}/blah"
|
|
276
|
-
end
|
|
277
|
-
end
|
|
278
|
-
|
|
279
245
|
it 'the public_key is created in openssh format' do
|
|
280
|
-
|
|
246
|
+
expect_recipe {
|
|
247
|
+
public_key "#{repo_path}/blah.pub" do
|
|
248
|
+
source_key_path "#{repo_path}/blah"
|
|
249
|
+
end
|
|
250
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
281
251
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
282
252
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
283
253
|
end
|
|
@@ -285,14 +255,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
285
255
|
end
|
|
286
256
|
|
|
287
257
|
context 'with a recipe with a private_key with a pass_phrase' do
|
|
288
|
-
with_converge do
|
|
289
|
-
private_key "#{repo_path}/blah" do
|
|
290
|
-
pass_phrase 'hello'
|
|
291
|
-
end
|
|
292
|
-
end
|
|
293
|
-
|
|
294
258
|
it 'the private_key is created' do
|
|
295
|
-
|
|
259
|
+
expect_recipe {
|
|
260
|
+
private_key "#{repo_path}/blah" do
|
|
261
|
+
pass_phrase 'hello'
|
|
262
|
+
end
|
|
263
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
296
264
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
297
265
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"), 'hello')).to be_kind_of(OpenSSL::PKey::RSA)
|
|
298
266
|
end
|
|
@@ -308,16 +276,14 @@ describe Chef::Resource::PrivateKey do
|
|
|
308
276
|
end
|
|
309
277
|
|
|
310
278
|
context 'and a private_key that copies it in der format' do
|
|
311
|
-
with_converge do
|
|
312
|
-
private_key "#{repo_path}/blah.der" do
|
|
313
|
-
source_key_path "#{repo_path}/blah"
|
|
314
|
-
source_key_pass_phrase 'hello'
|
|
315
|
-
format :der
|
|
316
|
-
end
|
|
317
|
-
end
|
|
318
|
-
|
|
319
279
|
it 'the private_key is copied in der format and is identical' do
|
|
320
|
-
|
|
280
|
+
expect_recipe {
|
|
281
|
+
private_key "#{repo_path}/blah.der" do
|
|
282
|
+
source_key_path "#{repo_path}/blah"
|
|
283
|
+
source_key_pass_phrase 'hello'
|
|
284
|
+
format :der
|
|
285
|
+
end
|
|
286
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
321
287
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
322
288
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
323
289
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -326,39 +292,35 @@ describe Chef::Resource::PrivateKey do
|
|
|
326
292
|
end
|
|
327
293
|
|
|
328
294
|
context 'and a private_key resource pointing at it without a pass_phrase' do
|
|
329
|
-
with_recipe do
|
|
330
|
-
private_key "#{repo_path}/blah"
|
|
331
|
-
end
|
|
332
|
-
|
|
333
295
|
it 'the run fails with an exception' do
|
|
334
|
-
expect {
|
|
296
|
+
expect {
|
|
297
|
+
converge {
|
|
298
|
+
private_key "#{repo_path}/blah"
|
|
299
|
+
}
|
|
300
|
+
}.to raise_error
|
|
335
301
|
end
|
|
336
302
|
end
|
|
337
303
|
|
|
338
304
|
context 'and a private_key resource with no pass phrase and regenerate_if_different' do
|
|
339
|
-
with_recipe do
|
|
340
|
-
private_key "#{repo_path}/blah" do
|
|
341
|
-
regenerate_if_different true
|
|
342
|
-
end
|
|
343
|
-
end
|
|
344
|
-
|
|
345
305
|
it 'the private_key is regenerated' do
|
|
346
|
-
|
|
306
|
+
expect_recipe {
|
|
307
|
+
private_key "#{repo_path}/blah" do
|
|
308
|
+
regenerate_if_different true
|
|
309
|
+
end
|
|
310
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
347
311
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
348
312
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
349
313
|
end
|
|
350
314
|
end
|
|
351
315
|
|
|
352
316
|
it 'a private_key resource that copies it from in-memory as a string succeeds' do
|
|
353
|
-
|
|
317
|
+
expect_recipe {
|
|
354
318
|
private_key "#{repo_path}/blah.der" do
|
|
355
319
|
source_key IO.read("#{repo_path}/blah")
|
|
356
320
|
source_key_pass_phrase 'hello'
|
|
357
321
|
format :der
|
|
358
322
|
end
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
323
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
362
324
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
363
325
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
364
326
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -366,30 +328,26 @@ describe Chef::Resource::PrivateKey do
|
|
|
366
328
|
end
|
|
367
329
|
|
|
368
330
|
context 'and a public_key' do
|
|
369
|
-
with_converge do
|
|
370
|
-
public_key "#{repo_path}/blah.pub" do
|
|
371
|
-
source_key_path "#{repo_path}/blah"
|
|
372
|
-
source_key_pass_phrase 'hello'
|
|
373
|
-
end
|
|
374
|
-
end
|
|
375
|
-
|
|
376
331
|
it 'the public_key is created in openssh format' do
|
|
377
|
-
|
|
332
|
+
expect_recipe {
|
|
333
|
+
public_key "#{repo_path}/blah.pub" do
|
|
334
|
+
source_key_path "#{repo_path}/blah"
|
|
335
|
+
source_key_pass_phrase 'hello'
|
|
336
|
+
end
|
|
337
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
378
338
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
379
339
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah", 'hello'
|
|
380
340
|
end
|
|
381
341
|
end
|
|
382
342
|
|
|
383
343
|
context 'and a public_key derived from the private key in an in-memory string' do
|
|
384
|
-
with_converge do
|
|
385
|
-
public_key "#{repo_path}/blah.pub" do
|
|
386
|
-
source_key IO.read("#{repo_path}/blah")
|
|
387
|
-
source_key_pass_phrase 'hello'
|
|
388
|
-
end
|
|
389
|
-
end
|
|
390
|
-
|
|
391
344
|
it 'the public_key is created in openssh format' do
|
|
392
|
-
|
|
345
|
+
expect_recipe {
|
|
346
|
+
public_key "#{repo_path}/blah.pub" do
|
|
347
|
+
source_key IO.read("#{repo_path}/blah")
|
|
348
|
+
source_key_pass_phrase 'hello'
|
|
349
|
+
end
|
|
350
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
393
351
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
394
352
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah", 'hello'
|
|
395
353
|
end
|
|
@@ -397,14 +355,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
397
355
|
end
|
|
398
356
|
|
|
399
357
|
context 'with a recipe with a private_key and public_key_path' do
|
|
400
|
-
with_converge do
|
|
401
|
-
private_key "#{repo_path}/blah" do
|
|
402
|
-
public_key_path "#{repo_path}/blah.pub"
|
|
403
|
-
end
|
|
404
|
-
end
|
|
405
|
-
|
|
406
358
|
it 'the private_key and public_key are created' do
|
|
407
|
-
|
|
359
|
+
expect_recipe {
|
|
360
|
+
private_key "#{repo_path}/blah" do
|
|
361
|
+
public_key_path "#{repo_path}/blah.pub"
|
|
362
|
+
end
|
|
363
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
408
364
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
409
365
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
410
366
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
@@ -413,15 +369,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
413
369
|
end
|
|
414
370
|
|
|
415
371
|
context 'with a recipe with a private_key and public_key_path and public_key_format' do
|
|
416
|
-
with_converge do
|
|
417
|
-
private_key "#{repo_path}/blah" do
|
|
418
|
-
public_key_path "#{repo_path}/blah.pub.der"
|
|
419
|
-
public_key_format :der
|
|
420
|
-
end
|
|
421
|
-
end
|
|
422
|
-
|
|
423
372
|
it 'the private_key and public_key are created' do
|
|
424
|
-
|
|
373
|
+
expect_recipe {
|
|
374
|
+
private_key "#{repo_path}/blah" do
|
|
375
|
+
public_key_path "#{repo_path}/blah.pub.der"
|
|
376
|
+
public_key_format :der
|
|
377
|
+
end
|
|
378
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
425
379
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
426
380
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
427
381
|
expect(IO.read("#{repo_path}/blah.pub.der")).not_to start_with('ssh-rsa ')
|
|
@@ -432,14 +386,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
432
386
|
context 'with a recipe with a private_key with path :none' do
|
|
433
387
|
it 'the private_key is created' do
|
|
434
388
|
got_private_key = nil
|
|
435
|
-
|
|
389
|
+
expect_recipe {
|
|
436
390
|
private_key 'in_memory' do
|
|
437
391
|
path :none
|
|
438
392
|
after { |resource, private_key| got_private_key = private_key }
|
|
439
393
|
end
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
expect(chef_run).to have_updated "private_key[in_memory]", :create
|
|
394
|
+
}.to have_updated "private_key[in_memory]", :create
|
|
443
395
|
expect(got_private_key).to be_kind_of(OpenSSL::PKey::RSA)
|
|
444
396
|
end
|
|
445
397
|
end
|