cheffish 1.1.2 → 1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cheffish/chef_run.rb +13 -0
- data/lib/cheffish/rspec.rb +8 -0
- data/lib/cheffish/rspec/chef_run_support.rb +19 -52
- data/lib/cheffish/rspec/matchers.rb +4 -81
- data/lib/cheffish/rspec/matchers/be_idempotent.rb +16 -0
- data/lib/cheffish/rspec/matchers/emit_no_warnings_or_errors.rb +15 -0
- data/lib/cheffish/rspec/matchers/have_updated.rb +37 -0
- data/lib/cheffish/rspec/matchers/partially_match.rb +63 -0
- data/lib/cheffish/rspec/recipe_run_wrapper.rb +2 -2
- data/lib/cheffish/rspec/repository_support.rb +1 -1
- data/lib/cheffish/version.rb +1 -1
- data/spec/integration/chef_acl_spec.rb +384 -420
- data/spec/integration/chef_client_spec.rb +18 -24
- data/spec/integration/chef_container_spec.rb +4 -6
- data/spec/integration/chef_group_spec.rb +30 -46
- data/spec/integration/chef_mirror_spec.rb +60 -89
- data/spec/integration/chef_node_spec.rb +96 -124
- data/spec/integration/chef_organization_spec.rb +38 -57
- data/spec/integration/chef_user_spec.rb +16 -22
- data/spec/integration/private_key_spec.rb +120 -168
- data/spec/integration/recipe_dsl_spec.rb +4 -6
- data/spec/support/spec_support.rb +1 -2
- metadata +13 -8
- data/lib/cheffish/rspec/chef_run_wrapper.rb +0 -5
|
@@ -12,10 +12,9 @@ describe Chef::Resource::ChefOrganization do
|
|
|
12
12
|
user 'u2', {}
|
|
13
13
|
|
|
14
14
|
it 'chef_organization "x" creates the organization' do
|
|
15
|
-
|
|
15
|
+
expect_recipe {
|
|
16
16
|
chef_organization 'x'
|
|
17
|
-
|
|
18
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
17
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
19
18
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
20
19
|
end
|
|
21
20
|
end
|
|
@@ -32,40 +31,36 @@ describe Chef::Resource::ChefOrganization do
|
|
|
32
31
|
user 'u2', {}
|
|
33
32
|
|
|
34
33
|
it 'chef_organization "x" creates the organization' do
|
|
35
|
-
|
|
34
|
+
expect_recipe {
|
|
36
35
|
chef_organization 'x'
|
|
37
|
-
|
|
38
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
36
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
39
37
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
40
38
|
end
|
|
41
39
|
|
|
42
40
|
it 'chef_organization "x" with full_name creates the organization' do
|
|
43
|
-
|
|
41
|
+
expect_recipe {
|
|
44
42
|
chef_organization 'x' do
|
|
45
43
|
full_name 'Hi'
|
|
46
44
|
end
|
|
47
|
-
|
|
48
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
45
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
49
46
|
expect(get('/organizations/x')['full_name']).to eq('Hi')
|
|
50
47
|
end
|
|
51
48
|
|
|
52
49
|
it 'chef_organization "x" and inviting users creates the invites' do
|
|
53
|
-
|
|
50
|
+
expect_recipe {
|
|
54
51
|
chef_organization 'x' do
|
|
55
52
|
invites 'u', 'u2'
|
|
56
53
|
end
|
|
57
|
-
|
|
58
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
54
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
59
55
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(u u2))
|
|
60
56
|
end
|
|
61
57
|
|
|
62
58
|
it 'chef_organization "x" adds members' do
|
|
63
|
-
|
|
59
|
+
expect_recipe {
|
|
64
60
|
chef_organization 'x' do
|
|
65
61
|
members 'u', 'u2'
|
|
66
62
|
end
|
|
67
|
-
|
|
68
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
63
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
69
64
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(u u2))
|
|
70
65
|
end
|
|
71
66
|
end
|
|
@@ -84,156 +79,142 @@ describe Chef::Resource::ChefOrganization do
|
|
|
84
79
|
end
|
|
85
80
|
|
|
86
81
|
it 'chef_organization "x" changes nothing' do
|
|
87
|
-
|
|
82
|
+
expect_recipe {
|
|
88
83
|
chef_organization 'x'
|
|
89
|
-
|
|
90
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
84
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
91
85
|
expect(get('/organizations/x')['full_name']).to eq('Lo')
|
|
92
86
|
end
|
|
93
87
|
|
|
94
88
|
it 'chef_organization "x" with "complete true" reverts the full_name' do
|
|
95
|
-
|
|
89
|
+
expect_recipe {
|
|
96
90
|
chef_organization 'x' do
|
|
97
91
|
complete true
|
|
98
92
|
end
|
|
99
|
-
|
|
100
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
93
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
101
94
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
102
95
|
end
|
|
103
96
|
|
|
104
97
|
it 'chef_organization "x" with new full_name updates the organization' do
|
|
105
|
-
|
|
98
|
+
expect_recipe {
|
|
106
99
|
chef_organization 'x' do
|
|
107
100
|
full_name 'Hi'
|
|
108
101
|
end
|
|
109
|
-
|
|
110
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
102
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
111
103
|
expect(get('/organizations/x')['full_name']).to eq('Hi')
|
|
112
104
|
end
|
|
113
105
|
|
|
114
106
|
context 'invites and membership tests' do
|
|
115
107
|
it 'chef_organization "x" and inviting users creates the invites' do
|
|
116
|
-
|
|
108
|
+
expect_recipe {
|
|
117
109
|
chef_organization 'x' do
|
|
118
110
|
invites 'u', 'u2'
|
|
119
111
|
end
|
|
120
|
-
|
|
121
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
112
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
122
113
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2 u u2))
|
|
123
114
|
end
|
|
124
115
|
|
|
125
116
|
it 'chef_organization "x" adds members' do
|
|
126
|
-
|
|
117
|
+
expect_recipe {
|
|
127
118
|
chef_organization 'x' do
|
|
128
119
|
members 'u', 'u2'
|
|
129
120
|
end
|
|
130
|
-
|
|
131
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
121
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
132
122
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2 u u2))
|
|
133
123
|
end
|
|
134
124
|
|
|
135
125
|
it 'chef_organization "x" does nothing when inviting already-invited users and members' do
|
|
136
|
-
|
|
126
|
+
expect_recipe {
|
|
137
127
|
chef_organization 'x' do
|
|
138
128
|
invites 'invited', 'member'
|
|
139
129
|
end
|
|
140
|
-
|
|
141
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
130
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
142
131
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
143
132
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
144
133
|
end
|
|
145
134
|
|
|
146
135
|
it 'chef_organization "x" does nothing when adding members who are already members' do
|
|
147
|
-
|
|
136
|
+
expect_recipe {
|
|
148
137
|
chef_organization 'x' do
|
|
149
138
|
members 'member'
|
|
150
139
|
end
|
|
151
|
-
|
|
152
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
140
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
153
141
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
154
142
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
155
143
|
end
|
|
156
144
|
|
|
157
145
|
it 'chef_organization "x" upgrades invites to members when asked' do
|
|
158
|
-
|
|
146
|
+
expect_recipe {
|
|
159
147
|
chef_organization 'x' do
|
|
160
148
|
members 'invited'
|
|
161
149
|
end
|
|
162
|
-
|
|
163
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
150
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
164
151
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(invited member member2))
|
|
165
152
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited2))
|
|
166
153
|
end
|
|
167
154
|
|
|
168
155
|
it 'chef_organization "x" removes members and invites when asked' do
|
|
169
|
-
|
|
156
|
+
expect_recipe {
|
|
170
157
|
chef_organization 'x' do
|
|
171
158
|
remove_members 'invited', 'member'
|
|
172
159
|
end
|
|
173
|
-
|
|
174
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
160
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
175
161
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited2))
|
|
176
162
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member2))
|
|
177
163
|
end
|
|
178
164
|
|
|
179
165
|
it 'chef_organization "x" does nothing when asked to remove non-members' do
|
|
180
|
-
|
|
166
|
+
expect_recipe {
|
|
181
167
|
chef_organization 'x' do
|
|
182
168
|
remove_members 'u', 'u2'
|
|
183
169
|
end
|
|
184
|
-
|
|
185
|
-
expect(chef_run).not_to have_updated('chef_organization[x]', :create)
|
|
170
|
+
}.not_to have_updated('chef_organization[x]', :create)
|
|
186
171
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
187
172
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
188
173
|
end
|
|
189
174
|
|
|
190
175
|
it 'chef_organization "x" with "complete true" reverts the full_name but does not remove invites or members' do
|
|
191
|
-
|
|
176
|
+
expect_recipe {
|
|
192
177
|
chef_organization 'x' do
|
|
193
178
|
complete true
|
|
194
179
|
end
|
|
195
|
-
|
|
196
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
180
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
197
181
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
198
182
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited invited2))
|
|
199
183
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
200
184
|
end
|
|
201
185
|
|
|
202
186
|
it 'chef_organization "x" with members [] and "complete true" removes invites and members' do
|
|
203
|
-
|
|
187
|
+
expect_recipe {
|
|
204
188
|
chef_organization 'x' do
|
|
205
189
|
members []
|
|
206
190
|
complete true
|
|
207
191
|
end
|
|
208
|
-
|
|
209
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
192
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
210
193
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
211
194
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq([])
|
|
212
195
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq([])
|
|
213
196
|
end
|
|
214
197
|
|
|
215
198
|
it 'chef_organization "x" with members [] and "complete true" removes invites but not members' do
|
|
216
|
-
|
|
199
|
+
expect_recipe {
|
|
217
200
|
chef_organization 'x' do
|
|
218
201
|
invites []
|
|
219
202
|
complete true
|
|
220
203
|
end
|
|
221
|
-
|
|
222
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
204
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
223
205
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
224
206
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq([])
|
|
225
207
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member member2))
|
|
226
208
|
end
|
|
227
209
|
|
|
228
210
|
it 'chef_organization "x" with invites, members and "complete true" removes all non-specified invites and members' do
|
|
229
|
-
|
|
211
|
+
expect_recipe {
|
|
230
212
|
chef_organization 'x' do
|
|
231
213
|
invites 'invited', 'u'
|
|
232
214
|
members 'member', 'u2'
|
|
233
215
|
complete true
|
|
234
216
|
end
|
|
235
|
-
|
|
236
|
-
expect(chef_run).to have_updated('chef_organization[x]', :create)
|
|
217
|
+
}.to have_updated('chef_organization[x]', :create)
|
|
237
218
|
expect(get('/organizations/x')['full_name']).to eq('x')
|
|
238
219
|
expect(get('/organizations/x/association_requests').map { |u| u['username'] }).to eq(%w(invited u))
|
|
239
220
|
expect(get('/organizations/x/users').map { |u| u['user']['username'] }).to eq(%w(member u2))
|
|
@@ -9,20 +9,18 @@ repo_path = Dir.mktmpdir('chef_repo')
|
|
|
9
9
|
describe Chef::Resource::ChefUser do
|
|
10
10
|
extend Cheffish::RSpec::ChefRunSupport
|
|
11
11
|
|
|
12
|
-
|
|
12
|
+
with_converge do
|
|
13
13
|
private_key "#{repo_path}/blah.pem"
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
when_the_chef_server 'is empty' do
|
|
17
17
|
context 'and we run a recipe that creates user "blah"'do
|
|
18
|
-
with_converge do
|
|
19
|
-
chef_user 'blah' do
|
|
20
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
|
|
24
18
|
it 'the user gets created' do
|
|
25
|
-
|
|
19
|
+
expect_recipe {
|
|
20
|
+
chef_user 'blah' do
|
|
21
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
22
|
+
end
|
|
23
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
26
24
|
user = get('/users/blah')
|
|
27
25
|
expect(user['name']).to eq('blah')
|
|
28
26
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -48,14 +46,12 @@ describe Chef::Resource::ChefUser do
|
|
|
48
46
|
when_the_chef_12_server 'is in multi-org mode' do
|
|
49
47
|
context 'and chef_server_url is pointed at the top level' do
|
|
50
48
|
context 'and we run a recipe that creates user "blah"'do
|
|
51
|
-
with_converge do
|
|
52
|
-
chef_user 'blah' do
|
|
53
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
|
|
57
49
|
it 'the user gets created' do
|
|
58
|
-
|
|
50
|
+
expect_recipe {
|
|
51
|
+
chef_user 'blah' do
|
|
52
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
53
|
+
end
|
|
54
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
59
55
|
user = get('/users/blah')
|
|
60
56
|
expect(user['name']).to eq('blah')
|
|
61
57
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -72,14 +68,12 @@ describe Chef::Resource::ChefUser do
|
|
|
72
68
|
end
|
|
73
69
|
|
|
74
70
|
context 'and we run a recipe that creates user "blah"'do
|
|
75
|
-
with_converge do
|
|
76
|
-
chef_user 'blah' do
|
|
77
|
-
source_key_path "#{repo_path}/blah.pem"
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
71
|
it 'the user gets created' do
|
|
82
|
-
|
|
72
|
+
expect_recipe {
|
|
73
|
+
chef_user 'blah' do
|
|
74
|
+
source_key_path "#{repo_path}/blah.pem"
|
|
75
|
+
end
|
|
76
|
+
}.to have_updated 'chef_user[blah]', :create
|
|
83
77
|
user = get('/users/blah')
|
|
84
78
|
expect(user['name']).to eq('blah')
|
|
85
79
|
key, format = Cheffish::KeyFormatter.decode(user['public_key'])
|
|
@@ -17,12 +17,10 @@ describe Chef::Resource::PrivateKey do
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
context 'with a recipe with a private_key' do
|
|
20
|
-
with_recipe do
|
|
21
|
-
private_key "#{repo_path}/blah"
|
|
22
|
-
end
|
|
23
|
-
|
|
24
20
|
it 'the private_key is created in pem format' do
|
|
25
|
-
|
|
21
|
+
expect_recipe {
|
|
22
|
+
private_key "#{repo_path}/blah"
|
|
23
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
26
24
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
27
25
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
28
26
|
end
|
|
@@ -34,12 +32,10 @@ describe Chef::Resource::PrivateKey do
|
|
|
34
32
|
Chef::Config.private_key_paths = [ repo_path, "#{repo_path}/other_keys" ]
|
|
35
33
|
end
|
|
36
34
|
|
|
37
|
-
with_recipe do
|
|
38
|
-
private_key 'blah'
|
|
39
|
-
end
|
|
40
|
-
|
|
41
35
|
it 'the private key is created in the private_key_write_path' do
|
|
42
|
-
|
|
36
|
+
expect_recipe {
|
|
37
|
+
private_key 'blah'
|
|
38
|
+
}.to have_updated "private_key[blah]", :create
|
|
43
39
|
expect(Chef::Config.private_key_write_path).to eq(repo_path)
|
|
44
40
|
expect(File.exist?("#{repo_path}/blah")).to be true
|
|
45
41
|
expect(File.exist?("#{repo_path}/other_keys/blah")).to be false
|
|
@@ -49,13 +45,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
49
45
|
|
|
50
46
|
context 'and the private key already exists somewhere not in the write path' do
|
|
51
47
|
before :each do
|
|
52
|
-
|
|
53
|
-
private_key "#{repo_path}/other_keys/blah"
|
|
54
|
-
end
|
|
48
|
+
recipe { private_key "#{repo_path}/other_keys/blah" }.converge
|
|
55
49
|
end
|
|
56
50
|
|
|
57
51
|
it 'the private expect(key).to not update' do
|
|
58
|
-
|
|
52
|
+
expect_recipe {
|
|
53
|
+
private_key 'blah'
|
|
54
|
+
}.not_to have_updated "private_key[blah]", :create
|
|
59
55
|
|
|
60
56
|
expect(File.exist?("#{repo_path}/blah")).to be false
|
|
61
57
|
expect(File.exist?("#{repo_path}/other_keys/blah")).to be true
|
|
@@ -71,15 +67,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
71
67
|
end
|
|
72
68
|
|
|
73
69
|
context 'and a private_key that copies it in der format' do
|
|
74
|
-
with_converge do
|
|
75
|
-
private_key "#{repo_path}/blah.der" do
|
|
76
|
-
source_key_path "#{repo_path}/blah"
|
|
77
|
-
format :der
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
70
|
it 'the private_key is copied in der format and is identical' do
|
|
82
|
-
|
|
71
|
+
expect_recipe {
|
|
72
|
+
private_key "#{repo_path}/blah.der" do
|
|
73
|
+
source_key_path "#{repo_path}/blah"
|
|
74
|
+
format :der
|
|
75
|
+
end
|
|
76
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
83
77
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
84
78
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
85
79
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -88,14 +82,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
88
82
|
end
|
|
89
83
|
|
|
90
84
|
it 'a private_key that copies it from in-memory as a string succeeds' do
|
|
91
|
-
|
|
85
|
+
expect_recipe {
|
|
92
86
|
private_key "#{repo_path}/blah.der" do
|
|
93
87
|
source_key IO.read("#{repo_path}/blah")
|
|
94
88
|
format :der
|
|
95
89
|
end
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
90
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
99
91
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
100
92
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
101
93
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -104,14 +96,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
104
96
|
|
|
105
97
|
it 'a private_key that copies it from in-memory as a key succeeds' do
|
|
106
98
|
key = OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))
|
|
107
|
-
|
|
99
|
+
expect_recipe {
|
|
108
100
|
private_key "#{repo_path}/blah.der" do
|
|
109
101
|
source_key key
|
|
110
102
|
format :der
|
|
111
103
|
end
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
104
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
115
105
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
116
106
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
117
107
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -119,14 +109,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
119
109
|
end
|
|
120
110
|
|
|
121
111
|
context 'and a public_key recipe' do
|
|
122
|
-
with_converge do
|
|
123
|
-
public_key "#{repo_path}/blah.pub" do
|
|
124
|
-
source_key_path "#{repo_path}/blah"
|
|
125
|
-
end
|
|
126
|
-
end
|
|
127
|
-
|
|
128
112
|
it 'the public_key is created' do
|
|
129
|
-
|
|
113
|
+
expect_recipe {
|
|
114
|
+
public_key "#{repo_path}/blah.pub" do
|
|
115
|
+
source_key_path "#{repo_path}/blah"
|
|
116
|
+
end
|
|
117
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
130
118
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
131
119
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
132
120
|
end
|
|
@@ -142,28 +130,24 @@ describe Chef::Resource::PrivateKey do
|
|
|
142
130
|
end
|
|
143
131
|
|
|
144
132
|
context 'and public_key resource based off the public key file' do
|
|
145
|
-
with_converge do
|
|
146
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
147
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
148
|
-
end
|
|
149
|
-
end
|
|
150
|
-
|
|
151
133
|
it 'the second public_key is created' do
|
|
152
|
-
|
|
134
|
+
expect_recipe {
|
|
135
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
136
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
137
|
+
end
|
|
138
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
153
139
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
154
140
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
155
141
|
end
|
|
156
142
|
end
|
|
157
143
|
|
|
158
144
|
context 'and another public_key based off the first public_key in-memory in a string' do
|
|
159
|
-
with_converge do
|
|
160
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
161
|
-
source_key IO.read("#{repo_path}/blah.pub")
|
|
162
|
-
end
|
|
163
|
-
end
|
|
164
|
-
|
|
165
145
|
it 'the second public_key is created' do
|
|
166
|
-
|
|
146
|
+
expect_recipe {
|
|
147
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
148
|
+
source_key IO.read("#{repo_path}/blah.pub")
|
|
149
|
+
end
|
|
150
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
167
151
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
168
152
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
169
153
|
end
|
|
@@ -172,42 +156,36 @@ describe Chef::Resource::PrivateKey do
|
|
|
172
156
|
it 'and another public_key based off the first public_key in-memory in a key, the second public_key is created' do
|
|
173
157
|
key, format = Cheffish::KeyFormatter.decode(IO.read("#{repo_path}/blah.pub"))
|
|
174
158
|
|
|
175
|
-
|
|
159
|
+
expect_recipe {
|
|
176
160
|
public_key "#{repo_path}/blah.pub2" do
|
|
177
161
|
source_key key
|
|
178
162
|
end
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
expect(chef_run).to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
163
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
182
164
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
183
165
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
184
166
|
end
|
|
185
167
|
|
|
186
168
|
context 'and another public_key in :pem format based off the first public_key' do
|
|
187
|
-
with_converge do
|
|
188
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
189
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
190
|
-
format :pem
|
|
191
|
-
end
|
|
192
|
-
end
|
|
193
|
-
|
|
194
169
|
it 'the second public_key is created' do
|
|
195
|
-
|
|
170
|
+
expect_recipe {
|
|
171
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
172
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
173
|
+
format :pem
|
|
174
|
+
end
|
|
175
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
196
176
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
197
177
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
198
178
|
end
|
|
199
179
|
end
|
|
200
180
|
|
|
201
181
|
context 'and another public_key in :der format based off the first public_key' do
|
|
202
|
-
with_converge do
|
|
203
|
-
public_key "#{repo_path}/blah.pub2" do
|
|
204
|
-
source_key_path "#{repo_path}/blah.pub"
|
|
205
|
-
format :pem
|
|
206
|
-
end
|
|
207
|
-
end
|
|
208
|
-
|
|
209
182
|
it 'the second public_key is created' do
|
|
210
|
-
|
|
183
|
+
expect_recipe {
|
|
184
|
+
public_key "#{repo_path}/blah.pub2" do
|
|
185
|
+
source_key_path "#{repo_path}/blah.pub"
|
|
186
|
+
format :pem
|
|
187
|
+
end
|
|
188
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub2]", :create
|
|
211
189
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
212
190
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
213
191
|
end
|
|
@@ -215,30 +193,26 @@ describe Chef::Resource::PrivateKey do
|
|
|
215
193
|
end
|
|
216
194
|
|
|
217
195
|
context 'and a public_key resource in pem format' do
|
|
218
|
-
with_converge do
|
|
219
|
-
public_key "#{repo_path}/blah.pub" do
|
|
220
|
-
source_key_path "#{repo_path}/blah"
|
|
221
|
-
format :pem
|
|
222
|
-
end
|
|
223
|
-
end
|
|
224
|
-
|
|
225
196
|
it 'the public_key is created' do
|
|
226
|
-
|
|
197
|
+
expect_recipe {
|
|
198
|
+
public_key "#{repo_path}/blah.pub" do
|
|
199
|
+
source_key_path "#{repo_path}/blah"
|
|
200
|
+
format :pem
|
|
201
|
+
end
|
|
202
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
227
203
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('-----BEGIN')
|
|
228
204
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
229
205
|
end
|
|
230
206
|
end
|
|
231
207
|
|
|
232
208
|
context 'and a public_key resource in der format' do
|
|
233
|
-
with_converge do
|
|
234
|
-
public_key "#{repo_path}/blah.pub" do
|
|
235
|
-
source_key_path "#{repo_path}/blah"
|
|
236
|
-
format :der
|
|
237
|
-
end
|
|
238
|
-
end
|
|
239
|
-
|
|
240
209
|
it 'the public_key is created in openssh format' do
|
|
241
|
-
|
|
210
|
+
expect_recipe {
|
|
211
|
+
public_key "#{repo_path}/blah.pub" do
|
|
212
|
+
source_key_path "#{repo_path}/blah"
|
|
213
|
+
format :der
|
|
214
|
+
end
|
|
215
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
242
216
|
expect(IO.read("#{repo_path}/blah.pub")).not_to start_with('-----BEGIN')
|
|
243
217
|
expect(IO.read("#{repo_path}/blah.pub")).not_to start_with('ssh-rsa')
|
|
244
218
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
@@ -247,14 +221,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
247
221
|
end
|
|
248
222
|
|
|
249
223
|
context 'with a recipe with a private_key in der format' do
|
|
250
|
-
with_recipe do
|
|
251
|
-
private_key "#{repo_path}/blah" do
|
|
252
|
-
format :der
|
|
253
|
-
end
|
|
254
|
-
end
|
|
255
|
-
|
|
256
224
|
it 'the private_key is created' do
|
|
257
|
-
|
|
225
|
+
expect_recipe {
|
|
226
|
+
private_key "#{repo_path}/blah" do
|
|
227
|
+
format :der
|
|
228
|
+
end
|
|
229
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
258
230
|
expect(IO.read("#{repo_path}/blah")).not_to start_with('-----BEGIN')
|
|
259
231
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
260
232
|
end
|
|
@@ -270,14 +242,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
270
242
|
end
|
|
271
243
|
|
|
272
244
|
context 'and a public_key' do
|
|
273
|
-
with_converge do
|
|
274
|
-
public_key "#{repo_path}/blah.pub" do
|
|
275
|
-
source_key_path "#{repo_path}/blah"
|
|
276
|
-
end
|
|
277
|
-
end
|
|
278
|
-
|
|
279
245
|
it 'the public_key is created in openssh format' do
|
|
280
|
-
|
|
246
|
+
expect_recipe {
|
|
247
|
+
public_key "#{repo_path}/blah.pub" do
|
|
248
|
+
source_key_path "#{repo_path}/blah"
|
|
249
|
+
end
|
|
250
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
281
251
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
282
252
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah"
|
|
283
253
|
end
|
|
@@ -285,14 +255,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
285
255
|
end
|
|
286
256
|
|
|
287
257
|
context 'with a recipe with a private_key with a pass_phrase' do
|
|
288
|
-
with_converge do
|
|
289
|
-
private_key "#{repo_path}/blah" do
|
|
290
|
-
pass_phrase 'hello'
|
|
291
|
-
end
|
|
292
|
-
end
|
|
293
|
-
|
|
294
258
|
it 'the private_key is created' do
|
|
295
|
-
|
|
259
|
+
expect_recipe {
|
|
260
|
+
private_key "#{repo_path}/blah" do
|
|
261
|
+
pass_phrase 'hello'
|
|
262
|
+
end
|
|
263
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
296
264
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
297
265
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"), 'hello')).to be_kind_of(OpenSSL::PKey::RSA)
|
|
298
266
|
end
|
|
@@ -308,16 +276,14 @@ describe Chef::Resource::PrivateKey do
|
|
|
308
276
|
end
|
|
309
277
|
|
|
310
278
|
context 'and a private_key that copies it in der format' do
|
|
311
|
-
with_converge do
|
|
312
|
-
private_key "#{repo_path}/blah.der" do
|
|
313
|
-
source_key_path "#{repo_path}/blah"
|
|
314
|
-
source_key_pass_phrase 'hello'
|
|
315
|
-
format :der
|
|
316
|
-
end
|
|
317
|
-
end
|
|
318
|
-
|
|
319
279
|
it 'the private_key is copied in der format and is identical' do
|
|
320
|
-
|
|
280
|
+
expect_recipe {
|
|
281
|
+
private_key "#{repo_path}/blah.der" do
|
|
282
|
+
source_key_path "#{repo_path}/blah"
|
|
283
|
+
source_key_pass_phrase 'hello'
|
|
284
|
+
format :der
|
|
285
|
+
end
|
|
286
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
321
287
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
322
288
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
323
289
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -326,39 +292,35 @@ describe Chef::Resource::PrivateKey do
|
|
|
326
292
|
end
|
|
327
293
|
|
|
328
294
|
context 'and a private_key resource pointing at it without a pass_phrase' do
|
|
329
|
-
with_recipe do
|
|
330
|
-
private_key "#{repo_path}/blah"
|
|
331
|
-
end
|
|
332
|
-
|
|
333
295
|
it 'the run fails with an exception' do
|
|
334
|
-
expect {
|
|
296
|
+
expect {
|
|
297
|
+
converge {
|
|
298
|
+
private_key "#{repo_path}/blah"
|
|
299
|
+
}
|
|
300
|
+
}.to raise_error
|
|
335
301
|
end
|
|
336
302
|
end
|
|
337
303
|
|
|
338
304
|
context 'and a private_key resource with no pass phrase and regenerate_if_different' do
|
|
339
|
-
with_recipe do
|
|
340
|
-
private_key "#{repo_path}/blah" do
|
|
341
|
-
regenerate_if_different true
|
|
342
|
-
end
|
|
343
|
-
end
|
|
344
|
-
|
|
345
305
|
it 'the private_key is regenerated' do
|
|
346
|
-
|
|
306
|
+
expect_recipe {
|
|
307
|
+
private_key "#{repo_path}/blah" do
|
|
308
|
+
regenerate_if_different true
|
|
309
|
+
end
|
|
310
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
347
311
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
348
312
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
349
313
|
end
|
|
350
314
|
end
|
|
351
315
|
|
|
352
316
|
it 'a private_key resource that copies it from in-memory as a string succeeds' do
|
|
353
|
-
|
|
317
|
+
expect_recipe {
|
|
354
318
|
private_key "#{repo_path}/blah.der" do
|
|
355
319
|
source_key IO.read("#{repo_path}/blah")
|
|
356
320
|
source_key_pass_phrase 'hello'
|
|
357
321
|
format :der
|
|
358
322
|
end
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
expect(chef_run).to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
323
|
+
}.to have_updated "private_key[#{repo_path}/blah.der]", :create
|
|
362
324
|
key_str = IO.read("#{repo_path}/blah.der")
|
|
363
325
|
expect(key_str).not_to start_with('-----BEGIN')
|
|
364
326
|
expect(key_str).not_to start_with('ssh-')
|
|
@@ -366,30 +328,26 @@ describe Chef::Resource::PrivateKey do
|
|
|
366
328
|
end
|
|
367
329
|
|
|
368
330
|
context 'and a public_key' do
|
|
369
|
-
with_converge do
|
|
370
|
-
public_key "#{repo_path}/blah.pub" do
|
|
371
|
-
source_key_path "#{repo_path}/blah"
|
|
372
|
-
source_key_pass_phrase 'hello'
|
|
373
|
-
end
|
|
374
|
-
end
|
|
375
|
-
|
|
376
331
|
it 'the public_key is created in openssh format' do
|
|
377
|
-
|
|
332
|
+
expect_recipe {
|
|
333
|
+
public_key "#{repo_path}/blah.pub" do
|
|
334
|
+
source_key_path "#{repo_path}/blah"
|
|
335
|
+
source_key_pass_phrase 'hello'
|
|
336
|
+
end
|
|
337
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
378
338
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
379
339
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah", 'hello'
|
|
380
340
|
end
|
|
381
341
|
end
|
|
382
342
|
|
|
383
343
|
context 'and a public_key derived from the private key in an in-memory string' do
|
|
384
|
-
with_converge do
|
|
385
|
-
public_key "#{repo_path}/blah.pub" do
|
|
386
|
-
source_key IO.read("#{repo_path}/blah")
|
|
387
|
-
source_key_pass_phrase 'hello'
|
|
388
|
-
end
|
|
389
|
-
end
|
|
390
|
-
|
|
391
344
|
it 'the public_key is created in openssh format' do
|
|
392
|
-
|
|
345
|
+
expect_recipe {
|
|
346
|
+
public_key "#{repo_path}/blah.pub" do
|
|
347
|
+
source_key IO.read("#{repo_path}/blah")
|
|
348
|
+
source_key_pass_phrase 'hello'
|
|
349
|
+
end
|
|
350
|
+
}.to have_updated "public_key[#{repo_path}/blah.pub]", :create
|
|
393
351
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
394
352
|
expect("#{repo_path}/blah.pub").to be_public_key_for "#{repo_path}/blah", 'hello'
|
|
395
353
|
end
|
|
@@ -397,14 +355,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
397
355
|
end
|
|
398
356
|
|
|
399
357
|
context 'with a recipe with a private_key and public_key_path' do
|
|
400
|
-
with_converge do
|
|
401
|
-
private_key "#{repo_path}/blah" do
|
|
402
|
-
public_key_path "#{repo_path}/blah.pub"
|
|
403
|
-
end
|
|
404
|
-
end
|
|
405
|
-
|
|
406
358
|
it 'the private_key and public_key are created' do
|
|
407
|
-
|
|
359
|
+
expect_recipe {
|
|
360
|
+
private_key "#{repo_path}/blah" do
|
|
361
|
+
public_key_path "#{repo_path}/blah.pub"
|
|
362
|
+
end
|
|
363
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
408
364
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
409
365
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
410
366
|
expect(IO.read("#{repo_path}/blah.pub")).to start_with('ssh-rsa ')
|
|
@@ -413,15 +369,13 @@ describe Chef::Resource::PrivateKey do
|
|
|
413
369
|
end
|
|
414
370
|
|
|
415
371
|
context 'with a recipe with a private_key and public_key_path and public_key_format' do
|
|
416
|
-
with_converge do
|
|
417
|
-
private_key "#{repo_path}/blah" do
|
|
418
|
-
public_key_path "#{repo_path}/blah.pub.der"
|
|
419
|
-
public_key_format :der
|
|
420
|
-
end
|
|
421
|
-
end
|
|
422
|
-
|
|
423
372
|
it 'the private_key and public_key are created' do
|
|
424
|
-
|
|
373
|
+
expect_recipe {
|
|
374
|
+
private_key "#{repo_path}/blah" do
|
|
375
|
+
public_key_path "#{repo_path}/blah.pub.der"
|
|
376
|
+
public_key_format :der
|
|
377
|
+
end
|
|
378
|
+
}.to have_updated "private_key[#{repo_path}/blah]", :create
|
|
425
379
|
expect(IO.read("#{repo_path}/blah")).to start_with('-----BEGIN')
|
|
426
380
|
expect(OpenSSL::PKey.read(IO.read("#{repo_path}/blah"))).to be_kind_of(OpenSSL::PKey::RSA)
|
|
427
381
|
expect(IO.read("#{repo_path}/blah.pub.der")).not_to start_with('ssh-rsa ')
|
|
@@ -432,14 +386,12 @@ describe Chef::Resource::PrivateKey do
|
|
|
432
386
|
context 'with a recipe with a private_key with path :none' do
|
|
433
387
|
it 'the private_key is created' do
|
|
434
388
|
got_private_key = nil
|
|
435
|
-
|
|
389
|
+
expect_recipe {
|
|
436
390
|
private_key 'in_memory' do
|
|
437
391
|
path :none
|
|
438
392
|
after { |resource, private_key| got_private_key = private_key }
|
|
439
393
|
end
|
|
440
|
-
|
|
441
|
-
|
|
442
|
-
expect(chef_run).to have_updated "private_key[in_memory]", :create
|
|
394
|
+
}.to have_updated "private_key[in_memory]", :create
|
|
443
395
|
expect(got_private_key).to be_kind_of(OpenSSL::PKey::RSA)
|
|
444
396
|
end
|
|
445
397
|
end
|