cheffish 1.3.1 → 1.4.0

data/lib/chef/provider/public_key.rb

@@ -1,82 +1,88 @@
-require 'chef/provider/lwrp_base'
-require 'openssl'
-require 'cheffish/key_formatter'
-
-class Chef::Provider::PublicKey < Chef::Provider::LWRPBase
-  action :create do
-    if !new_source_key
-      raise "No source key specified"
-    end
-    desired_output = encode_public_key(new_source_key)
-    if Array(current_resource.action) == [ :delete ] || desired_output != IO.read(new_resource.path)
-      converge_by "write #{new_resource.format} public key #{new_resource.path} from #{new_source_key_publicity} key #{new_resource.source_key_path}" do
-        IO.write(new_resource.path, desired_output)
-        # TODO permissions on file?
-      end
-    end
-  end
-
-  action :delete do
-    if Array(current_resource.action) == [ :create ]
-      converge_by "delete public key #{new_resource.path}" do
-        ::File.unlink(new_resource.path)
-      end
-    end
-  end
-
-  def whyrun_supported?
-    true
-  end
-
-  def encode_public_key(key)
-    key_format = {}
-    key_format[:format] = new_resource.format if new_resource.format
-    Cheffish::KeyFormatter.encode(key, key_format)
-  end
-
-  attr_reader :current_public_key
-  attr_reader :new_source_key_publicity
-
-  def new_source_key
-    @new_source_key ||= begin
-      if new_resource.source_key.is_a?(String)
-        source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
-      elsif new_resource.source_key
-        source_key = new_resource.source_key
-      elsif new_resource.source_key_path
-        source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
-      else
-        return nil
-      end
-
-      if source_key.private?
-        @new_source_key_publicity = 'private'
-        source_key.public_key
-      else
-        @new_source_key_publicity = 'public'
-        source_key
-      end
-    end
-  end
-
-  def load_current_resource
-    if ::File.exist?(new_resource.path)
-      resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
-      begin
-        key, key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.path), nil, new_resource.path)
-        if key
-          @current_public_key = key
-          resource.format key_format[:format]
-        end
-      rescue
-        # If there is an error reading we assume format and such is broken
-      end
-
-      @current_resource = resource
-    else
-      not_found_resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
-      not_found_resource.action :delete
-      @current_resource = not_found_resource
-    end
-  end
-end
+require 'chef/provider/lwrp_base'
+require 'openssl'
+require 'cheffish/key_formatter'
+
+class Chef
+  class Provider
+    class PublicKey < Chef::Provider::LWRPBase
+      provides :public_key
+
+      action :create do
+        if !new_source_key
+          raise "No source key specified"
+        end
+        desired_output = encode_public_key(new_source_key)
+        if Array(current_resource.action) == [ :delete ] || desired_output != IO.read(new_resource.path)
+          converge_by "write #{new_resource.format} public key #{new_resource.path} from #{new_source_key_publicity} key #{new_resource.source_key_path}" do
+            IO.write(new_resource.path, desired_output)
+            # TODO permissions on file?
+          end
+        end
+      end
+
+      action :delete do
+        if Array(current_resource.action) == [ :create ]
+          converge_by "delete public key #{new_resource.path}" do
+            ::File.unlink(new_resource.path)
+          end
+        end
+      end
+
+      def whyrun_supported?
+        true
+      end
+
+      def encode_public_key(key)
+        key_format = {}
+        key_format[:format] = new_resource.format if new_resource.format
+        Cheffish::KeyFormatter.encode(key, key_format)
+      end
+
+      attr_reader :current_public_key
+      attr_reader :new_source_key_publicity
+
+      def new_source_key
+        @new_source_key ||= begin
+          if new_resource.source_key.is_a?(String)
+            source_key, source_key_format = Cheffish::KeyFormatter.decode(new_resource.source_key, new_resource.source_key_pass_phrase)
+          elsif new_resource.source_key
+            source_key = new_resource.source_key
+          elsif new_resource.source_key_path
+            source_key, source_key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.source_key_path), new_resource.source_key_pass_phrase, new_resource.source_key_path)
+          else
+            return nil
+          end
+
+          if source_key.private?
+            @new_source_key_publicity = 'private'
+            source_key.public_key
+          else
+            @new_source_key_publicity = 'public'
+            source_key
+          end
+        end
+      end
+
+      def load_current_resource
+        if ::File.exist?(new_resource.path)
+          resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
+          begin
+            key, key_format = Cheffish::KeyFormatter.decode(IO.read(new_resource.path), nil, new_resource.path)
+            if key
+              @current_public_key = key
+              resource.format key_format[:format]
+            end
+          rescue
+            # If there is an error reading we assume format and such is broken
+          end
+
+          @current_resource = resource
+        else
+          not_found_resource = Chef::Resource::PublicKey.new(new_resource.path, run_context)
+          not_found_resource.action :delete
+          @current_resource = not_found_resource
+        end
+      end
+    end
+  end
+end

data/lib/chef/resource/chef_acl.rb

@@ -1,65 +1,69 @@
-require 'cheffish'
-require 'chef/resource/lwrp_base'
-
-class Chef::Resource::ChefAcl < Chef::Resource::LWRPBase
-  self.resource_name = 'chef_acl'
-
-  actions :create, :nothing
-  default_action :create
-
-  def initialize(*args)
-    super
-    chef_server run_context.cheffish.current_chef_server
-  end
-
-  # Path of the thing being secured, e.g. nodes, nodes/*, nodes/mynode,
-  # */*, **, roles/base, data/secrets, cookbooks/apache2, /users/*,
-  # /organizations/foo/nodes/x
-  attribute :path, :kind_of => String, :name_attribute => true
-
-  # Whether to change things recursively.  true means it will descend all children
-  # and make the same modifications to them.  :on_change will only descend if
-  # the parent has changed.  :on_change is the default.
-  attribute :recursive, :equal_to => [ true, false, :on_change ], :default => :on_change
-
-  # Specifies that this is a complete specification for the acl (i.e. rights
-  # you don't specify will be reset to their defaults)
-  attribute :complete, :kind_of => [TrueClass, FalseClass]
-
-  attribute :raw_json, :kind_of => Hash
-  attribute :chef_server, :kind_of => Hash
-
-  # rights :read, :users => 'jkeiser', :groups => [ 'admins', 'users' ]
-  # rights [ :create, :read ], :users => [ 'jkeiser', 'adam' ]
-  # rights :all, :users => 'jkeiser'
-  def rights(*values)
-    if values.size == 0
-      @rights
-    else
-      args = values.pop
-      args[:permissions] ||= []
-      values.each do |value|
-        args[:permissions] |= Array(value)
-      end
-      @rights ||= []
-      @rights << args
-    end
-  end
-
-  # remove_rights :read, :users => 'jkeiser', :groups => [ 'admins', 'users' ]
-  # remove_rights [ :create, :read ], :users => [ 'jkeiser', 'adam' ]
-  # remove_rights :all, :users => [ 'jkeiser', 'adam' ]
-  def remove_rights(*values)
-    if values.size == 0
-      @remove_rights
-    else
-      args = values.pop
-      args[:permissions] ||= []
-      values.each do |value|
-        args[:permissions] |= Array(value)
-      end
-      @remove_rights ||= []
-      @remove_rights << args
-    end
-  end
-end
+require 'cheffish'
+require 'chef/resource/lwrp_base'
+
+class Chef
+  class Resource
+    class ChefAcl < Chef::Resource::LWRPBase
+      self.resource_name = 'chef_acl'
+
+      actions :create, :nothing
+      default_action :create
+
+      def initialize(*args)
+        super
+        chef_server run_context.cheffish.current_chef_server
+      end
+
+      # Path of the thing being secured, e.g. nodes, nodes/*, nodes/mynode,
+      # */*, **, roles/base, data/secrets, cookbooks/apache2, /users/*,
+      # /organizations/foo/nodes/x
+      attribute :path, :kind_of => String, :name_attribute => true
+
+      # Whether to change things recursively.  true means it will descend all children
+      # and make the same modifications to them.  :on_change will only descend if
+      # the parent has changed.  :on_change is the default.
+      attribute :recursive, :equal_to => [ true, false, :on_change ], :default => :on_change
+
+      # Specifies that this is a complete specification for the acl (i.e. rights
+      # you don't specify will be reset to their defaults)
+      attribute :complete, :kind_of => [TrueClass, FalseClass]
+
+      attribute :raw_json, :kind_of => Hash
+      attribute :chef_server, :kind_of => Hash
+
+      # rights :read, :users => 'jkeiser', :groups => [ 'admins', 'users' ]
+      # rights [ :create, :read ], :users => [ 'jkeiser', 'adam' ]
+      # rights :all, :users => 'jkeiser'
+      def rights(*values)
+        if values.size == 0
+          @rights
+        else
+          args = values.pop
+          args[:permissions] ||= []
+          values.each do |value|
+            args[:permissions] |= Array(value)
+          end
+          @rights ||= []
+          @rights << args
+        end
+      end
+
+      # remove_rights :read, :users => 'jkeiser', :groups => [ 'admins', 'users' ]
+      # remove_rights [ :create, :read ], :users => [ 'jkeiser', 'adam' ]
+      # remove_rights :all, :users => [ 'jkeiser', 'adam' ]
+      def remove_rights(*values)
+        if values.size == 0
+          @remove_rights
+        else
+          args = values.pop
+          args[:permissions] ||= []
+          values.each do |value|
+            args[:permissions] |= Array(value)
+          end
+          @remove_rights ||= []
+          @remove_rights << args
+        end
+      end
+    end
+  end
+end

data/lib/chef/resource/chef_client.rb

@@ -1,44 +1,48 @@
-require 'cheffish'
-require 'chef/resource/lwrp_base'
-
-class Chef::Resource::ChefClient < Chef::Resource::LWRPBase
-  self.resource_name = 'chef_client'
-
-  actions :create, :delete, :regenerate_keys, :nothing
-  default_action :create
-
-  def initialize(*args)
-    super
-    chef_server run_context.cheffish.current_chef_server
-  end
-
-  # Client attributes
-  attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
-  attribute :admin, :kind_of => [TrueClass, FalseClass]
-  attribute :validator, :kind_of => [TrueClass, FalseClass]
-
-  # Input key
-  attribute :source_key # String or OpenSSL::PKey::*
-  attribute :source_key_path, :kind_of => String
-  attribute :source_key_pass_phrase
-
-  # Output public key (if so desired)
-  attribute :output_key_path, :kind_of => String
-  attribute :output_key_format, :kind_of => Symbol, :default => :openssh, :equal_to => [ :pem, :der, :openssh ]
-
-  # If this is set, client is not patchy
-  attribute :complete, :kind_of => [TrueClass, FalseClass]
-
-  attribute :raw_json, :kind_of => Hash
-  attribute :chef_server, :kind_of => Hash
-
-  # Proc that runs just before the resource executes.  Called with (resource)
-  def before(&block)
-    block ? @before = block : @before
-  end
-
-  # Proc that runs after the resource completes.  Called with (resource, json, private_key, public_key)
-  def after(&block)
-    block ? @after = block : @after
-  end
-end
+require 'cheffish'
+require 'chef/resource/lwrp_base'
+
+class Chef
+  class Resource
+    class ChefClient < Chef::Resource::LWRPBase
+      self.resource_name = 'chef_client'
+
+      actions :create, :delete, :regenerate_keys, :nothing
+      default_action :create
+
+      def initialize(*args)
+        super
+        chef_server run_context.cheffish.current_chef_server
+      end
+
+      # Client attributes
+      attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
+      attribute :admin, :kind_of => [TrueClass, FalseClass]
+      attribute :validator, :kind_of => [TrueClass, FalseClass]
+
+      # Input key
+      attribute :source_key # String or OpenSSL::PKey::*
+      attribute :source_key_path, :kind_of => String
+      attribute :source_key_pass_phrase
+
+      # Output public key (if so desired)
+      attribute :output_key_path, :kind_of => String
+      attribute :output_key_format, :kind_of => Symbol, :default => :openssh, :equal_to => [ :pem, :der, :openssh ]
+
+      # If this is set, client is not patchy
+      attribute :complete, :kind_of => [TrueClass, FalseClass]
+
+      attribute :raw_json, :kind_of => Hash
+      attribute :chef_server, :kind_of => Hash
+
+      # Proc that runs just before the resource executes.  Called with (resource)
+      def before(&block)
+        block ? @before = block : @before
+      end
+
+      # Proc that runs after the resource completes.  Called with (resource, json, private_key, public_key)
+      def after(&block)
+        block ? @after = block : @after
+      end
+    end
+  end
+end

data/lib/chef/resource/chef_container.rb

@@ -1,18 +1,22 @@
-require 'cheffish'
-require 'chef/resource/lwrp_base'
-
-class Chef::Resource::ChefContainer < Chef::Resource::LWRPBase
-  self.resource_name = 'chef_container'
-
-  actions :create, :delete, :nothing
-  default_action :create
-
-  # Grab environment from with_environment
-  def initialize(*args)
-    super
-    chef_server run_context.cheffish.current_chef_server
-  end
-
-  attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
-  attribute :chef_server, :kind_of => Hash
-end
+require 'cheffish'
+require 'chef/resource/lwrp_base'
+
+class Chef
+  class Resource
+    class ChefContainer < Chef::Resource::LWRPBase
+      self.resource_name = 'chef_container'
+
+      actions :create, :delete, :nothing
+      default_action :create
+
+      # Grab environment from with_environment
+      def initialize(*args)
+        super
+        chef_server run_context.cheffish.current_chef_server
+      end
+
+      attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
+      attribute :chef_server, :kind_of => Hash
+    end
+  end
+end

data/lib/chef/resource/chef_data_bag.rb

@@ -1,18 +1,22 @@
-require 'cheffish'
-require 'chef/resource/lwrp_base'
-
-class Chef::Resource::ChefDataBag < Chef::Resource::LWRPBase
-  self.resource_name = 'chef_data_bag'
-
-  actions :create, :delete, :nothing
-  default_action :create
-
-  def initialize(*args)
-    super
-    chef_server run_context.cheffish.current_chef_server
-  end
-
-  attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
-
-  attribute :chef_server, :kind_of => Hash
-end
+require 'cheffish'
+require 'chef/resource/lwrp_base'
+
+class Chef
+  class Resource
+    class ChefDataBag < Chef::Resource::LWRPBase
+      self.resource_name = 'chef_data_bag'
+
+      actions :create, :delete, :nothing
+      default_action :create
+
+      def initialize(*args)
+        super
+        chef_server run_context.cheffish.current_chef_server
+      end
+
+      attribute :name, :kind_of => String, :regex => Cheffish::NAME_REGEX, :name_attribute => true
+
+      attribute :chef_server, :kind_of => Hash
+    end
+  end
+end