knife-azure 1.9.0 → 2.0.1

data/lib/chef/knife/azurerm_server_delete.rb

@@ -2,7 +2,7 @@
 # Author:: Barry Davis (barryd@jetstreamsoftware.com)
 # Author:: Adam Jacob (<adam@chef.io>)
 # Author:: Seth Chisamore (<schisamo@chef.io>)
-# Copyright:: Copyright 2009-2018, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -33,22 +33,22 @@ class Chef
       banner "knife azurerm server delete SERVER [SERVER] (options)"
 
       option :purge,
-        :short => "-P",
-        :long => "--purge",
-        :boolean => true,
-        :default => false,
-        :description => "Destroy corresponding node and client on the Chef Server, in addition to destroying the Windows Azure node itself.  Assumes node and client have the same name as the server (if not, add the '--node-name' option)."
+        short: "-P",
+        long: "--purge",
+        boolean: true,
+        default: false,
+        description: "Destroy corresponding node and client on the Chef Server, in addition to destroying the Windows Azure node itself.  Assumes node and client have the same name as the server (if not, add the '--node-name' option)."
 
       option :chef_node_name,
-        :short => "-N NAME",
-        :long => "--node-name NAME",
-        :description => "The name of the node and client to delete, if it differs from the server name. Only has meaning when used with the '--purge' option."
+        short: "-N NAME",
+        long: "--node-name NAME",
+        description: "The name of the node and client to delete, if it differs from the server name. Only has meaning when used with the '--purge' option."
 
       option :delete_resource_group,
-        :long => "--delete-resource-group",
-        :boolean => true,
-        :default => false,
-        :description => "Deletes corresponding resource group along with Vitual Machine."
+        long: "--delete-resource-group",
+        boolean: true,
+        default: false,
+        description: "Deletes corresponding resource group along with Vitual Machine."
 
       # Extracted from Chef::Knife.delete_object, because it has a
       # confirmation step built in... By specifying the '--purge'

data/lib/chef/knife/azurerm_server_list.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Adam Jacob (<adam@chef.io>)
-# Copyright:: Copyright 2009-2018, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");

data/lib/chef/knife/azurerm_server_show.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Meera Navale (meera.navale@msystechnologies.com)
-# Copyright:: Copyright 2010-2018, Chef Software Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");

data/lib/chef/knife/bootstrap/bootstrapper.rb

@@ -1,7 +1,6 @@
 #
 # Author:: Aliasgar Batterywala (aliasgar.batterywala@clogeny.com)
-#
-# Copyright:: Copyright 2016-2018 Chef Software, Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -22,209 +21,6 @@ class Chef
     class Bootstrap
       module Bootstrapper
 
-        def load_winrm_deps
-          require "winrm"
-          require "chef/knife/winrm"
-          require "chef/knife/bootstrap_windows_winrm"
-        end
-
-        def default_bootstrap_template
-          is_image_windows? ? "windows-chef-client-msi" : "chef-full"
-        end
-
-        def tcp_test_ssh(fqdn, sshport)
-          tcp_socket = TCPSocket.new(fqdn, sshport)
-          readable = IO.select([tcp_socket], nil, nil, 5)
-          if readable
-            Chef::Log.debug("sshd accepting connections on #{fqdn}, banner is #{tcp_socket.gets}")
-            yield
-            true
-          else
-            false
-          end
-        rescue SocketError
-          sleep 2
-          false
-        rescue Errno::ETIMEDOUT
-          false
-        rescue Errno::EPERM
-          false
-        rescue Errno::ECONNREFUSED
-          sleep 2
-          false
-        rescue Errno::EHOSTUNREACH
-          sleep 2
-          false
-        ensure
-          tcp_socket && tcp_socket.close
-        end
-
-        def tcp_test_winrm(ip_addr, port)
-          hostname = ip_addr
-          socket = TCPSocket.new(hostname, port)
-          true
-        rescue SocketError
-          sleep 2
-          false
-        rescue Errno::ETIMEDOUT
-          false
-        rescue Errno::EPERM
-          false
-        rescue Errno::ECONNREFUSED
-          sleep 2
-          false
-        rescue Errno::EHOSTUNREACH
-          sleep 2
-          false
-        rescue Errno::ENETUNREACH
-          sleep 2
-          false
-        end
-
-        def bootstrap_exec(server)
-          fqdn = server.publicipaddress
-
-          if is_image_windows?
-            if locate_config_value(:bootstrap_protocol) == "ssh"
-              port = server.sshport
-              print "#{ui.color("Waiting for sshd on #{fqdn}:#{port}", :magenta)}"
-
-              print(".") until tcp_test_ssh(fqdn, port) do
-                sleep @initial_sleep_delay ||= 10
-                puts("done")
-              end
-
-            elsif locate_config_value(:bootstrap_protocol) == "winrm"
-              port = server.winrmport
-
-              print "#{ui.color("Waiting for winrm on #{fqdn}:#{port}", :magenta)}"
-
-              print(".") until tcp_test_winrm(fqdn, port) do
-                sleep @initial_sleep_delay ||= 10
-                puts("done")
-              end
-            end
-
-            puts("\n")
-            bootstrap_for_windows_node(server, fqdn, port).run
-          else
-            unless server && server.publicipaddress && server.sshport
-              Chef::Log.fatal("server not created")
-              exit 1
-            end
-
-            port = server.sshport
-
-            print ui.color("Waiting for sshd on #{fqdn}:#{port}", :magenta)
-
-            print(".") until tcp_test_ssh(fqdn, port) do
-              sleep @initial_sleep_delay ||= 10
-              puts("done")
-            end
-
-            puts("\n")
-            bootstrap_for_node(server, fqdn, port).run
-          end
-
-          msg_server_summary(server)
-        end
-
-        def load_cloud_attributes_in_hints(server)
-          # Modify global configuration state to ensure hint gets set by knife-bootstrap
-          # Query azure and load necessary attributes.
-          cloud_attributes = {}
-          cloud_attributes["public_ip"] = server.publicipaddress
-          cloud_attributes["vm_name"] = server.name
-          cloud_attributes["public_fqdn"] = server.hostedservicename.to_s + ".cloudapp.net"
-          cloud_attributes["public_ssh_port"] = server.sshport if server.sshport
-          cloud_attributes["public_winrm_port"] = server.winrmport if server.winrmport
-
-          Chef::Config[:knife][:hints] ||= {}
-          Chef::Config[:knife][:hints]["azure"] ||= cloud_attributes
-        end
-
-        def bootstrap_common_params(bootstrap, server)
-          bootstrap.config[:run_list] = locate_config_value(:run_list)
-          bootstrap.config[:prerelease] = locate_config_value(:prerelease)
-          bootstrap.config[:first_boot_attributes] = locate_config_value(:json_attributes) || {}
-          bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
-          bootstrap.config[:distro] = locate_config_value(:distro) || default_bootstrap_template
-          # setting bootstrap_template value to template_file for backward
-          bootstrap.config[:template_file] = locate_config_value(:template_file) || locate_config_value(:bootstrap_template)
-          bootstrap.config[:node_ssl_verify_mode] = locate_config_value(:node_ssl_verify_mode)
-          bootstrap.config[:node_verify_api_cert] = locate_config_value(:node_verify_api_cert)
-          bootstrap.config[:bootstrap_no_proxy] = locate_config_value(:bootstrap_no_proxy)
-          bootstrap.config[:bootstrap_url] = locate_config_value(:bootstrap_url)
-          bootstrap.config[:bootstrap_vault_file] = locate_config_value(:bootstrap_vault_file)
-          bootstrap.config[:bootstrap_vault_json] = locate_config_value(:bootstrap_vault_json)
-          bootstrap.config[:bootstrap_vault_item] = locate_config_value(:bootstrap_vault_item)
-
-          load_cloud_attributes_in_hints(server)
-          bootstrap
-        end
-
-        def bootstrap_for_windows_node(server, fqdn, port)
-          if locate_config_value(:bootstrap_protocol) == "winrm"
-
-            load_winrm_deps
-            if not Chef::Platform.windows?
-              require "gssapi"
-            end
-
-            bootstrap = Chef::Knife::BootstrapWindowsWinrm.new
-
-            bootstrap.config[:winrm_user] = locate_config_value(:winrm_user) || "Administrator"
-            bootstrap.config[:winrm_password] = locate_config_value(:winrm_password)
-            bootstrap.config[:winrm_transport] = locate_config_value(:winrm_transport)
-            bootstrap.config[:winrm_authentication_protocol] = locate_config_value(:winrm_authentication_protocol)
-            bootstrap.config[:winrm_port] = port
-            bootstrap.config[:auth_timeout] = locate_config_value(:auth_timeout)
-            # Todo: we should skip cert generate in case when winrm_ssl_verify_mode=verify_none
-            bootstrap.config[:winrm_ssl_verify_mode] = locate_config_value(:winrm_ssl_verify_mode)
-          elsif locate_config_value(:bootstrap_protocol) == "ssh"
-            bootstrap = Chef::Knife::BootstrapWindowsSsh.new
-            bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
-            bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
-            bootstrap.config[:forward_agent] = locate_config_value(:forward_agent)
-            bootstrap.config[:ssh_port] = port
-            bootstrap.config[:identity_file] = locate_config_value(:identity_file)
-            bootstrap.config[:host_key_verify] = locate_config_value(:host_key_verify)
-          else
-            ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
-            exit 1
-          end
-          bootstrap.name_args = [fqdn]
-          bootstrap.config[:chef_node_name] = config[:chef_node_name] || server.name
-          bootstrap.config[:encrypted_data_bag_secret] = locate_config_value(:encrypted_data_bag_secret)
-          bootstrap.config[:encrypted_data_bag_secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
-          bootstrap.config[:msi_url] = locate_config_value(:msi_url)
-          bootstrap.config[:install_as_service] = locate_config_value(:install_as_service)
-          bootstrap_common_params(bootstrap, server)
-        end
-
-        def bootstrap_for_node(server, fqdn, port)
-          bootstrap = Chef::Knife::Bootstrap.new
-          bootstrap.name_args = [fqdn]
-          bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
-          bootstrap.config[:ssh_password] = locate_config_value(:ssh_password)
-          bootstrap.config[:ssh_port] = port
-          bootstrap.config[:identity_file] = locate_config_value(:identity_file)
-          bootstrap.config[:chef_node_name] = locate_config_value(:chef_node_name) || server.name
-          bootstrap.config[:use_sudo] = true unless locate_config_value(:ssh_user) == "root"
-          bootstrap.config[:use_sudo_password] = true if bootstrap.config[:use_sudo]
-          bootstrap.config[:environment] = locate_config_value(:environment)
-          # may be needed for vpc_mode
-          bootstrap.config[:host_key_verify] = config[:host_key_verify]
-          Chef::Config[:knife][:secret] = config[:encrypted_data_bag_secret] if config[:encrypted_data_bag_secret]
-          Chef::Config[:knife][:secret_file] = config[:encrypted_data_bag_secret_file] if config[:encrypted_data_bag_secret_file]
-          bootstrap.config[:secret] = locate_config_value(:encrypted_data_bag_secret)
-          bootstrap.config[:secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
-          bootstrap.config[:bootstrap_install_command] = locate_config_value(:bootstrap_install_command)
-          bootstrap.config[:bootstrap_wget_options] = locate_config_value(:bootstrap_wget_options)
-          bootstrap.config[:bootstrap_curl_options] = locate_config_value(:bootstrap_curl_options)
-          bootstrap_common_params(bootstrap, server)
-        end
-
         def get_chef_extension_name
           is_image_windows? ? "ChefClient" : "LinuxChefClient"
         end
@@ -233,18 +29,26 @@ class Chef
           "Chef.Bootstrap.WindowsAzure"
         end
 
+        def default_hint_options
+          %w{
+            vm_name
+            public_fqdn
+            platform
+          }
+        end
+
         # get latest version
         def get_chef_extension_version(chef_extension_name = nil)
           if locate_config_value(:azure_chef_extension_version)
             Chef::Config[:knife][:azure_chef_extension_version]
           else
-            chef_extension_name = chef_extension_name.nil? ? get_chef_extension_name : chef_extension_name
+            chef_extension_name ||= get_chef_extension_name
             if @service.instance_of? Azure::ResourceManagement::ARMInterface
-              service.get_latest_chef_extension_version({
-                :azure_service_location => locate_config_value(:azure_service_location),
-                :chef_extension_publisher => get_chef_extension_publisher,
-                :chef_extension => chef_extension_name
-              })
+              service.get_latest_chef_extension_version(
+                azure_service_location: locate_config_value(:azure_service_location),
+                chef_extension_publisher: get_chef_extension_publisher,
+                chef_extension: chef_extension_name
+              )
             elsif @service.instance_of? Azure::ServiceManagement::ASMInterface
               extensions = service.get_extension(chef_extension_name, get_chef_extension_publisher)
               extensions.css("Version").max.text.split(".").first + ".*"
@@ -252,28 +56,17 @@ class Chef
           end
         end
 
-        def default_hint_options
-          %w{
-            vm_name
-            public_fqdn
-            platform
-          }
-        end
-
         def ohai_hints
           hint_values = locate_config_value(:ohai_hints)
-
-          if hint_values.casecmp("default").zero?
-            hints = default_hint_options
+          if hint_values.casecmp("default") == 0
+            default_hint_options
           else
-            hints = hint_values.split(",")
+            hint_values.split(",")
           end
-
-          hints
         end
 
         def get_chef_extension_public_params
-          pub_config = Hash.new
+          pub_config = {}
           if locate_config_value(:azure_extension_client_config)
             pub_config[:client_rb] = File.read(File.expand_path(locate_config_value(:azure_extension_client_config)))
           else
@@ -306,30 +99,32 @@ class Chef
           cli_secret_file = config[:encrypted_data_bag_secret_file]
           cli_secret = config[:encrypted_data_bag_secret]
 
-          #The value set in knife.rb gets set in config object too
-          #That's why setting cli objects to nil if the values are specified in knife.rb
+          # The value set in knife.rb gets set in config object too
+          # That's why setting cli objects to nil if the values are specified in knife.rb
           cli_secret_file = nil if cli_secret_file == knife_secret_file
           cli_secret = nil if cli_secret == knife_secret
 
-          cli_secret_file = Chef::EncryptedDataBagItem.load_secret(cli_secret_file) if !cli_secret_file.nil?
-          knife_secret_file = Chef::EncryptedDataBagItem.load_secret(knife_secret_file) if !knife_secret_file.nil?
+          cli_secret_file = Chef::EncryptedDataBagItem.load_secret(cli_secret_file) unless cli_secret_file.nil?
+          knife_secret_file = Chef::EncryptedDataBagItem.load_secret(knife_secret_file) unless knife_secret_file.nil?
 
           cli_secret_file || cli_secret || knife_secret_file || knife_secret
         end
 
         def create_node_and_client_pem
-          client_builder = Chef::Knife::Bootstrap::ClientBuilder.new(
-            chef_config: Chef::Config,
-            knife_config: config,
-            ui: ui
-          )
+          client_builder ||= begin
+            require "chef/knife/bootstrap/client_builder"
+            Chef::Knife::Bootstrap::ClientBuilder.new(
+              chef_config: Chef::Config,
+              knife_config: config,
+              ui: ui
+            )
+          end
           client_builder.run
           client_builder.client_path
         end
 
         def get_chef_extension_private_params
-          pri_config = Hash.new
-
+          pri_config = {}
           # validator less bootstrap support for bootstrap protocol cloud-api
           if Chef::Config[:validation_key] && File.exist?(File.expand_path(Chef::Config[:validation_key]))
             pri_config[:validation_key] = File.read(File.expand_path(Chef::Config[:validation_key]))
@@ -340,7 +135,7 @@ class Chef
             end
             if config[:server_count].to_i > 1
               node_name = config[:chef_node_name]
-              0.upto (config[:server_count].to_i - 1) do |count|
+              0.upto(config[:server_count].to_i - 1) do |count|
                 config[:chef_node_name] = node_name + count.to_s
                 key_path = create_node_and_client_pem
                 pri_config[("client_pem" + count.to_s).to_sym] = File.read(key_path)
@@ -372,6 +167,7 @@ class Chef
 
           pri_config
         end
+
       end
     end
   end

data/lib/chef/knife/bootstrap/common_bootstrap_options.rb

@@ -1,7 +1,6 @@
 #
 # Author:: Aliasgar Batterywala (aliasgar.batterywala@clogeny.com)
-#
-# Copyright:: Copyright 2016-2018 Chef Software, Inc.
+# Copyright:: Copyright 2010-2019, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,9 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-#
-# Bootstrap options listed here are supported only for cloud-api protocol ARM mode.
-#
 
 class Chef
   class Knife
@@ -33,84 +29,89 @@ class Chef
               Chef::Knife::Bootstrap.load_deps
             end
 
-            option :chef_node_name,
-              :short => "-N NAME",
-              :long => "--node-name NAME",
-              :description => "The Chef node name for your new node"
-
-            option :bootstrap_version,
-              :long => "--bootstrap-version VERSION",
-              :description => "The version of Chef to install",
-              :proc => Proc.new { |v| Chef::Config[:knife][:bootstrap_version] = v }
-
-            option :run_list,
-              :short => "-r RUN_LIST",
-              :long => "--run-list RUN_LIST",
-              :description => "Comma separated list of roles/recipes to apply",
-              :proc => lambda { |o| o.split(/[\s,]+/) },
-              :default => []
-
-            option :json_attributes,
-              :short => "-j JSON",
-              :long => "--json-attributes JSON",
-              :description => "A JSON string to be added to the first run of chef-client",
-              :proc => lambda { |o| JSON.parse(o) }
-
-            option :bootstrap_proxy,
-              :long => "--bootstrap-proxy PROXY_URL",
-              :description => "The proxy server for the node being bootstrapped",
-              :proc => Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
-
-            option :cert_path,
-              :long => "--cert-path PATH",
-              :description => "SSL Certificate Path"
-
-            option :node_ssl_verify_mode,
-              :long        => "--node-ssl-verify-mode [peer|none]",
-              :description => "Whether or not to verify the SSL cert for all HTTPS requests.",
-              :proc        => Proc.new { |v|
-                valid_values = %w{none peer}
-                unless valid_values.include?(v)
-                  raise "Invalid value '#{v}' for --node-ssl-verify-mode. Valid values are: #{valid_values.join(", ")}"
-                end
-              }
-
-            option :node_verify_api_cert,
-              :long        => "--[no-]node-verify-api-cert",
-              :description => "Verify the SSL cert for HTTPS requests to the Chef server API.",
-              :boolean     => true
+            option :azure_availability_set,
+              long: "--azure-availability-set NAME",
+              description: "Optional. Name of availability set to add virtual machine into."
 
             option :azure_extension_client_config,
-              :long => "--azure-extension-client-config CLIENT_PATH",
-              :description => "Optional. Path to a client.rb file for use by the bootstrapped node."
-
-            option :encrypted_data_bag_secret,
-              :short => "-s SECRET",
-              :long  => "--secret ",
-              :description => "The secret key to use to encrypt data bag item values.  Can also be defaulted in your config with the key 'secret'"
+              long: "--azure-extension-client-config CLIENT_PATH",
+              description: "Optional. Path to a client.rb file for use by the bootstrapped node."
+
+            option :azure_os_disk_name,
+              short: "-o DISKNAME",
+              long: "--azure-os-disk-name DISKNAME",
+              description: "Optional. Specifies the friendly name of the disk containing the guest OS image in the image repository."
+
+            option :azure_service_location,
+              short: "-m LOCATION",
+              long: "--azure-service-location LOCATION",
+              description: "Required if not using an Affinity Group. Specifies the geographic location - the name of the data center location that is valid for your subscription.
+                            Eg: West US, East US, East Asia, Southeast Asia, North Europe, West Europe",
+              proc: Proc.new { |lo| Chef::Config[:knife][:azure_service_location] = lo }
+
+            option :azure_storage_account,
+              short: "-a NAME",
+              long: "--azure-storage-account NAME",
+              description: "Required for advanced server-create option.
+                            A name for the storage account that is unique within Windows Azure. Storage account names must be
+                            between 3 and 24 characters in length and use numbers and lower-case letters only.
+                            This name is the DNS prefix name and can be used to access blobs, queues, and tables in the storage account.
+                            For example: http://ServiceName.blob.core.windows.net/mycontainer/"
+
+            option :azure_vm_name,
+              long: "--azure-vm-name NAME",
+              description: "Required. Specifies the name for the virtual machine.
+                            The name must be unique within the ResourceGroup.
+                            The azure vm name cannot be more than 15 characters long"
+
+            option :azure_vm_size,
+              short: "-z SIZE",
+              long: "--azure-vm-size SIZE",
+              description: "Optional. Size of virtual machine. Default is Standard_A1_v2.
+                            Eg: Standard_A1_v2, Standard_F2, Standard_G1 etc.",
+              default: "Standard_A1_v2",
+              proc: Proc.new { |si| Chef::Config[:knife][:azure_vm_size] = si }
+
+            deprecated_option :bootstrap_protocol,
+              replacement: :connection_protocol,
+              long: "--bootstrap-protocol PROTOCOL"
+
+            option :cert_passphrase,
+              long: "--cert-passphrase PASSWORD",
+              description: "SSL Certificate Password"
 
-            option :encrypted_data_bag_secret_file,
-              :long => "--secret-file SECRET_FILE",
-              :description => "A file containing the secret key to use to encrypt data bag item values.  Can also be defaulted in your config with the key 'secret_file'"
-
-            option :extended_logs,
-              :long => "--extended-logs",
-              :boolean => true,
-              :default => false,
-              :description => "Optional. It shows chef convergence logs in detail."
+            option :cert_path,
+              long: "--cert-path PATH",
+              description: "SSL Certificate Path"
 
             option :chef_daemon_interval,
-              :long => "--chef-daemon-interval INTERVAL",
-              :description => "Optional. It specifies the frequency (in minutes) at which the chef-service runs.
-                                Pass 0 if you don't want the chef-service to be installed on the target machine."
+              long: "--chef-daemon-interval INTERVAL",
+              description: "Optional. Provide this option when --connection-protocol is set to 'cloud-api'.
+                            It specifies the frequency (in minutes) at which the chef-service runs.
+                            Pass 0 if you don't want the chef-service to be installed on the target machine."
 
             option :daemon,
-              :long => "--daemon DAEMON",
-              :description => "Optional. Configures the chef-client service for unattended execution. Requires --bootstrap-protocol to be 'cloud-api' and the node platform to be Windows.
-                                Options: 'none' or 'service' or 'task'.
-                                none - Currently prevents the chef-client service from being configured as a service.
-                                service - Configures the chef-client to run automatically in the background as a service.
-                                task - Configures the chef-client to run automatically in the background as a scheduled task."
+              long: "--daemon DAEMON",
+              description: "Optional. Configures the chef-client service for unattended execution. Requires --connection-protocol to be 'cloud-api' and the node platform to be Windows.
+                            Options: 'none' or 'service' or 'task'.
+                            none - Currently prevents the chef-client service from being configured as a service.
+                            service - Configures the chef-client to run automatically in the background as a service.
+                            task - Configures the chef-client to run automatically in the background as a scheduled task."
+
+            option :extended_logs,
+              long: "--extended-logs",
+              boolean: true,
+              default: false,
+              description: "Optional. Provide this option when --connection-protocol is set to 'cloud-api'. It shows chef converge logs in detail."
+
+            option :tcp_endpoints,
+              short: "-t PORT_LIST",
+              long: "--tcp-endpoints PORT_LIST",
+              description: "Comma-separated list of TCP local and public ports to open e.g. '80:80,433:5000'"
+
+            option :thumbprint,
+              long: "--thumbprint THUMBPRINT",
+              description: "The thumprint of the ssl certificate"
           end
         end
       end