knife-crypt 0.0.2 → 0.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 91e0e2e5cc933ecd3ebd7aeb056ac5ff9bd2967c
+  data.tar.gz: 60cd25e0f6b9ffacfcc120a7595115f669ea570e
+SHA512:
+  metadata.gz: a4d9585c880207c52f1c3254266b2610ac27d03558f6be8d21a6897eb76a0eb26ca3e4b6e547c3fe431ee134b8475606ea10915a63603d9d1f6a6cd6f935f3b4
+  data.tar.gz: eb6c71e619c361d55a89ab1afef71c5b1e79b1b53c828607c684ae7680da86f9a92072339d20d1665443db8ffa5974bd68a0dcc81c25737f8ab4dbb4300e89a1

data/.gitignore

@@ -2,6 +2,7 @@
 *.rbc
 .bundle
 .config
+.ruby-gemset
 .yardoc
 Gemfile.lock
 InstalledFiles

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.1.1

data/.travis.yml

@@ -1,5 +1,10 @@
 language: ruby
 rvm:
+  - 2.1
   - 1.9.3
-  - 1.9.2
 bundler_args: --without development
+gemfile:
+  - gemfiles/chef_10_10.gemfile
+  - gemfiles/chef_10_32.gemfile
+  - gemfiles/chef_11.gemfile
+  - Gemfile

data/CHANGELOG.md

@@ -1,4 +1,9 @@
-# ActiveAttr 0.0.2 (June 19, 2012) #
+# knife-crypt 0.0.3 (May 15, 2014) #
+
+* Improve error handling
+* Add support for Chef 11 (Morgan Nelson)
+
+# knife-crypt 0.0.2 (June 19, 2012) #
 
 * Declare compatibility with Chef v10.12.0
 

data/features/decrypt.feature

@@ -10,9 +10,21 @@ Scenario: Command List
     knife decrypt DATA (options)
     """
 
+Scenario: Usage
+  When I run `knife decrypt`
+  Then the output should contain:
+    """
+    USAGE: knife decrypt DATA (options)
+    """
+  And the output should contain:
+    """
+    FATAL: You must specify data to decrypt
+    """
+  And the exit status should not be 0
+
 Scenario: Decrypting a String
   Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife decrypt e4ibEHAinGltDjYNQPV4rw==`
+  When I successfully run `knife decrypt -c .chef/knife.rb e4ibEHAinGltDjYNQPV4rw==`
   Then the stdout should contain exactly:
     """
     "foo"
@@ -21,7 +33,7 @@ Scenario: Decrypting a String
 
 Scenario: Decrypting an Array
   Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife decrypt 7wrizj9MAjmSVWWq69DUql0hNHFv7Hp/1tnQ/NJuD08=`
+  When I successfully run `knife decrypt -c .chef/knife.rb 7wrizj9MAjmSVWWq69DUql0hNHFv7Hp/1tnQ/NJuD08=`
   Then the stdout should contain exactly:
     """
     ["foo", "bar"]
@@ -30,7 +42,7 @@ Scenario: Decrypting an Array
 
 Scenario: Decrypting a Hash
   Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife decrypt nsXFeAANrmnBNu+QPfOHZFB5szSRA+Ezu94fmrJnNhk=`
+  When I successfully run `knife decrypt -c .chef/knife.rb nsXFeAANrmnBNu+QPfOHZFB5szSRA+Ezu94fmrJnNhk=`
   Then the stdout should contain exactly:
     """
     {"foo"=>{"bar"=>"baz"}}

data/features/encrypt.feature

@@ -10,29 +10,41 @@ Scenario: Command List
     knife encrypt DATA (options)
     """
 
-Scenario: Encrypting a String
-  Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife encrypt '"foo"'`
-  Then the stdout should contain exactly:
+Scenario: Usage
+  When I run `knife encrypt`
+  Then the output should contain:
     """
-    e4ibEHAinGltDjYNQPV4rw==
-
+    USAGE: knife encrypt DATA (options)
     """
+  And the output should contain:
+    """
+    FATAL: You must specify data to encrypt
+    """
+  And the exit status should not be 0
 
-Scenario: Encrypting an Array
+Scenario: Encrypting a String
   Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife encrypt '["foo", "bar"]'`
-  Then the stdout should contain exactly:
-    """
-    7wrizj9MAjmSVWWq69DUql0hNHFv7Hp/1tnQ/NJuD08=
+  When I successfully run `knife encrypt -c .chef/knife.rb '"foo"' '"3EnQL7IItwtknz5p7TVlTQ=="'`
+  Then the stdout should be one of:
+    |chef_version|encrypted_string                              |
+    |0.10.10     |e4ibEHAinGltDjYNQPV4rw==\n                    |
+    |10.32.2     |e4ibEHAinGltDjYNQPV4rw==\n                    |
+    |11.12.4     |9ZgVemCtbgVxJO8gmP7y8oXDUaYAYxQzkI5acgHm4Kw=\n|
 
-    """
+Scenario: Encrypting an Array
+  Given a knife configuration with en encrypted data bag secret "my secret"
+  When I successfully run `knife encrypt -c .chef/knife.rb '["foo", "bar"]' '"3EnQL7IItwtknz5p7TVlTQ=="'`
+  Then the stdout should be one of:
+    |chef_version|encrypted_string                              |
+    |0.10.10     |7wrizj9MAjmSVWWq69DUql0hNHFv7Hp/1tnQ/NJuD08=\n|
+    |10.32.2     |7wrizj9MAjmSVWWq69DUql0hNHFv7Hp/1tnQ/NJuD08=\n|
+    |11.12.4     |9ZgVemCtbgVxJO8gmP7y8uGwkFOaRPd0s74enPmPLhg=\n|
 
 Scenario: Encrypting a Hash
   Given a knife configuration with en encrypted data bag secret "my secret"
-  When I successfully run `knife encrypt '{"foo"=>{"bar"=>"baz"}}'`
-  Then the stdout should contain exactly:
-    """
-    nsXFeAANrmnBNu+QPfOHZFB5szSRA+Ezu94fmrJnNhk=
-
-    """
+  When I successfully run `knife encrypt -c .chef/knife.rb '{"foo"=>{"bar"=>"baz"}}' '"3EnQL7IItwtknz5p7TVlTQ=="'`
+  Then the stdout should be one of:
+    |chef_version|encrypted_string                              |
+    |0.10.10     |nsXFeAANrmnBNu+QPfOHZFB5szSRA+Ezu94fmrJnNhk=\n|
+    |10.32.2     |nsXFeAANrmnBNu+QPfOHZFB5szSRA+Ezu94fmrJnNhk=\n|
+    |11.12.4     |9ZgVemCtbgVxJO8gmP7y8qJWD5s+Mz808peVZbMfalYVzNylYukjQTf+h791\nOdSv\n|

data/features/step_definitions/knife_encryption_steps.rb

@@ -0,0 +1,11 @@
+Then(/^the stdout should be one of:$/) do |table|
+  latest_chef = "11.12.4"
+  # table is a Cucumber::Ast::Table
+  data = table.rows_hash
+  begin
+    puts "unknown Chef version, attempting #{latest_chef} encrypted string"
+    data[Chef::VERSION] = data[latest_chef]
+  end unless data[Chef::VERSION]
+
+  step("the stdout should contain exactly:", data[Chef::VERSION] ? data[Chef::VERSION] : data["11.12.4"])
+end

data/features/support/env.rb

@@ -1,2 +1,3 @@
 require "bundler/setup"
 require "aruba/cucumber"
+require "chef/version"

data/gemfiles/chef_10_10.gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gemspec :development_group => :test, :path => ".."
+
+gem "chef", "= 0.10.10"

data/gemfiles/chef_10_32.gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gemspec :development_group => :test, :path => ".."
+
+gem "chef", "= 10.32.2"

data/gemfiles/chef_11.gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gemspec :development_group => :test, :path => ".."
+
+gem "chef", "= 11.12.4"

data/knife-crypt.gemspec

@@ -15,7 +15,7 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = Knife::Crypt::VERSION
 
-  gem.add_runtime_dependency "chef", ">= 0.10.8", "< 11.0.0"
+  gem.add_runtime_dependency "chef", ">= 0.10.8", "< 12.0.0"
 
   gem.add_development_dependency "aruba", "~> 0.4.11"
   gem.add_development_dependency "bundler", "~> 1.0"

data/lib/chef/knife/decrypt.rb

@@ -6,9 +6,19 @@ class Chef
       banner "knife decrypt DATA (options)"
 
       def run
+        if @name_args.empty?
+          show_usage
+          ui.fatal "You must specify data to decrypt"
+          exit 1
+        end
+
         encrypted_value = @name_args[0]
         secret = Chef::EncryptedDataBagItem.load_secret
-        decrypted_value = Chef::EncryptedDataBagItem.decrypt_value encrypted_value, secret
+        decrypted_value = if Chef::EncryptedDataBagItem.methods.include?(:decrypt_value)
+                            Chef::EncryptedDataBagItem.decrypt_value encrypted_value, secret
+                          else
+                            Chef::EncryptedDataBagItem::Decryptor.for(encrypted_value, secret).for_decrypted_item
+                          end
         puts decrypted_value.inspect
       end
     end

data/lib/chef/knife/encrypt.rb

@@ -6,9 +6,20 @@ class Chef
       banner "knife encrypt DATA (options)"
 
       def run
+        if @name_args.empty?
+          show_usage
+          ui.fatal "You must specify data to encrypt"
+          exit 1
+        end
+
         decrypted_value = eval @name_args[0]
+        initialization_vector = @name_args[1]
         secret = Chef::EncryptedDataBagItem.load_secret
-        encrypted_value = Chef::EncryptedDataBagItem.encrypt_value decrypted_value, secret
+        encrypted_value = if Chef::EncryptedDataBagItem.methods.include? :encrypt_value
+                            Chef::EncryptedDataBagItem.encrypt_value(decrypted_value, secret)
+                          else
+                            Chef::EncryptedDataBagItem::Encryptor.new(decrypted_value, secret, initialization_vector).for_encrypted_item["encrypted_data"]
+                          end
         puts encrypted_value
       end
     end

data/lib/knife-crypt/version.rb

@@ -1,5 +1,5 @@
 module Knife
   module Crypt
-    VERSION = "0.0.2"
+    VERSION = "0.0.3"
   end
 end

metadata

@@ -1,100 +1,89 @@
 --- !ruby/object:Gem::Specification
 name: knife-crypt
 version: !ruby/object:Gem::Version
-  version: 0.0.2
-  prerelease: 
+  version: 0.0.3
 platform: ruby
 authors:
 - Chris Griego
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-06-19 00:00:00.000000000 Z
+date: 2014-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.10.8
-    - - <
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 11.0.0
+        version: 12.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 0.10.8
-    - - <
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 11.0.0
+        version: 12.0.0
 - !ruby/object:Gem::Dependency
   name: aruba
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.4.11
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.4.11
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
 description: Commands for Chef's Knife Command to Encrypt and Decrypt Data
@@ -104,9 +93,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rvmrc
-- .travis.yml
+- ".gitignore"
+- ".ruby-version"
+- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - Guardfile
@@ -117,43 +106,41 @@ files:
 - features/decrypt.feature
 - features/encrypt.feature
 - features/step_definitions/knife_config_steps.rb
+- features/step_definitions/knife_encryption_steps.rb
 - features/support/env.rb
+- gemfiles/chef_10_10.gemfile
+- gemfiles/chef_10_32.gemfile
+- gemfiles/chef_11.gemfile
 - knife-crypt.gemspec
 - lib/chef/knife/decrypt.rb
 - lib/chef/knife/encrypt.rb
 - lib/knife-crypt/version.rb
 homepage: https://github.com/cgriego/knife-crypt
 licenses: []
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: -1267211087425992544
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: -1267211087425992544
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.21
+rubygems_version: 2.2.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Commands for Chef's Knife Command to Encrypt and Decrypt Data
 test_files:
 - features/decrypt.feature
 - features/encrypt.feature
 - features/step_definitions/knife_config_steps.rb
+- features/step_definitions/knife_encryption_steps.rb
 - features/support/env.rb

data/.rvmrc

@@ -1,52 +0,0 @@
-#!/usr/bin/env bash
-
-# This is an RVM Project .rvmrc file, used to automatically load the ruby
-# development environment upon cd'ing into the directory
-
-# First we specify our desired <ruby>[@<gemset>], the @gemset name is optional,
-# Only full ruby name is supported here, for short names use:
-#     echo "rvm use 1.9.3" > .rvmrc
-environment_id="ruby-1.9.3@knife-crypt"
-
-# Uncomment the following lines if you want to verify rvm version per project
-# rvmrc_rvm_version="1.12.2 (stable)" # 1.10.1 seams as a safe start
-# eval "$(echo ${rvm_version}.${rvmrc_rvm_version} | awk -F. '{print "[[ "$1*65536+$2*256+$3" -ge "$4*65536+$5*256+$6" ]]"}' )" || {
-#   echo "This .rvmrc file requires at least RVM ${rvmrc_rvm_version}, aborting loading."
-#   return 1
-# }
-
-# First we attempt to load the desired environment directly from the environment
-# file. This is very fast and efficient compared to running through the entire
-# CLI and selector. If you want feedback on which environment was used then
-# insert the word 'use' after --create as this triggers verbose mode.
-if [[ -d "${rvm_path:-$HOME/.rvm}/environments"
-  && -s "${rvm_path:-$HOME/.rvm}/environments/$environment_id" ]]
-then
-  \. "${rvm_path:-$HOME/.rvm}/environments/$environment_id"
-  [[ -s "${rvm_path:-$HOME/.rvm}/hooks/after_use" ]] &&
-    \. "${rvm_path:-$HOME/.rvm}/hooks/after_use" || true
-  if [[ $- == *i* ]] # check for interactive shells
-  then echo "Using: $(tput setaf 2)$GEM_HOME$(tput sgr0)" # show the user the ruby and gemset they are using in green
-  else echo "Using: $GEM_HOME" # don't use colors in non-interactive shells
-  fi
-else
-  # If the environment file has not yet been created, use the RVM CLI to select.
-  rvm --create use  "$environment_id" || {
-    echo "Failed to create RVM environment '${environment_id}'."
-    return 1
-  }
-fi
-
-# If you use bundler, this might be useful to you:
-# if [[ -s Gemfile ]] && {
-#   ! builtin command -v bundle >/dev/null ||
-#   builtin command -v bundle | grep $rvm_path/bin/bundle >/dev/null
-# }
-# then
-#   printf "%b" "The rubygem 'bundler' is not installed. Installing it now.\n"
-#   gem install bundler
-# fi
-# if [[ -s Gemfile ]] && builtin command -v bundle >/dev/null
-# then
-#   bundle install | grep -vE '^Using|Your bundle is complete'
-# fi