knife-ec-backup 2.0.0.beta.4 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d766acc26907709ef94b95f41410a3c77f2fe1fa
-  data.tar.gz: 2fddbc5353225e9b6b4f988f872faa396bb4dfe9
+  metadata.gz: f8f08431a9c4bb9de895e7f1de514e586603cf00
+  data.tar.gz: bcc07b67d433964eb6b8b080650110b98c7291c2
 SHA512:
-  metadata.gz: 80c0598f66fb11f5eb65de808e6e4595c78209fe42b42041ad8f31c022465741f093b223d35864d88383c8be8c157aaf3f850a8648a4d82db3d57ec753e6df33
-  data.tar.gz: cdc909787dab84ccfe783653e47f8550127a3ca22b6eacfe5320f5205132730a23029a66a430abc6c67503d4ec277044ccb5e52cc65fadc4289c5f54898616fb
+  metadata.gz: 964129af4f8e76e3d339f4a10e2d682fbc864d1e2799b6274a2d4fb4f7b4ad0cb2d31deda74fa11f2d62033b60f0aa170e397c44d07bea56294b296abbe1887f
+  data.tar.gz: f9de155880bf15cac8afafdcfd81365e8c2764b15065faa501ee92cb7c10772c6259e24434701dddcbe24404c74414c964b4308ddc43fce73ea37f1e52cb2f20

data/README.md

@@ -13,13 +13,21 @@ tool.
 
 # Requirements
 
-This knife plugin requires Chef 11.8+.
+This knife plugin requires Chef Client 11.8+.
 
 ## Chef 10
 
 Users who are still using Chef 10 can use the most recent 1.x version
 of this gem.  Version 1.x additionally depends on knife-essentials.
 
+## Server Support
+
+This plugin currently supports Enterprise Chef 11 and Chef Server 12.
+Support for the beta key rotation features is provided via the
+`--with-keys-sql` flag, but users of this feature should note that
+this may change once the Chef Server supports an API-based export of
+the key data.
+
 # Installation
 
 ## Chef Server Install (Recommended)
@@ -86,6 +94,13 @@ The following options are supported across all subcommands:
     Server.  This is required to correctly handle user passwords and
     to ensure user-specific association groups are not duplicated.
 
+  * `--with-key-sql`: Whether to backup/restore key data directly
+    from the database.  This requires access to the listening
+    postgresql port on the Chef Server.  This is required to correctly
+    handle keys in Chef Servers with multikey support. This option
+    will only work on `restore` if it was also used during the
+    `backup`.
+
   * `--skip-useracl`:
     Skip download/restore of the user ACLs.  User ACLs are the
     permissions that actors have *on other global users*.  These are
@@ -187,6 +202,13 @@ Private Chef server. DEST_DIR should be a backup directory created by
     duplicated. This option will only work on `restore` if it was also
     used during the `backup`.
 
+  * `--with-key-sql`: Whether to backup/restore key data directly
+    from the database.  This requires access to the listening
+    postgresql port on the Chef Server.  This is required to correctly
+    handle keys in Chef Servers with multikey support. This option
+    will only work on `restore` if it was also used during the
+    `backup`.
+
   * `--skip-useracl`:
     Skip download/restore of the user ACLs.  User ACLs are the
     permissions that actors have *on other global users*.  These are
@@ -217,6 +239,9 @@ Please note, most user should use `knife ec restore` with the
 
 # Known Bugs
 
+- knife-ec-backup cannot be installed in the embedded gemset of Chef
+  Server 12.  This will be resolved in a future Chef Server release.
+
 - `knife ec restore` can fail to restore cookbooks, failing with an
   internal server error. A common cause of this problem is a
   concurrency bug in Chef Server. Setting `--concurrency 1` can often

data/lib/chef/knife/ec_backup.rb

@@ -33,8 +33,8 @@ class Chef
           end
         end
 
-        if config[:with_user_sql]
-          export_users_from_sql
+        if config[:with_user_sql] || config[:with_key_sql]
+          export_from_sql
         end
 
         ensure_dir("#{dest_dir}/organizations")
@@ -86,15 +86,17 @@ class Chef
         end
       end
 
-      def export_users_from_sql
+      def export_from_sql
         require 'chef/knife/ec_key_export'
         Chef::Knife::EcKeyExport.deps
         k = Chef::Knife::EcKeyExport.new
-        k.name_args = ["#{dest_dir}/key_dump.json"]
+        k.name_args = ["#{dest_dir}/key_dump.json", "#{dest_dir}/key_table_dump.json"]
         k.config[:sql_host] = config[:sql_host]
         k.config[:sql_port] = config[:sql_port]
         k.config[:sql_user] = config[:sql_user]
         k.config[:sql_password] = config[:sql_password]
+        k.config[:skip_users_table] = !config[:with_user_sql]
+        k.config[:skip_keys_table] = !config[:with_key_sql]
         k.run
       end
 

data/lib/chef/knife/ec_base.rb

@@ -72,6 +72,11 @@ class Chef
           option :with_user_sql,
             :long => '--with-user-sql',
             :description => 'Try direct data base access for user export/import.  Required to properly handle passwords, keys, and USAGs'
+
+          option :with_key_sql,
+            :long => '--with-key-sql',
+            :description => 'Try direct data base access for key table export/import.  Required to properly handle rotated keys.'
+
         end
 
         attr_accessor :dest_dir

data/lib/chef/knife/ec_key_base.rb

@@ -47,6 +47,16 @@ class Chef
           option :sql_password,
           :long => "--sql-password PASSWORD",
           :description => 'Password used to connect to the postgresql database'
+
+          option :skip_keys_table,
+          :long => "--skip-keys-table",
+          :description => "Skip Chef 12-only keys table",
+          :default => false
+
+          option :skip_users_table,
+          :long => "--skip-users-table",
+          :description => "Skip users table",
+          :default => false
         end
       end
 
@@ -54,7 +64,7 @@ class Chef
         @db ||= begin
                   require 'sequel'
                   server_string = "#{config[:sql_user]}:#{config[:sql_password]}@#{config[:sql_host]}:#{config[:sql_port]}/opscode_chef"
-                  ::Sequel.connect("postgres://#{server_string}")
+                  ::Sequel.connect("postgres://#{server_string}", :convert_infinite_timestamps => :string)
                 end
       end
 

data/lib/chef/knife/ec_key_export.rb

@@ -25,20 +25,41 @@ class Chef
 
       include Knife::EcKeyBase
 
-      banner "knife ec key export [PATH]"
+      banner "knife ec key export [USER_DATA_PATH] [KEY_DATA_PATH]"
 
       def run
         if config[:sql_user].nil? || config[:sql_password].nil?
           load_config_from_file!
         end
 
-        path = @name_args[0] || "key_dump.json"
-        export(path)
+        # user_data_path defaults to key_dump.json to support
+        # older knife-ec-backup exports
+        user_data_path = @name_args[0] || "key_dump.json"
+        key_data_path =  @name_args[1] || "key_table_dump.json"
+
+        export(:users, user_data_path) unless config[:skip_users_table]
+
+        begin
+          export_keys(key_data_path) unless config[:skip_keys_table]
+        rescue Sequel::DatabaseError => e
+          if e.message =~ /^PG::UndefinedTable/
+            ui.error "Keys table not found. The keys table only exists on Chef Server 12."
+            ui.error "Chef Server 11 users should use the --skip-keys-table option to avoid this error."
+            exit 1
+          else
+            raise
+          end
+        end
+      end
+
+      def export_keys(path)
+        data = db.fetch('SELECT keys_by_name.*, orgs.name AS "org_name" FROM keys_by_name LEFT JOIN orgs ON keys_by_name.org_id=orgs.id')
+        File.open(path, 'w') { |file| file.write(data.all.to_json) }
       end
 
-      def export(path)
-        users = db.select.from(:users)
-        File.open(path, 'w') { |file| file.write(users.all.to_json) }
+      def export(table, path)
+        data = db.select.from(table)
+        File.open(path, 'w') { |file| file.write(data.all.to_json) }
       end
     end
   end

data/lib/chef/knife/ec_key_import.rb

@@ -18,6 +18,7 @@
 
 require 'chef/knife'
 require 'chef/knife/ec_key_base'
+require 'chef/org_id_cache'
 
 class Chef
   class Knife
@@ -25,7 +26,7 @@ class Chef
 
       include Knife::EcKeyBase
 
-      banner "knife ec key import [PATH]"
+      banner "knife ec key import [USER_DATA_PATH] [KEY_DATA_PATH]"
 
       option :skip_pivotal,
         :long => "--[no-]skip-pivotal",
@@ -39,17 +40,130 @@ class Chef
         :boolean => true,
         :description => "Upload user ids."
 
+      option :users_only,
+        :long => "--users-only",
+        :default => false,
+        :description => "Only update users (skip client key data)"
+
+     option :clients_only,
+        :log => "--clients-only",
+        :default => false,
+        :description => "Only update client key data. Implies --skip-users-table"
+
       def run
         if config[:sql_user].nil? || config[:sql_password].nil?
           load_config_from_file!
         end
 
-        path = @name_args[0] || "key_dump.json"
-        import(path)
+        @org_id_cache = Chef::OrgIdCache.new(db)
+
+        # user_data_path defaults to key_dump.json to support
+        # older knife-ec-backup exports
+        user_data_path = @name_args[0] || "key_dump.json"
+        key_data_path = @name_args[1] || "key_table_dump.json"
+        import_user_data(user_data_path) unless (config[:skip_users_table] || config[:clients_only])
+        import_key_data(key_data_path) unless config[:skip_keys_table]
       end
 
+      def import_key_data(path)
+        key_data = JSON.parse(File.read(path))
+        key_data.each do |d|
+          case d['type']
+          when 'client'
+            next if config[:users_only]
+            insert_key_data_for_client(d)
+          when 'user'
+            next if config[:clients_only]
+            insert_key_data_for_user(d)
+          else
+            ui.warn "Unkown actor type #{d['type']} for #{d['name']}"
+            next
+          end
+        end
+      end
+
+      # If a given key_name already exists for the client, update it,
+      # otherwise insert a new key into the key table.
+      #
+      # Unlike users, we never want to keep the internal ID from the
+      # backup.
+      #
+      # The org_id is likely different than that stored in the backup.
+      # We query the new org_id based on org_name, caching it to avoid
+      # multiple lookups in a large org.
+      def insert_key_data_for_client(d)
+        ui.msg "Updating key data for client[#{d['name']}]"
+
+        org_id = @org_id_cache.fetch(d['org_name'])
+        if org_id.nil?
+          ui.warn "Could not find organization for client[#{d['name']}], skipping."
+          ui.warn "Organizations much be restored before key data can be imported."
+          return
+        end
+
+        existing_client = db[:clients].where(:org_id => org_id, :name => d['name']).first
+        if existing_client.nil?
+          ui.warn "Did not find existing client record for #{d['name']}, skipping."
+          ui.warn "Client records must be restored before key data can be imported."
+          return
+        end
+
+        new_id = existing_client[:id]
+        Chef::Log.debug("Found client id for #{d['name']}: #{new_id}")
+        upsert_key_record(key_record_for_db(d, new_id))
+      end
+
+      # Insert key data for each user record
+      #
+      # When :skip_id's is set, we are not using the ids from the
+      # backup.  In this case, look up the user id in the users table.
+      #
+      # When :skip_id's is not set, we are using the ids from the
+      # backup. The update_key trigger on the users table should
+      # ensure that the user ids have already been replaced and should
+      # match what we have in the backup.
+      def insert_key_data_for_user(d)
+        if d['name'] == 'pivotal' && config[:skip_pivotal]
+          ui.warn "Skipping pivotal user."
+          return
+        end
+        ui.msg "Updating key data for user[#{d['name']}]"
+        new_id = if config[:skip_ids]
+                   db[:users].where(:username => d['name']).first[:id]
+                 else
+                   d['id']
+                 end
+        Chef::Log.debug("Found user id for #{d['name']}: #{new_id}")
+        upsert_key_record(key_record_for_db(d, new_id))
+      end
+
+      def upsert_key_record(r)
+        key_records_to_update = db[:keys].where(:key_name => r[:key_name], :id => r[:id])
+        case key_records_to_update.count
+        when 0
+          Chef::Log.debug("No existing records found for #{r[:key_name]}, #{r[:id]}")
+          db[:keys].insert(r)
+        when 1
+          Chef::Log.debug("1 record found for #{r[:key_name]}, #{r[:id]}")
+          key_records_to_update.update(r)
+        else
+          ui.warn "Found too many records for actor id #{r[:id]} key #{d[:key_name]}"
+          return
+        end
+      end
+
+      def key_record_for_db(d, new_id=nil)
+        {
+          :id => new_id || d['id'],
+          :key_name => d['key_name'],
+          :public_key => d['public_key'],
+          :key_version => d['key_version'],
+          :created_at => Time.now,
+          :expires_at => d['expires_at']
+        }
+      end
 
-      def import(path)
+      def import_user_data(path)
         key_data = JSON.parse(File.read(path))
         key_data.each do |d|
           if d['username'] == 'pivotal' && config[:skip_pivotal]
@@ -57,7 +171,7 @@ class Chef
             next
           end
 
-          ui.msg "Updating key for #{d['username']}"
+          ui.msg "Updating user record for #{d['username']}"
           users_to_update = db[:users].where(:username => d['username'])
 
           if users_to_update.count != 1

data/lib/chef/knife/ec_restore.rb

@@ -44,12 +44,15 @@ class Chef
         restore_user_sql if config[:with_user_sql]
 
         for_each_organization do |orgname|
+          ui.msg "Restoring organization[#{orgname}]"
           create_organization(orgname)
           restore_open_invitations(orgname)
           add_users_to_org(orgname)
           upload_org_data(orgname)
         end
 
+        restore_key_sql if config[:with_key_sql]
+
         if config[:skip_useracl]
           ui.warn("Skipping user ACL update. To update user ACLs, remove --skip-useracl or upgrade your Enterprise Chef Server.")
         else
@@ -98,7 +101,7 @@ class Chef
       end
 
       def restore_user_acls
-        ui.msg "Restoring user ACLs ..."
+        ui.msg "Restoring user ACLs"
         for_each_user do |name|
           user_acl = JSONCompat.from_json(File.read("#{dest_dir}/user_acls/#{name}.json"))
           put_acl(user_acl_rest, "users/#{name}/_acl", user_acl)
@@ -126,7 +129,7 @@ class Chef
       end
 
       def restore_users
-        ui.msg "Restoring users ..."
+        ui.msg "Restoring users"
         for_each_user do |name|
           user = JSONCompat.from_json(File.read("#{dest_dir}/users/#{name}.json"))
           begin
@@ -144,16 +147,35 @@ class Chef
         end
       end
 
+      def ec_key_import
+        @ec_key_import ||= begin
+                             require 'chef/knife/ec_key_import'
+                             k = Chef::Knife::EcKeyImport.new
+                             k.name_args = ["#{dest_dir}/key_dump.json", "#{dest_dir}/key_table_dump.json"]
+                             k.config[:skip_pivotal] = true
+                             k.config[:skip_ids] = false
+                             k.config[:sql_host] = config[:sql_host]
+                             k.config[:sql_port] = config[:sql_port]
+                             k.config[:sql_user] = config[:sql_user]
+                             k.config[:sql_password] = config[:sql_password]
+                             k
+                           end
+      end
+
       def restore_user_sql
-        require 'chef/knife/ec_key_import'
-        k = Chef::Knife::EcKeyImport.new
-        k.name_args = ["#{dest_dir}/key_dump.json"]
-        k.config[:skip_pivotal] = true
-        k.config[:skip_ids] = false
-        k.config[:sql_host] = config[:sql_host]
-        k.config[:sql_port] = config[:sql_port]
-        k.config[:sql_user] = config[:sql_user]
-        k.config[:sql_password] = config[:sql_password]
+        k = ec_key_import
+        k.config[:skip_users_table] = false
+        k.config[:skip_keys_table] = false
+        k.config[:users_only] = true
+        k.run
+      end
+
+      def restore_key_sql
+        k = ec_key_import
+        k.config[:skip_users_table] = true
+        k.config[:skip_keys_table] = false
+        k.config[:users_only] = false
+        k.config[:clients_only] = true
         k.run
       end
 
@@ -172,7 +194,7 @@ class Chef
           Chef::Config.chef_server_url = "#{server.root_url}/organizations/#{name}"
 
           # Upload the admins group and billing-admins acls
-          ui.msg "Restoring the org admin data"
+          ui.msg "Restoring org admin data"
           chef_fs_config = Chef::ChefFS::Config.new
 
           # Handle Admins and Billing Admins seperately
@@ -215,7 +237,13 @@ class Chef
           group_acl_paths = Chef::ChefFS::FileSystem.list(chef_fs_config.local_fs, Chef::ChefFS::FilePattern.new('/acls/groups/*')).select { |entry| entry.name != 'billing-admins.json' }.map { |entry| entry.path }
           acl_paths = Chef::ChefFS::FileSystem.list(chef_fs_config.local_fs, Chef::ChefFS::FilePattern.new('/acls/*')).select { |entry| entry.name != 'groups' }.map { |entry| entry.path }
 
-          (top_level_paths + group_paths + group_acl_paths + acl_paths).each do |path|
+
+          # Store organization data in a particular order:
+          # - clients must be uploaded before groups (in top_level_paths)
+          # - groups must be uploaded before any acl's
+          # - groups must be uploaded twice to account for Chef Server versions that don't
+          #   accept group members on POST
+          (top_level_paths + group_paths*2 + group_acl_paths + acl_paths).each do |path|
             Chef::ChefFS::FileSystem.copy_to(Chef::ChefFS::FilePattern.new(path), chef_fs_config.local_fs, chef_fs_config.chef_fs, nil, config, ui, proc { |entry| chef_fs_config.format_path(entry) })
           end
 

data/lib/chef/org_id_cache.rb

@@ -0,0 +1,50 @@
+#
+# Author:: Steven Danna (<steve@chef.io>)
+# Copyright:: Copyright (c) 2015 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class Chef
+  class OrgIdCache
+    NO_ORG = "not here"
+
+    attr_accessor :db, :cache
+    def initialize(db)
+      @db = db
+      @cache = {}
+    end
+
+    def fetch(org_name)
+      if cache.key?(org_name) && cache[org_name] != NO_ORG
+        cache[org_name]
+      elsif cache.key?(org_name) && cache[org_name] == NO_ORG
+        nil
+      else
+        r = db.select(:id).from(:orgs).where(:name => org_name).first
+        if r.nil?
+          store(org_name, NO_ORG)
+          nil
+        else
+          store(org_name, r[:id])
+          r[:id]
+        end
+      end
+    end
+
+    def store(org_name, org_guid)
+      cache[org_name] = org_guid
+    end
+  end
+end

data/lib/chef/org_id_cache.rb~

@@ -0,0 +1,45 @@
+#
+# Author:: Steven Danna (<steve@chef.io>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class OrgIdCache
+  class NoSuchOrg < RuntimeError; end
+
+  attr_accesor :db, :cache
+  def initialize(db)
+    @db = db
+    @cache = {}
+  end
+
+  def fetch(org_name)
+    if cache.key?(org_name)
+      cache[org_name]
+    else
+      r = db.get(:id).from(:orgs).where(:org_name => org_name)
+      if r.nil?
+        raise NoSuchOrg
+      else
+        store(org_name, r[:id])
+        r[:id]
+      end
+    end
+  end
+
+  def store(org_name, org_guid)
+    cache[org_name] = org_guid
+  end
+end

data/lib/knife_ec_backup/version.rb

@@ -1,3 +1,3 @@
 module KnifeECBackup
-  VERSION = '2.0.0.beta.4'
+  VERSION = '2.0.0'
 end

data/spec/chef/knife/ec_key_export_spec.rb

@@ -1,2 +1,106 @@
 require File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "spec_helper"))
 require 'chef/knife/ec_key_export'
+require 'sequel'
+require 'json'
+require 'securerandom'
+require 'fakefs/spec_helpers'
+
+def user_record(name)
+  { "id" => SecureRandom.uuid,
+    "authz_id" => SecureRandom.uuid,
+    "username" => name,
+    "email" => "#{name}@example.com",
+    "pubkey_version" => 0,
+    "public_key" => "BEGIN RSA PUBLIC KEY",
+    "serialized_object" => "{ \"a string\" => \"of JSONNNN\"}",
+    "last_updated_by" => "a time",
+    "created_at" => "a time",
+    "updated_at" => "a time",
+    "external_authentication_uid" => nil,
+    "recovery_authentication_enabled" => false,
+    "admin" => false,
+    "hashed_password" => "alkdsj5834751934",
+    "salt" => "01943891jgfkjf",
+    "hash_type" => "not good 1.0" }
+end
+
+def key_record(name, type, key_name)
+  {
+    "id" => SecureRandom.uuid,
+    "org_id" => SecureRandom.uuid,
+    "name" => name,
+    "authz_id" => SecureRandom.uuid,
+    "type" => type.to_s,
+    "key_name" => key_name,
+    "public_key" => "BEGIN RSA PUBLIC KEY",
+    "key_version" => 0,
+    "expires_at" => "a time"
+  }
+end
+
+describe Chef::Knife::EcKeyExport do
+  include FakeFS::SpecHelpers
+  let(:users_table) do
+    [ user_record("jane"),
+      user_record("bob") ]
+  end
+
+  let(:keys_by_name_table) do
+    [ key_record("bob", :user, "default"),
+      key_record("jane", :user, "default"),
+      key_record("rabbit", :client, "default") ]
+  end
+
+  let(:db) do
+    # This seem to be the way to vary fetched data on output
+    # See https://groups.google.com/forum/#!topic/sequel-talk/NZuxcoXN30M
+    output = Proc.new do |query|
+      case query
+       when /SELECT.*users/ then users_table
+       when /SELECT.*keys_by_name/ then keys_by_name_table
+       end
+    end
+    d = Sequel.mock(:fetch => output)
+    allow(Sequel).to receive(:connect).and_return(d)
+    d
+  end
+
+  let(:knife) do
+    Chef::Knife::EcKeyExport.deps
+    k = Chef::Knife::EcKeyExport.new
+    k.config[:sql_user] = "opscode_chef"
+    k.config[:sql_password] = "apassword"
+    k.config[:sql_host] = "localhost"
+    k.config[:sql_port] = 5432
+    k
+  end
+
+  it "writes the users table to json" do
+    db; knife.run
+    expect(JSON.parse(File.read("key_dump.json"))).to eq(users_table)
+  end
+
+  it "writes the keys_by_name table to json" do
+    db; knife.run
+    expect(JSON.parse(File.read("key_table_dump.json"))).to eq(keys_by_name_table)
+  end
+
+  it "does not write the users table if :skip_users_table is set" do
+    knife.config[:skip_users_table] = true
+    db; knife.run
+    expect(File.exist?("key_dump.json")).to eq(false)
+  end
+
+  it "does not write the keys_by_name table if :skip_keys_table is set" do
+    knife.config[:skip_keys_table] = true
+    db; knife.run
+    expect(File.exist?("key_table_dump.json")).to eq(false)
+  end
+
+  it "writes the tables to the specified files when given arguments" do
+    knife.name_args = ["user_table.json", "key_table.json"]
+    db; knife.run
+    expect(JSON.parse(File.read("user_table.json"))).to eq(users_table)
+    expect(JSON.parse(File.read("key_table.json"))).to eq(keys_by_name_table)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec-backup
 version: !ruby/object:Gem::Version
-  version: 2.0.0.beta.4
+  version: 2.0.0
 platform: ruby
 authors:
 - John Keiser
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-28 00:00:00.000000000 Z
+date: 2015-01-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -125,6 +125,8 @@ files:
 - lib/chef/knife/ec_key_export.rb
 - lib/chef/knife/ec_key_import.rb
 - lib/chef/knife/ec_restore.rb
+- lib/chef/org_id_cache.rb
+- lib/chef/org_id_cache.rb~
 - lib/chef/server.rb
 - lib/chef/tsorter.rb
 - lib/knife_ec_backup/version.rb
@@ -152,9 +154,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.1