knife-ec2 0.11.0 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 75bf2719d93fe8ea9a23838a6c3a92abc4375c87
-  data.tar.gz: 7a8cdeb7c6bfcc590423ec6e03ee884b4f63a4a7
+  metadata.gz: df82616670ab17b61699fa1d344500f0c80309fa
+  data.tar.gz: e4969b3ddaac2b8173b3bc74c6b94e1916058317
 SHA512:
-  metadata.gz: 01625b07776e0684ec359140a62d513d5bc4df03754a0ef09f23133efb9ee2a2b5bfa52cabc53c4af07b121f4ed43e5a0fd1bdddde4ff9abfc93fe51e65b34e4
-  data.tar.gz: 2e2ea55c71a4989cf3a31da873723372d0d4370801e984f102ddc99536c9b45bcc9a6018955f4f3e701c13a4872f8abaee5c9659685d1a28415ae1af402e1052
+  metadata.gz: d600ff181661d04c4702789a7042bbea70bd3c4998f4f4031e089d215c7d51e2a3499f375c1b7f3fb9a14f1186a5343b50b94fe53816b5448469c674bd252b0c
+  data.tar.gz: b46b7174e1833ff71798c762e2c95db0e4cf9c93fc6befbaa205c1d365a11e9dd0fc1f1d2c20e662df007c54d858893c13a36ca99ddbe9bb6e37c98dab54714b

data/CHANGELOG.md

@@ -4,7 +4,13 @@ Note: this log contains only changes from knife-ec2 release 0.8.0 and later
 -- it does not contain the changes from prior releases. To view change history
 prior to release 0.8.0, please visit the [source repository](https://github.com/opscode/knife-ec2/commits).
 
-## Latest release: 0.11.0 (2015-08-24)
+## Latest Release: 0.12.0 (2015-10-1)
+
+* [knife-ec2:#305](https://github.com/chef/knife-ec2/pull/305) Updates to support standard .aws/credentials file
+* [knife-ec2 #354](https://github.com/chef/knife-ec2/pull/354) knife-windows 1.0.0 dependency, support for validatorless bootstrap, other Chef 12 bootstrap options
+* [knife-ec2 #356](https://github.com/chef/knife-ec2/pull/356) Added --forward-agent option
+
+## Release: 0.11.0 (2015-08-24)
 * [knife-ec2:#330](https://github.com/chef/knife-ec2/pull/330) Modification for attribute precedence issue
 * [knife-ec2:#293](https://github.com/chef/knife-ec2/pull/293) s3_source: Lazy load fog library
 * [knife-ec2:#284](https://github.com/chef/knife-ec2/pull/284) Enable Spot Pricing

data/DOC_CHANGES.md

@@ -4,65 +4,58 @@ This file is reset everytime when a new release is done. Contents of this file i
 
 # knife-ec2 doc changes
 
-Documentation changes are given below for **knife-ec2 version 0.10.0**.
+Documentation changes are given below for **knife-ec2 version 0.12.0**.
+
+## `knife ec2 server create` subcommand changes
+
+### SSH agent forwarding with --forward-agent option
+The `--forward-agent` option has been added to the `knife ec2 server
+create` subcommand. This enables SSH agent forwarding, and has the
+same behavior during bootstrap of the created node as the
+`--forward-agent` option of the [`knife bootstrap` subcommand](https://docs.chef.io/knife_bootstrap.html).
+
+### WinRM security `--winrm-authentication-protocol` option
+`knife-ec2`'s `server create` subcommand supports bootstrap via
+the `WinRM` remote command protocol. The
+`--winrm-authentication-protocol` option controls authentication to
+the remote system (the bootstrapped node). This option's behavior is
+covered in the
+[knife-windows](https://github.com/chef/knife-windows/blob/v1.0.0/DOC_CHANGES.md)
+subcommand documentation which has identically named option.
+
+Note that with this change, the default authentication used for WinRM
+communication specified by the `--winrm-authentication-protocol`
+option is the `negotiate` protocol, which is different than that used
+by previous versions of `knife-ec2`. This may lead to some
+compatibility issues when using WinRM's plaintext transport
+(`--winrm-transport` set to the default of `plaintext`) running from `knife ec2 server create`
+from an operating system other than Windows.
+
+To avoid problems with the `negotiate` protocol on a non-Windows
+system, configure `--winrm-transport` to `ssl` to use SSL which also
+improves the robustness against information disclosure or tampering
+attacks.
+
+You may also revert to previous authentication behavior by specifying `basic` for the
+`--winrm-authentication-protocol` option. More details on this change
+can be found in [documentation](https://github.com/chef/knife-windows/blob/v1.0.0/DOC_CHANGES.md#winrm-authentication-protocol-defaults-to-negotiate-regardless-of-name-formats) for `knife-windows`.
+
+### Chef Client installation options on Windows
+The following options are available for Windows systems:
+
+* `--msi-url URL`: Optional. Used to override the location from which Chef
+  Client is downloaded. If not specified, Chef Client is downloaded
+  from the Internet -- this option allows downloading from a private network
+  location for instance.
+* `--install-as-service`: Install chef-client as a service on Windows
+  systems
+* `--bootstrap-install-command`: Optional. Instead of downloading Chef
+  Client and installing it using a default installation command,
+  bootstrap will invoke this command. If an image already has
+  Chef Client installed, this command can be specified as empty
+  (`''`), in which case no installation will be done and the rest of
+  bootstrap will proceed as if it's already installed.
+
+For more detail, see the [knife-windows documentation](https://docs.chef.io/plugin_knife_windows.html).
 
-## Provisioned IOPS support for `server create` command
 
-Options are now available in the `knife ec2 server create` subcommand to
-specify provisioned IOPS for the created instance.
-
-### Option `--ebs-volume-type`
-
-This command line option and associated plugin configuration `:ebs_volume_type` allow you to specify an EBS volume of type `standard` or `io1` as a `string` parameter to this option. The former is the default, the latter will allow the specification of a provisioned IOPS rate through the `--provisioned-iops` option.
-
-### Option `--provisioned-iops`
-This command line option and the associated `:ebs_provisioned_iops` plugin
-configuration enables the EC2 instance to be configured with the specified
-provisioned IOPS rate given as an argument to this option. It is only valid if
-the EBS volume type is `io1` as specified by the `--ebs-volume-type` option
-for this plugin.
-
-## Use of secret parameters from S3 for `server create` command
-
-The options below allow some secrets used with the `knife ec2 server create`
-command to be specified as URL's. Examples are also given in the README.md.
-
-### Option `--s3-secret`
-This option allows the specification of an AWS S3 storage bucket that contains
-a data bag secret file -- this option can be used in place of the
-`secret_file` option. It takes an S3 URL as an argument (e.g.
-`s3://bucket/file`) -- that file should contain encrypted data bag secret file
-
-### Option `--validation-key-url`
-This option allows the validation key to be specified as a URL. It takes a URL
-as an argument.
-
-## Option `--aws-session-token`
-The option `--aws-session-token` was added for all knife-ec2 subcommands to
-allow support for federation use cases utilizing EC2 STS tokens.
-
-## SSH Gateway from SSH Config
-Any available SSH Gateway settings in your SSH configuration file are now used
-by default. This includes using any SSH keys specified for the target host.
-This allows simpler command-line usage of the knife plugin with less of a need
-for complex command line invocations.
-
-## Support Spot Instances
-You can now request a spot instance at a specific price.
-
-### Option `--spot-price`
-This option allows the maximum desired spot price to be specified. It takes a
-price in US dollars.
-
-## Pass separate SSH Gateway key
-You can pass an SSH key to be used for authenticating to the SSH Gateway with
-the --ssh-gateway-identity option.
-
-### options
-
-```
---aws-session-token
-```
-
-Your AWS Session Token, for use with AWS STS Federation or Session Tokens.
-This option is available for all subcommands.

data/README.md

@@ -87,6 +87,13 @@ this file in your <tt>knife.rb</tt> file, like so:
 knife[:aws_credential_file] = "/path/to/credentials/file/in/above/format"
 ```
 
+If you have multiple profiles in your credentials file you can define which
+profile to use. The `default` profile will be used if not supplied,
+
+```ruby
+knife[:aws_profile] = "personal"
+```
+
 Additionally the following options may be set in your `knife.rb`:
 
 - flavor
@@ -153,6 +160,21 @@ Provisions a new server in the Amazon EC2 and then perform a Chef bootstrap
 
 View additional information on configuring Windows images for bootstrap in the documentation for [knife-windows](http://docs.chef.io/plugin_knife_windows.html).
 
+##### Options for bootstrapping Windows
+
+The `knife ec2 server create` command also supports the following
+options for bootstrapping a Windows node after the VM s created:
+
+    :winrm_password                The WinRM password
+    :winrm_authentication_protocol Defaults to negotiate, supports kerberos, can be set to basic for debugging
+    :winrm_transport               Defaults to plaintext, use ssl for improved privacy
+    :winrm_port                    Defaults to 5985 plaintext transport, or 5986 for SSL
+    :ca_trust_file                 The CA certificate file to use to verify the server when using SSL
+    :winrm_ssl_verify_mode         Defaults to verify_peer, use verify_none to skip validation of the server certificate during testing
+    :kerberos_keytab_file          The Kerberos keytab file used for authentication
+    :kerberos_realm                The Kerberos realm used for authentication
+    :kerberos_service              The Kerberos service used for authentication
+
 #### `knife ec2 server delete`
 Deletes an existing server in the currently configured AWS account. **By default, this does not delete the associated node and client objects from the Chef server. To do so, add the `--purge` flag**
 

data/RELEASE_NOTES.md

@@ -6,33 +6,47 @@ Example Note:
 ## Example Heading
 Details about the thing that changed that needs to get included in the Release Notes in markdown.
 -->
-# knife-ec2 0.11.0 release notes:
+# knife-ec2 0.12.0 release notes:
+
 This release of `knife-ec2` adds features like spot pricing, EBS volume encryption support and some bug fixes. There is also a dependency update for the `fog` gem and 'em-winrm' dependency is removed.
 
-Special thanks go to contributors **Erik Frey** for addressing
-[knife-ec2:#94](https://github.com/chef/knife-ec2/pull/94) and **Igor Shpakov** for lazy loading fog library.
+## Compatibility note for Windows nodes: `--winrm-authentication-protocol basic`
+In this version of `knife-ec2`, the default authentication protocol
+for Windows nodes is now `negotiate`for the `server create` subcommand. This can
+cause bootstraps to fail if the remote Windows node is not configured
+for `negotiate`. To work around this and retain the behavior of
+previous releases, you can specify use `basic` authentication in your
+`knife` configuration file or on the command line  as in
+this example:
+
+        knife ec2 server create -I ami-173d747e -G windows -f m1.medium --user-data ~/your-user-data-file -x 'a_local_user' -P 'yourpassword' --ssh-key your-public-key-id --winrm-authentication-protocol basic
+
+## Acknowledgements
+Our thanks go to contributor **Peer Allan** for adding
+[knife-ec2:#305](https://github.com/chef/knife-ec2/pull/305). This
+enables the use of standard AWS credential configuration from `~/.aws/credentials`.
 
-See the [CHANGELOG](https://github.com/opscode/knife-ec2/blob/master/CHANGELOG.md) for a list of all changes in this release, and review
-[DOC_CHANGES.md](https://github.com/opscode/knife-ec2/blob/master/DOC_CHANGES.md) for relevant documentation updates.
+## Release information
+
+See the [CHANGELOG](https://github.com/chef/knife-ec2/blob/0.12.0/CHANGELOG.md) for a list of all changes in this release, and review
+[DOC_CHANGES.md](https://github.com/chef/knife-ec2/blob/0.12.0/DOC_CHANGES.md) for relevant documentation updates.
 
 Issues with `knife-ec2` should be reported in the issue system at
 https://github.com/opscode/knife-ec2/issues. Learn more about how you can
 contribute features and bug fixes to `knife-ec2` at https://github.com/opscode/knife-ec2/blob/master/CONTRIBUTING.md.
 
-## Features added in knife-ec2 0.11.0
+## Features added in knife-ec2 0.12.0
 
-* Support for Spot Instances (from Erik Frey)
-* Lazy loading of fog library (from Igor Shpakov)
-* Support for EBS volume encryption in `knife-ec2 server create` options
-* Added ability to use IAM role credentials
+* Support for `~/.aws/credentials` credential configuration (Peer Allan)
+* Validatorless bootstrap for Windows nodes
+* --forward-agent ssh agent forwarding support
+* `--msi-url`, `--install-as-service`, `--bootstrap-install-command`
+  for Windows nodes
 
 ## knife-ec2 on RubyGems and Github
 https://rubygems.org/gems/knife-ec2
 https://github.com/opscode/knife-ec2
 
 ## Issues fixed in knife-ec2 0.11.0
-
-* Update `fog` gem dependency to `fog v1.29`
-* Remove 'em-winrm' gem dependency
-* [knife-ec2:#273](https://github.com/chef/knife-ec2/pull/273) Remove -s option for data bag secret and subnets
-* [knife-ec2:#265](https://github.com/chef/knife-ec2/pull/265) showing error message for incorrect option input
+See the [0.12.0 CHANGELOG](https://github.com/chef/knife-ec2/blob/0.12.0/CHANGELOG.md)
+for the complete list of issues fixed in this release.

data/knife-ec2.gemspec

@@ -1,28 +1,28 @@
-# -*- encoding: utf-8 -*-
-$LOAD_PATH.push File.expand_path('../lib', __FILE__)
-require 'knife-ec2/version'
-
-Gem::Specification.new do |s|
-  s.name         = 'knife-ec2'
-  s.version      = Knife::Ec2::VERSION
-  s.authors      = ['Adam Jacob', 'Seth Chisamore']
-  s.email        = ['adam@opscode.com', 'schisamo@opscode.com']
-  s.homepage     = 'https://github.com/opscode/knife-ec2'
-  s.summary      = "EC2 Support for Chef's Knife Command"
-  s.description  = s.summary
-  s.license      = 'Apache-2.0'
-
-  s.files        = `git ls-files`.split("\n")
-  s.test_files   = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables  = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
-
-  s.add_dependency 'fog',           '~> 1.29.0'
-  s.add_dependency 'knife-windows', '>= 0.8.2'
-
-  s.add_development_dependency 'chef',  '~> 12.0', '>= 12.2.1'
-  s.add_development_dependency 'rspec', '~> 3.0'
-  s.add_development_dependency 'rake',  '~> 10.1'
-  s.add_development_dependency 'sdoc',  '~> 0.3'
-
-  s.require_paths = ['lib']
-end
+# -*- encoding: utf-8 -*-
+$LOAD_PATH.push File.expand_path('../lib', __FILE__)
+require 'knife-ec2/version'
+
+Gem::Specification.new do |s|
+  s.name         = 'knife-ec2'
+  s.version      = Knife::Ec2::VERSION
+  s.authors      = ['Adam Jacob', 'Seth Chisamore']
+  s.email        = ['adam@opscode.com', 'schisamo@opscode.com']
+  s.homepage     = 'https://github.com/opscode/knife-ec2'
+  s.summary      = "EC2 Support for Chef's Knife Command"
+  s.description  = s.summary
+  s.license      = 'Apache-2.0'
+
+  s.files        = `git ls-files`.split("\n")
+  s.test_files   = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables  = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+
+  s.add_dependency 'fog',           '~> 1.29.0'
+  s.add_dependency 'knife-windows', '~> 1.0'
+
+  s.add_development_dependency 'chef',  '~> 12.0', '>= 12.2.1'
+  s.add_development_dependency 'rspec', '~> 3.0'
+  s.add_development_dependency 'rake',  '~> 10.1'
+  s.add_development_dependency 'sdoc',  '~> 0.3'
+
+  s.require_paths = ['lib']
+end

data/lib/chef/knife/ec2_base.rb

@@ -39,6 +39,12 @@ class Chef
             :description => "File containing AWS credentials as used by aws cmdline tools",
             :proc => Proc.new { |key| Chef::Config[:knife][:aws_credential_file] = key }
 
+          option :aws_profile,
+            :long => "--aws-profile PROFILE",
+            :description => "AWS profile, from credential file, to use",
+            :default => 'default',
+            :proc => Proc.new { |key| Chef::Config[:knife][:aws_profile] = key }
+
           option :aws_access_key_id,
             :short => "-A ID",
             :long => "--aws-access-key-id KEY",
@@ -115,14 +121,14 @@ class Chef
             # AWSAccessKeyId=somethingsomethingdarkside
             # AWSSecretKey=somethingsomethingcomplete
             #               OR
+            # [default]
             # aws_access_key_id = somethingsomethingdarkside
             # aws_secret_access_key = somethingsomethingdarkside
 
-            aws_creds = []
-            File.read(Chef::Config[:knife][:aws_credential_file]).each_line do | line |
-              aws_creds << line.split("=").map(&:strip) if line.include?("=")
-            end
-            entries = Hash[*aws_creds.flatten]
+            aws_creds = ini_parse(File.read(Chef::Config[:knife][:aws_credential_file]))
+            profile = Chef::Config[:knife][:aws_profile] || 'default'
+            entries = aws_creds.values.first.has_key?("AWSAccessKeyId") ? aws_creds.values.first : aws_creds[profile]
+
             Chef::Config[:knife][:aws_access_key_id] = entries['AWSAccessKeyId'] || entries['aws_access_key_id']
             Chef::Config[:knife][:aws_secret_access_key] = entries['AWSSecretKey'] || entries['aws_secret_access_key']
           end
@@ -149,5 +155,24 @@ class Chef
       end
       name ||= ''
     end
+
+    def ini_parse(file)
+      current_section = {}
+      map = {}
+      file.each_line do |line|
+        line = line.split(/^|\s;/).first # remove comments
+        section = line.match(/^\s*\[([^\[\]]+)\]\s*$/) unless line.nil?
+        if section
+          current_section = section[1]
+        elsif current_section
+          item = line.match(/^\s*(.+?)\s*=\s*(.+?)\s*$/) unless line.nil?
+          if item
+            map[current_section] ||= {}
+            map[current_section][item[1]] = item[2]
+          end
+        end
+      end
+      map
+    end
   end
 end

data/lib/chef/knife/ec2_server_create.rb

@@ -20,6 +20,7 @@
 require 'chef/knife/ec2_base'
 require 'chef/knife/s3_source'
 require 'chef/knife/winrm_base'
+require 'chef/knife/bootstrap_windows_base'
 
 class Chef
   class Knife
@@ -27,6 +28,7 @@ class Chef
 
       include Knife::Ec2Base
       include Knife::WinrmBase
+      include Knife::BootstrapWindowsBase
       deps do
         require 'tempfile'
         require 'fog'
@@ -385,6 +387,12 @@ class Chef
         :description => "Execute the bootstrap via sudo with password",
         :boolean => false
 
+      option :forward_agent,
+        :short => "-A",
+        :long => "--forward-agent",
+        :description => "Enable SSH agent forwarding",
+        :boolean => true
+
       def run
         $stdout.sync = true
 
@@ -678,6 +686,7 @@ class Chef
           bootstrap.config[:ca_trust_file] = locate_config_value(:ca_trust_file)
           bootstrap.config[:winrm_port] = locate_config_value(:winrm_port)
           bootstrap.config[:auth_timeout] = locate_config_value(:auth_timeout)
+          bootstrap.config[:winrm_ssl_verify_mode] = locate_config_value(:winrm_ssl_verify_mode)
         elsif locate_config_value(:bootstrap_protocol) == 'ssh'
           bootstrap = Chef::Knife::BootstrapWindowsSsh.new
           bootstrap.config[:ssh_user] = locate_config_value(:ssh_user)
@@ -685,11 +694,15 @@ class Chef
           bootstrap.config[:ssh_port] = locate_config_value(:ssh_port)
           bootstrap.config[:identity_file] = locate_config_value(:identity_file)
           bootstrap.config[:no_host_key_verify] = locate_config_value(:no_host_key_verify)
+          bootstrap.config[:forward_agent] = locate_config_value(:forward_agent)
         else
           ui.error("Unsupported Bootstrapping Protocol. Supported : winrm, ssh")
           exit 1
         end
         bootstrap.name_args = [fqdn]
+        bootstrap.config[:msi_url] = locate_config_value(:msi_url)
+        bootstrap.config[:install_as_service] = locate_config_value(:install_as_service)
+        bootstrap.config[:session_timeout] = locate_config_value(:session_timeout)
         bootstrap.config[:chef_node_name] = config[:chef_node_name] || server.id
         bootstrap_common_params(bootstrap)
       end
@@ -1166,7 +1179,6 @@ class Chef
 
       def load_winrm_deps
         require 'winrm'
-        require 'em-winrm'
         require 'chef/knife/winrm'
         require 'chef/knife/bootstrap_windows_winrm'
         require 'chef/knife/bootstrap_windows_ssh'

data/lib/knife-ec2/version.rb

@@ -1,6 +1,6 @@
 module Knife
   module Ec2
-    VERSION = "0.11.0"
+    VERSION = "0.12.0"
     MAJOR, MINOR, TINY = VERSION.split('.')
   end
 end

data/spec/unit/ec2_server_create_spec.rb

@@ -77,7 +77,7 @@ describe Chef::Knife::Ec2ServerCreate do
                            :instance_id => 'test_spot_instance_id',
                            :state => 'open',
                            :key_name => 'ssh_key_name',
-                           :availability_zone => nil, 
+                           :availability_zone => nil,
                            :flavor_id => 'm1.small',
                            :image_id => 'image' }
 
@@ -465,7 +465,7 @@ describe Chef::Knife::Ec2ServerCreate do
       @aws_key = Chef::Config[:knife][:aws_ssh_key_id]
       allow(@knife_ec2_create).to receive(:ami).and_return(false)
     end
-      
+
     it "gives warning message and creates the attribute with the required name" do
       expect(@knife_ec2_create.ui).to receive(:warn).with("Use of aws_ssh_key_id option in knife.rb config is deprecated, use ssh_key_name option instead.")
       @knife_ec2_create.validate!
@@ -479,7 +479,7 @@ describe Chef::Knife::Ec2ServerCreate do
       @aws_key = Chef::Config[:knife][:aws_ssh_key_id]
       allow(@knife_ec2_create).to receive(:ami).and_return(false)
     end
-      
+
     it "gives warning message and gives preference to CLI value over knife config's value" do
       expect(@knife_ec2_create.ui).to receive(:warn).with("Use of aws_ssh_key_id option in knife.rb config is deprecated, use ssh_key_name option instead.")
       @knife_ec2_create.validate!
@@ -492,7 +492,7 @@ describe Chef::Knife::Ec2ServerCreate do
       Chef::Config[:knife][:ssh_key_name] = "mykey"
       allow(@knife_ec2_create).to receive(:ami).and_return(false)
     end
-     
+
     it "does nothing" do
       @knife_ec2_create.validate!
     end
@@ -504,7 +504,7 @@ describe Chef::Knife::Ec2ServerCreate do
       Chef::Config[:knife][:ssh_key_name] = "mykey"
       @knife_ec2_create.config[:ssh_key_name] = "ssh_key_name"
     end
-      
+
     it "ssh-key passed over CLI gets preference over knife config value" do
       server_def = @knife_ec2_create.create_server_def
       expect(server_def[:key_name]).to eq(@knife_ec2_create.config[:ssh_key_name])
@@ -595,6 +595,25 @@ describe Chef::Knife::Ec2ServerCreate do
       expect(Chef::Config[:knife][:hints]["ec2"]).not_to be_nil
     end
   end
+
+  describe "when configuring the ssh bootstrap process for windows" do
+    before do
+      allow(@knife_ec2_create).to receive(:fetch_server_fqdn).and_return("SERVERNAME")
+      @knife_ec2_create.config[:ssh_user] = "administrator"
+      @knife_ec2_create.config[:ssh_password] = "password"
+      @knife_ec2_create.config[:ssh_port] = 22
+      @knife_ec2_create.config[:forward_agent] = true
+      @knife_ec2_create.config[:bootstrap_protocol] = 'ssh'
+      @knife_ec2_create.config[:image] = '12345'
+      allow(@knife_ec2_create).to receive(:is_image_windows?).and_return(true)
+      @bootstrap = @knife_ec2_create.bootstrap_for_windows_node(@new_ec2_server, @new_ec2_server.dns_name)
+    end
+
+    it "sets the bootstrap 'forward_agent' correctly" do
+      expect(@bootstrap.config[:forward_agent]).to eq(true)
+    end
+  end
+  
   describe "when configuring the winrm bootstrap process for windows" do
     before do
       allow(@knife_ec2_create).to receive(:fetch_server_fqdn).and_return("SERVERNAME")
@@ -610,6 +629,10 @@ describe Chef::Knife::Ec2ServerCreate do
       @knife_ec2_create.config[:distro] = 'ubuntu-10.04-magic-sparkles'
       @knife_ec2_create.config[:run_list] = ['role[base]']
       @knife_ec2_create.config[:json_attributes] = "{'my_attributes':{'foo':'bar'}"
+      @knife_ec2_create.config[:winrm_ssl_verify_mode] = 'basic'
+      @knife_ec2_create.config[:msi_url] = 'https://opscode-omnibus-packages.s3.amazonaws.com/windows/2008r2/x86_64/chef-client-12.3.0-1.msi'
+      @knife_ec2_create.config[:install_as_service] = true
+      @knife_ec2_create.config[:session_timeout] = "90"
       @bootstrap = @knife_ec2_create.bootstrap_for_windows_node(@new_ec2_server, @new_ec2_server.dns_name)
    end
 
@@ -655,6 +678,22 @@ describe Chef::Knife::Ec2ServerCreate do
       expect(@bootstrap.config[:first_boot_attributes]).to eq("{'my_attributes':{'foo':'bar'}")
     end
 
+    it "should set the bootstrap 'winrm_ssl_verify_mode' correctly" do
+      expect(@bootstrap.config[:winrm_ssl_verify_mode]).to eq("basic")
+    end
+
+    it "should set the bootstrap 'msi_url' correctly" do
+      expect(@bootstrap.config[:msi_url]).to eq('https://opscode-omnibus-packages.s3.amazonaws.com/windows/2008r2/x86_64/chef-client-12.3.0-1.msi')
+    end
+
+    it "should set the bootstrap 'install_as_service' correctly" do
+      expect(@bootstrap.config[:install_as_service]).to eq(@knife_ec2_create.config[:install_as_service])
+    end
+
+    it "should set the bootstrap 'session_timeout' correctly" do
+      expect(@bootstrap.config[:session_timeout]).to eq(@knife_ec2_create.config[:session_timeout])
+    end
+
     it "configures sets the bootstrap's run_list" do
       expect(@bootstrap.config[:run_list]).to eq(['role[base]'])
     end
@@ -704,7 +743,7 @@ describe Chef::Knife::Ec2ServerCreate do
       end
       it "reads UNIX Line endings for new format" do
         allow(File).to receive(:read).
-          and_return("aws_access_key_id=#{@access_key_id}\naws_secret_access_key=#{@secret_key}")
+          and_return("[default]\naws_access_key_id=#{@access_key_id}\naws_secret_access_key=#{@secret_key}")
         @knife_ec2_create.validate!
         expect(Chef::Config[:knife][:aws_access_key_id]).to eq(@access_key_id)
         expect(Chef::Config[:knife][:aws_secret_access_key]).to eq(@secret_key)
@@ -712,7 +751,16 @@ describe Chef::Knife::Ec2ServerCreate do
 
       it "reads DOS Line endings for new format" do
         allow(File).to receive(:read).
-          and_return("aws_access_key_id=#{@access_key_id}\r\naws_secret_access_key=#{@secret_key}")
+          and_return("[default]\naws_access_key_id=#{@access_key_id}\r\naws_secret_access_key=#{@secret_key}")
+        @knife_ec2_create.validate!
+        expect(Chef::Config[:knife][:aws_access_key_id]).to eq(@access_key_id)
+        expect(Chef::Config[:knife][:aws_secret_access_key]).to eq(@secret_key)
+      end
+
+      it "loads the correct profile" do
+        Chef::Config[:knife][:aws_profile] = 'other'
+        allow(File).to receive(:read).
+          and_return("[default]\naws_access_key_id=TESTKEY\r\naws_secret_access_key=TESTSECRET\n\n[other]\naws_access_key_id=#{@access_key_id}\r\naws_secret_access_key=#{@secret_key}")
         @knife_ec2_create.validate!
         expect(Chef::Config[:knife][:aws_access_key_id]).to eq(@access_key_id)
         expect(Chef::Config[:knife][:aws_secret_access_key]).to eq(@secret_key)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec2
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.12.0
 platform: ruby
 authors:
 - Adam Jacob
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-08-24 00:00:00.000000000 Z
+date: 2015-10-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
@@ -29,16 +29,16 @@ dependencies:
   name: knife-windows
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.2
+        version: '1.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.2
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: chef
   requirement: !ruby/object:Gem::Requirement
@@ -153,7 +153,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.4
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: EC2 Support for Chef's Knife Command