knife-ec2 0.10.0.rc.0 → 0.10.0.rc.1

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    YzVmMmJhMWJhZWZhNjMzNDUzOWMyOGYzNDQzNjlkNWMyMDkxNjg1Mw==
+    MWQ5ZmZmN2U4NjhkMDEzYTNlN2Q5NGVhN2E3NmNmYjE5NDc4ZTE2Yw==
   data.tar.gz: !binary |-
-    OGU2MTdkOThjYjkzNjQ4MjJmMmZhNjk1YjM5MjE5ZGQzYjIxMWM4Yg==
+    MmY0M2RmNGQxYzQ0ODhhMGEzNGRjY2MzYWM5MGVlYzZmYTQwYjFiMQ==
 SHA512:
   metadata.gz: !binary |-
-    YTM2YWE1OTM2MDc5OTI4MjlhMmEzNzAxMGQxN2FlYWI3YzFjNjFmZjg0NGQy
-    MTc3ZWU3YTJjNTM0Mjc3ZTU4NWI5ZTkxZmM3MTI2ODAwOTZjMjk2NmVlNGY5
-    ZjkzNTMzYjJiNDQ1OTU2ZGFmYzQ0MzQ0ZDYyYjA4MjdhZmU1MTk=
+    MGJiYzNkODA5OWRiOWU1YTljYmFkZjRiNjhjZDhkNjVmNmJhZWUyM2RhZjE0
+    ZDJkM2U0Mzc3MmEzOGQ1ZWI1ZGJhZDYyODZhMjNhNjc3MDUzNTU3NGNhNGYy
+    NWU1MTFjZmQ1NmY1YWViZDU5MDI0ZmIzMGZjYWFhN2NjNDU1MDA=
   data.tar.gz: !binary |-
-    Njg1YTU2ZDhhYjc1NzZlOTNlZTkwZTIzYzIyZWIzMzQwZGEzYjM1YzBjN2Ew
-    OGIzMTgwY2UyYjNmODQ3ODk1ZjVjOTEyNmUxMGVjODUyYjI2ODhjYTNkNGFj
-    ODEzMmJjYmNjMTQ0NTYyOTMwNzllYzQzYzBkNzZhOGQ4MDEzOTk=
+    ZDkyMWU2MWM1NDkxMWEwMjI0MmNiYTFkZDQ5NzViNWMwZmU5MGE1MGFiMGZj
+    NzM2Y2JmMDIyMTZlMjMzZmUwNWY4MTA4ZjJiMGIzYmFkNWRiZWM4MjY5NmE2
+    OTkwMWYxMTE0YjRmYmUyZWQwMWNmZGY0M2Q2OTFkMjcwNTUyMTM=

data/CHANGELOG.md

@@ -5,9 +5,11 @@ Note: this log contains only changes from knife-ec2 release 0.8.0 and later
 prior to release 0.8.0, please visit the [source repository](https://github.com/opscode/knife-ec2/commits).
 
 ## Unreleased changes
-None.
+* Use IAM role for credentials
 
-## Latest release: 0.10.0.rc.0
+## Latest release: 0.10.0.rc.1
+* [Issue:#237](https://github.com/opscode/knife-ec2/issues/237) Provide a way to the validation key and data bag secret from S3
+* [Issue:#243](https://github.com/opscode/knife-ec2/issues/243) Support new AWS CLI configuration file format
 * Update `knife-windows` gem dependency to `knife-windows 0.8.rc.0` for improved Windows authentication integration
 * Update `fog` gem dependency to `fog 1.23.0`
 * Provisioned IOPS support via the `--provisioned-iops` and `--ebs-volume-type` options

data/CONTRIBUTIONS.md

@@ -6,5 +6,7 @@ Example Contribution:
 -->
 # knife-ec2 0.10.0:
 
+* **erehot**: Added ability to use S3 to obtain the validation key and data bag secret
+* **johnbarney**: Added ability to use IAM role credentials
 * **mdellanoce**: Added ability to use SSH config (KNIFE-466)
 * **victorlin**: Added ability to pass identify file for SSH Gateway on the command line (KNIFE-422)

data/DOC_CHANGES.md

@@ -17,18 +17,33 @@ This command line option and associated plugin configuration `:ebs_volume_type`
 
 ### Option `--provisioned-iops`
 This command line option and the associated `:ebs_provisioned_iops` plugin
-confugration enables the EC2 instance to be configured with the specified
+configuration enables the EC2 instance to be configured with the specified
 provisioned IOPS rate given as an argument to this option. It is only valid if
 the EBS volume type is `io1` as specified by the `--ebs-volume-type` option
 for this plugin.
 
+## Use of secret parameters from S3 for `server create` command
+
+The options below allow some secrets used with the `knife ec2 server create`
+command to be specified as URL's. Examples are also given in the README.md.
+
+### Option `--s3-secret`
+This option allows the specification of an AWS S3 storage bucket that contains
+a data bag secret file -- this option can be used in place of the
+`secret_file` option. It takes an S3 URL as an argument (e.g.
+`s3://bucket/file`) -- that file should contain encrypted data bag secret file
+
+### Option `--validation-key-url`
+This option allows the validation key to be specified as a URL. It takes a URL
+as an argument.
+
 ## SSH Gateway from SSH Config
 Any available SSH Gateway settings in your SSH configuration file are now used
 by default. This includes using any SSH keys specified for the target host.
 This allows simpler command-line usage of the knife plugin with less of a need
 for complex command line invocations.
 
-## Pass seperate SSH Gateway key
+## Pass separate SSH Gateway key
 You can pass an SSH key to be used for authenticating to the SSH Gateway with
 the --ssh-gateway-identity option.
 

data/README.md

@@ -78,6 +78,36 @@ Additionally the following options may be set in your `knife.rb`:
 - distro
 - template_file
 
+Using Cloud-Based Secret Data
+-----------------------------
+knife-ec2 now includes the ability to retrieve the encrypted data bag secret and validation keys directly from a cloud-based assets store (currently on S3 is supported). To enable this functionality, you must first upload keys to S3 and give them appropriate permissions. The following is a suggested set of IAM permissions required to make this work:
+
+```json
+{
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "s3:Get*",
+        "s3:List*"
+      ],
+      "Resource": [
+        "arn:aws:s3:::provisioning.bucket.com/chef/*"
+      ]
+    }
+  ]
+}
+```
+
+### Use the following configuration options in `knife.rb` to set the source URLs:
+```ruby
+knife[:validation_key_url] = 's3://provisioning.bucket.com/chef/my-validator.pem'
+knife[:s3_secret] = 's3://provisioning.bucket.com/chef/encrypted_data_bag_secret'
+```
+
+### Alternatively, URLs can be passed directly on the command line:
+- Validation Key: `--validation-key-url s3://provisioning.bucket.com/chef/my-validator.pem`
+- Encrypted Data Bag Secret: `--s3-secret s3://provisioning.bucket.com/chef/encrypted_data_bag_secret`
 
 Subcommands
 -----------

data/RELEASE_NOTES.md

@@ -6,7 +6,7 @@ Example Note:
 ## Example Heading
 Details about the thing that changed that needs to get included in the Release Notes in markdown.
 -->
-# knife-ec2 0.10.rc.0 release notes:
+# knife-ec2 0.10.rc.1 release notes:
 This release of `knife-ec2` adds improvements around ssh configuration and EC2
 IOPS provisioning. There is also a dependency update for the `fog` and `knife-windows` gems
 to improve support for additional EC2 capabilities and Windows authentication
@@ -26,6 +26,9 @@ contribute features and bug fixes to `knife-ec2` at https://github.com/opscode/k
 
 ## Features added in knife-ec2 0.10.0
 
+* Ability to specify validation key and data bag secrets via an S3 bucket
+* Support for new AWS client configuration
+* Added ability to use IAM role credentials
 * Provisioned IOPS support
 * SSH workstation configuration integration (from Michael Dellanoce and Victor Lin)
 

data/knife-ec2.gemspec

@@ -17,10 +17,10 @@ Gem::Specification.new do |s|
   s.executables  = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
 
   s.add_dependency 'fog',           '~> 1.23.0'
-  s.add_dependency 'knife-windows', '0.8.0.rc.0'
+  s.add_dependency 'knife-windows', '>= 0.8.0'
 
   s.add_development_dependency 'mixlib-config', '~> 2.0'
-  s.add_development_dependency 'chef',          '>= 0.10.10'
+  s.add_development_dependency 'chef',          '>= 11.16.2'
   s.add_development_dependency 'rspec',         '~> 2.14'
   s.add_development_dependency 'rake',          '~> 10.1'
   s.add_development_dependency 'sdoc',          '~> 0.3'

data/lib/chef/knife/ec2_base.rb

@@ -55,17 +55,29 @@ class Chef
             :long => "--region REGION",
             :description => "Your AWS region",
             :proc => Proc.new { |key| Chef::Config[:knife][:region] = key }
+
+          option :use_iam_profile,
+            :long => "--use-iam-profile",
+            :description => "Use IAM profile assigned to current machine",
+            :boolean => true,
+            :default => false,
+            :proc => Proc.new { |key| Chef::Config[:knife][:use_iam_profile] = key }
         end
       end
 
       def connection
+        connection_settings = {
+          :provider => 'AWS',
+          :region => locate_config_value(:region)
+        }
+        if locate_config_value(:use_iam_profile)
+          connection_settings[:use_iam_profile] = true
+        else
+          connection_settings[:aws_access_key_id] = locate_config_value(:aws_access_key_id)
+          connection_settings[:aws_secret_access_key] = locate_config_value(:aws_secret_access_key)
+        end
         @connection ||= begin
-          connection = Fog::Compute.new(
-            :provider => 'AWS',
-            :aws_access_key_id => Chef::Config[:knife][:aws_access_key_id],
-            :aws_secret_access_key => Chef::Config[:knife][:aws_secret_access_key],
-            :region => locate_config_value(:region)
-          )
+          connection = Fog::Compute.new(connection_settings)
         end
       end
 
@@ -88,27 +100,37 @@ class Chef
       def validate!(keys=[:aws_access_key_id, :aws_secret_access_key])
         errors = []
 
-        unless Chef::Config[:knife][:aws_credential_file].nil?
-          unless (Chef::Config[:knife].keys & [:aws_access_key_id, :aws_secret_access_key]).empty?
-            errors << "Either provide a credentials file or the access key and secret keys but not both."
+        unless locate_config_value(:use_iam_profile)
+          unless Chef::Config[:knife][:aws_credential_file].nil?
+            unless (Chef::Config[:knife].keys & [:aws_access_key_id, :aws_secret_access_key]).empty?
+              errors << "Either provide a credentials file or the access key and secret keys but not both."
+            end
+            # File format:
+            # AWSAccessKeyId=somethingsomethingdarkside
+            # AWSSecretKey=somethingsomethingcomplete
+            #               OR
+            # aws_access_key_id = somethingsomethingdarkside
+            # aws_secret_access_key = somethingsomethingdarkside
+
+            aws_creds = []
+            File.read(Chef::Config[:knife][:aws_credential_file]).each_line do | line |
+              aws_creds << line.split("=").map(&:strip) if line.include?("=")
+            end
+            entries = Hash[*aws_creds.flatten]
+            Chef::Config[:knife][:aws_access_key_id] = entries['AWSAccessKeyId'] || entries['aws_access_key_id']
+            Chef::Config[:knife][:aws_secret_access_key] = entries['AWSSecretKey'] || entries['aws_secret_access_key']
           end
-          # File format:
-          # AWSAccessKeyId=somethingsomethingdarkside
-          # AWSSecretKey=somethingsomethingcomplete
-          entries = Hash[*File.read(Chef::Config[:knife][:aws_credential_file]).split(/[=\n]/).map(&:chomp)]
-          Chef::Config[:knife][:aws_access_key_id] = entries['AWSAccessKeyId']
-          Chef::Config[:knife][:aws_secret_access_key] = entries['AWSSecretKey']
-        end
 
-        keys.each do |k|
-          pretty_key = k.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
-          if Chef::Config[:knife][k].nil?
-            errors << "You did not provide a valid '#{pretty_key}' value."
+          keys.each do |k|
+            pretty_key = k.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
+            if Chef::Config[:knife][k].nil?
+              errors << "You did not provide a valid '#{pretty_key}' value."
+            end
           end
-        end
 
-        if errors.each{|e| ui.error(e)}.any?
-          exit 1
+          if errors.each{|e| ui.error(e)}.any?
+            exit 1
+          end
         end
       end
 

data/lib/chef/knife/ec2_server_create.rb

@@ -18,6 +18,7 @@
 #
 
 require 'chef/knife/ec2_base'
+require 'chef/knife/s3_source'
 require 'chef/knife/winrm_base'
 
 class Chef
@@ -27,7 +28,9 @@ class Chef
       include Knife::Ec2Base
       include Knife::WinrmBase
       deps do
+        require 'tempfile'
         require 'fog'
+        require 'uri'
         require 'readline'
         require 'chef/json_compat'
         require 'chef/knife/bootstrap'
@@ -194,6 +197,11 @@ class Chef
         :description => "A file containing the secret key to use to encrypt data bag item values",
         :proc => lambda { |sf| Chef::Config[:knife][:secret_file] = sf }
 
+      option :s3_secret,
+        :long => '--s3-secret S3_SECRET_URL',
+        :description => 'S3 URL (e.g. s3://bucket/file) for the encrypted_data_bag_secret_file',
+        :proc => lambda { |url| Chef::Config[:knife][:s3_secret] = url }
+
       option :json_attributes,
         :short => "-j JSON",
         :long => "--json-attributes JSON",
@@ -280,6 +288,11 @@ class Chef
         :description => "The maximum time in minutes to wait to for authentication over the transport to the node to succeed. The default value is 25 minutes.",
         :default => 25
 
+      option :validation_key_url,
+        :long => "--validation-key-url URL",
+        :description => "Path to the validation key",
+        :proc => proc { |m| Chef::Config[:validation_key_url] = m }
+
       def run
         $stdout.sync = true
 
@@ -360,6 +373,11 @@ class Chef
         end
         msg_pair("Private IP Address", @server.private_ip_address)
 
+        if Chef::Config[:knife][:validation_key_url]
+          download_validation_key(validation_key_path)
+          Chef::Config[:validation_key] = validation_key_path
+        end
+
         #Check if Server is Windows or Linux
         if is_image_windows?
           protocol = locate_config_value(:bootstrap_protocol)
@@ -441,6 +459,44 @@ class Chef
         msg_pair("JSON Attributes",config[:json_attributes]) unless !config[:json_attributes] || config[:json_attributes].empty?
       end
 
+      def validation_key_path
+        @validation_key_path ||= begin
+          if URI(Chef::Config[:knife][:validation_key_url]).scheme == 'file'
+            URI(Chef::Config[:knife][:validation_key_url]).path
+          else
+            validation_key_tmpfile.path
+          end
+        end
+      end
+
+      def validation_key_tmpfile
+        @validation_key_tmpfile ||= Tempfile.new('validation_key')
+      end
+
+      def download_validation_key(tempfile)
+        Chef::Log.debug 'Downloading validation key ' \
+          "<#{Chef::Config[:knife][:validation_key_url]}> to file " \
+          "<#{tempfile}>"
+
+        case URI(Chef::Config[:knife][:validation_key_url]).scheme
+        when 's3'
+          File.open(tempfile, 'w') { |f| f.write(s3_validation_key) }
+        end
+      end
+
+      def s3_validation_key
+        @s3_validation_key ||= begin
+          Chef::Knife::S3Source.fetch(Chef::Config[:knife][:validation_key_url])
+        end
+      end
+
+      def s3_secret
+        @s3_secret ||= begin
+          return false unless locate_config_value(:s3_secret)
+          Chef::Knife::S3Source.fetch(locate_config_value(:s3_secret))
+        end
+      end
+
       def bootstrap_common_params(bootstrap)
         bootstrap.config[:run_list] = config[:run_list]
         bootstrap.config[:bootstrap_version] = locate_config_value(:bootstrap_version)
@@ -451,7 +507,7 @@ class Chef
         bootstrap.config[:first_boot_attributes] = locate_config_value(:json_attributes) || {}
         bootstrap.config[:encrypted_data_bag_secret] = locate_config_value(:encrypted_data_bag_secret)
         bootstrap.config[:encrypted_data_bag_secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
-        bootstrap.config[:secret] = locate_config_value(:secret)
+        bootstrap.config[:secret] = s3_secret || locate_config_value(:secret)
         bootstrap.config[:secret_file] = locate_config_value(:secret_file)
         # Modify global configuration state to ensure hint gets set by
         # knife-bootstrap

data/lib/chef/knife/s3_source.rb

@@ -0,0 +1,40 @@
+require 'fog'
+
+class Chef
+  class Knife
+    class S3Source
+      attr_accessor :url
+
+      def self.fetch(url)
+        source = Chef::Knife::S3Source.new
+        source.url = url
+        source.body
+      end
+
+      def body
+        bucket_obj.files.get(path).body
+      end
+
+      private
+
+      def bucket_obj
+        @bucket_obj ||= fog.directories.get(bucket)
+      end
+
+      def bucket
+        URI(@url).host
+      end
+
+      def path
+        URI(@url).path.sub(/^\//, '')
+      end
+
+      def fog
+        @fog ||= Fog::Storage::AWS.new(
+          aws_access_key_id: Chef::Config[:knife][:aws_access_key_id],
+          aws_secret_access_key: Chef::Config[:knife][:aws_secret_access_key]
+        )
+      end
+    end
+  end
+end

data/lib/knife-ec2/version.rb

@@ -1,6 +1,6 @@
 module Knife
   module Ec2
-    VERSION = "0.10.0.rc.0"
+    VERSION = "0.10.0.rc.1"
     MAJOR, MINOR, TINY = VERSION.split('.')
   end
 end

data/spec/unit/ec2_server_create_spec.rb

@@ -70,6 +70,15 @@ describe Chef::Knife::Ec2ServerCreate do
     @ec2_server_attribs.each_pair do |attrib, value|
       @new_ec2_server.stub(attrib).and_return(value)
     end
+
+    @s3_connection = double(Fog::Storage::AWS)
+
+    @bootstrap = Chef::Knife::Bootstrap.new
+    Chef::Knife::Bootstrap.stub(:new).and_return(@bootstrap)
+
+    @validation_key_url = 's3://bucket/foo/bar'
+    @validation_key_file = '/tmp/a_good_temp_file'
+    @validation_key_body = "TEST VALIDATION KEY\n"
   end
 
   describe "run" do
@@ -84,9 +93,6 @@ describe Chef::Knife::Ec2ServerCreate do
       @knife_ec2_create.stub(:puts)
       @knife_ec2_create.stub(:print)
       @knife_ec2_create.config[:image] = '12345'
-
-      @bootstrap = Chef::Knife::Bootstrap.new
-      Chef::Knife::Bootstrap.stub(:new).and_return(@bootstrap)
       @bootstrap.should_receive(:run)
     end
 
@@ -177,6 +183,19 @@ describe Chef::Knife::Ec2ServerCreate do
       @knife_ec2_create.ui.should_receive(:warn).with(/retrying/)
       @knife_ec2_create.run
     end
+
+    it 'actually writes to the validation key tempfile' do
+      @new_ec2_server.should_receive(:wait_for).and_return(true)
+      Chef::Config[:knife][:validation_key_url] =
+        @validation_key_url
+      @knife_ec2_create.config[:validation_key_url] =
+        @validation_key_url
+
+      @knife_ec2_create.stub_chain(:validation_key_tmpfile, :path).and_return(@validation_key_file)
+      Chef::Knife::S3Source.stub(:fetch).with(@validation_key_url).and_return(@validation_key_body)
+      File.should_receive(:open).with(@validation_key_file, 'w')
+      @knife_ec2_create.run
+    end
   end
 
   describe "run for EC2 Windows instance" do
@@ -340,6 +359,19 @@ describe Chef::Knife::Ec2ServerCreate do
         expect(bootstrap.config[:secret_file]).to eql("cli-provided-secret-file")
       end
     end
+
+    context 'S3-based secret' do
+      before(:each) do
+        Chef::Config[:knife][:s3_secret] =
+          's3://test.bucket/folder/encrypted_data_bag_secret'
+        @secret_content = "TEST DATA BAG SECRET\n"
+        @knife_ec2_create.stub(:s3_secret).and_return(@secret_content)
+      end
+
+      it 'sets the secret to the expected test string' do
+        expect(bootstrap.config[:secret]).to eql(@secret_content)
+      end
+    end
   end
 
   describe "when configuring the bootstrap process" do
@@ -533,6 +565,35 @@ describe Chef::Knife::Ec2ServerCreate do
         Chef::Config[:knife][:aws_access_key_id].should == @access_key_id
         Chef::Config[:knife][:aws_secret_access_key].should == @secret_key
       end
+      it "reads UNIX Line endings for new format" do
+        File.stub(:read).
+          and_return("aws_access_key_id=#{@access_key_id}\naws_secret_access_key=#{@secret_key}")
+        @knife_ec2_create.validate!
+        Chef::Config[:knife][:aws_access_key_id].should == @access_key_id
+        Chef::Config[:knife][:aws_secret_access_key].should == @secret_key
+      end
+
+      it "reads DOS Line endings for new format" do
+        File.stub(:read).
+          and_return("aws_access_key_id=#{@access_key_id}\r\naws_secret_access_key=#{@secret_key}")
+        @knife_ec2_create.validate!
+        Chef::Config[:knife][:aws_access_key_id].should == @access_key_id
+        Chef::Config[:knife][:aws_secret_access_key].should == @secret_key
+      end      
+    end
+
+    it 'understands that file:// validation key URIs are just paths' do
+      Chef::Config[:knife][:validation_key_url] = 'file:///foo/bar'
+      @knife_ec2_create.validation_key_path.should eq('/foo/bar')
+    end
+
+    it 'returns a path to a tmp file when presented with a URI for the ' \
+      'validation key' do
+      Chef::Config[:knife][:validation_key_url] = @validation_key_url
+
+      @knife_ec2_create.stub_chain(:validation_key_tmpfile, :path).and_return(@validation_key_file)
+
+      @knife_ec2_create.validation_key_path.should eq(@validation_key_file)
     end
 
     it "disallows security group names when using a VPC" do
@@ -592,6 +653,21 @@ describe Chef::Knife::Ec2ServerCreate do
     end
   end
 
+  describe "when creating the connection" do
+    describe "when use_iam_profile is true" do
+      before do
+        Chef::Config[:knife].delete(:aws_access_key_id)
+        Chef::Config[:knife].delete(:aws_secret_access_key)
+      end
+
+      it "creates a connection without access keys" do
+        @knife_ec2_create.config[:use_iam_profile] = true
+        Fog::Compute::AWS.should_receive(:new).with(hash_including(:use_iam_profile => true)).and_return(@ec2_connection)
+        @knife_ec2_create.connection
+      end
+    end
+  end
+
   describe "when creating the server definition" do
     before do
       Fog::Compute::AWS.stub(:new).and_return(@ec2_connection)
@@ -673,6 +749,12 @@ describe Chef::Knife::Ec2ServerCreate do
 
       server_def[:iam_instance_profile_name].should == nil
     end
+
+    it "doesn't use IAM profile by default" do
+      server_def = @knife_ec2_create.create_server_def
+
+      server_def[:use_iam_profile].should == nil
+    end
     
     it 'Set Tenancy Dedicated when both VPC mode and Flag is True' do
       @knife_ec2_create.config[:dedicated_instance] = true

data/spec/unit/s3_source_spec.rb

@@ -0,0 +1,53 @@
+require File.expand_path('../../spec_helper', __FILE__)
+require 'fog'
+
+describe Chef::Knife::S3Source do
+  before(:each) do
+    @bucket_name = 'my.bucket'
+    @test_file_path = 'path/to/file.pem'
+    @test_file_content = "TEST CONTENT\n"
+
+    Fog.mock!
+
+    {
+      aws_access_key_id: 'aws_access_key_id',
+      aws_secret_access_key: 'aws_secret_access_key'
+    }.each do |key, value|
+      Chef::Config[:knife][key] = value
+    end
+
+    fog = Fog::Storage::AWS.new(
+      aws_access_key_id: 'aws_access_key_id',
+      aws_secret_access_key: 'aws_secret_access_key'
+    )
+    test_dir_obj = fog.directories.create('key' => @bucket_name)
+    test_file_obj = test_dir_obj.files.create('key' => @test_file_path)
+    test_file_obj.body = @test_file_content
+    test_file_obj.save
+
+    @s3_connection = double(Fog::Storage::AWS)
+    @s3_source = Chef::Knife::S3Source.new
+
+    @s3_source.url = "s3://#{@bucket_name}/#{@test_file_path}"
+  end
+
+  it 'converts URI to path with leading / removed' do
+    @s3_source.instance_eval { path }
+    @s3_source.instance_eval { path }.should eq(@test_file_path)
+  end
+
+  it 'correctly retrieves the bucket name from the URI' do
+    @s3_source.instance_eval { bucket }
+    @s3_source.instance_eval { bucket }.should eq(@bucket_name)
+  end
+
+  it 'gets back the correct bucket contents' do
+    @s3_source.body.should eq(@test_file_content)
+  end
+
+  it 'gets back a bucket object with bucket_obj' do
+    @s3_source.instance_eval { bucket_obj }
+    @s3_source.instance_eval { bucket_obj }.should
+      be_kind_of(Fog::Storage::AWS::Directory)
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec2
 version: !ruby/object:Gem::Version
-  version: 0.10.0.rc.0
+  version: 0.10.0.rc.1
 platform: ruby
 authors:
 - Adam Jacob
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-09-20 00:00:00.000000000 Z
+date: 2014-10-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
@@ -29,16 +29,16 @@ dependencies:
   name: knife-windows
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.8.0.rc.0
+        version: 0.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.8.0.rc.0
+        version: 0.8.0
 - !ruby/object:Gem::Dependency
   name: mixlib-config
   requirement: !ruby/object:Gem::Requirement
@@ -59,14 +59,14 @@ dependencies:
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.10.10
+        version: 11.16.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.10.10
+        version: 11.16.2
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -135,10 +135,12 @@ files:
 - lib/chef/knife/ec2_server_create.rb
 - lib/chef/knife/ec2_server_delete.rb
 - lib/chef/knife/ec2_server_list.rb
+- lib/chef/knife/s3_source.rb
 - lib/knife-ec2/version.rb
 - spec/spec_helper.rb
 - spec/unit/ec2_server_create_spec.rb
 - spec/unit/ec2_server_delete_spec.rb
+- spec/unit/s3_source_spec.rb
 homepage: https://github.com/opscode/knife-ec2
 licenses:
 - Apache-2.0
@@ -167,4 +169,5 @@ test_files:
 - spec/spec_helper.rb
 - spec/unit/ec2_server_create_spec.rb
 - spec/unit/ec2_server_delete_spec.rb
+- spec/unit/s3_source_spec.rb
 has_rdoc: