knife-server 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.cane +1 -0
- data/.rspec +1 -0
- data/.rubocop.yml +3 -0
- data/.travis.yml +12 -8
- data/CHANGELOG.md +32 -1
- data/Gemfile +9 -4
- data/Guardfile +28 -0
- data/README.md +28 -5
- data/Rakefile +31 -10
- data/knife-server.gemspec +18 -8
- data/lib/chef/knife/bootstrap/_omnibus.sh +63 -10
- data/lib/chef/knife/bootstrap/chef10/rhel.erb +2 -0
- data/lib/chef/knife/bootstrap/chef11/omnibus.erb +4 -1
- data/lib/chef/knife/bootstrap/chef11/rhel.erb +2 -0
- data/lib/chef/knife/server_backup.rb +24 -10
- data/lib/chef/knife/server_bootstrap_base.rb +68 -23
- data/lib/chef/knife/server_bootstrap_ec2.rb +33 -20
- data/lib/chef/knife/server_bootstrap_linode.rb +20 -13
- data/lib/chef/knife/server_bootstrap_openstack.rb +128 -0
- data/lib/chef/knife/server_bootstrap_standalone.rb +28 -16
- data/lib/chef/knife/server_restore.rb +23 -9
- data/lib/knife-server.rb +1 -0
- data/lib/knife/server/credentials.rb +78 -42
- data/lib/knife/server/ec2_security_group.rb +24 -21
- data/lib/knife/server/ssh.rb +54 -18
- data/lib/knife/server/version.rb +2 -1
- data/spec/chef/knife/server_backup_spec.rb +58 -44
- data/spec/chef/knife/server_bootstrap_ec2_spec.rb +108 -80
- data/spec/chef/knife/server_bootstrap_linode_spec.rb +93 -64
- data/spec/chef/knife/server_bootstrap_openstack_spec.rb +305 -0
- data/spec/chef/knife/server_bootstrap_standalone_spec.rb +113 -76
- data/spec/chef/knife/server_restore_spec.rb +38 -37
- data/spec/knife/server/credientials_spec.rb +248 -51
- data/spec/knife/server/ec2_security_group_spec.rb +76 -68
- data/spec/knife/server/ssh_spec.rb +138 -22
- metadata +107 -31
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
1
2
|
#
|
2
3
|
# Author:: Fletcher Nichol (<fnichol@nichol.ca>)
|
3
4
|
# Copyright:: Copyright (c) 2012 Fletcher Nichol
|
@@ -16,9 +17,9 @@
|
|
16
17
|
# limitations under the License.
|
17
18
|
#
|
18
19
|
|
19
|
-
require
|
20
|
-
require
|
21
|
-
require
|
20
|
+
require "chef/knife/server_restore"
|
21
|
+
require "fakefs/spec_helpers"
|
22
|
+
require "fileutils"
|
22
23
|
Chef::Knife::ServerRestore.load_deps
|
23
24
|
|
24
25
|
describe Chef::Knife::ServerRestore do
|
@@ -28,51 +29,51 @@ describe Chef::Knife::ServerRestore do
|
|
28
29
|
Chef::Log.logger = Logger.new(StringIO.new)
|
29
30
|
@knife = Chef::Knife::ServerRestore.new
|
30
31
|
@stdout = StringIO.new
|
31
|
-
@knife.ui.
|
32
|
-
@knife.ui.
|
32
|
+
allow(@knife.ui).to receive(:stdout).and_return(@stdout)
|
33
|
+
allow(@knife.ui).to receive(:msg)
|
33
34
|
@stderr = StringIO.new
|
34
|
-
@knife.ui.
|
35
|
+
allow(@knife.ui).to receive(:stderr).and_return(@stderr)
|
35
36
|
@knife.config[:backup_dir] = "/baks"
|
36
37
|
end
|
37
38
|
|
38
39
|
describe "#run" do
|
39
|
-
let(:rest_client) {
|
40
|
+
let(:rest_client) { double(:post_rest => true) }
|
40
41
|
|
41
42
|
before do
|
42
|
-
Chef::Node.
|
43
|
-
Chef::Role.
|
44
|
-
Chef::Environment.
|
45
|
-
Chef::DataBagItem.
|
46
|
-
@knife.
|
43
|
+
allow_any_instance_of(Chef::Node).to receive(:save) { true }
|
44
|
+
allow_any_instance_of(Chef::Role).to receive(:save) { true }
|
45
|
+
allow_any_instance_of(Chef::Environment).to receive(:save) { true }
|
46
|
+
allow_any_instance_of(Chef::DataBagItem).to receive(:save) { true }
|
47
|
+
allow(@knife).to receive(:rest) { rest_client }
|
47
48
|
end
|
48
49
|
|
49
50
|
it "exists if component type is invalid" do
|
50
|
-
@knife.name_args = %w
|
51
|
+
@knife.name_args = %w[nodes hovercraft]
|
51
52
|
|
52
|
-
|
53
|
+
expect { @knife.run }.to raise_error(SystemExit)
|
53
54
|
end
|
54
55
|
|
55
56
|
it "exists if backup_dir is missing" do
|
56
57
|
@knife.config.delete(:backup_dir)
|
57
58
|
|
58
|
-
|
59
|
+
expect { @knife.run }.to raise_error(SystemExit)
|
59
60
|
end
|
60
61
|
|
61
62
|
context "for nodes" do
|
62
63
|
before do
|
63
|
-
@knife.name_args = %w
|
64
|
+
@knife.name_args = %w[nodes]
|
64
65
|
|
65
66
|
stub_json_node!("mynode")
|
66
67
|
end
|
67
68
|
|
68
69
|
it "sends a message to the ui" do
|
69
|
-
@knife.ui.
|
70
|
+
expect(@knife.ui).to receive(:msg).with(/mynode/)
|
70
71
|
|
71
72
|
@knife.run
|
72
73
|
end
|
73
74
|
|
74
75
|
it "saves the node" do
|
75
|
-
Chef::Node.
|
76
|
+
expect_any_instance_of(Chef::Node).to receive(:save).once
|
76
77
|
|
77
78
|
@knife.run
|
78
79
|
end
|
@@ -80,19 +81,19 @@ describe Chef::Knife::ServerRestore do
|
|
80
81
|
|
81
82
|
context "for roles" do
|
82
83
|
before do
|
83
|
-
@knife.name_args = %w
|
84
|
+
@knife.name_args = %w[roles]
|
84
85
|
|
85
86
|
stub_json_role!("myrole")
|
86
87
|
end
|
87
88
|
|
88
89
|
it "sends a message to the ui" do
|
89
|
-
@knife.ui.
|
90
|
+
expect(@knife.ui).to receive(:msg).with(/myrole/)
|
90
91
|
|
91
92
|
@knife.run
|
92
93
|
end
|
93
94
|
|
94
95
|
it "saves the role" do
|
95
|
-
Chef::Role.
|
96
|
+
expect_any_instance_of(Chef::Role).to receive(:save).once
|
96
97
|
|
97
98
|
@knife.run
|
98
99
|
end
|
@@ -100,19 +101,19 @@ describe Chef::Knife::ServerRestore do
|
|
100
101
|
|
101
102
|
context "for environments" do
|
102
103
|
before do
|
103
|
-
@knife.name_args = %w
|
104
|
+
@knife.name_args = %w[environments]
|
104
105
|
|
105
106
|
stub_json_env!("myenv")
|
106
107
|
end
|
107
108
|
|
108
109
|
it "sends a message to the ui" do
|
109
|
-
@knife.ui.
|
110
|
+
expect(@knife.ui).to receive(:msg).with(/myenv/)
|
110
111
|
|
111
112
|
@knife.run
|
112
113
|
end
|
113
114
|
|
114
115
|
it "saves the environment" do
|
115
|
-
Chef::Environment.
|
116
|
+
expect_any_instance_of(Chef::Environment).to receive(:save).once
|
116
117
|
|
117
118
|
@knife.run
|
118
119
|
end
|
@@ -120,34 +121,34 @@ describe Chef::Knife::ServerRestore do
|
|
120
121
|
|
121
122
|
context "for data_bags" do
|
122
123
|
before do
|
123
|
-
@knife.name_args = %w
|
124
|
+
@knife.name_args = %w[data_bags]
|
124
125
|
|
125
126
|
stub_json_data_bag_item!("mybag", "myitem")
|
126
127
|
end
|
127
128
|
|
128
129
|
it "sends a message to the ui" do
|
129
|
-
@knife.ui.
|
130
|
+
expect(@knife.ui).to receive(:msg).with(/myitem/)
|
130
131
|
|
131
132
|
@knife.run
|
132
133
|
end
|
133
134
|
|
134
135
|
it "creates the data bag" do
|
135
|
-
rest_client.
|
136
|
-
with("data",
|
136
|
+
expect(rest_client).to receive(:post_rest).
|
137
|
+
with("data", "name" => "mybag")
|
137
138
|
|
138
139
|
@knife.run
|
139
140
|
end
|
140
141
|
|
141
142
|
it "only creates the data bag once for multiple items" do
|
142
143
|
stub_json_data_bag_item!("mybag", "anotheritem")
|
143
|
-
rest_client.
|
144
|
-
with("data",
|
144
|
+
expect(rest_client).to receive(:post_rest).
|
145
|
+
with("data", "name" => "mybag").once
|
145
146
|
|
146
147
|
@knife.run
|
147
148
|
end
|
148
149
|
|
149
150
|
it "saves the data bag item" do
|
150
|
-
Chef::DataBagItem.
|
151
|
+
expect_any_instance_of(Chef::DataBagItem).to receive(:save).once
|
151
152
|
|
152
153
|
@knife.run
|
153
154
|
end
|
@@ -162,32 +163,32 @@ describe Chef::Knife::ServerRestore do
|
|
162
163
|
end
|
163
164
|
|
164
165
|
it "saves nodes" do
|
165
|
-
Chef::Node.
|
166
|
+
expect_any_instance_of(Chef::Node).to receive(:save)
|
166
167
|
|
167
168
|
@knife.run
|
168
169
|
end
|
169
170
|
|
170
171
|
it "saves roles" do
|
171
|
-
Chef::Role.
|
172
|
+
expect_any_instance_of(Chef::Role).to receive(:save)
|
172
173
|
|
173
174
|
@knife.run
|
174
175
|
end
|
175
176
|
|
176
177
|
it "saves environments" do
|
177
|
-
Chef::Environment.
|
178
|
+
expect_any_instance_of(Chef::Environment).to receive(:save)
|
178
179
|
|
179
180
|
@knife.run
|
180
181
|
end
|
181
182
|
|
182
183
|
it "creates data bags" do
|
183
|
-
rest_client.
|
184
|
-
with("data",
|
184
|
+
expect(rest_client).to receive(:post_rest).
|
185
|
+
with("data", "name" => "bagey")
|
185
186
|
|
186
187
|
@knife.run
|
187
188
|
end
|
188
189
|
|
189
190
|
it "saves data bag items" do
|
190
|
-
Chef::DataBagItem.
|
191
|
+
expect_any_instance_of(Chef::DataBagItem).to receive(:save)
|
191
192
|
|
192
193
|
@knife.run
|
193
194
|
end
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
1
2
|
#
|
2
3
|
# Author:: Fletcher Nichol (<fnichol@nichol.ca>)
|
3
4
|
# Copyright:: Copyright (c) 2012 Fletcher Nichol
|
@@ -16,22 +17,28 @@
|
|
16
17
|
# limitations under the License.
|
17
18
|
#
|
18
19
|
|
19
|
-
require
|
20
|
-
require
|
20
|
+
require "knife/server/credentials"
|
21
|
+
require "fakefs/spec_helpers"
|
21
22
|
|
22
23
|
describe Knife::Server::Credentials do
|
23
24
|
include FakeFS::SpecHelpers
|
24
25
|
|
25
|
-
let(:ssh) {
|
26
|
+
let(:ssh) { double("SSH Client") }
|
26
27
|
let(:validation_key_path) { "/tmp/validation.pem" }
|
27
28
|
let(:client_key_path) { "/tmp/client.pem" }
|
29
|
+
let(:io) { StringIO.new }
|
30
|
+
|
31
|
+
let(:options) do
|
32
|
+
{ :io => io }
|
33
|
+
end
|
28
34
|
|
29
35
|
subject do
|
30
|
-
Knife::Server::Credentials.new(ssh, validation_key_path)
|
36
|
+
Knife::Server::Credentials.new(ssh, validation_key_path, options)
|
31
37
|
end
|
32
38
|
|
33
39
|
let(:omnibus_subject) do
|
34
|
-
|
40
|
+
opts = { :omnibus => true }.merge(options)
|
41
|
+
Knife::Server::Credentials.new(ssh, validation_key_path, opts)
|
35
42
|
end
|
36
43
|
|
37
44
|
before do
|
@@ -40,17 +47,18 @@ describe Knife::Server::Credentials do
|
|
40
47
|
File.new(validation_key_path, "wb") { |f| f.write("thekey") }
|
41
48
|
File.new(client_key_path, "wb") { |f| f.write("clientkey") }
|
42
49
|
|
43
|
-
ENV[
|
50
|
+
ENV["_SPEC_WEBUI_PASSWORD"] = ENV["WEBUI_PASSWORD"]
|
44
51
|
end
|
45
52
|
|
46
53
|
after do
|
47
|
-
ENV[
|
54
|
+
ENV["WEBUI_PASSWORD"] = ENV.delete("_SPEC_WEBUI_PASSWORD")
|
48
55
|
end
|
49
56
|
|
50
57
|
describe "#install_validation_key" do
|
51
58
|
before do
|
52
|
-
ssh.
|
53
|
-
|
59
|
+
allow(ssh).to receive(:exec!).
|
60
|
+
with("cat /etc/chef/validation.pem") { "newkey" }
|
61
|
+
allow(ssh).to receive(:exec!).
|
54
62
|
with("cat /etc/chef-server/chef-validator.pem") { "omnibuskey" }
|
55
63
|
end
|
56
64
|
|
@@ -59,51 +67,69 @@ describe Knife::Server::Credentials do
|
|
59
67
|
subject.install_validation_key("old")
|
60
68
|
backup = File.open("/tmp/validation.old.pem", "rb") { |f| f.read }
|
61
69
|
|
62
|
-
original.
|
70
|
+
expect(original).to eq(backup)
|
71
|
+
end
|
72
|
+
|
73
|
+
it "prints a message on io object about backing up the key" do
|
74
|
+
subject.install_validation_key("old")
|
75
|
+
|
76
|
+
expect(io.string).to include(
|
77
|
+
"-----> Creating backup of /tmp/validation.pem locally at " \
|
78
|
+
"/tmp/validation.old.pem"
|
79
|
+
)
|
63
80
|
end
|
64
81
|
|
65
82
|
it "skips backup file creation if validation key file does not exist" do
|
66
83
|
FileUtils.rm_f(validation_key_path)
|
67
84
|
subject.install_validation_key("old")
|
68
85
|
|
69
|
-
File.
|
86
|
+
expect(File.exist?("/tmp/validation.old.pem")).to_not be_truthy
|
70
87
|
end
|
71
88
|
|
72
89
|
it "copies the key back from the server into validation key file" do
|
73
90
|
subject.install_validation_key("old")
|
74
91
|
key_str = File.open("/tmp/validation.pem", "rb") { |f| f.read }
|
75
92
|
|
76
|
-
key_str.
|
93
|
+
expect(key_str).to eq("newkey")
|
94
|
+
end
|
95
|
+
|
96
|
+
it "prints a message on io object about creating key file" do
|
97
|
+
subject.install_validation_key("old")
|
98
|
+
|
99
|
+
expect(io.string).to include(
|
100
|
+
"-----> Installing validation private key locally at " \
|
101
|
+
"/tmp/validation.pem"
|
102
|
+
)
|
77
103
|
end
|
78
104
|
|
79
105
|
it "copies the key back from the omnibus server into validation key file" do
|
80
106
|
omnibus_subject.install_validation_key("old")
|
81
107
|
key_str = File.open("/tmp/validation.pem", "rb") { |f| f.read }
|
82
108
|
|
83
|
-
key_str.
|
109
|
+
expect(key_str).to eq("omnibuskey")
|
84
110
|
end
|
85
111
|
end
|
86
112
|
|
87
113
|
describe "#create_root_client" do
|
88
114
|
it "creates an initial client key on the server" do
|
89
|
-
ssh.
|
90
|
-
|
91
|
-
|
115
|
+
expect(ssh).to receive(:exec!).with([
|
116
|
+
"knife configure --initial --server-url http://127.0.0.1:4000",
|
117
|
+
%{--user root --repository "" --defaults --yes}
|
92
118
|
].join(" "))
|
93
119
|
|
94
120
|
subject.create_root_client
|
95
121
|
end
|
96
122
|
|
97
123
|
it "creates an initial user on the omnibus server" do
|
98
|
-
ENV[
|
99
|
-
ssh.
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
124
|
+
ENV["WEBUI_PASSWORD"] = "doowah"
|
125
|
+
expect(ssh).to receive(:exec!).with([
|
126
|
+
%{echo 'doowah' |},
|
127
|
+
"knife configure --initial --server-url http://127.0.0.1:8000",
|
128
|
+
%{--user root --repository "" --admin-client-name chef-webui},
|
129
|
+
"--admin-client-key /etc/chef-server/chef-webui.pem",
|
130
|
+
"--validation-client-name chef-validator",
|
131
|
+
"--validation-key /etc/chef-server/chef-validator.pem",
|
132
|
+
"--defaults --yes 2>> /tmp/chef-server-install-errors.txt"
|
107
133
|
].join(" "))
|
108
134
|
|
109
135
|
omnibus_subject.create_root_client
|
@@ -112,45 +138,216 @@ describe Knife::Server::Credentials do
|
|
112
138
|
|
113
139
|
describe "#install_client_key" do
|
114
140
|
before do
|
115
|
-
ssh.
|
116
|
-
ssh.
|
141
|
+
allow(ssh).to receive(:exec!)
|
142
|
+
allow(ssh).to receive(:exec!).
|
143
|
+
with("cat /tmp/chef-client-bob.pem") { "bobkey" }
|
117
144
|
end
|
118
145
|
|
119
|
-
|
120
|
-
|
121
|
-
"knife client create bob --admin",
|
122
|
-
"--file /tmp/chef-client-bob.pem --disable-editing",
|
123
|
-
].join(" "))
|
146
|
+
context "with no pre-exisiting key and not omnibus" do
|
147
|
+
before { options[:omnibus] = false }
|
124
148
|
|
125
|
-
|
126
|
-
|
149
|
+
it "creates a user client key on the server" do
|
150
|
+
expect(ssh).to receive(:exec!).with([
|
151
|
+
"knife client create bob --admin",
|
152
|
+
"--file /tmp/chef-client-bob.pem --disable-editing"
|
153
|
+
].join(" "))
|
127
154
|
|
128
|
-
|
129
|
-
|
130
|
-
subject.install_client_key("bob", client_key_path, "old")
|
131
|
-
backup = File.open("/tmp/client.old.pem", "rb") { |f| f.read }
|
155
|
+
subject.install_client_key("bob", client_key_path)
|
156
|
+
end
|
132
157
|
|
133
|
-
|
134
|
-
|
158
|
+
it "skips backup file creation if client key file does not exist" do
|
159
|
+
FileUtils.rm_f(client_key_path)
|
160
|
+
subject.install_client_key("bob", client_key_path, "old")
|
161
|
+
|
162
|
+
expect(File.exist?("/tmp/client.old.pem")).to_not be_truthy
|
163
|
+
end
|
164
|
+
|
165
|
+
it "copies the key back from the server into client key file" do
|
166
|
+
subject.install_client_key("bob", client_key_path, "old")
|
167
|
+
key_str = File.open("/tmp/client.pem", "rb") { |f| f.read }
|
168
|
+
|
169
|
+
expect(key_str).to eq("bobkey")
|
170
|
+
end
|
171
|
+
|
172
|
+
it "prints a message on io object about creating key file" do
|
173
|
+
subject.install_client_key("bob", client_key_path, "old")
|
174
|
+
|
175
|
+
expect(io.string).to include(
|
176
|
+
"-----> Installing bob private key locally at /tmp/client.pem"
|
177
|
+
)
|
178
|
+
end
|
135
179
|
|
136
|
-
|
137
|
-
|
138
|
-
subject.install_client_key("bob", client_key_path, "old")
|
180
|
+
it "removes the user client key from the server" do
|
181
|
+
expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
|
139
182
|
|
140
|
-
|
183
|
+
subject.install_client_key("bob", client_key_path)
|
184
|
+
end
|
141
185
|
end
|
142
186
|
|
143
|
-
|
144
|
-
|
145
|
-
|
187
|
+
context "with no pre-exisiting key and omnibus" do
|
188
|
+
before do
|
189
|
+
options[:omnibus] = true
|
190
|
+
FileUtils.rm_f(client_key_path)
|
191
|
+
end
|
146
192
|
|
147
|
-
|
193
|
+
it "creates a user client key on the server" do
|
194
|
+
ENV["WEBUI_PASSWORD"] = "yepyep"
|
195
|
+
expect(ssh).to receive(:exec!).with(
|
196
|
+
"knife user create bob --admin " \
|
197
|
+
"--file /tmp/chef-client-bob.pem --disable-editing " \
|
198
|
+
"--password yepyep"
|
199
|
+
)
|
200
|
+
|
201
|
+
subject.install_client_key("bob", client_key_path)
|
202
|
+
end
|
203
|
+
|
204
|
+
it "skips backup file creation if client key file does not exist" do
|
205
|
+
subject.install_client_key("bob", client_key_path, "old")
|
206
|
+
|
207
|
+
expect(File.exist?("/tmp/client.old.pem")).to_not be_truthy
|
208
|
+
end
|
209
|
+
|
210
|
+
it "copies the key back from the server into client key file" do
|
211
|
+
subject.install_client_key("bob", client_key_path, "old")
|
212
|
+
key_str = File.open("/tmp/client.pem", "rb") { |f| f.read }
|
213
|
+
|
214
|
+
expect(key_str).to eq("bobkey")
|
215
|
+
end
|
216
|
+
|
217
|
+
it "prints a message on io object about creating key file" do
|
218
|
+
subject.install_client_key("bob", client_key_path, "old")
|
219
|
+
|
220
|
+
expect(io.string).to include(
|
221
|
+
"-----> Installing bob private key locally at /tmp/client.pem"
|
222
|
+
)
|
223
|
+
end
|
224
|
+
|
225
|
+
it "removes the user client key from the server" do
|
226
|
+
expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
|
227
|
+
|
228
|
+
subject.install_client_key("bob", client_key_path)
|
229
|
+
end
|
148
230
|
end
|
149
231
|
|
150
|
-
|
151
|
-
|
232
|
+
context "with a pre-existing key but not omnibus" do
|
233
|
+
before { options[:omnibus] = false }
|
234
|
+
|
235
|
+
it "creates the client generating a new private key on the node" do
|
236
|
+
expect(ssh).to receive(:exec!).with(
|
237
|
+
"knife client create jdoe --admin " \
|
238
|
+
"--file /tmp/chef-client-jdoe.pem --disable-editing"
|
239
|
+
)
|
240
|
+
|
241
|
+
subject.install_client_key("jdoe", client_key_path)
|
242
|
+
end
|
243
|
+
|
244
|
+
it "creates a backup of the existing client key file" do
|
245
|
+
original = File.open("/tmp/client.pem", "rb") { |f| f.read }
|
246
|
+
subject.install_client_key("bob", client_key_path, "old")
|
247
|
+
backup = File.open("/tmp/client.old.pem", "rb") { |f| f.read }
|
248
|
+
|
249
|
+
expect(original).to eq(backup)
|
250
|
+
end
|
251
|
+
|
252
|
+
it "prints a message on io object about backing up the key" do
|
253
|
+
subject.install_client_key("bob", client_key_path, "old")
|
254
|
+
|
255
|
+
expect(io.string).to include(
|
256
|
+
"-----> Creating backup of /tmp/client.pem locally at " \
|
257
|
+
"/tmp/client.old.pem"
|
258
|
+
)
|
259
|
+
end
|
260
|
+
|
261
|
+
it "removes the user client key from the server" do
|
262
|
+
expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
|
263
|
+
|
264
|
+
subject.install_client_key("bob", client_key_path)
|
265
|
+
end
|
266
|
+
end
|
152
267
|
|
153
|
-
|
268
|
+
context "with a pre-existing key using omnibus" do
|
269
|
+
let(:private_key) do
|
270
|
+
<<-RSA_KEY
|
271
|
+
-----BEGIN RSA PRIVATE KEY-----
|
272
|
+
MIIEpgIBAAKCAQEAtE1zwH+ABwvCuIzjEZg2ZD1agMJGGNX2gWlbaJ6leisi8HtL
|
273
|
+
yWFJaRd/6Bm6ICgDrEBm0oGpMLffJK2qMBcKczEirsbc/biLUJG2kwFoH/I6f5BP
|
274
|
+
BErSN6mGCbZ2bVvn4114uPFmT0rJxAMsQMGS9UE3SigMxfWlZkpZYLLutU6XUDKY
|
275
|
+
w7S4l50qlNVIHy7n1O1XEIPZDf6HVEpkL+Ym91cjhy15HiEJAmFf9w5SeDjjoM2u
|
276
|
+
1lCxfKs4yt5FVqJfgqGRA8VRp2fRmWbn+tGqwBAVDphzYNpES67NJRYLQvrBXtR0
|
277
|
+
87k4DM21di/Zq6DIKx+jOkT0etAFjklMr3w32wIDAQABAoIBAQCRql1Q8PErQBoh
|
278
|
+
5Vjx9wpCc7rxeYMOP5Z2uPqrjDheegkxRjtVR+76I40no9lWb12ARUuM2EorXPG/
|
279
|
+
fTqYvZSoudKuZ2VU6kpLXl2laKaJ4LXYJ2tfKV+qrp/mqu4ErhKrAvIsYILqnp5h
|
280
|
+
aLrQ2lLzJ6wWkkK3kBz/hiOtVwI5oReAsllsralpkQgAOB2/dFaJP/kGZjFghQsY
|
281
|
+
vAf5jzlMldTSgp1+ztrC2RKgBGUg4B5VjuBALG1AuPmnXyzEGMGDRbRhx43qckOg
|
282
|
+
WDFt3RMmIje8Qwd91eUoBbWkOKsJ5B7BT7Dli1gVP/lxEJRC+bdWVhs1r1qL8J9H
|
283
|
+
uEOxq8XhAoGBAOntpJB1tfuyRvcQuobNXIQOnPHuyhE/MTdcMT3D6tuAxqCYr7AD
|
284
|
+
pX38+8BF/FKT3VG8H1RiBbvvK8/ZJXTMc2Kp8l6R1r1QJMxYq3BM4+V3AyimlWAx
|
285
|
+
sTkQr7z1wSx4sYZ0n+WHWeZzcHPBHHHgNyY1yKWstRnoTURmTEd38acrAoGBAMVQ
|
286
|
+
hVkgdVmpJLPNcQvFeaXT8kP2MKpG4fM6yEL0i8Bf+/t9w/dFYwvLMF0c65WpEIn6
|
287
|
+
27njQhb2RsGSyECOaWMRf+rCNoatVYJhXV/LS1aEz0IZlZAWidxErTyl6fAItJfy
|
288
|
+
xBd9SzO3PBq6KEWWxNz6r2kkl0FOM2L0KzUVgVoRAoGBAOELRe3T0Cc78xlsdoWI
|
289
|
+
uyAwDryQxMSizm47uwN4n1BcKroFKb9jQqpZ3reynHO03I3tNRaw1mNeS//BH0+m
|
290
|
+
ALtCU3C3TKcDmuMbypJW5keyns9Usw+/vobvjqFyq0xlMCPxvoHKHKqfE+fIN901
|
291
|
+
ntiblVQNOoyZ9vt+jpOSyF/RAoGBAJI/F0czLqeRHboDGLnv2TVW/abvz6w1s31z
|
292
|
+
YUF3PioNOphx5BDfpgT0ylkJeXfJApAyli+WSML6MQGCyNhIdcZPDy+yWXXC/bEQ
|
293
|
+
d4PsC2AKOhA1JEzS18WiRYDBPL6DxU8mSb9bR6UCOBNbTUQe9rUPPXpB+7YUvzOl
|
294
|
+
5GyJDwHxAoGBAKH1SPQOc5tmuFW3eC0WqAd9hdMvVpn1jHzmyBaswg7wwYY7Ova9
|
295
|
+
x4PkurwpKVt7yO0uUkSOCyd2yScGNsyL+H450TSkRNxRjTJiCSriaW5abOVeQtyS
|
296
|
+
+rGmX4enOwMKsbMPUPmTuwyE2tBleK6hoMFwMeZAeJPxjJrWttfiNfLF
|
297
|
+
-----END RSA PRIVATE KEY-----
|
298
|
+
RSA_KEY
|
299
|
+
end
|
300
|
+
|
301
|
+
let(:public_key) do
|
302
|
+
<<-RSA_KEY
|
303
|
+
-----BEGIN PUBLIC KEY-----
|
304
|
+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE1zwH+ABwvCuIzjEZg2
|
305
|
+
ZD1agMJGGNX2gWlbaJ6leisi8HtLyWFJaRd/6Bm6ICgDrEBm0oGpMLffJK2qMBcK
|
306
|
+
czEirsbc/biLUJG2kwFoH/I6f5BPBErSN6mGCbZ2bVvn4114uPFmT0rJxAMsQMGS
|
307
|
+
9UE3SigMxfWlZkpZYLLutU6XUDKYw7S4l50qlNVIHy7n1O1XEIPZDf6HVEpkL+Ym
|
308
|
+
91cjhy15HiEJAmFf9w5SeDjjoM2u1lCxfKs4yt5FVqJfgqGRA8VRp2fRmWbn+tGq
|
309
|
+
wBAVDphzYNpES67NJRYLQvrBXtR087k4DM21di/Zq6DIKx+jOkT0etAFjklMr3w3
|
310
|
+
2wIDAQAB
|
311
|
+
-----END PUBLIC KEY-----
|
312
|
+
RSA_KEY
|
313
|
+
end
|
314
|
+
|
315
|
+
before do
|
316
|
+
options[:omnibus] = true
|
317
|
+
File.open(client_key_path, "wb") { |f| f.write(private_key) }
|
318
|
+
end
|
319
|
+
|
320
|
+
it "prints a message on io object about uploading up the key" do
|
321
|
+
subject.install_client_key("bob", client_key_path, "old")
|
322
|
+
|
323
|
+
expect(io.string).to include(
|
324
|
+
"-----> Uploading public key for pre-existing bob key"
|
325
|
+
)
|
326
|
+
end
|
327
|
+
|
328
|
+
it "writes the public key on the node" do
|
329
|
+
expect(ssh).to receive(:exec!).
|
330
|
+
with(%{echo "#{public_key}" > /tmp/chef-client-jdoe.pem})
|
331
|
+
|
332
|
+
subject.install_client_key("jdoe", client_key_path)
|
333
|
+
end
|
334
|
+
|
335
|
+
it "creates the user using the public key on the node" do
|
336
|
+
ENV["WEBUI_PASSWORD"] = "yepyep"
|
337
|
+
expect(ssh).to receive(:exec!).with(
|
338
|
+
"knife user create jdoe --admin " \
|
339
|
+
"--user-key /tmp/chef-client-jdoe.pem --disable-editing " \
|
340
|
+
"--password yepyep"
|
341
|
+
)
|
342
|
+
|
343
|
+
subject.install_client_key("jdoe", client_key_path)
|
344
|
+
end
|
345
|
+
|
346
|
+
it "removes the user client key from the server" do
|
347
|
+
expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
|
348
|
+
|
349
|
+
subject.install_client_key("bob", client_key_path)
|
350
|
+
end
|
154
351
|
end
|
155
352
|
end
|
156
353
|
end
|