knife-server 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/.cane +1 -0
  3. data/.rspec +1 -0
  4. data/.rubocop.yml +3 -0
  5. data/.travis.yml +12 -8
  6. data/CHANGELOG.md +32 -1
  7. data/Gemfile +9 -4
  8. data/Guardfile +28 -0
  9. data/README.md +28 -5
  10. data/Rakefile +31 -10
  11. data/knife-server.gemspec +18 -8
  12. data/lib/chef/knife/bootstrap/_omnibus.sh +63 -10
  13. data/lib/chef/knife/bootstrap/chef10/rhel.erb +2 -0
  14. data/lib/chef/knife/bootstrap/chef11/omnibus.erb +4 -1
  15. data/lib/chef/knife/bootstrap/chef11/rhel.erb +2 -0
  16. data/lib/chef/knife/server_backup.rb +24 -10
  17. data/lib/chef/knife/server_bootstrap_base.rb +68 -23
  18. data/lib/chef/knife/server_bootstrap_ec2.rb +33 -20
  19. data/lib/chef/knife/server_bootstrap_linode.rb +20 -13
  20. data/lib/chef/knife/server_bootstrap_openstack.rb +128 -0
  21. data/lib/chef/knife/server_bootstrap_standalone.rb +28 -16
  22. data/lib/chef/knife/server_restore.rb +23 -9
  23. data/lib/knife-server.rb +1 -0
  24. data/lib/knife/server/credentials.rb +78 -42
  25. data/lib/knife/server/ec2_security_group.rb +24 -21
  26. data/lib/knife/server/ssh.rb +54 -18
  27. data/lib/knife/server/version.rb +2 -1
  28. data/spec/chef/knife/server_backup_spec.rb +58 -44
  29. data/spec/chef/knife/server_bootstrap_ec2_spec.rb +108 -80
  30. data/spec/chef/knife/server_bootstrap_linode_spec.rb +93 -64
  31. data/spec/chef/knife/server_bootstrap_openstack_spec.rb +305 -0
  32. data/spec/chef/knife/server_bootstrap_standalone_spec.rb +113 -76
  33. data/spec/chef/knife/server_restore_spec.rb +38 -37
  34. data/spec/knife/server/credientials_spec.rb +248 -51
  35. data/spec/knife/server/ec2_security_group_spec.rb +76 -68
  36. data/spec/knife/server/ssh_spec.rb +138 -22
  37. metadata +107 -31
@@ -1,3 +1,4 @@
1
+ # -*- encoding: utf-8 -*-
1
2
  #
2
3
  # Author:: Fletcher Nichol (<fnichol@nichol.ca>)
3
4
  # Copyright:: Copyright (c) 2012 Fletcher Nichol
@@ -16,9 +17,9 @@
16
17
  # limitations under the License.
17
18
  #
18
19
 
19
- require 'chef/knife/server_restore'
20
- require 'fakefs/spec_helpers'
21
- require 'fileutils'
20
+ require "chef/knife/server_restore"
21
+ require "fakefs/spec_helpers"
22
+ require "fileutils"
22
23
  Chef::Knife::ServerRestore.load_deps
23
24
 
24
25
  describe Chef::Knife::ServerRestore do
@@ -28,51 +29,51 @@ describe Chef::Knife::ServerRestore do
28
29
  Chef::Log.logger = Logger.new(StringIO.new)
29
30
  @knife = Chef::Knife::ServerRestore.new
30
31
  @stdout = StringIO.new
31
- @knife.ui.stub!(:stdout).and_return(@stdout)
32
- @knife.ui.stub(:msg)
32
+ allow(@knife.ui).to receive(:stdout).and_return(@stdout)
33
+ allow(@knife.ui).to receive(:msg)
33
34
  @stderr = StringIO.new
34
- @knife.ui.stub!(:stderr).and_return(@stderr)
35
+ allow(@knife.ui).to receive(:stderr).and_return(@stderr)
35
36
  @knife.config[:backup_dir] = "/baks"
36
37
  end
37
38
 
38
39
  describe "#run" do
39
- let(:rest_client) { stub(:post_rest => true) }
40
+ let(:rest_client) { double(:post_rest => true) }
40
41
 
41
42
  before do
42
- Chef::Node.any_instance.stub(:save) { true }
43
- Chef::Role.any_instance.stub(:save) { true }
44
- Chef::Environment.any_instance.stub(:save) { true }
45
- Chef::DataBagItem.any_instance.stub(:save) { true }
46
- @knife.stub(:rest) { rest_client }
43
+ allow_any_instance_of(Chef::Node).to receive(:save) { true }
44
+ allow_any_instance_of(Chef::Role).to receive(:save) { true }
45
+ allow_any_instance_of(Chef::Environment).to receive(:save) { true }
46
+ allow_any_instance_of(Chef::DataBagItem).to receive(:save) { true }
47
+ allow(@knife).to receive(:rest) { rest_client }
47
48
  end
48
49
 
49
50
  it "exists if component type is invalid" do
50
- @knife.name_args = %w{nodes hovercraft}
51
+ @knife.name_args = %w[nodes hovercraft]
51
52
 
52
- lambda { @knife.run }.should raise_error SystemExit
53
+ expect { @knife.run }.to raise_error(SystemExit)
53
54
  end
54
55
 
55
56
  it "exists if backup_dir is missing" do
56
57
  @knife.config.delete(:backup_dir)
57
58
 
58
- lambda { @knife.run }.should raise_error SystemExit
59
+ expect { @knife.run }.to raise_error(SystemExit)
59
60
  end
60
61
 
61
62
  context "for nodes" do
62
63
  before do
63
- @knife.name_args = %w{nodes}
64
+ @knife.name_args = %w[nodes]
64
65
 
65
66
  stub_json_node!("mynode")
66
67
  end
67
68
 
68
69
  it "sends a message to the ui" do
69
- @knife.ui.should_receive(:msg).with(/mynode/)
70
+ expect(@knife.ui).to receive(:msg).with(/mynode/)
70
71
 
71
72
  @knife.run
72
73
  end
73
74
 
74
75
  it "saves the node" do
75
- Chef::Node.any_instance.should_receive(:save).once
76
+ expect_any_instance_of(Chef::Node).to receive(:save).once
76
77
 
77
78
  @knife.run
78
79
  end
@@ -80,19 +81,19 @@ describe Chef::Knife::ServerRestore do
80
81
 
81
82
  context "for roles" do
82
83
  before do
83
- @knife.name_args = %w{roles}
84
+ @knife.name_args = %w[roles]
84
85
 
85
86
  stub_json_role!("myrole")
86
87
  end
87
88
 
88
89
  it "sends a message to the ui" do
89
- @knife.ui.should_receive(:msg).with(/myrole/)
90
+ expect(@knife.ui).to receive(:msg).with(/myrole/)
90
91
 
91
92
  @knife.run
92
93
  end
93
94
 
94
95
  it "saves the role" do
95
- Chef::Role.any_instance.should_receive(:save).once
96
+ expect_any_instance_of(Chef::Role).to receive(:save).once
96
97
 
97
98
  @knife.run
98
99
  end
@@ -100,19 +101,19 @@ describe Chef::Knife::ServerRestore do
100
101
 
101
102
  context "for environments" do
102
103
  before do
103
- @knife.name_args = %w{environments}
104
+ @knife.name_args = %w[environments]
104
105
 
105
106
  stub_json_env!("myenv")
106
107
  end
107
108
 
108
109
  it "sends a message to the ui" do
109
- @knife.ui.should_receive(:msg).with(/myenv/)
110
+ expect(@knife.ui).to receive(:msg).with(/myenv/)
110
111
 
111
112
  @knife.run
112
113
  end
113
114
 
114
115
  it "saves the environment" do
115
- Chef::Environment.any_instance.should_receive(:save).once
116
+ expect_any_instance_of(Chef::Environment).to receive(:save).once
116
117
 
117
118
  @knife.run
118
119
  end
@@ -120,34 +121,34 @@ describe Chef::Knife::ServerRestore do
120
121
 
121
122
  context "for data_bags" do
122
123
  before do
123
- @knife.name_args = %w{data_bags}
124
+ @knife.name_args = %w[data_bags]
124
125
 
125
126
  stub_json_data_bag_item!("mybag", "myitem")
126
127
  end
127
128
 
128
129
  it "sends a message to the ui" do
129
- @knife.ui.should_receive(:msg).with(/myitem/)
130
+ expect(@knife.ui).to receive(:msg).with(/myitem/)
130
131
 
131
132
  @knife.run
132
133
  end
133
134
 
134
135
  it "creates the data bag" do
135
- rest_client.should_receive(:post_rest).
136
- with("data", { "name" => "mybag" })
136
+ expect(rest_client).to receive(:post_rest).
137
+ with("data", "name" => "mybag")
137
138
 
138
139
  @knife.run
139
140
  end
140
141
 
141
142
  it "only creates the data bag once for multiple items" do
142
143
  stub_json_data_bag_item!("mybag", "anotheritem")
143
- rest_client.should_receive(:post_rest).
144
- with("data", { "name" => "mybag" }).once
144
+ expect(rest_client).to receive(:post_rest).
145
+ with("data", "name" => "mybag").once
145
146
 
146
147
  @knife.run
147
148
  end
148
149
 
149
150
  it "saves the data bag item" do
150
- Chef::DataBagItem.any_instance.should_receive(:save).once
151
+ expect_any_instance_of(Chef::DataBagItem).to receive(:save).once
151
152
 
152
153
  @knife.run
153
154
  end
@@ -162,32 +163,32 @@ describe Chef::Knife::ServerRestore do
162
163
  end
163
164
 
164
165
  it "saves nodes" do
165
- Chef::Node.any_instance.should_receive(:save)
166
+ expect_any_instance_of(Chef::Node).to receive(:save)
166
167
 
167
168
  @knife.run
168
169
  end
169
170
 
170
171
  it "saves roles" do
171
- Chef::Role.any_instance.should_receive(:save)
172
+ expect_any_instance_of(Chef::Role).to receive(:save)
172
173
 
173
174
  @knife.run
174
175
  end
175
176
 
176
177
  it "saves environments" do
177
- Chef::Environment.any_instance.should_receive(:save)
178
+ expect_any_instance_of(Chef::Environment).to receive(:save)
178
179
 
179
180
  @knife.run
180
181
  end
181
182
 
182
183
  it "creates data bags" do
183
- rest_client.should_receive(:post_rest).
184
- with("data", { "name" => "bagey" })
184
+ expect(rest_client).to receive(:post_rest).
185
+ with("data", "name" => "bagey")
185
186
 
186
187
  @knife.run
187
188
  end
188
189
 
189
190
  it "saves data bag items" do
190
- Chef::DataBagItem.any_instance.should_receive(:save)
191
+ expect_any_instance_of(Chef::DataBagItem).to receive(:save)
191
192
 
192
193
  @knife.run
193
194
  end
@@ -1,3 +1,4 @@
1
+ # -*- encoding: utf-8 -*-
1
2
  #
2
3
  # Author:: Fletcher Nichol (<fnichol@nichol.ca>)
3
4
  # Copyright:: Copyright (c) 2012 Fletcher Nichol
@@ -16,22 +17,28 @@
16
17
  # limitations under the License.
17
18
  #
18
19
 
19
- require 'knife/server/credentials'
20
- require 'fakefs/spec_helpers'
20
+ require "knife/server/credentials"
21
+ require "fakefs/spec_helpers"
21
22
 
22
23
  describe Knife::Server::Credentials do
23
24
  include FakeFS::SpecHelpers
24
25
 
25
- let(:ssh) { stub("SSH Client") }
26
+ let(:ssh) { double("SSH Client") }
26
27
  let(:validation_key_path) { "/tmp/validation.pem" }
27
28
  let(:client_key_path) { "/tmp/client.pem" }
29
+ let(:io) { StringIO.new }
30
+
31
+ let(:options) do
32
+ { :io => io }
33
+ end
28
34
 
29
35
  subject do
30
- Knife::Server::Credentials.new(ssh, validation_key_path)
36
+ Knife::Server::Credentials.new(ssh, validation_key_path, options)
31
37
  end
32
38
 
33
39
  let(:omnibus_subject) do
34
- Knife::Server::Credentials.new(ssh, validation_key_path, :omnibus => true)
40
+ opts = { :omnibus => true }.merge(options)
41
+ Knife::Server::Credentials.new(ssh, validation_key_path, opts)
35
42
  end
36
43
 
37
44
  before do
@@ -40,17 +47,18 @@ describe Knife::Server::Credentials do
40
47
  File.new(validation_key_path, "wb") { |f| f.write("thekey") }
41
48
  File.new(client_key_path, "wb") { |f| f.write("clientkey") }
42
49
 
43
- ENV['_SPEC_WEBUI_PASSWORD'] = ENV['WEBUI_PASSWORD']
50
+ ENV["_SPEC_WEBUI_PASSWORD"] = ENV["WEBUI_PASSWORD"]
44
51
  end
45
52
 
46
53
  after do
47
- ENV['WEBUI_PASSWORD'] = ENV.delete('_SPEC_WEBUI_PASSWORD')
54
+ ENV["WEBUI_PASSWORD"] = ENV.delete("_SPEC_WEBUI_PASSWORD")
48
55
  end
49
56
 
50
57
  describe "#install_validation_key" do
51
58
  before do
52
- ssh.stub(:exec!).with("cat /etc/chef/validation.pem") { "newkey" }
53
- ssh.stub(:exec!).
59
+ allow(ssh).to receive(:exec!).
60
+ with("cat /etc/chef/validation.pem") { "newkey" }
61
+ allow(ssh).to receive(:exec!).
54
62
  with("cat /etc/chef-server/chef-validator.pem") { "omnibuskey" }
55
63
  end
56
64
 
@@ -59,51 +67,69 @@ describe Knife::Server::Credentials do
59
67
  subject.install_validation_key("old")
60
68
  backup = File.open("/tmp/validation.old.pem", "rb") { |f| f.read }
61
69
 
62
- original.should eq(backup)
70
+ expect(original).to eq(backup)
71
+ end
72
+
73
+ it "prints a message on io object about backing up the key" do
74
+ subject.install_validation_key("old")
75
+
76
+ expect(io.string).to include(
77
+ "-----> Creating backup of /tmp/validation.pem locally at " \
78
+ "/tmp/validation.old.pem"
79
+ )
63
80
  end
64
81
 
65
82
  it "skips backup file creation if validation key file does not exist" do
66
83
  FileUtils.rm_f(validation_key_path)
67
84
  subject.install_validation_key("old")
68
85
 
69
- File.exists?("/tmp/validation.old.pem").should_not be_true
86
+ expect(File.exist?("/tmp/validation.old.pem")).to_not be_truthy
70
87
  end
71
88
 
72
89
  it "copies the key back from the server into validation key file" do
73
90
  subject.install_validation_key("old")
74
91
  key_str = File.open("/tmp/validation.pem", "rb") { |f| f.read }
75
92
 
76
- key_str.should eq("newkey")
93
+ expect(key_str).to eq("newkey")
94
+ end
95
+
96
+ it "prints a message on io object about creating key file" do
97
+ subject.install_validation_key("old")
98
+
99
+ expect(io.string).to include(
100
+ "-----> Installing validation private key locally at " \
101
+ "/tmp/validation.pem"
102
+ )
77
103
  end
78
104
 
79
105
  it "copies the key back from the omnibus server into validation key file" do
80
106
  omnibus_subject.install_validation_key("old")
81
107
  key_str = File.open("/tmp/validation.pem", "rb") { |f| f.read }
82
108
 
83
- key_str.should eq("omnibuskey")
109
+ expect(key_str).to eq("omnibuskey")
84
110
  end
85
111
  end
86
112
 
87
113
  describe "#create_root_client" do
88
114
  it "creates an initial client key on the server" do
89
- ssh.should_receive(:exec!).with([
90
- 'knife configure --initial --server-url http://127.0.0.1:4000',
91
- '--user root --repository "" --defaults --yes'
115
+ expect(ssh).to receive(:exec!).with([
116
+ "knife configure --initial --server-url http://127.0.0.1:4000",
117
+ %{--user root --repository "" --defaults --yes}
92
118
  ].join(" "))
93
119
 
94
120
  subject.create_root_client
95
121
  end
96
122
 
97
123
  it "creates an initial user on the omnibus server" do
98
- ENV['WEBUI_PASSWORD'] = 'doowah'
99
- ssh.should_receive(:exec!).with([
100
- "echo 'doowah' |",
101
- 'knife configure --initial --server-url http://127.0.0.1:8000',
102
- '--user root --repository "" --admin-client-name chef-webui',
103
- '--admin-client-key /etc/chef-server/chef-webui.pem',
104
- '--validation-client-name chef-validator',
105
- '--validation-key /etc/chef-server/chef-validator.pem',
106
- '--defaults --yes'
124
+ ENV["WEBUI_PASSWORD"] = "doowah"
125
+ expect(ssh).to receive(:exec!).with([
126
+ %{echo 'doowah' |},
127
+ "knife configure --initial --server-url http://127.0.0.1:8000",
128
+ %{--user root --repository "" --admin-client-name chef-webui},
129
+ "--admin-client-key /etc/chef-server/chef-webui.pem",
130
+ "--validation-client-name chef-validator",
131
+ "--validation-key /etc/chef-server/chef-validator.pem",
132
+ "--defaults --yes 2>> /tmp/chef-server-install-errors.txt"
107
133
  ].join(" "))
108
134
 
109
135
  omnibus_subject.create_root_client
@@ -112,45 +138,216 @@ describe Knife::Server::Credentials do
112
138
 
113
139
  describe "#install_client_key" do
114
140
  before do
115
- ssh.stub(:exec!)
116
- ssh.stub(:exec!).with("cat /tmp/chef-client-bob.pem") { "bobkey" }
141
+ allow(ssh).to receive(:exec!)
142
+ allow(ssh).to receive(:exec!).
143
+ with("cat /tmp/chef-client-bob.pem") { "bobkey" }
117
144
  end
118
145
 
119
- it "creates a user client key on the server" do
120
- ssh.should_receive(:exec!).with([
121
- "knife client create bob --admin",
122
- "--file /tmp/chef-client-bob.pem --disable-editing",
123
- ].join(" "))
146
+ context "with no pre-exisiting key and not omnibus" do
147
+ before { options[:omnibus] = false }
124
148
 
125
- subject.install_client_key("bob", client_key_path)
126
- end
149
+ it "creates a user client key on the server" do
150
+ expect(ssh).to receive(:exec!).with([
151
+ "knife client create bob --admin",
152
+ "--file /tmp/chef-client-bob.pem --disable-editing"
153
+ ].join(" "))
127
154
 
128
- it "creates a backup of the existing client key file" do
129
- original = File.open("/tmp/client.pem", "rb") { |f| f.read }
130
- subject.install_client_key("bob", client_key_path, "old")
131
- backup = File.open("/tmp/client.old.pem", "rb") { |f| f.read }
155
+ subject.install_client_key("bob", client_key_path)
156
+ end
132
157
 
133
- original.should eq(backup)
134
- end
158
+ it "skips backup file creation if client key file does not exist" do
159
+ FileUtils.rm_f(client_key_path)
160
+ subject.install_client_key("bob", client_key_path, "old")
161
+
162
+ expect(File.exist?("/tmp/client.old.pem")).to_not be_truthy
163
+ end
164
+
165
+ it "copies the key back from the server into client key file" do
166
+ subject.install_client_key("bob", client_key_path, "old")
167
+ key_str = File.open("/tmp/client.pem", "rb") { |f| f.read }
168
+
169
+ expect(key_str).to eq("bobkey")
170
+ end
171
+
172
+ it "prints a message on io object about creating key file" do
173
+ subject.install_client_key("bob", client_key_path, "old")
174
+
175
+ expect(io.string).to include(
176
+ "-----> Installing bob private key locally at /tmp/client.pem"
177
+ )
178
+ end
135
179
 
136
- it "skips backup file creation if client key file does not exist" do
137
- FileUtils.rm_f(client_key_path)
138
- subject.install_client_key("bob", client_key_path, "old")
180
+ it "removes the user client key from the server" do
181
+ expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
139
182
 
140
- File.exists?("/tmp/client.old.pem").should_not be_true
183
+ subject.install_client_key("bob", client_key_path)
184
+ end
141
185
  end
142
186
 
143
- it "copies the key back from the server into client key file" do
144
- subject.install_client_key("bob", client_key_path, "old")
145
- key_str = File.open("/tmp/client.pem", "rb") { |f| f.read }
187
+ context "with no pre-exisiting key and omnibus" do
188
+ before do
189
+ options[:omnibus] = true
190
+ FileUtils.rm_f(client_key_path)
191
+ end
146
192
 
147
- key_str.should eq("bobkey")
193
+ it "creates a user client key on the server" do
194
+ ENV["WEBUI_PASSWORD"] = "yepyep"
195
+ expect(ssh).to receive(:exec!).with(
196
+ "knife user create bob --admin " \
197
+ "--file /tmp/chef-client-bob.pem --disable-editing " \
198
+ "--password yepyep"
199
+ )
200
+
201
+ subject.install_client_key("bob", client_key_path)
202
+ end
203
+
204
+ it "skips backup file creation if client key file does not exist" do
205
+ subject.install_client_key("bob", client_key_path, "old")
206
+
207
+ expect(File.exist?("/tmp/client.old.pem")).to_not be_truthy
208
+ end
209
+
210
+ it "copies the key back from the server into client key file" do
211
+ subject.install_client_key("bob", client_key_path, "old")
212
+ key_str = File.open("/tmp/client.pem", "rb") { |f| f.read }
213
+
214
+ expect(key_str).to eq("bobkey")
215
+ end
216
+
217
+ it "prints a message on io object about creating key file" do
218
+ subject.install_client_key("bob", client_key_path, "old")
219
+
220
+ expect(io.string).to include(
221
+ "-----> Installing bob private key locally at /tmp/client.pem"
222
+ )
223
+ end
224
+
225
+ it "removes the user client key from the server" do
226
+ expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
227
+
228
+ subject.install_client_key("bob", client_key_path)
229
+ end
148
230
  end
149
231
 
150
- it "removes the user client key from the server" do
151
- ssh.should_receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
232
+ context "with a pre-existing key but not omnibus" do
233
+ before { options[:omnibus] = false }
234
+
235
+ it "creates the client generating a new private key on the node" do
236
+ expect(ssh).to receive(:exec!).with(
237
+ "knife client create jdoe --admin " \
238
+ "--file /tmp/chef-client-jdoe.pem --disable-editing"
239
+ )
240
+
241
+ subject.install_client_key("jdoe", client_key_path)
242
+ end
243
+
244
+ it "creates a backup of the existing client key file" do
245
+ original = File.open("/tmp/client.pem", "rb") { |f| f.read }
246
+ subject.install_client_key("bob", client_key_path, "old")
247
+ backup = File.open("/tmp/client.old.pem", "rb") { |f| f.read }
248
+
249
+ expect(original).to eq(backup)
250
+ end
251
+
252
+ it "prints a message on io object about backing up the key" do
253
+ subject.install_client_key("bob", client_key_path, "old")
254
+
255
+ expect(io.string).to include(
256
+ "-----> Creating backup of /tmp/client.pem locally at " \
257
+ "/tmp/client.old.pem"
258
+ )
259
+ end
260
+
261
+ it "removes the user client key from the server" do
262
+ expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
263
+
264
+ subject.install_client_key("bob", client_key_path)
265
+ end
266
+ end
152
267
 
153
- subject.install_client_key("bob", client_key_path)
268
+ context "with a pre-existing key using omnibus" do
269
+ let(:private_key) do
270
+ <<-RSA_KEY
271
+ -----BEGIN RSA PRIVATE KEY-----
272
+ MIIEpgIBAAKCAQEAtE1zwH+ABwvCuIzjEZg2ZD1agMJGGNX2gWlbaJ6leisi8HtL
273
+ yWFJaRd/6Bm6ICgDrEBm0oGpMLffJK2qMBcKczEirsbc/biLUJG2kwFoH/I6f5BP
274
+ BErSN6mGCbZ2bVvn4114uPFmT0rJxAMsQMGS9UE3SigMxfWlZkpZYLLutU6XUDKY
275
+ w7S4l50qlNVIHy7n1O1XEIPZDf6HVEpkL+Ym91cjhy15HiEJAmFf9w5SeDjjoM2u
276
+ 1lCxfKs4yt5FVqJfgqGRA8VRp2fRmWbn+tGqwBAVDphzYNpES67NJRYLQvrBXtR0
277
+ 87k4DM21di/Zq6DIKx+jOkT0etAFjklMr3w32wIDAQABAoIBAQCRql1Q8PErQBoh
278
+ 5Vjx9wpCc7rxeYMOP5Z2uPqrjDheegkxRjtVR+76I40no9lWb12ARUuM2EorXPG/
279
+ fTqYvZSoudKuZ2VU6kpLXl2laKaJ4LXYJ2tfKV+qrp/mqu4ErhKrAvIsYILqnp5h
280
+ aLrQ2lLzJ6wWkkK3kBz/hiOtVwI5oReAsllsralpkQgAOB2/dFaJP/kGZjFghQsY
281
+ vAf5jzlMldTSgp1+ztrC2RKgBGUg4B5VjuBALG1AuPmnXyzEGMGDRbRhx43qckOg
282
+ WDFt3RMmIje8Qwd91eUoBbWkOKsJ5B7BT7Dli1gVP/lxEJRC+bdWVhs1r1qL8J9H
283
+ uEOxq8XhAoGBAOntpJB1tfuyRvcQuobNXIQOnPHuyhE/MTdcMT3D6tuAxqCYr7AD
284
+ pX38+8BF/FKT3VG8H1RiBbvvK8/ZJXTMc2Kp8l6R1r1QJMxYq3BM4+V3AyimlWAx
285
+ sTkQr7z1wSx4sYZ0n+WHWeZzcHPBHHHgNyY1yKWstRnoTURmTEd38acrAoGBAMVQ
286
+ hVkgdVmpJLPNcQvFeaXT8kP2MKpG4fM6yEL0i8Bf+/t9w/dFYwvLMF0c65WpEIn6
287
+ 27njQhb2RsGSyECOaWMRf+rCNoatVYJhXV/LS1aEz0IZlZAWidxErTyl6fAItJfy
288
+ xBd9SzO3PBq6KEWWxNz6r2kkl0FOM2L0KzUVgVoRAoGBAOELRe3T0Cc78xlsdoWI
289
+ uyAwDryQxMSizm47uwN4n1BcKroFKb9jQqpZ3reynHO03I3tNRaw1mNeS//BH0+m
290
+ ALtCU3C3TKcDmuMbypJW5keyns9Usw+/vobvjqFyq0xlMCPxvoHKHKqfE+fIN901
291
+ ntiblVQNOoyZ9vt+jpOSyF/RAoGBAJI/F0czLqeRHboDGLnv2TVW/abvz6w1s31z
292
+ YUF3PioNOphx5BDfpgT0ylkJeXfJApAyli+WSML6MQGCyNhIdcZPDy+yWXXC/bEQ
293
+ d4PsC2AKOhA1JEzS18WiRYDBPL6DxU8mSb9bR6UCOBNbTUQe9rUPPXpB+7YUvzOl
294
+ 5GyJDwHxAoGBAKH1SPQOc5tmuFW3eC0WqAd9hdMvVpn1jHzmyBaswg7wwYY7Ova9
295
+ x4PkurwpKVt7yO0uUkSOCyd2yScGNsyL+H450TSkRNxRjTJiCSriaW5abOVeQtyS
296
+ +rGmX4enOwMKsbMPUPmTuwyE2tBleK6hoMFwMeZAeJPxjJrWttfiNfLF
297
+ -----END RSA PRIVATE KEY-----
298
+ RSA_KEY
299
+ end
300
+
301
+ let(:public_key) do
302
+ <<-RSA_KEY
303
+ -----BEGIN PUBLIC KEY-----
304
+ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE1zwH+ABwvCuIzjEZg2
305
+ ZD1agMJGGNX2gWlbaJ6leisi8HtLyWFJaRd/6Bm6ICgDrEBm0oGpMLffJK2qMBcK
306
+ czEirsbc/biLUJG2kwFoH/I6f5BPBErSN6mGCbZ2bVvn4114uPFmT0rJxAMsQMGS
307
+ 9UE3SigMxfWlZkpZYLLutU6XUDKYw7S4l50qlNVIHy7n1O1XEIPZDf6HVEpkL+Ym
308
+ 91cjhy15HiEJAmFf9w5SeDjjoM2u1lCxfKs4yt5FVqJfgqGRA8VRp2fRmWbn+tGq
309
+ wBAVDphzYNpES67NJRYLQvrBXtR087k4DM21di/Zq6DIKx+jOkT0etAFjklMr3w3
310
+ 2wIDAQAB
311
+ -----END PUBLIC KEY-----
312
+ RSA_KEY
313
+ end
314
+
315
+ before do
316
+ options[:omnibus] = true
317
+ File.open(client_key_path, "wb") { |f| f.write(private_key) }
318
+ end
319
+
320
+ it "prints a message on io object about uploading up the key" do
321
+ subject.install_client_key("bob", client_key_path, "old")
322
+
323
+ expect(io.string).to include(
324
+ "-----> Uploading public key for pre-existing bob key"
325
+ )
326
+ end
327
+
328
+ it "writes the public key on the node" do
329
+ expect(ssh).to receive(:exec!).
330
+ with(%{echo "#{public_key}" > /tmp/chef-client-jdoe.pem})
331
+
332
+ subject.install_client_key("jdoe", client_key_path)
333
+ end
334
+
335
+ it "creates the user using the public key on the node" do
336
+ ENV["WEBUI_PASSWORD"] = "yepyep"
337
+ expect(ssh).to receive(:exec!).with(
338
+ "knife user create jdoe --admin " \
339
+ "--user-key /tmp/chef-client-jdoe.pem --disable-editing " \
340
+ "--password yepyep"
341
+ )
342
+
343
+ subject.install_client_key("jdoe", client_key_path)
344
+ end
345
+
346
+ it "removes the user client key from the server" do
347
+ expect(ssh).to receive(:exec!).with("rm -f /tmp/chef-client-bob.pem")
348
+
349
+ subject.install_client_key("bob", client_key_path)
350
+ end
154
351
  end
155
352
  end
156
353
  end