knife-solo_data_bag 0.1.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/CHANGELOG.md

@@ -0,0 +1,2 @@
+## head
+

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in knife-solo_data_bag.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,201 @@
+Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright 2012 Thomas Bishop
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/README.md

@@ -0,0 +1,69 @@
+# Knife Solo Data Bag
+A knife plugin to make working with data bags easier in a chef solo environment
+
+## Installation
+
+    gem install knife-solo_data_bag
+
+## Usage
+
+### Create
+Create a plain text data bag
+
+    $ knife solo data bag create apps app_1
+
+Create an encrypted data bag with the provided string as the secret
+
+    $ knife solo data bag create apps app_1 -s secret_key
+
+Create an encrypted data bag with the provided file content as the secret
+
+    $ knife solo data bag create apps app_1 --secret-file 'SECRET_FILE'
+
+### Edit
+Edit a plain text data bag
+
+    $ knife solo data bag edit apps app_1
+
+Edit an encrypted data bag with the provided string as the secret
+
+    $ knife solo data bag edit apps app_1 -s secret_key
+
+Edit an encrypted data bag with the provided file content as the secret
+
+    $ knife solo data bag edit apps app_1 --secret-file 'SECRET_FILE'
+
+### List
+List all of the data bag
+
+    $ knife solo data bag list
+
+### Show
+Show the plain text content of a data bag (if this is an encrypted data bag, it will return the encrypted data)
+
+    $ knife solo data bag show apps app_1
+
+Show the unencrypted content of an encrypted data bag with the provided string as the secret
+
+    $ knife solo data bag show apps app_1 -s secret_key
+
+Show the unencrypted content of an encrypted data bag with the provided file content as the secret
+
+    $ knife solo data bag show apps app_1 --secret-file 'SECRET_FILE'
+
+## Notes
+This plugin will rely on the configured data_bag_path for placement of the data
+bags.  This defaults to '/var/chef/data_bags', but can be overriden in your chef
+client config.
+
+### Chef Support
+This plugin has only been tested with version 0.10.10 of chef.
+
+## Contribute
+* Fork the project
+* Make your feature addition or bug fix (with tests and docs) in a topic branch
+* Bonus points for not mucking with the gemspec or version
+* Send a pull request
+
+## License
+See LICENSE for details

data/Rakefile

@@ -0,0 +1,11 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+
+task :default => [:spec]
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new do |t|
+  t.rspec_opts = %w(-fs --color)
+end

data/knife-solo_data_bag.gemspec

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/knife-solo_data_bag/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Tommy Bishop"]
+  gem.email         = ["bishop.thomas@gmail.com"]
+  gem.description   = %q{A knife plugin for working with data bags and chef solo}
+  gem.summary       = %q{A knife plugin for working with data bags and chef solo}
+  gem.homepage      = 'https://github.com/thbishop/knife-solo_data_bag'
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.name          = "knife-solo_data_bag"
+  gem.require_paths = ["lib"]
+  gem.version       = Knife::SoloDataBag::VERSION
+  gem.add_development_dependency 'chef', '~> 0.10.10'
+  gem.add_development_dependency 'rspec', '~> 2.10.0'
+  gem.add_development_dependency 'fakefs', '~> 0.4.0'
+end

data/lib/chef/knife/helpers.rb

@@ -0,0 +1,49 @@
+module KnifeSoloDataBag
+  module Helpers
+
+    def bag_item_path
+      File.expand_path File.join(bag_path, "#{item_name}.json")
+    end
+
+    def bag_path
+      File.expand_path File.join(bags_path, bag_name)
+    end
+
+    def bags_path
+      Chef::Config[:data_bag_path]
+    end
+
+    def secret_key
+      return config[:secret] if config[:secret]
+      Chef::EncryptedDataBagItem.load_secret config[:secret_file]
+    end
+
+    def should_be_encrypted?
+      config[:secret] || config[:secret_file]
+    end
+
+    def validate_bag_name_provided
+      unless bag_name
+        show_usage
+        ui.fatal 'You must supply a name for the data bag'
+        exit 1
+      end
+    end
+
+    def validate_bags_path_exists
+      unless File.directory? bags_path
+        raise Chef::Exceptions::InvalidDataBagPath,
+              "Configured data bag path '#{bags_path}' is invalid"
+      end
+    end
+
+    def validate_multiple_secrets_were_not_provided
+      if config[:secret] && config[:secret_file]
+        show_usage
+        ui.fatal 'Please specify either --secret or --secret-file only'
+        exit 1
+      end
+    end
+
+  end
+end

data/lib/chef/knife/solo_data_bag_create.rb

@@ -0,0 +1,63 @@
+module KnifeSoloDataBag
+
+  class SoloDataBagCreate < Chef::Knife
+
+    require 'chef/knife/helpers'
+    require 'fileutils'
+
+    include KnifeSoloDataBag::Helpers
+
+    banner 'knife solo data bag create BAG [ITEM] (options)'
+    category 'solo data bag'
+
+    attr_reader :bag_name, :item_name
+
+    option :secret,
+           :short => '-s SECRET',
+           :long  => '--secret SECRET',
+           :description => 'The secret key to use to encrypt data bag item values'
+
+    option :secret_file,
+           :long  => '--secret-file SECRET_FILE',
+           :description => 'A file containing the secret key to use to encrypt data bag item values'
+
+    def run
+      @bag_name, @item_name = @name_args
+      ensure_valid_arguments
+      create_bag_directory
+      create_bag_item if item_name
+    end
+
+    private
+    def bag_item_content(content)
+      return content unless should_be_encrypted?
+      Chef::EncryptedDataBagItem.encrypt_data_bag_item content, secret_key
+    end
+
+    def create_bag_directory
+      FileUtils.mkdir_p bag_path unless File.exists? bag_path
+    end
+
+    def create_bag_item
+      create_object({'id' => item_name}, "data_bag_item[#{item_name}]") do |output|
+        item = Chef::DataBagItem.from_hash bag_item_content(output)
+        item.data_bag bag_name
+        persist_bag_item item
+      end
+    end
+
+    def ensure_valid_arguments
+      validate_bag_name_provided
+      validate_bags_path_exists
+      validate_multiple_secrets_were_not_provided
+    end
+
+    def persist_bag_item(item)
+      File.open bag_item_path, 'w' do |f|
+        f.write item.to_json
+      end
+    end
+
+  end
+
+end

data/lib/chef/knife/solo_data_bag_edit.rb

@@ -0,0 +1,73 @@
+module KnifeSoloDataBag
+
+  class SoloDataBagEdit < Chef::Knife
+
+    require 'chef/knife/helpers'
+
+    include KnifeSoloDataBag::Helpers
+
+    banner 'knife solo data bag edit BAG ITEM (options)'
+    category 'solo data bag'
+
+    attr_reader :bag_name, :item_name
+
+    option :secret,
+           :short => '-s SECRET',
+           :long  => '--secret SECRET',
+           :description => 'The secret key to use to encrypt data bag item values'
+
+    option :secret_file,
+           :long  => '--secret-file SECRET_FILE',
+           :description => 'A file containing the secret key to use to encrypt data bag item values'
+
+    def run
+      Chef::Config[:solo]   = true
+      @bag_name, @item_name = @name_args
+      ensure_valid_arguments
+      edit_content
+    end
+
+    private
+    def edit_content
+      updated_content = edit_data existing_bag_item_content
+      item = Chef::DataBagItem.from_hash format_editted_content(updated_content)
+      item.data_bag bag_name
+      persist_bag_item item
+    end
+
+    def existing_bag_item_content
+      content = Chef::DataBagItem.load(bag_name, item_name).raw_data
+
+      return content unless should_be_encrypted?
+      Chef::EncryptedDataBagItem.new(content, secret_key).to_hash
+    end
+
+    def format_editted_content(content)
+      return content unless should_be_encrypted?
+      Chef::EncryptedDataBagItem.encrypt_data_bag_item content, secret_key
+    end
+
+    def ensure_valid_arguments
+      validate_bag_name_provided
+      validate_item_name_provided
+      validate_bags_path_exists
+      validate_multiple_secrets_were_not_provided
+    end
+
+    def persist_bag_item(item)
+      File.open bag_item_path, 'w' do |f|
+        f.write item.to_json
+      end
+    end
+
+    def validate_item_name_provided
+      unless item_name
+        show_usage
+        ui.fatal 'You must supply a name for the item'
+        exit 1
+      end
+    end
+
+  end
+
+end

data/lib/chef/knife/solo_data_bag_list.rb

@@ -0,0 +1,32 @@
+module KnifeSoloDataBag
+
+  class SoloDataBagList < Chef::Knife
+
+    require 'chef/knife/helpers'
+
+    include KnifeSoloDataBag::Helpers
+
+    banner 'knife solo data bag list (options)'
+    category 'solo data bag'
+
+    attr_reader :bag_name
+
+    def run
+      ensure_valid_arguments
+      output format_for_display(bags)
+    end
+
+    private
+    def bags
+      Dir.entries(bags_path).select do |i|
+        File.directory?(File.expand_path(File.join(bags_path, i))) && i != '.' && i != '..'
+      end
+    end
+
+    def ensure_valid_arguments
+      validate_bags_path_exists
+    end
+
+  end
+
+end

data/lib/chef/knife/solo_data_bag_show.rb

@@ -0,0 +1,56 @@
+module KnifeSoloDataBag
+
+  class SoloDataBagShow < Chef::Knife
+
+    require 'chef/knife/helpers'
+
+    include KnifeSoloDataBag::Helpers
+
+    banner 'knife solo data bag show BAG [ITEM] (options)'
+    category 'solo data bag'
+
+    attr_reader :bag_name, :item_name
+
+    option :secret,
+           :short => '-s SECRET',
+           :long  => '--secret SECRET',
+           :description => 'The secret key to use to encrypt data bag item values'
+
+    option :secret_file,
+           :long  => '--secret-file SECRET_FILE',
+           :description => 'A file containing the secret key to use to encrypt data bag item values'
+
+    def run
+      Chef::Config[:solo]   = true
+      @bag_name, @item_name = @name_args
+      ensure_valid_arguments
+      display_content
+    end
+
+    private
+    def bag_content
+      Chef::DataBag.load bag_name
+    end
+
+    def bag_item_content
+      if should_be_encrypted?
+        Chef::EncryptedDataBagItem.load bag_name, item_name, secret_key
+      else
+        Chef::DataBagItem.load(bag_name, item_name).raw_data
+      end
+    end
+
+    def display_content
+      content = item_name ? bag_item_content : bag_content
+      output format_for_display(content)
+    end
+
+    def ensure_valid_arguments
+      validate_bag_name_provided
+      validate_bags_path_exists
+      validate_multiple_secrets_were_not_provided
+    end
+
+  end
+
+end

data/lib/knife-solo_data_bag.rb

@@ -0,0 +1,11 @@
+require 'chef/exceptions'
+require 'chef/knife'
+require 'chef/knife/solo_data_bag_create'
+require 'chef/knife/solo_data_bag_edit'
+require 'chef/knife/solo_data_bag_list'
+require 'chef/knife/solo_data_bag_show'
+require 'knife-solo_data_bag/version'
+
+module Knife
+  module SoloDataBag; end
+end

data/lib/knife-solo_data_bag/version.rb

@@ -0,0 +1,5 @@
+module Knife
+  module SoloDataBag
+    VERSION = '0.1.0'
+  end
+end

data/spec/contexts/bag_name_not_provided.rb

@@ -0,0 +1,11 @@
+shared_context 'bag_name_not_provided' do
+  context 'when a name is not supplied' do
+    it 'should exit with an error message' do
+      lambda {
+        @knife.run
+      }.should raise_error SystemExit
+      @stdout.string.should match /usage/i
+      @stderr.string.should match /name for the data bag/
+    end
+  end
+end

data/spec/contexts/bag_path_is_not_valid.rb

@@ -0,0 +1,15 @@
+shared_context 'bag_path_is_not_valid' do |args|
+  context 'when the data bag path is not valid' do
+    before do
+      File.stub(:directory?).and_return(false)
+      @knife.name_args = ['foo']
+      @knife.name_args.concat Array(args)
+    end
+
+    it 'should raise an invalid data bag path exception' do
+      lambda {
+        @knife.run
+      }.should raise_error Chef::Exceptions::InvalidDataBagPath
+    end
+  end
+end

data/spec/contexts/secret_string_and_secret_file_are_both_provided.rb

@@ -0,0 +1,20 @@
+shared_context 'secret_string_and_secret_file_are_both_provided' do |args|
+  context 'when specifying -s and --secret-file' do
+    before do
+      @knife.name_args = ['foo']
+      @knife.name_args.concat Array(args)
+      @knife.config[:secret] = 'foobar'
+      @knife.config[:secret_file] = 'secret.txt'
+      File.stub(:directory?).and_return(true)
+    end
+
+    it 'should exit with an error message' do
+      lambda {
+        @knife.run
+      }.should raise_error SystemExit
+      @stdout.string.should match /usage/i
+      @stderr.string.should match /either --secret or --secret-file/
+    end
+
+  end
+end

data/spec/contexts/stubbed_out_stdout_and_stderr.rb

@@ -0,0 +1,8 @@
+shared_context 'stubbed_out_stdout_and_stderr' do
+  before do
+    @stdout = StringIO.new
+    @stderr = StringIO.new
+    @knife.ui.stub!(:stdout).and_return(@stdout)
+    @knife.ui.stub!(:stderr).and_return(@stderr)
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+require 'fakefs/safe'
+require 'knife-solo_data_bag'
+
+['contexts', 'helpers', 'matchers'].each do |dir|
+  Dir[File.expand_path(File.join(File.dirname(__FILE__),dir,'*.rb'))].each {|f| require f}
+end

data/spec/unit/solo_data_bag_create_spec.rb

@@ -0,0 +1,94 @@
+require 'spec_helper'
+
+describe KnifeSoloDataBag::SoloDataBagCreate do
+  before do
+    @knife  = subject
+  end
+
+  include_context 'stubbed_out_stdout_and_stderr'
+
+  describe 'run' do
+    include_context 'bag_name_not_provided'
+    include_context 'bag_path_is_not_valid'
+    include_context 'secret_string_and_secret_file_are_both_provided'
+
+    context 'with valid arguments' do
+      before do
+        @bags_path                   = '/var/chef/data_bags'
+        @bag_path                    = "#{@bags_path}/bag_1"
+        @knife.name_args             = ['bag_1']
+        Chef::Config[:data_bag_path] = @bags_path
+
+        FakeFS.activate!
+        FileUtils.mkdir_p @bags_path
+      end
+
+      after do
+        FakeFS.deactivate!
+        FakeFS::FileSystem.clear
+      end
+
+      context 'if an item is not specified' do
+        it 'should create the data bag' do
+          @knife.run
+          File.directory?(@bags_path).should be_true
+          File.directory?(@bag_path).should be_true
+        end
+      end
+
+      context 'when also specifying an item' do
+        before do
+          @knife.name_args << 'bar'
+          @input_data = {'id' => 'foo', 'key_1' => 'value_1', 'key_2' => 'value_2'}
+          @item_path  = "#{@bag_path}/bar.json"
+          @knife.stub(:create_object).and_yield(@input_data)
+        end
+
+        it 'should create the data bag item' do
+          @knife.run
+          JSON.parse(File.read(@item_path)).raw_data.should == @input_data
+        end
+
+        context 'when encrypting with -s or --secret' do
+          before do
+            @knife.name_args << 'bar'
+            @knife.config[:secret] = 'secret_key'
+          end
+
+          it 'should create the encrypted data bag item' do
+            @knife.run
+            content = JSON.parse(File.read(@item_path)).raw_data
+            @input_data.keys.reject{|i| i == 'id'}.each do |k|
+              content.should have_key k
+              content[k].should_not == @input_data[k]
+            end
+          end
+        end
+
+        context 'when encrypting with --secret-file' do
+          before do
+            @knife.name_args            << 'bar'
+            @secret_path                = '/var/chef/secret.txt'
+            @knife.config[:secret_file] = @secret_path
+            Chef::EncryptedDataBagItem.should_receive(:load_secret).
+                                       with(@secret_path).
+                                       and_return('psst')
+          end
+
+          it 'should create the encrypted data bag item' do
+            @knife.run
+            content = JSON.parse(File.read(@item_path)).raw_data
+            @input_data.keys.reject{|i| i == 'id'}.each do |k|
+              content.should have_key k
+              content[k].should_not == @input_data[k]
+            end
+          end
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/spec/unit/solo_data_bag_edit_spec.rb

@@ -0,0 +1,101 @@
+require 'spec_helper'
+
+describe KnifeSoloDataBag::SoloDataBagEdit do
+  before do
+    @knife  = subject
+  end
+
+  include_context 'stubbed_out_stdout_and_stderr'
+
+  describe 'run' do
+    include_context 'bag_name_not_provided'
+    include_context 'bag_path_is_not_valid', ['foo']
+    include_context 'secret_string_and_secret_file_are_both_provided', ['bar']
+
+    context 'when an item name is not provided' do
+      before do
+        @knife.name_args = ['bag_1']
+      end
+
+      it 'should exit with an error message' do
+        lambda {
+          @knife.run
+        }.should raise_error SystemExit
+        @stdout.string.should match /usage/i
+        @stderr.string.should match /name for the item/
+      end
+    end
+
+    context 'with valid arguments' do
+      before do
+        @bags_path        = '/var/chef/data_bags'
+        @bag_path         = "#{@bags_path}/bag_1"
+        @item_path        = "#{@bag_path}/foo.json"
+        @knife.name_args  = ['bag_1', 'foo']
+        @orig_data        = {'id' => 'foo', 'who' => 'bob'}
+        @updated_data     = {'id' => 'foo', 'who' => 'sue'}
+        @bag_item_foo     = Chef::DataBagItem.from_hash @orig_data
+        @bag_item_foo.data_bag 'bag_1'
+        @updated_bag_item = Chef::DataBagItem.from_hash @updated_data
+        @updated_bag_item.data_bag 'bag_1'
+
+        FakeFS.activate!
+        FileUtils.mkdir_p @bag_path
+
+        Chef::DataBagItem.should_receive(:load).with('bag_1', 'foo').
+                                                and_return(@bag_item_foo)
+        @knife.stub(:edit_data).and_return(@updated_data)
+        Chef::Config[:data_bag_path] = @bags_path
+      end
+
+      after do
+        FakeFS.deactivate!
+        FakeFS::FileSystem.clear
+      end
+
+      it 'should edit the data bag item' do
+        @knife.run
+        JSON.parse(File.read(@item_path)).raw_data.should == @updated_data
+      end
+
+      context 'when encrypting with -s or --secret' do
+        before do
+          @knife.config[:secret] = 'secret_key'
+          Chef::EncryptedDataBagItem.should_receive(:new).
+                                     with(@bag_item_foo.raw_data, 'secret_key').
+                                     and_return(@updated_data)
+        end
+
+        it 'should edit the encrypted data bag item' do
+          @knife.run
+          content = JSON.parse(File.read(@item_path)).raw_data
+          content['who'].should_not == @orig_data['who']
+          content['who'].should_not be_nil
+        end
+      end
+
+      context 'when encrypting with --secret-file' do
+        before do
+          @secret_path                = '/var/chef/secret.txt'
+          @knife.config[:secret_file] = @secret_path
+          Chef::EncryptedDataBagItem.stub(:load_secret).
+                                     with(@secret_path).
+                                     and_return('psst')
+          Chef::EncryptedDataBagItem.should_receive(:new).
+                                     with(@bag_item_foo.raw_data, 'psst').
+                                     and_return(@updated_data)
+        end
+
+        it 'should edit the encrypted data bag item' do
+          @knife.run
+          content = JSON.parse(File.read(@item_path)).raw_data
+          content['who'].should_not == @orig_data['who']
+          content['who'].should_not be_nil
+        end
+      end
+
+    end
+
+  end
+
+end

data/spec/unit/solo_data_bag_list_spec.rb

@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe KnifeSoloDataBag::SoloDataBagList do
+  before do
+    @knife = subject
+  end
+
+  include_context 'stubbed_out_stdout_and_stderr'
+
+  describe 'run' do
+    include_context 'bag_path_is_not_valid'
+
+    context 'with valid arguments' do
+      before do
+        @bags_path = '/var/chef/data_bags'
+        @bags = ['bag_1', 'bag_2']
+
+        FakeFS.activate!
+        FileUtils.mkdir_p @bags_path
+
+        @bags.each do |bag|
+          FileUtils.mkdir_p "#{@bags_path}/#{bag}"
+        end
+      end
+
+      after do
+        FakeFS.deactivate!
+        FakeFS::FileSystem.clear
+      end
+
+      it 'should list all of the data bags' do
+        @knife.run
+        @stdout.string.should match /bag_1/
+        @stdout.string.should match /bag_2/
+      end
+    end
+
+  end
+
+end

data/spec/unit/solo_data_bag_show_spec.rb

@@ -0,0 +1,96 @@
+require 'spec_helper'
+
+describe KnifeSoloDataBag::SoloDataBagShow do
+  before do
+    @knife  = subject
+  end
+
+  include_context 'stubbed_out_stdout_and_stderr'
+
+  describe 'run' do
+    include_context 'bag_name_not_provided'
+    include_context 'bag_path_is_not_valid'
+    include_context 'secret_string_and_secret_file_are_both_provided'
+
+    context 'with valid arguments' do
+      before do
+        @bags_path       = '/var/chef/data_bags'
+        @bag_path        = "#{@bags_path}/bag_1"
+        @knife.name_args = ['bag_1']
+
+        FakeFS.activate!
+        FileUtils.mkdir_p @bag_path
+
+        @bag_item_foo = Chef::DataBagItem.from_hash 'id' => 'foo', 'who' => 'bob'
+        @bag_item_bar = Chef::DataBagItem.from_hash 'id' => 'bar', 'who' => 'sue'
+        Chef::Config[:data_bag_path] = @bags_path
+      end
+
+      after do
+        FakeFS.deactivate!
+        FakeFS::FileSystem.clear
+      end
+
+      context 'if an item is not specified' do
+        before do
+          bag_items = {'foo' => @bag_item_foo, 'bar' => @bag_item_bar}
+          Chef::DataBag.should_receive(:load).with('bag_1').
+                                              and_return(bag_items)
+        end
+
+        it 'should show the list of items' do
+          @knife.run
+          @stdout.string.should match /foo/
+          @stdout.string.should match /bar/
+        end
+      end
+
+      context 'when also specifying an item' do
+        before do
+          @knife.name_args << 'foo'
+        end
+
+        it 'should show the item' do
+          Chef::DataBagItem.should_receive(:load).with('bag_1', 'foo').
+                                                  and_return(@bag_item_foo)
+          @knife.run
+          @stdout.string.should match /id:\s+foo.+who:\s+bob/m
+        end
+
+        context 'when encrypting with -s or --secret' do
+          before do
+            @knife.config[:secret] = 'SECRET'
+            Chef::EncryptedDataBagItem.should_receive(:load).
+                                       with('bag_1', 'foo', 'SECRET').
+                                       and_return(@bag_item_foo)
+          end
+
+          it 'should show the unencrypted item' do
+            @knife.run
+            @stdout.string.should match /id:\s+foo.+who:\s+bob/m
+          end
+        end
+
+        context 'when encrypting with --secret-file' do
+          before do
+            @knife.config[:secret_file] = '/var/tmp/secret'
+            Chef::EncryptedDataBagItem.should_receive(:load_secret).
+                                       with('/var/tmp/secret').
+                                       and_return('abcd')
+            Chef::EncryptedDataBagItem.should_receive(:load).
+                                       with('bag_1', 'foo', 'abcd').
+                                       and_return(@bag_item_foo)
+          end
+
+          it 'should show the unencrypted item' do
+            @knife.run
+            @stdout.string.should match /id:\s+foo.+who:\s+bob/m
+          end
+        end
+
+      end
+    end
+
+  end
+
+end

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification
+name: knife-solo_data_bag
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Tommy Bishop
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-05-17 00:00:00.000000000Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: chef
+  requirement: &70125975538240 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.10.10
+  type: :development
+  prerelease: false
+  version_requirements: *70125975538240
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70125975537740 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.10.0
+  type: :development
+  prerelease: false
+  version_requirements: *70125975537740
+- !ruby/object:Gem::Dependency
+  name: fakefs
+  requirement: &70125975537280 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.4.0
+  type: :development
+  prerelease: false
+  version_requirements: *70125975537280
+description: A knife plugin for working with data bags and chef solo
+email:
+- bishop.thomas@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- knife-solo_data_bag.gemspec
+- lib/chef/knife/helpers.rb
+- lib/chef/knife/solo_data_bag_create.rb
+- lib/chef/knife/solo_data_bag_edit.rb
+- lib/chef/knife/solo_data_bag_list.rb
+- lib/chef/knife/solo_data_bag_show.rb
+- lib/knife-solo_data_bag.rb
+- lib/knife-solo_data_bag/version.rb
+- spec/contexts/bag_name_not_provided.rb
+- spec/contexts/bag_path_is_not_valid.rb
+- spec/contexts/secret_string_and_secret_file_are_both_provided.rb
+- spec/contexts/stubbed_out_stdout_and_stderr.rb
+- spec/spec_helper.rb
+- spec/unit/solo_data_bag_create_spec.rb
+- spec/unit/solo_data_bag_edit_spec.rb
+- spec/unit/solo_data_bag_list_spec.rb
+- spec/unit/solo_data_bag_show_spec.rb
+homepage: https://github.com/thbishop/knife-solo_data_bag
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.15
+signing_key: 
+specification_version: 3
+summary: A knife plugin for working with data bags and chef solo
+test_files:
+- spec/contexts/bag_name_not_provided.rb
+- spec/contexts/bag_path_is_not_valid.rb
+- spec/contexts/secret_string_and_secret_file_are_both_provided.rb
+- spec/contexts/stubbed_out_stdout_and_stderr.rb
+- spec/spec_helper.rb
+- spec/unit/solo_data_bag_create_spec.rb
+- spec/unit/solo_data_bag_edit_spec.rb
+- spec/unit/solo_data_bag_list_spec.rb
+- spec/unit/solo_data_bag_show_spec.rb