knife-solo_data_bag 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.travis.yml +2 -0
- data/CHANGELOG.md +3 -0
- data/README.md +11 -2
- data/gemfiles/Gemfile.chef.10.14.0 +5 -0
- data/gemfiles/Gemfile.chef.10.16.0 +5 -0
- data/lib/chef/knife/helpers.rb +8 -2
- data/lib/knife-solo_data_bag/version.rb +1 -1
- data/spec/unit/solo_data_bag_create_spec.rb +43 -0
- data/spec/unit/solo_data_bag_edit_spec.rb +22 -0
- data/spec/unit/solo_data_bag_show_spec.rb +30 -0
- metadata +12 -10
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
## head
|
2
2
|
|
3
|
+
## 0.3.0 (11/08/2012)
|
4
|
+
* Add support for 'encrypted_data_bag_secret' in knife config (props to Anton Orel @skyeagle)
|
5
|
+
|
3
6
|
## 0.2.2 (08/07/2012)
|
4
7
|
* Fixed an issue which prevented the create command from working in some cases (props to Florian Dütsch @der-flo)
|
5
8
|
|
data/README.md
CHANGED
@@ -1,5 +1,8 @@
|
|
1
1
|
# Knife Solo Data Bag
|
2
|
-
A knife plugin to make working with data bags easier in a chef solo environment
|
2
|
+
A knife plugin to make working with data bags easier in a chef solo environment.
|
3
|
+
|
4
|
+
If you are looking for a full featured chef solo management solution, you may
|
5
|
+
want to check out [knife solo](https://github.com/matschaffer/knife-solo).
|
3
6
|
|
4
7
|
## Build Status
|
5
8
|
![Build Status](https://secure.travis-ci.org/thbishop/knife-solo_data_bag.png)
|
@@ -67,12 +70,18 @@ This plugin will rely on the configured data_bag_path for placement of the data
|
|
67
70
|
bags. This defaults to '/var/chef/data_bags', but can be overriden in your chef
|
68
71
|
client config.
|
69
72
|
|
73
|
+
This plugin respects the "encrypted_data_bag_path" configuration option in
|
74
|
+
knife.rb. Command line secret arguments (-s or --secret-file) will override the
|
75
|
+
the setting in knife.rb.
|
76
|
+
|
70
77
|
## Version Support
|
71
78
|
This plugin has been tested on the following:
|
72
79
|
|
73
80
|
Chef:
|
74
81
|
* 0.10.10
|
75
|
-
* 10.12.
|
82
|
+
* 10.12.x
|
83
|
+
* 10.14.x
|
84
|
+
* 10.16.x
|
76
85
|
|
77
86
|
Ruby:
|
78
87
|
* 1.9.2
|
data/lib/chef/knife/helpers.rb
CHANGED
@@ -15,13 +15,17 @@ module KnifeSoloDataBag
|
|
15
15
|
Chef::Config[:data_bag_path]
|
16
16
|
end
|
17
17
|
|
18
|
+
def secret_path
|
19
|
+
Chef::Config[:encrypted_data_bag_secret]
|
20
|
+
end
|
21
|
+
|
18
22
|
def secret_key
|
19
23
|
return config[:secret] if config[:secret]
|
20
|
-
Chef::EncryptedDataBagItem.load_secret
|
24
|
+
Chef::EncryptedDataBagItem.load_secret(config[:secret_file] || secret_path)
|
21
25
|
end
|
22
26
|
|
23
27
|
def should_be_encrypted?
|
24
|
-
config[:secret] || config[:secret_file]
|
28
|
+
config[:secret] || config[:secret_file] || secret_path
|
25
29
|
end
|
26
30
|
|
27
31
|
def convert_json_string
|
@@ -56,6 +60,8 @@ module KnifeSoloDataBag
|
|
56
60
|
show_usage
|
57
61
|
ui.fatal 'Please specify either --secret or --secret-file only'
|
58
62
|
exit 1
|
63
|
+
elsif (config[:secret] && secret_path) || (config[:secret_file] && secret_path)
|
64
|
+
ui.info 'NOTE: The encrypted_data_bag_secret option defined in knife.rb was overriden by the command line.'
|
59
65
|
end
|
60
66
|
end
|
61
67
|
|
@@ -85,6 +85,28 @@ describe KnifeSoloDataBag::SoloDataBagCreate do
|
|
85
85
|
end
|
86
86
|
end
|
87
87
|
|
88
|
+
context 'when encrypting with secret set in knife config' do
|
89
|
+
before do
|
90
|
+
@secret_path = '/var/chef/secret.txt'
|
91
|
+
Chef::Config[:encrypted_data_bag_secret] = @secret_path
|
92
|
+
Chef::EncryptedDataBagItem.should_receive(:load_secret).
|
93
|
+
with(@secret_path).
|
94
|
+
and_return('psst')
|
95
|
+
end
|
96
|
+
|
97
|
+
after { Chef::Config[:encrypted_data_bag_secret] = nil }
|
98
|
+
|
99
|
+
it 'creates the encrypted data bag item' do
|
100
|
+
@knife.run
|
101
|
+
content = JSON.parse(File.read(@item_path)).raw_data
|
102
|
+
@input_data.keys.reject{|i| i == 'id'}.each do |k|
|
103
|
+
content.should have_key k
|
104
|
+
content[k].should_not == @input_data[k]
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
end
|
109
|
+
|
88
110
|
end
|
89
111
|
|
90
112
|
context 'when also specifying a json string' do
|
@@ -136,6 +158,27 @@ describe KnifeSoloDataBag::SoloDataBagCreate do
|
|
136
158
|
end
|
137
159
|
end
|
138
160
|
|
161
|
+
context 'when encrypting with secret set in knife config' do
|
162
|
+
before do
|
163
|
+
@secret_path = '/var/chef/secret.txt'
|
164
|
+
Chef::Config[:encrypted_data_bag_secret] = @secret_path
|
165
|
+
Chef::EncryptedDataBagItem.should_receive(:load_secret).
|
166
|
+
with(@secret_path).
|
167
|
+
and_return('psst')
|
168
|
+
end
|
169
|
+
|
170
|
+
after { Chef::Config[:encrypted_data_bag_secret] = nil }
|
171
|
+
|
172
|
+
it 'creates the encrypted data bag item' do
|
173
|
+
@knife.run
|
174
|
+
content = JSON.parse(File.read(@item_path)).raw_data
|
175
|
+
@input_data.keys.reject{|i| i == 'id'}.each do |k|
|
176
|
+
content.should have_key k
|
177
|
+
content[k].should_not == @input_data[k]
|
178
|
+
end
|
179
|
+
end
|
180
|
+
|
181
|
+
end
|
139
182
|
end
|
140
183
|
|
141
184
|
end
|
@@ -94,6 +94,28 @@ describe KnifeSoloDataBag::SoloDataBagEdit do
|
|
94
94
|
end
|
95
95
|
end
|
96
96
|
|
97
|
+
context 'when encrypting with secret set in knife config' do
|
98
|
+
before do
|
99
|
+
@secret_path = '/var/chef/secret.txt'
|
100
|
+
Chef::Config[:encrypted_data_bag_secret] = @secret_path
|
101
|
+
Chef::EncryptedDataBagItem.stub(:load_secret).
|
102
|
+
with(@secret_path).
|
103
|
+
and_return('psst')
|
104
|
+
Chef::EncryptedDataBagItem.should_receive(:new).
|
105
|
+
with(@bag_item_foo.raw_data, 'psst').
|
106
|
+
and_return(@updated_data)
|
107
|
+
end
|
108
|
+
|
109
|
+
after { Chef::Config[:encrypted_data_bag_secret] = nil }
|
110
|
+
|
111
|
+
it 'should edit the encrypted data bag item' do
|
112
|
+
@knife.run
|
113
|
+
content = JSON.parse(File.read(@item_path)).raw_data
|
114
|
+
content['who'].should_not == @orig_data['who']
|
115
|
+
content['who'].should_not be_nil
|
116
|
+
end
|
117
|
+
end
|
118
|
+
|
97
119
|
end
|
98
120
|
|
99
121
|
end
|
@@ -126,6 +126,36 @@ describe KnifeSoloDataBag::SoloDataBagShow do
|
|
126
126
|
end
|
127
127
|
end
|
128
128
|
|
129
|
+
context 'when encrypting with secret set in knife config' do
|
130
|
+
before do
|
131
|
+
@secret_path = '/var/chef/secret.txt'
|
132
|
+
Chef::Config[:encrypted_data_bag_secret] = @secret_path
|
133
|
+
Chef::EncryptedDataBagItem.should_receive(:load_secret).
|
134
|
+
with(@secret_path).
|
135
|
+
and_return('abcd')
|
136
|
+
Chef::EncryptedDataBagItem.should_receive(:load).
|
137
|
+
with('bag_1', 'foo', 'abcd').
|
138
|
+
and_return(@bag_item_foo)
|
139
|
+
end
|
140
|
+
|
141
|
+
it 'should show the unencrypted item' do
|
142
|
+
@knife.run
|
143
|
+
@stdout.string.should match /id:\s+foo.+who:\s+bob/m
|
144
|
+
end
|
145
|
+
|
146
|
+
context 'and with -F of json' do
|
147
|
+
before do
|
148
|
+
@knife.config[:format] = 'json'
|
149
|
+
end
|
150
|
+
|
151
|
+
it 'should show the unencrypted item as json' do
|
152
|
+
@knife.run
|
153
|
+
@stdout.string.should match /"id":\s+"foo".+"who":\s+"bob"/m
|
154
|
+
@stdout.string.should_not match /json_class/
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|
158
|
+
|
129
159
|
end
|
130
160
|
end
|
131
161
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: knife-solo_data_bag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-11-09 00:00:00.000000000Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: chef
|
16
|
-
requirement: &
|
16
|
+
requirement: &70357567294460 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ~>
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: 0.10.10
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *70357567294460
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: rake
|
27
|
-
requirement: &
|
27
|
+
requirement: &70357567294040 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ! '>='
|
@@ -32,10 +32,10 @@ dependencies:
|
|
32
32
|
version: '0'
|
33
33
|
type: :development
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *70357567294040
|
36
36
|
- !ruby/object:Gem::Dependency
|
37
37
|
name: rspec
|
38
|
-
requirement: &
|
38
|
+
requirement: &70357571692840 !ruby/object:Gem::Requirement
|
39
39
|
none: false
|
40
40
|
requirements:
|
41
41
|
- - ~>
|
@@ -43,10 +43,10 @@ dependencies:
|
|
43
43
|
version: 2.10.0
|
44
44
|
type: :development
|
45
45
|
prerelease: false
|
46
|
-
version_requirements: *
|
46
|
+
version_requirements: *70357571692840
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: fakefs
|
49
|
-
requirement: &
|
49
|
+
requirement: &70357571692340 !ruby/object:Gem::Requirement
|
50
50
|
none: false
|
51
51
|
requirements:
|
52
52
|
- - ~>
|
@@ -54,7 +54,7 @@ dependencies:
|
|
54
54
|
version: 0.4.0
|
55
55
|
type: :development
|
56
56
|
prerelease: false
|
57
|
-
version_requirements: *
|
57
|
+
version_requirements: *70357571692340
|
58
58
|
description: A knife plugin for working with data bags and chef solo
|
59
59
|
email:
|
60
60
|
- bishop.thomas@gmail.com
|
@@ -72,6 +72,8 @@ files:
|
|
72
72
|
- Rakefile
|
73
73
|
- gemfiles/Gemfile.chef.0.10.10
|
74
74
|
- gemfiles/Gemfile.chef.10.12.0
|
75
|
+
- gemfiles/Gemfile.chef.10.14.0
|
76
|
+
- gemfiles/Gemfile.chef.10.16.0
|
75
77
|
- knife-solo_data_bag.gemspec
|
76
78
|
- lib/chef/knife/helpers.rb
|
77
79
|
- lib/chef/knife/solo_data_bag_create.rb
|