knife-solo_data_bag 0.2.2 → 0.3.0

data/.travis.yml

@@ -6,3 +6,5 @@ rvm:
 gemfile:
   - ./gemfiles/Gemfile.chef.0.10.10
   - ./gemfiles/Gemfile.chef.10.12.0
+  - ./gemfiles/Gemfile.chef.10.14.0
+  - ./gemfiles/Gemfile.chef.10.16.0

data/CHANGELOG.md

@@ -1,5 +1,8 @@
 ## head
 
+## 0.3.0 (11/08/2012)
+* Add support for 'encrypted_data_bag_secret' in knife config (props to Anton Orel @skyeagle)
+
 ## 0.2.2 (08/07/2012)
 * Fixed an issue which prevented the create command from working in some cases (props to Florian Dütsch @der-flo)
 

data/README.md

@@ -1,5 +1,8 @@
 # Knife Solo Data Bag
-A knife plugin to make working with data bags easier in a chef solo environment
+A knife plugin to make working with data bags easier in a chef solo environment.
+
+If you are looking for a full featured chef solo management solution, you may
+want to check out [knife solo](https://github.com/matschaffer/knife-solo).
 
 ## Build Status
 ![Build Status](https://secure.travis-ci.org/thbishop/knife-solo_data_bag.png)
@@ -67,12 +70,18 @@ This plugin will rely on the configured data_bag_path for placement of the data
 bags.  This defaults to '/var/chef/data_bags', but can be overriden in your chef
 client config.
 
+This plugin respects the "encrypted_data_bag_path" configuration option in
+knife.rb. Command line secret arguments (-s or --secret-file) will override the
+the setting in knife.rb.
+
 ## Version Support
 This plugin has been tested on the following:
 
 Chef:
 * 0.10.10
-* 10.12.0
+* 10.12.x
+* 10.14.x
+* 10.16.x
 
 Ruby:
 * 1.9.2

data/gemfiles/Gemfile.chef.10.14.0

@@ -0,0 +1,5 @@
+source "http://rubygems.org"
+
+gem 'chef', '~> 10.14.0'
+
+gemspec :path => "../"

data/gemfiles/Gemfile.chef.10.16.0

@@ -0,0 +1,5 @@
+source "http://rubygems.org"
+
+gem 'chef', '~> 10.16.0'
+
+gemspec :path => "../"

data/lib/chef/knife/helpers.rb

@@ -15,13 +15,17 @@ module KnifeSoloDataBag
       Chef::Config[:data_bag_path]
     end
 
+    def secret_path
+      Chef::Config[:encrypted_data_bag_secret]
+    end
+
     def secret_key
       return config[:secret] if config[:secret]
-      Chef::EncryptedDataBagItem.load_secret config[:secret_file]
+      Chef::EncryptedDataBagItem.load_secret(config[:secret_file] || secret_path)
     end
 
     def should_be_encrypted?
-      config[:secret] || config[:secret_file]
+      config[:secret] || config[:secret_file] || secret_path
     end
 
     def convert_json_string
@@ -56,6 +60,8 @@ module KnifeSoloDataBag
         show_usage
         ui.fatal 'Please specify either --secret or --secret-file only'
         exit 1
+      elsif (config[:secret] && secret_path) || (config[:secret_file] && secret_path)
+        ui.info 'NOTE: The encrypted_data_bag_secret option defined in knife.rb was overriden by the command line.'
       end
     end
 

data/lib/knife-solo_data_bag/version.rb

@@ -1,5 +1,5 @@
 module Knife
   module SoloDataBag
-    VERSION = '0.2.2'
+    VERSION = '0.3.0'
   end
 end

data/spec/unit/solo_data_bag_create_spec.rb

@@ -85,6 +85,28 @@ describe KnifeSoloDataBag::SoloDataBagCreate do
           end
         end
 
+        context 'when encrypting with secret set in knife config' do
+          before do
+            @secret_path                             = '/var/chef/secret.txt'
+            Chef::Config[:encrypted_data_bag_secret] = @secret_path
+            Chef::EncryptedDataBagItem.should_receive(:load_secret).
+                                       with(@secret_path).
+                                       and_return('psst')
+          end
+
+          after { Chef::Config[:encrypted_data_bag_secret] = nil }
+
+          it 'creates the encrypted data bag item' do
+            @knife.run
+            content = JSON.parse(File.read(@item_path)).raw_data
+            @input_data.keys.reject{|i| i == 'id'}.each do |k|
+              content.should have_key k
+              content[k].should_not == @input_data[k]
+            end
+          end
+
+        end
+
       end
 
       context 'when also specifying a json string' do
@@ -136,6 +158,27 @@ describe KnifeSoloDataBag::SoloDataBagCreate do
           end
         end
 
+        context 'when encrypting with secret set in knife config' do
+          before do
+            @secret_path                             = '/var/chef/secret.txt'
+            Chef::Config[:encrypted_data_bag_secret] = @secret_path
+            Chef::EncryptedDataBagItem.should_receive(:load_secret).
+                                       with(@secret_path).
+                                       and_return('psst')
+          end
+
+          after { Chef::Config[:encrypted_data_bag_secret] = nil }
+
+          it 'creates the encrypted data bag item' do
+            @knife.run
+            content = JSON.parse(File.read(@item_path)).raw_data
+            @input_data.keys.reject{|i| i == 'id'}.each do |k|
+              content.should have_key k
+              content[k].should_not == @input_data[k]
+            end
+          end
+
+        end
       end
 
     end

data/spec/unit/solo_data_bag_edit_spec.rb

@@ -94,6 +94,28 @@ describe KnifeSoloDataBag::SoloDataBagEdit do
         end
       end
 
+      context 'when encrypting with secret set in knife config' do
+        before do
+          @secret_path                             = '/var/chef/secret.txt'
+          Chef::Config[:encrypted_data_bag_secret] = @secret_path
+          Chef::EncryptedDataBagItem.stub(:load_secret).
+                                     with(@secret_path).
+                                     and_return('psst')
+          Chef::EncryptedDataBagItem.should_receive(:new).
+                                     with(@bag_item_foo.raw_data, 'psst').
+                                     and_return(@updated_data)
+        end
+
+        after { Chef::Config[:encrypted_data_bag_secret] = nil }
+
+        it 'should edit the encrypted data bag item' do
+          @knife.run
+          content = JSON.parse(File.read(@item_path)).raw_data
+          content['who'].should_not == @orig_data['who']
+          content['who'].should_not be_nil
+        end
+      end
+
     end
 
   end

data/spec/unit/solo_data_bag_show_spec.rb

@@ -126,6 +126,36 @@ describe KnifeSoloDataBag::SoloDataBagShow do
           end
         end
 
+        context 'when encrypting with secret set in knife config' do
+          before do
+            @secret_path                             = '/var/chef/secret.txt'
+            Chef::Config[:encrypted_data_bag_secret] = @secret_path
+            Chef::EncryptedDataBagItem.should_receive(:load_secret).
+                                       with(@secret_path).
+                                       and_return('abcd')
+            Chef::EncryptedDataBagItem.should_receive(:load).
+                                       with('bag_1', 'foo', 'abcd').
+                                       and_return(@bag_item_foo)
+          end
+
+          it 'should show the unencrypted item' do
+            @knife.run
+            @stdout.string.should match /id:\s+foo.+who:\s+bob/m
+          end
+
+          context 'and with -F of json' do
+            before do
+              @knife.config[:format] = 'json'
+            end
+
+            it 'should show the unencrypted item as json' do
+              @knife.run
+              @stdout.string.should match /"id":\s+"foo".+"who":\s+"bob"/m
+              @stdout.string.should_not match /json_class/
+            end
+          end
+        end
+
       end
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knife-solo_data_bag
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.3.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-08-08 00:00:00.000000000Z
+date: 2012-11-09 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
-  requirement: &70213216551840 !ruby/object:Gem::Requirement
+  requirement: &70357567294460 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: 0.10.10
   type: :development
   prerelease: false
-  version_requirements: *70213216551840
+  version_requirements: *70357567294460
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70213216551420 !ruby/object:Gem::Requirement
+  requirement: &70357567294040 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70213216551420
+  version_requirements: *70357567294040
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70213081759440 !ruby/object:Gem::Requirement
+  requirement: &70357571692840 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -43,10 +43,10 @@ dependencies:
         version: 2.10.0
   type: :development
   prerelease: false
-  version_requirements: *70213081759440
+  version_requirements: *70357571692840
 - !ruby/object:Gem::Dependency
   name: fakefs
-  requirement: &70213081758940 !ruby/object:Gem::Requirement
+  requirement: &70357571692340 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -54,7 +54,7 @@ dependencies:
         version: 0.4.0
   type: :development
   prerelease: false
-  version_requirements: *70213081758940
+  version_requirements: *70357571692340
 description: A knife plugin for working with data bags and chef solo
 email:
 - bishop.thomas@gmail.com
@@ -72,6 +72,8 @@ files:
 - Rakefile
 - gemfiles/Gemfile.chef.0.10.10
 - gemfiles/Gemfile.chef.10.12.0
+- gemfiles/Gemfile.chef.10.14.0
+- gemfiles/Gemfile.chef.10.16.0
 - knife-solo_data_bag.gemspec
 - lib/chef/knife/helpers.rb
 - lib/chef/knife/solo_data_bag_create.rb