knife-windows 1.2.1 → 1.3.0

data/spec/unit/knife/bootstrap_template_spec.rb

@@ -1,92 +1,92 @@
-#
-# Author:: Chirag Jog (<chirag@clogeny.com>)
-# Copyright:: Copyright (c) 2013 Chirag Jog
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-
-TEMPLATE_FILE = File.expand_path(File.dirname(__FILE__)) + "/../../../lib/chef/knife/bootstrap/windows-chef-client-msi.erb"
-
-require 'spec_helper'
-
-describe Chef::Knife::BootstrapWindowsWinrm do
-  let(:template_file) { TEMPLATE_FILE }
-  let(:options) { [] }
-  let(:rendered_template) do
-    knife.instance_variable_set("@template_file", template_file)
-    knife.parse_options(options)
-    # Avoid referencing a validation keyfile we won't find during #render_template
-    template = IO.read(template_file).chomp
-    knife.render_template(template)
-  end
-
-  before(:all) do
-    @original_config = Chef::Config.hash_dup
-    @original_knife_config = Chef::Config[:knife].dup
-  end
-
-  after(:all) do
-    Chef::Config.configuration = @original_config
-    Chef::Config[:knife] = @original_knife_config
-  end
-
-  before(:each) do
-    Chef::Log.logger = Logger.new(StringIO.new)
-    @knife = Chef::Knife::BootstrapWindowsWinrm.new
-    # Merge default settings in.
-    @knife.merge_configs
-    @knife.config[:template_file] = template_file
-    @stdout = StringIO.new
-    allow(@knife.ui).to receive(:stdout).and_return(@stdout)
-    @stderr = StringIO.new
-    allow(@knife.ui).to receive(:stderr).and_return(@stderr)
-  end
-
-  describe "specifying no_proxy with various entries" do
-    subject(:knife) { described_class.new }
-    let(:options){ ["--bootstrap-proxy", "", "--bootstrap-no-proxy", setting] }
-
-    context "via --bootstrap-no-proxy" do
-      let(:setting) { "api.opscode.com" }
-
-      it "renders the client.rb with a single FQDN no_proxy entry" do
-        expect(rendered_template).to match(%r{.*no_proxy\s*\"api.opscode.com\".*})
-      end
-    end
-    context "via --bootstrap-no-proxy multiple" do
-      let(:setting) { "api.opscode.com,172.16.10.*" }
-
-      it "renders the client.rb with comma-separated FQDN and wildcard IP address no_proxy entries" do
-        expect(rendered_template).to match(%r{.*no_proxy\s*"api.opscode.com,172.16.10.\*".*})
-      end
-    end
-  end
-
-  describe "specifying --msi-url" do
-    subject(:knife) { described_class.new }
-
-    context "with explicitly provided --msi-url" do
-      let(:options) { ["--msi-url", "file:///something.msi"] }
-
-      it "bootstrap batch file must fetch from provided url" do
-        expect(rendered_template).to match(%r{.*REMOTE_SOURCE_MSI_URL=file:///something\.msi.*})
-      end
-    end
-    context "with no provided --msi-url" do
-      it "bootstrap batch file must fetch from provided url" do
-        expect(rendered_template).to match(%r{.*REMOTE_SOURCE_MSI_URL=https://www\.chef\.io/.*})
-      end
-    end
-  end
-end
+#
+# Author:: Chirag Jog (<chirag@clogeny.com>)
+# Copyright:: Copyright (c) 2013 Chirag Jog
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+TEMPLATE_FILE = File.expand_path(File.dirname(__FILE__)) + "/../../../lib/chef/knife/bootstrap/windows-chef-client-msi.erb"
+
+require 'spec_helper'
+
+describe Chef::Knife::BootstrapWindowsWinrm do
+  let(:template_file) { TEMPLATE_FILE }
+  let(:options) { [] }
+  let(:rendered_template) do
+    knife.instance_variable_set("@template_file", template_file)
+    knife.parse_options(options)
+    # Avoid referencing a validation keyfile we won't find during #render_template
+    template = IO.read(template_file).chomp
+    knife.render_template(template)
+  end
+
+  before(:all) do
+    @original_config = Chef::Config.hash_dup
+    @original_knife_config = Chef::Config[:knife].dup
+  end
+
+  after(:all) do
+    Chef::Config.configuration = @original_config
+    Chef::Config[:knife] = @original_knife_config
+  end
+
+  before(:each) do
+    Chef::Log.logger = Logger.new(StringIO.new)
+    @knife = Chef::Knife::BootstrapWindowsWinrm.new
+    # Merge default settings in.
+    @knife.merge_configs
+    @knife.config[:template_file] = template_file
+    @stdout = StringIO.new
+    allow(@knife.ui).to receive(:stdout).and_return(@stdout)
+    @stderr = StringIO.new
+    allow(@knife.ui).to receive(:stderr).and_return(@stderr)
+  end
+
+  describe "specifying no_proxy with various entries" do
+    subject(:knife) { described_class.new }
+    let(:options){ ["--bootstrap-proxy", "", "--bootstrap-no-proxy", setting] }
+
+    context "via --bootstrap-no-proxy" do
+      let(:setting) { "api.opscode.com" }
+
+      it "renders the client.rb with a single FQDN no_proxy entry" do
+        expect(rendered_template).to match(%r{.*no_proxy\s*\"api.opscode.com\".*})
+      end
+    end
+    context "via --bootstrap-no-proxy multiple" do
+      let(:setting) { "api.opscode.com,172.16.10.*" }
+
+      it "renders the client.rb with comma-separated FQDN and wildcard IP address no_proxy entries" do
+        expect(rendered_template).to match(%r{.*no_proxy\s*"api.opscode.com,172.16.10.\*".*})
+      end
+    end
+  end
+
+  describe "specifying --msi-url" do
+    subject(:knife) { described_class.new }
+
+    context "with explicitly provided --msi-url" do
+      let(:options) { ["--msi-url", "file:///something.msi"] }
+
+      it "bootstrap batch file must fetch from provided url" do
+        expect(rendered_template).to match(%r{.*REMOTE_SOURCE_MSI_URL=file:///something\.msi.*})
+      end
+    end
+    context "with no provided --msi-url" do
+      it "bootstrap batch file must fetch from provided url" do
+        expect(rendered_template).to match(%r{.*REMOTE_SOURCE_MSI_URL=https://www\.chef\.io/.*})
+      end
+    end
+  end
+end

data/spec/unit/knife/bootstrap_windows_winrm_spec.rb

@@ -1,295 +1,295 @@
-#
-# Author:: Adam Edwards(<adamed@getchef.com>)
-# Copyright:: Copyright (c) 2014 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-require 'spec_helper'
-
-Chef::Knife::Winrm.load_deps
-
-describe Chef::Knife::BootstrapWindowsWinrm do
-  before(:all) do
-    Chef::Config.reset
-  end
-
-  before do
-    bootstrap.config[:run_list] = []
-    allow(bootstrap).to receive(:validate_options!).and_return(nil)
-    allow(bootstrap).to receive(:sleep).and_return(10)
-    allow(Chef::Knife::WinrmSession).to receive(:new).and_return(session)
-    allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(true)
-  end
-
-  after do
-    allow(bootstrap).to receive(:sleep).and_return(10)
-  end
-
-  let(:session_opts) do
-    {
-      user: "Administrator",
-      password: "testpassword", 
-      port: "5986",
-      transport: :ssl,
-      host: "localhost"
-    }
-  end
-  let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new(['winrm', '-d', 'windows-chef-client-msi',  '-x', session_opts[:user], '-P', session_opts[:password], session_opts[:host]]) }
-  let(:session) { Chef::Knife::WinrmSession.new(session_opts) } 
-  let(:initial_fail_count) { 4 }
-
-  context "knife secret-file && knife secret options are passed" do
-    before do
-      Chef::Config.reset
-      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
-      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
-    end
-    it "gives preference to secret key passed under knife's secret-file option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_knife_secret_file_option")
-    end
-  end
-
-  context "cli secret-file && cli secret options are passed" do
-    before do
-      Chef::Config.reset
-      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
-      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
-    end
-    it "gives preference to secret key passed under cli's secret-file option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        bootstrap.config[:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_cli_secret_file_option")
-    end
-  end
-
-  context "knife secret-file, knife secret, cli secret-file && cli secret options are passed" do
-    before do
-      Chef::Config.reset
-      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/knife_encrypted_data_bag_secret"
-      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
-      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/cli_encrypted_data_bag_secret"
-      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
-    end
-    it "gives preference to secret key passed under cli's secret-file option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        bootstrap.config[:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_cli_secret_file_option")
-    end
-  end
-
-  context "knife secret-file && cli secret options are passed" do
-    before do
-      Chef::Config.reset
-      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
-      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
-    end
-    it "gives preference to secret key passed under cli's secret option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_cli_secret_option")
-    end
-  end
-
-  context "knife secret && cli secret-file options are passed" do
-    before do
-      Chef::Config.reset
-      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
-      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
-    end
-    it "gives preference to secret key passed under cli's secret-file option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        bootstrap.config[:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_cli_secret_file_option")
-    end
-  end
-
-  context "cli secret-file option is passed" do
-    before do
-      Chef::Config.reset
-      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
-    end
-    it "takes the secret key passed under cli's secret-file option" do
-      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
-        bootstrap.config[:encrypted_data_bag_secret_file]).
-        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
-      expect(bootstrap.load_correct_secret).to eq(
-        "data_bag_secret_key_passed_under_cli_secret_file_option")
-    end
-  end
-
-  it 'should pass exit code from failed winrm call' do
-    allow(session).to receive(:exit_code).and_return(500)
-    allow(bootstrap).to receive(:wait_for_remote_response)
-    allow(bootstrap).to receive(:create_bootstrap_bat_command)
-    allow(session).to receive(:relay_command)
-    allow(bootstrap.ui).to receive(:info)
-    expect { bootstrap.run_with_pretty_exceptions }.to raise_error(SystemExit) { |e| expect(e.status).to eq(500) }
-  end
-
-  it 'should retry if a 401 is received from WinRM' do
-    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '401')}}
-    call_result_sequence.push(0)
-    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
-    allow(bootstrap).to receive(:print)
-    allow(bootstrap.ui).to receive(:info)
-
-    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
-    bootstrap.send(:wait_for_remote_response, 2)
-  end
-
-  it 'should retry if something other than a 401 is received from WinRM' do
-    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '500')}}
-    call_result_sequence.push(0)
-    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
-    allow(bootstrap).to receive(:print)
-    allow(bootstrap.ui).to receive(:info)
-
-    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
-    bootstrap.send(:wait_for_remote_response, 2)
-  end
-
-  it 'should keep retrying at 10s intervals if the timeout in minutes has not elapsed' do
-    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '500')}}
-    call_result_sequence.push(0)
-    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
-    allow(bootstrap).to receive(:print)
-    allow(bootstrap.ui).to receive(:info)
-
-    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
-    bootstrap.send(:wait_for_remote_response, 2)
-  end
-
-  it 'should have a wait timeout of 2 minutes by default' do
-    allow(bootstrap).to receive(:run_command).and_raise(WinRM::WinRMHTTPTransportError.new('','500'))
-    allow(bootstrap).to receive(:create_bootstrap_bat_command).and_raise(SystemExit)
-    expect(bootstrap).to receive(:wait_for_remote_response).with(2)
-    allow(bootstrap).to receive(:validate_name_args!).and_return(nil)
-    
-    allow(bootstrap.ui).to receive(:info)
-    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
-    expect { bootstrap.bootstrap }.to raise_error(SystemExit)
-  end
-
-  it 'should not a wait for timeout on Errno::ECONNREFUSED' do
-    allow(bootstrap).to receive(:run_command).and_raise(Errno::ECONNREFUSED.new)
-    allow(bootstrap.ui).to receive(:info)
-    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
-    expect(bootstrap.ui).to receive(:error).with("Connection refused connecting to localhost:5985.")
-
-    # wait_for_remote_response is protected method, So define singleton test method to call it.
-    bootstrap.define_singleton_method(:test_wait_for_remote_response){wait_for_remote_response(bootstrap.options[:auth_timeout][:default])}
-    expect { bootstrap.test_wait_for_remote_response }.to raise_error(Errno::ECONNREFUSED)
-  end
-
-  it 'should stop retrying if more than 2 minutes has elapsed' do
-    times = [ Time.new(2014, 4, 1, 22, 25), Time.new(2014, 4, 1, 22, 51), Time.new(2014, 4, 1, 22, 28) ]
-    allow(Time).to receive(:now).and_return(*times)
-    run_command_result = lambda {raise WinRM::WinRMHTTPTransportError, '401'}
-    allow(bootstrap).to receive(:validate_name_args!).and_return(nil)
-    allow(bootstrap).to receive(:run_command).and_return(run_command_result)
-    allow(bootstrap).to receive(:print)
-    allow(bootstrap.ui).to receive(:info)
-    allow(bootstrap.ui).to receive(:error)
-    expect(bootstrap).to receive(:run_command).exactly(1).times
-    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
-    expect { bootstrap.bootstrap }.to raise_error RuntimeError
-  end
-
-  context "when validation_key is not present" do
-    context "using chef 11", :chef_lt_12_only do
-      before do
-        allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(false)
-      end
-
-      it 'raises an exception if validation_key is not present in chef 11' do
-        expect(bootstrap.ui).to receive(:error)
-        expect { bootstrap.bootstrap }.to raise_error(SystemExit)
-      end
-    end
-
-    context "using chef 12", :chef_gte_12_only do
-      before do
-        allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(false)
-        bootstrap.client_builder = instance_double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil)
-        Chef::Config[:knife] = {:chef_node_name => 'foo.example.com'}
-      end
-
-      it 'raises an exception if winrm_authentication_protocol is basic and transport is plaintext' do
-        Chef::Config[:knife] = {:winrm_authentication_protocol => 'basic', :winrm_transport => 'plaintext', :chef_node_name => 'foo.example.com'}
-        expect(bootstrap.ui).to receive(:error)
-        expect { bootstrap.run }.to raise_error(SystemExit)
-      end
-
-      it 'raises an exception if chef_node_name is not present ' do
-        Chef::Config[:knife] = {:chef_node_name => nil}
-        expect(bootstrap.client_builder).not_to receive(:run)
-        expect(bootstrap.client_builder).not_to receive(:client_path)
-        expect(bootstrap.ui).to receive(:error)
-        expect { bootstrap.bootstrap }.to raise_error(SystemExit)
-      end
-    end
-  end
-
-  context "when doing chef vault", :chef_gte_12_only do
-    let(:vault_handler) { double('vault_handler', :doing_chef_vault? => true) }
-    let(:node_name) { 'foo.example.com' }
-    before do
-      allow(bootstrap).to receive(:wait_for_remote_response)
-      allow(bootstrap).to receive(:create_bootstrap_bat_command)
-      allow(bootstrap).to receive(:run_command).and_return(0)
-      bootstrap.config[:chef_node_name] = node_name
-      bootstrap.chef_vault_handler = vault_handler
-    end
-
-    context "builder does not respond to client" do
-      before do
-        bootstrap.client_builder = instance_double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil)
-      end
-
-      it "passes a node search query to the handler" do
-        expect(vault_handler).to receive(:run).with(node_name: node_name)
-        bootstrap.bootstrap
-      end
-    end
-
-    context "builder responds to client" do
-      let(:client) { Chef::ApiClient.new }
-
-      before do
-        bootstrap.client_builder = double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil, :client => client)
-      end
-
-      it "passes a node search query to the handler" do
-        expect(vault_handler).to receive(:run).with(client)
-        bootstrap.bootstrap
-      end
-    end
-  end
-end
+#
+# Author:: Adam Edwards(<adamed@getchef.com>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+
+Chef::Knife::Winrm.load_deps
+
+describe Chef::Knife::BootstrapWindowsWinrm do
+  before(:all) do
+    Chef::Config.reset
+  end
+
+  before do
+    bootstrap.config[:run_list] = []
+    allow(bootstrap).to receive(:validate_options!).and_return(nil)
+    allow(bootstrap).to receive(:sleep).and_return(10)
+    allow(Chef::Knife::WinrmSession).to receive(:new).and_return(session)
+    allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(true)
+  end
+
+  after do
+    allow(bootstrap).to receive(:sleep).and_return(10)
+  end
+
+  let(:session_opts) do
+    {
+      user: "Administrator",
+      password: "testpassword", 
+      port: "5986",
+      transport: :ssl,
+      host: "localhost"
+    }
+  end
+  let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new(['winrm', '-d', 'windows-chef-client-msi',  '-x', session_opts[:user], '-P', session_opts[:password], session_opts[:host]]) }
+  let(:session) { Chef::Knife::WinrmSession.new(session_opts) } 
+  let(:initial_fail_count) { 4 }
+
+  context "knife secret-file && knife secret options are passed" do
+    before do
+      Chef::Config.reset
+      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
+      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
+    end
+    it "gives preference to secret key passed under knife's secret-file option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_knife_secret_file_option")
+    end
+  end
+
+  context "cli secret-file && cli secret options are passed" do
+    before do
+      Chef::Config.reset
+      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
+      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
+    end
+    it "gives preference to secret key passed under cli's secret-file option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        bootstrap.config[:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_cli_secret_file_option")
+    end
+  end
+
+  context "knife secret-file, knife secret, cli secret-file && cli secret options are passed" do
+    before do
+      Chef::Config.reset
+      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/knife_encrypted_data_bag_secret"
+      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
+      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/cli_encrypted_data_bag_secret"
+      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
+    end
+    it "gives preference to secret key passed under cli's secret-file option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        bootstrap.config[:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_cli_secret_file_option")
+    end
+  end
+
+  context "knife secret-file && cli secret options are passed" do
+    before do
+      Chef::Config.reset
+      Chef::Config[:knife][:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
+      bootstrap.config[:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_cli_secret_option"
+    end
+    it "gives preference to secret key passed under cli's secret option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        Chef::Config[:knife][:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_knife_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_cli_secret_option")
+    end
+  end
+
+  context "knife secret && cli secret-file options are passed" do
+    before do
+      Chef::Config.reset
+      Chef::Config[:knife][:encrypted_data_bag_secret] = "data_bag_secret_key_passed_under_knife_secret_option"
+      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
+    end
+    it "gives preference to secret key passed under cli's secret-file option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        bootstrap.config[:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_cli_secret_file_option")
+    end
+  end
+
+  context "cli secret-file option is passed" do
+    before do
+      Chef::Config.reset
+      bootstrap.config[:encrypted_data_bag_secret_file] = "/tmp/encrypted_data_bag_secret"
+    end
+    it "takes the secret key passed under cli's secret-file option" do
+      allow(Chef::EncryptedDataBagItem).to receive(:load_secret).with(
+        bootstrap.config[:encrypted_data_bag_secret_file]).
+        and_return("data_bag_secret_key_passed_under_cli_secret_file_option")
+      expect(bootstrap.load_correct_secret).to eq(
+        "data_bag_secret_key_passed_under_cli_secret_file_option")
+    end
+  end
+
+  it 'should pass exit code from failed winrm call' do
+    allow(session).to receive(:exit_code).and_return(500)
+    allow(bootstrap).to receive(:wait_for_remote_response)
+    allow(bootstrap).to receive(:create_bootstrap_bat_command)
+    allow(session).to receive(:relay_command)
+    allow(bootstrap.ui).to receive(:info)
+    expect { bootstrap.run_with_pretty_exceptions }.to raise_error(SystemExit) { |e| expect(e.status).to eq(500) }
+  end
+
+  it 'should retry if a 401 is received from WinRM' do
+    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '401')}}
+    call_result_sequence.push(0)
+    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
+    allow(bootstrap).to receive(:print)
+    allow(bootstrap.ui).to receive(:info)
+
+    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
+    bootstrap.send(:wait_for_remote_response, 2)
+  end
+
+  it 'should retry if something other than a 401 is received from WinRM' do
+    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '500')}}
+    call_result_sequence.push(0)
+    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
+    allow(bootstrap).to receive(:print)
+    allow(bootstrap.ui).to receive(:info)
+
+    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
+    bootstrap.send(:wait_for_remote_response, 2)
+  end
+
+  it 'should keep retrying at 10s intervals if the timeout in minutes has not elapsed' do
+    call_result_sequence = Array.new(initial_fail_count) {lambda {raise WinRM::WinRMHTTPTransportError.new('', '500')}}
+    call_result_sequence.push(0)
+    allow(bootstrap).to receive(:run_command).and_return(*call_result_sequence)
+    allow(bootstrap).to receive(:print)
+    allow(bootstrap.ui).to receive(:info)
+
+    expect(bootstrap).to receive(:run_command).exactly(call_result_sequence.length).times
+    bootstrap.send(:wait_for_remote_response, 2)
+  end
+
+  it 'should have a wait timeout of 2 minutes by default' do
+    allow(bootstrap).to receive(:run_command).and_raise(WinRM::WinRMHTTPTransportError.new('','500'))
+    allow(bootstrap).to receive(:create_bootstrap_bat_command).and_raise(SystemExit)
+    expect(bootstrap).to receive(:wait_for_remote_response).with(2)
+    allow(bootstrap).to receive(:validate_name_args!).and_return(nil)
+    
+    allow(bootstrap.ui).to receive(:info)
+    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
+    expect { bootstrap.bootstrap }.to raise_error(SystemExit)
+  end
+
+  it 'should not a wait for timeout on Errno::ECONNREFUSED' do
+    allow(bootstrap).to receive(:run_command).and_raise(Errno::ECONNREFUSED.new)
+    allow(bootstrap.ui).to receive(:info)
+    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
+    expect(bootstrap.ui).to receive(:error).with("Connection refused connecting to localhost:5985.")
+
+    # wait_for_remote_response is protected method, So define singleton test method to call it.
+    bootstrap.define_singleton_method(:test_wait_for_remote_response){wait_for_remote_response(bootstrap.options[:auth_timeout][:default])}
+    expect { bootstrap.test_wait_for_remote_response }.to raise_error(Errno::ECONNREFUSED)
+  end
+
+  it 'should stop retrying if more than 2 minutes has elapsed' do
+    times = [ Time.new(2014, 4, 1, 22, 25), Time.new(2014, 4, 1, 22, 51), Time.new(2014, 4, 1, 22, 28) ]
+    allow(Time).to receive(:now).and_return(*times)
+    run_command_result = lambda {raise WinRM::WinRMHTTPTransportError, '401'}
+    allow(bootstrap).to receive(:validate_name_args!).and_return(nil)
+    allow(bootstrap).to receive(:run_command).and_return(run_command_result)
+    allow(bootstrap).to receive(:print)
+    allow(bootstrap.ui).to receive(:info)
+    allow(bootstrap.ui).to receive(:error)
+    expect(bootstrap).to receive(:run_command).exactly(1).times
+    bootstrap.config[:auth_timeout] = bootstrap.options[:auth_timeout][:default]
+    expect { bootstrap.bootstrap }.to raise_error RuntimeError
+  end
+
+  context "when validation_key is not present" do
+    context "using chef 11", :chef_lt_12_only do
+      before do
+        allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(false)
+      end
+
+      it 'raises an exception if validation_key is not present in chef 11' do
+        expect(bootstrap.ui).to receive(:error)
+        expect { bootstrap.bootstrap }.to raise_error(SystemExit)
+      end
+    end
+
+    context "using chef 12", :chef_gte_12_only do
+      before do
+        allow(File).to receive(:exist?).with(File.expand_path(Chef::Config[:validation_key])).and_return(false)
+        bootstrap.client_builder = instance_double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil)
+        Chef::Config[:knife] = {:chef_node_name => 'foo.example.com'}
+      end
+
+      it 'raises an exception if winrm_authentication_protocol is basic and transport is plaintext' do
+        Chef::Config[:knife] = {:winrm_authentication_protocol => 'basic', :winrm_transport => 'plaintext', :chef_node_name => 'foo.example.com'}
+        expect(bootstrap.ui).to receive(:error)
+        expect { bootstrap.run }.to raise_error(SystemExit)
+      end
+
+      it 'raises an exception if chef_node_name is not present ' do
+        Chef::Config[:knife] = {:chef_node_name => nil}
+        expect(bootstrap.client_builder).not_to receive(:run)
+        expect(bootstrap.client_builder).not_to receive(:client_path)
+        expect(bootstrap.ui).to receive(:error)
+        expect { bootstrap.bootstrap }.to raise_error(SystemExit)
+      end
+    end
+  end
+
+  context "when doing chef vault", :chef_gte_12_only do
+    let(:vault_handler) { double('vault_handler', :doing_chef_vault? => true) }
+    let(:node_name) { 'foo.example.com' }
+    before do
+      allow(bootstrap).to receive(:wait_for_remote_response)
+      allow(bootstrap).to receive(:create_bootstrap_bat_command)
+      allow(bootstrap).to receive(:run_command).and_return(0)
+      bootstrap.config[:chef_node_name] = node_name
+      bootstrap.chef_vault_handler = vault_handler
+    end
+
+    context "builder does not respond to client" do
+      before do
+        bootstrap.client_builder = instance_double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil)
+      end
+
+      it "passes a node search query to the handler" do
+        expect(vault_handler).to receive(:run).with(node_name: node_name)
+        bootstrap.bootstrap
+      end
+    end
+
+    context "builder responds to client" do
+      let(:client) { Chef::ApiClient.new }
+
+      before do
+        bootstrap.client_builder = double("Chef::Knife::Bootstrap::ClientBuilder", :run => nil, :client_path => nil, :client => client)
+      end
+
+      it "passes a node search query to the handler" do
+        expect(vault_handler).to receive(:run).with(client)
+        bootstrap.bootstrap
+      end
+    end
+  end
+end