knife-windows 1.7.0 → 1.7.1

data/spec/unit/knife/core/windows_bootstrap_context_spec.rb

@@ -1,177 +1,213 @@
-#
-# Author:: Bryan McLellan <btm@loftninjas.org>
-# Copyright:: Copyright (c) 2014-2016 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-require 'spec_helper'
-
-describe Chef::Knife::Core::WindowsBootstrapContext do
-  let(:mock_bootstrap_context) { Chef::Knife::Core::WindowsBootstrapContext.new({ }, nil, { :knife => {} }) }
-
-  before do
-     allow(Chef::Knife::Core::WindowsBootstrapContext).to receive(:new).and_return(mock_bootstrap_context)
-   end
-
-  describe "fips" do
-    before do
-      Chef::Config[:fips] = fips_mode
-    end
-
-    after do
-      Chef::Config.reset!
-    end
-
-    context "when fips is set" do
-      let(:fips_mode) { true }
-
-      it "sets fips mode in the client.rb" do
-        expect(mock_bootstrap_context.config_content).to match(/fips true/)
-      end
-    end
-
-    context "when fips is not set" do
-      let(:fips_mode) { false }
-
-      it "sets fips mode in the client.rb" do
-        expect(mock_bootstrap_context.config_content).not_to match(/fips true/)
-      end
-    end
-  end
-
-  describe "validation_key", :chef_gte_12_only do
-    before do
-      mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:validation_key => "C:\\chef\\key.pem"))
-    end
-
-    it "should return false if validation_key does not exist" do
-      allow(::File).to receive(:expand_path)
-      allow(::File).to receive(:exist?).and_return(false)
-      expect(mock_bootstrap_context.validation_key).to eq(false)
-    end
-  end
-
-  describe "latest_current_windows_chef_version_query" do
-    it "returns the major version of the current version of Chef" do
-      stub_const("Chef::VERSION", '11.1.2')
-      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&v=11")
-    end
-
-    it "does not add prerelease if the version of Chef installed is a prerelease" do
-      stub_const("Chef::VERSION", '42.0.1.alpha.1')
-      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).not_to match(/&prerelease=true/)
-    end
-
-    it "does add prerelease if the version specified to be installed is a prerelease" do
-      allow(mock_bootstrap_context).to receive(:knife_config).and_return(Mash.new(:bootstrap_version => "12.0.0.alpha.1"))
-      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&v=12.0.0.alpha.1&prerelease=true")
-    end
-
-    context "when the prerelease config option is set" do
-      before do
-        mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:prerelease => true))
-      end
-
-      it "sets prerelease to true in the returned string" do
-        expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&prerelease=true")
-      end
-    end
-  end
-
-  describe "msi_url" do
-    context "when config option is not set" do
-      before do
-        expect(mock_bootstrap_context).to receive(:latest_current_windows_chef_version_query).and_return("&v=something")
-      end
-
-      it "returns a chef.io msi url with minimal url parameters" do
-        reference_url = "https://www.chef.io/chef/download?p=windows&v=something"
-        expect(mock_bootstrap_context.msi_url).to eq(reference_url)
-      end
-
-      it "returns a chef.io msi url with provided url parameters substituted" do
-        reference_url = "https://www.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&v=something"
-        expect(mock_bootstrap_context.msi_url('machine', 'arch', 'ctx')).to eq(reference_url)
-      end
-    end
-
-    context "when msi_url config option is set" do
-      let(:custom_url) { "file://something" }
-
-      before do
-        mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:msi_url => custom_url))
-      end
-
-      it "returns the overriden url" do
-        expect(mock_bootstrap_context.msi_url).to eq(custom_url)
-      end
-
-      it "doesn't introduce any unnecessary query parameters if provided by the template" do
-        expect(mock_bootstrap_context.msi_url('machine', 'arch', 'ctx')).to eq(custom_url)
-      end
-    end
-  end
-
-  describe "bootstrap_install_command for bootstrap through WinRM" do
-    context "when bootstrap_install_command option is passed on CLI" do
-      let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new(['--bootstrap-install-command', 'chef-client']) }
-      before do
-        bootstrap.config[:bootstrap_install_command] = "chef-client"
-      end
-
-      it "sets the bootstrap_install_command option under Chef::Config::Knife object" do
-        expect(Chef::Config[:knife][:bootstrap_install_command]).to eq("chef-client")
-      end
-
-      after do
-        bootstrap.config.delete(:bootstrap_install_command)
-        Chef::Config[:knife].delete(:bootstrap_install_command)
-      end
-    end
-
-    context "when bootstrap_install_command option is not passed on CLI" do
-      let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new([]) }
-      it "does not set the bootstrap_install_command option under Chef::Config::Knife object" do
-        expect(Chef::Config[:knife][:bootstrap_install_command]). to eq(nil)
-      end
-    end
-  end
-
-  describe "bootstrap_install_command for bootstrap through SSH" do
-    context "when bootstrap_install_command option is passed on CLI" do
-      let(:bootstrap) { Chef::Knife::BootstrapWindowsSsh.new(['--bootstrap-install-command', 'chef-client']) }
-      before do
-        bootstrap.config[:bootstrap_install_command] = "chef-client"
-      end
-
-      it "sets the bootstrap_install_command option under Chef::Config::Knife object" do
-        expect(Chef::Config[:knife][:bootstrap_install_command]).to eq("chef-client")
-      end
-
-      after do
-        bootstrap.config.delete(:bootstrap_install_command)
-        Chef::Config[:knife].delete(:bootstrap_install_command)
-      end
-    end
-
-    context "when bootstrap_install_command option is not passed on CLI" do
-      let(:bootstrap) { Chef::Knife::BootstrapWindowsSsh.new([]) }
-      it "does not set the bootstrap_install_command option under Chef::Config::Knife object" do
-        expect(Chef::Config[:knife][:bootstrap_install_command]). to eq(nil)
-      end
-    end
-  end
-
-end
+#
+# Author:: Bryan McLellan <btm@loftninjas.org>
+# Copyright:: Copyright (c) 2014-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+
+describe Chef::Knife::Core::WindowsBootstrapContext do
+  let(:mock_bootstrap_context) { Chef::Knife::Core::WindowsBootstrapContext.new({ }, nil, { :knife => {} }) }
+
+  before do
+     allow(Chef::Knife::Core::WindowsBootstrapContext).to receive(:new).and_return(mock_bootstrap_context)
+   end
+
+  describe "fips" do
+    before do
+      Chef::Config[:fips] = fips_mode
+    end
+
+    after do
+      Chef::Config.reset!
+    end
+
+    context "when fips is set" do
+      let(:fips_mode) { true }
+
+      it "sets fips mode in the client.rb" do
+        expect(mock_bootstrap_context.config_content).to match(/fips true/)
+      end
+    end
+
+    context "when fips is not set" do
+      let(:fips_mode) { false }
+
+      it "sets fips mode in the client.rb" do
+        expect(mock_bootstrap_context.config_content).not_to match(/fips true/)
+      end
+    end
+  end
+
+  describe "trusted_certs_script" do
+    let(:mock_cert_dir) { ::File.absolute_path(::File.join('spec','assets','fake_trusted_certs')) }
+    let(:script_output) { mock_bootstrap_context.trusted_certs_script }
+    let(:crt_files) { ::Dir.glob(::File.join(mock_cert_dir, "*.crt")) }
+    let(:pem_files) { ::Dir.glob(::File.join(mock_cert_dir, "*.pem")) }
+    let(:other_files) { ::Dir.glob(::File.join(mock_cert_dir, "*"))-crt_files-pem_files }
+
+    before do
+      mock_bootstrap_context.instance_variable_set(:@chef_config, Mash.new(:trusted_certs_dir => mock_cert_dir))
+    end
+
+    it "should echo every .crt file in the trusted_certs directory" do
+      crt_files.each do |f|
+        echo_file = ::File.read(f).gsub(/^/, "echo.")
+        expect(script_output).to include(::File.join('trusted_certs',::File.basename(f)))
+        expect(script_output).to include(echo_file)
+      end
+    end
+
+    it "should echo every .pem file in the trusted_certs directory" do
+      pem_files.each do |f|
+        echo_file = ::File.read(f).gsub(/^/, "echo.")
+        expect(script_output).to include(::File.join('trusted_certs',::File.basename(f)))
+        expect(script_output).to include(echo_file)
+      end
+    end
+
+    it "should not echo files which aren't .crt or .pem files" do
+      other_files.each do |f|
+        echo_file = ::File.read(f).gsub(/^/, "echo.")
+        expect(script_output).to_not include(::File.join('trusted_certs',::File.basename(f)))
+        expect(script_output).to_not include(echo_file)
+      end
+    end
+  end
+
+  describe "validation_key", :chef_gte_12_only do
+    before do
+      mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:validation_key => "C:\\chef\\key.pem"))
+    end
+
+    it "should return false if validation_key does not exist" do
+      allow(::File).to receive(:expand_path)
+      allow(::File).to receive(:exist?).and_return(false)
+      expect(mock_bootstrap_context.validation_key).to eq(false)
+    end
+  end
+
+  describe "latest_current_windows_chef_version_query" do
+    it "returns the major version of the current version of Chef" do
+      stub_const("Chef::VERSION", '11.1.2')
+      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&v=11")
+    end
+
+    it "does not add prerelease if the version of Chef installed is a prerelease" do
+      stub_const("Chef::VERSION", '42.0.1.alpha.1')
+      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).not_to match(/&prerelease=true/)
+    end
+
+    it "does add prerelease if the version specified to be installed is a prerelease" do
+      allow(mock_bootstrap_context).to receive(:knife_config).and_return(Mash.new(:bootstrap_version => "12.0.0.alpha.1"))
+      expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&v=12.0.0.alpha.1&prerelease=true")
+    end
+
+    context "when the prerelease config option is set" do
+      before do
+        mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:prerelease => true))
+      end
+
+      it "sets prerelease to true in the returned string" do
+        expect(mock_bootstrap_context.latest_current_windows_chef_version_query).to eq("&prerelease=true")
+      end
+    end
+  end
+
+  describe "msi_url" do
+    context "when config option is not set" do
+      before do
+        expect(mock_bootstrap_context).to receive(:latest_current_windows_chef_version_query).and_return("&v=something")
+      end
+
+      it "returns a chef.io msi url with minimal url parameters" do
+        reference_url = "https://www.chef.io/chef/download?p=windows&v=something"
+        expect(mock_bootstrap_context.msi_url).to eq(reference_url)
+      end
+
+      it "returns a chef.io msi url with provided url parameters substituted" do
+        reference_url = "https://www.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&v=something"
+        expect(mock_bootstrap_context.msi_url('machine', 'arch', 'ctx')).to eq(reference_url)
+      end
+    end
+
+    context "when msi_url config option is set" do
+      let(:custom_url) { "file://something" }
+
+      before do
+        mock_bootstrap_context.instance_variable_set(:@config, Mash.new(:msi_url => custom_url))
+      end
+
+      it "returns the overriden url" do
+        expect(mock_bootstrap_context.msi_url).to eq(custom_url)
+      end
+
+      it "doesn't introduce any unnecessary query parameters if provided by the template" do
+        expect(mock_bootstrap_context.msi_url('machine', 'arch', 'ctx')).to eq(custom_url)
+      end
+    end
+  end
+
+  describe "bootstrap_install_command for bootstrap through WinRM" do
+    context "when bootstrap_install_command option is passed on CLI" do
+      let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new(['--bootstrap-install-command', 'chef-client']) }
+      before do
+        bootstrap.config[:bootstrap_install_command] = "chef-client"
+      end
+
+      it "sets the bootstrap_install_command option under Chef::Config::Knife object" do
+        expect(Chef::Config[:knife][:bootstrap_install_command]).to eq("chef-client")
+      end
+
+      after do
+        bootstrap.config.delete(:bootstrap_install_command)
+        Chef::Config[:knife].delete(:bootstrap_install_command)
+      end
+    end
+
+    context "when bootstrap_install_command option is not passed on CLI" do
+      let(:bootstrap) { Chef::Knife::BootstrapWindowsWinrm.new([]) }
+      it "does not set the bootstrap_install_command option under Chef::Config::Knife object" do
+        expect(Chef::Config[:knife][:bootstrap_install_command]). to eq(nil)
+      end
+    end
+  end
+
+  describe "bootstrap_install_command for bootstrap through SSH" do
+    context "when bootstrap_install_command option is passed on CLI" do
+      let(:bootstrap) { Chef::Knife::BootstrapWindowsSsh.new(['--bootstrap-install-command', 'chef-client']) }
+      before do
+        bootstrap.config[:bootstrap_install_command] = "chef-client"
+      end
+
+      it "sets the bootstrap_install_command option under Chef::Config::Knife object" do
+        expect(Chef::Config[:knife][:bootstrap_install_command]).to eq("chef-client")
+      end
+
+      after do
+        bootstrap.config.delete(:bootstrap_install_command)
+        Chef::Config[:knife].delete(:bootstrap_install_command)
+      end
+    end
+
+    context "when bootstrap_install_command option is not passed on CLI" do
+      let(:bootstrap) { Chef::Knife::BootstrapWindowsSsh.new([]) }
+      it "does not set the bootstrap_install_command option under Chef::Config::Knife object" do
+        expect(Chef::Config[:knife][:bootstrap_install_command]). to eq(nil)
+      end
+    end
+  end
+
+end

data/spec/unit/knife/windows_cert_generate_spec.rb

@@ -1,90 +1,90 @@
-#
-# Author:: Mukta Aphale <mukta.aphale@clogeny.com>
-# Copyright:: Copyright (c) 2014-2016 Chef Software, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-require 'spec_helper'
-require 'chef/knife/windows_cert_generate'
-require 'openssl'
-
-describe Chef::Knife::WindowsCertGenerate do
-  before(:all) do
-    @certgen = Chef::Knife::WindowsCertGenerate.new(["-H","something.mydomain.com"])
-  end
-
-  it "generates RSA key pair" do
-    @certgen.config[:key_length] = 2048
-    key = @certgen.generate_keypair
-    expect(key).to be_instance_of OpenSSL::PKey::RSA
-  end
-
-  it "generates X509 certificate" do
-    @certgen.config[:domain] = "test.com"
-    @certgen.config[:cert_validity] = "24"
-    key = @certgen.generate_keypair
-    certificate = @certgen.generate_certificate key
-    expect(certificate).to be_instance_of OpenSSL::X509::Certificate
-  end
-
-  it "writes certificate to file" do
-    expect(File).to receive(:open).exactly(3).times
-    cert = double(OpenSSL::X509::Certificate.new)
-    key = double(OpenSSL::PKey::RSA.new)
-    @certgen.config[:cert_passphrase] = "password"
-    expect(OpenSSL::PKCS12).to receive(:create).with("password", "winrmcert", key, cert)
-    @certgen.write_certificate_to_file cert, "test", key
-  end
-
-  context "when creating certificate files" do
-    before do
-      @certgen.thumbprint = "TEST_THUMBPRINT"
-      allow(Dir).to receive(:glob).and_return([])
-      allow(@certgen).to receive(:generate_keypair)
-      allow(@certgen).to receive(:generate_certificate)
-      expect(@certgen.ui).to receive(:info).with("Generated Certificates:")
-      expect(@certgen.ui).to receive(:info).with("- winrmcert.pfx - PKCS12 format key pair. Contains public and private keys, can be used with an SSL server.")
-      expect(@certgen.ui).to receive(:info).with("- winrmcert.b64 - Base64 encoded PKCS12 key pair. Contains public and private keys, used by some cloud provider API's to configure SSL servers.")
-      expect(@certgen.ui).to receive(:info).with("- winrmcert.pem - Base64 encoded public certificate only. Required by the client to connect to the server.")
-      expect(@certgen.ui).to receive(:info).with("Certificate Thumbprint: TEST_THUMBPRINT")
-    end
-
-    it "writes out certificates" do
-      @certgen.config[:output_file] = 'winrmcert'
-
-      expect(@certgen).to receive(:certificates_already_exist?).and_return(false)
-      expect(@certgen).to receive(:write_certificate_to_file)
-      @certgen.run
-    end
-
-    it "prompts when certificates already exist" do
-      file_path = 'winrmcert'
-      @certgen.config[:output_file] = file_path
-
-      allow(Dir).to receive(:glob).and_return([file_path])
-      expect(@certgen).to receive(:confirm).with("Do you really want to overwrite existing certificates")
-      expect(@certgen).to receive(:write_certificate_to_file)
-      @certgen.run
-    end
-
-    it "creates certificate on specified file path" do
-      file_path = "/tmp/winrmcert"
-      @certgen.name_args = [file_path]
-
-      expect(@certgen).to receive(:write_certificate_to_file) # FIXME: this should be testing that we get /tmp/winrmcert as the filename
-      @certgen.run
-    end
-  end
-end
+#
+# Author:: Mukta Aphale <mukta.aphale@clogeny.com>
+# Copyright:: Copyright (c) 2014-2016 Chef Software, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+require 'chef/knife/windows_cert_generate'
+require 'openssl'
+
+describe Chef::Knife::WindowsCertGenerate do
+  before(:all) do
+    @certgen = Chef::Knife::WindowsCertGenerate.new(["-H","something.mydomain.com"])
+  end
+
+  it "generates RSA key pair" do
+    @certgen.config[:key_length] = 2048
+    key = @certgen.generate_keypair
+    expect(key).to be_instance_of OpenSSL::PKey::RSA
+  end
+
+  it "generates X509 certificate" do
+    @certgen.config[:domain] = "test.com"
+    @certgen.config[:cert_validity] = "24"
+    key = @certgen.generate_keypair
+    certificate = @certgen.generate_certificate key
+    expect(certificate).to be_instance_of OpenSSL::X509::Certificate
+  end
+
+  it "writes certificate to file" do
+    expect(File).to receive(:open).exactly(3).times
+    cert = double(OpenSSL::X509::Certificate.new)
+    key = double(OpenSSL::PKey::RSA.new)
+    @certgen.config[:cert_passphrase] = "password"
+    expect(OpenSSL::PKCS12).to receive(:create).with("password", "winrmcert", key, cert)
+    @certgen.write_certificate_to_file cert, "test", key
+  end
+
+  context "when creating certificate files" do
+    before do
+      @certgen.thumbprint = "TEST_THUMBPRINT"
+      allow(Dir).to receive(:glob).and_return([])
+      allow(@certgen).to receive(:generate_keypair)
+      allow(@certgen).to receive(:generate_certificate)
+      expect(@certgen.ui).to receive(:info).with("Generated Certificates:")
+      expect(@certgen.ui).to receive(:info).with("- winrmcert.pfx - PKCS12 format key pair. Contains public and private keys, can be used with an SSL server.")
+      expect(@certgen.ui).to receive(:info).with("- winrmcert.b64 - Base64 encoded PKCS12 key pair. Contains public and private keys, used by some cloud provider API's to configure SSL servers.")
+      expect(@certgen.ui).to receive(:info).with("- winrmcert.pem - Base64 encoded public certificate only. Required by the client to connect to the server.")
+      expect(@certgen.ui).to receive(:info).with("Certificate Thumbprint: TEST_THUMBPRINT")
+    end
+
+    it "writes out certificates" do
+      @certgen.config[:output_file] = 'winrmcert'
+
+      expect(@certgen).to receive(:certificates_already_exist?).and_return(false)
+      expect(@certgen).to receive(:write_certificate_to_file)
+      @certgen.run
+    end
+
+    it "prompts when certificates already exist" do
+      file_path = 'winrmcert'
+      @certgen.config[:output_file] = file_path
+
+      allow(Dir).to receive(:glob).and_return([file_path])
+      expect(@certgen).to receive(:confirm).with("Do you really want to overwrite existing certificates")
+      expect(@certgen).to receive(:write_certificate_to_file)
+      @certgen.run
+    end
+
+    it "creates certificate on specified file path" do
+      file_path = "/tmp/winrmcert"
+      @certgen.name_args = [file_path]
+
+      expect(@certgen).to receive(:write_certificate_to_file) # FIXME: this should be testing that we get /tmp/winrmcert as the filename
+      @certgen.run
+    end
+  end
+end