knife-windows 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +3 -0
- data/CHANGELOG.md +5 -0
- data/README.md +7 -6
- data/lib/chef/knife/bootstrap_windows_base.rb +4 -4
- data/lib/chef/knife/bootstrap_windows_ssh.rb +6 -1
- data/lib/chef/knife/winrm_base.rb +0 -5
- data/lib/chef/knife/winrm_session.rb +12 -1
- data/lib/knife-windows/version.rb +1 -1
- data/spec/spec_helper.rb +5 -0
- data/spec/unit/knife/bootstrap_options_spec.rb +3 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 19d422ea5fc768b2e59e5896b91e315d5980cff0
|
|
4
|
+
data.tar.gz: 946ef4f8f1ff5ec0d990125170f969a8752b6481
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8742831667667dd4238f2c25732d701e67429e8f615f705dbc319fe712dca85389c10a58766ca01f2e9e638e80434e0e1c82f9480b8a631ae820eef74de2af1a
|
|
7
|
+
data.tar.gz: baead3cf7a7312833882ce75efc8647666177721395d62ece08efd434d7d228e42734c2eeecb197696d82526308712fd351b2ed6b8e36142c66246f8d6bbca01
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
# knife-windows Change Log
|
|
2
2
|
|
|
3
|
+
## Release 1.1.2
|
|
4
|
+
* [knife-windows #317](https://github.com/chef/knife-windows/pull/317) Update Vault after client is created
|
|
5
|
+
* [knife-windows #325](https://github.com/chef/knife-windows/pull/325) Fix proxy configuration to work with chef client 12.6.0
|
|
6
|
+
* [knife-windows #326](https://github.com/chef/knife-windows/pull/326) Support new `ssh_identity_file` bootstrap argument
|
|
7
|
+
|
|
3
8
|
## Release 1.1.1
|
|
4
9
|
* [knife-windows #307](https://github.com/chef/knife-windows/pull/307) Ensure prompted password is passed to winrm session
|
|
5
10
|
* [knife-windows #311](https://github.com/chef/knife-windows/issues/311) WinRM bootstrap silently fails
|
data/README.md
CHANGED
|
@@ -84,10 +84,11 @@ An initial run_list for the node can also be passed to the subcommand. Example u
|
|
|
84
84
|
### knife windows cert generate
|
|
85
85
|
|
|
86
86
|
Generates a certificate(x509) containing a public / private key pair for WinRM 'SSL' communication.
|
|
87
|
-
The certificate will be generated in three different formats
|
|
88
|
-
The
|
|
89
|
-
|
|
90
|
-
The *.
|
|
87
|
+
The certificate will be generated in three different formats:
|
|
88
|
+
* **.pem** - The *.pem is Base64 encoded public certificate only. One can use this file with the `-f` argument on `knife bootstrap windows winrm` and `knife winrm` commands.
|
|
89
|
+
* **.pfx** - The PKCS12(i.e .pfx) contains both the public and private keys, usually used on the server. This can be added to a WinRM Server's Certificate Store using `knife windows cert install` (see command description below). **Note:** Do not use the *.pfx file with the `-f` argument on the `knife bootstrap windows winrm` and `knife winrm` commands. Use the *.pem file instead.
|
|
90
|
+
* **.b64** - The *.b64 is Base64 PKCS12 key pair. Contains both the public and private keys, for upload to the Cloud REST API. e.g. Azure.
|
|
91
|
+
|
|
91
92
|
This command also displays the thumbprint of the generated certificate.
|
|
92
93
|
|
|
93
94
|
knife windows cert generate --cert-passphrase "strong_passphrase" --hostname "myserver.myorganization.net" --output-file "~/server_cert.pfx"
|
|
@@ -95,12 +96,12 @@ This command also displays the thumbprint of the generated certificate.
|
|
|
95
96
|
|
|
96
97
|
### knife windows cert install
|
|
97
98
|
|
|
98
|
-
This command only functions on Windows. It adds the specified certificate to its certificate store. This command must include a valid PKCS12(i.e *.pfx) certificate file path.
|
|
99
|
+
This command only functions on Windows and is intended to be run on a chef node. It adds the specified certificate to its certificate store. This command must include a valid PKCS12(i.e *.pfx) certificate file path such as the *.pfx file generated by `knife windows cert generate` described above.
|
|
99
100
|
|
|
100
101
|
knife windows cert install "~/server_cert.pfx" --cert-passphrase "strong_passphrase"
|
|
101
102
|
|
|
102
103
|
### knife windows listener create
|
|
103
|
-
This command only functions on Windows. It creates the winrm listener for SSL communication(i.e HTTPS).
|
|
104
|
+
This command only functions on Windows and is intended to be run on a chef node. It creates the winrm listener for SSL communication(i.e HTTPS).
|
|
104
105
|
This command can also install certificate which is specified using --cert-install option and use the installed certificate thumbprint to create winrm listener.
|
|
105
106
|
--hostname option is optional. Default value for hostname is *.
|
|
106
107
|
|
|
@@ -29,7 +29,7 @@ class Chef
|
|
|
29
29
|
module BootstrapWindowsBase
|
|
30
30
|
|
|
31
31
|
include Chef::Knife::KnifeWindowsBase
|
|
32
|
-
|
|
32
|
+
|
|
33
33
|
# :nodoc:
|
|
34
34
|
# Would prefer to do this in a rational way, but can't be done b/c of
|
|
35
35
|
# Mixlib::CLI's design :(
|
|
@@ -109,7 +109,7 @@ class Chef
|
|
|
109
109
|
name, path = h.split("=")
|
|
110
110
|
Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : Hash.new
|
|
111
111
|
}
|
|
112
|
-
|
|
112
|
+
|
|
113
113
|
option :first_boot_attributes,
|
|
114
114
|
:short => "-j JSON_ATTRIBS",
|
|
115
115
|
:long => "--json-attributes",
|
|
@@ -300,10 +300,10 @@ class Chef
|
|
|
300
300
|
exit 1
|
|
301
301
|
end
|
|
302
302
|
|
|
303
|
-
chef_vault_handler.run(node_name: config[:chef_node_name]) if chef_vault_handler.doing_chef_vault?
|
|
304
|
-
|
|
305
303
|
client_builder.run
|
|
304
|
+
chef_vault_handler.run(node_name: config[:chef_node_name]) if chef_vault_handler.doing_chef_vault?
|
|
306
305
|
bootstrap_context.client_pem = client_builder.client_path
|
|
306
|
+
|
|
307
307
|
else
|
|
308
308
|
ui.info("Doing old-style registration with the validation key at #{Chef::Config[:validation_key]}...")
|
|
309
309
|
ui.info("Delete your validation key in order to use your user credentials instead")
|
|
@@ -66,8 +66,12 @@ class Chef
|
|
|
66
66
|
:boolean => true
|
|
67
67
|
|
|
68
68
|
option :identity_file,
|
|
69
|
-
:short => "-i IDENTITY_FILE",
|
|
70
69
|
:long => "--identity-file IDENTITY_FILE",
|
|
70
|
+
:description => "The SSH identity file used for authentication. [DEPRECATED] Use --ssh-identity-file instead."
|
|
71
|
+
|
|
72
|
+
option :ssh_identity_file,
|
|
73
|
+
:short => "-i IDENTITY_FILE",
|
|
74
|
+
:long => "--ssh-identity-file IDENTITY_FILE",
|
|
71
75
|
:description => "The SSH identity file used for authentication"
|
|
72
76
|
|
|
73
77
|
# DEPR: Remove this option for the next release.
|
|
@@ -99,6 +103,7 @@ class Chef
|
|
|
99
103
|
ssh.config[:ssh_port] = locate_config_value(:ssh_port)
|
|
100
104
|
ssh.config[:ssh_gateway] = locate_config_value(:ssh_gateway)
|
|
101
105
|
ssh.config[:identity_file] = config[:identity_file]
|
|
106
|
+
ssh.config[:ssh_identity_file] = config[:ssh_identity_file] || config[:identity_file]
|
|
102
107
|
ssh.config[:forward_agent] = config[:forward_agent]
|
|
103
108
|
ssh.config[:manual] = true
|
|
104
109
|
ssh.config[:host_key_verify] = config[:host_key_verify]
|
|
@@ -66,11 +66,6 @@ class Chef
|
|
|
66
66
|
:default => '5985',
|
|
67
67
|
:proc => Proc.new { |key| Chef::Config[:knife][:winrm_port] = key }
|
|
68
68
|
|
|
69
|
-
option :identity_file,
|
|
70
|
-
:short => "-i IDENTITY_FILE",
|
|
71
|
-
:long => "--identity-file IDENTITY_FILE",
|
|
72
|
-
:description => "The SSH identity file used for authentication"
|
|
73
|
-
|
|
74
69
|
option :kerberos_keytab_file,
|
|
75
70
|
:short => "-T KEYTAB_FILE",
|
|
76
71
|
:long => "--keytab-file KEYTAB_FILE",
|
|
@@ -25,7 +25,8 @@ class Chef
|
|
|
25
25
|
attr_reader :host, :endpoint, :port, :output, :error, :exit_code
|
|
26
26
|
|
|
27
27
|
def initialize(options)
|
|
28
|
-
|
|
28
|
+
configure_proxy
|
|
29
|
+
|
|
29
30
|
@host = options[:host]
|
|
30
31
|
@port = options[:port]
|
|
31
32
|
url = "#{options[:host]}:#{options[:port]}/wsman"
|
|
@@ -57,6 +58,8 @@ class Chef
|
|
|
57
58
|
Chef::Log.debug("#{@host}[#{remote_id}] => :shell_close")
|
|
58
59
|
end
|
|
59
60
|
|
|
61
|
+
private
|
|
62
|
+
|
|
60
63
|
def get_output(remote_id, command_id)
|
|
61
64
|
@winrm_session.get_command_output(remote_id, command_id) do |out,error|
|
|
62
65
|
print_data(@host, out) if out
|
|
@@ -73,6 +76,14 @@ class Chef
|
|
|
73
76
|
end
|
|
74
77
|
end
|
|
75
78
|
|
|
79
|
+
def configure_proxy
|
|
80
|
+
if Chef::Config.respond_to?(:export_proxies)
|
|
81
|
+
Chef::Config.export_proxies
|
|
82
|
+
else
|
|
83
|
+
Chef::Application.new.configure_proxy_environment_variables
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
76
87
|
def self.load_windows_specific_gems
|
|
77
88
|
#checking for windows in case testing on linux
|
|
78
89
|
require 'winrm-s'
|
data/spec/spec_helper.rb
CHANGED
|
@@ -63,6 +63,10 @@ def chef_gte_12_5?
|
|
|
63
63
|
Chef::VERSION.split('.')[0..1].join('.').to_f >= 12.5
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
+
def chef_gte_12_6?
|
|
67
|
+
Chef::VERSION.split('.')[0..1].join('.').to_f >= 12.6
|
|
68
|
+
end
|
|
69
|
+
|
|
66
70
|
def chef_lt_12?
|
|
67
71
|
Chef::VERSION.split('.').first.to_i < 12
|
|
68
72
|
end
|
|
@@ -81,6 +85,7 @@ RSpec.configure do |config|
|
|
|
81
85
|
config.filter_run_excluding :windows_2012_only => true unless windows2012?
|
|
82
86
|
config.filter_run_excluding :chef_gte_12_only => true unless chef_gte_12?
|
|
83
87
|
config.filter_run_excluding :chef_gte_12_5_only => true unless chef_gte_12_5?
|
|
88
|
+
config.filter_run_excluding :chef_gte_12_6_only => true unless chef_gte_12_6?
|
|
84
89
|
config.filter_run_excluding :chef_lt_12_5_only => true if chef_gte_12_5?
|
|
85
90
|
config.filter_run_excluding :chef_lt_12_only => true unless chef_lt_12?
|
|
86
91
|
config.filter_run_excluding :if_chef_11 => true if chef_eq_11?
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
|
|
19
19
|
require 'spec_helper'
|
|
20
20
|
|
|
21
|
-
describe Chef::Knife::Bootstrap, :
|
|
21
|
+
describe Chef::Knife::Bootstrap, :chef_gte_12_6_only do
|
|
22
22
|
before(:all) do
|
|
23
23
|
Chef::Config.reset
|
|
24
24
|
end
|
|
@@ -95,6 +95,8 @@ expected: #{expected}
|
|
|
95
95
|
:use_sudo,
|
|
96
96
|
:use_sudo_password,
|
|
97
97
|
:encrypt, # irrelevant during bootstrap
|
|
98
|
+
:identity_file,
|
|
99
|
+
:ssh_identity_file,
|
|
98
100
|
]}
|
|
99
101
|
|
|
100
102
|
# win_ignore: Options in windows that aren't relevant to core.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: knife-windows
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Seth Chisamore
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-12-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: winrm
|