ridley 1.4.0 → 1.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d49b01c05183839d7cef30131ba300c890180655
-  data.tar.gz: 402b0fbdbf265d4f070803bc80833538ec1dbf72
+  metadata.gz: 6ddf15cf964bec841b6ddf37a9fed6456f349bcd
+  data.tar.gz: 66bb125b1b2ff3f751cb3ba5bac8488986eaccf6
 SHA512:
-  metadata.gz: c00aefbe3246307695bb8dd78c8f97ded171b4e5dc0c7861adfe1f5a8f292558d6ae45d94e37cce0c3a6a8e52892a949e02840d028f7595d24473c6d6a4eca79
-  data.tar.gz: 622d8a1ebf053ead22c1310e46663ec4ee75021b31499198e8cd57dd3b7f2121f7eff6eb6bb8b943c80f79bb4d3c18050a877ad5705f8ffa8562351c2d7b8daa
+  metadata.gz: 11576d2916237550f0f5cc9e67f784ccb0c095c2d4908bce318d8c397c4d3031dac3be5cb603968b036d6e9917811658328b30f04c2bc904cef71fc897d3dead
+  data.tar.gz: 6a3b1c1ec0d470cd8f2a31cdce148aa8e09ea976d5d1843a720f9b41421ca6dd549e4781191a7853759aa1ae3cb8e65db00aa01525cdf45747a824e47fd5e42e

data/README.md

@@ -141,7 +141,7 @@ Most resources can be listed, retrieved, created, updated, and destroyed. These
 
 #### Create
 
-A new Chef Object can be created in a three ways
+A new Chef Object can be created in a four ways
 
 _With the `#create` function and an attribute hash_
 
@@ -166,6 +166,11 @@ obj.name = "reset"
 obj.save #=> #<Ridley::RoleObject: chef_id:reset>
 ```
 
+_With the `#save` function on an instance of a Chef Object built from serialized json_
+
+    obj = ridley.role.from_file('/path/to/role.json')
+    obj.save #=> #<Ridley::RoleObject: chef_id:reset>
+
 Each of these methods produce an identical object on the Chef server. It is up to you on how you'd like to create new resources.
 
 #### Read

data/lib/ridley/bootstrap_context/unix.rb

@@ -17,13 +17,7 @@ module Ridley
 
       # @return [String]
       def boot_command
-        cmd = template.evaluate(self)
-
-        if sudo
-          cmd = "sudo #{cmd}"
-        end
-
-        cmd
+        template.evaluate(self)
       end
 
       # @return [String]

data/lib/ridley/chef/chefignore.rb

@@ -26,6 +26,7 @@ module Ridley::Chef
     end
 
     private
+
       # Find the chefignore file in the current directory
       #
       # @return [String, nil]
@@ -44,7 +45,7 @@ module Ridley::Chef
           end
         end
 
-        return nil
+        nil
       end
   end
 end

data/lib/ridley/chef_objects/data_bag_item_obect.rb

@@ -1,3 +1,5 @@
+require 'yaml'
+
 module Ridley
   class DataBagItemObject < ChefObject
     set_chef_id "id"
@@ -57,18 +59,14 @@ module Ridley
     #
     # @return [Hash] a decrypted attribute value
     def decrypt_value(value)
-      if encrypted_data_bag_secret.nil?
-        raise Errors::EncryptedDataBagSecretNotSet
+      case format_version_of(value)
+      when 0
+        decrypt_v0_value(value)
+      when 1
+        decrypt_v1_value(value)
+      else
+        raise NotImplementedError, "Currently decrypting only version 0 & 1 databags are supported"
       end
-
-      decoded_value = Base64.decode64(value)
-
-      cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
-      cipher.decrypt
-      cipher.pkcs5_keyivgen(encrypted_data_bag_secret)
-      decrypted_value = cipher.update(decoded_value) + cipher.final
-
-      YAML.load(decrypted_value)
     end
 
     # Reload the attributes of the instantiated resource
@@ -105,6 +103,44 @@ module Ridley
 
     private
 
+      # Shamelessly lifted from https://github.com/opscode/chef/blob/2c0040c95bb942d13ad8c47498df56be43e9a82e/lib/chef/encrypted_data_bag_item.rb#L209-L215
+      def format_version_of(encrypted_value)
+        if encrypted_value.respond_to?(:key?)
+          encrypted_value["version"]
+        else
+          0
+        end
+      end
+
+      def decrypt_v0_value(value)
+        if encrypted_data_bag_secret.nil?
+          raise Errors::EncryptedDataBagSecretNotSet
+        end
+
+        decoded_value = Base64.decode64(value)
+
+        cipher = OpenSSL::Cipher::Cipher.new('aes-256-cbc')
+        cipher.decrypt
+        cipher.pkcs5_keyivgen(encrypted_data_bag_secret)
+        decrypted_value = cipher.update(decoded_value) + cipher.final
+
+        YAML.load(decrypted_value)
+      end
+
+      def decrypt_v1_value(attrs)
+        if encrypted_data_bag_secret.nil?
+          raise Errors::EncryptedDataBagSecretNotSet
+        end
+
+        cipher = OpenSSL::Cipher::Cipher.new(attrs[:cipher])
+        cipher.decrypt
+        cipher.key = Digest::SHA256.digest(encrypted_data_bag_secret)
+        cipher.iv = Base64.decode64(attrs[:iv])
+        decrypted_value = cipher.update(Base64.decode64(attrs[:encrypted_data])) + cipher.final
+
+        YAML.load(decrypted_value)["json_wrapper"]
+      end
+
       def encrypted_data_bag_secret
         resource.encrypted_data_bag_secret
       end

data/lib/ridley/resource.rb

@@ -34,6 +34,26 @@ module Ridley
       self.class.representation.new(Actor.current, *args)
     end
 
+    # Used to build a representation from a file with the current Actor's resource
+    #
+    # @param [String] filename
+    #   a full filename from which to build this representation (currently only supports .json files)
+    #
+    # @return [representation.class]
+    def from_file(filename)
+      from_json(File.read(filename))
+    end
+
+    # Used to build a representation from a serialized json string with the current Actor's resource
+    #
+    # @param [String] json
+    #   a representation serialized into json
+    #
+    # @return [representation.class]
+    def from_json(json)
+      new(JSON.parse(json))
+    end
+
     # @return [Ridley::Connection]
     def connection
       @connection_registry[:connection_pool]

data/lib/ridley/version.rb

@@ -1,3 +1,3 @@
 module Ridley
-  VERSION = "1.4.0"
+  VERSION = "1.4.1"
 end

data/spec/unit/ridley/chef_objects/data_bag_item_object_spec.rb

@@ -44,12 +44,22 @@ describe Ridley::DataBagItemObject do
       resource.stub(encrypted_data_bag_secret: File.read(fixtures_path.join("encrypted_data_bag_secret").to_s))
     end
 
-    it "decrypts an encrypted value" do
+    it "decrypts an encrypted v0 value" do
       subject.attributes[:test] = "Xk0E8lV9r4BhZzcg4wal0X4w9ZexN3azxMjZ9r1MCZc="
       subject.decrypt
       subject.attributes[:test][:database][:username].should == "test"
     end
 
+    it "decrypts an encrypted v1 value" do
+      subject.attributes[:password] = Hashie::Mash.new
+      subject.attributes[:password][:version] = 1
+      subject.attributes[:password][:cipher] = "aes-256-cbc"
+      subject.attributes[:password][:encrypted_data] = "zG+tTjtwOWA4vEYDoUwPYreXLZ1pFyKoWDGezEejmKs="
+      subject.attributes[:password][:iv] = "URVhHxv/ZrnABJBvl82qsg=="
+      subject.decrypt
+      subject.attributes[:password].should == "password123"
+    end
+
     it "does not decrypt the id field" do
       id = "dbi_id"
       subject.attributes[:id] = id

data/spec/unit/ridley/resource_spec.rb

@@ -48,6 +48,7 @@ describe Ridley::Resource do
 
   let(:connection) { double('chef-connection') }
   let(:response) { double('chef-response', body: Hash.new) }
+  let(:resource_json) { '{"some":"valid json"}' }
 
   subject { resource_class.new(double('registry')) }
 
@@ -56,6 +57,22 @@ describe Ridley::Resource do
     subject.stub(connection: connection)
   end
 
+  describe "::from_file" do
+    it "reads the file and calls ::from_json with contents" do
+      File.stub(:read) { resource_json }
+      subject.should_receive(:from_json).with(resource_json)
+      subject.from_file('/bogus/filename.json')
+    end
+  end
+
+  describe "::from_json" do
+    it "parses the argument and calls ::new with newly built hash" do
+      hashed_json = JSON.parse(resource_json)
+      subject.should_receive(:new).with(hashed_json).and_return representation
+      subject.from_json(resource_json)
+    end
+  end
+
   describe "::all" do
     it "sends GET to /{resource_path}" do
       connection.should_receive(:get).with(subject.class.resource_path).and_return(response)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ridley
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.1
 platform: ruby
 authors:
 - Jamie Winsor
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-19 00:00:00.000000000 Z
+date: 2013-07-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable