RubyGems - simp-cli - Versions diffs - 1.0.12 - Mend

simp-cli 1.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (150) hide show

checksums.yaml +15 -0
data/LICENSE +27 -0
data/README.md +48 -0
data/Rakefile +142 -0
data/bin/simp +5 -0
data/lib/simp/cli.rb +88 -0
data/lib/simp/cli/commands/bootstrap.rb +275 -0
data/lib/simp/cli/commands/check.rb +163 -0
data/lib/simp/cli/commands/cleancerts.rb +114 -0
data/lib/simp/cli/commands/config.rb +235 -0
data/lib/simp/cli/commands/doc.rb +14 -0
data/lib/simp/cli/commands/passgen.rb +128 -0
data/lib/simp/cli/commands/puppeteval.rb +82 -0
data/lib/simp/cli/commands/runpuppet.rb +95 -0
data/lib/simp/cli/config/item.rb +456 -0
data/lib/simp/cli/config/item/add_ldap_to_hiera.rb +43 -0
data/lib/simp/cli/config/item/answers_yaml_file_writer.rb +58 -0
data/lib/simp/cli/config/item/certificates.rb +39 -0
data/lib/simp/cli/config/item/client_nets.rb +65 -0
data/lib/simp/cli/config/item/common_runlevel_default.rb +32 -0
data/lib/simp/cli/config/item/dns_search.rb +48 -0
data/lib/simp/cli/config/item/dns_servers.rb +57 -0
data/lib/simp/cli/config/item/failover_log_servers.rb +27 -0
data/lib/simp/cli/config/item/gateway.rb +32 -0
data/lib/simp/cli/config/item/grub_password.rb +51 -0
data/lib/simp/cli/config/item/hostname.rb +24 -0
data/lib/simp/cli/config/item/hostname_conf.rb +48 -0
data/lib/simp/cli/config/item/ipaddress.rb +46 -0
data/lib/simp/cli/config/item/is_master_yum_server.rb +23 -0
data/lib/simp/cli/config/item/ldap_base_dn.rb +38 -0
data/lib/simp/cli/config/item/ldap_bind_dn.rb +34 -0
data/lib/simp/cli/config/item/ldap_bind_hash.rb +28 -0
data/lib/simp/cli/config/item/ldap_bind_pw.rb +24 -0
data/lib/simp/cli/config/item/ldap_master.rb +33 -0
data/lib/simp/cli/config/item/ldap_root_dn.rb +42 -0
data/lib/simp/cli/config/item/ldap_root_hash.rb +35 -0
data/lib/simp/cli/config/item/ldap_sync_dn.rb +24 -0
data/lib/simp/cli/config/item/ldap_sync_hash.rb +28 -0
data/lib/simp/cli/config/item/ldap_sync_pw.rb +26 -0
data/lib/simp/cli/config/item/ldap_uri.rb +43 -0
data/lib/simp/cli/config/item/log_servers.rb +27 -0
data/lib/simp/cli/config/item/netmask.rb +39 -0
data/lib/simp/cli/config/item/network_conf.rb +63 -0
data/lib/simp/cli/config/item/network_dhcp.rb +27 -0
data/lib/simp/cli/config/item/network_interface.rb +41 -0
data/lib/simp/cli/config/item/network_setup_nic.rb +28 -0
data/lib/simp/cli/config/item/ntp_servers.rb +69 -0
data/lib/simp/cli/config/item/puppet_autosign.rb +66 -0
data/lib/simp/cli/config/item/puppet_ca.rb +31 -0
data/lib/simp/cli/config/item/puppet_ca_port.rb +28 -0
data/lib/simp/cli/config/item/puppet_conf.rb +98 -0
data/lib/simp/cli/config/item/puppet_fileserver.rb +104 -0
data/lib/simp/cli/config/item/puppet_hosts_entry.rb +44 -0
data/lib/simp/cli/config/item/puppet_server.rb +30 -0
data/lib/simp/cli/config/item/puppet_server_ip.rb +25 -0
data/lib/simp/cli/config/item/puppetdb_port.rb +25 -0
data/lib/simp/cli/config/item/puppetdb_server.rb +26 -0
data/lib/simp/cli/config/item/remove_ldap_from_hiera.rb +47 -0
data/lib/simp/cli/config/item/rename_fqdn_yaml.rb +40 -0
data/lib/simp/cli/config/item/rsync_base.rb +37 -0
data/lib/simp/cli/config/item/rsync_server.rb +44 -0
data/lib/simp/cli/config/item/rsync_timeout.rb +26 -0
data/lib/simp/cli/config/item/set_grub_password.rb +19 -0
data/lib/simp/cli/config/item/simp_yum_servers.rb +30 -0
data/lib/simp/cli/config/item/use_auditd.rb +19 -0
data/lib/simp/cli/config/item/use_fips.rb +46 -0
data/lib/simp/cli/config/item/use_iptables.rb +22 -0
data/lib/simp/cli/config/item/use_ldap.rb +19 -0
data/lib/simp/cli/config/item/use_selinux.rb +32 -0
data/lib/simp/cli/config/item/yum_repositories.rb +75 -0
data/lib/simp/cli/config/item_list_factory.rb +236 -0
data/lib/simp/cli/config/questionnaire.rb +86 -0
data/lib/simp/cli/config/utils.rb +128 -0
data/lib/simp/cli/lib/utils.rb +114 -0
data/lib/simp/simp.rb +77 -0
data/spec/lib/simp/cli/commands/config_spec.rb +42 -0
data/spec/lib/simp/cli/config/item/add_ldap_to_hiera_spec.rb +58 -0
data/spec/lib/simp/cli/config/item/answers_yaml_file_writer_spec.rb +86 -0
data/spec/lib/simp/cli/config/item/certificates_spec.rb +50 -0
data/spec/lib/simp/cli/config/item/client_nets_spec.rb +66 -0
data/spec/lib/simp/cli/config/item/common_runlevel_default_spec.rb +27 -0
data/spec/lib/simp/cli/config/item/dns_search_spec.rb +74 -0
data/spec/lib/simp/cli/config/item/dns_servers_spec.rb +76 -0
data/spec/lib/simp/cli/config/item/failover_log_servers_spec.rb +49 -0
data/spec/lib/simp/cli/config/item/files/FakeCA/cacertkey +1 -0
data/spec/lib/simp/cli/config/item/files/FakeCA/gencerts_nopass.sh +10 -0
data/spec/lib/simp/cli/config/item/files/autosign.conf.new +11 -0
data/spec/lib/simp/cli/config/item/files/autosign.conf.used +15 -0
data/spec/lib/simp/cli/config/item/files/fileserver.conf +41 -0
data/spec/lib/simp/cli/config/item/files/hosts +2 -0
data/spec/lib/simp/cli/config/item/files/hosts.old_puppet_entry +3 -0
data/spec/lib/simp/cli/config/item/files/puppet.conf +25 -0
data/spec/lib/simp/cli/config/item/files/puppet.your.domain.yaml +21 -0
data/spec/lib/simp/cli/config/item/files/resolv.conf__multiple +10 -0
data/spec/lib/simp/cli/config/item/files/resolv.conf__single +4 -0
data/spec/lib/simp/cli/config/item/files/rsyncd.conf +225 -0
data/spec/lib/simp/cli/config/item/gateway_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/grub_password_spec.rb +24 -0
data/spec/lib/simp/cli/config/item/hostname_conf_spec.rb +27 -0
data/spec/lib/simp/cli/config/item/hostname_spec.rb +22 -0
data/spec/lib/simp/cli/config/item/ipaddress_spec.rb +40 -0
data/spec/lib/simp/cli/config/item/is_master_yum_server_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/ldap_base_dn_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_bind_dn_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_bind_hash_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_bind_pw_spec.rb +21 -0
data/spec/lib/simp/cli/config/item/ldap_master_spec.rb +37 -0
data/spec/lib/simp/cli/config/item/ldap_root_dn_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_root_hash_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_sync_dn_spec.rb +22 -0
data/spec/lib/simp/cli/config/item/ldap_sync_hash_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/ldap_sync_pw_spec.rb +21 -0
data/spec/lib/simp/cli/config/item/ldap_uri_spec.rb +32 -0
data/spec/lib/simp/cli/config/item/log_servers_spec.rb +49 -0
data/spec/lib/simp/cli/config/item/netmask_spec.rb +28 -0
data/spec/lib/simp/cli/config/item/network_conf_spec.rb +63 -0
data/spec/lib/simp/cli/config/item/network_dhcp_spec.rb +11 -0
data/spec/lib/simp/cli/config/item/network_interface_spec.rb +26 -0
data/spec/lib/simp/cli/config/item/network_setup_nic_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/ntp_servers_spec.rb +43 -0
data/spec/lib/simp/cli/config/item/puppet_autosign_spec.rb +55 -0
data/spec/lib/simp/cli/config/item/puppet_ca_port_spec.rb +23 -0
data/spec/lib/simp/cli/config/item/puppet_ca_spec.rb +22 -0
data/spec/lib/simp/cli/config/item/puppet_conf_spec.rb +110 -0
data/spec/lib/simp/cli/config/item/puppet_fileserver_spec.rb +53 -0
data/spec/lib/simp/cli/config/item/puppet_hosts_entry_spec.rb +85 -0
data/spec/lib/simp/cli/config/item/puppet_server_ip_spec.rb +24 -0
data/spec/lib/simp/cli/config/item/puppet_server_spec.rb +22 -0
data/spec/lib/simp/cli/config/item/puppetdb_port_spec.rb +25 -0
data/spec/lib/simp/cli/config/item/puppetdb_server_spec.rb +25 -0
data/spec/lib/simp/cli/config/item/remove_ldap_from_hiera_spec.rb +58 -0
data/spec/lib/simp/cli/config/item/rename_fqdn_yaml_spec.rb +63 -0
data/spec/lib/simp/cli/config/item/rsync_base_spec.rb +28 -0
data/spec/lib/simp/cli/config/item/rsync_server_spec.rb +41 -0
data/spec/lib/simp/cli/config/item/rsync_timeout_spec.rb +21 -0
data/spec/lib/simp/cli/config/item/set_grub_password_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/simp_yum_servers_spec.rb +41 -0
data/spec/lib/simp/cli/config/item/spec_helper.rb +22 -0
data/spec/lib/simp/cli/config/item/use_auditd_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/use_fips_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/use_iptables_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/use_ldap_spec.rb +29 -0
data/spec/lib/simp/cli/config/item/use_selinux_spec.rb +24 -0
data/spec/lib/simp/cli/config/item/yum_repositories_spec.rb +94 -0
data/spec/lib/simp/cli/config/item_spec.rb +106 -0
data/spec/lib/simp/cli/config/spec_helper.rb +1 -0
data/spec/lib/simp/cli/config/utils_spec.rb +131 -0
data/spec/lib/simp/cli/spec_helper.rb +1 -0
data/spec/spec_helper.rb +91 -0
metadata +391 -0

data/spec/lib/simp/cli/config/item/spec_helper.rb ADDED

@@ -0,0 +1,22 @@
+shared_examples 'a child of Simp::Cli::Config::Item' do
+  describe '#to_yaml_s' do
+    it 'does not contain FIXME' do
+      expect( @ci.to_yaml_s ).not_to match(/FIXME/)
+    end
+  end
+  describe '#key' do
+    it 'returns a String' do
+      expect( @ci.key ).to be_a_kind_of(String)
+    end
+  end
+end
+shared_examples "an Item that doesn't output YAML" do
+  describe "#to_yaml_s" do
+    it "is empty" do
+      expect( @ci.to_yaml_s.to_s ).to be_empty
+    end
+  end
+end

data/spec/lib/simp/cli/config/item/use_auditd_spec.rb ADDED

@@ -0,0 +1,29 @@
+require 'simp/cli/config/item/use_auditd'
+require 'rspec/its'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::UseAuditd do
+  before :each do
+    @ci = Simp::Cli::Config::Item::UseAuditd.new
+  end
+  describe "#validate" do
+    it "validates yes/no" do
+      expect( @ci.validate 'yes' ).to eq true
+      expect( @ci.validate 'y' ).to   eq true
+      expect( @ci.validate 'Y' ).to   eq true
+      expect( @ci.validate 'no' ).to  eq true
+      expect( @ci.validate 'n' ).to   eq true
+      expect( @ci.validate 'NO' ).to  eq true
+      expect( @ci.validate true ).to  eq true
+      expect( @ci.validate false ).to eq true
+    end
+    it "doesn't validate other things" do
+      expect( @ci.validate 'ydd' ).to  eq false
+      expect( @ci.validate 'gsdg' ).to eq false
+    end
+  end
+  it_behaves_like "a child of Simp::Cli::Config::Item"
+end

data/spec/lib/simp/cli/config/item/use_fips_spec.rb ADDED

@@ -0,0 +1,29 @@
+require 'simp/cli/config/item/use_fips'
+require 'rspec/its'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::UseFips do
+  before :each do
+    @ci = Simp::Cli::Config::Item::UseFips.new
+  end
+  describe "#validate" do
+    it "validates yes/no" do
+      expect( @ci.validate 'yes' ).to eq true
+      expect( @ci.validate 'y' ).to   eq true
+      expect( @ci.validate 'Y' ).to   eq true
+      expect( @ci.validate 'no' ).to  eq true
+      expect( @ci.validate 'n' ).to   eq true
+      expect( @ci.validate 'NO' ).to  eq true
+      expect( @ci.validate true ).to  eq true
+      expect( @ci.validate false ).to eq true
+    end
+    it "doesn't validate other things" do
+      expect( @ci.validate 'ydd' ).to  eq false
+      expect( @ci.validate 'gsdg' ).to eq false
+    end
+  end
+  it_behaves_like "a child of Simp::Cli::Config::Item"
+end

data/spec/lib/simp/cli/config/item/use_iptables_spec.rb ADDED

@@ -0,0 +1,29 @@
+require 'simp/cli/config/item/use_iptables'
+require 'rspec/its'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::UseIPtables do
+  before :each do
+    @ci = Simp::Cli::Config::Item::UseIPtables.new
+  end
+  describe "#validate" do
+    it "validates yes/no" do
+      expect( @ci.validate 'yes' ).to eq true
+      expect( @ci.validate 'y' ).to   eq true
+      expect( @ci.validate 'Y' ).to   eq true
+      expect( @ci.validate 'no' ).to  eq true
+      expect( @ci.validate 'n' ).to   eq true
+      expect( @ci.validate 'NO' ).to  eq true
+      expect( @ci.validate true ).to  eq true
+      expect( @ci.validate false ).to eq true
+    end
+    it "doesn't validate other things" do
+      expect( @ci.validate 'ydd' ).to  eq false
+      expect( @ci.validate 'gsdg' ).to eq false
+    end
+  end
+  it_behaves_like "a child of Simp::Cli::Config::Item"
+end

data/spec/lib/simp/cli/config/item/use_ldap_spec.rb ADDED

@@ -0,0 +1,29 @@
+require 'simp/cli/config/item/use_ldap'
+require 'rspec/its'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::UseLdap do
+  before :each do
+    @ci = Simp::Cli::Config::Item::UseLdap.new
+  end
+  describe "#validate" do
+    it "validates yes/no" do
+      expect( @ci.validate 'yes' ).to eq true
+      expect( @ci.validate 'y' ).to   eq true
+      expect( @ci.validate 'Y' ).to   eq true
+      expect( @ci.validate 'no' ).to  eq true
+      expect( @ci.validate 'n' ).to   eq true
+      expect( @ci.validate 'NO' ).to  eq true
+      expect( @ci.validate true ).to   eq true
+      expect( @ci.validate false ).to  eq true
+    end
+    it "doesn't validate other things" do
+      expect( @ci.validate 'ydd' ).to  eq false
+      expect( @ci.validate 'gsdg' ).to eq false
+    end
+  end
+  it_behaves_like "a child of Simp::Cli::Config::Item"
+end

data/spec/lib/simp/cli/config/item/use_selinux_spec.rb ADDED

@@ -0,0 +1,24 @@
+require 'simp/cli/config/item/use_selinux'
+require 'rspec/its'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::UseSELinux do
+  before :each do
+    @ci = Simp::Cli::Config::Item::UseSELinux.new
+  end
+  describe "#validate" do
+    it "validates valid values" do
+      expect( @ci.validate 'enforcing' ).to eq true
+      expect( @ci.validate 'permissive' ).to eq true
+      expect( @ci.validate 'disabled' ).to eq true
+    end
+    it "doesn't validate other things" do
+      expect( @ci.validate 'ydd' ).to  eq false
+      expect( @ci.validate nil ).to eq false
+    end
+  end
+  it_behaves_like "a child of Simp::Cli::Config::Item"
+end

data/spec/lib/simp/cli/config/item/yum_repositories_spec.rb ADDED

@@ -0,0 +1,94 @@
+require 'simp/cli/config/item/yum_repositories'
+require 'simp/cli/config/item/is_master_yum_server'
+require 'rspec/its'
+require 'tmpdir'
+require_relative( 'spec_helper' )
+describe Simp::Cli::Config::Item::YumRepositories do
+  context "in a SIMP directory structure"
+    before :each do
+      @files_dir   = File.expand_path( 'files', File.dirname( __FILE__ ) )
+      @tmp_dir     = Dir.mktmpdir( File.basename( __FILE__ ) )
+      @tmp_yum_dir = File.expand_path( 'yum',   @tmp_dir )
+      @tmp_repos_d = File.expand_path( 'yum.repos.d', @tmp_dir )
+      yaml_file       = File.join( @files_dir, 'puppet.your.domain.yaml' )
+      @tmp_yaml_file   = File.join( @tmp_dir,   'puppet.your.domain.yaml__YumRepositories' )
+      FileUtils.cp( yaml_file, @tmp_yaml_file )
+      FileUtils.mkdir_p   @tmp_yum_dir
+      FileUtils.mkdir_p   @tmp_repos_d
+      @ci             = Simp::Cli::Config::Item::YumRepositories.new
+      @ci.www_yum_dir = @tmp_yum_dir
+      @ci.yum_repos_d = @tmp_repos_d
+      @ci.yaml_file   = @tmp_yaml_file
+      @ci.silent      =  true
+    end
+    describe '#apply' do
+      before :each do
+        @fake_facts = {
+          'operatingsystem'        => 'TrevOS',
+          'operatingsystemrelease' => '9.9',
+          'architecture'           => 'ia64'
+        }
+        @fake_facts.each{ |k,v| ENV["FACTER_#{k}"] = v }
+        @yum_dist_dir = File.join(
+                                     @tmp_yum_dir,
+                                     @fake_facts['operatingsystem'],
+                                     @fake_facts['operatingsystemrelease'],
+                                     @fake_facts['architecture']
+                                   )
+        FileUtils.remove_entry_secure @yum_dist_dir if File.exists? @yum_dist_dir
+        FileUtils.mkdir_p @yum_dist_dir
+        item             = Simp::Cli::Config::Item::IsMasterYumServer.new
+        item.value       = true
+        @ci.config_items[item.key] = item
+      end
+      it 'creates the yum Updates directory' do
+        result = @ci.apply
+        expect( File.directory?( File.join( @yum_dist_dir, 'Updates') ) ).to eq( true )
+      end
+      it 'generates the yum Updates repo metadata' do
+        result = @ci.apply
+        file =  File.join( @yum_dist_dir, 'Updates', 'repodata', 'repomd.xml' )
+        if (value = ENV['SIMP_SKIP_NON_SIMPOS_TESTS'])
+          skip "skipping because env var SIMP_SKIP_NON_SIMPOS_TESTS is set to #{value}"
+        else
+          expect( File.exists?( file )).to eq( true )
+          expect( File.size?( file ) ).to  be_truthy
+        end
+      end
+      it 'enables simp::yum::enable_simp_repos in hiera' do
+        result = @ci.apply
+        lines = File.readlines( @tmp_yaml_file ).join( "\n" )
+        expect( lines ).to match(%r{^simp::yum::enable_simp_repos\s*:\s*true})
+      end
+      it 'does not enable simp::yum::enable_simp_repos in hiera when IsMasterYumServer is false' do
+        item             = Simp::Cli::Config::Item::IsMasterYumServer.new
+        item.value       = false
+        @ci.config_items[item.key] = item
+        result = @ci.apply
+        lines = File.readlines( @tmp_yaml_file ).join( "\n" )
+        expect( lines ).to_not match(%r{^simp::yum::enable_simp_repos\s*:\s*true})
+      end
+      it 'returns true' do
+        result = @ci.apply
+        expect( result ).to eq true
+      end
+      it_behaves_like "an Item that doesn't output YAML"
+      it_behaves_like 'a child of Simp::Cli::Config::Item'
+      after :each do
+        @fake_facts.each{ |k,v| ENV.delete "FACTER_#{k}" }
+        FileUtils.remove_entry_secure @tmp_dir
+      end
+    end
+end

data/spec/lib/simp/cli/config/item_spec.rb ADDED

@@ -0,0 +1,106 @@
+require 'simp/cli/config/item'
+require 'rspec/its'
+require_relative 'spec_helper'
+describe Simp::Cli::Config::Item do
+  before :each do
+    @ci = Simp::Cli::Config::Item.new
+  end
+  describe "#initialize" do
+    it "has no value when initialized" do
+      expect( @ci.value ).to eq nil
+    end
+    it "has nil values when initialized" do
+      expect( @ci.os_value ).to be_nil
+    end
+  end
+  describe "#print_summary" do
+    it "raises a RuntimeError on nil @key" do
+      @ci.key = nil
+      expect{ @ci.print_summary }.to raise_error( RuntimeError )
+    end
+    it "raises a RuntimeError on empty @key" do
+      @ci.key = ""
+      expect{ @ci.print_summary }.to raise_error( RuntimeError )
+    end
+  end
+end
+describe Simp::Cli::Config::ListItem do
+  before :each do
+    @ci = Simp::Cli::Config::ListItem.new
+  end
+  context "when @allow_empty_list = true" do
+    before :each do
+      @ci.allow_empty_list = false
+      @ci.value = []
+    end
+    describe "#validate" do
+      it "doesn't validate an empty array" do
+        expect( @ci.validate [] ).to eq false
+      end
+    end
+  end
+end
+describe Simp::Cli::Config::ActionItem do
+  before :each do
+    @ci         = Simp::Cli::Config::ActionItem.new
+    @ci.key     = "action::item"
+#    @ci.silent = true
+  end
+  describe "#apply" do
+    before :all do
+      @user       ||= ENV.fetch('USER')
+      ENV['USER']   = 'root'            # fake user as root
+    end
+    context "(when @skip_apply = true)" do
+      before :each do; @ci.skip_apply = true ; end
+      it "does blah" do
+        skip 'TODO: how shall we test generic safe_apply?'
+        @ci.safe_apply
+      end
+    end
+    context "(when @skip_apply = false)" do
+      before :each do; @ci.skip_apply = false ; end
+      it "does blah" do
+        skip 'TODO: how shall we test generic safe_apply?'
+        @ci.safe_apply
+      end
+    end
+    after :all do
+      ENV['USER']=@user
+    end
+  end
+end
+describe Simp::Cli::Config::PasswordItem do
+  before :each do
+    @ci        = Simp::Cli::Config::PasswordItem.new
+    @ci.silent = true
+  end
+  it "validates good passwords" do
+    expect( @ci.validate( 'duP3rP@ssw0r!' ) ).to eq true
+  end
+  it "doesn't validate bad passwords" do
+    expect( @ci.validate( 'short' ) ).to     eq false
+    expect( @ci.validate( '' ) ).to          eq false
+    expect( @ci.validate( '123456789' ) ).to eq false
+  end
+end

data/spec/lib/simp/cli/config/spec_helper.rb ADDED

	@@ -0,0 +1 @@
1	+ require_relative 'item/spec_helper' #TODO: remove after moving all child tests into items/

data/spec/lib/simp/cli/config/utils_spec.rb ADDED

@@ -0,0 +1,131 @@
+require 'simp/cli/config/utils'
+require 'rspec/its'
+require_relative 'spec_helper'
+describe Simp::Cli::Config::Utils do
+  describe ".validate_fqdn" do
+    it "validates good FQDNs" do
+      expect( Simp::Cli::Config::Utils.validate_fqdn 'simp.dev' ).to eq true
+      expect( Simp::Cli::Config::Utils.validate_fqdn 'si-mp.dev' ).to eq true
+      # RFC 1123 permits hostname labels to start with digits (overriding RFC 952)
+      expect( Simp::Cli::Config::Utils.validate_fqdn '0simp.dev' ).to eq true
+    end
+    it "doesn't validate bad FQDNS" do
+      expect( Simp::Cli::Config::Utils.validate_fqdn '.simp.dev' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_fqdn 'simp.dev.' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_fqdn '-simp.dev' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_fqdn 'simp.dev-' ).to eq false
+    end
+  end
+  describe ".validate_ip" do
+    it "validates good IPs" do
+      expect( Simp::Cli::Config::Utils.validate_ip '192.168.1.1' ).to eq true
+    end
+    it "doesn't validate bad IPS" do
+      expect( Simp::Cli::Config::Utils.validate_ip 0 ).to            eq false
+      expect( Simp::Cli::Config::Utils.validate_ip false ).to        eq false
+      expect( Simp::Cli::Config::Utils.validate_ip nil ).to          eq false
+      expect( Simp::Cli::Config::Utils.validate_ip 'zombo.com' ).to  eq false
+      expect( Simp::Cli::Config::Utils.validate_ip '1.2.3' ).to      eq false
+      expect( Simp::Cli::Config::Utils.validate_ip '1.2.3.999' ).to  eq false
+      expect( Simp::Cli::Config::Utils.validate_ip '8.8.8.8.' ).to   eq false
+      expect( Simp::Cli::Config::Utils.validate_ip '1.2.3.4.5' ).to  eq false
+      expect( Simp::Cli::Config::Utils.validate_ip '1.2.3.4/24' ).to eq false
+    end
+  end
+  describe ".validate_hostname" do
+    it "validates good hostnames" do
+      expect( Simp::Cli::Config::Utils.validate_hostname 'log' ).to        eq true
+      expect( Simp::Cli::Config::Utils.validate_hostname 'log-server' ).to eq true
+      # RFC 1123 permits hostname labels to start with digits (overriding RFC 952)
+      expect( Simp::Cli::Config::Utils.validate_hostname '0log' ).to eq true
+    end
+    it "doesn't validate bad hostnames" do
+      expect( Simp::Cli::Config::Utils.validate_hostname 'log-' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_hostname 'log.' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_hostname '-log' ).to eq false
+      # longer than 63 chars
+      expect( Simp::Cli::Config::Utils.validate_hostname \
+            'log0234567891234567890223456789323456789423456789523456789623459'
+      ).to eq false
+    end
+  end
+  describe ".validate_hiera_lookup" do
+    it "validates correct hiera lookup syntax" do
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup "%{hiera('puppet::ca')}" ).to eq true
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup "%{::domain}" ).to eq true
+    end
+    it "validates correct hiera lookup syntax" do
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup "%[hiera('puppet::ca')]" ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup '' ).to    eq false
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup 'foo' ).to eq false
+      expect( Simp::Cli::Config::Utils.validate_hiera_lookup nil).to    eq false
+    end
+  end
+  describe ".validate_password" do
+    it "validates good passwords" do
+      expect( Simp::Cli::Config::Utils.validate_password 'dup3rP@ssw0r!x' ).to eq true
+    end
+    it "raises an PasswordError on short passwords" do
+      expect{ Simp::Cli::Config::Utils.validate_password 'a@1X' }.to raise_error( Simp::Cli::Config::PasswordError )
+    end
+    it "raises an PasswordError on simple passwords" do
+      expect{ Simp::Cli::Config::Utils.validate_password 'aaaaaaaaaaaaaaa' }.to raise_error( Simp::Cli::Config::PasswordError )
+    end
+  end
+  describe ".generate_password" do
+    it "is the correct length" do
+      expect( Simp::Cli::Config::Utils.generate_password.size ).to eq 32
+      expect( Simp::Cli::Config::Utils.generate_password( 73 ).size ).to eq 73
+    end
+    it "does not start or end with a special character" do
+      expect( Simp::Cli::Config::Utils.generate_password ).to_not match /^[#%&_.:@-]|[#%&_.:@-]$/
+    end
+  end
+  describe ".encrypt_openldap_hash" do
+    it "encrypts a known password and salt to the correct SHA-1 password hash" do
+      expect( Simp::Cli::Config::Utils.encrypt_openldap_hash \
+        'foo', "\xef\xb2\x2e\xac"
+      ).to eq '{SSHA}zxOLQEdncCJTMObl5s+y1N/Ydh3vsi6s'
+    end
+  end
+  describe ".validate_openldap_hash" do
+    it "validates OpenLDAP-format SHA-1 algorithm (FIPS 160-1) password hash" do
+      expect( Simp::Cli::Config::Utils.validate_openldap_hash  \
+        '{SSHA}Y6x92VpatHf9G6yMiktUYTrA/3SxUFm'
+      ).to eq true
+    end
+  end
+  describe ".generate_certificates" do
+    it "runs './gencerts_nopass.sh auto' in the FakeCA dir" do
+      # TODO: scaffold a FakeCA dir, cacertkey, and ./gencerts_nopass.sh?
+      skip 'How should we test this?'
+    end
+  end
+end