vagrant-ca-certificates 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 13f28ce48957caf1ac8f6764accb93894c078361
+  data.tar.gz: 071b70a0e7c56e3e4c773cc0b6578892e472995c
+SHA512:
+  metadata.gz: a741ba2983ea44394b07bbb4b2826ea5c2e51ce4ff7c9de62ebb32e715d68228ee629b083fa3f74ae06318db6c683a4c367cedc85b7c2289908e0e4029073952
+  data.tar.gz: ce5c627e8b10bb92b32301458c97df2ce6f6ca7bf491570d39520835b95f0f928b2384b8b9f0f888addfa9e7ff7e34c2037af4d3c55d5c94a7c6d08e0f471d87

data.tar.gz.sig

@@ -0,0 +1 @@
++T�Y��>���tZb�r���"irI��n���A�׉@���Z\6�1��4%�}��/���p�����~��b!e��:/�ӕR��ir?��J/˹)A��23�'1����o|���+�I�bIG��:;8R�����ѥ
��c*��U�cgyJ{G��C������]��
L%?�>��OL�j��0��~<�A Z)΁g���"	NgQ���!?F��Y|s0'�Z�q�h�!�{=˔�xs�q��F&�V�Y&'�;}���lrD�

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/CONTRIBUTING.md

@@ -0,0 +1,8 @@
+## Contributing
+
+1. Fork the repository on Github
+2. Create a named feature branch (i.e. `add-new-recipe`)
+3. Write your change
+4. Write tests for your change (if applicable)
+5. Run the tests, ensuring they all pass
+6. Submit a Pull Request

data/Gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+gemspec
+
+group :development, :test do
+  gem 'rspec'
+  gem 'vagrant', git: 'https://github.com/mitchellh/vagrant.git'
+end

data/LICENSE

@@ -0,0 +1,23 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 William Bailey (<mail@williambailey.org.uk>)
+Copyright (c) 2014, 2015 John Bellone (<jbellone@bloomberg.net>)
+Copyright (c) 2014, 2015 Bloomberg Finance L.P.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,134 @@
+# CA Certificate Plugin for Vagrant
+<span class="badges">
+![Gem Version](https://img.shields.io/gem/v/vagrant-ca-certificates.svg)
+![Build Status](https://img.shields.io/travis/williambailey/vagrant-ca-certificates.svg)
+![License](https://img.shields.io/github/license/williambailey/vagrant-ca-certificates.svg)
+</span>
+
+A [Vagrant][4] plugin which configures the virtual machine to inject the
+specified certificates into the guest's root bundle. This is useful, for example,
+if your enterprise network has a firewall (or appliance) which utilizes
+[SSL interception][5].
+
+_Warning:_ This plugin adds certificates to the guest operating
+system's [root certificate bundle][6]. You should only use this if you know
+*exactly* what you are doing. This should *never* be used on a
+production machine.
+
+## Installation
+The latest stable version of this plugin can be installed using the
+standard `vagrant plugin install` with the `vagrant-ca-certificates`
+argument. If you're looking to hack on the plugin or test a
+development release you'll need to checkout the branch and build the
+gem yourself. That's pretty easy.
+
+The following set of commands checks out the master branch, uses
+bundler to install all of the Ruby dependencies and finally creates
+the gem locally. Once the gem is built we use the Vagrant command-line
+tool to install it.
+```sh
+git clone https://github.com/williambailey/vagrant-ca-certificates ~/Projects/vagrant-ca-certificates
+cd ~/Projects/vagrant-ca-certificates
+bundle install
+rake build
+vagrant plugin install pkg/vagrant-ca-certificates-*.gem
+```
+
+## Using with Test Kitchen
+### Writing a Vagrantfile.rb
+In order to be able to use [test kitchen][2] within an environment that
+has a HTTP proxy with SSL interception we need to ensure that we set
+both the proxies and inject in our new certificate bundles.
+
+If you're following the complete tutorial here we're going to save
+this file in a newly created directory
+`~/.kitchen/Vagrantfile.rb`. This will be merged into the final
+Vagrantfile configuration that the test-kitchen run will use to
+provision a new instance.
+```ruby
+# These are requirements for this base Vagrantfile. If they are not
+# installed there will be a warning message with Vagrant/test-kitchen.
+%w(vagrant-ca-certificates vagrant-proxyconf).each do |name|
+  fail "Please install the '#{name}' plugin!" unless Vagrant.has_plugin?(name)
+end
+
+Vagrant.configure('2') do |config|
+  config.proxy.enabled = true
+  config.ca_certificates.enabled = true
+  config.ca_certificates.certs = [
+    '/etc/pki/ca-trust/source/anchors/root.crt',
+    '/etc/pki/ca-trust/source/anchors/sub.crt'
+  ]
+end
+```
+### Writing a .kitchen.local.yml
+One goal that we set out when creating internal cookbooks is if that
+they can be open sourced we want to be easily able to do so in the
+future. That means we try to keep out as much of our environment
+specific variables, such as proxy configuration, from the repository's
+base kitchen configuration. Luckily test-kitchen merges in a local
+file, if it exists, at the time of the run.
+
+Here is an example of the local configuration file that we use to
+merge in the Vagrantfile that we've created in the above example. This
+can be saved into `$HOME/.kitchen/config.yml` to be applied to *all*
+test-kitchen runs for this user (on this host machine).
+```yaml
+---
+driver:
+    provision: true
+    vagrantfiles:
+        - "/home/jbellone/.kitchen/Vagrantfile"
+    http_proxy: "http://proxy.corporate.com:80"
+    https_proxy: "http://proxy.corporate.com:80"
+    ftp_proxy: "http://proxy.corporate.com:80"
+    no_proxy: "localhost,127.0.0.1"
+```
+
+## Vagrant Configuration
+If you're just looking to inject the certificate *only for a single
+Vagrantfile* then you can simply use the following block anywhere
+within the Vagrant configuration. This enables the plugin and injects
+the specified certificates.
+
+```ruby
+Vagrant.configure('2') do |config|
+  config.ca_certificates.enabled = true
+  config.ca_certificates.certs = Dir.glob('/etc/pki/ca-trust/source/anchors/*.crt')
+end
+```
+### System Wide
+At [Bloomberg][1] we often find ourselves in a situation where we do
+not want to make modifications to open source tools, but we need them
+to work within our enterprise network. Using this default base configuration
+for Vagrant we're able to ensure that all runs will inject the appropriate
+certificates into the guest.
+
+Additionally if you need proxies modified in the guest as well an
+excellent choice is the [Vagrant Proxyconf plugin][2] which should
+handle everything you'll run into on a daily basis. Finally, we add the
+[Vagrant cachier plugin][7] so that we are not continually going out to the Internet
+on successive [Test Kitchen][3] and Vagrant runs.
+
+This file should be saved to `$HOME/.kitchen/Vagrantfile.rb`.
+```ruby
+# These are requirements for this base Vagrantfile. If they are not
+# installed there will be a warning message with Vagrant/test-kitchen.
+%w(vagrant-ca-certificates vagrant-proxyconf vagrant-cachier).each do |name|
+  fail "Please install the '#{name}' plugin!" unless Vagrant.has_plugin?(name)
+end
+
+Vagrant.configure('2') do |config|
+  config.cache.scope = :box
+  config.proxy.enabled = true
+  config.ca_certificates.enabled = true
+  config.ca_certificates.certs = Dir.glob('/etc/pki/ca-trust/source/anchors/*.crt')
+end
+```
+[1]: https://careers.bloomberg.com
+[2]: https://github.com/tmatilai/vagrant-proxyconf
+[3]: https://github.com/test-kitchen/test-kitchen
+[4]: https://github.com/mitchellh/vagrant
+[5]: http://en.wikipedia.org/wiki/Man-in-the-middle_attack
+[6]: http://en.wikipedia.org/wiki/Root_certificate
+[7]: https://github.com/fgrehm/vagrant-cachier

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/bin/rspec

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rspec-core', 'rspec')

data/certs/jbellone.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgDCCAmigAwIBAgIBATANBgkqhkiG9w0BAQUFADBDMREwDwYDVQQDDAhqYmVs
+bG9uZTEZMBcGCgmSJomT8ixkARkWCWJsb29tYmVyZzETMBEGCgmSJomT8ixkARkW
+A25ldDAeFw0xNTA1MTIxMTQ4MDBaFw0xNjA1MTExMTQ4MDBaMEMxETAPBgNVBAMM
+CGpiZWxsb25lMRkwFwYKCZImiZPyLGQBGRYJYmxvb21iZXJnMRMwEQYKCZImiZPy
+LGQBGRYDbmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx80/n6+x
+5RI+ugGdqXig+hULz8KlkE5VbEetK00aeeaMKlcWcHSd1bSAHEmiNsLtLyvpJDOg
+8s9tJhRgb34HokvDeXBnHJGWMr5cS4dMJhLqKuVzslxxcqfxBp3UeIjpWWlSix4H
+QdNE9voUcZ+EhlARCoVScZRlGONt/Vx4zGA/Z259Mv0BMwNkR1zMYejSBJ2k/yip
+qOqEoCxR7n1CtXlFkHuIVdS/cdqFMHs2aKjcWknWn0sgEuaoXoySZ3NKlRUm9oER
+eufdhsTJrqO0N7WACPNyVKPCEFByYV+VsMY4JkD2P4LLa8dZ5ZHAysMLwsuTXLoP
+YwfNJXVwfnOcrwIDAQABo38wfTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
+HQ4EFgQUY9aHNhMeBN0eUu5BCTQlwYcyiS0wIQYDVR0RBBowGIEWamJlbGxvbmVA
+Ymxvb21iZXJnLm5ldDAhBgNVHRIEGjAYgRZqYmVsbG9uZUBibG9vbWJlcmcubmV0
+MA0GCSqGSIb3DQEBBQUAA4IBAQCE38N8KnGIdcPSSogX7cMk20tgP57i5kB2Ahwh
+q9RM5bVyWlYyRiqN9C1EtMjrpwYrImmlDVJjqcL5cVF8KbAFxL4rMZkOcWnINxE7
+ieN0JbYiH7gfXNKHAF6DOZD3k3RgGpQpYMjqSduTTXd+mTZ90DGww7zUXONZEkW+
+5FZzj2l3YNQUqohN9LtgnwZBhFo9LPrUkRdtvgw74FM/h4tsToI2buSKN1nGTWBW
+cKcRBHKYVo5pQ0zs2WJv6Qwa8KhCS5HlABy/3x2Mqt6reHGppi7nVC4nUt/B1y/9
+e2Nj035zG32VLvxrvP4OKOJJlV2dnn0CyZeQYgpZ5+d1C/lz
+-----END CERTIFICATE-----

data/lib/vagrant-ca-certificates.rb

@@ -0,0 +1,2 @@
+require_relative 'vagrant-ca-certificates/version'
+require_relative 'vagrant-ca-certificates/plugin'

data/lib/vagrant-ca-certificates/action/install_certificates.rb

@@ -0,0 +1,89 @@
+require 'vagrant/util/downloader'
+require 'digest/md5'
+require 'log4r'
+
+module VagrantPlugins
+  module CaCertificates
+    module Action
+      class InstallCertificates
+        attr_accessor :logger
+
+        def initialize(app, env)
+          @app = app
+          @machine = env[:machine]
+          @logger = Log4r::Logger.new('vagrant::ca-certificates')
+        end
+
+        def call(env)
+          @app.call(env)
+          return unless @machine.config.ca_certificates.enabled?
+
+          create_certificates_directory
+          @machine.ui.info(I18n.t('vagrant_ca_certificates.certificate.upload.message'))
+          @machine.config.ca_certificates.certs.each do |file|
+            to = File.join(certs_path, File.basename(file))
+            upload_certificate(file, to)
+          end
+          @machine.guest.capability(:update_certificate_bundle)
+          modify_etc_environment
+        end
+
+        def certs_path
+          @machine.guest.capability(:certificate_upload_path)
+        end
+
+        def modify_etc_environment
+          bundle_path = @machine.guest.capability(:certificate_file_bundle)
+          @logger.debug("Private certificate path: <#{bundle_path}>")
+          @machine.communicate.tap do |sh|
+            if sh.test("grep -q 'SSL_CERT_FILE' /etc/environment", shell: '/bin/bash')
+              sh.sudo(%{sed "s#^SSL_CERT_FILE=.*#SSL_CERT_FILE=#{bundle_path}#" -i /etc/environment})
+            else
+              sh.sudo(%{echo "SSL_CERT_FILE=#{bundle_path}" >> /etc/environment})
+            end
+          end
+        end
+
+        def create_certificates_directory
+          @logger.debug('Checking if private certificate directory is created...')
+          @machine.communicate.tap do |sh|
+            return if sh.test("test -d #{certs_path}")
+            @logger.info("Creating #{certs_path} for private certificates.")
+            sh.sudo("mkdir -p #{certs_path} && chmod 0744 #{certs_path}")
+          end
+        end
+
+        def upload_certificate(from, to)
+          @logger.debug("Uploading certificates #{from} -> #{to}")
+          remote = Tempfile.new('vagrant-ca-certificates')
+          if from =~ /^http[s]?/
+            Vagrant::Util::Downloader.new(from, remote.path).download!
+            from = remote.path
+          end
+
+          @machine.communicate.tap do |sh|
+            unless certificate_matches?(from, to)
+              remote = Tempfile.new('vagrant')
+              @machine.ui.info(I18n.t('vagrant_ca_certificates.certificate.upload.file', from: from, to: to))
+              sh.upload(from, remote.path)
+              sh.sudo("mv #{remote.path} #{to} && chown root: #{to} && chmod 0644 #{to}")
+            end
+          end
+        end
+
+        def certificate_matches?(from, to)
+          md5sum = Digest::MD5.file(from)
+          @logger.debug("Verifying #{from} md5sum in guest...")
+          @machine.communicate.tap do |sh|
+            return false unless sh.test("test -f #{from}")
+            if sh.test(%{test '#{md5sum}' = '$(md5sum "#{to}")'}, shell: '/bin/bash')
+              @logger.debug('Certificate md5sum in guest matches!')
+              return true
+            end
+          end
+          false
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/debian/certificate_file_bundle.rb

@@ -0,0 +1,13 @@
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Debian
+        module CertificateFileBundle
+          def self.certificate_file_bundle(m)
+            '/etc/ssl/certs/ca-certificates.crt'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/debian/certificate_upload_path.rb

@@ -0,0 +1,13 @@
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Debian
+        module CertificateUploadPath
+          def self.certificate_upload_path(m)
+            '/usr/share/ca-certificates/private'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/debian/update_certificate_bundle.rb

@@ -0,0 +1,19 @@
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Debian
+        # Capability for configuring the certificate bundle on Debian.
+        module UpdateCertificateBundle
+          def self.update_certificate_bundle(m)
+            m.communicate.sudo('update-ca-certificates') do |type, data|
+              if [:stderr, :stdout].include?(type)
+                next if data =~ /stdin: is not a tty/
+                m.env.ui.info data
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/redhat/certificate_file_bundle.rb

@@ -0,0 +1,13 @@
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Redhat
+        module CertificateFileBundle
+          def self.certificate_file_bundle(m)
+            '/etc/pki/tls/cert.pem'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/redhat/certificate_upload_path.rb

@@ -0,0 +1,18 @@
+require_relative 'helpers'
+
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Redhat
+        module CertificateUploadPath
+          def self.certificate_upload_path(m)
+            m.communicate.tap do |sh|
+              return '/etc/pki/tls/private' if Redhat.legacy_certificate_bundle?(sh)
+            end
+            '/etc/pki/ca-trust/source/anchors'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/redhat/helpers.rb

@@ -0,0 +1,15 @@
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Redhat
+        # HACK: All versions of EL5 and below EL6.5 do not have
+        # support for the `update-ca-trust` command and thus the
+        # bundles must be managed manually.
+        def self.legacy_certificate_bundle?(sh)
+          command = %q(R=$(sed -E "s/.* ([0-9])\.([0-9]+) .*/\\1.\\2/" /etc/redhat-release))
+          sh.test(%Q(#{command} && [[ $R =~ ^5 || $R =~ ^6\.[0-4]+ ]]), shell: '/bin/bash')
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/cap/redhat/update_certificate_bundle.rb

@@ -0,0 +1,30 @@
+require_relative 'helpers'
+
+module VagrantPlugins
+  module CaCertificates
+    module Cap
+      module Redhat
+        # Capability for configuring the certificate bundle on Redhat.
+        module UpdateCertificateBundle
+          def self.update_certificate_bundle(m)
+            m.communicate.tap do |sh|
+              if Redhat.legacy_certificate_bundle?(sh)
+                sh.sudo('find /etc/pki/tls/private -type f -exec cat {} \; | cat /etc/pki/tls/certs/ca-bundle.crt - > /etc/pki/tls/ca.private.crt')
+                sh.sudo('/bin/ln -fsn /etc/pki/tls/ca.private.crt /etc/pki/tls/cert.pem')
+                sh.execute(<<-SCRIPT, shell: '/bin/bash', sudo: true)
+[ ! -z "$JAVA_HOME" ] && \
+find /etc/pki/tls/private -type f -exec $JAVA_HOME/bin/keytool -importcert \
+ -trustcacerts -noprompt -storepass changeit \
+ -keystore $JAVA_HOME/jre/lib/security/cacerts -file {} \\;
+                SCRIPT
+              else
+                sh.sudo('update-ca-trust enable')
+                sh.sudo('update-ca-trust extract')
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/config.rb

@@ -0,0 +1,45 @@
+require 'vagrant'
+
+module VagrantPlugins
+  module CaCertificates
+    class Config < Vagrant.plugin('2', :config)
+      attr_accessor :certs, :enabled
+
+      def initialize
+        @certs = UNSET_VALUE
+        @enabled = UNSET_VALUE
+      end
+
+      def enabled?
+        @enabled == true
+      end
+
+      def disabled?
+        !enabled?
+      end
+
+      def disable!
+        @enabled = false
+      end
+
+      def validate(machine)
+        errors = []
+        if enabled?
+          # If the certificates specified do not exist on the host
+          # disk we should error out very loudly. Because this will
+          # likely affect guest operation.
+          @certs.reject { |f| f =~ /^http[s]?/ || File.exist?(f) }.each do |f|
+            errors << I18n.t('vagrant_ca_certificates.certificate.not_found', filepath: f)
+          end
+        end
+
+        { 'vagrant-ca-certificates' => errors }
+      end
+
+      def finalize!
+        @enabled = false if @enabled == UNSET_VALUE
+        @certs = [] if @certs == UNSET_VALUE
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/plugin.rb

@@ -0,0 +1,63 @@
+I18n.load_path << File.expand_path('../../../locales/en.yml', __FILE__)
+
+unless Gem::Requirement.new('>= 1.5').satisfied_by?(Gem::Version.new(Vagrant::VERSION))
+  fail I18n.t('vagrant_ca_certificates.unsupported.vagrant_version', requirement: '>= 1.5')
+end
+
+module VagrantPlugins
+  module CaCertificates
+    class Plugin < Vagrant.plugin('2')
+      name 'vagrant-ca-certificates'
+      description <<-DESC
+        Installs root certificates into guest operating system's trusted bundle.
+      DESC
+
+      config(:ca_certificates) do
+        require_relative 'config'
+        Config
+      end
+
+      action_hook(Plugin::ALL_ACTIONS) do |hook|
+        require_relative 'action/install_certificates'
+        hook.after(Vagrant::Action::Builtin::Provision, Action::InstallCertificates)
+      end
+
+      action_hook(:install_ca_certificates) do |hook|
+        require_relative 'action/install_certificates'
+        hook.after(:run_provisioner, Action::InstallCertificates)
+      end
+
+      # All supported guest systems must have these capabilities
+      # implemented. If any of them aren't config validate will fail.
+      guest_capability('debian', 'update_certificate_bundle') do
+        require_relative 'cap/debian/update_certificate_bundle'
+        Cap::Debian::UpdateCertificateBundle
+      end
+
+      guest_capability('redhat', 'update_certificate_bundle') do
+        require_relative 'cap/redhat/update_certificate_bundle'
+        Cap::Redhat::UpdateCertificateBundle
+      end
+
+      guest_capability('debian', 'certificate_upload_path') do
+        require_relative 'cap/debian/certificate_upload_path'
+        Cap::Debian::CertificateUploadPath
+      end
+
+      guest_capability('redhat', 'certificate_upload_path') do
+        require_relative 'cap/redhat/certificate_upload_path'
+        Cap::Redhat::CertificateUploadPath
+      end
+
+      guest_capability('debian', 'certificate_file_bundle') do
+        require_relative 'cap/debian/certificate_file_bundle'
+        Cap::Debian::CertificateFileBundle
+      end
+
+      guest_capability('redhat', 'certificate_file_bundle') do
+        require_relative 'cap/redhat/certificate_file_bundle'
+        Cap::Redhat::CertificateFileBundle
+      end
+    end
+  end
+end

data/lib/vagrant-ca-certificates/version.rb

@@ -0,0 +1,5 @@
+module VagrantPlugins
+  module CaCertificates
+    VERSION = '1.0.0'
+  end
+end

data/locales/en.yml

@@ -0,0 +1,17 @@
+en:
+  vagrant_ca_certificates:
+    unsupported:
+      guest_system: |
+        Plugin does not support guest operating system.
+      vagrant_version: |
+        Plugin does not support Vagrant version less than '%{requirement}'.
+    not_enabled: |
+      Plugin is not enabled.
+    certificate:
+      not_found: |
+        Certificate '%{filepath}' not found on host system.
+      upload: 
+        message: |
+          Uploading root certificates to guest instance...
+        file: |
+          -- %{from} => %{to}

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+require 'rspec/its'
+require 'vagrant-ca-certificates'
+
+RSpec.configure do |config|
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+  config.color = true
+  config.tty = true
+end

data/spec/unit/vagrant-ca-certificates/action/install_certificates_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/action/install_certificates'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Action::InstallCertificates do
+end

data/spec/unit/vagrant-ca-certificates/cap/debian/certificate_upload_path_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/cap/debian/certificate_upload_path'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Cap::Debian::CertificateUploadPath do
+end

data/spec/unit/vagrant-ca-certificates/cap/debian/update_certificate_bundle_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/cap/debian/update_certificate_bundle'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Cap::Debian::UpdateCertificateBundle do
+end

data/spec/unit/vagrant-ca-certificates/cap/redhat/certificate_upload_path_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/cap/redhat/certificate_upload_path'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Cap::Redhat::CertificateUploadPath do
+end

data/spec/unit/vagrant-ca-certificates/cap/redhat/update_certificate_bundle_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/cap/redhat/update_certificate_bundle'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Cap::Redhat::UpdateCertificateBundle do
+end

data/spec/unit/vagrant-ca-certificates/config_spec.rb

@@ -0,0 +1,5 @@
+require 'vagrant-ca-certificates/config'
+require 'spec_helper'
+
+describe VagrantPlugins::CaCertificates::Config do
+end

data/vagrant-ca-certificates.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'vagrant-ca-certificates/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'vagrant-ca-certificates'
+  spec.version       = VagrantPlugins::CaCertificates::VERSION
+  spec.authors       = ['William Bailey', 'John Bellone']
+  spec.email         = ['mail@williambailey.org.uk', 'jbellone@bloomberg.net']
+  spec.summary       = 'A Vagrant plugin that installs CA certificates onto the virtual machine.'
+  spec.description   = <<-EOF
+    A Vagrant plugin that installs CA certificates onto the virtual machine.
+    This is useful, for example, in the case where you are behind a corporate proxy
+    server that injects its own self signed SSL certificates when you visit https sites.
+  EOF
+  spec.homepage      = 'https://github.com/williambailey/vagrant-ca-certificates'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.test_files    = spec.files.grep(/^(test|spec|features)\//)
+  spec.require_paths = %w(lib)
+
+  spec.cert_chain = ['certs/jbellone.pem']
+  spec.signing_key = File.expand_path(File.join(Dir.home, '.gem', 'gem-private_key.pem')) if $0 =~ /gem\z/
+
+  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'rake'
+end

metadata

@@ -0,0 +1,136 @@
+--- !ruby/object:Gem::Specification
+name: vagrant-ca-certificates
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- William Bailey
+- John Bellone
+autorequire: 
+bindir: bin
+cert_chain:
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDgDCCAmigAwIBAgIBATANBgkqhkiG9w0BAQUFADBDMREwDwYDVQQDDAhqYmVs
+  bG9uZTEZMBcGCgmSJomT8ixkARkWCWJsb29tYmVyZzETMBEGCgmSJomT8ixkARkW
+  A25ldDAeFw0xNTA1MTIxMTQ4MDBaFw0xNjA1MTExMTQ4MDBaMEMxETAPBgNVBAMM
+  CGpiZWxsb25lMRkwFwYKCZImiZPyLGQBGRYJYmxvb21iZXJnMRMwEQYKCZImiZPy
+  LGQBGRYDbmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx80/n6+x
+  5RI+ugGdqXig+hULz8KlkE5VbEetK00aeeaMKlcWcHSd1bSAHEmiNsLtLyvpJDOg
+  8s9tJhRgb34HokvDeXBnHJGWMr5cS4dMJhLqKuVzslxxcqfxBp3UeIjpWWlSix4H
+  QdNE9voUcZ+EhlARCoVScZRlGONt/Vx4zGA/Z259Mv0BMwNkR1zMYejSBJ2k/yip
+  qOqEoCxR7n1CtXlFkHuIVdS/cdqFMHs2aKjcWknWn0sgEuaoXoySZ3NKlRUm9oER
+  eufdhsTJrqO0N7WACPNyVKPCEFByYV+VsMY4JkD2P4LLa8dZ5ZHAysMLwsuTXLoP
+  YwfNJXVwfnOcrwIDAQABo38wfTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
+  HQ4EFgQUY9aHNhMeBN0eUu5BCTQlwYcyiS0wIQYDVR0RBBowGIEWamJlbGxvbmVA
+  Ymxvb21iZXJnLm5ldDAhBgNVHRIEGjAYgRZqYmVsbG9uZUBibG9vbWJlcmcubmV0
+  MA0GCSqGSIb3DQEBBQUAA4IBAQCE38N8KnGIdcPSSogX7cMk20tgP57i5kB2Ahwh
+  q9RM5bVyWlYyRiqN9C1EtMjrpwYrImmlDVJjqcL5cVF8KbAFxL4rMZkOcWnINxE7
+  ieN0JbYiH7gfXNKHAF6DOZD3k3RgGpQpYMjqSduTTXd+mTZ90DGww7zUXONZEkW+
+  5FZzj2l3YNQUqohN9LtgnwZBhFo9LPrUkRdtvgw74FM/h4tsToI2buSKN1nGTWBW
+  cKcRBHKYVo5pQ0zs2WJv6Qwa8KhCS5HlABy/3x2Mqt6reHGppi7nVC4nUt/B1y/9
+  e2Nj035zG32VLvxrvP4OKOJJlV2dnn0CyZeQYgpZ5+d1C/lz
+  -----END CERTIFICATE-----
+date: 2015-05-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |2
+      A Vagrant plugin that installs CA certificates onto the virtual machine.
+      This is useful, for example, in the case where you are behind a corporate proxy
+      server that injects its own self signed SSL certificates when you visit https sites.
+email:
+- mail@williambailey.org.uk
+- jbellone@bloomberg.net
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- CONTRIBUTING.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/rspec
+- certs/jbellone.pem
+- lib/vagrant-ca-certificates.rb
+- lib/vagrant-ca-certificates/action/install_certificates.rb
+- lib/vagrant-ca-certificates/cap/debian/certificate_file_bundle.rb
+- lib/vagrant-ca-certificates/cap/debian/certificate_upload_path.rb
+- lib/vagrant-ca-certificates/cap/debian/update_certificate_bundle.rb
+- lib/vagrant-ca-certificates/cap/redhat/certificate_file_bundle.rb
+- lib/vagrant-ca-certificates/cap/redhat/certificate_upload_path.rb
+- lib/vagrant-ca-certificates/cap/redhat/helpers.rb
+- lib/vagrant-ca-certificates/cap/redhat/update_certificate_bundle.rb
+- lib/vagrant-ca-certificates/config.rb
+- lib/vagrant-ca-certificates/plugin.rb
+- lib/vagrant-ca-certificates/version.rb
+- locales/en.yml
+- spec/spec_helper.rb
+- spec/unit/vagrant-ca-certificates/action/install_certificates_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/debian/certificate_upload_path_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/debian/update_certificate_bundle_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/redhat/certificate_upload_path_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/redhat/update_certificate_bundle_spec.rb
+- spec/unit/vagrant-ca-certificates/config_spec.rb
+- vagrant-ca-certificates.gemspec
+homepage: https://github.com/williambailey/vagrant-ca-certificates
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.14
+signing_key: 
+specification_version: 4
+summary: A Vagrant plugin that installs CA certificates onto the virtual machine.
+test_files:
+- spec/spec_helper.rb
+- spec/unit/vagrant-ca-certificates/action/install_certificates_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/debian/certificate_upload_path_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/debian/update_certificate_bundle_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/redhat/certificate_upload_path_spec.rb
+- spec/unit/vagrant-ca-certificates/cap/redhat/update_certificate_bundle_spec.rb
+- spec/unit/vagrant-ca-certificates/config_spec.rb

metadata.gz.sig

@@ -0,0 +1 @@
+/߅���3���|������$���t�m��6�w�<��g�Q��+S�8՛�_��Dp���ڇ�Z��(]FR�7xji {&�9km�!2o�{���l��e8��`G+WS0��u{�BE�>��H�_��n����l۔�������P_TM%@0�<E�&�6y��'%��'xU{�����9s�31tnV�č^۞�g۶ɁԽ8Y�&�����P���f���?��ɭpVK��w�#zc��qebǜPn�֭�