vcloud-core 0.10.0 → 0.11.0

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.11.0 (2014-09-11)
+
+Changes:
+
+  - As deprecated in 0.7.0, it is now impossible to specify a plaintext
+    password in a FOG_RC file. Please use tokens via vcloud-login as per
+    the documentation: http://gds-operations.github.io/vcloud-tools/usage/
+
 ## 0.10.0 (2014-08-11)
 
 API changes:

data/lib/vcloud/core/fog.rb

@@ -11,15 +11,7 @@ module Vcloud
       FOG_CREDS_PASS_NAME = :vcloud_director_password
 
       def self.check_credentials
-        pass = fog_credentials_pass
-        unless pass.nil? or pass.empty?
-          warn <<EOF
-[WARNING] Storing :vcloud_director_password in your plaintext FOG_RC file is
-          insecure. Future releases of vcloud-core (and tools that depend on
-          it) will prevent you from doing this. Please use vcloud-login to
-          get a session token instead.
-EOF
-        end
+        check_plaintext_pass
       end
 
       def self.fog_credentials_pass
@@ -33,6 +25,16 @@ EOF
 
         pass
       end
+
+      private
+
+      def self.check_plaintext_pass
+        pass = fog_credentials_pass
+        unless pass.nil? or pass.empty?
+          raise "Found plaintext #{Vcloud::Core::Fog::FOG_CREDS_PASS_NAME} entry. Please set it to an empty string as storing passwords in plaintext is insecure. See http://gds-operations.github.io/vcloud-tools/usage/ for further information."
+        end
+      end
+
     end
   end
 end

data/lib/vcloud/core/fog/login.rb

@@ -6,7 +6,7 @@ module Vcloud
       module Login
         class << self
           def token(pass)
-            check_plaintext_pass
+            Vcloud::Core::Fog.check_credentials
             token = get_token(pass)
 
             return token
@@ -18,13 +18,6 @@ module Vcloud
 
           private
 
-          def check_plaintext_pass
-            pass = Vcloud::Core::Fog::fog_credentials_pass
-            unless pass.nil? || pass.empty?
-              raise "Found plaintext #{Vcloud::Core::Fog::FOG_CREDS_PASS_NAME} entry. Please set it to an empty string"
-            end
-          end
-
           def get_token(pass)
             ENV.delete(Vcloud::Core::Fog::TOKEN_ENV_VAR_NAME)
             vcloud = ::Fog::Compute::VcloudDirector.new({

data/lib/vcloud/core/version.rb

@@ -1,5 +1,5 @@
 module Vcloud
   module Core
-    VERSION = '0.10.0'
+    VERSION = '0.11.0'
   end
 end

data/spec/integration/core/fog/login_spec.rb

@@ -1,22 +1,22 @@
 require 'spec_helper'
 
 describe Vcloud::Core::Fog::Login do
-  before(:each) do
-    stub_const('ENV', {})
+  describe "#token" do
+    context "unable to load credentials" do
+      before(:each) do
+        stub_const('ENV', {})
 
-    @orig_credential = ::Fog.credential
-    ::Fog.credential = 'null'
-    @orig_credentials_path = ::Fog.credentials_path
-    ::Fog.credentials_path = '/dev/null'
-  end
+        @orig_credential = ::Fog.credential
+        ::Fog.credential = 'null'
+        @orig_credentials_path = ::Fog.credentials_path
+        ::Fog.credentials_path = '/dev/null'
+      end
 
-  after(:each) do
-    ::Fog.credential = @orig_credential
-    ::Fog.credentials_path = @orig_credentials_path
-  end
+      after(:each) do
+        ::Fog.credential = @orig_credential
+        ::Fog.credentials_path = @orig_credentials_path
+      end
 
-  describe "#token" do
-    context "unable to load credentials" do
       it "should raise an exception succinctly listing the missing credentials" do
         # This test is known to fail with a TypeError due to a bug in Ruby 1.9.3 that
         # has since been fixed. See https://github.com/gds-operations/vcloud-core/pull/100
@@ -30,5 +30,43 @@ describe Vcloud::Core::Fog::Login do
         )
       end
     end
+
+    context "fog credentials without password" do
+      let(:token_length) { 44 }
+      let(:envvar_token) { 'FOG_VCLOUD_TOKEN' }
+      let(:envvar_password) { 'API_PASSWORD' }
+
+      before(:each) do
+        @real_password = ENV[envvar_password]
+        stub_const('ENV', {})
+      end
+
+      context "environment variable VCLOUD_FOG_TOKEN not set" do
+        it "should login and return a token" do
+          unless @real_password
+            pending "Password not available from environment variable #{envvar_password}"
+          end
+
+          expect(ENV).not_to have_key(envvar_token)
+          token = subject.token(@real_password)
+          expect(token.size).to eq(token_length)
+        end
+      end
+
+      context "environment variable VCLOUD_FOG_TOKEN is set" do
+        let(:old_token) { 'mekmitasdigoat' }
+
+        it "should login and return a token, ignoring the existing token" do
+          unless @real_password
+            pending "Password not available from environment variable #{envvar_password}"
+          end
+
+          ENV[envvar_token] = old_token
+          new_token = subject.token(@real_password)
+          expect(new_token).to_not eq(old_token)
+          expect(new_token.size).to eq(token_length)
+        end
+      end
+    end
   end
 end

data/spec/vcloud/core/fog/login_spec.rb

@@ -4,7 +4,6 @@ require 'stringio'
 describe Vcloud::Core::Fog::Login do
   describe "#token" do
     it "should return the output from get_token" do
-      expect(subject).to receive(:check_plaintext_pass)
       expect(subject).to receive(:get_token).and_return('mekmitasdigoat')
       expect(subject.token('supersekret')).to eq("mekmitasdigoat")
     end
@@ -40,7 +39,7 @@ describe Vcloud::Core::Fog::Login do
         expect(subject).to_not receive(:get_token)
         expect { subject.token('supersekret') }.to raise_error(
           RuntimeError,
-          "Found plaintext vcloud_director_password entry. Please set it to an empty string"
+          "Found plaintext vcloud_director_password entry. Please set it to an empty string as storing passwords in plaintext is insecure. See http://gds-operations.github.io/vcloud-tools/usage/ for further information."
         )
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: vcloud-core
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.11.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-11 00:00:00.000000000 Z
+date: 2014-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fog
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5442080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,15 +21,10 @@ dependencies:
         version: 1.22.0
   type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 1.22.0
+  version_requirements: *5442080
 - !ruby/object:Gem::Dependency
   name: mustache
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5461800 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -37,15 +32,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  version_requirements: *5461800
 - !ruby/object:Gem::Dependency
   name: highline
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5459000 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -53,31 +43,21 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  version_requirements: *5459000
 - !ruby/object:Gem::Dependency
   name: gem_publisher
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5455320 !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - '='
+    - - =
       - !ruby/object:Gem::Version
         version: 1.2.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.0
+  version_requirements: *5455320
 - !ruby/object:Gem::Dependency
   name: pry
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5473200 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -85,15 +65,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  version_requirements: *5473200
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5471980 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -101,15 +76,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+  version_requirements: *5471980
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5469500 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -117,15 +87,10 @@ dependencies:
         version: 2.14.1
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 2.14.1
+  version_requirements: *5469500
 - !ruby/object:Gem::Dependency
   name: rubocop
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5496580 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -133,15 +98,10 @@ dependencies:
         version: 0.23.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.23.0
+  version_requirements: *5496580
 - !ruby/object:Gem::Dependency
   name: simplecov
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5495720 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -149,15 +109,10 @@ dependencies:
         version: 0.7.1
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.7.1
+  version_requirements: *5495720
 - !ruby/object:Gem::Dependency
   name: vcloud-tools-tester
-  requirement: !ruby/object:Gem::Requirement
+  requirement: &5493500 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -165,12 +120,7 @@ dependencies:
         version: 0.2.0
   type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 0.2.0
+  version_requirements: *5493500
 description: Core tools for interacting with VMware vCloud Director. Includes VCloud
   Query, a light wrapper round the vCloud Query API.
 email:
@@ -219,7 +169,6 @@ files:
 - lib/vcloud/core/vm.rb
 - spec/integration/README.md
 - spec/integration/core/edge_gateway_spec.rb
-- spec/integration/core/fog/login_manual.rb
 - spec/integration/core/fog/login_spec.rb
 - spec/integration/core/query_runner_spec.rb
 - spec/integration/core/vapp_spec.rb
@@ -277,17 +226,16 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -496306917479222394
+      hash: 728476648198716353
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 1.8.11
 signing_key: 
 specification_version: 3
 summary: Core tools for interacting with VMware vCloud Director
 test_files:
 - spec/integration/README.md
 - spec/integration/core/edge_gateway_spec.rb
-- spec/integration/core/fog/login_manual.rb
 - spec/integration/core/fog/login_spec.rb
 - spec/integration/core/query_runner_spec.rb
 - spec/integration/core/vapp_spec.rb

data/spec/integration/core/fog/login_manual.rb

@@ -1,47 +0,0 @@
-require 'spec_helper'
-
-# These tests, which confirm that the Fog internals are performing a login
-# and returning a new token, are not run automatically because they conflict
-# with the use of vcloud-login in CI. Because we're using vcloud-login all
-# of our tests should fail if the behaviour of Fog changes. However these
-# may came in useful when debugging such a scenario.
-
-describe Vcloud::Core::Fog::Login do
-  let!(:mock_env) { ENV.clone }
-
-  before(:each) do
-    stub_const('ENV', mock_env)
-  end
-
-  describe "#token" do
-    context "fog credentials without password" do
-      let(:token_length) { 44 }
-      let(:env_var_name) { 'FOG_VCLOUD_TOKEN' }
-      let!(:mock_fog_creds) { ::Fog.credentials.clone }
-
-      before(:each) do
-        @real_password = mock_fog_creds.delete(:vcloud_director_password)
-        allow(::Fog).to receive(:credentials).and_return(mock_fog_creds)
-      end
-
-      context "environment variable VCLOUD_FOG_TOKEN not set" do
-        it "should login and return a token" do
-          mock_env.delete(env_var_name)
-          token = subject.token(@real_password)
-          expect(token.size).to eq(token_length)
-        end
-      end
-
-      context "environment variable VCLOUD_FOG_TOKEN is set" do
-        let(:old_token) { 'mekmitasdigoat' }
-
-        it "should login and return a token, ignoring the existing token" do
-          mock_env[env_var_name] = old_token
-          new_token = subject.token(@real_password)
-          expect(new_token).to_not eq(old_token)
-          expect(new_token.size).to eq(token_length)
-        end
-      end
-    end
-  end
-end