Fixes --secret and --secret-file options

* propagates knife.rb configurations * adds CLI options to `knife ec2 create` and prefers those values over what is in knife.rb * adds specs
chef · Sep 9, 2013 · c289391 · c289391
1 parent c23c1f1
commit c289391
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 3 deletions.
diff --git a/lib/chef/knife/ec2_server_create.rb b/lib/chef/knife/ec2_server_create.rb
@@ -164,6 +164,17 @@ class Ec2ServerCreate < Knife
         :description => "Comma separated list of roles/recipes to apply",
         :proc => lambda { |o| o.split(/[\s,]+/) }
 
+      option :secret,
+        :short => "-s SECRET",
+        :long => "--secret ",
+        :description => "The secret key to use to encrypt data bag item values",
+        :proc => lambda { |s| Chef::Config[:knife][:secret] = s }
+
+      option :secret_file,
+        :long => "--secret-file SECRET_FILE",
+        :description => "A file containing the secret key to use to encrypt data bag item values",
+        :proc => lambda { |sf| Chef::Config[:knife][:secret_file] = sf }
+
       option :json_attributes,
         :short => "-j JSON",
         :long => "--json-attributes JSON",
@@ -372,7 +383,7 @@ def run
         puts("\n")
 
         # occasionally 'ready?' isn't, so retry a couple times if needed.
-        tries = 6 
+        tries = 6
         begin
           create_tags(hashed_tags) unless hashed_tags.empty?
           associate_eip(elastic_ip) if config[:associate_eip]
@@ -476,7 +487,9 @@ def bootstrap_common_params(bootstrap)
         bootstrap.config[:first_boot_attributes] = locate_config_value(:json_attributes) || {}
         bootstrap.config[:encrypted_data_bag_secret] = locate_config_value(:encrypted_data_bag_secret)
         bootstrap.config[:encrypted_data_bag_secret_file] = locate_config_value(:encrypted_data_bag_secret_file)
-          # Modify global configuration state to ensure hint gets set by
+        bootstrap.config[:secret] = locate_config_value(:secret)
+        bootstrap.config[:secret_file] = locate_config_value(:secret_file)
+        # Modify global configuration state to ensure hint gets set by
         # knife-bootstrap
         Chef::Config[:knife][:hints] ||= {}
         Chef::Config[:knife][:hints]["ec2"] ||= {}

diff --git a/spec/unit/ec2_server_create_spec.rb b/spec/unit/ec2_server_create_spec.rb
@@ -22,7 +22,6 @@
 require 'chef/knife/bootstrap_windows_winrm'
 require 'chef/knife/bootstrap_windows_ssh'
 
-
 describe Chef::Knife::Ec2ServerCreate do
   before do
     @knife_ec2_create = Chef::Knife::Ec2ServerCreate.new
@@ -236,6 +235,41 @@
 
   end
 
+  # This shared examples group can be used to house specifications that
+  # are common to both the Linux and Windows bootstraping process. This
+  # would remove a lot of testing duplication that is currently present.
+  shared_examples "generic bootstrap configurations" do
+    context "data bag secret" do
+      before(:each) do
+        Chef::Config[:knife][:secret] = "sys-knife-secret"
+      end
+
+     it "uses the the knife configuration when no explicit value is provided" do
+        expect(bootstrap.config[:secret]).to eql("sys-knife-secret")
+      end
+
+      it "prefers using a provided value instead of the knife confiuration" do
+        subject.config[:secret] = "cli-provided-secret"
+        expect(bootstrap.config[:secret]).to eql("cli-provided-secret")
+      end
+    end
+
+    context "data bag secret file" do
+      before(:each) do
+        Chef::Config[:knife][:secret_file] = "sys-knife-secret-file"
+      end
+
+      it "uses the the knife configuration when no explicit value is provided" do
+        expect(bootstrap.config[:secret_file]).to eql("sys-knife-secret-file")
+      end
+
+      it "prefers using a provided value instead of the knife confiuration" do
+        subject.config[:secret_file] = "cli-provided-secret-file"
+        expect(bootstrap.config[:secret_file]).to eql("cli-provided-secret-file")
+      end
+    end
+  end
+
   describe "when configuring the bootstrap process" do
     before do
       @knife_ec2_create.config[:ssh_user] = "ubuntu"
@@ -251,6 +285,11 @@
       @bootstrap = @knife_ec2_create.bootstrap_for_linux_node(@new_ec2_server, @new_ec2_server.dns_name)
     end
 
+    include_examples "generic bootstrap configurations" do
+      subject { @knife_ec2_create }
+      let(:bootstrap) { @knife_ec2_create.bootstrap_for_linux_node(@new_ec2_server, @new_ec2_server.dns_name) }
+    end
+
     it "should set the bootstrap 'name argument' to the hostname of the EC2 server" do
       @bootstrap.name_args.should == ['ec2-75.101.253.10.compute-1.amazonaws.com']
     end
@@ -332,6 +371,12 @@
       @knife_ec2_create.config[:json_attributes] = "{'my_attributes':{'foo':'bar'}"
       @bootstrap = @knife_ec2_create.bootstrap_for_windows_node(@new_ec2_server, @new_ec2_server.dns_name)
    end
+
+    include_examples "generic bootstrap configurations" do
+      subject { @knife_ec2_create }
+      let(:bootstrap) { @knife_ec2_create.bootstrap_for_linux_node(@new_ec2_server, @new_ec2_server.dns_name) }
+    end
+
     it "should set the winrm username correctly" do
       @bootstrap.config[:winrm_user].should == @knife_ec2_create.config[:winrm_user]
     end