Merge pull request cloudfoundry-attic#128 from cloudfoundry/diff_rand_pw

add biff erb helper 'random_string' for unique password generation in ma...

.travis.yml

@@ -14,4 +14,6 @@ notifications:
     on_failure: always
 matrix:
   allow_failures:
-    - rvm: ruby-2.0.0
+    - rvm: ruby-2.0.0
+before_install:
+  - sudo apt-get --assume-yes install wamerican

Gemfile.lock

@@ -61,6 +61,7 @@ PATH
       archive-tar-minitar (~> 0.5)
       blobstore_client (~> 1.5.0.pre.3)
       bosh_common (~> 1.5.0.pre.3)
+      haddock
       highline (~> 1.6.2)
       httpclient (= 2.2.4)
       json_pure (~> 1.7.6)
@@ -280,6 +281,7 @@ GEM
     guard-rspec (2.5.2)
       guard (>= 1.1)
       rspec (~> 2.11)
+    haddock (0.2.2)
     highline (1.6.16)
     httpclient (2.2.4)
     json (1.7.7)

bosh_cli/bosh_cli.gemspec

@@ -31,4 +31,6 @@ Gem::Specification.new do |s|
   s.add_dependency "net-scp", "~>1.1.0"
   s.add_dependency "netaddr", "~>1.5.0"
   s.add_dependency "archive-tar-minitar", "~>0.5"
+  s.add_dependency "haddock"
+
 end

bosh_cli/lib/cli.rb

@@ -32,6 +32,8 @@ module Cli
 require "netaddr"
 require "zlib"
 require "archive/tar/minitar"
+require "haddock"
+Haddock::Password.delimiters='!@#%^&()-,./'
 include Archive::Tar
 
 unless defined?(Bosh::Cli::VERSION)

bosh_cli/lib/cli/commands/biff.rb

@@ -384,5 +384,18 @@ def setup(template)
       @temp_file_path_2 = "#{@dir_name}/bosh_biff_2"
     end
 
+    # Generate a random string for passwords and tokens.
+    # Length is the length of the string.
+    # name is an optional name of a previously generated string. This is used
+    # to allow setting the same passwd for different components.
+    def random_string(length, name=nil)
+      @random_cache ||= {}
+      if name
+        @random_cache[name] ||= Haddock::Password.generate(length)
+      else
+        Haddock::Password.generate(length)
+      end
+    end
+
   end
 end

bosh_cli/spec/assets/biff/random_string.yml

@@ -0,0 +1,37 @@
+---
+name: cf-spec
+director_uuid: xxxxxx-xxx-xxx-xxxxxxxx
+release:
+  name: Spec-manifest
+  version: latest
+networks:
+- name: cf
+  type: manual
+  subnets:
+  - range: 10.10.2.0/23
+    name: default_unused
+    reserved:
+    - 10.10.2.2 - 10.10.2.9
+    static:
+    - 10.10.2.10 - 10.10.2.50
+    gateway: 10.10.2.1
+    dns:
+    - 10.10.0.2
+- name: services
+  type: manual
+  subnets:
+  - range: 10.10.4.0/24
+    name: default_unused
+    reserved:
+    - 10.10.4.2 - 10.10.4.9
+    static:
+    - 10.10.4.10 - 10.10.4.200
+    gateway: 10.10.4.1
+    dns:
+    - 10.10.0.2
+
+properties:
+  defined_but_no_passwd:
+    password:
+  defined_with_passwd:
+    password: passwd_set_in_yml

bosh_cli/spec/assets/biff/random_string_template.erb

@@ -0,0 +1,10 @@
+---
+properties:
+  defined_but_no_passwd:
+    password: "<%= random_string 12, :foo %>"
+  defined_with_passwd:
+    password: <%= find("properties.defined_with_passwd.password") %>
+  same_passwd:
+    password: "<%= random_string 12, :foo %>"
+  diff_passwd:
+    password: "<%= random_string 12, :bar %>"

bosh_cli/spec/unit/cli_commands/biff_spec.rb

@@ -117,6 +117,35 @@
         }.should raise_error Bosh::Cli::CliError, "There were 1 errors."
       end
     end
+
+    context "randomized strings" do
+      let(:template_file) { spec_asset("biff/random_string_template.erb") }
+      let(:config_file) { spec_asset("biff/random_string.yml") }
+
+      before {
+        biff.stub!(:deployment).and_return(config_file)
+        biff.should_receive(:agree).with(
+          "Would you like to keep the new version? [yn]").once.and_return(false)
+      }
+
+      subject {
+        biff.biff(template_file)
+        Psych.load(biff.template_output)['properties']
+      }
+
+      it "Generate a password and put it in" do
+        expect(subject["defined_but_no_passwd"]["password"]).to_not be_nil
+      end
+
+      it "Retain an existing" do
+        expect(subject["defined_with_passwd"]["password"]).to eq "passwd_set_in_yml"
+      end
+
+      it "Duplicate passwords with same name" do
+        expect(subject["same_passwd"]["password"]).to eq subject["defined_but_no_passwd"]["password"]
+      end
+    end
+
   end
 
   context "with good_simple_config" do