From 40047902478b544e16d3b084e613f4444fdddb9e Mon Sep 17 00:00:00 2001 From: Sander van Harmelen Date: Fri, 22 Jul 2016 16:01:48 +0200 Subject: [PATCH] Make using `ssl_verify_mode` more robust (#7769) And prettify the template output by removing additions empty lines. --- .../chef/linux_provisioner_test.go | 12 +++----- .../provisioners/chef/resource_provisioner.go | 30 ++++++++++++------- .../chef/windows_provisioner_test.go | 12 +++----- 3 files changed, 28 insertions(+), 26 deletions(-) diff --git a/builtin/provisioners/chef/linux_provisioner_test.go b/builtin/provisioners/chef/linux_provisioner_test.go index ec72f7deb..c33840583 100644 --- a/builtin/provisioners/chef/linux_provisioner_test.go +++ b/builtin/provisioners/chef/linux_provisioner_test.go @@ -220,6 +220,7 @@ func TestResourceProvider_linuxCreateConfigFiles(t *testing.T) { "run_list": []interface{}{"cookbook::recipe"}, "secret_key_path": "test-fixtures/encrypted_data_bag_secret", "server_url": "https://chef.local", + "ssl_verify_mode": "verify_none", "validation_client_name": "validator", "validation_key_path": "test-fixtures/validator.pem", }), @@ -340,20 +341,15 @@ chef_server_url "https://chef.local" validation_client_name "validator" node_name "nodename1" - - - http_proxy "http://proxy.local" ENV['http_proxy'] = "http://proxy.local" ENV['HTTP_PROXY'] = "http://proxy.local" - - https_proxy "https://proxy.local" ENV['https_proxy'] = "https://proxy.local" ENV['HTTPS_PROXY'] = "https://proxy.local" - - no_proxy "http://local.local,https://local.local" -ENV['no_proxy'] = "http://local.local,https://local.local"` +ENV['no_proxy'] = "http://local.local,https://local.local" + +ssl_verify_mode :verify_none` diff --git a/builtin/provisioners/chef/resource_provisioner.go b/builtin/provisioners/chef/resource_provisioner.go index d4c057529..276c4d3af 100644 --- a/builtin/provisioners/chef/resource_provisioner.go +++ b/builtin/provisioners/chef/resource_provisioner.go @@ -43,35 +43,40 @@ log_location STDOUT chef_server_url "{{ .ServerURL }}" validation_client_name "{{ .ValidationClientName }}" node_name "{{ .NodeName }}" - {{ if .UsePolicyfile }} use_policyfile true policy_group "{{ .PolicyGroup }}" policy_name "{{ .PolicyName }}" -{{ end }} +{{ end -}} {{ if .HTTPProxy }} http_proxy "{{ .HTTPProxy }}" ENV['http_proxy'] = "{{ .HTTPProxy }}" ENV['HTTP_PROXY'] = "{{ .HTTPProxy }}" -{{ end }} +{{ end -}} {{ if .HTTPSProxy }} https_proxy "{{ .HTTPSProxy }}" ENV['https_proxy'] = "{{ .HTTPSProxy }}" ENV['HTTPS_PROXY'] = "{{ .HTTPSProxy }}" -{{ end }} +{{ end -}} {{ if .NOProxy }} no_proxy "{{ join .NOProxy "," }}" ENV['no_proxy'] = "{{ join .NOProxy "," }}" +{{ end -}} + +{{ if .SSLVerifyMode }} +ssl_verify_mode {{ .SSLVerifyMode }} +{{- end -}} + +{{ if .DisableReporting }} +enable_reporting false +{{ end -}} + +{{ if .ClientOptions }} +{{ join .ClientOptions "\n" }} {{ end }} - -{{ if .SSLVerifyMode }}ssl_verify_mode {{ .SSLVerifyMode }}{{ end }} - -{{ if .DisableReporting }}enable_reporting false{{ end }} - -{{ if .ClientOptions }}{{ join .ClientOptions "\n" }}{{ end }} ` // Provisioner represents a specificly configured chef provisioner @@ -452,6 +457,11 @@ func (p *Provisioner) deployConfigFiles( } } + // Make sure the SSLVerifyMode value is written as a symbol + if p.SSLVerifyMode != "" && !strings.HasPrefix(p.SSLVerifyMode, ":") { + p.SSLVerifyMode = fmt.Sprintf(":%s", p.SSLVerifyMode) + } + // Make strings.Join available for use within the template funcMap := template.FuncMap{ "join": strings.Join, diff --git a/builtin/provisioners/chef/windows_provisioner_test.go b/builtin/provisioners/chef/windows_provisioner_test.go index 8dd0dee28..18a9b44d9 100644 --- a/builtin/provisioners/chef/windows_provisioner_test.go +++ b/builtin/provisioners/chef/windows_provisioner_test.go @@ -137,6 +137,7 @@ func TestResourceProvider_windowsCreateConfigFiles(t *testing.T) { "run_list": []interface{}{"cookbook::recipe"}, "secret_key_path": "test-fixtures/encrypted_data_bag_secret", "server_url": "https://chef.local", + "ssl_verify_mode": "verify_none", "validation_client_name": "validator", "validation_key_path": "test-fixtures/validator.pem", }), @@ -366,20 +367,15 @@ chef_server_url "https://chef.local" validation_client_name "validator" node_name "nodename1" - - - http_proxy "http://proxy.local" ENV['http_proxy'] = "http://proxy.local" ENV['HTTP_PROXY'] = "http://proxy.local" - - https_proxy "https://proxy.local" ENV['https_proxy'] = "https://proxy.local" ENV['HTTPS_PROXY'] = "https://proxy.local" - - no_proxy "http://local.local,https://local.local" -ENV['no_proxy'] = "http://local.local,https://local.local"` +ENV['no_proxy'] = "http://local.local,https://local.local" + +ssl_verify_mode :verify_none`