diff options
author | Claire McQuin <claire@getchef.com> | 2014-05-29 17:28:56 -0700 |
---|---|---|
committer | Claire McQuin <claire@getchef.com> | 2014-06-03 10:32:08 -0700 |
commit | afe3aef65f7acf2c57149f6224f4ce6d7b9355f7 (patch) | |
tree | be5531d1423489b3cee4ca6cdb7fa40b8c202bf9 | |
parent | 79c353da160becaa2f62cbd67eb550df9695d612 (diff) | |
download | chef-afe3aef65f7acf2c57149f6224f4ce6d7b9355f7.tar.gz |
automatically enable verify_api_cert when in local-mode
-rw-r--r-- | lib/chef/config.rb | 5 | ||||
-rw-r--r-- | spec/integration/client/client_spec.rb | 11 |
2 files changed, 14 insertions, 2 deletions
diff --git a/lib/chef/config.rb b/lib/chef/config.rb index 65ef1ac576..bbbe20c3dd 100644 --- a/lib/chef/config.rb +++ b/lib/chef/config.rb @@ -363,8 +363,9 @@ class Chef # Whether or not to verify the SSL cert for HTTPS requests to the Chef # server API. If set to `true`, the server's cert will be validated - # regardless of the :ssl_verify_mode setting. - default :verify_api_cert, false + # regardless of the :ssl_verify_mode setting. This is set to `true` when + # running in local-mode. + default (:verify_api_cert) { Chef::Config.local_mode } # Path to the default CA bundle files. default :ssl_ca_path, nil diff --git a/spec/integration/client/client_spec.rb b/spec/integration/client/client_spec.rb index 6357f1e2c0..8d6f0f03e1 100644 --- a/spec/integration/client/client_spec.rb +++ b/spec/integration/client/client_spec.rb @@ -206,6 +206,17 @@ EOM result.error! end + it "should not print SSL warnings when running in local-mode" do + file 'config/client.rb', <<EOM +chef_server_url 'http://omg.com/blah' +cookbook_path "#{path_to('cookbooks')}" +EOM + + result = shell_out("#{chef_client} -c \"#{path_to('config/client.rb')}\" -o 'x::default' --local-mode", :cwd => chef_dir) + result.stdout.should_not include("SSL validation of HTTPS requests is disabled.") + result.error! + end + it "should complete with success when passed -z and --chef-zero-port" do file 'config/client.rb', <<EOM chef_server_url 'http://omg.com/blah' |