diff options
author | tyler-ball <tyleraball@gmail.com> | 2014-09-25 15:48:10 -0700 |
---|---|---|
committer | tyler-ball <tyleraball@gmail.com> | 2014-09-29 08:31:09 -0700 |
commit | 049672e8335a7a3190fcf3acd59d63b42f1f0ba0 (patch) | |
tree | b24f4c971587a438c1915114c69a86e4520ec529 | |
parent | 75a90633b5015f91425644670d839377837fb8d3 (diff) | |
download | chef-049672e8335a7a3190fcf3acd59d63b42f1f0ba0.tar.gz |
Fixing `data bag edit` according to spec, no longer requires --encrypttball/encrypted-data-bag-ux
-rw-r--r-- | lib/chef/knife/data_bag_edit.rb | 10 | ||||
-rw-r--r-- | lib/chef/knife/data_bag_from_file.rb | 1 | ||||
-rw-r--r-- | spec/unit/knife/data_bag_edit_spec.rb | 12 |
3 files changed, 15 insertions, 8 deletions
diff --git a/lib/chef/knife/data_bag_edit.rb b/lib/chef/knife/data_bag_edit.rb index 7c187f56f1..6ef4b33f59 100644 --- a/lib/chef/knife/data_bag_edit.rb +++ b/lib/chef/knife/data_bag_edit.rb @@ -36,14 +36,14 @@ class Chef def load_item(bag, item_name) item = Chef::DataBagItem.load(bag, item_name) if encrypted?(item.raw_data) - if encryption_secret_provided? - Chef::EncryptedDataBagItem.new(item, read_secret).to_hash + if encryption_secret_provided_ignore_encrypt_flag? + return Chef::EncryptedDataBagItem.new(item, read_secret).to_hash, true else ui.fatal("You cannot edit an encrypted data bag without providing the secret.") exit(1) end else - item + return item, false end end @@ -54,10 +54,10 @@ class Chef exit 1 end - item = load_item(@name_args[0], @name_args[1]) + item, was_encrypted = load_item(@name_args[0], @name_args[1]) edited_item = edit_data(item) - if encryption_secret_provided? + if was_encrypted || encryption_secret_provided? ui.info("Encrypting data bag using provided secret.") item_to_save = Chef::EncryptedDataBagItem.encrypt_data_bag_item(edited_item, read_secret) else diff --git a/lib/chef/knife/data_bag_from_file.rb b/lib/chef/knife/data_bag_from_file.rb index 598a935160..d1b7daa4a2 100644 --- a/lib/chef/knife/data_bag_from_file.rb +++ b/lib/chef/knife/data_bag_from_file.rb @@ -24,7 +24,6 @@ require 'chef/knife/data_bag_secret_options' class Chef class Knife class DataBagFromFile < Knife - include DataBagCommon include DataBagSecretOptions deps do diff --git a/spec/unit/knife/data_bag_edit_spec.rb b/spec/unit/knife/data_bag_edit_spec.rb index 9fa97760cd..6f19b5e63e 100644 --- a/spec/unit/knife/data_bag_edit_spec.rb +++ b/spec/unit/knife/data_bag_edit_spec.rb @@ -88,7 +88,6 @@ describe Chef::Knife::DataBagEdit do let(:transmitted_hash) { enc_edited_hash } before(:each) do - expect(knife).to receive(:encryption_secret_provided?).at_least(1).times.and_return(true) expect(knife).to receive(:read_secret).at_least(1).times.and_return(secret) expect(Chef::EncryptedDataBagItem).to receive(:encrypt_data_bag_item).with(raw_edited_hash, secret).and_return(enc_edited_hash) end @@ -99,10 +98,19 @@ describe Chef::Knife::DataBagEdit do # If the data bag is encrypted, it gets passed to `edit` as a hash. Otherwise, it gets passed as a DataBag let (:data_to_edit) { raw_hash } + before(:each) do + expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(true) + end + include_examples "editing a data bag" end context "the data bag starts unencrypted" do + before(:each) do + expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).exactly(0).times + expect(knife).to receive(:encryption_secret_provided?).and_return(true) + end + include_examples "editing a data bag" end end @@ -110,7 +118,7 @@ describe Chef::Knife::DataBagEdit do it "fails to edit an encrypted data bag if the secret is missing" do expect(Chef::DataBagItem).to receive(:load).with(bag_name, item_name).and_return(db) expect(knife).to receive(:encrypted?).with(db.raw_data).and_return(true) - expect(knife).to receive(:encryption_secret_provided?).and_return(false) + expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(false) expect(knife.ui).to receive(:fatal).with("You cannot edit an encrypted data bag without providing the secret.") expect {knife.run}.to exit_with_code(1) |