diff options
author | tyler-ball <tyleraball@gmail.com> | 2014-09-08 08:52:11 -0700 |
---|---|---|
committer | tyler-ball <tyleraball@gmail.com> | 2014-09-29 08:31:08 -0700 |
commit | 8b1866e11e8ab41543cde22151c08365f2d4e3da (patch) | |
tree | 40df3be3ecb987955ae28833f271b9e4f41ac229 | |
parent | 40c2f92437579044284f9b4cc433ccf4f1d9d391 (diff) | |
download | chef-8b1866e11e8ab41543cde22151c08365f2d4e3da.tar.gz |
Updating tests for encrypted data bag create - found some missing coverage
-rw-r--r-- | lib/chef/knife/data_bag_create.rb | 12 | ||||
-rw-r--r-- | spec/unit/knife/data_bag_create_spec.rb | 59 |
2 files changed, 68 insertions, 3 deletions
diff --git a/lib/chef/knife/data_bag_create.rb b/lib/chef/knife/data_bag_create.rb index afd5832ead..d54d047db4 100644 --- a/lib/chef/knife/data_bag_create.rb +++ b/lib/chef/knife/data_bag_create.rb @@ -80,16 +80,22 @@ class Chef exit(1) end + # TODO is there validation on the config schema? If so, this validation should go there + if has_secret? && has_secret_file? + ui.fatal("Please specify only one of 'secret' or 'secret_file' in your config") + exit(1) + end + return true if config[:secret] || config[:secret_file] if config[:encrypt] unless has_secret? || has_secret_file? ui.fatal("No secret or secret_file specified in config, unable to encrypt item.") exit(1) + else + return true end - return true - else - return false end + return false end def run diff --git a/spec/unit/knife/data_bag_create_spec.rb b/spec/unit/knife/data_bag_create_spec.rb index c3bcf0416f..62a2dd8644 100644 --- a/spec/unit/knife/data_bag_create_spec.rb +++ b/spec/unit/knife/data_bag_create_spec.rb @@ -129,6 +129,48 @@ describe Chef::Knife::DataBagCreate do include_examples "a data bag item" end + context "when provided --secret and --secret-file" do + + let(:config) {{ :secret_file => secret_file.path, :secret => secret }} + + it "throws an error" do + expect(knife).to receive(:create_object).and_yield(raw_hash) + expect(knife).to receive(:exit).with(1) + expect(knife.ui).to receive(:fatal).with("Please specify only one of --secret, --secret-file") + + knife.run + end + + end + + context "when provided with `secret` and `secret_file` in knife.rb" do + before do + Chef::Config[:knife][:secret] = secret + Chef::Config[:knife][:secret_file] = secret_file.path + end + + it "throws an error" do + expect(knife).to receive(:create_object).and_yield(raw_hash) + expect(knife).to receive(:exit).with(1) + expect(knife.ui).to receive(:fatal).with("Please specify only one of 'secret' or 'secret_file' in your config") + + knife.run + end + + end + + context "when --encrypt is provided without a secret" do + let(:config) {{ :encrypt => true }} + + it "throws an error" do + expect(knife).to receive(:create_object).and_yield(raw_hash) + expect(knife).to receive(:exit).with(1) + expect(knife.ui).to receive(:fatal).with("No secret or secret_file specified in config, unable to encrypt item.") + + knife.run + end + end + context "with secret in knife.rb" do before do Chef::Config[:knife][:secret] = config_secret @@ -190,4 +232,21 @@ describe Chef::Knife::DataBagCreate do end end end + + context "no secret in knife.rb" do + + include_examples "a data bag item" + + context "with --secret" do + include_examples "an encrypted data bag item" do + let(:config) {{ :secret => secret }} + end + end + + context "with --secret-file" do + include_examples "an encrypted data bag item" do + let(:config) {{ :secret_file => secret_file.path }} + end + end + end end |