Add client keys handling to ChefFSjr/chef-fs-client-keys

Supports work to being chef-zero closer to parity with chef-server.

6 files changed, 81 insertions, 8 deletions

diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index ac55853bc7..ba646c8530 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -150,9 +150,13 @@ module ChefConfig
     default(:acl_path) { derive_path_from_chef_repo_path("acls") }
 
     # Location of clients on disk. String or array of strings.
-    # Defaults to <chef_repo_path>/acls.
+    # Defaults to <chef_repo_path>/clients.
     default(:client_path) { derive_path_from_chef_repo_path("clients") }
 
+    # Location of client keys on disk. String or array of strings.
+    # Defaults to <chef_repo_path>/client_keys.
+    default(:client_key_path) { derive_path_from_chef_repo_path("client_keys") }
+
     # Location of containers on disk. String or array of strings.
     # Defaults to <chef_repo_path>/containers.
     default(:container_path) { derive_path_from_chef_repo_path("containers") }
diff --git a/lib/chef/chef_fs/chef_fs_data_store.rb b/lib/chef/chef_fs/chef_fs_data_store.rb
index 2d3330088f..6b6364e2e3 100644
--- a/lib/chef/chef_fs/chef_fs_data_store.rb
+++ b/lib/chef/chef_fs/chef_fs_data_store.rb
@@ -663,16 +663,25 @@ class Chef
       end
 
       def _to_chef_fs_path(path)
+        path = path.dup
+
         # /data -> /data_bags
         # /data/BAG -> /data_bags/BAG
         # /data/BAG/ITEM -> /data_bags/BAG/ITEM.json
         if path[0] == "data"
-          path = path.dup
           path[0] = "data_bags"
           if path.length >= 3
             path[2] = "#{path[2]}.json"
           end
 
+        # /client_keys/CLIENT/keys -> /client_keys/CLIENT
+        # /client_keys/CLIENT/keys/KEYNAME -> /client_keys/CLIENT/KEYNAME.json
+        elsif path[0] == "client_keys"
+          path.delete_at(2)
+          if path.length >= 3
+            path[-1] += ".json"
+          end
+
         # /policies/POLICY/revisions/REVISION -> /policies/POLICY-REVISION.json
         elsif path[0] == "policies" && path[2] == "revisions" && path.length >= 4
           path = [ "policies", "#{path[1]}-#{path[3]}.json" ]
@@ -698,14 +707,12 @@ class Chef
         elsif path[0] == "acls"
           # /acls/data -> /acls/data_bags
           if path[1] == "data"
-            path = path.dup
             path[1] = "data_bags"
           end
 
           # /acls/containers|nodes|.../x.json
           # /acls/organization.json
           if path.length == 3 || path == %w{acls organization}
-            path = path.dup
             path[-1] = "#{path[-1]}.json"
           end
 
@@ -714,7 +721,6 @@ class Chef
 
         # /nodes|clients|.../x.json
         elsif path.length == 2
-          path = path.dup
           path[-1] = "#{path[-1]}.json"
         end
         path
@@ -722,13 +728,22 @@ class Chef
 
       def to_zero_path(entry)
         path = entry.path.split("/")[1..-1]
+
         if path[0] == "data_bags"
-          path = path.dup
           path[0] = "data"
           if path.length >= 3
             path[2] = path[2][0..-6]
           end
 
+        # /client_keys/CLIENT -> /client_keys/CLIENT/keys
+        # /client_keys/CLIENT/KEYNAME.json -> /client_keys/CLIENT/keys/KEYNAME
+        elsif path[0] == "client_keys"
+          if path.size == 2
+            path << "keys"
+          elsif path.size > 2
+            path[2..-1] = [ "keys", path[-1][0..-6] ]
+          end
+
         elsif %w{cookbooks cookbook_artifacts}.include?(path[0])
           if chef_fs.versioned_cookbooks || path[0] == "cookbook_artifacts"
             # cookbooks/name-version/... -> cookbooks/name/version/...
@@ -752,9 +767,9 @@ class Chef
           end
 
         elsif path.length == 2 && path[0] != "cookbooks"
-          path = path.dup
           path[1] = path[1][0..-6]
         end
+
         path
       end
 
diff --git a/lib/chef/chef_fs/config.rb b/lib/chef/chef_fs/config.rb
index 5eae0501a1..1dbbe1a508 100644
--- a/lib/chef/chef_fs/config.rb
+++ b/lib/chef/chef_fs/config.rb
@@ -31,6 +31,7 @@ class Chef
       # out here:
       INFLECTIONS = {
         "acls" => "acl",
+        "client_keys" => "client_key",
         "clients" => "client",
         "cookbooks" => "cookbook",
         "cookbook_artifacts" => "cookbook_artifact",
@@ -68,7 +69,7 @@ class Chef
       CHEF_11_OSS_STATIC_OBJECTS = %w{cookbooks cookbook_artifacts data_bags environments roles}.freeze
       CHEF_11_OSS_DYNAMIC_OBJECTS = %w{clients nodes users}.freeze
       RBAC_OBJECT_NAMES = %w{acls containers groups }.freeze
-      CHEF_12_OBJECTS = %w{ cookbook_artifacts policies policy_groups }.freeze
+      CHEF_12_OBJECTS = %w{ cookbook_artifacts policies policy_groups client_keys }.freeze
 
       STATIC_MODE_OBJECT_NAMES = CHEF_11_OSS_STATIC_OBJECTS
       EVERYTHING_MODE_OBJECT_NAMES = (CHEF_11_OSS_STATIC_OBJECTS + CHEF_11_OSS_DYNAMIC_OBJECTS).freeze
diff --git a/lib/chef/chef_fs/data_handler/client_key_data_handler.rb b/lib/chef/chef_fs/data_handler/client_key_data_handler.rb
new file mode 100644
index 0000000000..6276413bcf
--- /dev/null
+++ b/lib/chef/chef_fs/data_handler/client_key_data_handler.rb
@@ -0,0 +1,11 @@
+require "chef/chef_fs/data_handler/data_handler_base"
+require "chef/api_client"
+
+class Chef
+  module ChefFS
+    module DataHandler
+      class ClientKeyDataHandler < DataHandlerBase
+      end
+    end
+  end
+end
diff --git a/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_client_keys_dir.rb b/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_client_keys_dir.rb
new file mode 100644
index 0000000000..237d1035ad
--- /dev/null
+++ b/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_client_keys_dir.rb
@@ -0,0 +1,38 @@
+#
+# Author:: Jordan Running (<jr@chef.io>)
+# Copyright:: Copyright 2013-2016, Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef/chef_fs/file_system/repository/chef_repository_file_system_entry"
+require "chef/chef_fs/data_handler/client_key_data_handler"
+
+class Chef
+  module ChefFS
+    module FileSystem
+      module Repository
+        class ChefRepositoryFileSystemClientKeysDir < ChefRepositoryFileSystemEntry
+          def initialize(name, parent, path = nil)
+            super(name, parent, path, Chef::ChefFS::DataHandler::ClientKeyDataHandler.new)
+          end
+
+          def can_have_child?(name, is_dir)
+            is_dir && !name.start_with?(".")
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb b/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb
index a814b9c55f..c7209ba634 100644
--- a/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb
+++ b/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb
@@ -21,11 +21,13 @@ require "chef/chef_fs/file_system/repository/chef_repository_file_system_acls_di
 require "chef/chef_fs/file_system/repository/cookbooks_dir"
 require "chef/chef_fs/file_system/repository/cookbook_artifacts_dir"
 require "chef/chef_fs/file_system/repository/data_bags_dir"
+require "chef/chef_fs/file_system/repository/chef_repository_file_system_client_keys_dir"
 require "chef/chef_fs/file_system/repository/chef_repository_file_system_entry"
 require "chef/chef_fs/file_system/repository/chef_repository_file_system_policies_dir"
 require "chef/chef_fs/file_system/repository/versioned_cookbooks_dir"
 require "chef/chef_fs/file_system/multiplexed_dir"
 require "chef/chef_fs/data_handler/client_data_handler"
+require "chef/chef_fs/data_handler/client_key_data_handler"
 require "chef/chef_fs/data_handler/environment_data_handler"
 require "chef/chef_fs/data_handler/node_data_handler"
 require "chef/chef_fs/data_handler/policy_data_handler"
@@ -178,6 +180,8 @@ class Chef
               dirs = paths.map { |path| DataBagsDir.new(name, self, path) }
             when "acls"
               dirs = paths.map { |path| ChefRepositoryFileSystemAclsDir.new(name, self, path) }
+            when "client_keys"
+              dirs = paths.map { |path| ChefRepositoryFileSystemClientKeysDir.new(name, self, path) }
             else
               data_handler = case name
                              when "clients"