summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Smith <tsmith84@gmail.com>2019-12-09 10:11:22 -0800
committerTim Smith <tsmith84@gmail.com>2019-12-09 10:11:22 -0800
commit8c5c80c82ccf191c0aea4578da8d2cc085f02292 (patch)
treeba984bf28e986c6456575f9a76f7941bb23c8d64
parent197bbe93998ef796e96774590c70356439edbf2b (diff)
parent68d6a6194a41680f5706cca23ce2b7f7623fe643 (diff)
downloadchef-8c5c80c82ccf191c0aea4578da8d2cc085f02292.tar.gz
Merge branch 'teknofire-will/fix_credentials_ssl_verify_mode'
-rw-r--r--chef-config/lib/chef-config/config.rb10
-rw-r--r--chef-config/spec/unit/workstation_config_loader_spec.rb30
2 files changed, 40 insertions, 0 deletions
diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb
index d1c4001739..8efdf16d7d 100644
--- a/chef-config/lib/chef-config/config.rb
+++ b/chef-config/lib/chef-config/config.rb
@@ -564,6 +564,16 @@ module ChefConfig
# be validated.
default :ssl_verify_mode, :verify_peer
+ # Needed to coerce string value to a symbol when loading settings from the
+ # credentials toml files which doesn't allow ruby symbol values
+ configurable(:ssl_verify_mode).writes_value do |value|
+ if value.is_a?(String) && value[0] == ":"
+ value[1..-1].to_sym
+ else
+ value.to_sym
+ end
+ end
+
# Whether or not to verify the SSL cert for HTTPS requests to the Chef
# server API. If set to `true`, the server's cert will be validated
# regardless of the :ssl_verify_mode setting. This is set to `true` when
diff --git a/chef-config/spec/unit/workstation_config_loader_spec.rb b/chef-config/spec/unit/workstation_config_loader_spec.rb
index 704c3ac2dc..3248184d77 100644
--- a/chef-config/spec/unit/workstation_config_loader_spec.rb
+++ b/chef-config/spec/unit/workstation_config_loader_spec.rb
@@ -583,6 +583,36 @@ RSpec.describe ChefConfig::WorkstationConfigLoader do
end
end
+ context "and ssl_verify_mode is a symbol string" do
+ let(:content) do
+ content = <<~EOH
+ [default]
+ ssl_verify_mode = ":verify_none"
+ EOH
+ content
+ end
+
+ it "raises a ConfigurationError" do
+ expect { config_loader.load_credentials }.not_to raise_error
+ expect(ChefConfig::Config.ssl_verify_mode).to eq(:verify_none)
+ end
+ end
+
+ context "and ssl_verify_mode is a string" do
+ let(:content) do
+ content = <<~EOH
+ [default]
+ ssl_verify_mode = "verify_none"
+ EOH
+ content
+ end
+
+ it "raises a ConfigurationError" do
+ expect { config_loader.load_credentials }.not_to raise_error
+ expect(ChefConfig::Config.ssl_verify_mode).to eq(:verify_none)
+ end
+ end
+
context "and has a syntax error" do
let(:content) { "<<<<<" }