diff options
| author | Thom May <thom@may.lt> | 2017-03-10 08:39:06 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-10 08:39:06 +0000 |
| commit | 798788eaf541c7e24160e4e3e828f656de957ea7 (patch) | |
| tree | 023787a1a937dab4af4c8fad17613f0d5b0f8134 | |
| parent | b92abbd7781cab7ce168d2478b1661faad8ff5a1 (diff) | |
| parent | 3432692a73bb0546a08fe7f16a1b9b5b12af15a6 (diff) | |
| download | chef-798788eaf541c7e24160e4e3e828f656de957ea7.tar.gz | |
Merge pull request #5888 from chef/afiune/COOL-617/fix-here-strings-in-bash
Changed EOP to 'EOP' to avoid content expansion
| -rw-r--r-- | lib/chef/knife/bootstrap/templates/chef-full.erb | 12 | ||||
| -rw-r--r-- | spec/unit/knife/bootstrap_spec.rb | 29 |
2 files changed, 35 insertions, 6 deletions
diff --git a/lib/chef/knife/bootstrap/templates/chef-full.erb b/lib/chef/knife/bootstrap/templates/chef-full.erb index 6007ff9859..145761a39e 100644 --- a/lib/chef/knife/bootstrap/templates/chef-full.erb +++ b/lib/chef/knife/bootstrap/templates/chef-full.erb @@ -182,21 +182,21 @@ fi mkdir -p /etc/chef <% if client_pem -%> -cat > /etc/chef/client.pem <<EOP +cat > /etc/chef/client.pem <<'EOP' <%= ::File.read(::File.expand_path(client_pem)) %> EOP chmod 0600 /etc/chef/client.pem <% end -%> <% if validation_key -%> -cat > /etc/chef/validation.pem <<EOP +cat > /etc/chef/validation.pem <<'EOP' <%= validation_key %> EOP chmod 0600 /etc/chef/validation.pem <% end -%> <% if encrypted_data_bag_secret -%> -cat > /etc/chef/encrypted_data_bag_secret <<EOP +cat > /etc/chef/encrypted_data_bag_secret <<'EOP' <%= encrypted_data_bag_secret %> EOP chmod 0600 /etc/chef/encrypted_data_bag_secret @@ -212,17 +212,17 @@ mkdir -p /etc/chef/trusted_certs mkdir -p /etc/chef/ohai/hints <% @chef_config[:knife][:hints].each do |name, hash| -%> -cat > /etc/chef/ohai/hints/<%= name %>.json <<EOP +cat > /etc/chef/ohai/hints/<%= name %>.json <<'EOP' <%= Chef::JSONCompat.to_json(hash) %> EOP <% end -%> <% end -%> -cat > /etc/chef/client.rb <<EOP +cat > /etc/chef/client.rb <<'EOP' <%= config_content %> EOP -cat > /etc/chef/first-boot.json <<EOP +cat > /etc/chef/first-boot.json <<'EOP' <%= Chef::JSONCompat.to_json(first_boot) %> EOP diff --git a/spec/unit/knife/bootstrap_spec.rb b/spec/unit/knife/bootstrap_spec.rb index c2f68277c5..4201963b7d 100644 --- a/spec/unit/knife/bootstrap_spec.rb +++ b/spec/unit/knife/bootstrap_spec.rb @@ -48,6 +48,35 @@ describe Chef::Knife::Bootstrap do expect(File.basename(knife.bootstrap_template)).to eq("chef-full") end + context "when using the chef-full default template" do + let(:rendered_template) do + knife.merge_configs + knife.render_template + end + + it "should render client.rb" do + expect(rendered_template).to match("cat > /etc/chef/client.rb <<'EOP'") + expect(rendered_template).to match("chef_server_url \"https://localhost:443\"") + expect(rendered_template).to match("validation_client_name \"chef-validator\"") + expect(rendered_template).to match("log_location STDOUT") + end + + it "should render first-boot.json" do + expect(rendered_template).to match("cat > /etc/chef/first-boot.json <<'EOP'") + expect(rendered_template).to match('{"run_list":\[\]}') + end + + context "and encrypted_data_bag_secret was provided" do + it "should render encrypted_data_bag_secret file" do + expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(true) + expect(knife).to receive(:read_secret).and_return("secrets") + expect(rendered_template).to match("cat > /etc/chef/encrypted_data_bag_secret <<'EOP'") + expect(rendered_template).to match('{"run_list":\[\]}') + expect(rendered_template).to match(%r{secrets}) + end + end + end + context "with --bootstrap-vault-item" do let(:bootstrap_cli_options) { [ "--bootstrap-vault-item", "vault1:item1", "--bootstrap-vault-item", "vault1:item2", "--bootstrap-vault-item", "vault2:item1" ] } it "sets the knife config cli option correctly" do |