Merge pull request #172 from MsysTechnologiesllc/ali/empty_encrypted_data_bag_secret_fix

Fixed bug to not generate empty encrypted_data_bag_secret file.

Author: Aliasgar16

lib/chef/azure/commands/enable.rb

@@ -340,14 +340,19 @@ def get_chef_server_ssl_cert(decrypted_text)
 
   def secret_key(decrypted_text)
     #extract secret from decrypted hash
-    secret = value_from_json_file(decrypted_text, "secret")
-    secret = secret || value_from_json_file(decrypted_text, "encrypted_data_bag_secret")
-    begin
-      secret = OpenSSL::PKey::RSA.new(secret.squeeze("\n")).to_pem
-    rescue OpenSSL::PKey::RSAError => e
-      Chef::Log.error "Secret key parsing error. #{e.inspect}"
+    secret = value_from_json_file(decrypted_text, "secret").empty? ?
+      value_from_json_file(decrypted_text, "encrypted_data_bag_secret") :
+      value_from_json_file(decrypted_text, "secret")
+    if secret.empty?
+      nil
+    else
+      begin
+        secret = OpenSSL::PKey::RSA.new(secret.squeeze("\n")).to_pem
+      rescue OpenSSL::PKey::RSAError => e
+        Chef::Log.error "Secret key parsing error. #{e.inspect}"
+      end
+      secret
     end
-    secret
   end
 
   def get_decrypted_key(encrypted_text)

spec/functional/secret_key_spec.rb

@@ -12,39 +12,27 @@
   let (:enable_args) { [] }
   let (:instance) { EnableChef.new(extension_root, enable_args) }
 
-  context "for windows" do
-    before do
-      @decrypted_settings = mock_data('correct_decrypted_json.txt')
-      allow(instance).to receive(:windows?).and_return(true)
-      allow(instance).to receive(:handler_settings_file).and_return(mock_data("handler_settings.settings"))
-    end
+  let(:correct_decrypted_settings) { mock_data('correct_decrypted_json.txt') }
+  let(:incorrect_decrypted_settings) { mock_data('incorrect_decrypted_json.txt') }
 
+  describe "secret_key" do
     it "returns correct secret key if there is no escape character in the decrypted json" do
-      allow(instance).to receive(:shell_out).and_return(OpenStruct.new(:exitstatus => 0, :stdout => @decrypted_settings))
-      secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
-      expect(secret_key_cmd).to eq("secret_key")
+      allow(OpenSSL::PKey::RSA).to receive_message_chain(:new, :to_pem).and_return('secret_key')
+      response = instance.send(:secret_key, correct_decrypted_settings)
+      expect(response).to eq("secret_key")
     end
 
     it "returns correct secret key if there are escape characters in the decrypted json" do
-      decrypted_validation_key = mock_data('incorrect_decrypted_json.txt')
-      allow(instance).to receive(:shell_out).and_return(OpenStruct.new(:exitstatus => 0, :stdout => decrypted_validation_key))
-      secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
-      expect(secret_key_cmd).to eq("secret_key")
-    end
-  end
-
-
-  context "for linux" do
-    before do
-      @decrypted_settings = mock_data('correct_decrypted_json.txt')
-      allow(instance).to receive(:windows?).and_return(false)
-      allow(instance).to receive(:handler_settings_file).and_return(mock_data("handler_settings.settings"))
+      allow(OpenSSL::PKey::RSA).to receive_message_chain(:new, :to_pem).and_return('secret_key')
+      response = instance.send(:secret_key,incorrect_decrypted_settings)
+      expect(response).to eq("secret_key")
     end
 
-    it "returns correct validation key" do
-      EnableChef::LINUX_CERT_PATH = File.expand_path(File.dirname("spec/assets/*"))
-      secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
-      expect(secret_key_cmd).to eq("secret_key")
+    context "when secret is not passed by the user" do
+      it "returns nil" do
+        response = instance.send(:secret_key, "{\"validation_key\" : \"my_key\"}")
+        expect(response).to eq(nil)
+      end
     end
   end
-end
+end