Skip to content

Commit 7d97896

Browse files
author
Aliasgar16
authored
Merge pull request #172 from MsysTechnologiesllc/ali/empty_encrypted_data_bag_secret_fix
Fixed bug to not generate empty encrypted_data_bag_secret file.
2 parents bf59788 + f2408ed commit 7d97896

File tree

2 files changed

+27
-34
lines changed

2 files changed

+27
-34
lines changed

lib/chef/azure/commands/enable.rb

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -340,14 +340,19 @@ def get_chef_server_ssl_cert(decrypted_text)
340340

341341
def secret_key(decrypted_text)
342342
#extract secret from decrypted hash
343-
secret = value_from_json_file(decrypted_text, "secret")
344-
secret = secret || value_from_json_file(decrypted_text, "encrypted_data_bag_secret")
345-
begin
346-
secret = OpenSSL::PKey::RSA.new(secret.squeeze("\n")).to_pem
347-
rescue OpenSSL::PKey::RSAError => e
348-
Chef::Log.error "Secret key parsing error. #{e.inspect}"
343+
secret = value_from_json_file(decrypted_text, "secret").empty? ?
344+
value_from_json_file(decrypted_text, "encrypted_data_bag_secret") :
345+
value_from_json_file(decrypted_text, "secret")
346+
if secret.empty?
347+
nil
348+
else
349+
begin
350+
secret = OpenSSL::PKey::RSA.new(secret.squeeze("\n")).to_pem
351+
rescue OpenSSL::PKey::RSAError => e
352+
Chef::Log.error "Secret key parsing error. #{e.inspect}"
353+
end
354+
secret
349355
end
350-
secret
351356
end
352357

353358
def get_decrypted_key(encrypted_text)

spec/functional/secret_key_spec.rb

Lines changed: 15 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -12,39 +12,27 @@
1212
let (:enable_args) { [] }
1313
let (:instance) { EnableChef.new(extension_root, enable_args) }
1414

15-
context "for windows" do
16-
before do
17-
@decrypted_settings = mock_data('correct_decrypted_json.txt')
18-
allow(instance).to receive(:windows?).and_return(true)
19-
allow(instance).to receive(:handler_settings_file).and_return(mock_data("handler_settings.settings"))
20-
end
15+
let(:correct_decrypted_settings) { mock_data('correct_decrypted_json.txt') }
16+
let(:incorrect_decrypted_settings) { mock_data('incorrect_decrypted_json.txt') }
2117

18+
describe "secret_key" do
2219
it "returns correct secret key if there is no escape character in the decrypted json" do
23-
allow(instance).to receive(:shell_out).and_return(OpenStruct.new(:exitstatus => 0, :stdout => @decrypted_settings))
24-
secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
25-
expect(secret_key_cmd).to eq("secret_key")
20+
allow(OpenSSL::PKey::RSA).to receive_message_chain(:new, :to_pem).and_return('secret_key')
21+
response = instance.send(:secret_key, correct_decrypted_settings)
22+
expect(response).to eq("secret_key")
2623
end
2724

2825
it "returns correct secret key if there are escape characters in the decrypted json" do
29-
decrypted_validation_key = mock_data('incorrect_decrypted_json.txt')
30-
allow(instance).to receive(:shell_out).and_return(OpenStruct.new(:exitstatus => 0, :stdout => decrypted_validation_key))
31-
secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
32-
expect(secret_key_cmd).to eq("secret_key")
33-
end
34-
end
35-
36-
37-
context "for linux" do
38-
before do
39-
@decrypted_settings = mock_data('correct_decrypted_json.txt')
40-
allow(instance).to receive(:windows?).and_return(false)
41-
allow(instance).to receive(:handler_settings_file).and_return(mock_data("handler_settings.settings"))
26+
allow(OpenSSL::PKey::RSA).to receive_message_chain(:new, :to_pem).and_return('secret_key')
27+
response = instance.send(:secret_key,incorrect_decrypted_settings)
28+
expect(response).to eq("secret_key")
4229
end
4330

44-
it "returns correct validation key" do
45-
EnableChef::LINUX_CERT_PATH = File.expand_path(File.dirname("spec/assets/*"))
46-
secret_key_cmd = instance.send(:secret_key,@decrypted_settings)
47-
expect(secret_key_cmd).to eq("secret_key")
31+
context "when secret is not passed by the user" do
32+
it "returns nil" do
33+
response = instance.send(:secret_key, "{\"validation_key\" : \"my_key\"}")
34+
expect(response).to eq(nil)
35+
end
4836
end
4937
end
50-
end
38+
end

0 commit comments

Comments
 (0)