CHEF-4011 - default location of "encrypted_data_bag_secret" should be set in Chef::Config #682

Closed
wants to merge 11 commits into
from
Commits on Mar 17, 2013
Commits on Mar 18, 2013
  1. modern RSpec update for boostrap_context_spec

    schisamo committed Mar 17, 2013
    * prefer `subject` and `let` blocks to instance variables and before
      blocks
    * `eq` instead of `==`
  2. modern RSpec update for encrypted_data_bag_item_spec

    schisamo committed Mar 18, 2013
    * prefer `subject` and `let` blocks to instance variables and before
      blocks
    * `eq` instead of `==`
    * remove the 'shoulds' from example descriptions
  3. prefer `File.exist?` to `File.exists?`

    schisamo committed Mar 18, 2013
    File.exists? was deprecated in Ruby 1.9
  4. [CHEF-4011] move default secret file path to Chef::Config

    schisamo committed Mar 18, 2013
    * Remove references to DEFAULT_SECRET_FILE from
    `Chef::EncryptedDataBagItem`.
    * Add new `:encrypted_data_bag_secret` value to `Chef::Config`
    * Ensure Chef::Config[:encrypted_data_bag_secret] is nil if the secret
      does not exist at the default path.
    * Updated test coverage in `config_spec` and
      `encrypted_data_bag_item_spec`.
  5. [CHEF-4011] `--secret` and `--secret-file` options for `knife bootstrap`

    schisamo committed Mar 18, 2013
    This commit adds new CLI options to `knife bootstrap` for specifying
    encrypted data bag secret key (actual string or file) at node bootstrap
    time. This approach is more explicit than the previous approach of
    reading the path to the secret key from the `encrypted_data_bag_secret`
    value in the knife.rb file. For backward compatibility we will still
    attempt to load a key from Chef::Config[:encrypted_data_bag_secret].
  6. [CHEF-4011] add secret in knife.rb deprecation warning

    schisamo committed Mar 18, 2013
    This warning should only be displayed if a user has an
    'encrypted_data_bag_secret' entry in their knife.rb file.
  7. Fix trailing whitespace. >_<

    schisamo committed Mar 18, 2013
  8. [CHEF-4011] s/Version1Decryptor/Version0Decryptor/

    schisamo committed Mar 18, 2013
    This properly matches the code in `Chef::EncryptedDataBagItem`:
    
    * Version0Decryptor == legacy YAML-based format
    * Version1Decryptor == preferred JSON-based format
Commits on Mar 20, 2013
  1. [CHEF-4011] improve deprecation message

    schisamo committed Mar 20, 2013
    * Add a reference to CHEF-4011 for users who want 
      more information on the deprecation.
    * Give users a pointer that `knife[:secret_file]` may still be used for
      previous behavior.