Skip to content

Commit

Permalink
Update cookbook for 0.5.2 version of Vault.
Browse files Browse the repository at this point in the history
  • Loading branch information
John Bellone committed Mar 17, 2016
1 parent a0e88c7 commit 093f198
Show file tree
Hide file tree
Showing 10 changed files with 53 additions and 21 deletions.
16 changes: 14 additions & 2 deletions .kitchen.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,30 @@ provisioner:

platforms:
- name: ubuntu-14.04
run_list:
- recipe[apt::default]
- name: ubuntu-12.04
run_list:
- recipe[apt::default]
- name: centos-7.2
run_list:
- recipe[yum::default]
- name: centos-6.7
run_list:
- recipe[yum::default]
- name: debian-8.2
run_list:
- recipe[apt::default]
- name: debian-7.9
run_list:
- recipe[apt::default]

suites:
- name: default
run_list:
- recipe[hashicorp-vault::default]
- name: git
run_list:
- recipe[apt::default]
- recipe[yum::default]
- recipe[hashicorp-vault::default]
attributes:
hashicorp-vault:
Expand Down
2 changes: 2 additions & 0 deletions Berksfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,6 @@ metadata

group :test, :integration do
cookbook 'apt'
cookbook 'windows'
cookbook 'yum'
end
5 changes: 1 addition & 4 deletions attributes/default.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,7 @@
default['hashicorp-vault']['service_user'] = 'vault'
default['hashicorp-vault']['service_group'] = 'vault'

default['hashicorp-vault']['bag_name'] = 'secrets'
default['hashicorp-vault']['bag_item'] = 'vault'

default['hashicorp-vault']['version'] = '0.5.1'
default['hashicorp-vault']['version'] = '0.5.2'

default['hashicorp-vault']['config']['path'] = '/etc/vault/vault.json'
default['hashicorp-vault']['config']['address'] = '127.0.0.1:8200'
Expand Down
30 changes: 25 additions & 5 deletions libraries/vault_installation_binary.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,14 +79,15 @@ def self.default_archive_url

def self.binary_basename(node, resource)
case node['kernel']['machine']
when 'x86_64' then ['vault', resource.version, node['os'], 'amd64'].join('_')
when 'x86_64', 'amd64' then ['vault', resource.version, node['os'], 'amd64'].join('_')
when 'i386' then ['vault', resource.version, node['os'], '386'].join('_')
else ['vault', resource.version, node['os'], node['kernel']['machine']].join('_')
end.concat('.zip')
end

def self.binary_checksum(node, resource)
case [node['os'], node['kernel']['machine']].join('-')
tag = node['kernel']['machine'] =~ /x86_64/ ? 'amd64' : node['kernel']['machine']
case [node['os'], tag].join('-')
when 'darwin-i386'
case resource.version
when '0.1.2' then 'a4264b83432d8415fa8acbe60dafee7de119fba8b2472211861bd40a5e45381f'
Expand All @@ -97,8 +98,9 @@ def self.binary_checksum(node, resource)
when '0.4.1' then '9dd6e5c2d233d048d05ebdbae4dbf5e2b10d0e6d1bd626a609e913b1c8f923e0'
when '0.5.0' then 'a0c783b6e4c5aa8c34c0570f836b02ae7d9781fc42d5996a8c3621fec7e47508'
when '0.5.1' then 'b28a68ce1c6403092485ed17622fd127180559e26cefb1ff7c6bd539319294fd'
when '0.5.2' then '0a7bf80f41cff7928acf99450b5de0f18472b83e985087b1a45fd6d078707dc8'
end
when 'darwin-x86_64'
when 'darwin-amd64'
case resource.version
when '0.1.2' then '42fe870cedb1152d1cb43e22c14a8786a30476764055de37a2fbf98e92cebe9b'
when '0.2.0' then '73dfa187a01fd4490b4c8a62a4316a4bd054538d4fd2df869415b0b00f37d654'
Expand All @@ -108,6 +110,19 @@ def self.binary_checksum(node, resource)
when '0.4.1' then 'cdf4f8bb863550e6b29aa44254ed00968f69c9e6b7e9e8c83d70151fe905bd99'
when '0.5.0' then '8f5ca5927f876737566a23442f098afa1ed3dc9d5b238c3c8f7563e06ab6c64c'
when '0.5.1' then '0466e5a0bfe777586ce4c9b3dfa9f48bbc6e902550aefbb2281725a3bd46179c'
when '0.5.2' then '48bf1d66cc3b81293186fd458f63fc2b02344aec5f1490c9b9a2915831c13d33'
end
when 'freebsd-i386'
case resource.version
when '0.5.2' then 'b14aa86a1573125fb0521800e53d04bbfa1f2d5c4fee5cfe62ab42c45ff941ef'
end
when 'freebsd-amd64'
case resource.version
when '0.5.2' then '63182658c91dacc7edb180b3e68365c928c74a6384d8837b57271d64deecd2b4'
end
when 'freebsd-arm'
case resource.version
when '0.5.2' then 'fcccb3ef43de09861cafc7971b8276558cfc420dca8308c136c74176169213ef'
end
when 'linux-i386'
case resource.version
Expand All @@ -119,8 +134,9 @@ def self.binary_checksum(node, resource)
when '0.4.1' then '822b3bca3a4897b34ce45b9081dc48f89cc83c61dbacf4ff47a6dac2d1f70b39'
when '0.5.0' then 'af416f99627f5d9d9516a86a6ec75e7b4056c11548951051d178a46171ea6b00'
when '0.5.1' then '6b3c34bfff2af7fdb15c98a8b7eb59e12316db733e66c4ebdc3c2f09b9f31280'
when '0.5.2' then '8305303aa9f4a0654961d0930d40bc61b3a0ad52e12d630e1619815de196e9fc'
end
when 'linux-x86_64'
when 'linux-amd64'
case resource.version
when '0.1.2' then '12c28cf7d6b6052c24817072fb95d4cfa2a391b507c705e960faf11afb5ee6ad'
when '0.2.0' then 'b4b64fcea765ebfc7cdbae9cdd2c32bff130ca51f15b9cf47194f112fd5515cf'
Expand All @@ -130,6 +146,7 @@ def self.binary_checksum(node, resource)
when '0.4.1' then 'f21f8598728faa4e1920704c37047bad6e9b360aec39ba8a1cc712c373ffb61a'
when '0.5.0' then 'f81accce15313881b8d53b039daf090398b2204b1154f821a863438ca2e5d570'
when '0.5.1' then '7319b6514cb5ca735d9886d7b7e1ed8730ee38b238bb1626564436b824206d12'
when '0.5.2' then '7517b21d2c709e661914fbae1f6bf3622d9347b0fe9fc3334d78a01d1e1b4ec2'
end
when 'linux-arm'
case resource.version
Expand All @@ -141,6 +158,7 @@ def self.binary_checksum(node, resource)
when '0.4.1' then '2786009465d10db4777791e90b8cbb42753513dcfae52ba74132c2364b8b267f'
when '0.5.0' then '722bf424694a60b5608af1bc2b5563ee06cedc03697d2ebc45676e8caf4e9f75'
when '0.5.1' then '2cc0b40de5d0869b39e0a3fd7de308e6365b823a825a9d743dda0d3783d61655'
when '0.5.2' then '458da2f7e65e7d03efad56bd60e1e747d303f94bee48ecfe8fe45d4207896142'
end
when 'windows-i386'
case resource.version
Expand All @@ -152,8 +170,9 @@ def self.binary_checksum(node, resource)
when '0.4.1' then '5b7dba8582947723c9064b1ca2ac6c285b6f4b78b4b5cc1bc31256c2baebe991'
when '0.5.0' then '19afa686c438f9af5620aa091682f71f7f8284ab246f5d4701cba408833f8b5f'
when '0.5.1' then '89e59dbe26146d1e3b17b122185d51737a383bb27cf407a25e13896fb7802e90'
when '0.5.2' then '714a7f20051147e5424f3e4d4e3cf45a98eecf829175c3acf83001a57f33b990'
end
when 'windows-x86_64'
when 'windows-amd64'
case resource.version
when '0.1.2' then 'aff1455f69278662c76b4d9615fe10af98eb4d3c0ea60b8c334a2064f23deed1'
when '0.2.0' then '1905354ad1652a8bd33c23f546b9df0e22b2c20a157c28545ff20b3cd74ea9e9'
Expand All @@ -163,6 +182,7 @@ def self.binary_checksum(node, resource)
when '0.4.1' then 'e1f1c31fea51c4477c975d81d16ec399bfe744398c06f21dc209fb88ae019201'
when '0.5.0' then '47b02247d8f7c4944ffcca006b2a25124065d4e9e416494b177a2c0d3165b4e6'
when '0.5.1' then '1f16b5203ab6e99970b983850ee775c85fed9fa3e558847cdd8b66138ccb17ae'
when '0.5.2' then '6e718ca8af49785d0614ab6b35d584152e77da80ed8de7100d0929b354133e77'
end
end
end
Expand Down
3 changes: 2 additions & 1 deletion libraries/vault_service.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ def action_enable
end

execute "setcap cap_ipc_lock=+ep #{new_resource.program}" do
not_if { platform_family?('windows', 'mac_os_x') }
not_if { platform_family?('windows', 'mac_os_x', 'freebsd') }
not_if { new_resource.disable_mlock }
not_if "getcap #{new_resource.program}|grep cap_ipc_lock+ep"
end
Expand All @@ -89,6 +89,7 @@ def service_options(service)
service.user(new_resource.user)
service.environment(new_resource.environment)
service.restart_on_update(true)
service.provider(:sysvinit)

This comment has been minimized.

Sign in to view

Copy link
@legal90

legal90 Apr 13, 2016

Contributor

@johnbellone Was it intended to force all systems to use sysvinit provider? I'm wondering just because below there is an RHEL6-specific block, which does the same.

if node.platform_family?('rhel') && node.platform_version.to_i == 6
service.provider(:sysvinit)
Expand Down
3 changes: 2 additions & 1 deletion metadata.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,13 @@
license 'Apache 2.0'
description 'Application cookbook for installing and configuring Vault.'
long_description 'Application cookbook for installing and configuring Vault.'
version '2.1.0'
version '2.1.1'

supports 'ubuntu', '>= 12.04'
supports 'redhat', '>= 6.4'
supports 'centos', '>= 6.4'
supports 'windows'
supports 'freebsd'

depends 'build-essential', '~> 2.2'
depends 'golang', '~> 1.7'
Expand Down
3 changes: 1 addition & 2 deletions recipes/default.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,13 @@
if node['hashicorp-vault']['config']
node['hashicorp-vault']['config'].each_pair { |k, v| r.send(k, v) }
end
notifies :restart, "vault_service[#{node['hashicorp-vault']['service_name']}]", :delayed
notifies :reload, "vault_service[#{node['hashicorp-vault']['service_name']}]", :delayed
end

install = vault_installation node['hashicorp-vault']['version'] do |r|
if node['hashicorp-vault']['installation']
node['hashicorp-vault']['installation'].each_pair { |k, v| r.send(k, v) }
end
notifies :restart, "vault_service[#{node['hashicorp-vault']['service_name']}]", :delayed
end

vault_service node['hashicorp-vault']['service_name'] do |r|
Expand Down
2 changes: 1 addition & 1 deletion test/integration/default/serverspec/default_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
require 'spec_helper'

describe file('/opt/vault/0.5.1/vault') do
describe file('/opt/vault/0.5.2/vault') do
it { should be_file }
it { should be_executable }
end
Expand Down
4 changes: 2 additions & 2 deletions test/unit/libraries/vault_service_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@
let(:chefspec_options) { {platform: 'ubuntu', version: '14.04', log_level: :debug} }

before do
stub_command("getcap /opt/vault/0.5.1/vault|grep cap_ipc_lock+ep").and_return(false)
stub_command("getcap /opt/vault/0.5.2/vault|grep cap_ipc_lock+ep").and_return(false)
end

context 'with default properties' do
it { is_expected.to run_execute 'setcap cap_ipc_lock=+ep /opt/vault/0.5.1/vault' }
it { is_expected.to run_execute 'setcap cap_ipc_lock=+ep /opt/vault/0.5.2/vault' }
end
end
6 changes: 3 additions & 3 deletions test/unit/recipes/default_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@

describe 'hashicorp-vault::default' do
before do
stub_command('test -L /opt/vault/0.5.1/vault').and_return(true)
stub_command('getcap /opt/vault/0.5.1/vault|grep cap_ipc_lock+ep').and_return(false)
stub_command('test -L /opt/vault/0.5.2/vault').and_return(true)
stub_command('getcap /opt/vault/0.5.2/vault|grep cap_ipc_lock+ep').and_return(false)
end

context 'with default node attributes' do
Expand All @@ -15,7 +15,7 @@

it { expect(chef_run).to create_poise_service_user('vault').with(group: 'vault') }
it { expect(chef_run).to create_vault_config('/etc/vault/vault.json') }
it { expect(chef_run).to create_vault_installation('0.5.1') }
it { expect(chef_run).to create_vault_installation('0.5.2') }
it { expect(chef_run).to enable_vault_service('vault').with(config_path: '/etc/vault/vault.json') }
it { expect(chef_run).to start_vault_service('vault') }
end
Expand Down

0 comments on commit 093f198

Please sign in to comment.