Merge pull request #274 from test-kitchen/pr234

Add support for box_download_ca_cert
test-kitchen · Jan 8, 2017 · 77de176 · 77de176
2 parents f9748a6 + 9d94263
commit 77de176
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -169,6 +169,22 @@ A box_url is not required when using the Atlas format of
 exist. If using a custom box this can be an `https://` or `file://`
 URL.
 
+### <a name="config-box-download-ca-cert"></a> box\_download\_ca\_cert
+
+Path relative to the `.kitchen.yml` file for locating the trusted CA bundle.
+Useful when combined with `box_url`.
+
+The default is `nil`, indicating to use the default Mozilla CA cert bundle.
+See also `box_download_insecure`.
+
+### <a name="config-box-download-insecure"></a> box\_download\_insecure
+
+If true, then SSL certificates from the server will
+not be verified.
+
+The default is `false`, meaning if the URL is an HTTPS URL,
+then SSL certs will be verified.
+
 ### <a name="config-box-version"></a> box\_version
 
 The [version][vagrant_versioning] of the configured box. 

diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb
@@ -45,6 +45,8 @@ class Vagrant < Kitchen::Driver::Base
 
       default_config :box_download_insecure, nil
 
+      default_config :box_download_ca_cert, nil
+
       default_config(:box_url) { |driver| driver.default_box_url }
 
       default_config :box_version, nil
@@ -149,6 +151,7 @@ def finalize_config!(instance)
         finalize_vm_hostname!
         finalize_pre_create_command!
         finalize_synced_folders!
+        finalize_ca_cert!
         self
       end
 
@@ -253,6 +256,15 @@ def debug_vagrantfile(vagrantfile)
         debug("------------")
       end
 
+      # Setup path for CA cert
+      #
+      # @api private
+      def finalize_ca_cert!
+        config[:box_download_ca_cert] = File.expand_path(
+          config[:box_download_ca_cert], config[:kitchen_root]) unless
+            config[:box_download_ca_cert].nil?
+      end
+
       # Replaces any `{{vagrant_root}}` tokens in the pre create command.
       #
       # @api private

diff --git a/spec/kitchen/driver/vagrant_spec.rb b/spec/kitchen/driver/vagrant_spec.rb
@@ -210,6 +210,16 @@ def run_command(_cmd, options = {})
       expect(driver[:box_check_update]).to eq(true)
     end
 
+    it "sets :box_download_ca_cert to nil by default" do
+      expect(driver[:box_download_ca_cert]).to eq(nil)
+    end
+
+    it "sets :box_download_ca_cert to a custom value" do
+      config[:box_download_ca_cert] = "cacert.pem"
+
+      expect(driver[:box_download_ca_cert]).to eq("/kroot/cacert.pem")
+    end
+
     it "sets :box_download_insecure to nil by default" do
       expect(driver[:box_download_insecure]).to eq(nil)
     end

diff --git a/templates/Vagrantfile.erb b/templates/Vagrantfile.erb
@@ -24,6 +24,10 @@ Vagrant.configure("2") do |c|
   c.vm.box_check_update = <%= config[:box_check_update] %>
 <% end %>
 
+<% if !config[:box_download_ca_cert].nil? %>
+  c.vm.box_download_ca_cert = "<%= config[:box_download_ca_cert] %>"
+<% end %>
+
 <% if !config[:box_download_insecure].nil? %>
   c.vm.box_download_insecure = "<%= config[:box_download_insecure] %>"
 <% end %>