From 9bddc665f400667a753126543ee34d0328194b36 Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 15:33:30 -0500 Subject: [PATCH 1/7] adding support for box_download_ca_cert --- lib/kitchen/driver/vagrant.rb | 4 ++++ lib/kitchen/driver/vagrant_version.rb | 2 +- spec/kitchen/driver/vagrant_spec.rb | 10 ++++++++++ templates/Vagrantfile.erb | 4 ++++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb index 07428e7a..9521a67e 100644 --- a/lib/kitchen/driver/vagrant.rb +++ b/lib/kitchen/driver/vagrant.rb @@ -45,6 +45,8 @@ class Vagrant < Kitchen::Driver::Base default_config :box_download_insecure, nil + default_config :box_download_ca_cert, nil + default_config(:box_url) { |driver| driver.default_box_url } default_config :box_version, nil @@ -281,6 +283,8 @@ def load_needed_dependencies! # @raise [ActionFailed] if the Vagrantfile template was not found # @api private def render_template + unless config[:box_download_ca_cert].nil? config[:box_download_ca_cert] = File.expand_path( + config[:box_download_ca_cert, config[:kitchen_root]]) template = File.expand_path( config[:vagrantfile_erb], config[:kitchen_root]) diff --git a/lib/kitchen/driver/vagrant_version.rb b/lib/kitchen/driver/vagrant_version.rb index f9188a3c..6964b1a2 100644 --- a/lib/kitchen/driver/vagrant_version.rb +++ b/lib/kitchen/driver/vagrant_version.rb @@ -21,6 +21,6 @@ module Kitchen module Driver # Version string for Vagrant Kitchen driver - VAGRANT_VERSION = "0.20.0" + VAGRANT_VERSION = "0.20.1" end end diff --git a/spec/kitchen/driver/vagrant_spec.rb b/spec/kitchen/driver/vagrant_spec.rb index b11f6952..cae76bf1 100644 --- a/spec/kitchen/driver/vagrant_spec.rb +++ b/spec/kitchen/driver/vagrant_spec.rb @@ -200,6 +200,16 @@ def run_command(_cmd, options = {}) expect(driver[:box_check_update]).to eq(true) end + it "sets :box_download_ca_cert to nil by default" do + expect(driver[:box_download_ca_cert]).to eq(nil) + end + + it "sets :box_download_ca_cert to a custom value" do + config[:box_download_ca_cert] = "cacert.pem" + + expect(driver[:box_check_update]).to eq("cacert.pem") + end + it "sets :box_download_insecure to nil by default" do expect(driver[:box_download_insecure]).to eq(nil) end diff --git a/templates/Vagrantfile.erb b/templates/Vagrantfile.erb index 9c6005e0..8ecf30cd 100644 --- a/templates/Vagrantfile.erb +++ b/templates/Vagrantfile.erb @@ -18,6 +18,10 @@ Vagrant.configure("2") do |c| c.vm.box_check_update = "<%= config[:box_check_update] %>" <% end %> +<% if !config[:box_download_ca_cert].nil? %> + c.vm.box_download_ca_cert = "<%= config[:box_download_ca_cert] %>" +<% end %> + <% if !config[:box_download_insecure].nil? %> c.vm.box_download_insecure = "<%= config[:box_download_insecure] %>" <% end %> From 6d0c89fe6086b6d830ccb86ab93d5fdf32c2f086 Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 15:58:26 -0500 Subject: [PATCH 2/7] typo and gnarled unless logic --- lib/kitchen/driver/vagrant.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb index 9521a67e..f03f4204 100644 --- a/lib/kitchen/driver/vagrant.rb +++ b/lib/kitchen/driver/vagrant.rb @@ -283,8 +283,8 @@ def load_needed_dependencies! # @raise [ActionFailed] if the Vagrantfile template was not found # @api private def render_template - unless config[:box_download_ca_cert].nil? config[:box_download_ca_cert] = File.expand_path( - config[:box_download_ca_cert, config[:kitchen_root]]) + config[:box_download_ca_cert] = File.expand_path( + config[:box_download_ca_cert], config[:kitchen_root]) unless config[:box_download_ca_cert].nil? template = File.expand_path( config[:vagrantfile_erb], config[:kitchen_root]) From 067138e0cafd9284e4ca53f34c32c0197c1f9af1 Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 15:33:30 -0500 Subject: [PATCH 3/7] adding support for box_download_ca_cert typo and gnarled unless logic --- lib/kitchen/driver/vagrant.rb | 4 ++++ lib/kitchen/driver/vagrant_version.rb | 2 +- spec/kitchen/driver/vagrant_spec.rb | 10 ++++++++++ templates/Vagrantfile.erb | 4 ++++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb index 07428e7a..f03f4204 100644 --- a/lib/kitchen/driver/vagrant.rb +++ b/lib/kitchen/driver/vagrant.rb @@ -45,6 +45,8 @@ class Vagrant < Kitchen::Driver::Base default_config :box_download_insecure, nil + default_config :box_download_ca_cert, nil + default_config(:box_url) { |driver| driver.default_box_url } default_config :box_version, nil @@ -281,6 +283,8 @@ def load_needed_dependencies! # @raise [ActionFailed] if the Vagrantfile template was not found # @api private def render_template + config[:box_download_ca_cert] = File.expand_path( + config[:box_download_ca_cert], config[:kitchen_root]) unless config[:box_download_ca_cert].nil? template = File.expand_path( config[:vagrantfile_erb], config[:kitchen_root]) diff --git a/lib/kitchen/driver/vagrant_version.rb b/lib/kitchen/driver/vagrant_version.rb index f9188a3c..6964b1a2 100644 --- a/lib/kitchen/driver/vagrant_version.rb +++ b/lib/kitchen/driver/vagrant_version.rb @@ -21,6 +21,6 @@ module Kitchen module Driver # Version string for Vagrant Kitchen driver - VAGRANT_VERSION = "0.20.0" + VAGRANT_VERSION = "0.20.1" end end diff --git a/spec/kitchen/driver/vagrant_spec.rb b/spec/kitchen/driver/vagrant_spec.rb index b11f6952..cae76bf1 100644 --- a/spec/kitchen/driver/vagrant_spec.rb +++ b/spec/kitchen/driver/vagrant_spec.rb @@ -200,6 +200,16 @@ def run_command(_cmd, options = {}) expect(driver[:box_check_update]).to eq(true) end + it "sets :box_download_ca_cert to nil by default" do + expect(driver[:box_download_ca_cert]).to eq(nil) + end + + it "sets :box_download_ca_cert to a custom value" do + config[:box_download_ca_cert] = "cacert.pem" + + expect(driver[:box_check_update]).to eq("cacert.pem") + end + it "sets :box_download_insecure to nil by default" do expect(driver[:box_download_insecure]).to eq(nil) end diff --git a/templates/Vagrantfile.erb b/templates/Vagrantfile.erb index 9c6005e0..8ecf30cd 100644 --- a/templates/Vagrantfile.erb +++ b/templates/Vagrantfile.erb @@ -18,6 +18,10 @@ Vagrant.configure("2") do |c| c.vm.box_check_update = "<%= config[:box_check_update] %>" <% end %> +<% if !config[:box_download_ca_cert].nil? %> + c.vm.box_download_ca_cert = "<%= config[:box_download_ca_cert] %>" +<% end %> + <% if !config[:box_download_insecure].nil? %> c.vm.box_download_insecure = "<%= config[:box_download_insecure] %>" <% end %> From 6275b8678dc0c839dcc84ec3f747991f8893041b Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 17:07:08 -0500 Subject: [PATCH 4/7] typo in test --- spec/kitchen/driver/vagrant_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/kitchen/driver/vagrant_spec.rb b/spec/kitchen/driver/vagrant_spec.rb index cae76bf1..08e9bbfe 100644 --- a/spec/kitchen/driver/vagrant_spec.rb +++ b/spec/kitchen/driver/vagrant_spec.rb @@ -207,7 +207,7 @@ def run_command(_cmd, options = {}) it "sets :box_download_ca_cert to a custom value" do config[:box_download_ca_cert] = "cacert.pem" - expect(driver[:box_check_update]).to eq("cacert.pem") + expect(driver[:box_download_ca_cert]).to eq("cacert.pem") end it "sets :box_download_insecure to nil by default" do From f7b0decf3fa8ecdb80f8a671261c4baaf5a92b12 Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 17:18:31 -0500 Subject: [PATCH 5/7] rubocop line length --- lib/kitchen/driver/vagrant.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb index f03f4204..a4deeaf7 100644 --- a/lib/kitchen/driver/vagrant.rb +++ b/lib/kitchen/driver/vagrant.rb @@ -284,7 +284,8 @@ def load_needed_dependencies! # @api private def render_template config[:box_download_ca_cert] = File.expand_path( - config[:box_download_ca_cert], config[:kitchen_root]) unless config[:box_download_ca_cert].nil? + config[:box_download_ca_cert], config[:kitchen_root]) unless + config[:box_download_ca_cert].nil? template = File.expand_path( config[:vagrantfile_erb], config[:kitchen_root]) From 7f1bc3d33b30113b532f8c314c96571f19f14155 Mon Sep 17 00:00:00 2001 From: Todd Trimmer Date: Tue, 21 Jun 2016 18:33:15 -0500 Subject: [PATCH 6/7] add box_download_insecure and box_download_ca_cert to config options description --- README.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index eec37759..af3d6cdd 100644 --- a/README.md +++ b/README.md @@ -146,7 +146,7 @@ The default will be computed from the platform name of the instance. However, fo For example, a platform with a Bento box called "ubuntu-14.04" will produce a default `box` value of `"opscode-ubuntu-14.04"`. Alternatively, a box called -`"slackware-14.1"` will produce a default `box` value of `"slackware-14.1". +`"slackware-14.1"` will produce a default `box` value of `"slackware-14.1"`. ### box\_check\_update @@ -159,6 +159,22 @@ platforms in the [Bento][bento] project. Additionally, a URL will only be computed if the Vagrant provider is VirtualBox or is VMware based (these are the only providers with downloadable base boxes). +### box\_download\_ca\_cert + +Path relative to the `.kitchen.yml` file for locating the trusted CA bundle. +Useful when combined with `box_url`. + +The default is `nil`, indicating to use the default Mozilla CA cert bundle. +See also `box_download_insecure`. + +### box\_download\_insecure + +If true, then SSL certificates from the server will +not be verified. + +The default is `false`, meaning if the URL is an HTTPS URL, +then SSL certs will be verified. + ### box\_version The [version][vagrant_versioning] of the configured box. From 9d9426373e61c5826647fe17362fb99ee4855bf6 Mon Sep 17 00:00:00 2001 From: Seth Thomas Date: Sat, 7 Jan 2017 08:10:19 -0500 Subject: [PATCH 7/7] Move path expansion to finalize_config Signed-off-by: Seth Thomas --- lib/kitchen/driver/vagrant.rb | 13 ++++++++++--- spec/kitchen/driver/vagrant_spec.rb | 2 +- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/kitchen/driver/vagrant.rb b/lib/kitchen/driver/vagrant.rb index 561917d8..43c122e7 100644 --- a/lib/kitchen/driver/vagrant.rb +++ b/lib/kitchen/driver/vagrant.rb @@ -151,6 +151,7 @@ def finalize_config!(instance) finalize_vm_hostname! finalize_pre_create_command! finalize_synced_folders! + finalize_ca_cert! self end @@ -255,6 +256,15 @@ def debug_vagrantfile(vagrantfile) debug("------------") end + # Setup path for CA cert + # + # @api private + def finalize_ca_cert! + config[:box_download_ca_cert] = File.expand_path( + config[:box_download_ca_cert], config[:kitchen_root]) unless + config[:box_download_ca_cert].nil? + end + # Replaces any `{{vagrant_root}}` tokens in the pre create command. # # @api private @@ -328,9 +338,6 @@ def load_needed_dependencies! # @raise [ActionFailed] if the Vagrantfile template was not found # @api private def render_template - config[:box_download_ca_cert] = File.expand_path( - config[:box_download_ca_cert], config[:kitchen_root]) unless - config[:box_download_ca_cert].nil? template = File.expand_path( config[:vagrantfile_erb], config[:kitchen_root]) diff --git a/spec/kitchen/driver/vagrant_spec.rb b/spec/kitchen/driver/vagrant_spec.rb index 677ba5f5..015ed631 100644 --- a/spec/kitchen/driver/vagrant_spec.rb +++ b/spec/kitchen/driver/vagrant_spec.rb @@ -217,7 +217,7 @@ def run_command(_cmd, options = {}) it "sets :box_download_ca_cert to a custom value" do config[:box_download_ca_cert] = "cacert.pem" - expect(driver[:box_download_ca_cert]).to eq("cacert.pem") + expect(driver[:box_download_ca_cert]).to eq("/kroot/cacert.pem") end it "sets :box_download_insecure to nil by default" do