From 8cfcc28db1acc7594dbbf76b846f4964f40f9e63 Mon Sep 17 00:00:00 2001 From: Eric Williams Date: Mon, 25 Feb 2019 19:09:39 +0000 Subject: Enable encrypted_data_bag_secret support for Chef Encrypted data bags require a secrets file to be present to decrypt, and the location of the file must be configured the Chef client configuration file, client.rb. This update enables cloud-init's chef module to update that setting in client.rb. LP: #1817082 --- templates/chef_client.rb.tmpl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/chef_client.rb.tmpl b/templates/chef_client.rb.tmpl index cbb6b15f..99978d3b 100644 --- a/templates/chef_client.rb.tmpl +++ b/templates/chef_client.rb.tmpl @@ -1,6 +1,6 @@ ## template:jinja {# -This file is only utilized if the module 'cc_chef' is enabled in +This file is only utilized if the module 'cc_chef' is enabled in cloud-config. Specifically, in order to enable it you need to add the following to config: chef: @@ -56,3 +56,6 @@ pid_file "{{pid_file}}" {% if show_time %} Chef::Log::Formatter.show_time = true {% endif %} +{% if encrypted_data_bag_secret %} +encrypted_data_bag_secret "{{encrypted_data_bag_secret}}" +{% endif %} -- cgit v1.2.3 From 14048171f8e5273b1b82c6d2ed5675a7d1a6eeb6 Mon Sep 17 00:00:00 2001 From: Ryan Harper Date: Tue, 16 Jul 2019 20:57:32 +0000 Subject: templates/ntp.conf.debian.tmpl: fix missing newline for pools MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The debian ntp.conf template did not contain a newline for the comment used to mark the rendered ntp pools configured. This resulted in an invalid line: '# poolspool 0.int.pool.ntp.org iburst' rather than: '# pools  pool 0.int.pool.ntp.org iburst' This patch fixes the template and updates the unittest to verify that the rendered templates puts servers and pools at the beginning of a line. LP: #1836598 --- templates/ntp.conf.debian.tmpl | 3 ++- tests/unittests/test_handler/test_handler_ntp.py | 25 ++++++++++++++---------- 2 files changed, 17 insertions(+), 11 deletions(-) (limited to 'templates') diff --git a/templates/ntp.conf.debian.tmpl b/templates/ntp.conf.debian.tmpl index 3f07eeaa..affe983d 100644 --- a/templates/ntp.conf.debian.tmpl +++ b/templates/ntp.conf.debian.tmpl @@ -19,7 +19,8 @@ filegen clockstats file clockstats type day enable # pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will # pick a different set every time it starts up. Please consider joining the # pool: -{% if pools -%}# pools{% endif %} +{% if pools %}# pools +{% endif %} {% for pool in pools -%} pool {{pool}} iburst {% endfor %} diff --git a/tests/unittests/test_handler/test_handler_ntp.py b/tests/unittests/test_handler/test_handler_ntp.py index 0f22e579..463d892a 100644 --- a/tests/unittests/test_handler/test_handler_ntp.py +++ b/tests/unittests/test_handler/test_handler_ntp.py @@ -268,17 +268,22 @@ class TestNtp(FilesystemMockingTestCase): template_fn=template_fn) content = util.load_file(confpath) if client in ['ntp', 'chrony']: - expected_servers = '\n'.join([ - 'server {0} iburst'.format(srv) for srv in servers]) + content_lines = content.splitlines() + expected_servers = [ + 'server {0} iburst'.format(srv) for srv in servers] print('distro=%s client=%s' % (distro, client)) - self.assertIn(expected_servers, content, - ('failed to render {0} conf' - ' for distro:{1}'.format(client, distro))) - expected_pools = '\n'.join([ - 'pool {0} iburst'.format(pool) for pool in pools]) - self.assertIn(expected_pools, content, - ('failed to render {0} conf' - ' for distro:{1}'.format(client, distro))) + for sline in expected_servers: + self.assertIn(sline, content_lines, + ('failed to render {0} conf' + ' for distro:{1}'.format(client, + distro))) + expected_pools = [ + 'pool {0} iburst'.format(pool) for pool in pools] + for pline in expected_pools: + self.assertIn(pline, content_lines, + ('failed to render {0} conf' + ' for distro:{1}'.format(client, + distro))) elif client == 'systemd-timesyncd': expected_content = ( "# cloud-init generated file\n" + -- cgit v1.2.3