github.com/go-chef/chef@v0.30.1/testapi/testapi.go

github.com/go-chef/chef@v0.30.1/testapi/testapi.go (about)

     1  // Test the go-chef/chef chef server api /organizations endpoints against a live server
     2  package testapi
     3  
     4  import (
     5  	"crypto/x509"
     6  	"fmt"
     7  	"log"
     8  	"os"
     9  	"strconv"
    10  
    11  	chef "github.com/go-chef/chef"
    12  )
    13  
    14  // client exercise the chef server api
    15  func Client(cfg *chef.Config) *chef.Client {
    16  	// Pass in the database and chef-server api credentials.
    17  	user := os.Args[2]
    18  	keyfile := os.Args[3]
    19  	chefurl := os.Args[4]
    20  	skipssl, err := strconv.ParseBool(os.Args[5])
    21  	if err != nil {
    22  		skipssl = true
    23  	}
    24  	version := "1.0"
    25  	if len(os.Args) > 6 {
    26  		version = os.Args[6]
    27  	}
    28  
    29  	// Create a client for access
    30  	return buildClient(cfg, user, keyfile, chefurl, skipssl, version)
    31  }
    32  
    33  // buildClient creates a connection to a chef server using the chef api.
    34  // goiardi uses port 4545 by default, chef-zero uses 8889, chef-server uses 443
    35  func buildClient(cfg *chef.Config, user string, keyfile string, baseurl string, skipssl bool, version string) *chef.Client {
    36  	key := clientKey(keyfile)
    37  	if cfg == nil {
    38  		cfg = &chef.Config{}
    39  	}
    40  	cfg.Name = user
    41  	cfg.Key = string(key)
    42  	cfg.BaseURL = baseurl
    43  	cfg.SkipSSL = skipssl
    44  	cfg.RootCAs = chefCerts()
    45  	cfg.AuthenticationVersion = version
    46  
    47  	client, err := chef.NewClient(
    48  		cfg,
    49  	)
    50  
    51  	if err != nil {
    52  		fmt.Fprintln(os.Stderr, "Issue setting up client:", err)
    53  		os.Exit(1)
    54  	}
    55  	return client
    56  }
    57  
    58  // clientKey reads the pem file containing the credentials needed to use the chef client.
    59  func clientKey(filepath string) string {
    60  	key, err := os.ReadFile(filepath)
    61  	if err != nil {
    62  		fmt.Fprintf(os.Stderr, "Couldn't read key.pem: %+v, %+v", filepath, err)
    63  		os.Exit(1)
    64  	}
    65  	return string(key)
    66  }
    67  
    68  // chefCerts creats a cert pool for the self signed certs
    69  // reference https://forfuncsake.github.io/post/2017/08/trust-extra-ca-cert-in-go-app/
    70  func chefCerts() *x509.CertPool {
    71  	const localCertFile = "/var/opt/opscode/nginx/ca/testhost.crt"
    72  	certPool, _ := x509.SystemCertPool()
    73  	if certPool == nil {
    74  		certPool = x509.NewCertPool()
    75  	}
    76  	// Read in the cert file
    77  	certs, err := os.ReadFile(localCertFile)
    78  	if err != nil {
    79  		log.Fatalf("Failed to append %q to RootCAs: %v", localCertFile, err)
    80  	}
    81  	// Append our cert to the system pool
    82  	if ok := certPool.AppendCertsFromPEM(certs); !ok {
    83  		log.Println("No certs appended, using system certs only")
    84  	}
    85  	return certPool
    86  }