lib/chef/knife/winrm.rb in knife-windows-0.5.8 vs lib/chef/knife/winrm.rb in knife-windows-0.5.10.rc.1
- old
+ new
@@ -39,10 +39,17 @@
:short => "-a ATTR",
:long => "--attribute ATTR",
:description => "The attribute to use for opening the connection - default is fqdn",
:default => "fqdn"
+ option :returns,
+ :long => "--returns CODES",
+ :description => "A comma delimited list of return codes which indicate success",
+ :default => nil,
+ :proc => Proc.new { |codes|
+ Chef::Config[:knife][:returns] = codes.split(',').collect {|item| item.to_i} }
+
option :manual,
:short => "-m",
:long => "--manual-list",
:boolean => true,
:description => "QUERY is a space separated list of servers",
@@ -88,25 +95,37 @@
def session_from_list(list)
list.each do |item|
Chef::Log.debug("Adding #{item}")
session_opts = {}
- session_opts[:user] = Chef::Config[:knife][:winrm_user] || config[:winrm_user]
- session_opts[:password] = Chef::Config[:knife][:winrm_password] if config[:winrm_password]
+ session_opts[:user] = config[:winrm_user] = Chef::Config[:knife][:winrm_user] || config[:winrm_user]
+ session_opts[:password] = config[:winrm_password] = Chef::Config[:knife][:winrm_password] || config[:winrm_password]
session_opts[:port] = Chef::Config[:knife][:winrm_port] || config[:winrm_port]
session_opts[:keytab] = Chef::Config[:knife][:kerberos_keytab_file] if Chef::Config[:knife][:kerberos_keytab_file]
session_opts[:realm] = Chef::Config[:knife][:kerberos_realm] if Chef::Config[:knife][:kerberos_realm]
session_opts[:service] = Chef::Config[:knife][:kerberos_service] if Chef::Config[:knife][:kerberos_service]
session_opts[:ca_trust_path] = Chef::Config[:knife][:ca_trust_file] if Chef::Config[:knife][:ca_trust_file]
session_opts[:operation_timeout] = 1800 # 30 min OperationTimeout for long bootstraps fix for KNIFE_WINDOWS-8
+ ## If you have a \\ in your name you need to use NTLM domain authentication
+ if session_opts[:user].split("\\").length.eql?(2)
+ session_opts[:basic_auth_only] = false
+ else
+ session_opts[:basic_auth_only] = true
+ end
+
if config.keys.any? {|k| k.to_s =~ /kerberos/ }
session_opts[:transport] = :kerberos
session_opts[:basic_auth_only] = false
else
session_opts[:transport] = (Chef::Config[:knife][:winrm_transport] || config[:winrm_transport]).to_sym
- session_opts[:basic_auth_only] = true
+ session_opts[:disable_sspi] = true
+ if session_opts[:user] and
+ (not session_opts[:password])
+ session_opts[:password] = Chef::Config[:knife][:winrm_password] = config[:winrm_password] = get_password
+
+ end
end
session.use(item, session_opts)
@longest = item.length if item.length > @longest
@@ -187,10 +206,21 @@
winrm_command(command)
end
end
end
+ def check_for_errors!(exit_codes)
+
+ exit_codes.each do |host, value|
+ unless Chef::Config[:knife][:returns].include? value.to_i
+ @exit_code = 1
+ ui.error "Failed to execute command on #{host} return code #{value}"
+ end
+ end
+
+ end
+
def run
STDOUT.sync = STDERR.sync = true
begin
@longest = 0
@@ -200,10 +230,16 @@
case @name_args[1]
when "interactive"
interactive
else
winrm_command(@name_args[1..-1].join(" "))
+
+ if config[:returns]
+ check_for_errors! session.exit_codes
+ end
+
session.close
+ exit @exit_code || 0
end
rescue WinRM::WinRMHTTPTransportError => e
case e.message
when /401/
ui.error "Failed to authenticate to #{@name_args[0].split(" ")} as #{config[:winrm_user]}"