lib/chef/knife/winrm_base.rb in knife-windows-0.8.6 vs lib/chef/knife/winrm_base.rb in knife-windows-1.0.0.rc.0
- old
+ new
@@ -22,10 +22,13 @@
class Chef
class Knife
module WinrmBase
+ # It includes supported WinRM authentication protocol.
+ WINRM_AUTH_PROTOCOL_LIST ||= %w{basic negotiate kerberos}
+
# :nodoc:
# Would prefer to do this in a rational way, but can't be done b/c of
# Mixlib::CLI's design :(
def self.included(includer)
includer.class_eval do
@@ -46,31 +49,32 @@
:short => "-P PASSWORD",
:long => "--winrm-password PASSWORD",
:description => "The WinRM password",
:proc => Proc.new { |key| Chef::Config[:knife][:winrm_password] = key }
+ option :winrm_transport,
+ :short => "-t TRANSPORT",
+ :long => "--winrm-transport TRANSPORT",
+ :description => "The WinRM transport type. valid choices are [ssl, plaintext]",
+ :default => 'plaintext',
+ :proc => Proc.new { |transport| Chef::Config[:knife][:winrm_port] = '5986' if transport == 'ssl'
+ Chef::Config[:knife][:winrm_transport] = transport }
+
option :winrm_port,
:short => "-p PORT",
:long => "--winrm-port PORT",
- :description => "The WinRM port, by default this is 5985",
- :default => "5985",
+ :description => "The WinRM port, by default this is '5985' for 'plaintext' and '5986' for 'ssl' winrm transport",
+ :default => '5985',
:proc => Proc.new { |key| Chef::Config[:knife][:winrm_port] = key }
option :identity_file,
:short => "-i IDENTITY_FILE",
:long => "--identity-file IDENTITY_FILE",
:description => "The SSH identity file used for authentication"
- option :winrm_transport,
- :short => "-t TRANSPORT",
- :long => "--winrm-transport TRANSPORT",
- :description => "The WinRM transport type. valid choices are [ssl, plaintext]",
- :default => 'plaintext',
- :proc => Proc.new { |transport| Chef::Config[:knife][:winrm_transport] = transport }
-
option :kerberos_keytab_file,
- :short => "-i KEYTAB_FILE",
+ :short => "-T KEYTAB_FILE",
:long => "--keytab-file KEYTAB_FILE",
:description => "The Kerberos keytab file used for authentication",
:proc => Proc.new { |keytab| Chef::Config[:knife][:kerberos_keytab_file] = keytab }
option :kerberos_realm,
@@ -89,11 +93,33 @@
:short => "-f CA_TRUST_FILE",
:long => "--ca-trust-file CA_TRUST_FILE",
:description => "The Certificate Authority (CA) trust file used for SSL transport",
:proc => Proc.new { |trust| Chef::Config[:knife][:ca_trust_file] = trust }
+ option :winrm_ssl_verify_mode,
+ :long => "--winrm-ssl-verify-mode SSL_VERIFY_MODE",
+ :description => "The WinRM peer verification mode. Valid choices are [verify_peer, verify_none]",
+ :default => :verify_peer,
+ :proc => Proc.new { |verify_mode| verify_mode.to_sym }
+
+ option :winrm_authentication_protocol,
+ :long => "--winrm-authentication-protocol AUTHENTICATION_PROTOCOL",
+ :description => "The authentication protocol used during WinRM communication. The supported protocols are #{WINRM_AUTH_PROTOCOL_LIST.join(',')}. Default is 'negotiate'.",
+ :default => "negotiate",
+ :proc => Proc.new { |protocol| Chef::Config[:knife][:winrm_authentication_protocol] = protocol }
+
+ option :session_timeout,
+ :long => "--session-timeout Minutes",
+ :description => "The timeout for the client for the maximum length of the WinRM session",
+ :default => 30
end
end
+ def locate_config_value(key)
+ key = key.to_sym
+ value = config[key] || Chef::Config[:knife][key] || default_config[key]
+ Chef::Log.debug("Looking for key #{key} and found value #{value}")
+ value
+ end
end
end
end