While there is still some work remaining with finishing some needed authorization checks, I’m happy to report that in the goiardi auth branch, authentication for chef clients and webui is working and passing the chef-pedant tests.
Once those authorization issues are ironed out, I’ll start work on updating the documentation and making a new formal release. If, in the meantime, anyone felt like testing it, it’s pretty easy. Start goiardi with the -A or --use-auth flags, and set --conf-root to whereever you’d like the chef-validator, chef-webui, and admin certificates to be stored. You’d probably also want to specify index and data files for persistence, but you don’t have to. Goiardi works with chef-webui fine as well, but at the moment you’ll have to set a password for the admin user with knife.
As of this writing goiardi authentication is still a work in progress, but it’s far enough along to start banging on to look for problems. The chef-pedant tests are pretty happy, but that doesn’t always catch every real world issue.