chef 12.0.0.alpha.1-x86-mingw32 → 12.0.0.alpha.2-x86-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (180) hide show
  1. checksums.yaml +4 -4
  2. data/lib/chef/application.rb +8 -1
  3. data/lib/chef/application/apply.rb +4 -0
  4. data/lib/chef/application/client.rb +7 -7
  5. data/lib/chef/application/solo.rb +21 -13
  6. data/lib/chef/chef_fs/chef_fs_data_store.rb +60 -6
  7. data/lib/chef/chef_fs/config.rb +78 -4
  8. data/lib/chef/chef_fs/data_handler/acl_data_handler.rb +2 -2
  9. data/lib/chef/chef_fs/data_handler/client_data_handler.rb +1 -1
  10. data/lib/chef/chef_fs/data_handler/container_data_handler.rb +1 -1
  11. data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
  12. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  13. data/lib/chef/chef_fs/data_handler/data_handler_base.rb +76 -2
  14. data/lib/chef/chef_fs/data_handler/environment_data_handler.rb +1 -1
  15. data/lib/chef/chef_fs/data_handler/group_data_handler.rb +1 -1
  16. data/lib/chef/chef_fs/data_handler/node_data_handler.rb +1 -1
  17. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +30 -0
  18. data/lib/chef/chef_fs/data_handler/organization_invites_data_handler.rb +17 -0
  19. data/lib/chef/chef_fs/data_handler/organization_members_data_handler.rb +17 -0
  20. data/lib/chef/chef_fs/data_handler/role_data_handler.rb +1 -1
  21. data/lib/chef/chef_fs/data_handler/user_data_handler.rb +2 -1
  22. data/lib/chef/chef_fs/file_system.rb +0 -1
  23. data/lib/chef/chef_fs/file_system/acl_entry.rb +1 -1
  24. data/lib/chef/chef_fs/file_system/chef_repository_file_system_cookbook_dir.rb +1 -1
  25. data/lib/chef/chef_fs/file_system/chef_repository_file_system_entry.rb +5 -1
  26. data/lib/chef/chef_fs/file_system/chef_repository_file_system_root_dir.rb +73 -13
  27. data/lib/chef/chef_fs/file_system/chef_server_root_dir.rb +44 -5
  28. data/lib/chef/chef_fs/file_system/cookbook_dir.rb +1 -1
  29. data/lib/chef/chef_fs/file_system/cookbooks_dir.rb +3 -3
  30. data/lib/chef/chef_fs/file_system/org_entry.rb +34 -0
  31. data/lib/chef/chef_fs/file_system/organization_invites_entry.rb +58 -0
  32. data/lib/chef/chef_fs/file_system/organization_members_entry.rb +57 -0
  33. data/lib/chef/chef_fs/file_system/rest_list_entry.rb +13 -4
  34. data/lib/chef/chef_fs/knife.rb +1 -1
  35. data/lib/chef/client.rb +8 -2
  36. data/lib/chef/config.rb +75 -57
  37. data/lib/chef/config_fetcher.rb +6 -21
  38. data/lib/chef/dsl/data_query.rb +48 -3
  39. data/lib/chef/dsl/platform_introspection.rb +42 -0
  40. data/lib/chef/dsl/reboot_pending.rb +6 -3
  41. data/lib/chef/encrypted_data_bag_item.rb +1 -1
  42. data/lib/chef/encrypted_data_bag_item/encryptor.rb +12 -0
  43. data/lib/chef/exceptions.rb +2 -0
  44. data/lib/chef/http/basic_client.rb +14 -0
  45. data/lib/chef/http/json_output.rb +7 -2
  46. data/lib/chef/knife.rb +36 -121
  47. data/lib/chef/knife/bootstrap.rb +68 -54
  48. data/lib/chef/knife/bootstrap/archlinux-gems.erb +6 -1
  49. data/lib/chef/knife/bootstrap/chef-aix.erb +5 -0
  50. data/lib/chef/knife/bootstrap/chef-full.erb +5 -1
  51. data/lib/chef/knife/core/bootstrap_context.rb +70 -29
  52. data/lib/chef/knife/search.rb +56 -12
  53. data/lib/chef/knife/serve.rb +1 -1
  54. data/lib/chef/local_mode.rb +10 -4
  55. data/lib/chef/mixin/deep_merge.rb +6 -3
  56. data/lib/chef/mixin/shell_out.rb +33 -17
  57. data/lib/chef/null_logger.rb +72 -0
  58. data/lib/chef/platform.rb +2 -1
  59. data/lib/chef/platform/provider_mapping.rb +1 -1
  60. data/lib/chef/platform/rebooter.rb +54 -0
  61. data/lib/chef/provider/ifconfig.rb +15 -16
  62. data/lib/chef/provider/link.rb +1 -1
  63. data/lib/chef/provider/mount/mount.rb +1 -1
  64. data/lib/chef/provider/mount/solaris.rb +102 -64
  65. data/lib/chef/provider/package/aix.rb +4 -12
  66. data/lib/chef/provider/package/ips.rb +8 -12
  67. data/lib/chef/provider/package/macports.rb +4 -12
  68. data/lib/chef/provider/package/pacman.rb +2 -6
  69. data/lib/chef/provider/package/portage.rb +2 -6
  70. data/lib/chef/provider/package/rpm.rb +4 -12
  71. data/lib/chef/provider/package/solaris.rb +4 -12
  72. data/lib/chef/provider/reboot.rb +69 -0
  73. data/lib/chef/provider/service/debian.rb +10 -10
  74. data/lib/chef/provider/service/freebsd.rb +89 -73
  75. data/lib/chef/provider/service/gentoo.rb +2 -2
  76. data/lib/chef/provider/service/init.rb +6 -4
  77. data/lib/chef/provider/service/insserv.rb +3 -3
  78. data/lib/chef/provider/service/macosx.rb +2 -2
  79. data/lib/chef/provider/service/simple.rb +6 -4
  80. data/lib/chef/provider/service/solaris.rb +1 -1
  81. data/lib/chef/provider/service/systemd.rb +9 -9
  82. data/lib/chef/provider/service/upstart.rb +6 -6
  83. data/lib/chef/provider/subversion.rb +6 -6
  84. data/lib/chef/provider/user/dscl.rb +32 -28
  85. data/lib/chef/provider/user/windows.rb +6 -6
  86. data/lib/chef/provider/whyrun_safe_ruby_block.rb +1 -1
  87. data/lib/chef/providers.rb +1 -0
  88. data/lib/chef/recipe.rb +0 -1
  89. data/lib/chef/resource.rb +3 -5
  90. data/lib/chef/resource/mount.rb +9 -0
  91. data/lib/chef/resource/reboot.rb +48 -0
  92. data/lib/chef/resources.rb +1 -0
  93. data/lib/chef/run_context.rb +25 -0
  94. data/lib/chef/search/query.rb +122 -14
  95. data/lib/chef/util/path_helper.rb +54 -6
  96. data/lib/chef/util/windows/net_user.rb +4 -1
  97. data/lib/chef/version.rb +1 -1
  98. data/lib/chef/win32/api/file.rb +1 -5
  99. data/lib/chef/win32/api/net.rb +1 -0
  100. data/lib/chef/workstation_config_loader.rb +177 -0
  101. data/spec/functional/http/simple_spec.rb +57 -1
  102. data/spec/functional/mixin/shell_out_spec.rb +2 -2
  103. data/spec/functional/provider/whyrun_safe_ruby_block_spec.rb +51 -0
  104. data/spec/functional/rebooter_spec.rb +105 -0
  105. data/spec/functional/resource/deploy_revision_spec.rb +0 -4
  106. data/spec/functional/resource/file_spec.rb +26 -3
  107. data/spec/functional/resource/group_spec.rb +5 -3
  108. data/spec/functional/resource/link_spec.rb +16 -16
  109. data/spec/functional/resource/reboot_spec.rb +103 -0
  110. data/spec/integration/client/client_spec.rb +4 -8
  111. data/spec/integration/client/ipv6_spec.rb +1 -1
  112. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +3 -2
  113. data/spec/integration/knife/delete_spec.rb +39 -0
  114. data/spec/integration/knife/deps_spec.rb +30 -20
  115. data/spec/integration/knife/download_spec.rb +77 -1
  116. data/spec/integration/knife/list_spec.rb +221 -0
  117. data/spec/integration/knife/raw_spec.rb +1 -1
  118. data/spec/integration/knife/show_spec.rb +2 -2
  119. data/spec/integration/knife/upload_spec.rb +154 -1
  120. data/spec/support/pedant/run_pedant.rb +0 -1
  121. data/spec/support/shared/functional/http.rb +8 -1
  122. data/spec/support/shared/integration/integration_helper.rb +11 -19
  123. data/spec/support/shared/unit/platform_introspector.rb +22 -0
  124. data/spec/unit/application/apply.rb +11 -1
  125. data/spec/unit/application/solo_spec.rb +19 -3
  126. data/spec/unit/chef_fs/config_spec.rb +58 -0
  127. data/spec/unit/config_fetcher_spec.rb +1 -3
  128. data/spec/unit/config_spec.rb +247 -220
  129. data/spec/unit/dsl/data_query_spec.rb +165 -23
  130. data/spec/unit/dsl/reboot_pending_spec.rb +1 -7
  131. data/spec/unit/encrypted_data_bag_item_spec.rb +1 -1
  132. data/spec/unit/knife/bootstrap_spec.rb +354 -182
  133. data/spec/unit/knife/core/bootstrap_context_spec.rb +67 -30
  134. data/spec/unit/knife_spec.rb +3 -30
  135. data/spec/unit/mixin/deep_merge_spec.rb +14 -0
  136. data/spec/unit/mixin/shell_out_spec.rb +134 -64
  137. data/spec/unit/provider/ifconfig/debian_spec.rb +19 -9
  138. data/spec/unit/provider/ifconfig/redhat_spec.rb +16 -14
  139. data/spec/unit/provider/ifconfig_spec.rb +3 -3
  140. data/spec/unit/provider/link_spec.rb +5 -5
  141. data/spec/unit/provider/mount/mount_spec.rb +10 -1
  142. data/spec/unit/provider/mount/solaris_spec.rb +185 -11
  143. data/spec/unit/provider/package/aix_spec.rb +5 -17
  144. data/spec/unit/provider/package/ips_spec.rb +8 -21
  145. data/spec/unit/provider/package/macports_spec.rb +12 -12
  146. data/spec/unit/provider/package/pacman_spec.rb +4 -12
  147. data/spec/unit/provider/package/portage_spec.rb +5 -15
  148. data/spec/unit/provider/package/rpm_spec.rb +7 -22
  149. data/spec/unit/provider/package/solaris_spec.rb +5 -16
  150. data/spec/unit/provider/service/arch_service_spec.rb +8 -14
  151. data/spec/unit/provider/service/debian_service_spec.rb +1 -1
  152. data/spec/unit/provider/service/freebsd_service_spec.rb +457 -225
  153. data/spec/unit/provider/service/gentoo_service_spec.rb +2 -2
  154. data/spec/unit/provider/service/init_service_spec.rb +10 -10
  155. data/spec/unit/provider/service/insserv_service_spec.rb +3 -4
  156. data/spec/unit/provider/service/invokercd_service_spec.rb +8 -9
  157. data/spec/unit/provider/service/macosx_spec.rb +5 -5
  158. data/spec/unit/provider/service/simple_service_spec.rb +4 -6
  159. data/spec/unit/provider/service/solaris_smf_service_spec.rb +1 -3
  160. data/spec/unit/provider/service/systemd_service_spec.rb +20 -20
  161. data/spec/unit/provider/service/upstart_service_spec.rb +15 -17
  162. data/spec/unit/provider/subversion_spec.rb +5 -6
  163. data/spec/unit/provider/user/dscl_spec.rb +2 -1
  164. data/spec/unit/provider/user/windows_spec.rb +7 -0
  165. data/spec/unit/provider/whyrun_safe_ruby_block_spec.rb +2 -2
  166. data/spec/unit/resource/mount_spec.rb +9 -0
  167. data/spec/unit/resource_spec.rb +0 -4
  168. data/spec/unit/rest_spec.rb +1 -1
  169. data/spec/unit/run_context_spec.rb +15 -0
  170. data/spec/unit/search/query_spec.rb +196 -40
  171. data/spec/unit/util/path_helper_spec.rb +111 -28
  172. data/spec/unit/workstation_config_loader_spec.rb +283 -0
  173. metadata +36 -20
  174. data/lib/chef/knife/bootstrap/centos5-gems.erb +0 -62
  175. data/lib/chef/knife/bootstrap/fedora13-gems.erb +0 -44
  176. data/lib/chef/knife/bootstrap/ubuntu10.04-apt.erb +0 -53
  177. data/lib/chef/knife/bootstrap/ubuntu10.04-gems.erb +0 -48
  178. data/lib/chef/knife/bootstrap/ubuntu12.04-gems.erb +0 -46
  179. data/spec/support/shared/integration/chef_zero_support.rb +0 -130
  180. data/spec/unit/knife/config_file_selection_spec.rb +0 -135
@@ -94,11 +94,20 @@ class Chef
94
94
  :description => "Do not proxy locations for the node being bootstrapped; this option is used internally by Opscode",
95
95
  :proc => Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
96
96
 
97
+ # DEPR: Remove this option in Chef 13
97
98
  option :distro,
98
99
  :short => "-d DISTRO",
99
100
  :long => "--distro DISTRO",
100
- :description => "Bootstrap a distro using a template",
101
- :default => "chef-full"
101
+ :description => "Bootstrap a distro using a template. [DEPRECATED] Use -t / --bootstrap-template option instead.",
102
+ :proc => Proc.new { |v|
103
+ Chef::Log.warn("[DEPRECATED] -d / --distro option is deprecated. Use -t / --bootstrap-template option instead.")
104
+ v
105
+ }
106
+
107
+ option :bootstrap_template,
108
+ :short => "-t TEMPLATE",
109
+ :long => "--bootstrap-template TEMPLATE",
110
+ :description => "Bootstrap Chef using a built-in or custom template. Set to the full path of an erb template or use one of the built-in templates."
102
111
 
103
112
  option :use_sudo,
104
113
  :long => "--sudo",
@@ -110,10 +119,14 @@ class Chef
110
119
  :description => "Execute the bootstrap via sudo with password",
111
120
  :boolean => false
112
121
 
122
+ # DEPR: Remove this option in Chef 13
113
123
  option :template_file,
114
124
  :long => "--template-file TEMPLATE",
115
- :description => "Full path to location of template to use",
116
- :default => false
125
+ :description => "Full path to location of template to use. [DEPRECATED] Use -t / --bootstrap-template option instead.",
126
+ :proc => Proc.new { |v|
127
+ Chef::Log.warn("[DEPRECATED] --template-file option is deprecated. Use -t / --bootstrap-template option instead.")
128
+ v
129
+ }
117
130
 
118
131
  option :run_list,
119
132
  :short => "-r RUN_LIST",
@@ -141,7 +154,8 @@ class Chef
141
154
  :proc => Proc.new { |h|
142
155
  Chef::Config[:knife][:hints] ||= Hash.new
143
156
  name, path = h.split("=")
144
- Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : Hash.new }
157
+ Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : Hash.new
158
+ }
145
159
 
146
160
  option :secret,
147
161
  :short => "-s SECRET",
@@ -174,53 +188,75 @@ class Chef
174
188
  :description => "Add options to curl when install chef-client",
175
189
  :proc => Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
176
190
 
177
- def find_template(template=nil)
178
- # Are we bootstrapping using an already shipped template?
179
- if config[:template_file]
180
- bootstrap_files = config[:template_file]
181
- else
182
- bootstrap_files = []
183
- bootstrap_files << File.join(File.dirname(__FILE__), 'bootstrap', "#{config[:distro]}.erb")
184
- bootstrap_files << File.join(Knife.chef_config_dir, "bootstrap", "#{config[:distro]}.erb") if Knife.chef_config_dir
185
- bootstrap_files << File.join(ENV['HOME'], '.chef', 'bootstrap', "#{config[:distro]}.erb") if ENV['HOME']
186
- bootstrap_files << Gem.find_files(File.join("chef","knife","bootstrap","#{config[:distro]}.erb"))
187
- bootstrap_files.flatten!
191
+ option :node_ssl_verify_mode,
192
+ :long => "--node-ssl-verify-mode [peer|none]",
193
+ :description => "Whether or not to verify the SSL cert for all HTTPS requests.",
194
+ :proc => Proc.new { |v|
195
+ valid_values = ["none", "peer"]
196
+ unless valid_values.include?(v)
197
+ raise "Invalid value '#{v}' for --node-ssl-verify-mode. Valid values are: #{valid_values.join(", ")}"
198
+ end
199
+ }
200
+
201
+ option :node_verify_api_cert,
202
+ :long => "--[no-]node-verify-api-cert",
203
+ :description => "Verify the SSL cert for HTTPS requests to the Chef server API.",
204
+ :boolean => true
205
+
206
+ def bootstrap_template
207
+ # For some reason knife.merge_configs doesn't pick up the default values from
208
+ # Chef::Config[:knife][:bootstrap_template] unless Chef::Config[:knife][:bootstrap_template]
209
+ # is forced to pick up the values before calling merge_configs.
210
+ # We therefore have Chef::Config[:knife][:bootstrap_template] to pick up the defaults
211
+ # if no option is specified.
212
+ config[:bootstrap_template] || config[:distro] || config[:template_file] || Chef::Config[:knife][:bootstrap_template]
213
+ end
214
+
215
+ def find_template
216
+ template = bootstrap_template
217
+
218
+ # Use the template directly if it's a path to an actual file
219
+ if File.exists?(template)
220
+ Chef::Log.debug("Using the specified bootstrap template: #{File.dirname(template)}")
221
+ return template
222
+
188
223
  end
189
224
 
190
- template = Array(bootstrap_files).find do |bootstrap_template|
225
+ # Otherwise search the template directories until we find the right one
226
+ bootstrap_files = []
227
+ bootstrap_files << File.join(File.dirname(__FILE__), 'bootstrap', "#{template}.erb")
228
+ bootstrap_files << File.join(Knife.chef_config_dir, "bootstrap", "#{template}.erb") if Chef::Knife.chef_config_dir
229
+ bootstrap_files << File.join(ENV['HOME'], '.chef', 'bootstrap', "#{template}.erb") if ENV['HOME']
230
+ bootstrap_files << Gem.find_files(File.join("chef","knife","bootstrap","#{template}.erb"))
231
+ bootstrap_files.flatten!
232
+
233
+ template_file = Array(bootstrap_files).find do |bootstrap_template|
191
234
  Chef::Log.debug("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
192
235
  File.exists?(bootstrap_template)
193
236
  end
194
237
 
195
- unless template
196
- ui.info("Can not find bootstrap definition for #{config[:distro]}")
238
+ unless template_file
239
+ ui.info("Can not find bootstrap definition for #{template}")
197
240
  raise Errno::ENOENT
198
241
  end
199
242
 
200
- Chef::Log.debug("Found bootstrap template in #{File.dirname(template)}")
243
+ Chef::Log.debug("Found bootstrap template in #{File.dirname(template_file)}")
201
244
 
202
- template
245
+ template_file
203
246
  end
204
247
 
205
- def render_template(template=nil)
248
+ def render_template
249
+ template_file = find_template
250
+ template = IO.read(template_file).chomp
206
251
  context = Knife::Core::BootstrapContext.new(config, config[:run_list], Chef::Config)
207
252
  Erubis::Eruby.new(template).evaluate(context)
208
253
  end
209
254
 
210
- def read_template
211
- IO.read(@template_file).chomp
212
- end
213
-
214
255
  def run
215
256
  validate_name_args!
216
- warn_chef_config_secret_key
217
- @template_file = find_template(config[:bootstrap_template])
218
257
  @node_name = Array(@name_args).first
219
- # back compat--templates may use this setting:
220
- config[:server_name] = @node_name
221
258
 
222
259
  $stdout.sync = true
223
-
224
260
  ui.info("Connecting to #{ui.color(@node_name, :bold)}")
225
261
 
226
262
  begin
@@ -272,7 +308,7 @@ class Chef
272
308
  end
273
309
 
274
310
  def ssh_command
275
- command = render_template(read_template)
311
+ command = render_template
276
312
 
277
313
  if config[:use_sudo]
278
314
  command = config[:use_sudo_password] ? "echo '#{config[:ssh_password]}' | sudo -S #{command}" : "sudo #{command}"
@@ -281,28 +317,6 @@ class Chef
281
317
  command
282
318
  end
283
319
 
284
- def warn_chef_config_secret_key
285
- unless Chef::Config[:encrypted_data_bag_secret].nil?
286
- ui.warn "* " * 40
287
- ui.warn(<<-WARNING)
288
- Specifying the encrypted data bag secret key using an 'encrypted_data_bag_secret'
289
- entry in 'knife.rb' is deprecated. Please see CHEF-4011 for more details. You
290
- can supress this warning and still distribute the secret key to all bootstrapped
291
- machines by adding the following to your 'knife.rb' file:
292
-
293
- knife[:secret_file] = "/path/to/your/secret"
294
-
295
- If you would like to selectively distribute a secret key during bootstrap
296
- please use the '--secret' or '--secret-file' options of this command instead.
297
-
298
- #{ui.color('IMPORTANT:', :red, :bold)} In a future version of Chef, this
299
- behavior will be removed and any 'encrypted_data_bag_secret' entries in
300
- 'knife.rb' will be ignored completely.
301
- WARNING
302
- ui.warn "* " * 40
303
- end
304
- end
305
-
306
320
  end
307
321
  end
308
322
  end
@@ -6,7 +6,7 @@ if [ ! -f /usr/bin/chef-client ]; then
6
6
  pacman -S --noconfirm ruby ntp base-devel
7
7
  ntpdate -u pool.ntp.org
8
8
  gem install ohai --no-user-install --no-document --verbose
9
- gem install chef --no-user-install --no-document --verbose <%= bootstrap_version_string %>
9
+ gem install chef --no-user-install --no-document --verbose <%= Chef::VERSION %>
10
10
  fi
11
11
 
12
12
  mkdir -p /etc/chef
@@ -23,6 +23,11 @@ EOP
23
23
  chmod 0600 /etc/chef/encrypted_data_bag_secret
24
24
  <% end -%>
25
25
 
26
+ <% unless trusted_certs.empty? -%>
27
+ mkdir -p /etc/chef/trusted_certs
28
+ <%= trusted_certs %>
29
+ <% end -%>
30
+
26
31
  <%# Generate Ohai Hints -%>
27
32
  <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%>
28
33
  mkdir -p /etc/chef/ohai/hints
@@ -36,6 +36,11 @@ EOP
36
36
  chmod 0600 /etc/chef/encrypted_data_bag_secret
37
37
  <% end -%>
38
38
 
39
+ <% unless trusted_certs.empty? -%>
40
+ mkdir -p /etc/chef/trusted_certs
41
+ <%= trusted_certs %>
42
+ <% end -%>
43
+
39
44
  <%# Generate Ohai Hints -%>
40
45
  <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%>
41
46
  mkdir -p /etc/chef/ohai/hints
@@ -23,7 +23,6 @@ exists() {
23
23
  <%= knife_config[:bootstrap_install_command] %>
24
24
  <% else %>
25
25
  install_sh="<%= knife_config[:bootstrap_url] ? knife_config[:bootstrap_url] : "https://www.opscode.com/chef/install.sh" %>"
26
- version_string="-v <%= chef_version %>"
27
26
  if ! exists /usr/bin/chef-client; then
28
27
  echo "Installing Chef Client..."
29
28
  if exists wget; then
@@ -51,6 +50,11 @@ EOP
51
50
  chmod 0600 /etc/chef/encrypted_data_bag_secret
52
51
  <% end -%>
53
52
 
53
+ <% unless trusted_certs.empty? -%>
54
+ mkdir -p /etc/chef/trusted_certs
55
+ <%= trusted_certs %>
56
+ <% end -%>
57
+
54
58
  <%# Generate Ohai Hints -%>
55
59
  <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%>
56
60
  mkdir -p /etc/chef/ohai/hints
@@ -34,14 +34,6 @@ class Chef
34
34
  @chef_config = chef_config
35
35
  end
36
36
 
37
- def bootstrap_version_string
38
- if @config[:prerelease]
39
- "--prerelease"
40
- else
41
- "--version #{chef_version}"
42
- end
43
- end
44
-
45
37
  def bootstrap_environment
46
38
  @chef_config[:environment] || '_default'
47
39
  end
@@ -52,14 +44,20 @@ class Chef
52
44
 
53
45
  def encrypted_data_bag_secret
54
46
  knife_config[:secret] || begin
55
- if knife_config[:secret_file] && File.exist?(knife_config[:secret_file])
56
- IO.read(File.expand_path(knife_config[:secret_file]))
57
- elsif @chef_config[:encrypted_data_bag_secret] && File.exist?(@chef_config[:encrypted_data_bag_secret])
58
- IO.read(File.expand_path(@chef_config[:encrypted_data_bag_secret]))
47
+ secret_file_path = knife_config[:secret_file]
48
+ expanded_secret_file_path = File.expand_path(secret_file_path.to_s)
49
+ if secret_file_path && File.exist?(expanded_secret_file_path)
50
+ IO.read(expanded_secret_file_path)
51
+ else
52
+ nil
59
53
  end
60
54
  end
61
55
  end
62
56
 
57
+ def trusted_certs
58
+ @trusted_certs ||= trusted_certs_content
59
+ end
60
+
63
61
  def config_content
64
62
  client_rb = <<-CONFIG
65
63
  log_location STDOUT
@@ -72,6 +70,36 @@ CONFIG
72
70
  client_rb << "# Using default node name (fqdn)\n"
73
71
  end
74
72
 
73
+ # We configure :verify_api_cert only when it's overridden on the CLI
74
+ # or when specified in the knife config.
75
+ if !@config[:node_verify_api_cert].nil? || knife_config.has_key?(:verify_api_cert)
76
+ value = @config[:node_verify_api_cert].nil? ? knife_config[:verify_api_cert] : @config[:node_verify_api_cert]
77
+ client_rb << %Q{verify_api_cert #{value}\n}
78
+ end
79
+
80
+ # We configure :ssl_verify_mode only when it's overridden on the CLI
81
+ # or when specified in the knife config.
82
+ if @config[:node_ssl_verify_mode] || knife_config.has_key?(:ssl_verify_mode)
83
+ value = case @config[:node_ssl_verify_mode]
84
+ when "peer"
85
+ :verify_peer
86
+ when "none"
87
+ :verify_none
88
+ when nil
89
+ knife_config[:ssl_verify_mode]
90
+ else
91
+ nil
92
+ end
93
+
94
+ if value
95
+ client_rb << %Q{ssl_verify_mode :#{value}\n}
96
+ end
97
+ end
98
+
99
+ if @config[:ssl_verify_mode]
100
+ client_rb << %Q{ssl_verify_mode :#{knife_config[:ssl_verify_mode]}\n}
101
+ end
102
+
75
103
  if knife_config[:bootstrap_proxy]
76
104
  client_rb << %Q{http_proxy "#{knife_config[:bootstrap_proxy]}"\n}
77
105
  client_rb << %Q{https_proxy "#{knife_config[:bootstrap_proxy]}"\n}
@@ -85,6 +113,10 @@ CONFIG
85
113
  client_rb << %Q{encrypted_data_bag_secret "/etc/chef/encrypted_data_bag_secret"\n}
86
114
  end
87
115
 
116
+ unless trusted_certs.empty?
117
+ client_rb << %Q{trusted_certs_dir "/etc/chef/trusted_certs"\n}
118
+ end
119
+
88
120
  client_rb
89
121
  end
90
122
 
@@ -93,7 +125,7 @@ CONFIG
93
125
  client_path = @chef_config[:chef_client_path] || 'chef-client'
94
126
  s = "#{client_path} -j /etc/chef/first-boot.json"
95
127
  s << ' -l debug' if @config[:verbosity] and @config[:verbosity] >= 2
96
- s << " -E #{bootstrap_environment}" if chef_version.to_f != 0.9 # only use the -E option on Chef 0.10+
128
+ s << " -E #{bootstrap_environment}"
97
129
  s
98
130
  end
99
131
 
@@ -101,30 +133,27 @@ CONFIG
101
133
  @chef_config.key?(:knife) ? @chef_config[:knife] : {}
102
134
  end
103
135
 
104
- #
105
- # This function is used by older bootstrap templates other than chef-full
106
- # and potentially by custom templates as well hence it's logic needs to be
107
- # preserved for backwards compatibility reasons until we hit Chef 12.
108
- def chef_version
109
- knife_config[:bootstrap_version] || Chef::VERSION
110
- end
111
-
112
136
  #
113
137
  # chef version string to fetch the latest current version from omnitruck
114
138
  # If user is on X.Y.Z bootstrap will use the latest X release
115
139
  # X here can be 10 or 11
116
140
  def latest_current_chef_version_string
117
- chef_version_string = if knife_config[:bootstrap_version]
118
- knife_config[:bootstrap_version]
141
+ installer_version_string = nil
142
+ if @config[:prerelease]
143
+ installer_version_string = "-p"
119
144
  else
120
- Chef::VERSION.split(".").first
121
- end
145
+ chef_version_string = if knife_config[:bootstrap_version]
146
+ knife_config[:bootstrap_version]
147
+ else
148
+ Chef::VERSION.split(".").first
149
+ end
122
150
 
123
- installer_version_string = ["-v", chef_version_string]
151
+ installer_version_string = ["-v", chef_version_string]
124
152
 
125
- # If bootstrapping a pre-release version add -p to the installer string
126
- if chef_version_string.split(".").length > 3
127
- installer_version_string << "-p"
153
+ # If bootstrapping a pre-release version add -p to the installer string
154
+ if chef_version_string.split(".").length > 3
155
+ installer_version_string << "-p"
156
+ end
128
157
  end
129
158
 
130
159
  installer_version_string.join(" ")
@@ -134,6 +163,18 @@ CONFIG
134
163
  (@config[:first_boot_attributes] || {}).merge(:run_list => @run_list)
135
164
  end
136
165
 
166
+ private
167
+ def trusted_certs_content
168
+ content = ""
169
+ if @chef_config[:trusted_certs_dir]
170
+ Dir.glob(File.join(@chef_config[:trusted_certs_dir], "*.{crt,pem}")).each do |cert|
171
+ content << "cat > /etc/chef/trusted_certs/#{File.basename(cert)} <<'EOP'\n" +
172
+ IO.read(File.expand_path(cert)) + "\nEOP\n"
173
+ end
174
+ end
175
+ content
176
+ end
177
+
137
178
  end
138
179
  end
139
180
  end
@@ -71,6 +71,11 @@ class Chef
71
71
  :long => "--query QUERY",
72
72
  :description => "The search query; useful to protect queries starting with -"
73
73
 
74
+ option :filter_result,
75
+ :short => "-f FILTER",
76
+ :long => "--filter-result FILTER",
77
+ :description => "Only bring back specific attributes of the matching objects; for example: \"ServerName=name, Kernel=kernel.version\""
78
+
74
79
  def run
75
80
  read_cli_args
76
81
  fuzzify_query
@@ -79,7 +84,6 @@ class Chef
79
84
  ui.use_presenter Knife::Core::NodePresenter
80
85
  end
81
86
 
82
-
83
87
  q = Chef::Search::Query.new
84
88
  escaped_query = URI.escape(@query,
85
89
  Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
@@ -87,14 +91,26 @@ class Chef
87
91
  result_items = []
88
92
  result_count = 0
89
93
 
90
- rows = config[:rows]
91
- start = config[:start]
94
+ search_args = Hash.new
95
+ search_args[:sort] = config[:sort]
96
+ search_args[:start] = config[:start]
97
+ search_args[:rows] = config[:rows]
98
+ if config[:filter_result]
99
+ search_args[:filter_result] = create_result_filter(config[:filter_result])
100
+ elsif (not ui.config[:attribute].nil?) && (not ui.config[:attribute].empty?)
101
+ search_args[:filter_result] = create_result_filter_from_attributes(ui.config[:attribute])
102
+ end
103
+
92
104
  begin
93
- q.search(@type, escaped_query, config[:sort], start, rows) do |item|
94
- formatted_item = format_for_display(item)
95
- # if formatted_item.respond_to?(:has_key?) && !formatted_item.has_key?('id')
96
- # formatted_item['id'] = item.has_key?('id') ? item['id'] : item.name
97
- # end
105
+ q.search(@type, escaped_query, search_args) do |item|
106
+ formatted_item = Hash.new
107
+ if item.is_a?(Hash)
108
+ # doing a little magic here to set the correct name
109
+ formatted_item[item["data"]["__display_name"]] = item["data"]
110
+ formatted_item[item["data"]["__display_name"]].delete("__display_name")
111
+ else
112
+ formatted_item = format_for_display(item)
113
+ end
98
114
  result_items << formatted_item
99
115
  result_count += 1
100
116
  end
@@ -149,10 +165,38 @@ class Chef
149
165
  end
150
166
  end
151
167
 
168
+ # This method turns a set of key value pairs in a string into the appropriate data structure that the
169
+ # chef-server search api is expecting.
170
+ # expected input is in the form of:
171
+ # -f "return_var1=path.to.attribute, return_var2=shorter.path"
172
+ #
173
+ # a more concrete example might be:
174
+ # -f "env=chef_environment, ruby_platform=languages.ruby.platform"
175
+ #
176
+ # The end result is a hash where the key is a symbol in the hash (the return variable)
177
+ # and the path is an array with the path elements as strings (in order)
178
+ # See lib/chef/search/query.rb for more examples of this.
179
+ def create_result_filter(filter_string)
180
+ final_filter = Hash.new
181
+ filter_string.gsub!(" ", "")
182
+ filters = filter_string.split(",")
183
+ filters.each do |f|
184
+ return_id, attr_path = f.split("=")
185
+ final_filter[return_id.to_sym] = attr_path.split(".")
186
+ end
187
+ return final_filter
188
+ end
189
+
190
+ def create_result_filter_from_attributes(filter_array)
191
+ final_filter = Hash.new
192
+ filter_array.each do |f|
193
+ final_filter[f] = f.split(".")
194
+ end
195
+ # adding magic filter so we can actually pull the name as before
196
+ final_filter["__display_name"] = [ "name" ]
197
+ return final_filter
198
+ end
199
+
152
200
  end
153
201
  end
154
202
  end
155
-
156
-
157
-
158
-