knife-ec-backup 2.5.3 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 04d60d691882443cee81667126f9f681d74a57bec9c1aa6891d0ea24d23c0825
-  data.tar.gz: 3839aaf3e1266642987da3a8047939bcbf249e4f35e8f637068ac9f228a9ad01
+  metadata.gz: 29f71b880bfbb21dba4529c4a03f9966d208a7f39c478613d3e38d1130ca5c06
+  data.tar.gz: 6196ae8cc2a56309310c5c25d7392dd3a1dfd7367a9d0994639998aa42f48422
 SHA512:
-  metadata.gz: 3d76b279ecd5178017431e5c0bfad401b40a080ace47b764d70697c426b04ce808b92380d26ab94f5473f743f71e3c16b080a920c2d6acdbffb10f0dcf555ecb
-  data.tar.gz: 85876db29caeb5531803fc902ff8ca185b52fb65ac5b3909e591fda18c0af43a483f7cc1d16919ff34978df372254900e78fce3f66e670f65a5125e2c7513cbc
+  metadata.gz: edb3a2500bb5c15b5a9c2b786152e2677f495e1996492411584a7fd3d91bf4d60b89e834a0fccf58388f7013f94a73c8ebf8c52df52c884530a2f62782aa9a6e
+  data.tar.gz: 43b2cb7433041e8f1d7654147205c5d769f582de6e40b3f5f482cda0a7b3b4b712c19ed7f05e1bcf55f6de184297e150f833f9621cd0f82d050a3b1bea049687

data/README.md

@@ -12,12 +12,12 @@
 
 ## Description
 
-knife-ec-backup can backup and restore the data in an Enterprise Chef
+knife-ec-backup can backup and restore the data in a Chef Infra
 Server installation, preserving the data in an intermediate, editable
 text format.  It is similar to the `knife download` and `knife upload`
 commands and uses the same underlying libraries, but also includes
 workarounds for objects not yet supported by those tools and various
-Server API deficiencies.  The long-run goal is to improve `knife
+Infra Server API deficiencies.  The long-run goal is to improve `knife
 download`, `knife upload` and the Chef Infra Server API and deprecate this
 tool.
 
@@ -27,7 +27,7 @@ This knife plugin requires Chef Infra Client 11.8+.
 
 ### Server Support
 
-This plugin currently supports Enterprise Chef 11 and Chef Infra Server 12+.
+This plugin currently supports Chef Infra Server 12+.
 Support for the beta key rotation features is provided via the
 `--with-keys-sql` flag, but users of this feature should note that
 this may change once the Chef Infra Server supports an API-based export of
@@ -37,28 +37,17 @@ the key data.
 
 ### Chef Infra Server Install (Recommended)
 
-This gem is installed with chef-server-core 12.0.0 and newer.
-
-For Private Chef 11 (or Enterprise Chef 11) you'll need to download and build
-locally to get the correct dependencies, either with `git clone` or by
-downloading the .zip file. Once unpacked, run:
+This gem is installed with Chef Infra Server 12 and later and the sub-commands are available with embedded copy of `knife`, e.g.:
 
 ```
-/opt/opscode/embedded/bin/gem build knife-ec-backup.gemspec
-/opt/opscode/embedded/bin/gem install knife-ec-backup*gem --no-ri --no-rdoc -V
+sudo /opt/opscode/bin/knife ec backup ~/chef-server-backup-directory
 ```
 
-#### Note on installing with existing development tools:
-
-The latest versions of knife-ec-backup require gems with native
-extensions, thus you must install a standard build toolchain.  To
-install knife-ec-backup without installing libpq development headers
-on your system, try the following:
+If you need a newer version of `knife-ec-backup` than is on the server you wish to back up, you can install it using the embedded `gem` command.
 
-   /opt/opscode/embedded/bin/gem install knife-ec-backup -- --with-pg-config=/opt/opscode/embedded/postgresql/9.2/bin/pg_config
-
-This uses the libpq headers that are included in the Chef Infra Server
-package installed in `/opt/opscode`.
+```
+/opt/opscode/embedded/bin/gem install knife-ec-backup --no-doc
+```
 
 ### Chef Workstation Install (Unsupported)
 
@@ -101,9 +90,9 @@ Clone the git repository and run the following from inside:
 
 ### Permissions
 
-Note that most users in an EC installation lack the permissions to pull all of the data from all organizations and other users.
+Note that most users in a Chef Infra Server installation lack the permissions to pull all of the data from all organizations and other users.
 This plugin **REQUIRES THE PIVOTAL KEY AND WEBUI KEY** from the Chef Infra Server.
-It is recommended that you run this from a frontend Enterprise Chef Infra Server, you can use --user and --key to pass the pivotal information along.
+It is recommended that you run this from a frontend Chef Infra Server. You can use `--user pivotal --key /path/to/pivotal.pem` to provide a path to the `pivotal` key.
 
 ## Subcommands
 
@@ -137,7 +126,7 @@ The following options are supported across all subcommands:
 
 ### knife ec backup DEST_DIR (options)
 
-*Path*: If you have chef-client installed as well, you may need to invoke this as `/opt/opscode/embedded/bin/knife ec backup backup`
+*Path*: If you have Chef Infra Client installed on this server, you may need to invoke this as `/opt/opscode/bin/knife ec backup BACKUP_DIRECTORY`
 
 *Options*
 
@@ -175,7 +164,7 @@ The following options are supported across all subcommands:
     Only donwload/restore objects in the named organization. Global
     objects such as users will still be downloaded/restored.
 
-Creates a repository of an entire Enterprise Chef / Private Chef server.
+Creates a repository of an entire Chef Infra Server
 
 The format of the repository is based on the `knife-essentials` (`knife download`) format and looks like this:
 
@@ -229,8 +218,7 @@ This compares very closely with the "knife download /" from an OSC server:
 
 ### knife ec restore DEST_DIR (options)
 
-Restores all data from the specified DEST_DIR to an Enterprise Chef /
-Private Chef server. DEST_DIR should be a backup directory created by
+Restores all data from the specified DEST_DIR to a Chef Infra Server. DEST_DIR should be a backup directory created by
 `knife ec backup`
 
 *Options*
@@ -299,26 +287,13 @@ Import a json representation of the users table from FILENAME to the
 the Chef Infra Server database.  If no argument is given, the filename is
 assumed to be `key_dump.json`.
 
-Please note, most user should use `knife ec restore` with the
+Please note, most users should use `knife ec restore` with the
 `--with-user-sql` option rather than this command.
 
 ## Known Bugs
 
-- knife-ec-backup cannot be installed in the embedded gemset of Chef
-  Server 12.  This will be resolved in a future Chef Infra Server release.
-
 - `knife ec restore` can fail to restore cookbooks, failing with an
   internal server error. A common cause of this problem is a
   concurrency bug in Chef Infra Server. Setting `--concurrency 1` can often
   work around the issue.
 
-- `knife ec restore` can fail if the pool of pre-created organizations
-  can not keep up with the newly created organizations.  This can
-  typically be resolved simply be restarting the restore.  To avoid
-  this error for backups with large number of organizations, try
-  setting (in /etc/opscode/private-chef.rb):
-
-        opscode_org_creator['ready_org_depth']
-
-  to the number of organizations in your backup and waiting for the
-  pool to fill before running `knife ec restore`

data/lib/chef/knife/ec_backup.rb

@@ -34,7 +34,7 @@ class Chef
         for_each_user do |username, url|
           download_user(username, url)
           if config[:skip_useracl]
-            ui.warn("Skipping user ACL download for #{username}. To download this ACL, remove --skip-useracl or upgrade your Enterprise Chef Server.")
+            ui.warn("Skipping user ACL download for #{username}. To download this ACL, remove --skip-useracl.")
           else
             download_user_acl(username)
           end
@@ -196,13 +196,6 @@ class Chef
           # Download the billing-admins, public_key_read_access ACL and group as pivotal
           chef_fs_config = Chef::ChefFS::Config.new
 
-          paths = ['/acls/groups/billing-admins.json', '/groups/billing-admins.json', '/groups/admins.json']
-          paths.push('/acls/groups/public_key_read_access.json', '/groups/public_key_read_access.json') if server.supports_public_key_read_access?
-
-          paths.each do |path|
-            chef_fs_copy_pattern(path, chef_fs_config)
-          end
-
           Chef::Config.node_name = if config[:skip_version]
                                      org_admin
                                    else
@@ -210,7 +203,7 @@ class Chef
                                    end
 
           chef_fs_config = Chef::ChefFS::Config.new
-          top_level_paths = chef_fs_config.chef_fs.children.select { |entry| entry.name != 'acls' && entry.name != 'groups' }.map { |entry| entry.path }
+          top_level_paths = chef_fs_config.chef_fs.children.map { |entry| entry.path }
 
           # The top level acl object names end with .json extension
           # Therefore we can use Chef::ChefFS::FilePattern matching for items
@@ -220,13 +213,7 @@ class Chef
           # therefore we use normalize_path_name to add the .json extension
           # for example: /acls/environments/_default
 
-           # Skip the billing-admins, public_key_read_access group ACLs and the groups since they've already been copied
-          exclude_list = ['billing-admins', 'public_key_read_access']
-
-          top_level_acls  = chef_fs_paths('/acls/*.json', chef_fs_config, [])
-          acl_paths       = chef_fs_paths('/acls/*/*', chef_fs_config, exclude_list)
-          group_paths     = chef_fs_paths('/groups/*', chef_fs_config, exclude_list)
-          (top_level_paths + top_level_acls + acl_paths + group_paths).each do |path|
+          top_level_paths.each do |path|
             chef_fs_copy_pattern(path, chef_fs_config)
           end
         ensure

data/lib/chef/knife/ec_base.rb

@@ -59,7 +59,7 @@ class Chef
             :long => '--skip-version-check',
             :boolean => true,
             :default => false,
-            :description => "Skip Chef Server version check.  This will also skip any auto-configured options"
+            :description => "Skip Chef Infra Server version check.  This will also skip any auto-configured options"
 
           option :org,
             :long => "--only-org ORG",
@@ -67,17 +67,17 @@ class Chef
 
           option :sql_host,
             :long => '--sql-host HOSTNAME',
-            :description => 'Postgresql database hostname (default: localhost)',
+            :description => 'PostgreSQL database hostname (default: localhost)',
             :default => "localhost"
 
           option :sql_port,
             :long => '--sql-port PORT',
-            :description => 'Postgresql database port (default: 5432)',
+            :description => 'PostgreSQL database port (default: 5432)',
             :default => 5432
 
           option :sql_db,
             :long => '--sql-db DBNAME',
-            :description => 'Postgresql Chef Server database name (default: opscode_chef or automate-cs-oc-erchef)'
+            :description => 'PostgreSQL Chef Infra Server database name (default: opscode_chef or automate-cs-oc-erchef)'
 
           option :sql_user,
             :long => "--sql-user USERNAME",

data/lib/chef/knife/ec_key_base.rb

@@ -34,17 +34,17 @@ class Chef
 
           option :sql_host,
           :long => '--sql-host HOSTNAME',
-          :description => 'Postgresql database hostname (default: localhost)',
+          :description => 'PostgreSQL database hostname (default: localhost)',
           :default => "localhost"
 
           option :sql_port,
           :long => '--sql-port PORT',
-          :description => 'Postgresql database port (default: 5432)',
+          :description => 'PostgreSQL database port (default: 5432)',
           :default => 5432
 
           option :sql_db,
           :long => '--sql-db DBNAME',
-          :description => 'Postgresql Chef Server database name (default: opscode_chef or automate-cs-oc-erchef)'
+          :description => 'PostgreSQL Chef Infra Server database name (default: opscode_chef or automate-cs-oc-erchef)'
 
           option :sql_user,
           :long => "--sql-user USERNAME",
@@ -114,7 +114,7 @@ class Chef
             exit 1
           else
             running_config ||= JSON.parse(File.read("/etc/opscode/chef-server-running.json"))
-            # Latest versions of chef server put the database info under opscode-erchef.sql_user
+            # Latest versions of Chef Infra Server put the database info under opscode-erchef.sql_user
             hash_key = if running_config['private_chef']['opscode-erchef'].has_key? 'sql_user'
                         'opscode-erchef'
                       else

data/lib/chef/knife/ec_key_export.rb

@@ -43,8 +43,8 @@ class Chef
           export_keys(key_data_path) unless config[:skip_keys_table]
         rescue Sequel::DatabaseError => e
           if e.message =~ /^PG::UndefinedTable/
-            ui.error "Keys table not found. The keys table only exists on Chef Server 12."
-            ui.error "Chef Server 11 users should use the --skip-keys-table option to avoid this error."
+            ui.error "Keys table not found. The keys table only exists on Chef Infra Server 12."
+            ui.error "Chef Infra Server 11 users should use the --skip-keys-table option to avoid this error."
             exit 1
           else
             raise

data/lib/chef/knife/ec_restore.rb

@@ -65,7 +65,7 @@ class Chef
         restore_key_sql if config[:with_key_sql]
 
         if config[:skip_useracl]
-          ui.warn("Skipping user ACL update. To update user ACLs, remove --skip-useracl or upgrade your Enterprise Chef Server.")
+          ui.warn("Skipping user ACL update. To update user ACLs, remove --skip-useracl.")
         else
           restore_user_acls
         end
@@ -292,7 +292,7 @@ class Chef
           # Store organization data in a particular order:
           # - clients must be uploaded before groups (in top_level_paths)
           # - groups must be uploaded before any acl's
-          # - groups must be uploaded twice to account for Chef Server versions that don't
+          # - groups must be uploaded twice to account for Chef Infra Server versions that don't
           #   accept group members on POST
           (top_level_paths + group_paths*2 + group_acl_paths + acl_paths).each do |path|
             chef_fs_copy_pattern(path, chef_fs_config)
@@ -309,7 +309,7 @@ class Chef
       end
 
       # ChefFS copy pattern inside the EcRestore class will
-      # copy from the local_fs to the Chef Server.
+      # copy from the local_fs to the Chef Infra Server.
       #
       # NOTE: Do not get confused, this is the other way around
       # from how we implemented in EcBackup. Therefor we can't

data/lib/knife_ec_backup/version.rb

@@ -1,4 +1,4 @@
 # when you change this to double quotes, also update .expeditor/update_version.sh
 module KnifeECBackup
-  VERSION = '2.5.3'
+  VERSION = '3.0.0'
 end

data/spec/chef/knife/ec_backup_spec.rb

@@ -72,7 +72,7 @@ describe Chef::Knife::EcBackup do
       expect{ |b| @knife.for_each_organization(&b) }.to yield_successive_args(org_response("bar"), org_response("foo"))
     end
 
-    it "skips unassigned (precreated) organizations on Chef Server 11" do
+    it "skips unassigned (precreated) organizations on Chef Infra Server 11" do
       server = double('Chef::Server')
       allow(Chef::Server).to receive(:new).and_return(server)
       allow(server).to receive(:version).and_return(Gem::Version.new("11.12.3"))
@@ -81,7 +81,7 @@ describe Chef::Knife::EcBackup do
       expect{ |b| @knife.for_each_organization(&b) }.to yield_successive_args(org_response("bar"))
     end
 
-    it "includes *all* organizations on Chef Server 12" do
+    it "includes *all* organizations on Chef Infra Server 12" do
       server = double('Chef::Server')
       allow(Chef::Server).to receive(:new).and_return(server)
       allow(server).to receive(:version).and_return(Gem::Version.new("12.0.0"))

data/spec/chef/server_spec.rb

@@ -9,7 +9,7 @@ describe Chef::Server do
     allow(Chef::ServerAPI).to receive(:new).and_return(@rest)
   end
 
-  it "infers root url from a Chef Server url" do
+  it "infers root url from a Chef Infra Server url" do
     s = Chef::Server.from_chef_server_url("http://api.example.com/organizations/foobar")
     expect(s.root_url).to eq("http://api.example.com")
   end
@@ -28,22 +28,22 @@ describe Chef::Server do
 
   it "determines the running omnibus server version" do
     s = Chef::Server.new('http://api.example.com')
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 1.8.1\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 1.8.1\nother stuff\nother stuff"))
     expect(s.version.to_s).to eq('1.8.1')
   end
 
   it "ignores git tags when determining the version" do
     s = Chef::Server.new("http://api.example.com")
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 1.8.1+20141024080718.git.16.08098a5\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 1.8.1+20141024080718.git.16.08098a5\nother stuff\nother stuff"))
     expect(s.version.to_s).to eq("1.8.1")
   end
 
   it "knows whether the server supports user ACLs via nginx" do
     s1 = Chef::Server.new("http://api.example.com")
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 11.0.0\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 11.0.0\nother stuff\nother stuff"))
     expect(s1.supports_user_acls?).to eq(false)
     s2 = Chef::Server.new("http://api.example.com")
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 11.0.2\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 11.0.2\nother stuff\nother stuff"))
     expect(s2.supports_user_acls?).to eq(true)
   end
 
@@ -61,10 +61,10 @@ describe Chef::Server do
 
   it "knows that public_key_read_access was implemented in 12.5.0" do
     before = Chef::Server.new("http://api.example.com")
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 12.4.1\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 12.4.1\nother stuff\nother stuff"))
     expect(before.supports_public_key_read_access?).to eq(false)
     after = Chef::Server.new("http://api.example.com")
-    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Server 12.6.0\nother stuff\nother stuff"))
+    allow(@rest).to receive(:get).with("version").and_return(StringIO.new("Chef Infra Server 12.6.0\nother stuff\nother stuff"))
     expect(after.supports_public_key_read_access?).to eq(true)
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: knife-ec-backup
 version: !ruby/object:Gem::Version
-  version: 2.5.3
+  version: 3.0.0
 platform: ruby
 authors:
 - John Keiser
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-12 00:00:00.000000000 Z
+date: 2022-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel