ogre 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.coveralls.yml +1 -0
- data/.gitignore +20 -0
- data/.rubocop.yml +16 -0
- data/.travis.yml +3 -0
- data/Gemfile +4 -0
- data/README.md +102 -0
- data/Rakefile +18 -0
- data/bin/ogre +4 -0
- data/lib/ogre.rb +44 -0
- data/lib/ogre/associate.rb +57 -0
- data/lib/ogre/base.rb +21 -0
- data/lib/ogre/config.rb +18 -0
- data/lib/ogre/messages.rb +84 -0
- data/lib/ogre/org-create.rb +96 -0
- data/lib/ogre/org-delete.rb +29 -0
- data/lib/ogre/runner.rb +40 -0
- data/lib/ogre/set-private-key.rb +57 -0
- data/lib/ogre/skeletons/code_generator/files/default/chefignore +95 -0
- data/lib/ogre/skeletons/code_generator/files/default/cookbook_readmes/README-policy.md +9 -0
- data/lib/ogre/skeletons/code_generator/files/default/cookbook_readmes/README.md +54 -0
- data/lib/ogre/skeletons/code_generator/files/default/gitignore +16 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/README.md +66 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/cookbooks/example/attributes/default.rb +7 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/cookbooks/example/metadata.rb +3 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/cookbooks/example/recipes/default.rb +8 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/data_bags/README.md +58 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/data_bags/example/example_item.json +4 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/README.md +9 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/_default.json +9 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/dev.json +21 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/example.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/int.json +21 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/prod.json +21 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/qa.json +21 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/environments/stage.json +21 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/README.md +9 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/active-base.json +12 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/example.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/loc_caeast.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/loc_canada.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/loc_cawest.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/loc_useast.json +13 -0
- data/lib/ogre/skeletons/code_generator/files/default/repo/roles/loc_uswest.json +13 -0
- data/lib/ogre/skeletons/code_generator/metadata.rb +8 -0
- data/lib/ogre/skeletons/code_generator/recipes/repo.rb +52 -0
- data/lib/ogre/skeletons/code_generator/templates/default/LICENSE.all_rights.erb +3 -0
- data/lib/ogre/skeletons/code_generator/templates/default/LICENSE.apache2.erb +201 -0
- data/lib/ogre/skeletons/code_generator/templates/default/LICENSE.gplv2.erb +339 -0
- data/lib/ogre/skeletons/code_generator/templates/default/LICENSE.gplv3.erb +674 -0
- data/lib/ogre/skeletons/code_generator/templates/default/LICENSE.mit.erb +21 -0
- data/lib/ogre/skeletons/code_generator/templates/default/README.md.erb +4 -0
- data/lib/ogre/skeletons/code_generator/templates/default/cookbook_file.erb +0 -0
- data/lib/ogre/skeletons/code_generator/templates/default/knife.rb.erb +44 -0
- data/lib/ogre/skeletons/code_generator/templates/default/metadata.rb.erb +8 -0
- data/lib/ogre/skeletons/code_generator/templates/default/repo/gitignore.erb +11 -0
- data/lib/ogre/user-create.rb +40 -0
- data/lib/ogre/user-delete.rb +39 -0
- data/lib/ogre/version.rb +5 -0
- data/ogre.gemspec +45 -0
- data/spec/fixtures/client_key/dummy.pem +27 -0
- data/spec/fixtures/vcr_cassettes/associate-no-org.yml +65 -0
- data/spec/fixtures/vcr_cassettes/associate-no-user.yml +65 -0
- data/spec/fixtures/vcr_cassettes/associate-user-exists.yml +135 -0
- data/spec/fixtures/vcr_cassettes/associate.yml +406 -0
- data/spec/fixtures/vcr_cassettes/org-create-exists.yml +69 -0
- data/spec/fixtures/vcr_cassettes/org-create.yml +71 -0
- data/spec/fixtures/vcr_cassettes/org-delete-no-org.yml +61 -0
- data/spec/fixtures/vcr_cassettes/org-delete.yml +68 -0
- data/spec/fixtures/vcr_cassettes/set-private-key.yml +239 -0
- data/spec/fixtures/vcr_cassettes/user-create-bad-email.yml +66 -0
- data/spec/fixtures/vcr_cassettes/user-create-exists.yml +70 -0
- data/spec/fixtures/vcr_cassettes/user-create-short-password.yml +66 -0
- data/spec/fixtures/vcr_cassettes/user-create.yml +72 -0
- data/spec/fixtures/vcr_cassettes/user-delete-not-found.yml +61 -0
- data/spec/fixtures/vcr_cassettes/user-delete.yml +136 -0
- data/spec/ogre/associate_spec.rb +67 -0
- data/spec/ogre/org-create_spec.rb +52 -0
- data/spec/ogre/org-delete_spec.rb +34 -0
- data/spec/ogre/set-private-key_spec.rb +16 -0
- data/spec/ogre/user-create_spec.rb +58 -0
- data/spec/ogre/user-delete_spec.rb +34 -0
- data/spec/spec_helper.rb +16 -0
- metadata +349 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
module Ogre
|
2
|
+
# Delete organization through Chef::REST object
|
3
|
+
class OrgDelete < Ogre::Base
|
4
|
+
include Thor::Actions
|
5
|
+
|
6
|
+
# required
|
7
|
+
argument :org, type: :string, desc: DESC_ORG
|
8
|
+
|
9
|
+
class_option :force, aliases: '-f', default: false, type: :boolean, desc: DESC_FORCE
|
10
|
+
|
11
|
+
# Organization delete
|
12
|
+
def org_delete
|
13
|
+
# prompt user
|
14
|
+
exit unless options[:force] || HighLine.agree("Deleting '#{org}' is permanent. Do you want to proceed? (y/n)")
|
15
|
+
|
16
|
+
begin
|
17
|
+
chef_rest.delete_rest("/organizations/#{org}")
|
18
|
+
puts "'#{org}' org has been deleted."
|
19
|
+
rescue Net::HTTPServerException => e
|
20
|
+
# does not exist, exit gracefully
|
21
|
+
if e.response.code == '404'
|
22
|
+
puts "#{org} org does not exist"
|
23
|
+
else
|
24
|
+
raise e
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
data/lib/ogre/runner.rb
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'ogre'
|
2
|
+
|
3
|
+
module Ogre
|
4
|
+
# wrapper to assist aruba in single process execution
|
5
|
+
class Runner
|
6
|
+
def initialize(argv, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = Kernel)
|
7
|
+
@argv, @stdin, @stdout, @stderr, @kernel = argv, stdin, stdout, stderr, kernel
|
8
|
+
end
|
9
|
+
|
10
|
+
# rubocop:disable MethodLength
|
11
|
+
def execute!
|
12
|
+
exit_code = begin
|
13
|
+
$stderr = @stderr
|
14
|
+
$stdin = @stdin
|
15
|
+
$stdout = @stdout
|
16
|
+
|
17
|
+
Ogre::CLI.start(@argv)
|
18
|
+
|
19
|
+
# Thor::Base#start does not have a return value
|
20
|
+
# assume success if no exception is raised.
|
21
|
+
0
|
22
|
+
rescue StandardError => err
|
23
|
+
# The ruby interpreter would pipe this to STDERR and
|
24
|
+
# exit 1 in the case of an unhandled exception
|
25
|
+
b = err.backtrace
|
26
|
+
b.unshift("#{b.shift}: #{err.message} (#{err.class})")
|
27
|
+
@stderr.puts(b.map { |s| "\tfrom #{s}" }.join("\n"))
|
28
|
+
1
|
29
|
+
ensure
|
30
|
+
# put them back.
|
31
|
+
$stderr = STDERR
|
32
|
+
$stdin = STDIN
|
33
|
+
$stdout = STDOUT
|
34
|
+
end
|
35
|
+
# Proxy exit code back to the injected kernel.
|
36
|
+
@kernel.exit(exit_code)
|
37
|
+
end
|
38
|
+
# rubocop:enable MethodLength
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
require 'vcoworkflows'
|
2
|
+
|
3
|
+
module Ogre
|
4
|
+
# Set Private Key is used to set a chef validation key via a vco workflow
|
5
|
+
class SetPrivateKey < Thor::Group
|
6
|
+
include Thor::Actions
|
7
|
+
# required
|
8
|
+
argument :chef_hostname, type: :string, desc: DESC_CHEF_HOSTNAME
|
9
|
+
argument :chef_validator_name, type: :string, desc: DESC_CHEF_VALIDATOR
|
10
|
+
argument :key_path, type: :string, desc: DESC_PRIVATE_KEY
|
11
|
+
# vcenter orchestrator options
|
12
|
+
class_option :vco_url, type: :string, desc: DESC_VCO_URL
|
13
|
+
class_option :vco_user, tydpe: :string, desc: DESC_VCO_USER
|
14
|
+
class_option :vco_password, type: :string, desc: DESC_VCO_PASSWORD
|
15
|
+
class_option :vco_wf_name, type: :string, desc: DESC_VCO_WF_NAME
|
16
|
+
class_option :vco_verify_ssl, type: :boolean, desc: DESC_VCO_VERIFY_SSL
|
17
|
+
|
18
|
+
# rubocop:disable CyclomaticComplexity, PerceivedComplexity
|
19
|
+
# Execute vcoworkflows gem to call set private key
|
20
|
+
def set_private_key
|
21
|
+
# get workflow
|
22
|
+
# rubocop:disable AlignParameters, SpaceAroundOperators
|
23
|
+
workflow = VcoWorkflows::Workflow.new(options[:vco_wf_name] || Config.options[:vco_wf_name],
|
24
|
+
url: options[:vco_url] || Config.options[:vco_url],
|
25
|
+
verify_ssl: options[:vco_verify_ssl] || Config.options[:vco_verify_ssl],
|
26
|
+
username: options[:vco_user] || Config.options[:vco_user],
|
27
|
+
password: options[:vco_password] || Config.options[:vco_password])
|
28
|
+
# rubocop:enable AlignParameters, SpaceAroundOperators
|
29
|
+
|
30
|
+
# set parameters
|
31
|
+
workflow.parameter('chefHostname', chef_hostname)
|
32
|
+
workflow.parameter('userid', chef_validator_name)
|
33
|
+
workflow.parameter('pem', File.read(key_path))
|
34
|
+
|
35
|
+
# run workflow
|
36
|
+
execution_id = workflow.execute
|
37
|
+
|
38
|
+
# check status
|
39
|
+
finished = false
|
40
|
+
until finished
|
41
|
+
# Fetch a new workflow token to check the status of the workflow execution
|
42
|
+
wf_token = workflow.token
|
43
|
+
# If the execution is no longer alive, exit the loop
|
44
|
+
unless wf_token.alive?
|
45
|
+
finished = true
|
46
|
+
execution_id
|
47
|
+
end
|
48
|
+
sleep 5
|
49
|
+
end
|
50
|
+
|
51
|
+
# output result
|
52
|
+
log = workflow.token(execution_id).to_s
|
53
|
+
puts log.slice(0..log.index('Input Parameters:') - 2)
|
54
|
+
end
|
55
|
+
# rubocop:enable CyclomaticComplexity, PerceivedComplexity
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
# Put files/directories that should be ignored in this file when uploading
|
2
|
+
# or sharing to the community site.
|
3
|
+
# Lines that start with '# ' are comments.
|
4
|
+
|
5
|
+
# OS generated files #
|
6
|
+
######################
|
7
|
+
.DS_Store
|
8
|
+
Icon?
|
9
|
+
nohup.out
|
10
|
+
ehthumbs.db
|
11
|
+
Thumbs.db
|
12
|
+
|
13
|
+
# SASS #
|
14
|
+
########
|
15
|
+
.sass-cache
|
16
|
+
|
17
|
+
# EDITORS #
|
18
|
+
###########
|
19
|
+
\#*
|
20
|
+
.#*
|
21
|
+
*~
|
22
|
+
*.sw[a-z]
|
23
|
+
*.bak
|
24
|
+
REVISION
|
25
|
+
TAGS*
|
26
|
+
tmtags
|
27
|
+
*_flymake.*
|
28
|
+
*_flymake
|
29
|
+
*.tmproj
|
30
|
+
.project
|
31
|
+
.settings
|
32
|
+
mkmf.log
|
33
|
+
|
34
|
+
## COMPILED ##
|
35
|
+
##############
|
36
|
+
a.out
|
37
|
+
*.o
|
38
|
+
*.pyc
|
39
|
+
*.so
|
40
|
+
*.com
|
41
|
+
*.class
|
42
|
+
*.dll
|
43
|
+
*.exe
|
44
|
+
*/rdoc/
|
45
|
+
|
46
|
+
# Testing #
|
47
|
+
###########
|
48
|
+
.watchr
|
49
|
+
.rspec
|
50
|
+
spec/*
|
51
|
+
spec/fixtures/*
|
52
|
+
test/*
|
53
|
+
features/*
|
54
|
+
Guardfile
|
55
|
+
Procfile
|
56
|
+
|
57
|
+
# SCM #
|
58
|
+
#######
|
59
|
+
.git
|
60
|
+
*/.git
|
61
|
+
.gitignore
|
62
|
+
.gitmodules
|
63
|
+
.gitconfig
|
64
|
+
.gitattributes
|
65
|
+
.svn
|
66
|
+
*/.bzr/*
|
67
|
+
*/.hg/*
|
68
|
+
*/.svn/*
|
69
|
+
|
70
|
+
# Berkshelf #
|
71
|
+
#############
|
72
|
+
Berksfile
|
73
|
+
Berksfile.lock
|
74
|
+
cookbooks/*
|
75
|
+
tmp
|
76
|
+
|
77
|
+
# Cookbooks #
|
78
|
+
#############
|
79
|
+
CONTRIBUTING
|
80
|
+
|
81
|
+
# Strainer #
|
82
|
+
############
|
83
|
+
Colanderfile
|
84
|
+
Strainerfile
|
85
|
+
.colander
|
86
|
+
.strainer
|
87
|
+
|
88
|
+
# Vagrant #
|
89
|
+
###########
|
90
|
+
.vagrant
|
91
|
+
Vagrantfile
|
92
|
+
|
93
|
+
# Travis #
|
94
|
+
##########
|
95
|
+
.travis.yml
|
@@ -0,0 +1,9 @@
|
|
1
|
+
This directory typically contains Chef cookbooks. This repository was
|
2
|
+
generated with the '--policy-only' option, which means you have chosen
|
3
|
+
to use a workflow where each cookbook is treated as an independent
|
4
|
+
software project. As a result, any cookbooks present in this directory
|
5
|
+
are independent git projects, and the contents of this directory have
|
6
|
+
been added to .gitignore.
|
7
|
+
|
8
|
+
Love,
|
9
|
+
Chef
|
@@ -0,0 +1,54 @@
|
|
1
|
+
This directory contains the cookbooks used to configure systems in your infrastructure with Chef - an example basic cookbook called `example` has been automatically created for you.
|
2
|
+
|
3
|
+
Knife needs to be configured to know where the cookbooks are located with the `cookbook_path` setting. If this is not set, then several cookbook operations will fail to work properly.
|
4
|
+
|
5
|
+
cookbook_path ["./cookbooks"]
|
6
|
+
|
7
|
+
This setting tells knife to look for the cookbooks directory in the present working directory. This means the knife cookbook subcommands need to be run in the `chef-repo` directory itself. To make sure that the cookbooks can be found elsewhere inside the repository, use an absolute path. This is a Ruby file, so something like the following can be used:
|
8
|
+
|
9
|
+
current_dir = File.dirname(__FILE__)
|
10
|
+
cookbook_path ["#{current_dir}/../cookbooks"]
|
11
|
+
|
12
|
+
Which will set `current_dir` to the location of the knife.rb file itself (e.g. `~/chef-repo/.chef/knife.rb`).
|
13
|
+
|
14
|
+
Configure knife to use your preferred copyright holder, email contact and license. Add the following lines to `.chef/knife.rb`.
|
15
|
+
|
16
|
+
cookbook_copyright "Example, Com."
|
17
|
+
cookbook_email "cookbooks@example.com"
|
18
|
+
cookbook_license "apachev2"
|
19
|
+
|
20
|
+
Supported values for `cookbook_license` are "apachev2", "mit","gplv2","gplv3", or "none". These settings are used to prefill comments in the default recipe, and the corresponding values in the metadata.rb. You are free to change the the comments in those files.
|
21
|
+
|
22
|
+
Create new cookbooks in this directory with Knife.
|
23
|
+
|
24
|
+
knife cookbook create COOKBOOK
|
25
|
+
|
26
|
+
This will create all the cookbook directory components. You don't need to use them all, and can delete the ones you don't need. It also creates a README file, metadata.rb and default recipe.
|
27
|
+
|
28
|
+
You can also download cookbooks directly from the Opscode Cookbook Site. There are two subcommands to help with this depending on what your preference is.
|
29
|
+
|
30
|
+
The first and recommended method is to use a vendor branch if you're using Git. This is automatically handled with Knife.
|
31
|
+
|
32
|
+
knife cookbook site install COOKBOOK
|
33
|
+
|
34
|
+
This will:
|
35
|
+
|
36
|
+
* Download the cookbook tarball from the Chef Supermarket.
|
37
|
+
* Ensure its on the git master branch.
|
38
|
+
* Checks for an existing vendor branch, and creates if it doesn't.
|
39
|
+
* Checks out the vendor branch (chef-vendor-COOKBOOK).
|
40
|
+
* Removes the existing (old) version.
|
41
|
+
* Untars the cookbook tarball it downloaded in the first step.
|
42
|
+
* Adds the cookbook files to the git index and commits.
|
43
|
+
* Creates a tag for the version downloaded.
|
44
|
+
* Checks out the master branch again.
|
45
|
+
* Merges the cookbook into master.
|
46
|
+
* Repeats the above for all the cookbooks dependencies, downloading them from the community site
|
47
|
+
|
48
|
+
The last step will ensure that any local changes or modifications you have made to the cookbook are preserved, so you can keep your changes through upstream updates.
|
49
|
+
|
50
|
+
If you're not using Git, use the site download subcommand to download the tarball.
|
51
|
+
|
52
|
+
knife cookbook site download COOKBOOK
|
53
|
+
|
54
|
+
This creates the COOKBOOK.tar.gz from in the current directory (e.g., `~/chef-repo`). We recommend following a workflow similar to the above for your version control tool.
|
@@ -0,0 +1,66 @@
|
|
1
|
+
Overview
|
2
|
+
========
|
3
|
+
|
4
|
+
Every Chef installation needs a Chef Repository. This is the place where cookbooks, roles, config files and other artifacts for managing systems with Chef will live. We strongly recommend storing this repository in a version control system such as Git and treat it like source code.
|
5
|
+
|
6
|
+
While we prefer Git, and make this repository available via GitHub, you are welcome to download a tar or zip archive and use your favorite version control system to manage the code.
|
7
|
+
|
8
|
+
Repository Directories
|
9
|
+
======================
|
10
|
+
|
11
|
+
This repository contains several directories, and each directory contains a README file that describes what it is for in greater detail, and how to use it for managing your systems with Chef.
|
12
|
+
|
13
|
+
* `certificates/` - SSL certificates generated by `rake ssl_cert` live here.
|
14
|
+
* `config/` - Contains the Rake configuration file, `rake.rb`.
|
15
|
+
* `cookbooks/` - Cookbooks you download or create.
|
16
|
+
* `data_bags/` - Store data bags and items in .json in the repository.
|
17
|
+
* `roles/` - Store roles in .rb or .json in the repository.
|
18
|
+
|
19
|
+
Rake Tasks
|
20
|
+
==========
|
21
|
+
|
22
|
+
The repository contains a `Rakefile` that includes tasks that are installed with the Chef libraries. To view the tasks available with in the repository with a brief description, run `rake -T`.
|
23
|
+
|
24
|
+
The default task (`default`) is run when executing `rake` with no arguments. It will call the task `test_cookbooks`.
|
25
|
+
|
26
|
+
The following tasks are not directly replaced by knife sub-commands.
|
27
|
+
|
28
|
+
* `bundle_cookbook[cookbook]` - Creates cookbook tarballs in the `pkgs/` dir.
|
29
|
+
* `install` - Calls `update`, `roles` and `upload_cookbooks` Rake tasks.
|
30
|
+
* `ssl_cert` - Create self-signed SSL certificates in `certificates/` dir.
|
31
|
+
* `update` - Update the repository from source control server, understands git and svn.
|
32
|
+
|
33
|
+
The following tasks duplicate functionality from knife and may be removed in a future version of Chef.
|
34
|
+
|
35
|
+
* `metadata` - replaced by `knife cookbook metadata -a`.
|
36
|
+
* `new_cookbook` - replaced by `knife cookbook create`.
|
37
|
+
* `role[role_name]` - replaced by `knife role from file`.
|
38
|
+
* `roles` - iterates over the roles and uploads with `knife role from file`.
|
39
|
+
* `test_cookbooks` - replaced by `knife cookbook test -a`.
|
40
|
+
* `test_cookbook[cookbook]` - replaced by `knife cookbook test COOKBOOK`.
|
41
|
+
* `upload_cookbooks` - replaced by `knife cookbook upload -a`.
|
42
|
+
* `upload_cookbook[cookbook]` - replaced by `knife cookbook upload COOKBOOK`.
|
43
|
+
|
44
|
+
Configuration
|
45
|
+
=============
|
46
|
+
|
47
|
+
The repository uses two configuration files.
|
48
|
+
|
49
|
+
* config/rake.rb
|
50
|
+
* .chef/knife.rb
|
51
|
+
|
52
|
+
The first, `config/rake.rb` configures the Rakefile in two sections.
|
53
|
+
|
54
|
+
* Constants used in the `ssl_cert` task for creating the certificates.
|
55
|
+
* Constants that set the directory locations used in various tasks.
|
56
|
+
|
57
|
+
If you use the `ssl_cert` task, change the values in the `config/rake.rb` file appropriately. These values were also used in the `new_cookbook` task, but that task is replaced by the `knife cookbook create` command which can be configured below.
|
58
|
+
|
59
|
+
The second config file, `.chef/knife.rb` is a repository specific configuration file for knife. If you're using the Opscode Platform, you can download one for your organization from the management console. If you're using the Open Source Chef Server, you can generate a new one with `knife configure`. For more information about configuring Knife, see the Knife documentation.
|
60
|
+
|
61
|
+
http://docs.chef.io/knife.html
|
62
|
+
|
63
|
+
Next Steps
|
64
|
+
==========
|
65
|
+
|
66
|
+
Read the README file in each of the subdirectories for more information about what goes in those directories.
|
data/lib/ogre/skeletons/code_generator/files/default/repo/cookbooks/example/attributes/default.rb
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
# This is a Chef attributes file. It can be used to specify default and override
|
2
|
+
# attributes to be applied to nodes that run this cookbook.
|
3
|
+
|
4
|
+
# Set a default name
|
5
|
+
default["example"]["name"] = "Sam Doe"
|
6
|
+
|
7
|
+
# For further information, see the Chef documentation (http://docs.getchef.com/essentials_cookbook_attribute_files.html).
|
data/lib/ogre/skeletons/code_generator/files/default/repo/cookbooks/example/recipes/default.rb
ADDED
@@ -0,0 +1,8 @@
|
|
1
|
+
# This is a Chef recipe file. It can be used to specify resources which will
|
2
|
+
# apply configuration to a server.
|
3
|
+
|
4
|
+
log "Welcome to Chef, #{node["example"]["name"]}!" do
|
5
|
+
level :info
|
6
|
+
end
|
7
|
+
|
8
|
+
# For more information, see the documentation: http://docs.getchef.com/essentials_cookbook_recipes.html
|
@@ -0,0 +1,58 @@
|
|
1
|
+
Data Bags
|
2
|
+
---------
|
3
|
+
|
4
|
+
This directory contains directories of the various data bags you create for your infrastructure. Each subdirectory corresponds to a data bag on the Chef Server, and contains JSON files of the items that go in the bag.
|
5
|
+
|
6
|
+
For example, in this directory you'll find an example data bag directory called `example`, which contains an item definition called `example_item.json`
|
7
|
+
|
8
|
+
Before uploading this item to the server, we must first create the data bag on the Chef Server.
|
9
|
+
|
10
|
+
knife data bag create example
|
11
|
+
|
12
|
+
Then we can upload the items in the data bag's directory to the Chef Server.
|
13
|
+
|
14
|
+
knife data bag from file example example_item.json
|
15
|
+
|
16
|
+
For more information on data bags, see the Chef wiki page:
|
17
|
+
|
18
|
+
https://docs.getchef.com/essentials_data_bags.html
|
19
|
+
|
20
|
+
Encrypted Data Bags
|
21
|
+
-------------------
|
22
|
+
|
23
|
+
Added in Chef 0.10, encrypted data bags allow you to encrypt the contents of your data bags. The content of attributes will no longer be searchable. To use encrypted data bags, first you must have or create a secret key.
|
24
|
+
|
25
|
+
openssl rand -base64 512 > secret_key
|
26
|
+
|
27
|
+
You may use this secret_key to add items to a data bag during a create.
|
28
|
+
|
29
|
+
knife data bag create --secret-file secret_key passwords mysql
|
30
|
+
|
31
|
+
You may also use it when adding ITEMs from files,
|
32
|
+
|
33
|
+
knife data bag create passwords
|
34
|
+
knife data bag from file passwords data_bags/passwords/mysql.json --secret-file secret_key
|
35
|
+
|
36
|
+
The JSON for the ITEM must contain a key named "id" with a value equal to "ITEM" and the contents will be encrypted when uploaded. For example,
|
37
|
+
|
38
|
+
{
|
39
|
+
"id": "mysql",
|
40
|
+
"password": "abc123"
|
41
|
+
}
|
42
|
+
|
43
|
+
Without the secret_key, the contents are encrypted.
|
44
|
+
|
45
|
+
knife data bag show passwords mysql
|
46
|
+
id: mysql
|
47
|
+
password: 2I0XUUve1TXEojEyeGsjhw==
|
48
|
+
|
49
|
+
Use the secret_key to view the contents.
|
50
|
+
|
51
|
+
knife data bag show passwords mysql --secret-file secret_key
|
52
|
+
id: mysql
|
53
|
+
password: abc123
|
54
|
+
|
55
|
+
|
56
|
+
For more information on encrypted data bags, see the Chef wiki page:
|
57
|
+
|
58
|
+
https://docs.getchef.com/essentials_data_bags.html
|