diff options
author | Tim Smith <tsmith@chef.io> | 2019-06-20 08:38:37 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-20 08:38:37 +0100 |
commit | 2c9209f42876daf4eb5d343f1cb0ea3fe47ca3e5 (patch) | |
tree | ecc49f81e7442585e39322c92d9568f78c181fa4 | |
parent | 6f37212a543e6f4a5013123178a25c7f5e4120e0 (diff) | |
parent | f6a32bd0cf0c9c4d9b6b149bfb704430819d4930 (diff) | |
download | chef-2c9209f42876daf4eb5d343f1cb0ea3fe47ca3e5.tar.gz |
Merge pull request #8659 from echohack/scaffolding-chef
added scaffolding-chef plan
-rw-r--r-- | habitat-packages/.bldr.toml | 4 | ||||
-rw-r--r-- | habitat-packages/chef-client/config/client.rb (renamed from habitat/config/client.rb) | 12 | ||||
-rw-r--r-- | habitat-packages/chef-client/default.toml (renamed from habitat/default.toml) | 0 | ||||
-rw-r--r-- | habitat-packages/chef-client/hooks/init (renamed from habitat/hooks/init) | 0 | ||||
-rw-r--r-- | habitat-packages/chef-client/hooks/run (renamed from habitat/hooks/run) | 0 | ||||
-rw-r--r-- | habitat-packages/chef-client/plan.sh (renamed from habitat/plan.sh) | 0 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/README.md | 15 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/lib/scaffolding.ps1 | 132 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/lib/scaffolding.sh | 189 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/plan.ps1 | 15 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/plan.sh | 28 |
11 files changed, 389 insertions, 6 deletions
diff --git a/habitat-packages/.bldr.toml b/habitat-packages/.bldr.toml new file mode 100644 index 0000000000..a58453e9a6 --- /dev/null +++ b/habitat-packages/.bldr.toml @@ -0,0 +1,4 @@ +[chef-client] +plan_path = "chef-client/*" +[scaffolding-chef] +plan_path = "scaffolding-chef/*" diff --git a/habitat/config/client.rb b/habitat-packages/chef-client/config/client.rb index db38c62510..3dd6d67e1b 100644 --- a/habitat/config/client.rb +++ b/habitat-packages/chef-client/config/client.rb @@ -4,15 +4,15 @@ pid_file "{{pkg.svc_data_path}}/{{cfg.pid_file}}" data_collector.server_url "{{cfg.data_collector.url}}" data_collector.token "{{cfg.data_collector.token}}" data_collector.mode "{{cfg.data_collector.mode}}".to_sym -data_collector.raise_on_failure {{cfg.data_collector.raise_on_failure}} -minimal_ohai {{cfg.minimal_ohai}} -local_mode {{cfg.local_mode}} +data_collector.raise_on_failure "{{cfg.data_collector.raise_on_failure}}" +minimal_ohai "{{cfg.minimal_ohai}}" +local_mode "{{cfg.local_mode}}" {{#if cfg.chef-client.node_name ~}} node_name "{{cfg.node_name}}" {{/if ~}} -splay {{cfg.splay}} -interval {{cfg.interval}} -log_location {{cfg.log_location}} +splay "{{cfg.splay}}" +interval "{{cfg.interval}}" +log_location "{{cfg.log_location}}" log_level "{{cfg.log_level}}".to_sym {{#if cfg.use_member_id_as_uuid ~}} chef_guid "{{svc.me.member_id}}" diff --git a/habitat/default.toml b/habitat-packages/chef-client/default.toml index 2bea08934b..2bea08934b 100644 --- a/habitat/default.toml +++ b/habitat-packages/chef-client/default.toml diff --git a/habitat/hooks/init b/habitat-packages/chef-client/hooks/init index a23344b2a9..a23344b2a9 100644 --- a/habitat/hooks/init +++ b/habitat-packages/chef-client/hooks/init diff --git a/habitat/hooks/run b/habitat-packages/chef-client/hooks/run index 598d609d7f..598d609d7f 100644 --- a/habitat/hooks/run +++ b/habitat-packages/chef-client/hooks/run diff --git a/habitat/plan.sh b/habitat-packages/chef-client/plan.sh index 5569999a12..5569999a12 100644 --- a/habitat/plan.sh +++ b/habitat-packages/chef-client/plan.sh diff --git a/habitat-packages/scaffolding-chef/README.md b/habitat-packages/scaffolding-chef/README.md new file mode 100644 index 0000000000..e75a9391bf --- /dev/null +++ b/habitat-packages/scaffolding-chef/README.md @@ -0,0 +1,15 @@ +# Chef Scaffolding for Habitat + +This will take a Chef policy file, and build it for use as a habitat service. + +``` +scaffold_policy_name="base" +pkg_name=chef-base +pkg_origin=adam +pkg_version="0.1.0" +pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>" +pkg_license=("Apache-2.0") +pkg_description="The Chef $scaffold_policy_name Policy" +pkg_upstream_url="http://chef.io" +pkg_scaffolding="core/scaffolding-chef" +``` diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.ps1 b/habitat-packages/scaffolding-chef/lib/scaffolding.ps1 new file mode 100644 index 0000000000..d4107a01aa --- /dev/null +++ b/habitat-packages/scaffolding-chef/lib/scaffolding.ps1 @@ -0,0 +1,132 @@ +# +# A scaffolding for Chef Policyfile packages +# + +if (!$scaffold_policy_name) { + Write-Host "You must set `$scaffold_policy_name to a valid policy name. For example:`n `$scaffold_policy_name=base `n Will build a base.rb policyfile." + exit 1 +} + +function Load-Scaffolding { + $scaffold_chef_client = "stuartpreston/chef-client-detox" + $scaffold_chef_dk = "core/chef-dk" + + $pkg_deps += @("$scaffold_chef_client", "core/cacerts") + $pkg_build_deps += @("$scaffold_chef_dk", "core/git") + $pkg_svc_run = "set_just_so_you_will_render" +} + +function Invoke-DefaultBuildService { + New-Item -ItemType directory -Path "$pkg_prefix/hooks" + + Add-Content -Path "$pkg_prefix/hooks/run" -Value @" +function Invoke-ChefClient { + {{pkgPathFor "stuartpreston/chef-client-detox"}}/bin/chef-client.bat -z -l {{cfg.log_level}} -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout {{cfg.run_lock_timeout}} +} + +`$splay_duration = Get-Random -InputObject (0..{{cfg.splay}}) -Count 1 + +`$splay_first_run_duration = Get-Random -InputObject (0..{{cfg.splay_first_run}}) -Count 1 + +`$env:SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem" + +cd {{pkg.path}} + +Start-Sleep -Seconds `$splay_first_run_duration +Invoke-ChefClient + +while(`$true){ + Start-Sleep -Seconds `$splay_duration + Start-Sleep -Seconds {{cfg.interval}} + Invoke-ChefClient +} +"@ +} + + +function Invoke-DefaultBuild { + if (!(Test-Path -Path "$scaffold_policyfile_path")) { + Write-BuildLine "Could not detect a policyfiles directory, this is required to proceed!" + exit 1 + } + + Remove-Item "$scaffold_policyfile_path/*.lock.json" -Force + $policyfile = "$scaffold_policyfile_path/$scaffold_policy_name.rb" + + Get-Content $policyfile | ? { $_.StartsWith("include_policy") } | % { + $p = $_.Split()[1] + $p = $p.Replace("`"", "").Replace(",", "") + Write-BuildLine "Detected included policyfile, $p.rb, installing" + chef install "$scaffold_policyfile_path/$p.rb" + } + Write-BuildLine "Installing $policyfile" + chef install "$policyfile" +} + +function Invoke-DefaultInstall { + Write-BuildLine "Exporting Chef Infra Repository" + chef export "$scaffold_policyfile_path/$scaffold_policy_name.lock.json" "$pkg_prefix" + + Write-BuildLine "Creating Chef Infra configuration" + New-Item -ItemType directory -Path "$pkg_prefix/config" + Add-Content -Path "$pkg_prefix/.chef/config.rb" -Value @" +cache_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/cache").Replace("\","/"))" +node_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/nodes").Replace("\","/"))" +role_path "$($ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath("$pkg_svc_data_path/roles").Replace("\","/"))" +chef_zero.enabled true +ENV['PSModulePath'] += "C:/Program\ Files/WindowsPowerShell/Modules" +"@ + + Write-BuildLine "Creating initial bootstrap configuration" + Copy-Item -Path "$pkg_prefix/.chef/config.rb" -Destination "$pkg_prefix/config/bootstrap-config.rb" + Add-Content -Path "$pkg_prefix/config/bootstrap-config.rb" -Value @" +ENV['PATH'] += ";C:/WINDOWS;C:/WINDOWS/system32/;C:/WINDOWS/system32/WindowsPowerShell/v1.0;C:/ProgramData/chocolatey/bin" +"@ + + Write-BuildLine "Creating Chef Infra client configuration" + Copy-Item -Path "$pkg_prefix/.chef/config.rb" -Destination "$pkg_prefix/config/client-config.rb" + Add-Content -Path "$pkg_prefix/config/client-config.rb" -Value @" +ssl_verify_mode {{cfg.ssl_verify_mode}} +ENV['PATH'] += "{{cfg.env_path_prefix}}" + +{{#if cfg.data_collector.enable ~}} +chef_guid "{{sys.member_id}}" +data_collector.token "{{cfg.data_collector.token}}" +data_collector.server_url "{{cfg.data_collector.server_url}}" +{{/if ~}} +"@ + + Write-BuildLine "Generating config/attributes.json" + Add-Content -Path "$pkg_prefix/config/attributes.json" -Value @" +{{#if cfg.attributes}} +{{toJson cfg.attributes}} +{{else ~}} +{} +{{/if ~}} +"@ + + Write-BuildLine "Generating Chef Habiat configuration, default.toml" + Add-Content -Path "$pkg_prefix/default.toml" -Value @" +interval = 1800 +splay = 1800 +splay_first_run = 0 +run_lock_timeout = 1800 +log_level = "warn" +env_path_prefix = ";C:/WINDOWS;C:/WINDOWS/system32/;C:/WINDOWS/system32/WindowsPowerShell/v1.0;C:/ProgramData/chocolatey/bin" +ssl_verify_mode = ":verify_peer" + +[chef_license] +acceptance = "undefined" + +[data_collector] +enable = false +token = "set_to_your_token" +server_url = "set_to_your_url" +"@ + + $scaffold_data_bags_path = "not_using_data_bags" # Set default to some string so Test-Path returns false instead of error. Thanks Powershell! + if (Test-Path "$scaffold_data_bags_path") { + Write-BuildLine "Detected a data bags directory, installing into package" + Copy-Item "$scaffold_data_bags_path/*" -Destination "$pkg_prefix" -Recurse + } +} diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.sh b/habitat-packages/scaffolding-chef/lib/scaffolding.sh new file mode 100644 index 0000000000..7c098ff1cf --- /dev/null +++ b/habitat-packages/scaffolding-chef/lib/scaffolding.sh @@ -0,0 +1,189 @@ +# +# A scaffolding for Chef Policyfile packages +# + +if [ -z "${scaffold_policy_name+x}" ]; then + echo "You must set \$scaffold_policy_name to a valid policy name. For example:" + echo + echo "\$scaffold_policy_name=base" + echo + echo "Will build a base.rb policyfile" + exit 1 +fi + +scaffolding_load() { + : "${scaffold_chef_client:=chef/chef-client}" + : "${scaffold_chef_dk:=chef/chef-dk}" + : "${scaffold_policyfiles_path:=$PLAN_CONTEXT/../policyfiles}" + : "${scaffold_data_bags_path:=$PLAN_CONTEXT/../data_bags}" + + pkg_deps=( + "${pkg_deps[@]}" + "${scaffold_chef_client}" + "core/cacerts" + ) + pkg_build_deps=( + "${pkg_build_deps[@]}" + "${scaffold_chef_dk}" + "core/git" + ) + + pkg_svc_user="root" + pkg_svc_run="set_just_so_you_will_render" +} + +do_default_download() { + return 0 +} + +do_default_verify() { + return 0 +} + +do_default_unpack() { + return 0 +} + +do_default_build_service() { + ## Create hooks + build_line "Creating lifecycle hooks" + mkdir -p "${pkg_prefix}/hooks" + chmod 0750 "${pkg_prefix}/hooks" + + # Run hook + cat << EOF >> "${pkg_prefix}/hooks/run" +#!/bin/sh + +CFG_ENV_PATH_PREFIX={{cfg.env_path_prefix}} +CFG_ENV_PATH_PREFIX="\${CFG_ENV_PATH_PREFIX:-/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin}" +CFG_INTERVAL={{cfg.interval}} +CFG_INTERVAL="\${CFG_INTERVAL:-1800}" +CFG_LOG_LEVEL={{cfg.log_level}} +CFG_LOG_LEVEL="\${CFG_LOG_LEVEL:-warn}" +CFG_RUN_LOCK_TIMEOUT={{cfg.run_lock_timeout}} +CFG_RUN_LOCK_TIMEOUT="\${CFG_RUN_LOCK_TIMEOUT:-1800}" +CFG_SPLAY={{cfg.splay}} +CFG_SPLAY="\${CFG_SPLAY:-1800}" +CFG_SPLAY_FIRST_RUN={{cfg.splay_first_run}} +CFG_SPLAY_FIRST_RUN="\${CFG_SPLAY_FIRST_RUN:-0}" +CFG_SSL_VERIFY_MODE={{cfg.ssl_verify_mode}} +CFG_SSL_VERIFY_MODE="\${CFG_SSL_VERIFY_MODE:-:verify_peer}" + +chef_client_cmd() +{ + chef-client -z -l \$CFG_LOG_LEVEL -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout \$CFG_RUN_LOCK_TIMEOUT +} + +SPLAY_DURATION=\$(shuf -i 0-\$CFG_SPLAY -n 1) + +SPLAY_FIRST_RUN_DURATION=\$(shuf -i 0-\$CFG_SPLAY_FIRST_RUN -n 1) + +export SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem" + +cd {{pkg.path}} + +exec 2>&1 +sleep \$SPLAY_FIRST_RUN_DURATION +chef_client_cmd + +while true; do + +sleep \$SPLAY_DURATION +sleep \$CFG_INTERVAL +chef_client_cmd +done +EOF + + chmod 0750 "${pkg_prefix}/hooks/run" +} + +do_default_build() { + if [ ! -d "${scaffold_policyfiles_path}" ]; then + build_line "Could not detect a policyfiles directory, this is required to proceed!" + exit 1 + fi + + rm -f "${scaffold_policyfiles_path}"/*.lock.json + + policyfile="${scaffold_policyfiles_path}/${scaffold_policy_name}.rb" + + for p in $(grep include_policy "${policyfile}" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do + build_line "Detected included policyfile, ${p}.rb, installing" + chef install "${scaffold_policyfiles_path}/${p}.rb" + done + + build_line "Installing ${policyfile}" + chef install "${policyfile}" +} + +do_default_install() { + build_line "Exporting Chef Infra Repository" + chef export "${scaffold_policyfiles_path}/${scaffold_policy_name}.lock.json" "${pkg_prefix}" + + build_line "Creating Chef Infra configuration" + mkdir -p "${pkg_prefix}/config" + chmod 0750 "${pkg_prefix}/config" + cat << EOF >> "${pkg_prefix}/.chef/config.rb" +cache_path "$pkg_svc_data_path/cache" +node_path "$pkg_svc_data_path/nodes" +role_path "$pkg_svc_data_path/roles" + +chef_zero.enabled true +EOF + + build_line "Creating initial bootstrap configuration" + cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/bootstrap-config.rb" + cat << EOF >> "${pkg_prefix}/config/bootstrap-config.rb" +ENV['PATH'] = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:#{ENV['PATH']}" +EOF + + build_line "Creating Chef Infra client configuration" + cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/client-config.rb" + cat << EOF >> "${pkg_prefix}/config/client-config.rb" +ssl_verify_mode {{cfg.ssl_verify_mode}} +ENV['PATH'] = "{{cfg.env_path_prefix}}:#{ENV['PATH']}" + +{{#if cfg.data_collector.enable ~}} +chef_guid "{{sys.member_id}}" +data_collector.token "{{cfg.data_collector.token}}" +data_collector.server_url "{{cfg.data_collector.server_url}}" +{{/if ~}} +EOF + chmod 0640 "${pkg_prefix}/config/client-config.rb" + + build_line "Generating config/attributes.json" + cat << EOF >> "${pkg_prefix}/config/attributes.json" +{{#if cfg.attributes ~}} +{{toJson cfg.attributes}} +{{else ~}} +{} +{{/if ~}} +EOF + + build_line "Generating Chef Habitat configuration, default.toml" + cat << EOF >> "${pkg_prefix}/default.toml" +interval = 1800 +splay = 1800 +splay_first_run = 0 +run_lock_timeout = 1800 +log_level = "warn" +chef_client_ident = "" # this is blank by default so it can be populated from the bind +env_path_prefix = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin" +ssl_verify_mode = ":verify_peer" + +[data_collector] +enable = false +token = "set_to_your_token" +server_url = "set_to_your_url" +EOF + chmod 0640 "${pkg_prefix}/default.toml" + + if [ -d "${scaffold_data_bags_path}" ]; then + build_line "Detected a data bags directory, installing into package" + cp -a "${scaffold_data_bags_path}" "${pkg_prefix}" + fi +} + +do_default_strip() { + return 0 +} diff --git a/habitat-packages/scaffolding-chef/plan.ps1 b/habitat-packages/scaffolding-chef/plan.ps1 new file mode 100644 index 0000000000..d61241056a --- /dev/null +++ b/habitat-packages/scaffolding-chef/plan.ps1 @@ -0,0 +1,15 @@ +$pkg_name="scaffolding-chef" +$pkg_description="Scaffolding for Chef Policyfiles" +$pkg_origin="chef" +$pkg_version="0.6.0" +$pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>" +$pkg_license=("Apache-2.0") +$pkg_upstream_url="https://www.chef.sh" +$pkg_build_deps=@( + "core/chefdk" + "core/git" + ) +function Invoke-Install { + New-Item -ItemType directory -Path "${pkg_prefix}/lib" + Copy-Item -Path "$PLAN_CONTEXT/lib/scaffolding.ps1" -Destination "$pkg_prefix/lib/scaffolding.ps1" +} diff --git a/habitat-packages/scaffolding-chef/plan.sh b/habitat-packages/scaffolding-chef/plan.sh new file mode 100644 index 0000000000..d3d49dfdc3 --- /dev/null +++ b/habitat-packages/scaffolding-chef/plan.sh @@ -0,0 +1,28 @@ +pkg_name=scaffolding-chef +pkg_description="Scaffolding for Chef Policyfiles" +pkg_origin=chef +pkg_version="0.5.0" +pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>" +pkg_license=('Apache-2.0') +pkg_source=nope +pkg_upstream_url="https://www.chef.sh" + +do_download() { + return 0 +} + +do_verify() { + return 0 +} + +do_unpack() { + return 0 +} + +do_build() { + return 0 +} + +do_install() { + install -D -m 0644 "$PLAN_CONTEXT/lib/scaffolding.sh" "$pkg_prefix/lib/scaffolding.sh" +} |