update scaffolding to modern version, but build with Chef14

Signed-off-by: echohack <echohack@users.noreply.github.com>

2 files changed, 68 insertions, 49 deletions

diff --git a/habitat-packages/chef-client/config/client.rb b/habitat-packages/chef-client/config/client.rb
index 0572188de3..c7a12c2b85 100644
--- a/habitat-packages/chef-client/config/client.rb
+++ b/habitat-packages/chef-client/config/client.rb
@@ -1,4 +1,4 @@
-# rubocop:disable Lint/Syntax
+# rubocop:disable all
 chef_repo_path "{{pkg.svc_data_path}}/chef"
 file_backup_path "{{pkg.svc_data_path}}/{{cfg.file_backup_path}}"
 pid_file "{{pkg.svc_data_path}}/{{cfg.pid_file}}"
@@ -18,3 +18,4 @@ log_level "{{cfg.log_level}}".to_sym
 {{#if cfg.use_member_id_as_uuid ~}}
 chef_guid "{{svc.me.member_id}}"
 {{/if ~}}
+# rubocop:enable all
diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.sh b/habitat-packages/scaffolding-chef/lib/scaffolding.sh
index a938717def..7c098ff1cf 100644
--- a/habitat-packages/scaffolding-chef/lib/scaffolding.sh
+++ b/habitat-packages/scaffolding-chef/lib/scaffolding.sh
@@ -14,15 +14,17 @@ fi
 scaffolding_load() {
   : "${scaffold_chef_client:=chef/chef-client}"
   : "${scaffold_chef_dk:=chef/chef-dk}"
+  : "${scaffold_policyfiles_path:=$PLAN_CONTEXT/../policyfiles}"
+  : "${scaffold_data_bags_path:=$PLAN_CONTEXT/../data_bags}"
 
   pkg_deps=(
     "${pkg_deps[@]}"
-    "$scaffold_chef_client"
+    "${scaffold_chef_client}"
     "core/cacerts"
   )
   pkg_build_deps=(
     "${pkg_build_deps[@]}"
-    "$scaffold_chef_dk"
+    "${scaffold_chef_dk}"
     "core/git"
   )
 
@@ -44,33 +46,42 @@ do_default_unpack() {
 
 do_default_build_service() {
   ## Create hooks
-  mkdir -p "$pkg_prefix/hooks"
-  chmod 0750 "$pkg_prefix/hooks"
+  build_line "Creating lifecycle hooks"
+  mkdir -p "${pkg_prefix}/hooks"
+  chmod 0750 "${pkg_prefix}/hooks"
 
   # Run hook
-  cat << EOF >> "$pkg_prefix/hooks/run"
+  cat << EOF >> "${pkg_prefix}/hooks/run"
 #!/bin/sh
 
+CFG_ENV_PATH_PREFIX={{cfg.env_path_prefix}}
+CFG_ENV_PATH_PREFIX="\${CFG_ENV_PATH_PREFIX:-/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin}"
+CFG_INTERVAL={{cfg.interval}}
+CFG_INTERVAL="\${CFG_INTERVAL:-1800}"
+CFG_LOG_LEVEL={{cfg.log_level}}
+CFG_LOG_LEVEL="\${CFG_LOG_LEVEL:-warn}"
+CFG_RUN_LOCK_TIMEOUT={{cfg.run_lock_timeout}}
+CFG_RUN_LOCK_TIMEOUT="\${CFG_RUN_LOCK_TIMEOUT:-1800}"
+CFG_SPLAY={{cfg.splay}}
+CFG_SPLAY="\${CFG_SPLAY:-1800}"
+CFG_SPLAY_FIRST_RUN={{cfg.splay_first_run}}
+CFG_SPLAY_FIRST_RUN="\${CFG_SPLAY_FIRST_RUN:-0}"
+CFG_SSL_VERIFY_MODE={{cfg.ssl_verify_mode}}
+CFG_SSL_VERIFY_MODE="\${CFG_SSL_VERIFY_MODE:-:verify_peer}"
+
 chef_client_cmd()
 {
-  chef-client -z -l {{cfg.log_level}} -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout {{cfg.run_lock_timeout}}
+  chef-client -z -l \$CFG_LOG_LEVEL -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout \$CFG_RUN_LOCK_TIMEOUT
 }
 
-SPLAY_DURATION=\$({{pkgPathFor "core/coreutils"}}/bin/shuf -i 0-{{cfg.splay}} -n 1)
+SPLAY_DURATION=\$(shuf -i 0-\$CFG_SPLAY -n 1)
 
-SPLAY_FIRST_RUN_DURATION=\$({{pkgPathFor "core/coreutils"}}/bin/shuf -i 0-{{cfg.splay_first_run}} -n 1)
+SPLAY_FIRST_RUN_DURATION=\$(shuf -i 0-\$CFG_SPLAY_FIRST_RUN -n 1)
 
 export SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem"
 
 cd {{pkg.path}}
 
-# After the first run of the chef-client,
-# export the new package ident so that
-# other software can bind to it.
-# For example, this is useful for InSpec
-# to execute its run hook immediately after
-# the chef-client run has finished.
-
 exec 2>&1
 sleep \$SPLAY_FIRST_RUN_DURATION
 chef_client_cmd
@@ -78,42 +89,41 @@ chef_client_cmd
 while true; do
 
 sleep \$SPLAY_DURATION
-sleep {{cfg.interval}}
+sleep \$CFG_INTERVAL
 chef_client_cmd
 done
 EOF
-  chmod 0750 "$pkg_prefix/hooks/run"
+
+  chmod 0750 "${pkg_prefix}/hooks/run"
 }
 
 do_default_build() {
-  if [ -d "$PLAN_CONTEXT/../policyfiles" ]; then
-    _policyfile_path="$PLAN_CONTEXT/../policyfiles"
-  else
-    if [ -d "$PLAN_CONTEXT/../../policyfiles" ]; then
-      _policyfile_path="$PLAN_CONTEXT/../../policyfiles"
-    else
-      if [ -d "$PLAN_CONTEXT/../../../policyfiles" ]; then
-        _policyfile_path="$PLAN_CONTEXT/../../../policyfiles"
-      else
-        echo "Cannot detect a policyfiles directory!"
-        exit 1
-      fi
-    fi
+  if [ ! -d "${scaffold_policyfiles_path}" ]; then
+    build_line "Could not detect a policyfiles directory, this is required to proceed!"
+    exit 1
   fi
-  rm -f "$_policyfile_path"/*.lock.json
-  policyfile="$_policyfile_path/$scaffold_policy_name.rb"
-  for x in $(grep include_policy "$policyfile" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do
-    chef install "$_policyfile_path/$x.rb"
+
+  rm -f "${scaffold_policyfiles_path}"/*.lock.json
+
+  policyfile="${scaffold_policyfiles_path}/${scaffold_policy_name}.rb"
+
+  for p in $(grep include_policy "${policyfile}" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do
+    build_line "Detected included policyfile, ${p}.rb, installing"
+    chef install "${scaffold_policyfiles_path}/${p}.rb"
   done
-  chef install "$policyfile"
+
+  build_line "Installing ${policyfile}"
+  chef install "${policyfile}"
 }
 
 do_default_install() {
-  chef export "$_policyfile_path/$scaffold_policy_name.lock.json" "$pkg_prefix"
+  build_line "Exporting Chef Infra Repository"
+  chef export "${scaffold_policyfiles_path}/${scaffold_policy_name}.lock.json" "${pkg_prefix}"
 
-  mkdir -p "$pkg_prefix/config"
-  chmod 0750 "$pkg_prefix/config"
-  cat << EOF >> "$pkg_prefix/.chef/config.rb"
+  build_line "Creating Chef Infra configuration"
+  mkdir -p "${pkg_prefix}/config"
+  chmod 0750 "${pkg_prefix}/config"
+  cat << EOF >> "${pkg_prefix}/.chef/config.rb"
 cache_path "$pkg_svc_data_path/cache"
 node_path "$pkg_svc_data_path/nodes"
 role_path "$pkg_svc_data_path/roles"
@@ -121,13 +131,15 @@ role_path "$pkg_svc_data_path/roles"
 chef_zero.enabled true
 EOF
 
-  cp "$pkg_prefix/.chef/config.rb" "$pkg_prefix/config/bootstrap-config.rb"
-  cat << EOF >> "$pkg_prefix/config/bootstrap-config.rb"
+  build_line "Creating initial bootstrap configuration"
+  cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/bootstrap-config.rb"
+  cat << EOF >> "${pkg_prefix}/config/bootstrap-config.rb"
 ENV['PATH'] = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:#{ENV['PATH']}"
 EOF
 
-  cp "$pkg_prefix/.chef/config.rb" "$pkg_prefix/config/client-config.rb"
-  cat << EOF >> "$pkg_prefix/config/client-config.rb"
+  build_line "Creating Chef Infra client configuration"
+  cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/client-config.rb"
+  cat << EOF >> "${pkg_prefix}/config/client-config.rb"
 ssl_verify_mode {{cfg.ssl_verify_mode}}
 ENV['PATH'] = "{{cfg.env_path_prefix}}:#{ENV['PATH']}"
 
@@ -137,9 +149,10 @@ data_collector.token "{{cfg.data_collector.token}}"
 data_collector.server_url "{{cfg.data_collector.server_url}}"
 {{/if ~}}
 EOF
-  chmod 0640 "$pkg_prefix/config/client-config.rb"
+  chmod 0640 "${pkg_prefix}/config/client-config.rb"
 
-  cat << EOF >> "$pkg_prefix/config/attributes.json"
+  build_line "Generating config/attributes.json"
+  cat << EOF >> "${pkg_prefix}/config/attributes.json"
 {{#if cfg.attributes ~}}
 {{toJson cfg.attributes}}
 {{else ~}}
@@ -147,8 +160,8 @@ EOF
 {{/if ~}}
 EOF
 
-  ## Create config
-  cat << EOF >> "$pkg_prefix/default.toml"
+  build_line "Generating Chef Habitat configuration, default.toml"
+  cat << EOF >> "${pkg_prefix}/default.toml"
 interval = 1800
 splay = 1800
 splay_first_run = 0
@@ -163,7 +176,12 @@ enable = false
 token = "set_to_your_token"
 server_url = "set_to_your_url"
 EOF
-  chmod 0640 "$pkg_prefix/default.toml"
+  chmod 0640 "${pkg_prefix}/default.toml"
+
+  if [ -d "${scaffold_data_bags_path}" ]; then
+    build_line "Detected a data bags directory, installing into package"
+    cp -a "${scaffold_data_bags_path}" "${pkg_prefix}"
+  fi
 }
 
 do_default_strip() {