diff options
author | echohack <echohack@users.noreply.github.com> | 2019-06-19 11:18:40 -0700 |
---|---|---|
committer | echohack <echohack@users.noreply.github.com> | 2019-06-19 12:41:16 -0700 |
commit | 1312c026cf6af6f21c5640628b08192c6c527cf1 (patch) | |
tree | fc0271921c8c38792a731bc678abf25a70e06baf | |
parent | 2aa16f1e17932aeb22feb21b68282fec26620013 (diff) | |
download | chef-1312c026cf6af6f21c5640628b08192c6c527cf1.tar.gz |
update scaffolding to modern version, but build with Chef14
Signed-off-by: echohack <echohack@users.noreply.github.com>
-rw-r--r-- | habitat-packages/chef-client/config/client.rb | 3 | ||||
-rw-r--r-- | habitat-packages/scaffolding-chef/lib/scaffolding.sh | 114 |
2 files changed, 68 insertions, 49 deletions
diff --git a/habitat-packages/chef-client/config/client.rb b/habitat-packages/chef-client/config/client.rb index 0572188de3..c7a12c2b85 100644 --- a/habitat-packages/chef-client/config/client.rb +++ b/habitat-packages/chef-client/config/client.rb @@ -1,4 +1,4 @@ -# rubocop:disable Lint/Syntax +# rubocop:disable all chef_repo_path "{{pkg.svc_data_path}}/chef" file_backup_path "{{pkg.svc_data_path}}/{{cfg.file_backup_path}}" pid_file "{{pkg.svc_data_path}}/{{cfg.pid_file}}" @@ -18,3 +18,4 @@ log_level "{{cfg.log_level}}".to_sym {{#if cfg.use_member_id_as_uuid ~}} chef_guid "{{svc.me.member_id}}" {{/if ~}} +# rubocop:enable all diff --git a/habitat-packages/scaffolding-chef/lib/scaffolding.sh b/habitat-packages/scaffolding-chef/lib/scaffolding.sh index a938717def..7c098ff1cf 100644 --- a/habitat-packages/scaffolding-chef/lib/scaffolding.sh +++ b/habitat-packages/scaffolding-chef/lib/scaffolding.sh @@ -14,15 +14,17 @@ fi scaffolding_load() { : "${scaffold_chef_client:=chef/chef-client}" : "${scaffold_chef_dk:=chef/chef-dk}" + : "${scaffold_policyfiles_path:=$PLAN_CONTEXT/../policyfiles}" + : "${scaffold_data_bags_path:=$PLAN_CONTEXT/../data_bags}" pkg_deps=( "${pkg_deps[@]}" - "$scaffold_chef_client" + "${scaffold_chef_client}" "core/cacerts" ) pkg_build_deps=( "${pkg_build_deps[@]}" - "$scaffold_chef_dk" + "${scaffold_chef_dk}" "core/git" ) @@ -44,33 +46,42 @@ do_default_unpack() { do_default_build_service() { ## Create hooks - mkdir -p "$pkg_prefix/hooks" - chmod 0750 "$pkg_prefix/hooks" + build_line "Creating lifecycle hooks" + mkdir -p "${pkg_prefix}/hooks" + chmod 0750 "${pkg_prefix}/hooks" # Run hook - cat << EOF >> "$pkg_prefix/hooks/run" + cat << EOF >> "${pkg_prefix}/hooks/run" #!/bin/sh +CFG_ENV_PATH_PREFIX={{cfg.env_path_prefix}} +CFG_ENV_PATH_PREFIX="\${CFG_ENV_PATH_PREFIX:-/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin}" +CFG_INTERVAL={{cfg.interval}} +CFG_INTERVAL="\${CFG_INTERVAL:-1800}" +CFG_LOG_LEVEL={{cfg.log_level}} +CFG_LOG_LEVEL="\${CFG_LOG_LEVEL:-warn}" +CFG_RUN_LOCK_TIMEOUT={{cfg.run_lock_timeout}} +CFG_RUN_LOCK_TIMEOUT="\${CFG_RUN_LOCK_TIMEOUT:-1800}" +CFG_SPLAY={{cfg.splay}} +CFG_SPLAY="\${CFG_SPLAY:-1800}" +CFG_SPLAY_FIRST_RUN={{cfg.splay_first_run}} +CFG_SPLAY_FIRST_RUN="\${CFG_SPLAY_FIRST_RUN:-0}" +CFG_SSL_VERIFY_MODE={{cfg.ssl_verify_mode}} +CFG_SSL_VERIFY_MODE="\${CFG_SSL_VERIFY_MODE:-:verify_peer}" + chef_client_cmd() { - chef-client -z -l {{cfg.log_level}} -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout {{cfg.run_lock_timeout}} + chef-client -z -l \$CFG_LOG_LEVEL -c $pkg_svc_config_path/client-config.rb -j $pkg_svc_config_path/attributes.json --once --no-fork --run-lock-timeout \$CFG_RUN_LOCK_TIMEOUT } -SPLAY_DURATION=\$({{pkgPathFor "core/coreutils"}}/bin/shuf -i 0-{{cfg.splay}} -n 1) +SPLAY_DURATION=\$(shuf -i 0-\$CFG_SPLAY -n 1) -SPLAY_FIRST_RUN_DURATION=\$({{pkgPathFor "core/coreutils"}}/bin/shuf -i 0-{{cfg.splay_first_run}} -n 1) +SPLAY_FIRST_RUN_DURATION=\$(shuf -i 0-\$CFG_SPLAY_FIRST_RUN -n 1) export SSL_CERT_FILE="{{pkgPathFor "core/cacerts"}}/ssl/cert.pem" cd {{pkg.path}} -# After the first run of the chef-client, -# export the new package ident so that -# other software can bind to it. -# For example, this is useful for InSpec -# to execute its run hook immediately after -# the chef-client run has finished. - exec 2>&1 sleep \$SPLAY_FIRST_RUN_DURATION chef_client_cmd @@ -78,42 +89,41 @@ chef_client_cmd while true; do sleep \$SPLAY_DURATION -sleep {{cfg.interval}} +sleep \$CFG_INTERVAL chef_client_cmd done EOF - chmod 0750 "$pkg_prefix/hooks/run" + + chmod 0750 "${pkg_prefix}/hooks/run" } do_default_build() { - if [ -d "$PLAN_CONTEXT/../policyfiles" ]; then - _policyfile_path="$PLAN_CONTEXT/../policyfiles" - else - if [ -d "$PLAN_CONTEXT/../../policyfiles" ]; then - _policyfile_path="$PLAN_CONTEXT/../../policyfiles" - else - if [ -d "$PLAN_CONTEXT/../../../policyfiles" ]; then - _policyfile_path="$PLAN_CONTEXT/../../../policyfiles" - else - echo "Cannot detect a policyfiles directory!" - exit 1 - fi - fi + if [ ! -d "${scaffold_policyfiles_path}" ]; then + build_line "Could not detect a policyfiles directory, this is required to proceed!" + exit 1 fi - rm -f "$_policyfile_path"/*.lock.json - policyfile="$_policyfile_path/$scaffold_policy_name.rb" - for x in $(grep include_policy "$policyfile" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do - chef install "$_policyfile_path/$x.rb" + + rm -f "${scaffold_policyfiles_path}"/*.lock.json + + policyfile="${scaffold_policyfiles_path}/${scaffold_policy_name}.rb" + + for p in $(grep include_policy "${policyfile}" | awk -F "," '{print $1}' | awk -F '"' '{print $2}' | tr -d " "); do + build_line "Detected included policyfile, ${p}.rb, installing" + chef install "${scaffold_policyfiles_path}/${p}.rb" done - chef install "$policyfile" + + build_line "Installing ${policyfile}" + chef install "${policyfile}" } do_default_install() { - chef export "$_policyfile_path/$scaffold_policy_name.lock.json" "$pkg_prefix" + build_line "Exporting Chef Infra Repository" + chef export "${scaffold_policyfiles_path}/${scaffold_policy_name}.lock.json" "${pkg_prefix}" - mkdir -p "$pkg_prefix/config" - chmod 0750 "$pkg_prefix/config" - cat << EOF >> "$pkg_prefix/.chef/config.rb" + build_line "Creating Chef Infra configuration" + mkdir -p "${pkg_prefix}/config" + chmod 0750 "${pkg_prefix}/config" + cat << EOF >> "${pkg_prefix}/.chef/config.rb" cache_path "$pkg_svc_data_path/cache" node_path "$pkg_svc_data_path/nodes" role_path "$pkg_svc_data_path/roles" @@ -121,13 +131,15 @@ role_path "$pkg_svc_data_path/roles" chef_zero.enabled true EOF - cp "$pkg_prefix/.chef/config.rb" "$pkg_prefix/config/bootstrap-config.rb" - cat << EOF >> "$pkg_prefix/config/bootstrap-config.rb" + build_line "Creating initial bootstrap configuration" + cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/bootstrap-config.rb" + cat << EOF >> "${pkg_prefix}/config/bootstrap-config.rb" ENV['PATH'] = "/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:#{ENV['PATH']}" EOF - cp "$pkg_prefix/.chef/config.rb" "$pkg_prefix/config/client-config.rb" - cat << EOF >> "$pkg_prefix/config/client-config.rb" + build_line "Creating Chef Infra client configuration" + cp "${pkg_prefix}/.chef/config.rb" "${pkg_prefix}/config/client-config.rb" + cat << EOF >> "${pkg_prefix}/config/client-config.rb" ssl_verify_mode {{cfg.ssl_verify_mode}} ENV['PATH'] = "{{cfg.env_path_prefix}}:#{ENV['PATH']}" @@ -137,9 +149,10 @@ data_collector.token "{{cfg.data_collector.token}}" data_collector.server_url "{{cfg.data_collector.server_url}}" {{/if ~}} EOF - chmod 0640 "$pkg_prefix/config/client-config.rb" + chmod 0640 "${pkg_prefix}/config/client-config.rb" - cat << EOF >> "$pkg_prefix/config/attributes.json" + build_line "Generating config/attributes.json" + cat << EOF >> "${pkg_prefix}/config/attributes.json" {{#if cfg.attributes ~}} {{toJson cfg.attributes}} {{else ~}} @@ -147,8 +160,8 @@ EOF {{/if ~}} EOF - ## Create config - cat << EOF >> "$pkg_prefix/default.toml" + build_line "Generating Chef Habitat configuration, default.toml" + cat << EOF >> "${pkg_prefix}/default.toml" interval = 1800 splay = 1800 splay_first_run = 0 @@ -163,7 +176,12 @@ enable = false token = "set_to_your_token" server_url = "set_to_your_url" EOF - chmod 0640 "$pkg_prefix/default.toml" + chmod 0640 "${pkg_prefix}/default.toml" + + if [ -d "${scaffold_data_bags_path}" ]; then + build_line "Detected a data bags directory, installing into package" + cp -a "${scaffold_data_bags_path}" "${pkg_prefix}" + fi } do_default_strip() { |