diff options
| author | Lamont Granquist <lamont@scriptkiddie.org> | 2021-07-13 19:13:40 -0700 |
|---|---|---|
| committer | Lamont Granquist <lamont@scriptkiddie.org> | 2021-07-13 19:13:40 -0700 |
| commit | 9e4d4b2ebbc06161fc852d936eb52c18efb2c35f (patch) | |
| tree | 47af7f0cab5f0137636ded31062b245bea5662d6 /chef-config/lib | |
| parent | f06e01da751ee8b963c4aab5f0a4c31fdc18ebcc (diff) | |
| download | chef-9e4d4b2ebbc06161fc852d936eb52c18efb2c35f.tar.gz | |
Support command line setting of run_list with policyfiles
This will allow temporarily setting the run list to a different
setting and still having the node saved (complimentary to setting
an override run list which does not save the node).
This can be used inside of test-kitchen for setting the run_list
to a fixture cookbook that is not in the policyfile without
needing to go through named_run_lists.
This can also be used with -j or -r on provisioning to run a
bootstrapping recipe, which will then be overridden by the
policyfile.
A switch is included to cause the node.run_list setting from the
-j or -r setting (or setting via code with `node.run_list <<`) to
persist and to override the policyfile. This is for sites which
have adopted complicated run_list mutating workflows to make it so
they can set Chef::Config[:policy_persist_run_list] to true and
will be able to migrate those workflows more easily to a policyfile
world. When it is run in this configuration it will always print
a WARN level message that the policyfile is being overridden since
it is not intended that the common state of the server would be
to ignore the policyfile run_list.
Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
Diffstat (limited to 'chef-config/lib')
| -rw-r--r-- | chef-config/lib/chef-config/config.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/chef-config/lib/chef-config/config.rb b/chef-config/lib/chef-config/config.rb index 633378d6ba..4770db06e6 100644 --- a/chef-config/lib/chef-config/config.rb +++ b/chef-config/lib/chef-config/config.rb @@ -632,6 +632,16 @@ module ChefConfig # effect if `policy_document_native_api` is set to `false`. default :deployment_group, nil + # When using policyfiles you can optionally set it to read the node.run_list + # from the server and have that override the policyfile run_list or the + # named_run_list set in config. With policyfiles there is no depsolving done + # on the run_list items so every item in the run_list must be in the set of + # cookbooks pushed to the node. This enables flows where the node can change + # its run_list and have it persist or to bootstrap nodes with the -j flag. If + # no run_list is set on the server node object then the configured named_run_list + # or run_list out of the policy is used. + default :policy_persist_run_list, false + # Set these to enable SSL authentication / mutual-authentication # with the server |