summaryrefslogtreecommitdiff
path: root/lib/chef/knife.rb
blob: e040de9d57877dbfe53767a1e94e97ad4f3d9863 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
#
# Author:: Adam Jacob (<adam@chef.io>)
# Author:: Christopher Brown (<cb@chef.io>)
# Copyright:: Copyright 2009-2019, Chef Software Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

require "forwardable" unless defined?(Forwardable)
require_relative "version"
require "mixlib/cli" unless defined?(Mixlib::CLI)
require "chef-utils/dsl/path_sanity" unless defined?(ChefUtils::DSL::PathSanity)
require_relative "workstation_config_loader"
require_relative "mixin/convert_to_class_name"
require_relative "mixin/path_sanity"
require_relative "knife/core/subcommand_loader"
require_relative "knife/core/ui"
require_relative "local_mode"
require_relative "server_api"
require_relative "http/authenticator"
require_relative "http/http_request"
require_relative "http"
require "pp" unless defined?(PP)
require_relative "dist"

class Chef
  class Knife

    Chef::HTTP::HTTPRequest.user_agent = "#{Chef::Dist::PRODUCT} Knife#{Chef::HTTP::HTTPRequest::UA_COMMON}"

    include Mixlib::CLI
    include ChefUtils::DSL::PathSanity
    extend Chef::Mixin::ConvertToClassName
    extend Forwardable

    # @note Backwards Compat:
    #   Ideally, we should not vomit all of these methods into this base class;
    #   instead, they should be accessed by hitting the ui object directly.
    def_delegator :@ui, :stdout
    def_delegator :@ui, :stderr
    def_delegator :@ui, :stdin
    def_delegator :@ui, :msg
    def_delegator :@ui, :ask_question
    def_delegator :@ui, :pretty_print
    def_delegator :@ui, :output
    def_delegator :@ui, :format_list_for_display
    def_delegator :@ui, :format_for_display
    def_delegator :@ui, :format_cookbook_list_for_display
    def_delegator :@ui, :edit_data
    def_delegator :@ui, :edit_hash
    def_delegator :@ui, :edit_object
    def_delegator :@ui, :confirm

    attr_accessor :name_args
    attr_accessor :ui

    # knife acl subcommands are grouped in this category using this constant to verify.
    OPSCODE_HOSTED_CHEF_ACCESS_CONTROL = %w{acl group user}.freeze

    # knife opc subcommands are grouped in this category using this constant to verify.
    CHEF_ORGANIZATION_MANAGEMENT = %w{opc}.freeze

    # Configure mixlib-cli to always separate defaults from user-supplied CLI options
    def self.use_separate_defaults?
      true
    end

    def self.ui
      @ui ||= Chef::Knife::UI.new(STDOUT, STDERR, STDIN, {})
    end

    def self.msg(msg = "")
      ui.msg(msg)
    end

    def self.reset_config_loader!
      @@chef_config_dir = nil
      @config_loader = nil
    end

    def self.reset_subcommands!
      @@subcommands = {}
      @subcommands_by_category = nil
    end

    def self.inherited(subclass)
      super
      unless subclass.unnamed?
        subcommands[subclass.snake_case_name] = subclass
        subcommand_files[subclass.snake_case_name] +=
          if subclass.superclass.to_s == "Chef::ChefFS::Knife"
            # ChefFS-based commands have a superclass that defines an
            # inhereited method which calls super. This means that the
            # top of the call stack is not the class definition for
            # our subcommand.  Try the second entry in the call stack.
            [path_from_caller(caller[1])]
          else
            [path_from_caller(caller[0])]
          end
      end
    end

    # Explicitly set the category for the current command to +new_category+
    # The category is normally determined from the first word of the command
    # name, but some commands make more sense using two or more words
    # @param new_category [String] value to set the category to (see examples)
    #
    # @example Data bag commands would be in the 'data' category by default. To
    #  put them in the 'data bag' category:
    #  category('data bag')
    def self.category(new_category)
      @category = new_category
    end

    def self.subcommand_category
      @category || snake_case_name.split("_").first unless unnamed?
    end

    def self.snake_case_name
      convert_to_snake_case(name.split("::").last) unless unnamed?
    end

    def self.common_name
      snake_case_name.split("_").join(" ")
    end

    # Does this class have a name? (Classes created via Class.new don't)
    def self.unnamed?
      name.nil? || name.empty?
    end

    def self.subcommand_loader
      @subcommand_loader ||= Chef::Knife::SubcommandLoader.for_config(chef_config_dir)
    end

    def self.load_commands
      @commands_loaded ||= subcommand_loader.load_commands
    end

    def self.guess_category(args)
      subcommand_loader.guess_category(args)
    end

    def self.subcommand_class_from(args)
      if args.size == 1 && args[0].strip.casecmp("rehash") == 0
        # To prevent issues with the rehash file not pointing to the correct plugins,
        # we always use the glob loader when regenerating the rehash file
        @subcommand_loader = Chef::Knife::SubcommandLoader.gem_glob_loader(chef_config_dir)
      end
      subcommand_loader.command_class_from(args) || subcommand_not_found!(args)
    end

    def self.subcommands
      @@subcommands ||= {}
    end

    def self.subcommand_files
      @@subcommand_files ||= Hash.new([])
    end

    def self.subcommands_by_category
      unless @subcommands_by_category
        @subcommands_by_category = Hash.new { |hash, key| hash[key] = [] }
        subcommands.each do |snake_cased, klass|
          @subcommands_by_category[klass.subcommand_category] << snake_cased
        end
      end
      @subcommands_by_category
    end

    # Shared with subclasses
    @@chef_config_dir = nil

    def self.config_loader
      @config_loader ||= WorkstationConfigLoader.new(nil, Chef::Log)
    end

    def self.load_config(explicit_config_file, profile)
      config_loader.explicit_config_file = explicit_config_file
      config_loader.profile = profile
      config_loader.load

      ui.warn("No knife configuration file found. See https://docs.chef.io/config_rb_knife.html for details.") if config_loader.no_config_found?

      config_loader
    rescue Exceptions::ConfigurationError => e
      ui.error(ui.color("CONFIGURATION ERROR:", :red) + e.message)
      exit 1
    end

    def self.chef_config_dir
      @@chef_config_dir ||= config_loader.chef_config_dir
    end

    # Run knife for the given +args+ (ARGV), adding +options+ to the list of
    # CLI options that the subcommand knows how to handle.
    #
    # @param args [Array] The arguments. Usually ARGV
    # @param options [Mixlib::CLI option parser hash] These +options+ are how
    #   subcommands know about global knife CLI options
    #
    def self.run(args, options = {})
      # Fallback debug logging. Normally the logger isn't configured until we
      # read the config, but this means any logging that happens before the
      # config file is read may be lost. If the KNIFE_DEBUG variable is set, we
      # setup the logger for debug logging to stderr immediately to catch info
      # from early in the setup process.
      if ENV["KNIFE_DEBUG"]
        Chef::Log.init($stderr)
        Chef::Log.level(:debug)
      end

      subcommand_class = subcommand_class_from(args)
      subcommand_class.options = options.merge!(subcommand_class.options)
      subcommand_class.load_deps
      instance = subcommand_class.new(args)
      instance.configure_chef
      instance.run_with_pretty_exceptions
    end

    def self.dependency_loaders
      @dependency_loaders ||= []
    end

    def self.deps(&block)
      dependency_loaders << block
    end

    def self.load_deps
      dependency_loaders.each(&:call)
    end

    OFFICIAL_PLUGINS = %w{lpar openstack push rackspace vcenter}.freeze

    class << self
      def list_commands(preferred_category = nil)
        category_desc = preferred_category ? preferred_category + " " : ""
        msg "Available #{category_desc}subcommands: (for details, knife SUB-COMMAND --help)\n\n"
        subcommand_loader.list_commands(preferred_category).sort.each do |category, commands|
          next if category =~ /deprecated/i

          msg "** #{category.upcase} COMMANDS **"
          commands.sort.each do |command|
            subcommand_loader.load_command(command)
            msg subcommands[command].banner if subcommands[command]
          end
          msg
        end
      end

      private

      # @api private
      def path_from_caller(caller_line)
        caller_line.split(/:\d+/).first
      end

      # Error out and print usage. probably because the arguments given by the
      # user could not be resolved to a subcommand.
      # @api private
      def subcommand_not_found!(args)
        ui.fatal("Cannot find subcommand for: '#{args.join(" ")}'")

        # Mention rehash when the subcommands cache(plugin_manifest.json) is used
        if subcommand_loader.is_a?(Chef::Knife::SubcommandLoader::HashedCommandLoader)
          ui.info("If this is a recently installed plugin, please run 'knife rehash' to update the subcommands cache.")
        end

        if CHEF_ORGANIZATION_MANAGEMENT.include?(args[0])
          list_commands("CHEF ORGANIZATION MANAGEMENT")
        elsif OPSCODE_HOSTED_CHEF_ACCESS_CONTROL.include?(args[0])
          list_commands("OPSCODE HOSTED CHEF ACCESS CONTROL")
        elsif category_commands = guess_category(args)
          list_commands(category_commands)
        elsif OFFICIAL_PLUGINS.include?(args[0]) # command was an uninstalled official chef knife plugin
          ui.info("Use `#{Chef::Dist::EXEC} gem install knife-#{args[0]}` to install the plugin into ChefDK / Chef Workstation")
        else
          list_commands
        end

        exit 10
      end

      # @api private
      def reset_config_path!
        @@chef_config_dir = nil
      end

    end

    reset_config_path!

    # Create a new instance of the current class configured for the given
    # arguments and options
    def initialize(argv = [])
      super() # having to call super in initialize is the most annoying anti-pattern :(
      @ui = Chef::Knife::UI.new(STDOUT, STDERR, STDIN, config)

      command_name_words = self.class.snake_case_name.split("_")

      # Mixlib::CLI ignores the embedded name_args
      @name_args = parse_options(argv)
      @name_args.delete(command_name_words.join("-"))
      @name_args.reject! { |name_arg| command_name_words.delete(name_arg) }

      # knife node run_list add requires that we have extra logic to handle
      # the case that command name words could be joined by an underscore :/
      command_name_joined = command_name_words.join("_")
      @name_args.reject! { |name_arg| command_name_joined == name_arg }

      # Similar handling for hyphens.
      command_name_joined = command_name_words.join("-")
      @name_args.reject! { |name_arg| command_name_joined == name_arg }

      if config[:help]
        msg opt_parser
        exit 1
      end

      # Grab a copy before config merge occurs, so that we can later identify
      # whare a given config value is sourced from.
      @original_config = config.dup

      # copy Mixlib::CLI over so that it can be configured in config.rb/knife.rb
      # config file
      Chef::Config[:verbosity] = config[:verbosity] if config[:verbosity]
    end

    def parse_options(args)
      super
    rescue OptionParser::InvalidOption => e
      puts "Error: " + e.to_s
      show_usage
      exit(1)
    end

    # keys from mixlib-cli options
    def cli_keys
      self.class.options.keys
    end

    # extracts the settings from the Chef::Config[:knife] sub-hash that correspond
    # to knife cli options -- in preparation for merging config values with cli values
    #
    # NOTE: due to weirdness in mixlib-config #has_key? is only true if the value has
    # been set by the user -- the Chef::Config defaults return #has_key?() of false and
    # this code DEPENDS on that functionality since applying the default values in
    # Chef::Config[:knife] would break the defaults in the cli that we would otherwise
    # overwrite.
    def config_file_settings
      cli_keys.each_with_object({}) do |key, memo|
        if Chef::Config[:knife].key?(key)
          memo[key] = Chef::Config[:knife][key]
        end
      end
    end

    # config is merged in this order (inverse of precedence)
    #  default_config       - mixlib-cli defaults (accessor from the mixin)
    #  config_file_settings - Chef::Config[:knife] sub-hash
    #  config               - mixlib-cli settings (accessor from the mixin)
    def merge_configs
      # Update our original_config - if someone has created a knife command
      # instance directly, they are likely ot have set cmd.config values directly
      # as well, at which point our saved original config is no longer up to date.
      @original_config = config.dup
      # other code may have a handle to the config object, so use Hash#replace to deliberately
      # update-in-place.
      config.replace(default_config.merge(config_file_settings).merge(config))
    end

    #
    # Determine the source of a given configuration key
    #
    # @argument key [Symbol] a configuration key
    # @return [Symbol,NilClass] return the source of the config key,
    # one of:
    #   - :cli - this was explicitly provided on the CLI
    #   - :config - this came from Chef::Config[:knife]
    #   - :cli_default - came from a declared CLI `option`'s `default` value.
    #   - nil - if the key could not be found in any source.
    #           This can happen when it is invalid, or has been
    #           set directly into #config without then calling #merge_config
    def config_source(key)
      return :cli if @original_config.include? key
      return :config if config_file_settings.key? key
      return :cli_default if default_config.include? key

      nil
    end

    # Catch-all method that does any massaging needed for various config
    # components, such as expanding file paths and converting verbosity level
    # into log level.
    def apply_computed_config
      Chef::Config[:color] = config[:color]

      case Chef::Config[:verbosity]
      when 0, nil
        Chef::Config[:log_level] = :warn
      when 1
        Chef::Config[:log_level] = :info
      when 2
        Chef::Config[:log_level] = :debug
      else
        Chef::Config[:log_level] = :trace
      end

      Chef::Config[:log_level] = :trace if ENV["KNIFE_DEBUG"]

      Chef::Config[:node_name]         = config[:node_name]       if config[:node_name]
      Chef::Config[:client_key]        = config[:client_key]      if config[:client_key]
      Chef::Config[:chef_server_url]   = config[:chef_server_url] if config[:chef_server_url]
      Chef::Config[:environment]       = config[:environment]     if config[:environment]

      Chef::Config.local_mode = config[:local_mode] if config.key?(:local_mode)

      Chef::Config.listen = config[:listen] if config.key?(:listen)

      if Chef::Config.local_mode && !Chef::Config.key?(:cookbook_path) && !Chef::Config.key?(:chef_repo_path)
        Chef::Config.chef_repo_path = Chef::Config.find_chef_repo_path(Dir.pwd)
      end
      Chef::Config.chef_zero.host = config[:chef_zero_host] if config[:chef_zero_host]
      Chef::Config.chef_zero.port = config[:chef_zero_port] if config[:chef_zero_port]

      # Expand a relative path from the config directory. Config from command
      # line should already be expanded, and absolute paths will be unchanged.
      if Chef::Config[:client_key] && config[:config_file]
        Chef::Config[:client_key] = File.expand_path(Chef::Config[:client_key], File.dirname(config[:config_file]))
      end

      Mixlib::Log::Formatter.show_time = false
      Chef::Log.init(Chef::Config[:log_location])
      Chef::Log.level(Chef::Config[:log_level] || :error)
    end

    def configure_chef
      # knife needs to send logger output to STDERR by default
      Chef::Config[:log_location] = STDERR
      config_loader = self.class.load_config(config[:config_file], config[:profile])
      config[:config_file] = config_loader.config_location

      # For CLI options like `--config-option key=value`. These have to get
      # parsed and applied separately.
      extra_config_options = config.delete(:config_option)

      merge_configs
      apply_computed_config

      # This has to be after apply_computed_config so that Mixlib::Log is configured
      Chef::Log.info("Using configuration from #{config[:config_file]}") if config[:config_file]

      begin
        Chef::Config.apply_extra_config_options(extra_config_options)
      rescue ChefConfig::UnparsableConfigOption => e
        ui.error e.message
        show_usage
        exit(1)
      end

      Chef::Config.export_proxies
    end

    def show_usage
      stdout.puts("USAGE: " + opt_parser.to_s)
    end

    def run_with_pretty_exceptions(raise_exception = false)
      unless respond_to?(:run)
        ui.error "You need to add a #run method to your knife command before you can use it"
      end
      ENV["PATH"] = sanitized_path if Chef::Config[:enforce_path_sanity]
      maybe_setup_fips
      Chef::LocalMode.with_server_connectivity do
        run
      end
    rescue Exception => e
      raise if raise_exception || ( Chef::Config[:verbosity] && Chef::Config[:verbosity] >= 2 )

      humanize_exception(e)
      exit 100
    end

    def humanize_exception(e)
      case e
      when SystemExit
        raise # make sure exit passes through.
      when Net::HTTPClientException, Net::HTTPFatalError
        humanize_http_exception(e)
      when OpenSSL::SSL::SSLError
        ui.error "Could not establish a secure connection to the server."
        ui.info "Use `knife ssl check` to troubleshoot your SSL configuration."
        ui.info "If your server uses a self-signed certificate, you can use"
        ui.info "`knife ssl fetch` to make knife trust the server's certificates."
        ui.info ""
        ui.info  "Original Exception: #{e.class.name}: #{e.message}"
      when Errno::ECONNREFUSED, Timeout::Error, Errno::ETIMEDOUT, SocketError
        ui.error "Network Error: #{e.message}"
        ui.info "Check your knife configuration and network settings"
      when NameError, NoMethodError
        ui.error "knife encountered an unexpected error"
        ui.info  "This may be a bug in the '#{self.class.common_name}' knife command or plugin"
        ui.info  "Please collect the output of this command with the `-VVV` option before filing a bug report."
        ui.info  "Exception: #{e.class.name}: #{e.message}"
      when Chef::Exceptions::PrivateKeyMissing
        ui.error "Your private key could not be loaded from #{api_key}"
        ui.info  "Check your configuration file and ensure that your private key is readable"
      when Chef::Exceptions::InvalidRedirect
        ui.error "Invalid Redirect: #{e.message}"
        ui.info  "Change your server location in config.rb/knife.rb to the server's FQDN to avoid unwanted redirections."
      else
        ui.error "#{e.class.name}: #{e.message}"
      end
    end

    def humanize_http_exception(e)
      response = e.response
      case response
      when Net::HTTPUnauthorized
        ui.error "Failed to authenticate to #{server_url} as #{username} with key #{api_key}"
        ui.info "Response:  #{format_rest_error(response)}"
      when Net::HTTPForbidden
        ui.error "You authenticated successfully to #{server_url} as #{username} but you are not authorized for this action."
        proxy_env_vars = ENV.to_hash.keys.map(&:downcase) & %w{http_proxy https_proxy ftp_proxy socks_proxy no_proxy}
        unless proxy_env_vars.empty?
          ui.error "There are proxy servers configured, your server url may need to be added to NO_PROXY."
        end
        ui.info "Response:  #{format_rest_error(response)}"
      when Net::HTTPBadRequest
        ui.error "The data in your request was invalid"
        ui.info "Response: #{format_rest_error(response)}"
      when Net::HTTPNotFound
        ui.error "The object you are looking for could not be found"
        ui.info "Response: #{format_rest_error(response)}"
      when Net::HTTPInternalServerError
        ui.error "internal server error"
        ui.info "Response: #{format_rest_error(response)}"
      when Net::HTTPBadGateway
        ui.error "bad gateway"
        ui.info "Response: #{format_rest_error(response)}"
      when Net::HTTPServiceUnavailable
        ui.error "Service temporarily unavailable"
        ui.info "Response: #{format_rest_error(response)}"
      when Net::HTTPNotAcceptable
        version_header = Chef::JSONCompat.from_json(response["x-ops-server-api-version"])
        client_api_version = version_header["request_version"]
        min_server_version = version_header["min_version"]
        max_server_version = version_header["max_version"]
        ui.error "The API version that Knife is using is not supported by the server you sent this request to."
        ui.info "The request that Knife sent was using API version #{client_api_version}."
        ui.info "The server you sent the request to supports a min API verson of #{min_server_version} and a max API version of #{max_server_version}."
        ui.info "Please either update your #{Chef::Dist::PRODUCT} or the server to be a compatible set."
      else
        ui.error response.message
        ui.info "Response: #{format_rest_error(response)}"
      end
    end

    def username
      Chef::Config[:node_name]
    end

    def api_key
      Chef::Config[:client_key]
    end

    # Parses JSON from the error response sent by Chef Server and returns the
    # error message
    #--
    # TODO: this code belongs in Chef::REST
    def format_rest_error(response)
      Array(Chef::JSONCompat.from_json(response.body)["error"]).join("; ")
    rescue Exception
      response.body
    end

    # FIXME: yard with @yield
    def create_object(object, pretty_name = nil, object_class: nil)
      output = if object_class
                 edit_data(object, object_class: object_class)
               else
                 edit_hash(object)
               end

      if Kernel.block_given?
        output = yield(output)
      else
        output.save
      end

      pretty_name ||= output

      msg("Created #{pretty_name}")

      output(output) if config[:print_after]
    end

    # FIXME: yard with @yield
    def delete_object(klass, name, delete_name = nil)
      confirm("Do you really want to delete #{name}")

      if Kernel.block_given?
        object = yield
      else
        object = klass.load(name)
        object.destroy
      end

      output(format_for_display(object)) if config[:print_after]

      obj_name = delete_name ? "#{delete_name}[#{name}]" : object
      msg("Deleted #{obj_name}")
    end

    # helper method for testing if a field exists
    # and returning the usage and proper error if not
    def test_mandatory_field(field, fieldname)
      if field.nil?
        show_usage
        ui.fatal("You must specify a #{fieldname}")
        exit 1
      end
    end

    def rest
      @rest ||= begin
        require_relative "server_api"
        Chef::ServerAPI.new(Chef::Config[:chef_server_url])
      end
    end

    def noauth_rest
      @rest ||= begin
        require_relative "http/simple_json"
        Chef::HTTP::SimpleJSON.new(Chef::Config[:chef_server_url])
      end
    end

    def server_url
      Chef::Config[:chef_server_url]
    end

    def maybe_setup_fips
      unless config[:fips].nil?
        Chef::Config[:fips] = config[:fips]
      end
      Chef::Config.init_openssl
    end
  end
end