From ab5374c7f4a2206c090ff5af54636fdaf8c2a7e9 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Fri, 21 Dec 2018 16:26:45 -0600 Subject: [PATCH] initial commit --- .editorconfig | 9 + .foodcritic | 2 + .kitchen.yml | 40 ++++- .mdlrc | 1 + .rubocop.yml | 18 ++ Berksfile | 4 + CHANGELOG.md | 8 +- LICENSE | 202 ++++++++++++++++++++++- README.md | 49 +++++- attributes/default.rb | 104 ++++++++++++ chefignore | 2 +- metadata.rb | 25 ++- recipes/chef_automatev2.rb | 42 +++++ recipes/chef_server.rb | 62 +++++++ recipes/chef_supermarket.rb | 24 +++ recipes/default.rb | 17 +- test/integration/default/default_test.rb | 13 +- 17 files changed, 582 insertions(+), 40 deletions(-) create mode 100644 .editorconfig create mode 100644 .foodcritic create mode 100644 .mdlrc create mode 100644 .rubocop.yml create mode 100644 attributes/default.rb create mode 100644 recipes/chef_automatev2.rb create mode 100644 recipes/chef_server.rb create mode 100644 recipes/chef_supermarket.rb diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..a05749c --- /dev/null +++ b/.editorconfig @@ -0,0 +1,9 @@ +root = true + +[*] +end_of_line = lf +insert_final_newline = true +indent_style = space +indent_size = 2 +charset = utf-8 +trim_trailing_whitespace = true diff --git a/.foodcritic b/.foodcritic new file mode 100644 index 0000000..8e05e8d --- /dev/null +++ b/.foodcritic @@ -0,0 +1,2 @@ +~FC068 #FC068: Ensure license is set in metadata +~FC078 #FC078: Ensure cookbook shared under an OSI-approved open source license diff --git a/.kitchen.yml b/.kitchen.yml index c4e4101..c4811e5 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -1,25 +1,53 @@ --- driver: name: vagrant + pre_create_command: vagrant box update --box bento/$KITCHEN_PLATFORM_NAME + customize: + memory: 2048 + cpus: 2 provisioner: name: chef_zero - # You may wish to disable always updating cookbooks in CI or other testing environments. - # For example: - # always_update_cookbooks: <%= !ENV['CI'] %> always_update_cookbooks: true + retry_on_exit_code: + - 35 # 35 is the exit code signaling that the node is rebooting + max_retries: 1 + client_rb: + exit_status: :enabled # Opt-in to the standardized exit codes + client_fork: false # Forked instances don't return the real exit code + environment: _default + product_name: chef + product_version: 14 verifier: name: inspec platforms: - - name: ubuntu-16.04 - name: centos-7 suites: - - name: default + - name: automatev2 + driver: + customize: + memory: 2560 run_list: - - recipe[chef_software::default] + - recipe[chef_software::chef_automatev2] + verifier: + inspec_tests: + - test/integration/default + attributes: + + - name: server + run_list: + - recipe[chef_software::chef_server] + verifier: + inspec_tests: + - test/integration/default + attributes: + + - name: supermarket + run_list: + - recipe[chef_software::chef_supermarket] verifier: inspec_tests: - test/integration/default diff --git a/.mdlrc b/.mdlrc new file mode 100644 index 0000000..b7e0825 --- /dev/null +++ b/.mdlrc @@ -0,0 +1 @@ +rules "~MD013" diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..bb4ecea --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,18 @@ +AllCops: + Exclude: + - vendor/**/* + - Guardfile + TargetRubyVersion: 2.5 + +ClassLength: + Enabled: false +CyclomaticComplexity: + Enabled: false +LineLength: + Enabled: false +MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +PerceivedComplexity: + Enabled: false diff --git a/Berksfile b/Berksfile index 0656a99..a165970 100644 --- a/Berksfile +++ b/Berksfile @@ -1,4 +1,8 @@ # frozen_string_literal: true + +source chef_repo: '..' source 'https://supermarket.chef.io' metadata + +cookbook 'chef-ingredient', path: '../chef-ingredient' diff --git a/CHANGELOG.md b/CHANGELOG.md index 06e0e83..34c43fa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,10 +2,6 @@ This file is used to list changes made in each version of the chef_software cookbook. -# 0.1.0 - -Initial release. - -- change 0 -- change 1 +## 0.1.0 (2018-12-11) +- [Corey Hemminger] - Initial Release diff --git a/LICENSE b/LICENSE index a27e740..11069ed 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,201 @@ -Copyright 2018 The Authors + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ -All rights reserved, do not redistribute. +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/README.md b/README.md index 55aefb3..0f73b78 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,51 @@ # chef_software -TODO: Enter the cookbook description here. +This Cookbook wraps the chef-ingredient cookbook and will install and configure chef-server, chef-automatev2, and an internal chef-supermarket. Configuration is all attribute driven. +## Requirements + +Please refer to the chef-ingredient cookbook for additional information on configuration options to add to the atribute hashes. + +### Platforms + +- Linux + +## Attributes + +### default attributes + +| Attribute | Default | Comment | +| ------------- | ------------- | ------------- | +| ['chef_software']['chef_server_api_fqdn'] | 'chef-server.example.com' | (String) Hostname to connect to chef-server | +| ['chef_software']['chef_automate_api_fqdn'] | 'chef-automate.example.com' | (String) Hostname to connect to chef-automatev2 | +| ['chef_software']['chef_supermarket_api_fqdn'] | 'chef-supermarket.example.com' | (String) Hostname to connect to chef-supermarket | +| ['chef_software']['automate_admin_token'] | nil | (String) Token used for api access by cookbook | +| ['chef_software']['chef_automatev2'] | {accept_license: true, config: <<~EOC [global.v1] fqdn = "#{node['chef_software']['chef_automate_api_fqdn']}" EOC} | (Hash) Used to add configuration options to chef-automatev2 | +| ['chef_software']['chef_automatev2']['local_users'] | {test1:{ full_name: 'Test 1', password: 'Test1234!',},} | (Hash) Hash of hashes definign automatev2 users | +| ['chef_software']['chef_automatev2']['iam_policies'] | {team_ldap: {policy_json: {subjects: ['user:local:test1'], action: '*', resource: '*',},},} | (Hash) Hash of hashes defining automate IAM policies in json format | +| ['chef_software']['chef_server'] | {accept_license: true, addons: {'manage' => {accept_license: true,},}, config: <<~EOC api_fqdn "#{node['chef_software']['chef_server_api_fqdn']}" topology "standalone" #{"data_collector['root_url'] = 'https://#{node['chef_software']['chef_automate_api_fqdn']}/data-collector/v0/' data_collector['proxy'] = true profiles['root_url'] = 'https://#{node['chef_software']['chef_supermarket_api_fqdn']}'" if node['chef_software']['chef_automate_api_fqdn']} #{"oc_id['applications'] ||= {} oc_id['applications']['supermarket'] = {'redirect_uri' => 'https://#{node['chef_software']['chef_supermarket_api_fqdn']}/auth/chef_oauth2/callback',}" if node['chef_software']['chef_supermarket_api_fqdn']} EOC} | (Hash) Used to add configuration options to chef-server | +| ['chef_software']['chef_user'] | {test1: {first_name: 'Test',last_name: '1',email: 'test1@example.com',password: 'Test1234!',},} | (Hash) Hash of hashes used to manage chef-server users | +| ['chef_software']['chef_org'] | {testing: {org_full_name: 'Testing Chef Server', admins: %w(test1), users: %w(),},} | (Hash) Hash of hashes used to manage chef-server organizations | +| ['chef_software']['chef_supermarket'] | {chef_server_url: "https://#{node['chef_software']['chef_server_api_fqdn']}", chef_oauth2_app_id: 'testGUID', chef_oauth2_secret: 'testGUID', chef_oauth2_verify_ssl: false, accept_license: true, config: {fqdn: node['chef_software']['chef_supermarket_api_fqdn'], smtp_address: 'localhost', smtp_port: 25, from_email: 'chef-supermarket.example.com', features: 'tools,gravatar,github,announcement,fieri', fieri_key: 'randomstuff', fieri_supermarket_endpoint: node['chef_software']['chef_supermarket_api_fqdn'],},} | (Hash) Used to add configuration options to chef-supermarket | + +## Recipes + +### default recipe + +Recipe does nothing but log warning that it does nothing + +### chef_automatev2 + +Recipe to install chef-automatev2 + +### chef_server + +Recipe to install chef-server and manage users & organizations + +### chef_supermarket + +Recipe to install chef-supermarket + +## Usage + +Include chef_software in your cookbooks. diff --git a/attributes/default.rb b/attributes/default.rb new file mode 100644 index 0000000..93c1f41 --- /dev/null +++ b/attributes/default.rb @@ -0,0 +1,104 @@ +# +# Cookbook:: chef_software +# Attributes:: default +# +# Copyright:: 2019, Corey Hemminger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +default['chef_software']['chef_server_api_fqdn'] = 'chef-server.example.com' +default['chef_software']['chef_automate_api_fqdn'] = 'chef-automate.example.com' +default['chef_software']['chef_supermarket_api_fqdn'] = 'chef-supermarket.example.com' +default['chef_software']['automate_admin_token'] = nil + +default['chef_software']['chef_automatev2'] = { + accept_license: true, + config: <<~EOC + [global.v1] + fqdn = "#{node['chef_software']['chef_automate_api_fqdn']}" + EOC +} + +default['chef_software']['automatev2_local_users'] = { + test1: { + full_name: 'Test 1', + password: 'Test1234!', + sensitive: true, + }, +} + +default['chef_software']['automatev2_iam_policies'] = { + test1: { + policy_json: { + subjects: ['user:local:test1'], + action: '*', + resource: '*', + }, + sensitive: true, + }, +} + +default['chef_software']['chef_server'] = { + accept_license: true, + addons: { + 'manage' => { + accept_license: true, + }, + }, + config: <<~EOC + api_fqdn "#{node['chef_software']['chef_server_api_fqdn']}" + topology "standalone" + #{"data_collector['root_url'] = 'https://#{node['chef_software']['chef_automate_api_fqdn']}/data-collector/v0/' +data_collector['proxy'] = true +profiles['root_url'] = 'https://#{node['chef_software']['chef_supermarket_api_fqdn']}'" if node['chef_software']['chef_automate_api_fqdn']} + #{"oc_id['applications'] ||= {} +oc_id['applications']['supermarket'] = { + 'redirect_uri' => 'https://#{node['chef_software']['chef_supermarket_api_fqdn']}/auth/chef_oauth2/callback' +}" if node['chef_software']['chef_supermarket_api_fqdn']} + EOC +} + +default['chef_software']['chef_user'] = { + test1: { + first_name: 'Test', + last_name: '1', + email: 'test1@example.com', + password: 'Test1234!', + }, +} + +default['chef_software']['chef_org'] = { + testing: { + org_full_name: 'Testing Chef Server', + admins: %w(test1), + users: %w(), + }, +} + +default['chef_software']['chef_supermarket'] = { + chef_server_url: "https://#{node['chef_software']['chef_server_api_fqdn']}", + chef_oauth2_app_id: 'GUID', + chef_oauth2_secret: 'GUID', + chef_oauth2_verify_ssl: false, + accept_license: true, + config: { + fqdn: node['chef_software']['chef_supermarket_api_fqdn'], + smtp_address: 'localhost', + smtp_port: 25, + from_email: 'chef-supermarket@example.com', + features: 'tools,gravatar,github,announcement,fieri', + fieri_key: 'randomstuff', + fieri_supermarket_endpoint: node['chef_software']['chef_supermarket_api_fqdn'], + }, +} diff --git a/chefignore b/chefignore index 4439807..e493997 100644 --- a/chefignore +++ b/chefignore @@ -81,6 +81,7 @@ Rakefile Berksfile Berksfile.lock cookbooks/* +cookbook/* tmp # Bundler # @@ -95,7 +96,6 @@ Policyfile.lock.json # Cookbooks # ############# CONTRIBUTING* -CHANGELOG* TESTING* # Vagrant # diff --git a/metadata.rb b/metadata.rb index 7fbb40c..4aa8b42 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,20 +1,17 @@ name 'chef_software' -maintainer 'The Authors' -maintainer_email 'you@example.com' -license 'All Rights Reserved' +maintainer 'Corey Hemminger' +maintainer_email 'hemminger@hotmail.com' +license 'Apache-2.0' description 'Installs/Configures chef_software' long_description 'Installs/Configures chef_software' -version '0.1.0' +version '1.0.0' chef_version '>= 13.0' -# The `issues_url` points to the location where issues for this cookbook are -# tracked. A `View Issues` link will be displayed on this cookbook's page when -# uploaded to a Supermarket. -# -# issues_url 'https://github.com//chef_software/issues' +issues_url 'https://github.com/Stromweld/chef_software/issues' +source_url 'https://github.com/Stromweld/chef_software' -# The `source_url` points to the development repository for this cookbook. A -# `View Source` link will be displayed on this cookbook's page when uploaded to -# a Supermarket. -# -# source_url 'https://github.com//chef_software' +%w(centos redhat ubuntu).each do |os| + supports os +end + +depends 'chef-ingredient' diff --git a/recipes/chef_automatev2.rb b/recipes/chef_automatev2.rb new file mode 100644 index 0000000..56cb89c --- /dev/null +++ b/recipes/chef_automatev2.rb @@ -0,0 +1,42 @@ +# +# Cookbook:: chef_software +# Recipe:: chef_automatev2 +# +# Copyright:: 2019, Corey Hemminger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +chef_automatev2 'Create Automate server' do + node['chef_software']['chef_automatev2']&.each do |key, value| + send(key, value) + end +end + +if node['chef_software']['automate_admin_token'] + node['chef_software']['automatev2_local_users']&.each do |name, hash| + execute "create local user #{name}" do + command "curl --insecure -H \"api-token: #{node['chef_software']['automate_admin_token']}\" -H \"Content-Type: application/json\" -d '{\"name\":\"#{hash['full_name']}\", \"username\":\"#{name}\", \"password\":\"#{hash['password']}\"}' https://localhost/api/v0/auth/users" + not_if { shell_out("curl --insecure -H \"api-token: #{node['chef_software']['automate_admin_token']}\" https://localhost/api/v0/auth/users/#{name}").stdout.include?(name) } + sensitive true + end + end + + node['chef_software']['automatev2_iam_policies']&.each do |name, hash| + execute "generate iam policy #{name}" do + command "curl --insecure -s -H \"api-token: #{node['chef_software']['automate_admin_token']}\" -H \"Content-Type: application/json\" -d '#{hash['policy_json'].to_json}' https://localhost/api/v0/auth/policies -v" + not_if { shell_out("curl --insecure -s -H \"api-token: #{node['chef_software']['automate_admin_token']}\" https://localhost/api/v0/auth/policies -v").stdout.include?(hash['policy_json']['subjects'].first) } + sensitive true + end + end +end diff --git a/recipes/chef_server.rb b/recipes/chef_server.rb new file mode 100644 index 0000000..a95b5c6 --- /dev/null +++ b/recipes/chef_server.rb @@ -0,0 +1,62 @@ +# +# Cookbook:: chef_software +# Recipe:: chef_server +# +# Copyright:: 2019, Corey Hemminger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +chef_server 'chef-server' do + node['chef_software']['chef_server']&.each do |key, value| + send(key, value) + end +end + +if node['chef_software']['chef_automate_api_fqdn'] && node['chef_software']['automate_admin_token'] + execute 'set data_collector token' do + command "chef-server-ctl set-secret data_collector token '#{node['chef_software']['automate_admin_token']}'" + not_if { shell_out('chef-server-ctl show-secret data_collector token').stdout.include?(node['chef_software']['automate_admin_token']) } + notifies :run, 'execute[chef-server-ctl restart nginx]', :immediately + notifies :run, 'execute[chef-server-ctl restart opscode-erchef]', :immediately + sensitive true + end + + execute 'chef-server-ctl restart nginx' do + action :nothing + end + + execute 'chef-server-ctl restart opscode-erchef' do + action :nothing + end +end + +ingredient_config 'chef-server' do + notifies :reconfigure, 'chef_server[chef-server]', :immediately +end + +node['chef_software']['chef_user']&.each do |name, hash| + chef_user name do + hash&.each do |key, value| + send(key, value) + end + end +end + +node['chef_software']['chef_org']&.each do |name, hash| + chef_org name do + hash&.each do |key, value| + send(key, value) + end + end +end diff --git a/recipes/chef_supermarket.rb b/recipes/chef_supermarket.rb new file mode 100644 index 0000000..eb308a9 --- /dev/null +++ b/recipes/chef_supermarket.rb @@ -0,0 +1,24 @@ +# +# Cookbook:: chef_software +# Recipe:: chef_supermarket +# +# Copyright:: 2019, Corey Hemminger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +chef_supermarket 'supermarket' do + node['chef_software']['chef_supermarket']&.each do |key, value| + send(key, value) + end +end diff --git a/recipes/default.rb b/recipes/default.rb index 5677f1e..87f6990 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -2,4 +2,19 @@ # Cookbook:: chef_software # Recipe:: default # -# Copyright:: 2018, The Authors, All Rights Reserved. +# Copyright:: 2019, Corey Hemminger +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +Chef::Log.warn('The chef_software::default recipe includes no resources and should not be included directly on nodes') diff --git a/test/integration/default/default_test.rb b/test/integration/default/default_test.rb index e54f0dc..b954290 100644 --- a/test/integration/default/default_test.rb +++ b/test/integration/default/default_test.rb @@ -5,14 +5,9 @@ # The Inspec reference, with examples and extensive documentation, can be # found at http://inspec.io/docs/reference/resources/ -unless os.windows? - # This is an example test, replace with your own test. - describe user('root'), :skip do - it { should exist } +# Listening port +%w(80 443).each do |port| + describe port(port) do + it { should be_listening } end end - -# This is an example test, replace it with your own test. -describe port(80), :skip do - it { should_not be_listening } -end