module Chef::Knife::EcKeyBase
Public Class Methods
included(includer)
click to toggle source
# File lib/chef/knife/ec_key_base.rb, line 26 def self.included(includer) includer.class_eval do deps do require 'sequel' require 'json' unless defined?(JSON) require_relative '../automate' end option :sql_host, :long => '--sql-host HOSTNAME', :description => 'Postgresql database hostname (default: localhost)', :default => "localhost" option :sql_port, :long => '--sql-port PORT', :description => 'Postgresql database port (default: 5432)', :default => 5432 option :sql_db, :long => '--sql-db DBNAME', :description => 'Postgresql Chef Server database name (default: opscode_chef or automate-cs-oc-erchef)' option :sql_user, :long => "--sql-user USERNAME", :description => 'User used to connect to the postgresql database.' option :sql_password, :long => "--sql-password PASSWORD", :description => 'Password used to connect to the postgresql database' option :sql_cert, :long => "--sql-cert ", :description => 'Path to client ssl cert' option :sql_key, :long => "--sql-key PATH", :description => 'Path to client ssl key' option :sql_rootcert, :long => "--sql-rootcert ", :description => 'Path to root ssl cert' option :secrets_file_path, :long => '--secrets-file PATH', :description => 'Path to a valid private-chef-secrets.json file (default: /etc/opscode/private-chef-secrets.json)', :default => '/etc/opscode/private-chef-secrets.json' option :skip_keys_table, :long => "--skip-keys-table", :description => "Skip Chef 12-only keys table", :default => false option :skip_users_table, :long => "--skip-users-table", :description => "Skip users table", :default => false end end
Public Instance Methods
db()
click to toggle source
# File lib/chef/knife/ec_key_base.rb, line 86 def db @db ||= begin require 'sequel' require 'uri' server_uri = URI('postgres://') server_uri.host = config[:sql_host] server_uri.port = config[:sql_port] server_uri.user = URI.encode_www_form_component(config[:sql_user]) if config[:sql_user] server_uri.password = URI.encode_www_form_component(config[:sql_password]) if config[:sql_password] query_params = [] query_params.push("sslcert=#{config[:sql_cert]}") if config[:sql_cert] query_params.push("sslkey=#{config[:sql_key]}") if config[:sql_key] query_params.push("sslrootcert=#{config[:sql_rootcert]}") if config[:sql_rootcert] server_uri.query = query_params.join("&") if query_params.length > 0 ::Sequel.connect(server_uri.to_s, :convert_infinite_timestamps => :string) end end
load_config_from_file!()
click to toggle source
Loads SQL user and password from running config if not passed as a command line option
# File lib/chef/knife/ec_key_base.rb, line 107 def load_config_from_file! if Chef::Automate.is_installed? ui.msg "Automate detected" config.merge! Chef::Automate.config {|key, v1, v2| v1} else if ! File.exists?("/etc/opscode/chef-server-running.json") ui.fatal "SQL User or Password not provided as option and running config cannot be found!" exit 1 else running_config ||= JSON.parse(File.read("/etc/opscode/chef-server-running.json")) # Latest versions of chef server put the database info under opscode-erchef.sql_user hash_key = if running_config['private_chef']['opscode-erchef'].has_key? 'sql_user' 'opscode-erchef' else 'postgresql' end config[:sql_user] ||= running_config['private_chef'][hash_key]['sql_user'] config[:sql_password] ||= (running_config['private_chef'][hash_key]['sql_password'] || sql_password) config[:sql_db] ||= 'opscode_chef' end end end
sql_password()
click to toggle source
# File lib/chef/knife/ec_key_base.rb, line 139 def sql_password if config[:sql_password] config[:sql_password] elsif veil.exist?("opscode_erchef", "sql_password") veil.get("opscode_erchef", "sql_password") else veil.exist?("postgresql", "sql_password") veil.get("postgresql", "sql_password") end end
veil()
click to toggle source
# File lib/chef/knife/ec_key_base.rb, line 135 def veil Veil::CredentialCollection.from_config(veil_config) end
veil_config()
click to toggle source
# File lib/chef/knife/ec_key_base.rb, line 130 def veil_config { provider: 'chef-secrets-file', path: config[:secrets_file_path] } end