class Chef::Knife::Core::BootstrapContext
Instances of BootstrapContext
are the context objects (i.e., self
) for bootstrap templates. For backwards compatibility, they must
set the following instance variables:
-
@config - a hash of knife's config values
-
@run_list - the run list for the node to bootstrap
Attributes
chef_config[RW]
client_pem[RW]
config[RW]
Public Class Methods
new(config, run_list, chef_config, secret = nil)
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 39 def initialize(config, run_list, chef_config, secret = nil) @config = config @run_list = run_list @chef_config = chef_config @secret = secret end
Public Instance Methods
bootstrap_environment()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 46 def bootstrap_environment config[:environment] end
client_d()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 59 def client_d @client_d ||= client_d_content end
config_content()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 91 def config_content client_rb = <<~CONFIG chef_server_url "#{chef_config[:chef_server_url]}" validation_client_name "#{chef_config[:validation_client_name]}" CONFIG unless chef_config[:chef_license].nil? client_rb << "chef_license \"#{chef_config[:chef_license]}\"\n" end unless chef_config[:config_log_level].nil? || chef_config[:config_log_level].empty? client_rb << %Q{log_level :#{chef_config[:config_log_level]}\n} end client_rb << "log_location #{get_log_location}\n" if config[:chef_node_name] client_rb << %Q{node_name "#{config[:chef_node_name]}"\n} else client_rb << "# Using default node name (fqdn)\n" end # We configure :verify_api_cert only when it's overridden on the CLI # or when specified in the knife config. if !config[:node_verify_api_cert].nil? || config.key?(:verify_api_cert) value = config[:node_verify_api_cert].nil? ? config[:verify_api_cert] : config[:node_verify_api_cert] client_rb << %Q{verify_api_cert #{value}\n} end # We configure :ssl_verify_mode only when it's overridden on the CLI # or when specified in the knife config. if config[:node_ssl_verify_mode] || config.key?(:ssl_verify_mode) value = case config[:node_ssl_verify_mode] when "peer" :verify_peer when "none" :verify_none when nil config[:ssl_verify_mode] else nil end if value client_rb << %Q{ssl_verify_mode :#{value}\n} end end if config[:ssl_verify_mode] client_rb << %Q{ssl_verify_mode :#{config[:ssl_verify_mode]}\n} end if config[:bootstrap_proxy] client_rb << %Q{http_proxy "#{config[:bootstrap_proxy]}"\n} client_rb << %Q{https_proxy "#{config[:bootstrap_proxy]}"\n} end if config[:bootstrap_proxy_user] client_rb << %Q{http_proxy_user "#{config[:bootstrap_proxy_user]}"\n} client_rb << %Q{https_proxy_user "#{config[:bootstrap_proxy_user]}"\n} end if config[:bootstrap_proxy_pass] client_rb << %Q{http_proxy_pass "#{config[:bootstrap_proxy_pass]}"\n} client_rb << %Q{https_proxy_pass "#{config[:bootstrap_proxy_pass]}"\n} end if config[:bootstrap_no_proxy] client_rb << %Q{no_proxy "#{config[:bootstrap_no_proxy]}"\n} end if encrypted_data_bag_secret client_rb << %Q{encrypted_data_bag_secret "/etc/chef/encrypted_data_bag_secret"\n} end unless trusted_certs.empty? client_rb << %Q{trusted_certs_dir "/etc/chef/trusted_certs"\n} end if chef_config[:fips] client_rb << "fips true\n" end unless chef_config[:unix_bootstrap_file_cache_path].nil? client_rb << "file_cache_path \"#{chef_config[:unix_bootstrap_file_cache_path]}\"\n" end unless chef_config[:unix_bootstrap_file_backup_path].nil? client_rb << "file_backup_path \"#{chef_config[:unix_bootstrap_file_backup_path]}\"\n" end client_rb end
encrypted_data_bag_secret()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 63 def encrypted_data_bag_secret @secret end
first_boot()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 213 def first_boot (config[:first_boot_attributes] = Mash.new(config[:first_boot_attributes]) || Mash.new).tap do |attributes| if config[:policy_name] && config[:policy_group] attributes[:policy_name] = config[:policy_name] attributes[:policy_group] = config[:policy_group] else attributes[:run_list] = @run_list end attributes.delete(:run_list) if attributes[:policy_name] && !attributes[:policy_name].empty? attributes.merge!(tags: config[:tags]) if config[:tags] && !config[:tags].empty? end end
get_log_location()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 73 def get_log_location if !(chef_config[:config_log_location].class == IO ) && (chef_config[:config_log_location].nil? || chef_config[:config_log_location].to_s.empty?) "STDOUT" elsif chef_config[:config_log_location].equal?(:win_evt) raise "The value :win_evt is not supported for config_log_location on Linux Platforms \n" elsif chef_config[:config_log_location].equal?(:syslog) ":syslog" elsif chef_config[:config_log_location].equal?(STDOUT) "STDOUT" elsif chef_config[:config_log_location].equal?(STDERR) "STDERR" elsif chef_config[:config_log_location] %Q{"#{chef_config[:config_log_location]}"} else "STDOUT" end end
start_chef()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 185 def start_chef # If the user doesn't have a client path configure, let bash use the PATH for what it was designed for client_path = chef_config[:chef_client_path] || ChefUtils::Dist::Infra::CLIENT s = "#{client_path} -j /etc/chef/first-boot.json" if config[:verbosity] && config[:verbosity] >= 3 s << " -l trace" elsif config[:verbosity] && config[:verbosity] >= 2 s << " -l debug" end s << " -E #{bootstrap_environment}" unless bootstrap_environment.nil? s << " --no-color" unless config[:color] s end
trusted_certs()
click to toggle source
Contains commands and content, see trusted_certs_content
@todo Rename to trusted_certs_script
# File lib/chef/knife/core/bootstrap_context.rb, line 69 def trusted_certs @trusted_certs ||= trusted_certs_content end
validation_key()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 50 def validation_key if chef_config[:validation_key] && File.exist?(File.expand_path(chef_config[:validation_key])) IO.read(File.expand_path(chef_config[:validation_key])) else false end end
version_to_install()
click to toggle source
Returns the version of Chef
to install (as recognized by the Omnitruck API)
@return [String] download version string
# File lib/chef/knife/core/bootstrap_context.rb, line 203 def version_to_install return config[:bootstrap_version] if config[:bootstrap_version] if config[:channel] == "stable" Chef::VERSION.split(".").first else "latest" end end
Private Instance Methods
client_d_content()
click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 241 def client_d_content content = "" if chef_config[:client_d_dir] && File.exist?(chef_config[:client_d_dir]) root = Pathname(chef_config[:client_d_dir]) root.find do |f| relative = f.relative_path_from(root) if f != root file_on_node = "/etc/chef/client.d/#{relative}" if f.directory? content << "mkdir #{file_on_node}\n" else content << "cat > #{file_on_node} <<'EOP'\n" + f.read.gsub("'", "'\\\\''") + "\nEOP\n" end end end end content end
trusted_certs_content()
click to toggle source
Returns a string for copying the trusted certificates on the workstation to the system being bootstrapped This string should contain both the commands necessary to both create the files, as well as their content
# File lib/chef/knife/core/bootstrap_context.rb, line 230 def trusted_certs_content content = "" if chef_config[:trusted_certs_dir] Dir.glob(File.join(ChefConfig::PathHelper.escape_glob_dir(chef_config[:trusted_certs_dir]), "*.{crt,pem}")).each do |cert| content << "cat > /etc/chef/trusted_certs/#{File.basename(cert)} <<'EOP'\n" + IO.read(File.expand_path(cert)) + "\nEOP\n" end end content end