class Chef::Knife::Core::BootstrapContext

Instances of BootstrapContext are the context objects (i.e., self) for bootstrap templates. For backwards compatibility, they must set the following instance variables:

Attributes

client_pem[RW]

Public Class Methods

new(config, run_list, chef_config, secret = nil) click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 37
def initialize(config, run_list, chef_config, secret = nil)
  @config       = config
  @run_list     = run_list
  @chef_config  = chef_config
  @secret       = secret
end

Public Instance Methods

bootstrap_environment() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 44
def bootstrap_environment
  @config[:environment]
end
client_d() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 57
def client_d
  @client_d ||= client_d_content
end
config_content() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 89
        def config_content
          client_rb = <<~CONFIG
            chef_server_url  "#{@chef_config[:chef_server_url]}"
            validation_client_name "#{@chef_config[:validation_client_name]}"
          CONFIG

          unless @chef_config[:chef_license].nil?
            client_rb << "chef_license \"#{@chef_config[:chef_license]}\"\n"
          end

          if !(@chef_config[:config_log_level].nil? || @chef_config[:config_log_level].empty?)
            client_rb << %Q{log_level   :#{@chef_config[:config_log_level]}\n}
          end

          client_rb << "log_location   #{get_log_location}\n"

          if @config[:chef_node_name]
            client_rb << %Q{node_name "#{@config[:chef_node_name]}"\n}
          else
            client_rb << "# Using default node name (fqdn)\n"
          end

          # We configure :verify_api_cert only when it's overridden on the CLI
          # or when specified in the knife config.
          if !@config[:node_verify_api_cert].nil? || knife_config.key?(:verify_api_cert)
            value = @config[:node_verify_api_cert].nil? ? knife_config[:verify_api_cert] : @config[:node_verify_api_cert]
            client_rb << %Q{verify_api_cert #{value}\n}
          end

          # We configure :ssl_verify_mode only when it's overridden on the CLI
          # or when specified in the knife config.
          if @config[:node_ssl_verify_mode] || knife_config.key?(:ssl_verify_mode)
            value = case @config[:node_ssl_verify_mode]
                    when "peer"
                      :verify_peer
                    when "none"
                      :verify_none
                    when nil
                      knife_config[:ssl_verify_mode]
                    else
                      nil
                    end

            if value
              client_rb << %Q{ssl_verify_mode :#{value}\n}
            end
          end

          if @config[:ssl_verify_mode]
            client_rb << %Q{ssl_verify_mode :#{knife_config[:ssl_verify_mode]}\n}
          end

          if knife_config[:bootstrap_proxy]
            client_rb << %Q{http_proxy        "#{knife_config[:bootstrap_proxy]}"\n}
            client_rb << %Q{https_proxy       "#{knife_config[:bootstrap_proxy]}"\n}
          end

          if knife_config[:bootstrap_proxy_user]
            client_rb << %Q{http_proxy_user   "#{knife_config[:bootstrap_proxy_user]}"\n}
            client_rb << %Q{https_proxy_user  "#{knife_config[:bootstrap_proxy_user]}"\n}
          end

          if knife_config[:bootstrap_proxy_pass]
            client_rb << %Q{http_proxy_pass   "#{knife_config[:bootstrap_proxy_pass]}"\n}
            client_rb << %Q{https_proxy_pass  "#{knife_config[:bootstrap_proxy_pass]}"\n}
          end

          if knife_config[:bootstrap_no_proxy]
            client_rb << %Q{no_proxy       "#{knife_config[:bootstrap_no_proxy]}"\n}
          end

          if encrypted_data_bag_secret
            client_rb << %Q{encrypted_data_bag_secret "#{Chef::Dist::CONF_DIR}/encrypted_data_bag_secret"\n}
          end

          unless trusted_certs.empty?
            client_rb << %Q{trusted_certs_dir "#{Chef::Dist::CONF_DIR}/trusted_certs"\n}
          end

          if Chef::Config[:fips]
            client_rb << "fips true\n"
          end

          client_rb
        end
encrypted_data_bag_secret() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 61
def encrypted_data_bag_secret
  @secret
end
first_boot() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 207
def first_boot
  (@config[:first_boot_attributes] || {}).tap do |attributes|
    if @config[:policy_name] && @config[:policy_group]
      attributes[:policy_name] = @config[:policy_name]
      attributes[:policy_group] = @config[:policy_group]
    else
      attributes[:run_list] = @run_list
    end

    attributes.delete(:run_list) if attributes[:policy_name] && !attributes[:policy_name].empty?
    attributes.merge!(tags: @config[:tags]) if @config[:tags] && !@config[:tags].empty?
  end
end
get_log_location() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 71
def get_log_location
  if !(@chef_config[:config_log_location].class == IO ) && (@chef_config[:config_log_location].nil? || @chef_config[:config_log_location].to_s.empty?)
    "STDOUT"
  elsif @chef_config[:config_log_location].equal?(:win_evt)
    raise "The value :win_evt is not supported for config_log_location on Linux Platforms \n"
  elsif @chef_config[:config_log_location].equal?(:syslog)
    ":syslog"
  elsif @chef_config[:config_log_location].equal?(STDOUT)
    "STDOUT"
  elsif @chef_config[:config_log_location].equal?(STDERR)
    "STDERR"
  elsif @chef_config[:config_log_location]
    %Q{"#{@chef_config[:config_log_location]}"}
  else
    "STDOUT"
  end
end
knife_config() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 189
def knife_config
  @chef_config.key?(:knife) ? @chef_config[:knife] : {}
end
start_chef() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 175
def start_chef
  # If the user doesn't have a client path configure, let bash use the PATH for what it was designed for
  client_path = @chef_config[:chef_client_path] || "#{Chef::Dist::CLIENT}"
  s = "#{client_path} -j #{Chef::Dist::CONF_DIR}/first-boot.json"
  if @config[:verbosity] && @config[:verbosity] >= 3
    s << " -l trace"
  elsif @config[:verbosity] && @config[:verbosity] >= 2
    s << " -l debug"
  end
  s << " -E #{bootstrap_environment}" unless bootstrap_environment.nil?
  s << " --no-color" unless @config[:color]
  s
end
trusted_certs() click to toggle source

Contains commands and content, see trusted_certs_content @todo Rename to trusted_certs_script

# File lib/chef/knife/core/bootstrap_context.rb, line 67
def trusted_certs
  @trusted_certs ||= trusted_certs_content
end
validation_key() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 48
def validation_key
  if @chef_config[:validation_key] &&
      File.exist?(File.expand_path(@chef_config[:validation_key]))
    IO.read(File.expand_path(@chef_config[:validation_key]))
  else
    false
  end
end
version_to_install() click to toggle source

Returns the version of Chef to install (as recognized by the Omnitruck API)

@return [String] download version string

# File lib/chef/knife/core/bootstrap_context.rb, line 197
def version_to_install
  return knife_config[:bootstrap_version] if knife_config[:bootstrap_version]

  if @config[:channel] == "stable"
    Chef::VERSION.split(".").first
  else
    "latest"
  end
end

Private Instance Methods

client_d_content() click to toggle source
# File lib/chef/knife/core/bootstrap_context.rb, line 236
def client_d_content
  content = ""
  if @chef_config[:client_d_dir] && File.exist?(@chef_config[:client_d_dir])
    root = Pathname(@chef_config[:client_d_dir])
    root.find do |f|
      relative = f.relative_path_from(root)
      if f != root
        file_on_node = "#{Chef::Dist::CONF_DIR}/client.d/#{relative}"
        if f.directory?
          content << "mkdir #{file_on_node}\n"
        else
          content << "cat > #{file_on_node} <<'EOP'\n" +
            f.read.gsub("'", "'\\\\''") + "\nEOP\n"
        end
      end
    end
  end
  content
end
trusted_certs_content() click to toggle source

Returns a string for copying the trusted certificates on the workstation to the system being bootstrapped This string should contain both the commands necessary to both create the files, as well as their content

# File lib/chef/knife/core/bootstrap_context.rb, line 225
def trusted_certs_content
  content = ""
  if @chef_config[:trusted_certs_dir]
    Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(@chef_config[:trusted_certs_dir]), "*.{crt,pem}")).each do |cert|
      content << "cat > #{Chef::Dist::CONF_DIR}/trusted_certs/#{File.basename(cert)} <<'EOP'\n" +
        IO.read(File.expand_path(cert)) + "\nEOP\n"
    end
  end
  content
end