feat: Add all client config keys

clburlison · Jan 3, 2018 · 0e41518 · 0e41518
1 parent f4e4918
commit 0e41518
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 12 deletions.
diff --git a/client/client.go b/client/client.go
@@ -18,11 +18,14 @@ type Settings struct {
 	RestTimeout          int
 	HTTPRetryCount       int
 	NoLazyLoad           bool
+	OhaiDirectory        string
+	OhaiDisabledPlugins  []string
 	NodeName             string
 }
 
 // https://golang.org/pkg/text/template/
 // TODO: If an empty value is passed a newline is created
+// TODO: OhaiDisabledPlugins - we should add a comma + new line if len > 1
 var client = `# https://docs.chef.io/config_rb_client.html
 {{if .LogLevel}}log_level              {{.LogLevel}}{{end}}
 {{if .LogLocation}}log_location           {{.LogLocation}}{{end}}
@@ -36,18 +39,20 @@ var client = `# https://docs.chef.io/config_rb_client.html
 {{if .HTTPRetryCount}}http_retry_count       {{.HTTPRetryCount}}{{end}}
 {{if .NoLazyLoad}}no_lazy_load           {{.NoLazyLoad}}{{end}}
 
-whitelist = []
-automatic_attribute_whitelist whitelist
+automatic_attribute_whitelist []
 default_attribute_whitelist []
 normal_attribute_whitelist []
 override_attribute_whitelist []
 
+{{if .OhaiDirectory}}ohai.directory = '{{.OhaiDirectory}}'{{end}}
+{{- if .OhaiDisabledPlugins}}
+{{ $disabled_plugins := .OhaiDisabledPlugins }}
 ohai.disabled_plugins = [
-    :Passwd
-]
-ohai.plugin_path += [
-  '/etc/chef/ohai_plugins'
+{{ range $disabled_plugins }}
+     {{- . -}}
+{{ end }}
 ]
+{{end}}
 
 {{if .NodeName}}node_name "{{.NodeName}}"{{- end}}
 `

diff --git a/client/client_test.go b/client/client_test.go
@@ -22,6 +22,8 @@ func TestClient(t *testing.T) {
 		30,
 		3,
 		false,
+		"/etc/chef/ohai_plugins",
+		[]string{":Passwd"},
 		"AAXXXYYYZZZ"}
 	config, err := Config(settings)
 	// fmt.Printf(config)

diff --git a/client/config/config.go b/client/config/config.go
@@ -14,6 +14,39 @@ var (
 	// ChefClientPreRelease string - Download pre-release chef client versions. String of false or true.
 	ChefClientPreRelease = "false"
 
+	// ChefClientRunListJSON map - Chef Run list
+	ChefClientRunListJSON = map[string]string{
+		"darwin":  `{"run_list": ["role[cpe_base]"]}`,
+		"windows": "",
+		"linux":   "",
+	}
+
+	// ChefClientOhaiDirectory map - Ohai plugin directory
+	ChefClientOhaiDirectory = map[string]string{
+		"darwin":  "/etc/chef/ohai_plugins",
+		"windows": "",
+		"linux":   "",
+	}
+
+	// ChefClientOhaiDisabledPlugins map - Plugins to disable with Ohai
+	ChefClientOhaiDisabledPlugins = map[string][]string{
+		"darwin":  {":Passwd"},
+		"windows": {},
+		"linux":   {},
+	}
+
+	ChefClientLogLevel             = ":info"
+	ChefClientLogLocation          = "STDOUT"
+	ChefClientValidationClientName = "corp-validator"
+	ChefClientValidationKey        = "/etc/chef/validation.pem"
+	ChefClientChefServerURL        = "https://chef.example.com/organizations/MyOrg"
+	ChefClientJSONAttribs          = "/etc/chef/run-list.json"
+	ChefClientSSLVerifyMode        = ":verify_peer"
+	ChefClientLocalKeyGeneration   = true
+	ChefClientRestTimeout          = 30
+	ChefClientHTTPRetryCount       = 3
+	ChefClientNoLazyLoad           = false
+
 	// Force bool - Remove old chef files before running
 	Force = false
 
@@ -24,3 +57,16 @@ var (
 	// Useful if you use chef to manage a specific service account.
 	UserShortName = "admin"
 )
+
+// ValidationPEM - The validation certificate from a chef server.
+var ValidationPEM = `-----BEGIN RSA PRIVATE KEY-----
+validation pem goes here
+-----END RSA PRIVATE KEY-----
+`
+
+// OrgCert - The organization certificate. Required if using a self signed cert from your chef server.
+// If left unmodified no cert is written.
+var OrgCert = `-----BEGIN RSA PRIVATE KEY-----
+validation pem goes here
+-----END RSA PRIVATE KEY-----
+`
diff --git a/client/setup_darwin.go b/client/setup_darwin.go
@@ -42,6 +42,29 @@ func Setup() {
 	serial := GetSerialNumber()
 	fmt.Printf("Current serial number is: %s\n", serial)
 
+	// Build client.rb from config and template
+	settings := Settings{
+		config.ChefClientLogLevel,
+		config.ChefClientLogLocation,
+		config.ChefClientValidationClientName,
+		config.ChefClientValidationKey,
+		config.ChefClientChefServerURL,
+		config.ChefClientJSONAttribs,
+		config.ChefClientSSLVerifyMode,
+		config.ChefClientLocalKeyGeneration,
+		config.ChefClientRestTimeout,
+		config.ChefClientHTTPRetryCount,
+		config.ChefClientNoLazyLoad,
+		config.ChefClientOhaiDirectory["darwin"],
+		config.ChefClientOhaiDisabledPlugins["darwin"],
+		serial}
+	clientConfig, err := Config(settings)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to create client config:\n%s\n", err)
+		os.Exit(1)
+	}
+	fmt.Printf(clientConfig)
+
 	// Run with elevated permissions
 	user, _ := user.Current()
 	if user.Uid != "0" {

diff --git a/client/testdata/client_config b/client/testdata/client_config
@@ -11,17 +11,16 @@ rest_timeout           30
 http_retry_count       3
 
 
-whitelist = []
-automatic_attribute_whitelist whitelist
+automatic_attribute_whitelist []
 default_attribute_whitelist []
 normal_attribute_whitelist []
 override_attribute_whitelist []
 
+ohai.directory = '/etc/chef/ohai_plugins'
+
 ohai.disabled_plugins = [
-    :Passwd
-]
-ohai.plugin_path += [
-  '/etc/chef/ohai_plugins'
+:Passwd
 ]
 
+
 node_name "AAXXXYYYZZZ"