Skip to content

[WIP] Support for creating user in multiple organisation #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

[WIP] Support for creating user in multiple organisation #82

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
887eae6
Start to implement user's multi org support
stem Jun 16, 2016
159f32f
Support client multi org
stem Jun 16, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
174 changes: 88 additions & 86 deletions recipes/client.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,112 +66,114 @@
end
# User Setup
users.each do |item|
org, options = item['orgs'].first
item['org'] = org
if(options)
if(options.has_key?('enabled'))
item['enabled'] = options['enabled']
item['orgs'].each do |org, options|
item['org'] = org
if(options)
if(options.has_key?('enabled'))
item['enabled'] = options['enabled']
end
if(options.has_key?('admin'))
item['admin'] = options['admin']
end
end
if(options.has_key?('admin'))
item['admin'] = options['admin']
if(item['enabled'] == false)
execute "remove user: #{item['client']} from #{item['org']}" do
command "chef-server-ctl org-user-remove #{item['org']} #{item['client']}"
end
execute "delete user: #{item['client']}" do
command "chef-server-ctl user-delete #{item['client']}"
only_if "chef-server-list user-list | tr -d ' ' | grep '^#{item['client']}$'"
end
elsif(item['enabled'] == true)
if(item['pub_key'])
unless item['pub_key'].to_s.empty?
key_file = "#{Chef::Config[:file_cache_path]}/#{item['client']}.pub"
file key_file do
backup false
content item['pub_key']
mode '0400'
end
item['full_name'] = item.fetch('full_name', item['client'].capitalize)
first_name = item['full_name'].split(' ').first.capitalize
last_name = item['full_name'].split(' ').last.capitalize
email = item.fetch('email', "#{item['client']}@example.com")
execute "create user: #{item['client']}" do
command "chef-server-ctl user-create #{item['client']} #{first_name} #{last_name} #{email} #{item['password']} > /dev/null 2>&1"
not_if "chef-server-ctl user-list | grep '^#{item['client']}$'"
end
execute "set user key: #{item['client']}" do
if (node['chef-server'][:version].to_f >= 12.1 || node['chef-server'][:version].to_f == 0.0)
command "chef-server-ctl add-user-key #{item['client']} --public-key-path #{key_file} --key-name populator"
else
command "chef-server-ctl add-user-key #{item['client']} #{key_file} --key-name populator"
end
not_if "chef-server-ctl list-user-keys #{item['client']} | grep 'name: populator$'"
end
execute "delete default user key: #{item['client']}" do
command "chef-server-ctl delete-user-key #{item['client']} default"
only_if "chef-server-ctl list-user-keys #{item['client']} | grep 'name: default$'"
end
execute "set user org: #{item['client']} #{item['org']}" do
command "chef-server-ctl org-user-add #{item['org']} #{item['client']} #{'--admin' if item['admin']}"
end
end
end
end
end
if(item['enabled'] == false)
execute "remove user: #{item['client']} from #{item['org']}" do
command "chef-server-ctl org-user-remove #{item['org']} #{item['client']}"
end
# Client Setup
clients.each do |item|
item['orgs'].each do |org, options|
if(org)
knife_url = "-s https://127.0.0.1/organizations/#{org}"
else
knife_url = "-s https://127.0.0.1"
end
execute "delete user: #{item['client']}" do
command "chef-server-ctl user-delete #{item['client']}"
only_if "chef-server-list user-list | tr -d ' ' | grep '^#{item['client']}$'"
if(options)
if(options.has_key?('enabled'))
item[:enabled] = options[:enabled]
end
if(options.has_key?('admin'))
item[:admin] = options[:admin]
end
end
elsif(item['enabled'] == true)
if(item['pub_key'])
unless item['pub_key'].to_s.empty?
if(item['enabled'] == false)
execute "delete client: #{item['client']}" do
command "#{knife_cmd} client delete #{item['client']} -d #{knife_opts} #{knife_url}"
only_if "#{knife_cmd} client list #{knife_opts} #{knife_url} | tr -d ' ' | grep '^#{item['client']}$'"
retries 10
end
else
if(item['pub_key'])
key_file = "#{Chef::Config[:file_cache_path]}/#{item['client']}.pub"
file key_file do
backup false
content item['pub_key']
mode '0400'
end
item['full_name'] = item.fetch('full_name', item['client'].capitalize)
first_name = item['full_name'].split(' ').first.capitalize
last_name = item['full_name'].split(' ').last.capitalize
email = item.fetch('email', "#{item['client']}@example.com")
execute "create user: #{item['client']}" do
command "chef-server-ctl user-create #{item['client']} #{first_name} #{last_name} #{email} #{item['password']} > /dev/null 2>&1"
not_if "chef-server-ctl user-list | grep '^#{item['client']}$'"
end
execute "set user key: #{item['client']}" do
end
execute "create client: #{item['client']}" do
command "#{knife_cmd} client create #{item['client']}#{' --admin' if item['admin']} -d #{knife_url} #{knife_opts}"
not_if "#{knife_cmd} client list #{knife_url} #{knife_opts} | tr -d ' ' | grep '^#{item['client']}$'"
retries 10
end
if(item['pub_key'])
execute "set client key: #{item['client']} #{org || node[:chef_server_populator][:default_org]}" do
if (node['chef-server'][:version].to_f >= 12.1 || node['chef-server'][:version].to_f == 0.0)
command "chef-server-ctl add-user-key #{item['client']} --public-key-path #{key_file} --key-name populator"
command "chef-server-ctl add-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} --public-key-path #{key_file} --key-name populator"
else
command "chef-server-ctl add-user-key #{item['client']} #{key_file} --key-name populator"
command "chef-server-ctl add-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} #{key_file} --key-name populator"
end
not_if "chef-server-ctl list-user-keys #{item['client']} | grep 'name: populator$'"
end
execute "delete default user key: #{item['client']}" do
command "chef-server-ctl delete-user-key #{item['client']} default"
only_if "chef-server-ctl list-user-keys #{item['client']} | grep 'name: default$'"
not_if "chef-server-ctl list-client-keys #{org || node[:chef_server_populator][:default_org]} #{item['client']} | grep 'name: populator$'"
end
execute "set user org: #{item['client']}" do
command "chef-server-ctl org-user-add #{item['org']} #{item['client']} #{'--admin' if item['admin']}"
execute "delete default client key: #{item['client']} #{org || node[:chef_server_populator][:default_org]}" do
command "chef-server-ctl delete-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} default"
only_if "chef-server-ctl list-client-keys #{org || node[:chef_server_populator][:default_org]} #{item['client']} | grep 'name: default$'"
end
end
end
end
end
# Client Setup
clients.each do |item|
org, options = item['orgs'].first
if(org)
knife_url = "-s https://127.0.0.1/organizations/#{org}"
else
knife_url = "-s https://127.0.0.1"
end
if(options)
if(options.has_key?('enabled'))
item[:enabled] = options[:enabled]
end
if(options.has_key?('admin'))
item[:admin] = options[:admin]
end
end
if(item['enabled'] == false)
execute "delete client: #{item['client']}" do
command "#{knife_cmd} client delete #{item['client']} -d #{knife_opts} #{knife_url}"
only_if "#{knife_cmd} client list #{knife_opts} #{knife_url} | tr -d ' ' | grep '^#{item['client']}$'"
retries 10
end
else
if(item['pub_key'])
key_file = "#{Chef::Config[:file_cache_path]}/#{item['client']}.pub"
file key_file do
backup false
content item['pub_key']
mode '0400'
end
end
execute "create client: #{item['client']}" do
command "#{knife_cmd} client create #{item['client']}#{' --admin' if item['admin']} -d #{knife_url} #{knife_opts}"
not_if "#{knife_cmd} client list #{knife_url} #{knife_opts} | tr -d ' ' | grep '^#{item['client']}$'"
retries 10
end
if(item['pub_key'])
execute "set client key: #{item['client']}" do
if (node['chef-server'][:version].to_f >= 12.1 || node['chef-server'][:version].to_f == 0.0)
command "chef-server-ctl add-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} --public-key-path #{key_file} --key-name populator"
else
command "chef-server-ctl add-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} #{key_file} --key-name populator"
end
not_if "chef-server-ctl list-client-keys #{org || node[:chef_server_populator][:default_org]} #{item['client']} | grep 'name: populator$'"
end
execute "delete default client key: #{item['client']}" do
command "chef-server-ctl delete-client-key #{org || node[:chef_server_populator][:default_org]} #{item['client']} default"
only_if "chef-server-ctl list-client-keys #{org || node[:chef_server_populator][:default_org]} #{item['client']} | grep 'name: default$'"
end
end
end
end
rescue Net::HTTPServerException
Chef::Log.warn 'Chef server populator failed to locate population data bag'
end
Expand Down