-
Notifications
You must be signed in to change notification settings - Fork 437
/
Copy pathbash.yaml
305 lines (281 loc) · 11.4 KB
/
bash.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
---
resource_reference: true
resources_common_guards: true
resources_common_notification: true
resources_common_properties: true
resource: bash
resource_description_list:
- markdown: Use the **bash** resource to execute scripts using the Bash interpreter.
This resource may also use any of the actions and properties that are available
to the **execute** resource. Commands that are executed with this resource are
(by their nature) not idempotent, as they are typically unique to the environment
in which they are run. Use `not_if` and `only_if` to guard this resource for idempotence.
syntax_full_code_block: |-
bash 'name' do
code String
command String, Array # default value: 'name' unless specified
creates String
cwd String
default_env true, false # default value: false
domain String
elevated true, false # default value: false
environment Hash
flags String
group String, Integer
input String
interpreter String
live_stream true, false # default value: false
login true, false # default value: false
password String
returns Integer, Array # default value: 0
timeout Integer, String, Float # default value: 3600
user String, Integer
action Symbol # defaults to :run if not specified
end
syntax_properties_list:
syntax_full_properties_list:
- "`bash` is the resource."
- "`name` is the name given to the resource block."
- "`action` identifies which steps Chef Infra Client will take to bring the node into
the desired state."
- "`code`, `command`, `creates`, `cwd`, `default_env`, `domain`, `elevated`, `environment`,
`flags`, `group`, `input`, `interpreter`, `live_stream`, `login`, `password`, `returns`,
`timeout`, and `user` are the properties available to this resource."
actions_list:
:nothing:
shortcode: resources_common_actions_nothing.md
:run:
markdown: Run a command. (default)
properties_list:
- property: code
ruby_type: String
required: true
description_list:
- markdown: A quoted string of code to be executed.
- property: command
ruby_type: String, Array
required: false
default_value: The resource block's name
description_list:
- markdown: An optional property to set the command to be executed if it differs
from the resource block's name.
- note:
markdown: Use the **execute** resource to run a single command. Use multiple
**execute** resource blocks to run multiple commands.
- property: creates
ruby_type: String
required: false
description_list:
- markdown: Prevent a command from creating a file when that file already exists.
- property: cwd
ruby_type: String
required: false
description_list:
- markdown: The current working directory from which the command will be run.
- property: default_env
ruby_type: true, false
required: false
default_value: 'false'
new_in: '14.2'
description_list:
- markdown: When `true` this enables ENV magic to add path_sanity to the PATH and
force the locale to English+UTF-8 for parsing output.
- property: domain
ruby_type: String
required: false
new_in: '12.21'
description_list:
- markdown: 'Windows only: The domain of the user specified by the user property.
If not specified, the username and password specified by the `user` and `password`
properties will be used to resolve that user against the domain in which the
system running Chef Infra Client is joined, or if that system is not joined
to a domain it will resolve the user as a local account on that system. An alternative
way to specify the domain is to leave this property unspecified and specify
the domain as part of the user property.'
- property: elevated
ruby_type: true, false
required: false
default_value: 'false'
new_in: '13.3'
description_list:
- markdown: |-
Determines whether the script will run with elevated permissions to circumvent User Access Control (UAC) from interactively blocking the process.
This will cause the process to be run under a batch login instead of an interactive login. The user running chef-client needs the 'Replace a process level token' and 'Adjust Memory Quotas for a process' permissions. The user that is running the command needs the 'Log on as a batch job' permission.
Because this requires a login, the user and password properties are required.
- property: environment
ruby_type: Hash
required: false
description_list:
- markdown: 'A Hash of environment variables in the form of `({''ENV_VARIABLE''
=> ''VALUE''})`. **Note**: These variables must exist for a command to be run
successfully.'
- property: flags
ruby_type: String
required: false
description_list:
- markdown: One or more command line flags that are passed to the interpreter when
a command is invoked.
- property: group
ruby_type: String, Integer
required: false
description_list:
- markdown: The group name or group ID that must be changed before running a command.
- property: input
ruby_type: String
required: false
new_in: '16.2'
description_list:
- markdown: An optional property to set the input sent to the command as STDIN.
- property: live_stream
ruby_type: true, false
required: false
default_value: 'false'
description_list:
- markdown: Send the output of the command run by this execute resource block to
the Chef Infra Client event stream.
- property: login
ruby_type: true, false
required: false
default_value: 'false'
new_in: '17.0'
description_list:
- markdown: Use a login shell to run the commands instead of inheriting the existing
execution environment.
- property: password
ruby_type: String
required: false
new_in: '12.21'
description_list:
- markdown: 'Windows only: The password of the user specified by the user property.
This property is mandatory if user is specified on Windows and may only be specified
if user is specified. The sensitive property for this resource will automatically
be set to true if password is specified.'
- property: returns
ruby_type: Integer, Array
required: false
default_value: '0'
description_list:
- markdown: The return value for a command. This may be an array of accepted values.
An exception is raised when the return value(s) do not match.
- property: timeout
ruby_type: Integer, String, Float
required: false
default_value: '3600'
description_list:
- markdown: The amount of time (in seconds) a command is to wait before timing out.
- property: user
ruby_type: String, Integer
required: false
description_list:
- markdown: The user name of the user identity with which to launch the new process.
The user name may optionally be specified with a domain, i.e. `domain\user`
or `[email protected]` via Universal Principal Name (UPN)format. It can
also be specified without a domain simply as user if the domain is instead specified
using the domain property. On Windows only, if this property is specified, the
password property must be specified.
examples: |
**Compile an application**
```ruby
bash 'install_something' do
user 'root'
cwd '/tmp'
code <<-EOH
wget http://www.example.com/tarball.tar.gz
tar -zxf tarball.tar.gz
cd tarball
./configure
make
make install
EOH
end
```
**Using escape characters in a string of code**
In the following example, the `find` command uses an escape character (`\`). Use a second escape character (`\\`) to preserve the escape character in the code string:
```ruby
bash 'delete some archives ' do
code <<-EOH
find ./ -name "*.tar.Z" -mtime +180 -exec rm -f {} \\;
EOH
ignore_failure true
end
```
**Install a file from a remote location**
The following is an example of how to install the foo123 module for Nginx. This module adds shell-style functionality to an Nginx configuration file and does the following:
- Declares three variables
- Gets the Nginx file from a remote location
- Installs the file using Bash to the path specified by the `src_filepath` variable
```ruby
src_filename = "foo123-nginx-module-v#{node['nginx']['foo123']['version']}.tar.gz"
src_filepath = "#{Chef::Config['file_cache_path']}/#{src_filename}"
extract_path = "#{Chef::Config['file_cache_path']}/nginx_foo123_module/#{node['nginx']['foo123']['checksum']}"
remote_file 'src_filepath' do
source node['nginx']['foo123']['url']
checksum node['nginx']['foo123']['checksum']
owner 'root'
group 'root'
mode '0755'
end
bash 'extract_module' do
cwd ::File.dirname(src_filepath)
code <<-EOH
mkdir -p #{extract_path}
tar xzf #{src_filename} -C #{extract_path}
mv #{extract_path}/*/* #{extract_path}/
EOH
not_if { ::File.exist?(extract_path) }
end
```
**Install an application from git**
```ruby
git "#{Chef::Config[:file_cache_path]}/ruby-build" do
repository 'git://github.com/rbenv/ruby-build.git'
revision 'master'
action :sync
end
bash 'install_ruby_build' do
cwd "#{Chef::Config[:file_cache_path]}/ruby-build"
user 'rbenv'
group 'rbenv'
code <<-EOH
./install.sh
EOH
environment 'PREFIX' => '/usr/local'
end
```
**Using Attributes in Bash Code**
The following recipe shows how an attributes file can be used to store certain settings. An attributes file is located in the `attributes/`` directory in the same cookbook as the recipe which calls the attributes file. In this example, the attributes file specifies certain settings for Python that are then used across all nodes against which this recipe will run.
Python packages have versions, installation directories, URLs, and checksum files. An attributes file that exists to support this type of recipe would include settings like the following:
```ruby
default['python']['version'] = '2.7.1'
if python['install_method'] == 'package'
default['python']['prefix_dir'] = '/usr'
else
default['python']['prefix_dir'] = '/usr/local'
end
default['python']['url'] = 'http://www.python.org/ftp/python'
default['python']['checksum'] = '80e387...85fd61'
```
and then the methods in the recipe may refer to these values. A recipe that is used to install Python will need to do the following:
- Identify each package to be installed (implied in this example, not shown)
- Define variables for the package `version` and the `install_path`
- Get the package from a remote location, but only if the package does not already exist on the target system
- Use the **bash** resource to install the package on the node, but only when the package is not already installed
```ruby
version = node['python']['version']
install_path = "#{node['python']['prefix_dir']}/lib/python#{version.split(/(^\d+\.\d+)/)[1]}"
remote_file "#{Chef::Config[:file_cache_path]}/Python-#{version}.tar.bz2" do
source "#{node['python']['url']}/#{version}/Python-#{version}.tar.bz2"
checksum node['python']['checksum']
mode '0755'
not_if { ::File.exist?(install_path) }
end
bash 'build-and-install-python' do
cwd Chef::Config[:file_cache_path]
code <<-EOF
tar -jxvf Python-#{version}.tar.bz2
(cd Python-#{version} && ./configure #{configure_options})
(cd Python-#{version} && make && make install)
EOF
not_if { ::File.exist?(install_path) }
end
```