Skip to content

Instantly share code, notes, and snippets.

View smford22's full-sized avatar

Scott Ford smford22

18 followers · 2 following
View GitHub Profile
@smford22
smford22 / config.xml
Created May 1, 2015 05:24
Jenkins Accept Job
<?xml version='1.0' encoding='UTF-8'?>
<project>
<actions/>
<description></description>
<keepDependencies>false</keepDependencies>
<properties>
<com.coravy.hudson.plugins.github.GithubProjectProperty plugin="github@1.11">
<projectUrl>https://github.com/smford22/sample-cookbook/</projectUrl>
</com.coravy.hudson.plugins.github.GithubProjectProperty>
<hudson.model.ParametersDefinitionProperty>
@smford22
smford22 / config.xml
Created May 1, 2015 05:25
Jenkins Ship Job
<?xml version='1.0' encoding='UTF-8'?>
<project>
<actions/>
<description></description>
<keepDependencies>false</keepDependencies>
<properties>
<com.coravy.hudson.plugins.github.GithubProjectProperty plugin="github@1.11">
<projectUrl>https://github.com/smford22/chef-repo/</projectUrl>
</com.coravy.hudson.plugins.github.GithubProjectProperty>
<hudson.model.ParametersDefinitionProperty>
@smford22
smford22 / chef_local_development_workflow.md
Last active November 1, 2023 00:07
Chef Local Development Workflow - ChefDK, Vagrant, VirtualBox, Test Kitchen

Chef Local Development Workflow with ChefDK, Vagrant, VirtualBox, and Test Kitchen

Overview

The following document is intended to be a quick guide to getting you setup for doing local development with Chef. This guide was created on my MacBook, but should work fine with Linux, and Windows workstations as well.

Quick review on fundamental tenets of Chef

  • Workstation - A workstation is a computer that is configured to run various Chef command-line tools that synchronize with a chef-repo, author cookbooks, interact with the Chef server, interact with nodes, or applications like Chef Delivery
  • Node - A node is any machine—physical, virtual, cloud, network device, etc.—that is under management by Chef.
  • Chef Server- The Chef server acts as a hub for configuration data. The Chef server stores cookbooks, the policies that are applied to nodes, and metadata that describes each registered
@smford22
smford22 / local-user-account.md
Last active October 29, 2015 13:32
Local user account creation rule 
rules 'local-user-account-creation'
  rule on run_resource
  when
    resource_type = 'user'
      and
    resource_result = 'create'
  then
   alert:warn('Local user account {{message.resource_name}} created on {{message.run.node_name}}')
 notify('slack', '
@smford22
smford22 / updated_resources.md
Created November 5, 2015 16:18
Updated resource - Chef Analytics Rule 
rules 'updated-resources'
  rule on run_converge
  when
    updated_resource_count > 0
  then
   notify('slack', '
{
"username": "Chef Server",
"icon_emoji": ":chef:",
@smford22
smford22 / failed_audit.md
Created November 5, 2015 16:20
failed audit Chef Analytics rule 
rules 'failed-audit'
 rule on run_control_group
 when
   status != 'success'
 then
   alert:warn('{{message.cookbook_name}} {{message.recipe_name}} audit failed')
   notify('slack', '
{
"username": "Audit Alarm",
@smford22
smford22 / unauthorized_cookbook_upload.md
Created November 5, 2015 16:21
Unauthorized cookbook upload rule 
rules 'Unauthorized Cookbook Upload'
  rule on action
  when
    parent_type = 'cookbook' and requestor_name != 'jenkins_user'
  then
    audit:error("An unauthorized user updated the {{message.parent_name}} cookbook at {{message.recorded_at}} UTC! USERNAME: {{message.requestor_name}}!")
   notify('slack', '
{
"username": "Audit Alarm",
@smford22
smford22 / chef_compliance_api.md
Last active December 15, 2016 00:24
Getting Started with the Chef Compliance API

Getting Started with the Chef Compliance API

Demo how to setup accessing the Chef Compliance server's api and some of the useful things you can do with it.

Access tokens

In order to make requests against the Chef Compliance's API you need to have a token to authenticate. There are two types of token:

  1. Refresh Tokens - A long-lived token that can be used to initially identify with the service, in exchange for an access token
  2. Access Tokens - A short-lived (12 hours) and used for every request against the API.

Obtaining Tokens

There are a couple of ways to get refresh tokens and access tokens which are explained on the doc.chef.io

@smford22
smford22 / base_linux.md
Last active March 2, 2017 17:54
base linux role 
name "base_linux"
description "A base role for all linux nodes"
run_list 'recipe[cookbook::recipe]', 'recipe[cookbook::recipe]'
default_attributes({
  "audit" => {
    "collector" => "chef-server-visibility",
    "profiles" => [
      {
 "name" =&gt; 'linux-patch-baseline',
@smford22
smford22 / chef_workstation_setup.md
Last active September 29, 2017 23:32
Chef Workstation Setup

Chef Training Workstations Prereqs

Overview

The following documents the setup steps for building a sane workstation environment to write and test Chef code. This document should work with Mac OS X, Windows, or Linux nodes.

A workstation is a computer running the Chef Development Kit (ChefDK) that is used to author cookbooks, interact with the Chef server, and interact with nodes

Software Installation

You will need to install the following software on your system: