diff --git a/attributes/default.rb b/attributes/default.rb index bad8cf2..30e336a 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -19,7 +19,7 @@ default['chef_software']['chef_server_api_fqdn'] = 'chef-server.example.com' default['chef_software']['chef_automate_api_fqdn'] = 'chef-automate.example.com' default['chef_software']['chef_supermarket_api_fqdn'] = 'chef-supermarket.example.com' -default['chef_software']['automate_admin_token'] = nil +default['chef_software']['automate_admin_token'] = nil default['chef_software']['chef_automatev2'] = { products: %w(automate infra-server builder), diff --git a/recipes/chef_automatev2.rb b/recipes/chef_automatev2.rb index 7b6aad6..109c8f5 100644 --- a/recipes/chef_automatev2.rb +++ b/recipes/chef_automatev2.rb @@ -30,7 +30,6 @@ end end - node['chef_software']['automatev2_local_users']&.each do |name, hash| iam_user name do user_hash hash['user_json'] diff --git a/resources/iam_policy.rb b/resources/iam_policy.rb index c1ce9ad..59c0e4d 100644 --- a/resources/iam_policy.rb +++ b/resources/iam_policy.rb @@ -52,8 +52,9 @@ elsif srv_policy['policy']['id'].eql?(policy_hash['id']) false else - false + raise "Unable to determine status of policy ensure this policy_hash id doesn't match an existing srv_policy\npolicy_hash: #{policy_hash['id'].inspect}\nsrv_policy: #{srv_policy['id'].inspect}\nor the error message from server says \"no policy with ID \"#{policy_hash['id']}\" found\"\nError_msg: #{srv_policy['error'].inspect}\n" end + raise "\nTEST1 = #{test_result.inspect}\nTEST2 = #{srv_policy.inspect}\n" execute "create iam policy #{name}" do command "curl --insecure -s -H \"api-token: #{api_token}\" -H \"Content-Type: application/json\" -d '#{policy_json}' https://localhost/apis/iam/v2/policies" not_if { test_result } @@ -74,30 +75,23 @@ raise srv_policy['error'].inspect else test = true - statement_test = true - unless srv_policy['error'] - policy_hash.each_key do |key| - if key.eql?('statements') - policy_hash['statements'].each_index do |i| - policy_hash['statements'][i].each_key do |statement_key| - test = policy_hash['statements'][i][statement_key].eql?(srv_policy['policy']['statements'][i][statement_key]) - break if statement_test.eql?(false) - end - break if statement_test.eql?(false) + policy_hash.each_key do |key| + if key.eql?('statements') + policy_hash['statements'].each_index do |i| + policy_hash['statements'][i].each_key do |statement_key| + test = policy_hash['statements'][i][statement_key].eql?(srv_policy['policy']['statements'][i][statement_key]) + break if test.eql?(false) end - break if statement_test.eql?(false) - - next + break if test.eql?(false) end - test = policy_hash[key].eql?(srv_policy['policy'][key]) break if test.eql?(false) + next end + break if test.eql?(false) + test = policy_hash[key].eql?(srv_policy['policy'][key]) + break if test.eql?(false) end - if test && statement_test - true - else - false - end + test end execute "update iam policy #{name}" do command "curl -X PUT --insecure -s -H \"api-token: #{api_token}\" -H \"Content-Type: application/json\" -d '#{policy_json}' https://localhost/apis/iam/v2/policies/#{policy_hash['id']}" diff --git a/resources/iam_user.rb b/resources/iam_user.rb index 69f10c4..439a801 100644 --- a/resources/iam_user.rb +++ b/resources/iam_user.rb @@ -53,7 +53,7 @@ elsif srv_user['user']['id'].eql?(user_hash['id']) false else - false + raise "Unable to determine status of user, ensure this user_hash id doesn't match an existing srv_user\nuser_hash: #{user_hash['id'].inspect}\nsrv_user: #{srv_user['id'].inspect}\nor the error message from server says 'No user record found'\nError_msg: #{srv_user['error'].inspect}\n" end execute "create local user #{name}" do command "curl --insecure -s -H \"api-token: #{api_token}\" -H \"Content-Type: application/json\" -d '#{user_json}' https://localhost/apis/iam/v2/users"