Knife node environment_set query

Hi Chefs!!!

Anyone know how can i update the Cookbook Constraints using command line and no interaction.

i.e.

for an environment called dev - with a cookbook constraint on cookbook sample_cookbook with a current version of 4.0.0 'how can up update the version dev is linked to :

logically I'd have thought :

knife node environment_set dev 'sample_cookbook' '=4.0.1'

if may not even be the node environment argument - i cant work it out ... :slight_smile:

many thanks

David

Hiya is anyone able to assist with this? this is the last action I need to test a pipeline with Chef :slightly_smiling_face:
Cheers

Hi

"knife node environment set ..." is to set the current environment for a particular node, so not what you want here.

To update a cookbook version constraint within a given environment for all nodes joined to that environments, you'll want a "knife environment" command (https://docs.chef.io/knife_environment.html). Depending on the other parts of your environment, there are more comprehensive options.

At the most basic, you can do this with a file. Environments are objects on the Chef server and can be represented as json files, so if you're just starting out with a simple Chef workflow to test, that might be all you need.

"knife environment from file <somefile.json>" will update an environment on your chef server

If you want to see your current environment in json format, "knife environment show -F json"


$ knife environment show dev -F json
{
  "name": "dev",
  "description": "Development Hosts",
  "cookbook_versions": {
    "test": "0.1.0"
  },
  "json_class": "Chef::Environment",
  "chef_type": "environment",
  "default_attributes": {

  },
  "override_attributes": {

  }

}

One of the tasks in your pipeline would be to create a new version of this json file with the proper updated constraints and then upload it to your server. Depending on just how ugly you want it to be, you can do horrible things with sed.

$ knife environment show dev -F json | sed -e 's/"test": "0.1.0"/"test": "0.1.1"/' > dev_new.json

I wouldn't want you to run that in anything touching your production systems, but you can see what I mean about getting a new version into your environment.

"knife environment from file dev_new.json" would push that back up to your chef server with an updated version of the test cookbook. For a test, maybe that's .. "fine", but there's better stuff out there, depending on what kind of components you have going:

For Chef Automate+Jenkins, there's a plugin https://github.com/jenkinsci/chef-cookbook-pipeline-plugin

There's a Jenkins library: https://github.com/jmassardo/Chef-Jenkins-Library

some of these might also be useful:

https://www.slideshare.net/StephenKing/an-opensource-chef-cookbook-cicd-implementation-using-jenkins-pipelines

https://www.ceilfors.com/blog/continuous-delivery-with-chef

https://jeremymv2.github.io/blog/2018/08/02/chef-pipelines/

You could also look at "knife spork", which is a plugin for knife that was built for cookbook workflows. https://github.com/jonlives/knife-spork

This talk from ChefConf 2019, "Zero to Pipeline" might also be helpful: https://www.youtube.com/watch?v=aaq5X5QvaBk

Over the past several years a number of patterns have emerged in the Chef ecosystem to provide comprehensive testing and integration of cookbooks with the roles/environments pattern and also now with Policyfiles. If you are brand new to Chef, Policyfiles are the way to go; roles and environments aren't going away, but the next generation of features in the Chef ecosystem rely on Policyfiles heavily and replace roles and environments in most functionality. https://learn.chef.io has a set of modules on getting started with Policyfiles.

If anyone else out there has their pipeline code posted somewhere public, please share what you've done!

--mandi

If you have the environment saved as JSON file local, you can do the changes you need and after saving you have to use:

knife environment from file dev.json

-- Frederik

Thank you @mandi_walls and @Frederik for your responses. I'll try both suggestions for the wrapper restriction but also plan in the future to investigate migrating to policy files if that Chef's road map.

Going forward will the Chef Supermarket start to show policy files as examples too? e.g. looking at Chef's own releases I don't see Policyfile.rb in the chef_client_updater or chef_client for example? Could be misunderstanding and they're not within the actual cookbooks ...

Cheers

David

Potentially, but there's no plans yet. There's a bunch of work going on to help folks on older versions get modernized, like the additions to cookstyle, and that stuff will get figured out along the way too.

Thanks Mandi - would certainly make a lot of sense for Chef to release Policyfiles for all their current supermarket releases as it makes it a lot easier for fellow chefs to adopt.