Pinning Cookbooks in Kitchen

Chef Infra (archive)
1

We’re using chef 11. Moving to chef 12 any time soon isn’t feasible. One of
our cookbooks somehow draws in the compat_resource cookbook as a dependency
which fails on chef 11. We managed to find the combination of cookbook
versions that work, and get our cookbook to run by setting that manually in
Berksfile.lock.

I believe we need to pin the nscd and iptables cookbooks to get around this
issue. Now, since our cookbook doesn’t depend on those directly, we can’t
put them with those version numbers into out metadata.rb. We can pin those
cookbooks on an environment basis, and that should work on AWS, but what
about with Test Kitchen?

In order to properly CI the cookbooks, we can’t rely on environments. Any
environment attributes need to be set as json attributes. If we can’t rely
on the environment, how do we pin the cookbooks?

Thanks,
Doug

2

So, I guess I’ve not had to do this before, but I guess I can pin them in
Berksfile, i.e.:

source "https://api.berkshelf.com"

metadata

cookbook 'iptables', '= 1.1.0'
cookbook 'nscd', '= 1.0.0'

Is this considered kosher?

Doug.

3

Not only is it kosher, but that’s the exact reason Berksfiles and
Policyfiles exist.

PS, source should be https://supermarket.chef.io

4

Thanks. I really don’t think the documentation clearly conveys that not
only can you set your direct cookbooks dependent version numbers, you can
set all dependent cookbooks version numbers.