Run "knife acl" using Python or Java


#1

Ohai!

I need to run some “knife acl …” commands, using Python or Java to fix
one small bug that I have when I create machines using one internal app.
This application used to work good on Chef 11, but now on Chef 12 the node
is created without permission, so I need to set the acl after create the
node.

Well, I’m looking here:

But I can’t find the “knife acl add …” parameters. I’m not a developer,
and I have no experience using this tools, so there is a big chance that
I’m not looking correctly and/or misunderstood something.

So, can you help me please?

Thanks!


– Tiago Cruz


#2

On Wed, Jun 17, 2015 at 9:21 AM, Tiago Cruz tiago.tuxkiller@gmail.com wrote:

I need to run some “knife acl …” commands, using Python or Java to fix
one small bug that I have when I create machines using one internal app.
This application used to work good on Chef 11, but now on Chef 12 the node
is created without permission, so I need to set the acl after create the
node.

Well, I’m looking here:

But I can’t find the “knife acl add …” parameters. I’m not a developer,
and I have no experience using this tools, so there is a big chance that I’m
not looking correctly and/or misunderstood something.

Does the README here help at all?

  • Julian


[ Julian C. Dunn jdunn@aquezada.com * Sorry, I’m ]
[ WWW: http://www.aquezada.com/staff/julian * only Web 1.0 ]
[ gopher://sdf.org/1/users/keymaker/ * compliant! ]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9 ]


#3

Hello Julian,

Yes, this README helps a lot to execute calls using command line.

But I would like to avoid system calls using Java/ Python… so I’m looking
for a way to do this directly using the framework provided, if this is
possible.

Thanks!

On Wed, Jun 17, 2015 at 12:53 PM, Julian C. Dunn jdunn@aquezada.com wrote:

Does the README here help at all?

https://github.com/chef/knife-acl

  • Julian

#4

Knife ACL is ruby code so you have to either run it from Ruby or shell out to it.

Noah maintains a Python library for interacting with the Chef Server HTTP API: https://github.com/coderanger/pychef

If you go the second route, you pretty much will end up rewriting knife-acl. Be forewarned that the authorization system has a fair number of edge cases, so you should probably make note of any comments and special cases in knife-acl.


Daniel DeLeo

On Wednesday, June 17, 2015 at 9:46 AM, Tiago Cruz wrote:

Hello Julian,

Yes, this README helps a lot to execute calls using command line.

But I would like to avoid system calls using Java/ Python… so I’m looking for a way to do this directly using the framework provided, if this is possible.

Thanks!

On Wed, Jun 17, 2015 at 12:53 PM, Julian C. Dunn <jdunn@aquezada.com (mailto:jdunn@aquezada.com)> wrote:

Does the README here help at all?

https://github.com/chef/knife-acl

  • Julian

#5

Both PyChef and Jclouds do offer APIs to make raw HTTP requests to the Chef server which you could use, but the ACLs API is tricky as Dan mentioned so probably going to be an uphill battle if you aren’t okay with diving in to the knife-acl source code.

–Noah

On Jun 18, 2015, at 9:51 AM, Daniel DeLeo dan@kallistec.com wrote:

Knife ACL is ruby code so you have to either run it from Ruby or shell out to it.

Noah maintains a Python library for interacting with the Chef Server HTTP API: https://github.com/coderanger/pychef

If you go the second route, you pretty much will end up rewriting knife-acl. Be forewarned that the authorization system has a fair number of edge cases, so you should probably make note of any comments and special cases in knife-acl.


Daniel DeLeo

On Wednesday, June 17, 2015 at 9:46 AM, Tiago Cruz wrote:

Hello Julian,

Yes, this README helps a lot to execute calls using command line.

But I would like to avoid system calls using Java/ Python… so I’m looking for a way to do this directly using the framework provided, if this is possible.

Thanks!

On Wed, Jun 17, 2015 at 12:53 PM, Julian C. Dunn <jdunn@aquezada.com (mailto:jdunn@aquezada.com)> wrote:

Does the README here help at all?

https://github.com/chef/knife-acl

  • Julian