I need to run some “knife acl …” commands, using Python or Java to fix
one small bug that I have when I create machines using one internal app.
This application used to work good on Chef 11, but now on Chef 12 the node
is created without permission, so I need to set the acl after create the
node.
But I can’t find the “knife acl add …” parameters. I’m not a developer,
and I have no experience using this tools, so there is a big chance that
I’m not looking correctly and/or misunderstood something.
I need to run some "knife acl ...." commands, using Python or Java to fix
one small bug that I have when I create machines using one internal app.
This application used to work good on Chef 11, but now on Chef 12 the node
is created without permission, so I need to set the acl after create the
node.
But I can't find the "knife acl add ..." parameters. I'm not a developer,
and I have no experience using this tools, so there is a big chance that I'm
not looking correctly and/or misunderstood something.
Yes, this README helps a lot to execute calls using command line.
But I would like to avoid system calls using Java/ Python... so I'm looking
for a way to do this directly using the framework provided, if this is
possible.
Thanks!
On Wed, Jun 17, 2015 at 12:53 PM, Julian C. Dunn jdunn@aquezada.com wrote:
If you go the second route, you pretty much will end up rewriting knife-acl. Be forewarned that the authorization system has a fair number of edge cases, so you should probably make note of any comments and special cases in knife-acl.
--
Daniel DeLeo
On Wednesday, June 17, 2015 at 9:46 AM, Tiago Cruz wrote:
Hello Julian,
Yes, this README helps a lot to execute calls using command line.
But I would like to avoid system calls using Java/ Python... so I'm looking for a way to do this directly using the framework provided, if this is possible.
Both PyChef and Jclouds do offer APIs to make raw HTTP requests to the Chef server which you could use, but the ACLs API is tricky as Dan mentioned so probably going to be an uphill battle if you aren't okay with diving in to the knife-acl source code.
If you go the second route, you pretty much will end up rewriting knife-acl. Be forewarned that the authorization system has a fair number of edge cases, so you should probably make note of any comments and special cases in knife-acl.
--
Daniel DeLeo
On Wednesday, June 17, 2015 at 9:46 AM, Tiago Cruz wrote:
Hello Julian,
Yes, this README helps a lot to execute calls using command line.
But I would like to avoid system calls using Java/ Python... so I'm looking for a way to do this directly using the framework provided, if this is possible.