I’d like to be able to upload a cookbook to a Chef Server using a ‘client’ and not a ‘user’. Is this supported? If not is it still technically possible? I did try but couldn’t get it to work. I’ll explain what I tried.
I went into my Org and created a group called ‘test’. I then gave group ‘test’
create access to
cookbooks in the Global Permissions.
I then created a client called ‘uploader’. I then tried to add client ‘uploader’ to group ‘test’ but kept getting error of “Sorry, but that is not a valid member name”. I was slightly confused as there is a group of ‘clients’ that has clients as a part of it, but it seems that you are not able to add clients to other groups. So I decided to get past this by using the
knife-acl gem to extend knife. I then used knife to add the client ‘uploader’ to group ‘test’ and it shows properly in the Chef Server WebUI for my Org.
I then attempted to upload a cookbook with uploader but get error:
ERROR: You authenticated successfully to https://mychefserver.com/organizations/jmccann as uploader but you are not authorized for this action
Response: missing create permission
I’ve gone as far as giving group ‘clients’
create perms to
cookbooks and get the same error as above.
So it seems it’s really NOT possible for a client to upload a cookbook to a Chef Server … but I wanted to know if someone smarter then me knew of a way or if this is perhaps a bug.
If it is not possible currently then should it be possible as you currently have the ability to set the perms up in a way on the Chef Server that would make you think you should be able to do it (as I described above).