I’m currently in the process of deploying Chef using Policyfiles. Some background on our environment: we currently have a monolithic repo, because we don’t see there being a large sprawl of cookbooks and recipes. We’re also going to be using different Chef servers / organizations for our infrastructure.
What we’re trying to figure out is the correct usage of
chef push, with regards to Policyfiles. The current workflow we’re thinking about is to make changes to the repo and submit all changes through PRs. Part of our CI/CD pipeline would then run
chef update on our policies after PR was merged to master. We are thinking of then committing those lock files, directly to the master branch, so they can be used to reliably push the proper files to the Chef server.
However, we found that when running
chef push, even from a clean master branch, that it was rewriting the lock file. The source code shows that it’s explicitly being told to do that:
What are we missing when it comes to the Policyfile workflow? If nothing has changed in our repository, is there a way to make files idempotent on a
Here is our ChefDK information:
Chef Development Kit Version: 0.17.17 chef-client version: 12.13.37 delivery version: master (f68e5c5804cd7d8a76c69b926fbb261e1070751b) berks version: 4.3.5 kitchen version: 1.11.1