delivery-truck
is a Chef Delivery build_cookbook for continuously delivering
Chef cookbooks and applications.
To quickly get started you just need to set delivery-truck
to
be your build cookbook in your .delivery/config.json
.
{
"version": "2",
"build_cookbook": {
"name": "delivery-truck",
"git": "https://github.com/chef-cookbooks/delivery-truck.git"
}
}
The behavior of the delivery-truck
cookbook phase recipes can be easily
controlled by specifying certain values in your .delivery/config.json
file.
The control these values offer you is limited and not meant as a method to
drastically alter the way the recipe functions.
The lint
phase will execute foodcritic but you can specify
which rules you would like to follow directly from your config.json
.
ignore_rules
- Provide a list of foodcritic rules you would like to ignore.only_rules
- Explicitly state which foodcritic rules you would like to run. Any other rules except these will be ignored.excludes
- Explicitly state which relative paths foodcritic should ignore.fail_tags
- Explicitly state which rules should cause the run to fail. Defaults tocorrectness
.
{
"version": "2",
"build_cookbook": {
"name": "delivery-truck",
"git": "https://github.com/chef-cookbooks/delivery-truck.git"
},
"delivery-truck": {
"lint": {
"foodcritic": {
"ignore_rules": ["FC001"],
"only_rules": ["FC002"],
"excludes": ["spec", "test"],
"fail_tags": ["any"]
}
}
}
}
From the publish
phase you can quickly and easily deploy cookbooks to
your Chef Server, Supermarket Server and your entire project to a Github account.
chef_server
- Set to true/false depending on whether you would like to upload any modified cookbooks to the Chef Server associated with Delivery.supermarket
- Specify the Supermarket Server you would like to use to share any modified cookbooks.github
- Specify the Github repository you would like to push your project to. In order to work you must create a shared secrets data bag item (see "Handling Secrets" below) with a key named github with the value being a deploy key with access to that repo.git
- Same asgithub
but for Open Source Git Servers. (The data bag item should have a key named git)
{
"version": "2",
"build_cookbook": {
"name": "delivery-truck",
"git": "https://github.com/chef-cookbooks/delivery-truck.git"
},
"delivery-truck": {
"publish": {
"chef_server": true,
"supermarket": "https://supermarket.chef.io",
"github": "<org>/<project>",
"git": "ssh://git@stash:2222/<project-name>/<repo-name>"
}
}
}
example data bag
{
"id": "<your ID here>",
"github": "<private key>",
"git": "<private key>"
}
By default deploy will trigger a chef-client
run thought push-jobs to all
the nodes that belong to the current environment in delivery and have the
modified cookbook(s) in their run_list. You can customize the search query.
{
"delivery-truck": {
"deploy": {
"search": "recipes:my_push_jobs"
}
}
}
The following phases have no content and can be skipped: functional, quality, security and smoke.
{
"version": "2",
"build_cookbook": {
"name": "delivery-truck",
"git": "https://github.com/chef-cookbooks/delivery-truck.git"
},
"skip_phases": [
"functional",
"quality",
"security",
"smoke"
]
}
If you would like to enjoy all the functionalities that delivery-truck
provides
on you own build cookbook you need to add it into your metadata.rb
name 'build_cookbook'
maintainer 'The Authors'
maintainer_email '[email protected]'
license 'all_rights'
description 'Installs/Configures build'
long_description 'Installs/Configures build'
version '0.1.0'
depends 'delivery-truck'
Additionally delivery-truck
depends on delivery-sugar
so you need to add
them both to your Berksfile
source "https://supermarket.chef.io"
metadata
cookbook 'delivery-truck', github: 'chef-cookbooks/delivery-truck'
cookbook 'delivery-sugar', github: 'chef-cookbooks/delivery-sugar'
This cookbook implements a rudimentary approach to handling secrets. This process is largely out of band from Chef Delivery for the time being.
delivery-truck
will look for secrets in the delivery-secrets
data bag on the
Delivery Chef Server. It will expect to find an item in that data bag named
<ent>-<org>-<project>
. For example, this cookbook is kept in the
'Delivery-Build-Cookbooks' org of the 'chef' enterprise so it's data bag name is
chef-Delivery-Build-Cookbooks-delivery-truck
.
This cookbook expects this data bag item to be encrypted with the same encrypted_data_bag_secret that is on your builders. You will need to ensure that the data bag is available on the Chef Server before you run this cookbook for the first time otherwise it will fail.
To get this data bag you can use the DSL get_project_secrets
to get the
contents of the data bag.
my_secrets = get_project_secrets
puts my_secrets['id'] # chef-Delivery-Build-Cookbooks-delivery-truck
- Author:: Tom Duffield ([email protected])
- Author:: Salim Afiune ([email protected])
Copyright:: 2015 Chef Software, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.