From 46f4a6b13596f75dc2fabc256346b8bb172440f5 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Mon, 11 Oct 2021 10:05:37 +0100
Subject: [PATCH] Install knife on the chef server and update paths

---
 cookbooks/chef/recipes/repository.rb             |  2 ++
 cookbooks/chef/recipes/server.rb                 |  2 ++
 .../chef/templates/default/post-receive.erb      | 16 +++++++++-------
 cookbooks/letsencrypt/files/default/bin/upload   |  2 +-
 cookbooks/letsencrypt/recipes/default.rb         |  2 ++
 .../munin/files/default/plugins/chef_status      |  2 +-
 6 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/cookbooks/chef/recipes/repository.rb b/cookbooks/chef/recipes/repository.rb
index d5d8d2bc2..cd0e86838 100644
--- a/cookbooks/chef/recipes/repository.rb
+++ b/cookbooks/chef/recipes/repository.rb
@@ -25,6 +25,8 @@ chef_gem "bundler" do
   version ">= 2.1.4"
 end
 
+chef_gem "knife"
+
 directory "/var/lib/chef" do
   owner "chefrepo"
   group "chefrepo"
diff --git a/cookbooks/chef/recipes/server.rb b/cookbooks/chef/recipes/server.rb
index cd4968b73..c6ee6f7eb 100644
--- a/cookbooks/chef/recipes/server.rb
+++ b/cookbooks/chef/recipes/server.rb
@@ -48,6 +48,8 @@ include_recipe "munin"
 #   notifies :run, "execute[chef-server-reconfigure]"
 # end
 
+chef_gem "knife"
+
 template "/etc/opscode/chef-server.rb" do
   source "server.rb.erb"
   owner "root"
diff --git a/cookbooks/chef/templates/default/post-receive.erb b/cookbooks/chef/templates/default/post-receive.erb
index b402265c1..28ef5b434 100644
--- a/cookbooks/chef/templates/default/post-receive.erb
+++ b/cookbooks/chef/templates/default/post-receive.erb
@@ -5,6 +5,8 @@
 umask 0002
 unset GIT_DIR
 
+knife="/opt/chef/embedded/bin/knife"
+
 while read oldrev newrev refname
 do
   if [[ "$refname" = "refs/heads/master" ]]
@@ -25,17 +27,17 @@ do
       if [[ $file == roles/*.rb ]]
       then
         case "$action" in
-          A|M) knife role from file "${file}";;
-          D) knife role delete -y "${file:t:r}";;
+          A|M) $knife role from file "${file}";;
+          D) $knife role delete -y "${file:t:r}";;
         esac
       elif [[ $file == data_bags/*/*.json ]]
       then
         case "$action" in
           A|M) 
-            knife data bag create "${file:h:t}"
-            knife data bag from file "${file:h:t}" "${file:t}";;
+            $knife data bag create "${file:h:t}"
+            $knife data bag from file "${file:h:t}" "${file:t}";;
           D)
-            knife data bag delete -y "${file:h:t}" "${file:t:r}";;
+            $knife data bag delete -y "${file:h:t}" "${file:t:r}";;
         esac
       elif [[ $file == cookbooks/* ]]
       then
@@ -52,14 +54,14 @@ do
 
     if [[ -n "$updated_cookbooks" ]]
     then
-      knife cookbook upload "${(ou)updated_cookbooks[@]}"
+      $knife cookbook upload "${(ou)updated_cookbooks[@]}"
     fi
 
     if [[ -n "$deleted_cookbooks" ]]
     then
       for cookbook in "${(ou)deleted_cookbooks[@]}"
       do
-        knife cookbook delete -y "$cookbook"
+        $knife cookbook delete -y "$cookbook"
       done
     fi
   fi
diff --git a/cookbooks/letsencrypt/files/default/bin/upload b/cookbooks/letsencrypt/files/default/bin/upload
index 56da6294c..a52f30257 100755
--- a/cookbooks/letsencrypt/files/default/bin/upload
+++ b/cookbooks/letsencrypt/files/default/bin/upload
@@ -17,4 +17,4 @@ file = Tempfile.new(["letsencrypt", ".json"])
 file.puts JSON.generate(bag)
 file.close
 
-system("/usr/bin/knife", "data", "bag", "from", "file", "letsencrypt", file.path)
+system("/opt/chef/embedded/bin/knife", "data", "bag", "from", "file", "letsencrypt", file.path)
diff --git a/cookbooks/letsencrypt/recipes/default.rb b/cookbooks/letsencrypt/recipes/default.rb
index a327119bf..ed18254cc 100644
--- a/cookbooks/letsencrypt/recipes/default.rb
+++ b/cookbooks/letsencrypt/recipes/default.rb
@@ -27,6 +27,8 @@ package %w[
   ruby
 ]
 
+chef_gem "knife"
+
 directory "/etc/letsencrypt" do
   owner "letsencrypt"
   group "letsencrypt"
diff --git a/cookbooks/munin/files/default/plugins/chef_status b/cookbooks/munin/files/default/plugins/chef_status
index 9d4c742fc..6680c4aa0 100755
--- a/cookbooks/munin/files/default/plugins/chef_status
+++ b/cookbooks/munin/files/default/plugins/chef_status
@@ -2,7 +2,7 @@
 
 require "json"
 
-nodes = JSON.parse(IO.popen(["knife", "status", "-c", "/var/lib/chef/.chef/knife.rb", "-F", "json"]).read).sort_by { |node| node["name"] }
+nodes = JSON.parse(IO.popen(["/opt/chef/embedded/bin/knife", "status", "-c", "/var/lib/chef/.chef/knife.rb", "-F", "json"]).read).sort_by { |node| node["name"] }
 
 if ARGV[0] == "config"
   puts "graph_title Chef node status"
-- 
2.39.5