[chef] Re: Re: Re: Re: Re: Re: data bag API permissions changes in chef server 11

[Jesse Campbell < >]

Looks like the .save method first attempts to rename/edit an existing data bag just in case it already exists, and this appears to have been disallowed in chef 11 server.

The .create method appears to have no such qualms.

So using your changes, I end up with this, which functions on chef 10 and chef 11:

    dbag = "sam-config-#{node.chef_environment}"
    all_items = begin
      data_bag(dbag)
    rescue Net::HTTPServerException => e
      raise unless e.response.code == "404"
      dbag_bag = Chef::DataBag.new
      dbag_bag.name(dbag)
      dbag_bag.create
      [] 
    end  

-Jesse

On Tue, Feb 12, 2013 at 6:18 PM, Daniel Condomitti < " target="_blank"> > wrote:

My bad, I wasn't rewriting all of the code you had pasted; just trying to detect if the bag already existed or not. 

I'll try to get an 11 server up soon and try this stuff myself though.

On Tuesday, February 12, 2013 at 3:14 PM, Jesse Campbell wrote:

The code you pasted doesn't actually accomplish the need.
if the data bag exists, it will do nothing.

if the data bag doesn't exist, it will create it locally, but won't upload it to the server (that's what the .save is for)

the 405 error is for the save for both bags that exist and those that don't exist.

this is only on chef 11, works fine on chef 10.

your code is better than my code, and i'll happily steal it for our chef 10 servers, but it doesn't solve the current problem.

Thanks, though, catching the 404 is a nice clean way to handle it for 10 :)

On Tue, Feb 12, 2013 at 6:01 PM, Daniel Condomitti < " target="_blank"> > wrote:

Using the code I pasted below? It shouldn't be returning http 405 for data bags that exist since you wouldn't be able to load any data from them. I don't have a chef 11 server to test against yet but can you run Chef::DataBag.load in chef_shell for both a data bag that exists and one that doesn't and compare the output?

On Tuesday, February 12, 2013 at 2:58 PM, Jesse Campbell wrote:

I'm getting #<Net::HTTPServerException: 405 "Method Not Allowed">

that happens whether the data bag exists or not.

-jesse

On Tue, Feb 12, 2013 at 5:38 PM, Daniel Condomitti < " target="_blank"> > wrote:

You can specify the exceptions that you're rescuing instead of just blindly trapping all exceptions. What exception do you receive in Chef 11 when trying to retrieve a data bag that might not exist?

You could do something like the following; I'm sure there's a cleaner way but at least you're only attempting to create the new data bag if it doesn't already exist on the server.

databag_name = "sam-config-#{node.chef_environment}"
databag = begin
  Chef::DataBag.load(databag_name)    
rescue Net::HTTPServerException => e
  raise e unless e.response.code == "404"
  Chef::DataBag.new(databag_name)     
end

On Tuesday, February 12, 2013 at 2:20 PM, Jesse Campbell wrote:

with chef 10 server and an admin client, I used to be able to create a data bag, then add items to it, like this:

    dbag = "sam-config-#{node.chef_environment}"
    begin
      dbag_bag = Chef::DataBag.new
      dbag_bag.name(dbag)
      dbag_bag.save
    rescue => e
      Chef::Log.info( "Creating the data bag failed: #{e.inspect}" )
    end  

    dbag_item = Chef::DataBagItem.new
    dbag_item.data_bag(dbag)
    Chef::Log.info( "Adding new item: #{id}" )
    dbag_item.raw_data = item
    dbag_item.save

I needed to have the data bag creation in a rescue loop because in 10 server, there was no way without triggering an exception to ask the server if the data bag existed before trying to create it, so I would either get an exception asking if it was there, or I'd get an exception asking to create it.

Now, if it doesn't exist, I get #<Net::HTTPServerException: 405 "Method Not Allowed">

Is there a new way to handle this (or perhaps a better one that works in both chef 10 and chef 11 without blowing up in my face all the time)?

Thanks!

-Jesse