chef - [chef] Re: Chef 12 user and org creation automation

First login ?
Lost password ?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Chef 12 user and org creation automation

From: Mark Anderson < >
To:
Subject: [chef] Re: Chef 12 user and org creation automation
Date: Mon, 2 Feb 2015 16:42:41 -0800

Hi Greg.

I think your best bet for now is to use the pivotal user. That's what the manage interface does under the covers.

Creating a user can be done by any authenticated user with CREATE on the users container, but in practice it's probably easiest to just POST to /users as pivotal.

Orgs pretty much need pivotal; pivotal is the only thing given permissions by default when an org is created, and so there's not a simple workaround to extend that. Specifically you will need pivotal user's privilege level to add the user to the org, and then again to add the user as an admin to their newly created org.

The basic workflow to create an org would look like:

POST to /organizations to create org

you will need to capture the validator key returned here, or regenerate the validator later.

POST to /organizations/:orgname/users/:username to associate user (repeat if necessary for multiple users)

PUT to /organizations/:orgname/groups/admins to set users in admins group if desired.

On Sat, Jan 31, 2015 at 8:27 AM, Greg Willis < " target="_blank"> > wrote:

I have the need to automate the user and organization creation on Chef 12 because of the way we isolate products during development. Each developer gets their own org for the stack they are working on in a CD style pipeline. I switched to Chef 12 so I did not have to create a new Chef 11 server for each stack.

I want the build server to connect to the Chef API and create the orgs and users, but I found out that only the pivotal user has access to do this. Is there a command or way to add my automation user to the Chef server so it has access to create users and organizations? I know I can just use the pivotal key to sign the requests, but I was not sure if that is best way to accomplish what I want. Ideally, I would like a role or set of permissions that only allows user and organization creation, and user association to organizations.

Anyone like to share host hosted Chef does this when a new user signs up?

Greg Willis

Mark Anderson - Community Engineering

mark " style="color:rgb(105,117,130)" target="_blank">@chef.io

[chef] Re: Chef 12 user and org creation automation, Mark Anderson, 02/02/2015
- [chef] Re: Re: Chef 12 user and org creation automation, Steven Danna, 02/03/2015