chef - [chef] Re: Re: Chef 12 user and org creation automation

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Chef 12 user and org creation automation

From: Steven Danna < >
To: " " < >
Subject: [chef] Re: Re: Chef 12 user and org creation automation
Date: Tue, 3 Feb 2015 11:15:32 +0000

Hi,

As a quick follow up to Mark's reply, if you'd like some example code
for creating users with the pivotal key, you can take a look at:

    https://github.com/chef/knife-opc

It uses an older method of associating users, but the basic flow is the same.

Cheers,

Steven

On Tue, Feb 3, 2015 at 12:42 AM, Mark Anderson
< >
wrote:
> Hi Greg.
>
> I think your best bet for now is to use the pivotal user. That's what the
> manage interface does under the covers.
>
> Creating a user can be done by any authenticated user with CREATE on the
> users container, but in practice it's probably easiest to just POST to
> /users as pivotal.
>
> Orgs pretty much need pivotal; pivotal is the only thing given permissions
> by default when an org is created, and so there's not a simple workaround to
> extend that. Specifically you will need pivotal user's privilege level to
> add the user to the org, and then again to add the user as an admin to their
> newly created org.
>
> The basic workflow to create an org would look like:
> POST to /organizations to create org
> you will need to capture the validator key returned here, or regenerate the
> validator later.
> POST to /organizations/:orgname/users/:username to associate user (repeat if
> necessary for multiple users)
> PUT to /organizations/:orgname/groups/admins to set users in admins group if
> desired.
>
>
>
>
>
> On Sat, Jan 31, 2015 at 8:27 AM, Greg Willis
> < >
>  wrote:
>>
>> I have the need to automate the user and organization creation on Chef 12
>> because of the way we isolate products during development.  Each developer
>> gets their own org for the stack they are working on in a CD style
>> pipeline.
>> I switched to Chef 12 so I did not have to create a new Chef 11 server for
>> each stack.
>>
>> I want the build server to connect to the Chef API and create the orgs and
>> users, but I found out that only the pivotal user has access to do this.
>> Is
>> there a command or way to add my automation user to the Chef server so it
>> has access to create users and organizations?  I know I can just use the
>> pivotal key to sign the requests, but I was not sure if that is best way to
>> accomplish what I want.  Ideally, I would like a role or set of permissions
>> that only allows user and organization creation, and user association to
>> organizations.
>>
>> Anyone like to share host hosted Chef does this when a new user signs up?
>>
>> Greg Willis
>
>
>
>
> --
>
> Mark Anderson - Community Engineering
>
>

[chef] Re: Chef 12 user and org creation automation, Mark Anderson, 02/02/2015
- [chef] Re: Re: Chef 12 user and org creation automation, Steven Danna, 02/03/2015