- From: Daniel DeLeo <
>
- To:
- Subject: [chef] Re: Creating organizations using CHEF::REST
- Date: Mon, 14 Sep 2015 10:54:46 -0700
On Monday, September 14, 2015 at 6:45 AM, Carlos Camacho wrote:
>
Hello,
>
>
I'm trying to access the CHEF::REST API to interact with the Chef
>
server and I must be missing something as the behavior is quite odd.
>
>
Im executing this code:
>
>
#-----------------
>
require 'rubygems'
>
require 'chef/config'
>
require 'chef/log'
>
require 'chef/rest'
>
>
chef_server_url = 'http://127.0.0.1'
>
client_name = 'webui'
>
signing_key_filename = '/etc/opscode/webui_priv.pem'
This isn’t what you want. The webui key enables a special handling of
authentication where you can impersonate any user (this is how you can log in
with your username and password, and the webui can make requests to the API
server as you). You need to use the pivotal key for these kinds of requests.
Though I suppose you could theoretically set the client name to pivotal and
use the webui key, but this requires a special header, so it’s more work.
>
>
rest = Chef::REST.new(chef_server_url, client_name, signing_key_filename)
>
>
puts rest.get_rest('/organizations/asdf/users/admin')
>
puts rest.get_rest('/organizations/asdf/clients')
>
puts rest.get_rest('/organizations/asdf/users')
>
puts rest.get_rest('/organizations/asdf/nodes')
>
puts rest.get_rest('/organizations/asdf')
>
>
data = {"username" => "admin", "password" => "4dm1n1str4t0r" }
>
rest.post_rest('authenticate_user', data)
>
>
data = {"name" => "fdsa", "full_name" => "asdf" }
>
rest.post_rest('organizations', data)
>
#-----------------
>
>
Now, the thing is how to configure correctly the client_name/key in
>
order to have them working properly?
>
How this client should be configured correctly?
>
>
Depending on the client/key Im getting 401, 403 or empty outputs.
>
>
Thanks!
I’d recommend using the code in knife-opc as a reference:
https://github.com/chef/knife-opc/
--
Daniel DeLeo
Archive powered by MHonArc 2.6.16.