Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


cloudpassage (25) Versions 3.0.4

Installs/Configures CloudPassage Halo

cookbook 'cloudpassage', '= 3.0.4', :supermarket
cookbook 'cloudpassage', '= 3.0.4'
knife supermarket install cloudpassage
knife supermarket download cloudpassage
Quality 100%

CloudPassage Logo

cloudpassage Cookbook

Version: 3.0.4

Author: CloudPassage

Master branch: Build Status

Develop branch: Build Status (develop branch)



This cookbook installs and upgrades CloudPassage Halo on Windows, Debian-based
(Debian, Ubuntu) and RHEL-based (RHEL, CentOS, Oracle) operating systems.

This cookbook supports installation by resource, which is the preferred method.
Optionally, you can also use the default recipe, but you'll need to provide configuration
information via attributes or data bag.

Requirements and dependencies

Tested and Supported Platforms

  • Ubuntu 12.04
  • Ubuntu 14.04
  • CentOS 6.7
  • CentOS 7.1
  • RHEL 7.2
  • Amazon Linux 2015.09
  • Windows Server 2012R2

Tested Chef Versions

  • chef-client 12.5.1 (using Chef DK 0.9.0)
  • chef-client 12.6 (using Chef DK 0.10.0)
  • chef-client 12.12.15 (using Chef DK 0.9.0)
  • chef-client 12.12.15 (using Chef DK 0.10.0)
  • chef-client 12.12.15 (using Chef DK 0.11.0)
  • chef-client 12.12.15 (using Chef DK 0.12.0)
  • chef-client 12.12.15 (using Chef DK 0.13.21)
  • chef-client 12.12.15 (using Chef DK 0.14.25)
  • chef-client 12.12.15 (using Chef DK 0.15.15)
  • chef-client 12.12.15 (using Chef DK 0.15.16)
  • chef-client 12.12.15 (using Chef DK 0.16.28)
  • chef-client 12.12.15 (using Chef DK 0.17.17)


  • apt
  • yum

Recipe cloudpassage::default usage:

The following attributes are configurable via the attributes/default.rb file:

default['cloudpassage']['agent_key'] # Key used for agent registration
default['cloudpassage']['grid_url'] # Normally
default['cloudpassage']['linux_agent_version'] # Force a specific version of the Halo agent.
default['cloudpassage']['read_only'] # Start the agent in read-only mode
default['cloudpassage']['server_tag'] # Used for server group association
default['cloudpassage']['server_label'] # Manually-defined label for server
default['cloudpassage']['dns'] # Disable agent DNS lookup
default['cloudpassage']['windows_installer_protocol'] # Used in building the Windows package install string
default['cloudpassage']['windows_installer_port'] # Port component of windows installer url
default['cloudpassage']['windows_installer_host'] # Host portion of Windows installer URL
default['cloudpassage']['windows_installer_path'] # Path to Windows installer
default['cloudpassage']['windows_installer_file_name'] # Name of Windows installer executable
default['cloudpassage']['apt_repo_url'] # Apt repo URL for CloudPassage Halo
default['cloudpassage']['yum_repo_url'] # Apt repo URL for CloudPassage Halo

The default recipe is very versatile, and under most circumstances you will not
need to configure much more than the agent_key and server_tag node
attributes. But if you want to go nuts with it, the functionality is there.

The following configuration options, if delivered in an encrypted data bag, will
override the defaults in the attributes file:


Resource cloudpassage_agent usage:

The cloudpassage::default recipe calls the cloudpassage_agent resource with
action :install. You can call this resource directly from another recipe
as simply as:

cloudpassage_agent 'halo' do
  action :install

The reconfigure action forces reconfiguration of the agent:

cloudpassage_agent 'halo' do
  action :reconfigure

The remove action uninstalls the agent:

cloudpassage_agent 'halo' do
  action :remove

Don't forget to add depends 'cloudpassage' to your metadata.rb file if
you're including the resource in another cookbook.

As with the recipe, you can accept almost all the defaults and rock and roll.
You don't even have to define the server_tag, but you'll spend a lot of
time manually organizing your hosts in the CloudPassage Halo portal if you

For your reading pleasure, here is an exhaustive list of properties for the
cloudpassage_halo resource:

What it is What it does
agent_key You MUST define this. The default value will not register.
grid_url Only override this if you're running on your own grid.
linux_agent_version This forces a specific version of the Linux agent.
proxy_host Tells the agent to use a proxy
proxy_port Defines the port for the proxy
proxy_user Define a username for proxy use
proxy_password Define a password for proxy use
read_only Set to true to run the agent in audit mode
server_tag This determines group placement on agent activation
server_label This is a user-defined string that supersedes the hostname when rendered in the portal.
dns Set this to false to disable DNS resolution by the agent.
windows_installer_protocol Used for assembling the URL for the Windows installer.
windows_installer_port Used for assembling the URL for the Windows installer.
windows_installer_host Used for assembling the URL for the Windows installer.
windows_installer_path Used for assembling the URL for the Windows installer.
windows_installer_file_name Used for assembling the URL for the Windows installer.
apt_repo_url Only change this if you're running your own repository.
apt_repo_distribution Only change this if you're running your own repository.
apt_repo_components Only change this if you're running your own repository.
yum_repo_url Only change this if you're running your own repository.
apt_key_url Only change this if you're running your own repository.
yum_key_url Only change this if you're running your own repository.

Note: If the repo URL is configured as an empty string, the recipe will not
attempt to add the appropriate CloudPassage repository on the node.


CPTAGS:community-supported automation deployment



Dependent cookbooks

apt ~> 2.9.0
yum >= 3.8.0
compat_resource >= 12.14.3

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

CHANGELOG for cloudpassage


  • Initial release of cloudpassage_linux


  • Added support for proxy in Halo startup options
  • Changed to using platform_family instead of platform and lists of OSes for determining which pkg mgr to use
  • Added logic to print platform and platform version, as a reference by which to create logic to set server tag based on OS/ver
  • Moved repo and repo key variables to attributes, to make it easier for those who run private mirrors.


  • Consolidating down into one recipe for all platforms (now just referred to as 'cloudpassage')


  • Corrected metadata.rb, populated, corrected version in


  • Re-work of entire cookbook. Provides cloudpassage_agent resource for installing agent.


  • Added compat_resource to enable chef-client 12.5.1 compatibility.


  • Added linux_agent_version property to force specific version of Halo agent

  • Documentation improvements

  • Force failure on absence of agent key

  • Added rake task ec2 for style, spec, and ec2 checks (thanks @rgindes)


  • Corrected deprecated code ahead of Chef 13


  • Pinned deps in Rakefile


  • Pinned test-kitchen dependency


  • Added security group identifier to kitchen-ec2


  • Corrected variable name for security_group_ids


  • Allow use of user_data variable in ec2 testing


  • Pinning more vars in Gemfile


  • Corrected versions in metadata.rb


  • Support Amazon Linux 2015.09 (improve override for svc manager), include in kitchen-ec2 config. (203)

  • Increased concurrency (207)

  • Added linux agent version to kitchen_ec2 config (208)

  • Override retryable_tries in kitchen-ec2 config to accommodate occasionally slow Windows provisioning


  • Agent does not restart every time LWRP is run, only if calling :reconfigure

  • Added :reconfigure and :remove actions


  • Added reconfigure and remove actions to the LWRP

  • Update default agent version to 3.7.8

  • Update Solorunner to ServerRunner

  • Update Yum dependency to be >= 3.8.0

  • Added ChefDK testcases up through version 17.17


  • Restricted compat_resource version to be >=12.14.3


  • Restricted nio4r to be ~>1.2.1. latest nio4r only supports ruby 2.2.2+


  • Update Linux agent version to 3.9.5

  • Update Windows agent version to 3.9.7


  • Set up Dockerfile to test windows and linux instances with the latest agents

Collaborator Number Metric

3.0.4 passed this metric

Foodcritic Metric

3.0.4 passed this metric

License Metric

3.0.4 passed this metric