Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

zap (23) Versions 1.1.0

Provides HWRPs for creating authoritative resources

Berkshelf/Librarian
Policyfile
Knife
cookbook 'zap', '~> 1.1.0'
cookbook 'zap', '~> 1.1.0', :supermarket
knife cookbook site install zap
knife cookbook site download zap
README
Dependencies
Changelog
Quality

zap

Library cookbook for garbage collecting chef controlled resource sets.

One of the common pitfalls in chef land is the pattern of one deleting a resource definition from a recipe and the user wondering why the resource still exists on the system.

For example, on Monday a cronjob is added:

cron 'collect stats' do
  action    :create
  minute    0
  command '/usr/local/bin/collect-stats | mailto ops@nvwls.com'
end

After a few days, the issue is figured out and that cron resource is removed from the recipe. After uploading the new cookbook, they wonder why they are still receiving email.

The issue that chef is great for describing actions. I mean, action is part of the DSL.

At the 2013 Opscode Communit Summit, Matt Ray and I had a discussion regarding this issue. The name authoritative cookbook was coined. If chef is deploying files to a .d directory, if there are files in that directory not converged by a resource, those files should be removed.

This pattern has been added to https://github.com/Youscribe/sysctl-cookbook

I presented the zap pattern at ChefConf 2014. You can check out the video http://www.youtube.com/watch?v=4-So4AJlBI4&list=PL11cZfNdwNyMmx0msapJfuGsLV43C7XsA&feature=share&index=53 and the slides https://speakerdeck.com/nvwls/building-authoritative-resource-sets

Thanks

Users and groups support was provided by Sander Botman sbotman@schubergphilis.com. Yum_repository support was provided by Sander van Harmelen svanharmelen@schubergphilis.com Apt_repository support was provided by Helgi Þormar Þorbjörnsson helgi@php.net

Resource/Provider

zap_directory

Actions

  • :delete - Delete files and symlinks in a directory

Attribute Parameters

  • pattern - Pattern of files to match, i.e. *.conf, defaults to *
  • recursive - Recurse into subdirectories, defaults to false

Examples

zap_directory '/etc/sysctl.d' do
  pattern '*.conf'
end

zap_crontab

Actions

  • :delete - Delete jobs from a user's crontab

Attribute Parameters

  • pattern - Pattern of job names match, i.e. test \#*, defaults to *

Examples

zap_crontab 'root' do
  pattern 'test \#*'
end

zap_users

Delete users from /etc/passwd style files. node['zap']['users']['keep'] contains an array of user names to keep, i.e. root.

Actions

  • :remove

Example

zap_users '/etc/passwd' do
  # only zap users whose uid is greater than 500
  filter { |u| u.uid > 500 }
end

zap_groups

Delete groups from /etc/group style files. node['zap']['groups']['keep'] contains an array of group names to keep, i.e. wheel.

Actions

  • :remove

Example

zap_groups '/etc/group' do
  # only zap groups whose gid is greater than 500
  filter { |g| g.gid > 500 && g.name != 'nrpe' }
end

zap

This the base HWRP.

Example

zap '/etc/sysctl.d' do
  register :file, :template
  collect { Dir.glob("#{base}/*") }
end

Recipes

zap::apt_repos

Remove extraneous repos from /etc/apt/sources.list.d * node['zap']['apt_repos']['pattern'] is a glob expression used to restrict the name space, defaults to '*' * node['zap']['apt_repos']['immediately'] controls whether the zap is run immediately, defaults to true

zap::cron_d

Remove extraneous /etc/cron.d entries * node['zap']['cron_d']['pattern'] is a glob expression used to restrict the name space, defaults to '*'

zap::init_d

Disable sysv-init services on centos-6 * node['zap']['init_d']['pattern'] is a glob expression used to restrict the name space, defaults to '*'

zap::iptables_d

Remove /etc/iptables.d entries created by the iptables cookbook * node['zap']['iptables_d']['pattern'] is a glob expression used to restrict the name space, defaults to '*'

zap::sudoers_d

Remove extraneous /etc/sudoers.d entries * node['zap']['sudoers_d']['pattern'] is a glob expression used to restrict the name space, defaults to '*'

zap::yum_repos

Remove extraneous repos from /etc/yum.repos.d * node['zap']['yum_repos']['pattern'] is a glob expression used to restrict the name space, defaults to '*' * node['zap']['yum_repos']['immediately'] controls whether the zap is run immediately, defaults to true

zap Cookbook CHANGELOG

This file is used to list changes made in each version of the zap cookbook.

v1.1.0

Minor

  • Add immediately support to zap::apt_repos and zap::yum_repos

v1.0.2

Enhancement

  • Add zap::init_d to disable sysv-init services on centos-6

v1.0.1

Enhancement

  • Add zap::sudoers_d to prune sudo resources from /etc/sudoers.d

v1.0.0

Breaking change

  • Rewrote to support custom resources
  • Remove zap_firewall as v2.6.2 of the firewall cookbook manages the ruleset as a whole
  • Remove zap_apt_repos in favor of the zap::apt_repos recipe
  • Remove zap_yum_repos in favor of the zap::yum_repos recipe

v0.15.1

Bugfix

  • Fix bug with filter property lamba expression

v0.15.0

Enhancement

v0.14.0

Bugfix

  • Fix issues with zap_crontab and non-root cron

v0.13.1

Improvement

  • added unit tests for zap_groups

v0.13.0

Bugfix

  • Fix rubocop and foodcritic lint

v0.12.0

Improvement

  • added unit tests for zap_users and zap_yum_repos
  • adapt logic to make it compatible with versions 12.14 and higher

v0.11.4

Enhancement

Bump version for tag

v0.11.3

Enhancement

Using stove for upload

v0.11.2

Enhancement

  • Display a warning if a filter is given but the provider does not support it.

v0.11.1

Bugfix

  • Apply @pattern before entering converge_by

v0.11.0

Enhancement

  • Reworked to use converge_by

v0.10.0

Enhancement

  • Allow klass to be passed into zap()
  • zap_directory will now remove symlinks

v0.9.1

Bugfix

  • Internally @klass should be an array

v0.9.0

Improvement

  • Reworked klass to convert string into class
  • Added recipe [zap::cron_d] to remove /etc/cron.d entries

v0.8.7

Improvement

  • Added recipe [zap::firewall_windows] adds Windows Firewall support to zap firewall recipe

v0.8.6

Enhancement

  • Support using a descriptive resource name; added path var to zap_directory

v0.8.5

Bugfix

  • Using the shovel operator in chef 12 results in the resource being added directly after the current resource, rather than at the end of the resource list. [joyofhex]

v0.8.4

Bugfix

  • Support globbed directories, e.g. /home/*/.ssh

v0.8.3

Improvement

  • Added recipe [zap::firewall] for support for the firewall cookbook (main caller)
  • Added recipe [zap::firewall_iptables] adds iptables support to zap firewall recipe
  • Added recipe [zap::firewall_firewalld] adds firewalld support to zap firewall recipe

v0.8.2

Improvement

  • Eliminate warnings on newer versions of ChefSpec

v0.8.1

Bugfix

  • Added ZapDirectory#select to return path instead of the default of name.

The following will now be properly recognized:

file 'arbitrary name' do
  path '/the/real/path'
end

v0.8.0

Improvement

  • Added recursive option to zap_directory to remove all files under the specified directory

v0.5.2

Improvement

  • Refactored recipe[zap::yum_repos_d] into the zap_yum_repos resource provider
  • Added an option to call zap immediately at a certain point in your Chef run

v0.5.1

Improvement

  • Added recipe[zap::yum_repos_d]

v0.5.0

Improvement

  • Added collect and select to the resource

v0.4.3

Improvement

  • Moved @filter.call back

v0.4.2

Improvement

  • Moved @filter.call into iterate

v0.4.1

Improvement

  • Fixed rubocop warning

v0.4.0

Improvement

  • Added klass keyword to DSL which can take a class, i.e. Chef::Resource::File, or string, i.e. 'Chef::Resource::YumRepository', or an array of classes or strings.

v0.3.0

Improvement

  • Added zap_users and zap_groups

v0.2.0

Improvement

  • Added filter for more complex, codified filtering

v0.1.1

Improvement

  • Log at info

v0.1.0

Minor

  • Refactored into an HWRP to allow better code reuse

v0.0.6

Improvement

  • Cleaned up Rubocop warnings

v0.0.5

Improvement

  • Added zap_crontab to zap the specified user's crontab

v0.0.4

Improvement

  • Use ::File.join instead of hardcoding slashes

v0.0.3

Improvement

  • Split zap_directory into two phases, :delay to move it to the end of the resource list, and :run to do the actual work.

v0.0.2

Improvement

  • Move zap_directory to the end of the resource list.

Collaborator Number Metric
            

1.1.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

1.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

1.1.0 passed this metric

License Metric
            

1.1.0 passed this metric

No Binaries Metric
            

1.1.0 passed this metric

Publish Metric
            

1.1.0 passed this metric

Supported Platforms Metric
            

1.1.0 passed this metric

Testing File Metric
            

1.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

1.1.0 passed this metric