Files
chef/.chef/config.rb
T
raucao 301565b910 Move allowed node attrs to config file, apply automatically
This moves the whitelist for nodes' "normal" attributes to a config
file, which is loaded live during every run and applied in memory in
case the node's local file hasn't been updated before the client run.

Fixes allowed attributes being overwritten/removed in the node info
JSON files.
2026-07-05 17:07:56 +02:00

35 lines
1.1 KiB
Ruby

current_dir = File.dirname(__FILE__)
cookbook_path ["#{current_dir}/../site-cookbooks", "#{current_dir}/../cookbooks"]
node_path "nodes"
role_path "roles"
environment_path "environments"
data_bag_path "data_bags"
encrypted_data_bag_secret "#{current_dir}/encrypted_data_bag_secret"
local_mode true # Chef local mode, replacing Solo
# Knife-Zero config, see https://knife-zero.github.io/40_configuration/
# Prevent attributes from being saved to the node files
knife[:automatic_attribute_whitelist] = %w[
fqdn
os
os_version
hostname
ipaddress
roles
recipes
ipaddress
platform
platform_version
cloud
cloud_v2
chef_packages
]
# Added to /etc/chef/client.rb on node bootstrap
# https://docs.chef.io/attribute_persistence/
# Source of truth: site-cookbooks/kosmos-base/files/default/chef_normal_attributes.yml
normal_attrs = YAML.load_file(File.expand_path("../site-cookbooks/kosmos-base/files/default/chef_normal_attributes.yml", __dir__))
knife[:normal_attribute_allowlist] = normal_attrs
knife[:allowed_normal_attributes] = normal_attrs