Fetching checksums at compile time breaks the cookbook in complicated environments

Question

Fetching checksums at compile time breaks the cookbook in complicated environments

jjustice6 opened this issue 8 years ago · 6 comments

We have a situation in which we have a cookbook that sets up SSL certificates as well as installing common dev software, including Vagrant.

We use remote_directory to put certs in a folder, notifying a block that runs either update-ca-certificates (if Ubuntu) or update-ca-trust (if RHEL). This is pretty straightforward stuff.

The problem is that happens at runtime, and if I want to also install Vagrant, the cookbook fails at compile time because, without the SSL certificates, it can't go get the checksums here: https://github.com/jtimberman/vagrant-cookbook/blob/master/libraries/helpers.rb#L60-L63

Answer 1 · 2017-07-13T18:34:25.000Z

I think this could be fairly easily mitigated and probably will tackle it moving to custom resources.

Answer 2 · 2018-03-28T05:29:06.000Z

http://notetoself.vrensk.com/2008/09/verified-https-in-ruby/ is probably relevant for a solution. Using the chef supplied cacerts.pem file will pull in the usual suspects for CA authorities.

Answer 3 · 2018-05-13T05:49:23.000Z

Should be fixed by #91. Up for review.

Answer 4 · 2018-05-14T14:51:41.000Z

#91 was merged.

Answer 5 · 2018-05-14T14:52:48.000Z

Awesome, this is great news.

Answer 6 · 2019-05-14T15:47:45.000Z

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.