Comments (5)
That is a bug with the compilation environment on windows and the ed25519 gem, that has nothing to do with this gem directly.
It will get solved in the next release of chef-client which will bundle the ed25519 gem again. I don't know what the workaround is in the meantime.
from kitchen-nodes.
@lamont-granquist do you know of the latest version of the Chef Infra Client where this bug is not present? Also, the only reason I'm pursuing jumping to a super recent version is due to the remote_file
error I get currently due to the recent Let's Encrypt CA certificate expiration as outlined in this post. If there is a way to resolve that issue without needing to upgrade the Chef Infra Client version then I can pursue that while this ed25519 gem issue is resolved.
I also posted about all of this on the Chef Community Slack Channel:
https://chefcommunity.slack.com/archives/C0M1NGZE3/p1633541353177900
from kitchen-nodes.
The latest version of chef-client fixes letsencrypt it does not fix the ed25519 problem.
You need to manaually fix both c:/opscode/chef/embedded/ssl/certs/cacert.pem and c:/opscode/chef/embedded/ssl/cert.pem on windows.
from kitchen-nodes.
@lamont-granquist
How do I manually fix both of those on Windows? Can you offer any guidance on that? Or direct me to a post where someone has outlined those steps?
from kitchen-nodes.
For others' benefit, we added this code to a Chef recipe to fix the issue on our Windows machines:
ca_cert_match = 'DST Root CA X3'
cacert_test = powershell_out(
"
$chefPath = 'C:\\opscode\\chef\\embedded'
$certPath = [System.IO.Path]::Combine($chefPath,'ssl','certs','cacert.pem')
$test1 = Select-String -Pattern '#{ca_cert_match}' -Path $certPath -Quiet
$certPath = [System.IO.Path]::Combine($chefPath,'ssl','cert.pem')
$test2 = Select-String -Pattern '#{ca_cert_match}' -Path $certPath -Quiet
return ($test1 -or $test2)
").stdout.chomp().to_s.downcase
powershell_script 'Chef Client Fix cacert.pem' do
code <<-EOH
$dtStamp = (Get-Date).ToString('yyyyMMddHHmmss')
$chefPath = 'C:\\opscode\\chef\\embedded'
$chefBin = [System.IO.Path]::Combine($chefPath,'bin')
$certPath = [System.IO.Path]::Combine($chefPath,'ssl','certs','cacert.pem')
# create backup copy cacert.pem
Copy-Item -Path "$certPath" -Destination "$($certPath).bak.$($dtStamp)"
# remove expired cert from cacert.pem
& "$($chefBin)\\sed.exe" -i '' '/#{ca_cert_match}/,/^$/ d' "$certPath"
# create backup copy cert.pem
$certPath = [System.IO.Path]::Combine($chefPath,'ssl','cert.pem')
Copy-Item -Path "$certPath" -Destination "$($certPath).bak.$($dtStamp)"
# remove expired cert from cert.pem
& "$($chefBin)\\sed.exe" -i '' '/#{ca_cert_match}/,/^$/ d' "$certPath"
EOH
only_if { cacert_test == 'true' }
end
from kitchen-nodes.
Related Issues (20)
- policyfile support HOT 4
- Converge of windows 2008R2 fails with message: Failed to complete #converge action: [Unable to retrieve IPs] HOT 1
- help request with testing HOT 6
- Gem conflict on Windows workstation, not sure how to solve HOT 5
- Doesn't seem to work with tags? HOT 3
- Working Example: Nginx Balancer + 2 App Nodes HOT 2
- Trouble searching the node HOT 2
- Nodes returned from search are missing attributes from ohai? HOT 3
- Searching fqdn and ip on windows breaks
- can't load 'nodes' provisioner from load path HOT 9
- Using kitchen-nodes with dokken HOT 4
- Failed to complete #converge action: [undefined method `[]' for #<WinRM::Output:0x4adaab8>] HOT 1
- Net SCP error when using nodes HOT 1
- Remove created nodes after run a `kitchen destroy`
- Copy /tmp/kitchen/nodes back to workstation nodes dir after converge HOT 6
- Windows FQDN constructed from internal hostname rather than Openstack instance name HOT 2
- net-scp issue when transferring files to vm HOT 3
- test-kitchen dependency version is too old HOT 9
- Kitchen converge race condition HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kitchen-nodes.