Latest brew install needs extended sudo rights

Signed-off-by: Antek S. Baranski <[email protected]>

.rubocop.yml

@@ -0,0 +1,7 @@
+AllCops:
+  Exclude:
+    - .kitchen/*
+    - vendor/**/*
+
+LineLength:
+  Max: 120

attributes/default.rb

@@ -27,3 +27,7 @@
 default['homebrew']['installer']['url'] = 'https://raw.githubusercontent.com/Homebrew/install/master/install'
 default['homebrew']['installer']['checksum'] = nil
 default['homebrew']['enable-analytics'] = true
+default['homebrew']['sudo']['commands'] =
+  %w( /bin/chmod /usr/sbin/chown /bin/mkdir /usr/bin/chgrp /usr/bin/touch
+  /usr/sbin/softwareupdate /bin/rm
+  )

recipes/default.rb

@@ -30,11 +30,32 @@
   not_if { ::File.exist? '/usr/local/bin/brew' }
 end
 
-execute 'install homebrew' do
-  command homebrew_go
-  environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } }
-  user homebrew_owner
-  not_if { ::File.exist? '/usr/local/bin/brew' }
+begin
+  template '/etc/sudoers.d/homebrew' do
+    source 'homebrew_sudo.erb'
+    variables (
+      lazy {
+        { :user => homebrew_owner, :hostname => node['hostname'],
+          :commands => node['homebrew']['sudo']['commands'] }
+      }
+    )
+    action :create
+    mode '00644'
+    user 'root'
+    group 'wheel'
+    not_if { (::File.exist? '/usr/local/bin/brew') || node['homebrew']['sudo']['commands'].empty? }
+  end
+
+  execute 'install homebrew' do
+    command "#{homebrew_go} < /dev/null"
+    environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } }
+    user homebrew_owner
+    not_if { ::File.exist? '/usr/local/bin/brew' }
+  end
+ensure
+  file '/etc/sudoers.d/homebrew' do
+    action :delete
+  end
 end
 
 execute 'set analytics' do

templates/default/homebrew_sudo.erb

@@ -0,0 +1,3 @@
+<% @commands.each do |command| %>
+<%= @user %> <%= @hostname %>=(root) NOPASSWD: <%= command %>
+<% end %>