From 3630e2d42971db56f9a63068cdd2b9db393c0c7c Mon Sep 17 00:00:00 2001 From: Antek Baranski Date: Tue, 4 Oct 2016 19:35:06 -0700 Subject: [PATCH] Latest brew install needs extended sudo rights Signed-off-by: Antek S. Baranski --- .kitchen.yml | 2 +- .rubocop.yml | 7 ++++++ attributes/default.rb | 3 +++ recipes/default.rb | 33 ++++++++++++++++++++++---- templates/default/homebrew_sudo.erb | 3 +++ test/cookbooks/test/recipes/default.rb | 4 ++++ 6 files changed, 46 insertions(+), 6 deletions(-) create mode 100644 .rubocop.yml create mode 100644 templates/default/homebrew_sudo.erb diff --git a/.kitchen.yml b/.kitchen.yml index fe9e585..d37a720 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -18,4 +18,4 @@ platforms: suites: - name: default - run_list: test::default \ No newline at end of file + run_list: test::default diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..4275fff --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,7 @@ +AllCops: + Exclude: + - .kitchen/* + - vendor/**/* + +LineLength: + Max: 120 diff --git a/attributes/default.rb b/attributes/default.rb index 67245a6..8fc907f 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -27,3 +27,6 @@ default['homebrew']['installer']['url'] = 'https://raw.githubusercontent.com/Homebrew/install/master/install' default['homebrew']['installer']['checksum'] = nil default['homebrew']['enable-analytics'] = true +default['homebrew']['sudo']['commands'] = + %w( /bin/chmod /usr/sbin/chown /bin/mkdir /usr/bin/chgrp /usr/bin/touch + /usr/sbin/softwareupdate /bin/rm /usr/bin/xcode-select ) diff --git a/recipes/default.rb b/recipes/default.rb index feab10e..593660b 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -30,11 +30,34 @@ not_if { ::File.exist? '/usr/local/bin/brew' } end -execute 'install homebrew' do - command homebrew_go - environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } - user homebrew_owner - not_if { ::File.exist? '/usr/local/bin/brew' } +directory '/etc/sudoers.d' do + mode '00644' + owner 'root' + group 'wheel' + action :create +end + +begin + template '/etc/sudoers.d/homebrew' do + source 'homebrew_sudo.erb' + variables(lazy { { 'user' => homebrew_owner, 'hostname' => node['hostname'], 'commands' => node['homebrew']['sudo']['commands'] } }) + action :create + mode '00644' + user 'root' + group 'wheel' + not_if { (::File.exist? '/usr/local/bin/brew') || node['homebrew']['sudo']['commands'].empty? } + end + + execute 'install homebrew' do + command "#{homebrew_go} < /dev/null" + environment lazy { { 'HOME' => ::Dir.home(homebrew_owner), 'USER' => homebrew_owner } } + user homebrew_owner + not_if { ::File.exist? '/usr/local/bin/brew' } + end +ensure + file '/etc/sudoers.d/homebrew' do + action :delete + end end execute 'set analytics' do diff --git a/templates/default/homebrew_sudo.erb b/templates/default/homebrew_sudo.erb new file mode 100644 index 0000000..6617e6b --- /dev/null +++ b/templates/default/homebrew_sudo.erb @@ -0,0 +1,3 @@ +<% @commands.each do |command| %> +<%= @user %> <%= @hostname %>=(root) NOPASSWD: <%= command %> +<% end %> diff --git a/test/cookbooks/test/recipes/default.rb b/test/cookbooks/test/recipes/default.rb index 616a401..fb837bb 100644 --- a/test/cookbooks/test/recipes/default.rb +++ b/test/cookbooks/test/recipes/default.rb @@ -13,3 +13,7 @@ include_recipe 'homebrew::install_formulas' include_recipe 'homebrew::install_casks' include_recipe 'homebrew::install_taps' + +package 'cmake' do + action :install +end