Chef Cookbook that starts with a small powershell script, need to pass the returned integer value to Chef

Question

I'm trying to finish someone's cookbook, and I need to be able to have Chef pick up the returned integer of 0 from this script (Some details have been removed) Any suggestions on what might work here in Chef? I've already added the Powershell module in Chef, and specifically I'm asking about the order of what Chef would parse this data in - as in the action: item to hand this variable to... Thanks.

include_recipe "chef_handler

powershell_script do
  code <<-EOH
  ###############
  # 
  # Description:
  # Returns 1 if any share or share path allow read/write by the 'Everyone' group (fail)
  # Returns 0 if this condition is not found (pass)


  Try
  {
    #get all shares
    $shares = e | Select-Object Name,Path
    if($shares)
    {
      Foreach ($share in $shares)
      {
        #check everyone permissions
        $shareAccounts = -Name $share.Name
        Foreach ($account in $shareAccounts)
        {
          If ($account.AName -eq 'Everyone')
          {
            return 1
          }
        }

        #check 
        $volumePerm = Get-ACL $share.Path
        if ($volume.Access.Where({$Reference -eq 'Everyone'}))
        {
          return 1
        }
      }
    }
    else
    return 0


    #loop through each share checking for 'Everyone'
    # pass the return values send to Chef or something else.
  }

  {
    #build error message
  }
  Finally
  {
    #return final message
  }
  EOH

  fail "Instance has failed the OpenShares check" if code == 1

end

The workaround we used is to write it to a tmp file, read it back from Chef and delete it. — Wai Yan, Jun 06 '16 at 01:57
Thanks Wai Yan, do you have a snippet you are able to share? I hadn't thought of that. :-) — st.vincent_guitar, Jun 06 '16 at 17:11

score 1 · Accepted Answer · answered Jun 06 '16 at 01:46

1

Chef resources don't have output values. If the PowerShell script fails, it will abort the Chef run, otherwise it will proceed.

answered Jun 06 '16 at 01:46

coderanger

52,400
4
52
75

Thanks coderanger, that confirmed the reason it was failing. Which is why I prefer to start with my own messes. – st.vincent_guitar Jun 06 '16 at 15:16

score 0 · Answer 2 · edited May 23 '17 at 11:58

0

You can also take a look at the returns parameter of powershell_script block. If you specify a value like [0,1], the script will not fail. You can also not specify anything and try to catch the exception using Ruby rescue.

That said, if you really need the value, my suggestion is to write the value to a file and read it back at the end of the process, instead of returning it.

You can refer to this article for writing stuff to file using powershell and this for reading the file to String in Ruby.

edited May 23 '17 at 11:58

Community

1
1

answered Jun 07 '16 at 01:17

Wai Yan

582
9
22

Interesting, many thanks Wai Yan, very appreciated. At the start, the word code creates a variable that will contain whatever is returned. It's not defined to be a certain type. So I will look at both of those links carefully, I think ruby catch may be the one I'm most interested in. Too soon to tell. However you have opened my eyes to some different possibilities. Now I need to better understand how to use rescue in the code before I can make that decision. I'm already late with this so I will just do what must be done. Thanks - I'll post an update provided I can figure that out.:-) – st.vincent_guitar Jun 07 '16 at 18:21

Chef Cookbook that starts with a small powershell script, need to pass the returned integer value to Chef

2 Answers2