Chef

Table Of Contents

env

A resource defines the desired state for a single configuration item present on a node that is under management by Chef. A resource collection—one (or more) individual resources—defines the desired state for the entire node. During a chef-client run, the current state of each resource is tested, after which the chef-client will take any steps that are necessary to repair the node and bring it back into the desired state.

Use the env resource to manage environment keys in Microsoft Windows. After an environment key is set, Microsoft Windows must be restarted before the environment key will be available to the Task Scheduler.

Note

On UNIX-based systems, the best way to manipulate environment keys is with the ENV variable in Ruby; however, this approach does not have the same permanent effect as using the env resource.

Syntax

A env resource block manages environment keys in Microsoft Windows:

env 'ComSpec' do
  value 'C:\\Windows\\system32\\cmd.exe'
end

The full syntax for all of the attributes that are available to the env resource is:

env 'name' do
  delim                      String
  key_name                   String # defaults to 'name' if not specified
  provider                   Chef::Provider::Env
  value                      String
  action                     Symbol # defaults to :create if not specified
end

where

  • env is the resource
  • name is the name of the resource block
  • :action identifies the steps the chef-client will take to bring the node into the desired state
  • delim, key_name, provider, and value are attributes of this resource, with the Ruby type shown. (See “Attributes” section below for more information about all of the attributes that may be used with this resource.)

Actions

This resource has the following actions:

Action Description
:create Default. Use to create an environment variable. If an environment variable already exists (but does not match), use to update that environment variable to match.
:delete Use to delete an environment variable.
:modify Use to modify an existing environment variable. This will prepend the new value to the existing value, using the delimiter specified by the delim attribute.
:nothing Use to define a resource block that does nothing until it is notified by another resource to take action. When notified, this resource block is either run immediately or it is queued up to be run at the end of the chef-client run.

Attributes

This resource has the following attributes:

Attribute Description
delim

Ruby Type: String

The delimiter that is used to separate multiple values for a single key.

key_name

Ruby Type: String

The name of the key that will be created, deleted, or modified. Default value: the name of the resource block. (See “Syntax” section above for more information.)

provider

Ruby Type: Chef Class

Optional. Use to explicitly specify a provider.

value

Ruby Type: String

The value with which key_name is set.

Guards

A guard attribute can be used to evaluate the state of a node during the execution phase of the chef-client run. Based on the results of this evaluation, a guard attribute is then used to tell the chef-client if it should continue executing a resource. A guard attribute accepts either a string value or a Ruby block value:

  • A string is executed as a shell command. If the command returns 0, the guard is applied. If the command returns any other value, then the guard attribute is not applied. String guards in a powershell_script run Windows PowerShell commands and may return true in addition to 0.
  • A block is executed as Ruby code that must return either true or false. If the block returns true, the guard attribute is applied. If the block returns false, the guard attribute is not applied.

A guard attribute is useful for ensuring that a resource is idempotent by allowing that resource to test for the desired state as it is being executed, and then if the desired state is present, for the chef-client to do nothing.

Attributes

The following attributes can be used to define a guard that is evaluated during the execution phase of the chef-client run:

Guard Description
not_if Use to prevent a resource from executing when the condition returns true.
only_if Use to allow a resource to execute only if the condition returns true.

Arguments

The following arguments can be used with the not_if or only_if guard attributes:

Argument Description
:user

Use to specify the user that a command will run as. For example:

not_if "grep adam /etc/passwd", :user => 'adam'
:group

Use to specify the group that a command will run as. For example:

not_if "grep adam /etc/passwd", :group => 'adam'
:environment

Use to specify a Hash of environment variables to be set. For example:

not_if "grep adam /etc/passwd", :environment => {
  'HOME' => "/home/adam"
}
:cwd

Use to set the current working directory before running a command. For example:

not_if "grep adam passwd", :cwd => '/etc'
:timeout

Use to set a timeout for a command. For example:

not_if "sleep 10000", :timeout => 10

Examples

The following examples demonstrate various approaches for using resources in recipes. If you want to see examples of how Chef uses resources in recipes, take a closer look at the cookbooks that Chef authors and maintains: https://github.com/opscode-cookbooks.

Set an environment variable

env "ComSpec" do
  value "C:\\Windows\\system32\\cmd.exe"
end