BigFix-Chef integration

 Chef is used for automating server management and, like BigFix, it delegates
most of the work to the endpoint, avoiding to centralize the work at the server.
With Chef, you can describe how each part of infrastructure should be built,
then when a new server comes online you tell it what role you want it to play
and Chef will configure it properly.

 Cookbooks are fundamental working units of Chef, which consists of all the
details related to endpoints, having the capability to modify configuration and
the state of any system configured as a node on Chef infrastructure.
 Recipes, attributes, metadata, resource, etc. are components of Cookbook.
 Chef Roles & Recipes describe how servers should be configured.
 Roles in Chef are a logical way of grouping endpoints.
 Recipes describe what state the server should be in, for example what
packages should be installed, what services should be running, etc. Chef
makes sure that each server is properly configured to its Recipes only taking
corrective action when necessary.
“The goal of the BigFix-Chef integration is to enable Chef within the
BigFix offerings as a model to deliver and perform automation on
endpoints, which is in addition to the fixlet model available in BigFix, but
the aggregation of both the BigFix and Chef automation models will
provide the customer with a more complete and more powerful
solution.”
 There are 2 stages for this integration,
1- integration with chef-solo (already available)
2- integration with chef-server (still under development)

Stage 1 - Integration with Chef Solo

 This stage consists in the BigFix integration with the standalone Chef client
called Chef Solo, capable of consuming local cookbooks and recipes.
 For endpoints, this integration supports all platform that is supported by both
bigfix agent and chef-solo.
 Fixlets Related to Chef-solo (200 -205)

1- Changes required in relevances to test all fixlets

 added support for platform check like win2016, working for other mentioned
platform.
 made entry into registry "DisplayName" - "Chef Client" as per desc.
 for download /run cookbook fixlet- one of the regex for checking the path format
(e.g. C:\chef\cookbook) is not working (the reg. exp is correct when tested
individually but from action script its always returning false). So, had to bypass this
check and proceed.

2.usage of all the fixlets

ID Task Description
200 Set Up Chef-Solo This Task configures the development environment for Chef-
Development Solo on a Microsoft Windows target computer.
Environment for Software’s like Ruby and Git are download and set in
Windows environment variables of the endpoints.
201 Install Chef-Solo This Task installs Chef-Solo on a Microsoft Windows target
for Windows computer and creates the Chef-Solo repository in a location
that you specify.
202 Download Chef- This Task downloads a Cookbook from the Opscode
Solo Cookbook Community site and adds it to the Chef-Solo repository on the
from Opscode target computer.
If the Opscode community site is non-functional, user can
download cookbooks from git and chef-repo and mention the
same in the relevance parameters.
203 Download Chef- This Task downloads a Cookbook from a URL and adds it to
Solo Cookbook the Chef-Solo repository on the target computer.
from url Currently, the URL to be mentioned is non-functional.
204 Run a downloaded This Task runs a Chef-Solo Cookbook that has previously been
Chef-Solo downloaded to a Microsoft Windows target computer. A
Cookbook cookbook is a collection of recipes. So, this action will run all
the recipes inside a cookbook.
205 Run a downloaded This Task runs a Chef-Solo Recipe that has previously been
Chef-Solo Recipe downloaded to a Microsoft Windows target computer. There
ID Task Description
can be multiple downloaded recipes from which user can pick
one recipe and execute it.
e.g. default.rb.