knife bootstrap with ssh protocol from Windows workstation is breaking.

[Vasu1105]

Description

Bootstrapping Ubuntu node from Windows workstation fails
This issue we found while working on chef/chef-workstation#1226
which is part of chef/chef-workstation#1167

I have verified same command from Linux workstation that work fine here is the output of it.

knife bootstrap ec2-instance.us-east-2.compute.amazonaws.com --ssh-user ubuntu --ssh-intity-file ~/Documents/chef-aws-key/vaundhara-key.pem -N vasu-ubuntu --sudo
--ssh-user: This flag is deprecated. Use -U/--connection-user instead.
Connecting to ec2-instance.us-east-2.compute.amazonaws.com
The authenticity of host 'ec2-instance.us-east-2.compute.amazonaws.com (3.14.135.182)' can't be established.
fingerprint is SHA256:FlH6u7HX5ACcGyVurS2OnRQWZw+4GT5rwhBh78ZQwTg.

Are you sure you want to continue connecting
? (Y/N) Y
Connecting to ec2-instance.us-east-2.compute.amazonaws.com
Node vasu-ubuntu exists, overwrite it? (Y/N) Y
Client vasu-ubuntu exists, overwrite it? (Y/N) Y
Creating new client for vasu-ubuntu
Creating new node for vasu-ubuntu
Bootstrapping ec2-instance.us-east-2.compute.amazonaws.com
 [ec2-instance.us-east-2.compute.amazonaws.com] -----> Existing Chef Infra Client installation detected
 [ec2-instance.us-east-2.compute.amazonaws.com] Starting the first Chef Infra Client Client run...
 [ec2-instance.us-east-2.compute.amazonaws.com] +---------------------------------------------+
✔ 2 product licenses accepted.
+---------------------------------------------+
 [ec2-instance.us-east-2.compute.amazonaws.com] Starting Chef Infra Client, version 16.1.0
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] resolving cookbooks for run list: []
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] Synchronizing Cookbooks:
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] Installing Cookbook Gems:
Compiling Cookbooks...
[2020-05-26T07:46:02+00:00] WARN: Node vasu-ubuntu has an empty run list.
 [ec2-instance.us-east-2.compute.amazonaws.com] Converging 0 resources
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] Running handlers:
 [ec2-instance.us-east-2.compute.amazonaws.com] 
 [ec2-instance.us-east-2.compute.amazonaws.com] Running handlers complete
 [ec2-instance.us-east-2.compute.amazonaws.com] Chef Infra Client finished, 0/0 resources updated in 01 seconds
 [ec2-instance.us-east-2.compute.amazonaws.com] 

Chef Version

> chef -v                                                                                                                            
Chef Workstation version: 20.5.46
Chef Infra Client version: 16.1.0
Chef InSpec version: 4.18.114
Chef CLI version: 3.0.1
Test Kitchen version: 2.5.1
Cookstyle version: 6.5.3

Platform Version

Window 10 Enterprise

Replication Case

I am running Window 10 Enterprise as workstation and bootstrapping Ubuntu 16.04(this instance is created on AWS)

knife bootstrap ec2-instance.us-east-2.compute.amazonaws.com -U ubuntu --ssh-identity-file C:\Users\Vasundhara\workspace\vaundhara-key.pem -N vasu-ubuntu --sudo -VV                                                            

Client Output

Stacktrace

knife bootstrap ec2-instance.us-east-2.compute.amazonaws.com -U ubuntu --ssh-identity-file C:\Users\Vasundhara\workspace\vaundhara-key.pem -N vasu-ubuntu --sudo -VV                                                                                                                                                          
INFO: Using configuration from C:/Users/Vasundhara/workspace/hosted-chef-repo/chef-repo/.chef/knife.rb
DEBUG: Checking if we need to accept Chef license to bootstrap node
DEBUG: Reading products and relationships...
DEBUG: Successfully read products and relationships
DEBUG: License acceptance required for chef version: 16
DEBUG: Searching for the following licenses: ["infra-client", "inspec"]
DEBUG: Found license chef_infra_client at C:/Users/Vasundhara/.chef/accepted_licenses/chef_infra_client
DEBUG: Found license inspec at C:/Users/Vasundhara/.chef/accepted_licenses/inspec
DEBUG: Missing licenses remaining: []
DEBUG: All licenses present
Connecting to ec2-instance.us-east-2.compute.amazonaws.com
DEBUG: [SSH] opening connection to ubuntu@ec2-instance.us-east-2.compute.amazonaws.com
DEBUG: [SSH] using options {:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>60, :auth_methods=>["none", "publickey"], :keys_only=>true, :keys=>["C:\\Users\\Vasundhara\\workspace\\vaundhara-key.pem"], :password=>"<hidden>", :forward_agent=>nil, :non_interactive=>true, :verify_host_key=>:always}
The authenticity of host 'ec2-instance.us-east-2.compute.amazonaws.com (3.14.135.182)' can't be established.
fingerprint is SHA256:FlH6u7HX5ACcGyVurS2OnRQWZw+4GT5rwhBh78ZQwTg.

Are you sure you want to continue connecting
? (Y/N) Y
Connecting to ec2-instance.us-east-2.compute.amazonaws.com
DEBUG: [SSH] opening connection to ubuntu@ec2-instance.us-east-2.compute.amazonaws.com
DEBUG: [SSH] using options {:user_known_hosts_file=>"/dev/null", :port=>22, :compression=>false, :compression_level=>0, :keepalive=>true, :keepalive_interval=>60, :timeout=>60, :auth_methods=>["none", "publickey"], :keys_only=>true, :keys=>["C:\\Users\\Vasundhara\\workspace\\vaundhara-key.pem"], :password=>"<hidden>", :forward_agent=>nil, :non_interactive=>true, :verify_host_key=>:accept_new}
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = cmd.exe /c ver
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = Get-WmiObject Win32_OperatingSystem | Select Caption,Version | ConvertTo-Json
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = uname -s
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = uname -m
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = test -f /etc/debian_version
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = test -f /etc/lsb-release && cat /etc/lsb-release
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = sh -c '(sudo echo) < /dev/null'
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = sudo echo '[SSH] Established'
Creating new client for vasu-ubuntu
Creating new node for vasu-ubuntu
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = sudo mkdir -p '/tmp/chef_y9CEkk'
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = sudo chown ubuntu '/tmp/chef_y9CEkk'
Bootstrapping ec2-instance.us-east-2.compute.amazonaws.com
DEBUG: [SSH] ubuntu@ec2-instance.us-east-2.compute.amazonaws.com cmd = sudo sh /tmp/chef_y9CEkk/bootstrap.sh
 [ec2-instance.us-east-2.compute.amazonaws.com] -----> Installing Chef Omnibus (stable/16)
downloading https://omnitruck.chef.io/chef/install.sh
  to file /tmp/install.sh.2074/install.sh
 [ec2-instance.us-east-2.compute.amazonaws.com] trying wget...
 [ec2-instance.us-east-2.compute.amazonaws.com] ubuntu 16.04 x86_64
Getting information for chef stable 16 for ubuntu...
downloading https://omnitruck.chef.io/stable/chef/metadata?v=16&p=ubuntu&pv=16.04&m=x86_64
  to file /tmp/install.sh.2078/metadata.txt
 [ec2-instance.us-east-2.compute.amazonaws.com] trying wget...
 [ec2-instance.us-east-2.compute.amazonaws.com] sha1        53f187ff85678c9504731827147d638a0ab120b1
sha256  9995a251dc82298a7badc19e881cd3b1c55f7be8fdbe09691170c000b61ec0e2
url     https://packages.chef.io/files/stable/chef/16.1.0/ubuntu/16.04/chef_16.1.0-1_amd64.deb
version 16.1.0
 [ec2-instance.us-east-2.compute.amazonaws.com]
 [ec2-instance.us-east-2.compute.amazonaws.com] downloaded metadata file looks valid...
 [ec2-instance.us-east-2.compute.amazonaws.com] downloading https://packages.chef.io/files/stable/chef/16.1.0/ubuntu/16.04/chef_16.1.0-1_amd64.deb
  to file /tmp/install.sh.2078/chef_16.1.0-1_amd64.deb
 [ec2-instance.us-east-2.compute.amazonaws.com] trying wget...
 [ec2-instance.us-east-2.compute.amazonaws.com] Comparing checksum with sha256sum...
 [ec2-instance.us-east-2.compute.amazonaws.com] Installing chef 16
installing with dpkg...
 [ec2-instance.us-east-2.compute.amazonaws.com] Selecting previously unselected package chef.
 [ec2-instance.us-east-2.compute.amazonaws.com] (Reading database ... 51431 files and directories currently installed.)
 [ec2-instance.us-east-2.compute.amazonaws.com] Preparing to unpack .../chef_16.1.0-1_amd64.deb ...
 [ec2-instance.us-east-2.compute.amazonaws.com] Unpacking chef (16.1.0-1) ...
 [ec2-instance.us-east-2.compute.amazonaws.com] Setting up chef (16.1.0-1) ...
 [ec2-instance.us-east-2.compute.amazonaws.com] Thank you for installing Chef Infra Client! For help getting started visit https://learn.chef.io
 [ec2-instance.us-east-2.compute.amazonaws.com] /tmp/chef_y9CEkk/bootstrap.sh: 216: /tmp/chef_y9CEkk/bootstrap.sh: cannot create /etc/chef/trusted_certs/DigiCert_SHA2_Secure_Server_CA.crt: Directory nonexistent
/tmp/chef_y9CEkk/bootstrap.sh: 246: /tmp/chef_y9CEkk/bootstrap.sh: cannot create /etc/chef/trusted_certs/wildcard_opscode_com.crt: Directory nonexistent
 [ec2-instance.us-east-2.compute.amazonaws.com] Starting the first Chef Infra Client Client run...
 [ec2-instance.us-east-2.compute.amazonaws.com] [2020-05-26T07:09:29+00:00] WARN: *****************************************
 [ec2-instance.us-east-2.compute.amazonaws.com] [2020-05-26T07:09:29+00:00] WARN: Did not find config file: /etc/chef/client.rb. Using command line options instead.
 [ec2-instance.us-east-2.compute.amazonaws.com] [2020-05-26T07:09:29+00:00] WARN: *****************************************
 [ec2-instance.us-east-2.compute.amazonaws.com] [2020-05-26T07:09:29+00:00] FATAL: Cannot load configuration from /etc/chef/first-boot.json
ERROR: The following error occurred on ec2-instance.us-east-2.compute.amazonaws.com:
ERROR: /tmp/chef_y9CEkk/bootstrap.sh: 216: /tmp/chef_y9CEkk/bootstrap.sh: cannot create /etc/chef/trusted_certs/DigiCert_SHA2_Secure_Server_CA.crt: Directory nonexistent
     /tmp/chef_y9CEkk/bootstrap.sh: 246: /tmp/chef_y9CEkk/bootstrap.sh: cannot create /etc/chef/trusted_certs/wildcard_opscode_com.crt: Directory nonexistent

[dheerajd-msys]

Reproduced this issue on master branch also. Looking forward to fix this.

[dheerajd-msys]

The current workaround is :

Replacing every occurrence of <%= ChefConfig::Config.etc_chef_dir(false)%> to /etc/chef from template https://github.com/chef/chef/blob/master/lib/chef/knife/bootstrap/templates/chef-full.erb is working fine and bootstrap process is being successful from Windows to Linux