- Fixes [#125](#125) adds conditional expressions when `node['splunk'…

…]['setup_auth']` is `false` to bypass the `chef-splunk::setup_auth` recipe.

- Fixes [#126](#126) creates `$SPLUNK_HOME/etc/system/local/user-seed.conf`

    Signed-off-by: Dang H. Nguyen <dang.nguyen@disney.com>

.gitignore

@@ -30,6 +30,7 @@ tmtags
 .project
 .settings
 mkmf.log
+*.swp
 
 ## COMPILED ##
 ##############

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 This file is used to list changes made in each version of the splunk cookbook.
 
+## 3,1.1 (2019-12-5)
+- Fixes [#125](https://github.com/chef-cookbooks/chef-splunk/issues/125) adds conditional expressions when `node['splunk']['setup_auth']`
+is `false` to bypass the `chef-splunk::setup_auth` recipe.
+- Fixes [#126](https://github.com/chef-cookbooks/chef-splunk/issues/126) creates `$SPLUNK_HOME/etc/system/local/user-seed.conf`
+
 ## 3.1.0 (2019-10-16)
 - Fixes [#50](https://github.com/chef-cookbooks/chef-splunk/issues/50) `splunk_installer` now allows for installing the package bundle from OS package managers by specifying `package_name` and `version`
 

metadata.rb

@@ -3,7 +3,7 @@
 maintainer_email 'cookbooks@chef.io'
 license 'Apache-2.0'
 description 'Manage Splunk Enterprise or Splunk Universal Forwarder'
-version '3.1.0'
+version '3.1.1'
 
 supports 'debian', '>= 8.9'
 supports 'ubuntu', '>= 16.04'

recipes/server.rb

@@ -2,7 +2,7 @@
 # Cookbook:: chef-splunk
 # Recipe:: server
 #
-# Copyright:: 2014-2016, Chef Software, Inc.
+# Copyright:: 2014-2019, Chef Software, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -20,7 +20,7 @@
 include_recipe 'chef-splunk::user'
 include_recipe 'chef-splunk::install_server'
 include_recipe 'chef-splunk::service'
-include_recipe 'chef-splunk::setup_auth'
+include_recipe 'chef-splunk::setup_auth' if node['splunk']['setup_auth'] == true
 
 # during an initial install, the start/restart commands must deal with accepting
 # the license. So, we must ensure the service[splunk] resource

recipes/setup_auth.rb

@@ -2,7 +2,7 @@
 # Cookbook:: chef-splunk
 # Recipe:: setup_auth
 #
-# Copyright:: 2014-2016, Chef Software, Inc.
+# Copyright:: 2014-2019, Chef Software, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,14 +16,28 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+if node['splunk']['setup_auth'] == false
+  log 'setup_auth is disabled' do
+    message 'The chef-splunk::setup_auth recipe was added to the node, ' \
+            'but the attribute to setup splunk authentication was disabled.'
+    level :debug
+  end
+  return
+end
+
 include_recipe 'chef-vault'
 
 splunk_auth_info = chef_vault_item(:vault, "splunk_#{node.chef_environment}")['auth']
 user, pw = splunk_auth_info.split(':')
 
-execute 'change-admin-user-password-from-default' do
-  command "#{splunk_cmd} edit user #{user} -password '#{pw}' -role admin -auth admin:changeme"
+template 'user-seed.conf' do
+  path "#{splunk_dir}/etc/system/local/user-seed.conf"
+  source 'user-seed-conf.erb'
+  owner splunk_runas_user
+  group splunk_runas_user
+  mode '600'
   sensitive true
+  variables user: user, password: pw
   not_if { ::File.exist?("#{splunk_dir}/etc/.setup_#{user}_password") }
 end
 

templates/user-seed-conf.erb

@@ -0,0 +1,3 @@
+[user_info]
+USERNAME = <%= @user %>
+PASSWORD = <%= @password %>