How to setup Jenkins to use Knife in a Powershell script

Question

I am using Jenkins on a Windows Server 2012 R2. I would like to run a job that builds, and on forced promotion it should tell the remote chef server that the recipe has changed or updated then start the chef-client on the remote nodes.

I have installed the Chef Identity Plugin, Promoted-builds Plugin, MSbuild Plugin, TFS-4.0.0 plugin and the Deploy Plugin

So far the build works and the promotions work. I have set up on forced promotion that two Powershell scripts should run. The first one works fine, it does just basic data management and file naming.

But the second one says it was a failure but the promotion still passes and there is no evidence that is worked at all.

I have explicitly used the path to Knife because when I don't use it, Jenkins gives an error of:

WARNING: No knife configuration file found
ERROR: Could not find cookbook MyFirstCookingLesson in your cookbook path, skipping it
ERROR: ArgumentError: Cannot sign the request without a client name, check that :node_name is assigned

If I add the -V flag and run the script by right clicking it and running it with Powershell in Jenkins workspace I get this Information:

The ps1 file contains (Lets call it 'Chef-client.ps1'):

C:\opscode\chefdk\bin\knife cookbook upload MyFirstCookingLesson
C:\opscode\chefdk\bin\knife job start 'chef-client' WIN-COMPNAME

The Chef-client.ps1 is called using the Execute Windows Batch Command:

cd C:\chef-source\cookbooks
PowerShell.exe -File  C:\chef-source\cookbooks\Chef-client.ps1

I have also set up the Chef identity in the Jenkins credentials as follows:

Identity name: geoff
user.pem key : <a whole bunch of secret stuffs and gibberish>

knife.rb : 

log_level :info
log_location STDOUT
node_name 'geoff'
client_key 'C:/Users/user123/.chef/geoff.pem'
validation_client_name  'geoff.pem'
validation_key 'C:/Users/user123/.chef/secretName-validator.pem'
chef_server_url 'https://secretLocation.268lab.local/organizations/secretName/'
syntax_check_cache_path 'C:/Users/user123/.chef/syntax_check_cache'
cookbook_path [ 'c:/chef-source/cookbooks/' ]
http_proxy 'http://22.151.32.85:3128'
https_proxy 'http://22.151.32.85:3128'
no_proxy 'secretLocation.268lab.local'
knife[:editor] = '"C:\Program Files (x86)\Notepad++\notepad++.exe"';

So I have also found out that Jenkins seems to run in its own Userprofile which I have a feeling might be throwing everything off.

I have read over so many set up blogs but nothing that really tells me how to set this up explicitly. The blogs either just assume its done already or uses a different tool.

I also placed copies of the .chef folder in both the Jenkins Workspace and the 'hopeful' Userprofile space in hopes that it would work.

Please could anyone help guide me?

Answer 1

Too long for a comment:

So I have also found out that Jenkins seems to run in its own Userprofile which I have a feeling might be throwing everything off.

If your jenkins user can't read user123 home, there's no chance it can read the knife config not properly authenticate as it can't read the geoff.pem file.

One solution to get around this problem is to put the config, keys etc in a specific directory and using the -c option of knife to give it the path to the conf file. Another option is using the KNIFE_HOME environment variable but it's less easy and error prone in Jenkins.