chef-core-actions 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ff4c5219d911c1689de7f5a6442191dbdd210bcf9e48e98ca2b4b33847fb747c
+  data.tar.gz: ee67d92de6abaee5195e93bd46c9f89dfcb82f23586f74852df2b99b4718e9cc
+SHA512:
+  metadata.gz: 8baff8714d6c68c726e644d4b924a39a078a46bc3d9d83ce5606b7db8bc758c26ebe030dee6e884d1fe4129db58ccc96f6e64a07780adaa7d5a3abc81735c113
+  data.tar.gz: bb8e0b96d2a5443768d9775e3e3ee0c8134a9dd2ccef69916b93833212072db69882b5dd3a4188cb590a68d7f1c734d83b3e2a0b3cc6631ee4038285b2f6ae52

data/LICENSE

@@ -0,0 +1,201 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/i18n/errors/en.yml

@@ -0,0 +1,394 @@
+#
+# Copyright:: Copyright (c) 2018 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# Error definitions, usage Text.e.ERR999
+#
+# General format:
+# ERRORID
+#   options: a stringified hash containing a optional hash of display options. See display_defaults below.
+#   text: |
+#      text of the message
+#
+# First Line: brief description of the error
+# Second line: blank
+# Third+ : detailed description, max 76 characters per line
+
+# Pluralizing Messages
+# If the text of an error differs based on quantity of subject,
+# you can specify different messages as follows:
+# ERRORID
+#   text: !!pl
+#     0: You have no things.
+#     1: You have one thing.
+#     n: You have lots of things.
+# Text.ERRORID(quanity, [other formatting params])
+
+errors:
+
+  # These are the default display attributes for all messages.
+  # If you want to override them in your gem or application,
+  # include 'errors' -> 'display_defaults' in your gem's i18n/errors/*.yml
+  # and enable it iwth Text.add_localization(path_to_yml)
+  # The most recent gem to add its own error translations will take precedence.
+  #
+  # If you want to override them for specific errors in your error yml,
+  # you can do so as follows:
+  # EXAMPLERROR001:
+  #   options: { decorations: false }
+  #   text: |
+  #     Here is the message text.
+  display_defaults:
+    # Set 'decorations: false' in a message to show only text. Equivalent
+    # to setting all of the other attributes to false individually
+    # stack: show reference to stack trace location in footer
+    # log: show reference to log file location in footer
+    # header: Show error header (currently bolded error id)
+    # footer: show standard footer
+    #
+    # This (end error 'options') are kept as YML strings that are parsed when
+    # the error is to be rendered.
+    # Using a string type is necessary bedcause we don't have access to the
+    # underlying tree structure via R18n.
+    "{ decorations: true, stack: false, log: false, header: true, footer: true }"
+
+
+  # Error headers and footers that are included with error messages will default to the
+  # text below. You can override this in your gem's localization, but make sure
+  # that you don't add additional argument placeholders (eg %3 if the original message
+  # only has %1 and %2) - they won't be populated since chef_core doesn't know about them.
+  footer:
+    both: |
+      If you are not able to resolve this issue, please contact Chef support
+      at workstation@chef.io and include the log file and stack trace from the
+      locations below:
+
+        %1
+        %2
+
+    log_only: |
+      If you are not able to resolve this issue, please contact Chef support
+      at workstation@chef.io and include the log file from the location below:
+        %1
+
+    stack_only: |
+      If you are not able to resolve this issue, please contact Chef support
+      at workstation@chef.io and include the stack trace from the location below:
+        %1
+
+    neither: |
+      If you are not able to resolve this issue, please contact Chef support
+      at workstation@chef.io
+
+  #
+  # Below are the error text definitions for errors that chef_core will raise.
+  #
+
+  # Remote execution and file operation errors are prefixed CHEFRMT
+  CHEFRMT001:
+    text: |
+      The command '%1' exited with return code '%2' on '%3'.
+
+      The following error was reported:
+
+      %4
+
+  # Train-related errors (connectivity, auth failure, etc)
+  # are prefixed CHEFTRN. Non-specific descendants of Train::Error
+  # will resolve to CHEFTRN001, and we can add additional
+  # more specific text as we need it.
+  #
+  # TODO: Note that due to a temporary oddity in the split of chef-apply
+  # reusable components into the chef_core gems, chef_core itself
+  # has the definitions for CHEFTRN003+ - that's where the associated
+  # exceptions get thrown.
+  CHEFTRN001:
+    text: |
+      An error has occurred on the %1 connection to %2:
+
+      %2.
+
+  CHEFTRN002:
+    text: |
+      An remote error has occurred:
+
+        %1.
+  # Train-related errors (connectivity, auth failure, etc)
+  # are prefixed CHEFTRN. Note that due to the gem split,
+  # some renumbering would make sense - CHEFTRN001 and 2
+  # now live in chef_core-actions
+  CHEFTRN003:
+    text: |
+      Password required for sudo.
+
+      This target requires a password to perform sudo operations.  Please provide a
+      password using the --sudo-password option. For example if the sudo password is
+      in the environment variable $CHEF_RUN_SUDO_PASSWORD, you could use:
+
+      --sudo-password $CHEF_RUN_SUDO_PASSWORD
+
+  CHEFTRN004:
+    text: |
+      Incorrect sudo password provided.
+
+      Please ensure that the password you provided with "--sudo-password" is correct.
+
+  CHEFTRN005:
+    text: |
+      sudo command '%1' not found.
+
+      Please verify that the --sudo-command '%1' is valid
+      and installed on this node.
+
+  CHEFTRN006:
+    text: |
+      sudo requires tty on this system
+
+      In order to continue, sudo must be configured to no longer require tty.
+      You can do this by modifying /etc/sudoers:
+
+      For all users:
+        Defaults !requiretty
+
+      Per-user:
+        Defaults:username !requiretty
+
+  CHEFTRN007:
+    text: |
+      No authentication methods available.
+
+      Try...
+      - Provide a password with "--password PASSWORD"
+      - Provide a key with "-identity-file PATH/TO/FILE"
+      - Enable ssh-agent and add keys
+      - Add a host entry to your ssh configuration
+
+      Additional instructions can be found in the troubleshooting documentation:
+
+      https://www.chef.sh/docs/chef-workstation/troubleshooting/#error-code-cheftrn007
+
+  CHEFTRN999:
+    text: |
+      Connection failed: %1
+
+      The following error occured while attempting to connect and authenticate to the target.
+
+      %1
+
+
+  # General errors/unknown errors are handled with CHEFINT
+  CHEFINT001:
+    options: "{ log: true, stack: true }"
+    text: |
+      An unexpected error has occurred:
+
+        %1
+
+  # Internal API errors - give them some formatting
+  CHEFAPI001:
+    options: "{ log: true, stack: true }"
+    text: |
+      API error: provide either :recipe_spec or :resouce_name, :resource_type,
+      and :resource_properties
+
+      You provided: %1
+
+
+  # Maps to: NameError
+  CHEFNET001:
+    text: |
+      A network error occurred:
+
+        %1
+
+      Please verify the host name or address is correct and that the host is
+      reachable before trying again.
+
+  # Remote chef client run failure start here.
+  CHEFUPL003:
+    options: "{ log: true, stack: true }"
+    text: |
+      Uploading config to target failed.
+
+  CHEFUPL004:
+    options: "{ log: true, stack: true }"
+    text: |
+      Uploading handler to target failed.
+
+  CHEFUPL005:
+    options: "{ log: true, stack: true }"
+    text: |
+      Uploading policy bundle to target failed.
+
+  # Maps to: SSL::SSLError with message text indicating verification failure
+  CHEFNET002:
+    text: |
+      SSL host verification failed.
+
+      I could not verify the identity of the remote host.
+
+      If you are certain that you are connecting to the correct host,
+      you can specify the '--no-ssl-verify' option for this command, or
+      make it the default by setting the following in your configuration:
+
+        [connection.winrm]
+        ssl_verify=false
+
+  # Catch-all error when marshalling mulitple parallel failures.
+  CHEFMULTI001:
+    text: |
+      One or more actions has failed.
+
+      A complete list of failures and possible resolutions can
+      be found in the file below:
+
+        %
+
+  # Errors relating to target host state:
+  CHEFTARG001:
+    text: |
+      '%1' is not a supported target operating system at this time.
+
+      We plan to support a range of target operating systems,
+      but during this targeted beta we are constraining our efforts
+      to Windows and Linux.
+
+  # Errors specifying ranges for host names.
+  CHEFRANGE001: |
+    text: |
+      The target '%1' contains an invalid range.
+
+      The range '%2' mixes alphabetic and numeric values.
+      A range must be one or the other.
+
+  CHEFRANGE002:
+    text: |
+      The target '%1' contains too many ranges.
+
+      A single target name can contain up two ranges.
+
+  CHEFRANGE003:
+    text: !!pl
+      1:
+        The target provided resolves to too many hosts.
+
+        At this time there is a limit of %2 hosts in a single operation.
+      n:
+        The targets provided resolve to too many hosts.
+
+        At this time there is a limit of %2 hosts in a single operation.
+
+  CHEFVAL011:
+    display: " { decorations: false } "
+    text: |
+      The protocol '%1' is not supported.
+
+      Currently supported remote access protocols are:
+
+        %2
+
+  # Installer action errors
+  CHEFINS002:
+    text: |
+      The target does not have chef-client installed.
+
+      This command is powered by the Chef client.  In order to make use of it
+      on this node, the Chef client must be installed first.
+
+      Re-running this command without the '--no-install' flag will
+      automatically perform the installation.
+
+  CHEFINS003:
+    text: |
+      The target has an older version of Chef client installed.
+
+      The target has version %1 installed, but this command
+      requires a minimum version of %2.
+
+      Please upgrade the Chef client on this node to version %2 or later.
+
+  CHEFINS004: |
+    The target's installed version of Chef Client is too old.
+
+    Version %1 is installed, but this command requires a
+    minimum version of %2.
+
+
+  # Remote chef client run failure start here.
+  CHEFCCR001:
+    text: |
+      Could not determine reason for converge failure.
+
+      An error occurred while converging the remote host.
+      I was unable to retrieve the log file which would allow
+      me to provide more information.  Here's where I looked:
+
+        %1
+
+  CHEFCCR002:
+    text: |
+      The converge of the remote host failed for the
+      following reason:
+
+        %1
+
+  CHEFCCR003:
+    text: |
+      The action '%1' is not valid.
+
+      Valid actions are:
+
+        %2
+
+      For more information, please consult the documentation
+      for this resource:
+
+        https://docs.chef.io/resource_reference.html
+
+  CHEFCCR004:
+    text: |
+      A property value you provided is not valid:
+
+        %1
+
+      Please consult the documentation for properties
+      supported by your resource and their valid values:
+
+        https://docs.chef.io/resource_reference.html
+
+  CHEFCCR005:
+    text: |
+      '%1' is not a valid Chef resource.
+
+      Please consult the documentation for a list of valid resources:
+
+        https://docs.chef.io/resource_reference.html
+
+  CHEFCCR006:
+    text: |
+      '%1' is not a property of '%2'.
+
+      Please consult the documentation for %2 for a list of
+      valid properties:
+
+        https://docs.chef.io/resource_reference.html
+
+  CHEFCCR099:
+    text: |
+      The converge of the remote host failed.
+
+      Please examine the log file for a detailed cause of failure.
+

data/lib/chef_core/actions.rb

@@ -0,0 +1,6 @@
+require "chef_core/text"
+
+module ChefCore
+  module Actions
+  end
+end

data/lib/chef_core/actions/base.rb

@@ -0,0 +1,101 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef_core/telemeter"
+require "chef_core/error"
+
+module ChefCore
+  module Actions
+    # Derive new Actions from Action::Base
+    # "target_host" is a TargetHost that the action is being applied to. May be nil
+    #               if the action does not require a target.
+    # "config" is hash containing any options that your command may need
+    #
+    # Implement perform_action to perform whatever action your class is intended to do.
+    # Run time will be captured via telemetry and categorized under ":action" with the
+    # unqualified class name of your Action.
+    class Base
+      attr_reader :target_host, :config
+
+      def initialize(config = {})
+        c = config.dup
+        @target_host = c.delete :target_host
+        # Remaining options are for child classes to make use of.
+        @config = c
+      end
+
+      def run(&block)
+        @notification_handler = block
+        timed_action_capture(self) do
+          begin
+            perform_action
+          rescue StandardError => e
+            # Give the caller a chance to clean up - if an exception is
+            # raised it'll otherwise get routed through the executing thread,
+            # providing no means of feedback for the caller's current task.
+            notify(:error, e)
+            @error = e
+          end
+        end
+        # Raise outside the block to ensure that the telemetry cpature completes
+        raise @error unless @error.nil?
+      end
+
+      def name
+        self.class.name.split("::").last
+      end
+
+      def perform_action
+        raise NotImplemented
+      end
+
+      # TODO bootstrap 2019-02-07  - we'll need to find the right way to keep this in telemeter,
+      # there are a bunch of exposed details here that the caller shouldn't care about.
+      # I've moved it here temporarily to keep things running until we come back to this
+      # for telemetry updates.
+      def timed_action_capture(action, &block)
+        # Note: we do not directly capture hostname for privacy concerns, but
+        # using a sha1 digest will allow us to anonymously see
+        # unique hosts to derive number of hosts affected by a command
+        target = action.target_host
+        target_data = { platform: {}, hostname_sha1: nil, transport_type: nil }
+        if target
+          target_data[:platform][:name] = target.base_os # :windows, :linux, eventually :macos
+          target_data[:platform][:version] = target.version
+          target_data[:platform][:architecture] = target.architecture
+          target_data[:hostname_sha1] = Digest::SHA1.hexdigest(target.hostname.downcase)
+          target_data[:transport_type] = target.transport_type
+        end
+        ChefCore::Telemeter.timed_capture(:action, { action: action.name, target: target_data }, &block)
+      end
+
+      # Invokes the notification handler with notifications of progress or events
+      # that occur while the action his running.
+      # The notification handler is provided as a block to `#run`.
+      #
+      # event - a symbol describing the thing currently being done by your
+      #        action , eg ":download", ":error", ":version_check", etc.
+      # *args - any arguments that should be passed along with this notification to the
+      #         notification handler block.
+      def notify(event, *args)
+        return if @notification_handler.nil?
+        ChefCore::Log.debug("[#{name}] Event: #{event}, Event Data: #{args}")
+        @notification_handler.call(event, args) if @notification_handler
+      end
+    end
+  end
+end

data/lib/chef_core/actions/converge_target.rb

@@ -0,0 +1,203 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "pathname"
+require "tempfile"
+require "chef-config/path_helper"
+require "chef_core/actions/base"
+
+module ChefCore
+  module Actions
+    class ConvergeTarget < Base
+
+      RUN_REPORTER_PATH = File.join(__dir__, "../../../resources/chef_run_reporter.rb").freeze
+
+      def perform_action
+        local_policy_path = config.delete :local_policy_path
+        remote_tmp = target_host.temp_dir()
+        remote_dir_path = target_host.normalize_path(remote_tmp)
+        # Ensure the directory is owned by the connecting user,
+        # otherwise we won't be able to put things into it over scp as that user.
+        remote_policy_path = create_remote_policy(local_policy_path, remote_dir_path)
+        remote_config_path = create_remote_config(remote_dir_path)
+        create_remote_handler(remote_dir_path)
+        upload_trusted_certs(remote_dir_path)
+
+        notify(:running_chef)
+        cmd_str = run_chef_cmd(remote_dir_path,
+                               File.basename(remote_config_path),
+                               File.basename(remote_policy_path))
+        c = target_host.run_command(cmd_str)
+        target_host.del_dir(remote_dir_path)
+        if c.exit_status == 0
+          ChefCore::Log.info(c.stdout)
+          notify(:success)
+        elsif c.exit_status == 35
+          notify(:reboot)
+        else
+          notify(:converge_error)
+          ChefCore::Log.error("Error running command [#{cmd_str}]")
+          ChefCore::Log.error("stdout: #{c.stdout}")
+          ChefCore::Log.error("stderr: #{c.stderr}")
+          handle_ccr_error()
+        end
+      end
+
+      def create_remote_policy(local_policy_path, remote_dir_path)
+        remote_policy_path = File.join(remote_dir_path, File.basename(local_policy_path))
+        notify(:creating_remote_policy)
+        begin
+          target_host.upload_file(local_policy_path, remote_policy_path)
+        rescue RuntimeError => e
+          ChefCore::Log.error(e)
+          raise PolicyUploadFailed.new()
+        end
+        remote_policy_path
+      end
+
+      def create_remote_config(dir)
+        remote_config_path = File.join(dir, "workstation.rb")
+
+        workstation_rb = <<~EOM
+          local_mode true
+          color false
+          cache_path "#{target_host.ws_cache_path}"
+          chef_repo_path "#{target_host.ws_cache_path}"
+          require_relative "chef_run_reporter"
+          reporter = ChefCore::ChefRunReporter.new
+          report_handlers << reporter
+          exception_handlers << reporter
+        EOM
+
+        # add the target host's log level value
+        # (we don't set a location because we want output to
+        #   go in stdout for reporting back to chef-apply)
+        if !config[:target_log_level].nil?
+          workstation_rb << <<~EOM
+            log_level :#{config[:target_log_level]}
+          EOM
+        end
+
+        # Maybe add data collector endpoint.
+        if !config[:data_collector_url].nil? && !config[:data_collector_token].nil?
+          workstation_rb << <<~EOM
+            data_collector.server_url "#{config[:data_collector_url]}"
+            data_collector.token "#{config[:data_collector_token]}"
+            data_collector.mode :solo
+            data_collector.organization "Chef Workstation"
+          EOM
+        end
+
+        begin
+          config_file = Tempfile.new
+          config_file.write(workstation_rb)
+          config_file.close
+          target_host.upload_file(config_file.path, remote_config_path)
+        rescue RuntimeError
+          raise ConfigUploadFailed.new()
+        ensure
+          config_file.unlink
+        end
+        remote_config_path
+      end
+
+      def create_remote_handler(remote_dir)
+        remote_handler_path = File.join(remote_dir, "chef_run_reporter.rb")
+        target_host.upload_file(RUN_REPORTER_PATH, remote_handler_path)
+        remote_handler_path
+      rescue RuntimeError
+        raise HandlerUploadFailed.new()
+      end
+
+      def upload_trusted_certs(dir)
+        local_tcd = ChefConfig::PathHelper.escape_glob_dir(config[:trusted_certs_dir])
+        certs = Dir.glob(File.join(local_tcd, "*.{crt,pem}"))
+        return if certs.empty?
+
+        notify(:uploading_trusted_certs)
+        remote_tcd = "#{dir}/trusted_certs"
+        target_host.make_directory(remote_tcd)
+        certs.each do |cert_file|
+          target_host.upload_file(cert_file, "#{remote_tcd}/#{File.basename(cert_file)}")
+        end
+      end
+
+      def chef_report_path
+        @chef_report_path ||= target_host.normalize_path(File.join(target_host.ws_cache_path, "cache", "run-report.json"))
+      end
+
+      def handle_ccr_error
+        require "chef_core/actions/converge_target/ccr_failure_mapper"
+        mapper_opts = {}
+        content = target_host.fetch_file_contents(chef_report_path)
+        if content.nil?
+          report = {}
+          mapper_opts[:failed_report_path] = chef_report_path
+          ChefCore::Log.error("Could not read remote report at #{chef_report_path}")
+        else
+          # We need to delete the stacktrace after copying it over. Otherwise if we get a
+          # remote failure that does not write a chef stacktrace its possible to get an old
+          # stale stacktrace.
+          target_host.del_file(chef_report_path)
+          report = JSON.parse(content)
+          ChefCore::Log.error("Remote chef-client error follows:")
+          ChefCore::Log.error(report["exception"])
+        end
+
+        mapper = ConvergeTarget::CCRFailureMapper.new(report["exception"],
+                                                      mapper_opts)
+        mapper.raise_mapped_exception!
+      end
+
+      # TODO - move into target_host as 'get_ccr_command_string'
+      # Chef will try 'downloading' the policy from the internet unless we pass it a valid, local file
+      # in the working directory. By pointing it at a local file it will just copy it instead of trying
+      # to download it.
+      #
+      # Chef 13 on Linux requires full path specifiers for --config and --recipe-url while on Chef 13 and 14 on
+      # Windows must use relative specifiers to prevent URI from causing an error
+      # (https://github.com/chef/chef/pull/7223/files).
+      def run_chef_cmd(working_dir, config_file, policy)
+        case target_host.base_os
+        when :windows
+          "Set-Location -Path #{working_dir}; " +
+            # We must 'wait' for chef-client to finish before changing directories and Out-Null does that
+            "chef-client -z --config #{File.join(working_dir, config_file)} --recipe-url #{File.join(working_dir, policy)} | Out-Null; " +
+            # We have to leave working dir so we don't hold a lock on it, which allows us to delete this tempdir later
+            "Set-Location C:/; " +
+            "exit $LASTEXITCODE"
+        else
+          # cd is shell a builtin, so we'll invoke bash. This also means all commands are executed
+          # with sudo (as long as we are hardcoding our sudo use)
+          "bash -c 'cd #{working_dir}; chef-client -z --config #{File.join(working_dir, config_file)} --recipe-url #{File.join(working_dir, policy)}'"
+        end
+      end
+
+      class ConfigUploadFailed < ChefCore::Error
+        def initialize(); super("CHEFUPL003"); end
+      end
+
+      class HandlerUploadFailed < ChefCore::Error
+        def initialize(); super("CHEFUPL004"); end
+      end
+
+      class PolicyUploadFailed < ChefCore::Error
+        def initialize(); super("CHEFUPL005"); end
+      end
+    end
+  end
+end

data/lib/chef_core/actions/converge_target/ccr_failure_mapper.rb

@@ -0,0 +1,111 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef_core/error"
+# TODO - this is a workaround that goes with having to specify inheritence in the module declaration
+#        should not be needed, and we need to track down why (here and in action classes)
+require "chef_core/actions/base"
+
+module ChefCore
+  module Actions
+    class ConvergeTarget < Base
+      # This converts chef client run failures
+      # to human-friendly exceptions with detail
+      # and remediation steps based on the failure type.
+      class CCRFailureMapper
+        attr_reader :params
+
+        def initialize(exception, params)
+          @params = params
+          @cause_line = exception
+        end
+
+        def raise_mapped_exception!
+          if @cause_line.nil?
+            raise RemoteChefRunFailedToResolveError.new(params[:failed_report_path])
+          else
+            errid, *args = exception_args_from_cause()
+            if errid.nil?
+              raise RemoteChefClientRunFailedUnknownReason.new()
+            else
+              raise RemoteChefClientRunFailed.new(errid, *args)
+            end
+
+          end
+        end
+
+        # Ideally we will write a custom handler to package up data we care
+        # about and present it more directly  https://docs.chef.io/handlers.html
+        # For now, we'll just match the most common failures based on their
+        # messages.
+        def exception_args_from_cause
+          # Ordering is important below.  Some earlier tests are more detailed
+          # cases of things that will match more general tests further down.
+          case @cause_line
+          when /.*had an error:(.*:)\s+(.*$)/
+            # Some invalid property value cases, among others.
+            ["CHEFCCR002", $2]
+          when /.*Chef::Exceptions::ValidationFailed:\s+Option action must be equal to one of:\s+(.*)!\s+You passed :(.*)\./
+            # Invalid action - specialization of invalid property value, below
+            ["CHEFCCR003", $2, $1]
+          when /.*Chef::Exceptions::ValidationFailed:\s+(.*)/
+            # Invalid resource property value
+            ["CHEFCCR004", $1]
+          when /.*NameError: undefined local variable or method `(.+)' for cookbook.+/
+            # Invalid resource type in most cases
+            ["CHEFCCR005", $1]
+          when /.*NoMethodError: undefined method `(.+)' for cookbook.+/
+            # Invalid resource type in most cases
+            ["CHEFCCR005", $1]
+          when /.*undefined method `(.*)' for Chef::Resource::(.+)::/
+            # If we can get a resource name show that instead of the class name
+            # TODO - for the best experience, we could instantiate the resource in invoke resource.name
+            ["CHEFCCR006", $1, $2]
+          when /.*undefined method `(.*)' for (.+)/
+            # TODO - we started showing the class name instead of hte resource name.
+            # name, which is confusing -
+            # 'blah' is not a property of 'Chef::Resource::User::LinuxUser'.
+            #
+
+            ["CHEFCCR006", $1, $2]
+
+            # Below would catch the general form of most errors, but the
+            # message itself in those lines is not generally aligned
+            # with the UX we want to provide.
+            # when /.*Exception|Error.*:\s+(.*)/
+          else
+            nil
+          end
+        end
+
+        class RemoteChefClientRunFailed < ChefCore::Error
+          def initialize(id, *args); super(id, *args); end
+        end
+
+        class RemoteChefClientRunFailedUnknownReason < ChefCore::Error
+          def initialize(); super("CHEFCCR099"); end
+        end
+
+        class RemoteChefRunFailedToResolveError < ChefCore::Error
+          def initialize(path); super("CHEFCCR001", path); end
+        end
+
+      end
+
+    end
+  end
+end

data/lib/chef_core/actions/install_chef.rb

@@ -0,0 +1,119 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef_core/actions/base"
+require "chef_core/actions/install_chef/minimum_chef_version"
+require "fileutils"
+
+module ChefCore
+  module Actions
+    class InstallChef < Base
+      def initialize(opts = { check_only: false })
+        super
+      end
+
+      def perform_action
+        if InstallChef::MinimumChefVersion.check!(target_host, config[:check_only]) == :minimum_version_met
+          notify(:already_installed)
+        else
+          perform_local_install
+        end
+      end
+
+      def upgrading?
+        @upgrading
+      end
+
+      def perform_local_install
+        package = lookup_artifact()
+        notify(:downloading)
+        local_path = download_to_workstation(package.url)
+        notify(:uploading)
+        remote_path = upload_to_target(local_path)
+        notify(:installing)
+        target_host.install_package(remote_path)
+        notify(:install_complete)
+      end
+
+      def perform_remote_install
+        # TODO BOOTSTRAP - we'll need to implement this for both platforms
+        # require "mixlib/install"
+        # installer = Mixlib::Install.new({
+        #   platform: "windows",/etc -
+        #   product_name: "chef",
+        #   channel: :stable,
+        #   shell_type: :ps1,
+        #   version: "13",
+        # })
+        # target_host.run_command! installer.install_command
+        raise NotImplementedError
+      end
+
+      def lookup_artifact
+        return @artifact_info if @artifact_info
+        require "mixlib/install"
+        c = train_to_mixlib(target_host.platform)
+        Mixlib::Install.new(c).artifact_info
+      end
+
+      def version_to_install
+        lookup_artifact.version
+      end
+
+      def train_to_mixlib(platform)
+        opts = {
+          platform_version: platform.release,
+          platform: platform.name,
+          architecture: platform.arch,
+          product_name: "chef",
+          product_version: :latest,
+          channel: :stable,
+          platform_version_compatibility_mode: true,
+        }
+        case platform.name
+        when /windows/
+          opts[:platform] = "windows"
+        when "redhat", "centos"
+          opts[:platform] = "el"
+        when "suse"
+          opts[:platform] = "sles"
+        when "amazon"
+          opts[:platform] = "el"
+          if platform.release.to_i > 2010 # legacy Amazon version 1
+            opts[:platform_version] = "6"
+          else
+            opts[:platform_version] = "7"
+          end
+        end
+        opts
+      end
+
+      def download_to_workstation(url_path)
+        require "chef_core/file_fetcher"
+        ChefCore::FileFetcher.fetch(config[:cache_path],
+                                     url_path)
+      end
+
+      def upload_to_target(local_path)
+        installer_dir = target_host.temp_dir()
+        remote_path = File.join(installer_dir, File.basename(local_path))
+        target_host.upload_file(local_path, remote_path)
+        remote_path
+      end
+    end
+  end
+end

data/lib/chef_core/actions/install_chef/minimum_chef_version.rb

@@ -0,0 +1,85 @@
+#
+# Copyright:: Copyright (c) 2017 Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "chef_core/error"
+require "chef_core/actions/install_chef/minimum_chef_version"
+
+module ChefCore
+  module Actions
+    # TODO shouldn't be redeclaring Base here
+    class InstallChef < Base
+      class MinimumChefVersion
+
+        CONSTRAINTS = {
+          windows: {
+            13 => Gem::Version.new("13.10.4"),
+            14 => Gem::Version.new("14.4.22"),
+          },
+          linux: {
+            13 => Gem::Version.new("13.10.4"),
+            14 => Gem::Version.new("14.1.1"),
+          },
+        }.freeze
+
+        def self.check!(target, check_only)
+          begin
+            installed_version = target.installed_chef_version
+          rescue ChefCore::TargetHost::ChefNotInstalled
+            if check_only
+              raise ClientNotInstalled.new()
+            end
+            return :client_not_installed
+          end
+
+          os_constraints = CONSTRAINTS[target.base_os]
+          min_14_version = os_constraints[14]
+          min_13_version = os_constraints[13]
+
+          case
+          when installed_version >= Gem::Version.new("14.0.0") && installed_version < min_14_version
+            raise Client14Outdated.new(installed_version, min_14_version)
+          when installed_version >= Gem::Version.new("13.0.0") && installed_version < min_13_version
+            raise Client13Outdated.new(installed_version, min_13_version, min_14_version)
+          when installed_version < Gem::Version.new("13.0.0")
+            # If they have Chef < 13.0.0 installed we want to show them the easiest upgrade path -
+            # Chef 13 first and then Chef 14 since most customers cannot make the leap directly
+            # to 14.
+            raise Client13Outdated.new(installed_version, min_13_version, min_14_version)
+          end
+
+          :minimum_version_met
+        end
+
+        class ClientNotInstalled < ChefCore::Error
+          def initialize(); super("CHEFINS002"); end
+        end
+
+        class Client13Outdated < ChefCore::Error
+          def initialize(current_version, min_13_version, min_14_version)
+            super("CHEFINS003", current_version, min_13_version, min_14_version)
+          end
+        end
+
+        class Client14Outdated < ChefCore::Error
+          def initialize(current_version, target_version)
+            super("CHEFINS004", current_version, target_version)
+          end
+        end
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,93 @@
+--- !ruby/object:Gem::Specification
+name: chef-core-actions
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Chef Software, Inc
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-04-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mixlib-log
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: chef-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: chef-config
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Common functionality for Chef ruby components
+email:
+- workstation@chef.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- i18n/errors/en.yml
+- lib/chef_core/actions.rb
+- lib/chef_core/actions/base.rb
+- lib/chef_core/actions/converge_target.rb
+- lib/chef_core/actions/converge_target/ccr_failure_mapper.rb
+- lib/chef_core/actions/install_chef.rb
+- lib/chef_core/actions/install_chef/minimum_chef_version.rb
+homepage: https://github.com/chef/chef_core
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Common functionality for Chef ruby components
+test_files: []