chef 0.10.8 → 0.10.10.beta.1

data/lib/chef/mixin/language.rb

@@ -93,6 +93,8 @@ class Chef
         end
       end
 
+
+
       # Given a hash similar to the one we use for Platforms, select a value from the hash.  Supports
       # per platform defaults, along with a single base default. Arrays may be passed as hash keys and
       # will be expanded.
@@ -104,13 +106,13 @@ class Chef
       # value:: Whatever the most specific value of the hash is.
       def value_for_platform(platform_hash)
         PlatformDependentValue.new(platform_hash).value_for_node(node)
-      end
+      end 
 
       # Given a list of platforms, returns true if the current recipe is being run on a node with
       # that platform, false otherwise.
       #
       # === Parameters
-      # args:: A list of platforms
+      # args:: A list of platforms. Each platform can be in string or symbol format.
       #
       # === Returns
       # true:: If the current platform is in the list
@@ -119,12 +121,96 @@ class Chef
         has_platform = false
 
         args.flatten.each do |platform|
-          has_platform = true if platform == node[:platform]
+          has_platform = true if platform.to_s == node[:platform]
         end
 
         has_platform
       end
 
+
+
+     # Implementation class for determining platform family dependent values
+      class PlatformFamilyDependentValue
+
+        # Create a platform family dependent value object.
+        # === Arguments
+        # platform_family_hash (Hash) a map of platform families to values. 
+        # like this:
+        #   {
+        #     :rhel => "value for all EL variants"
+        #     :fedora =>  "value for fedora variants fedora and amazon" ,
+	#     [:fedora, :rhel] => "value for all known redhat variants"
+        #     :debian =>  "value for debian variants including debian, ubuntu, mint" ,
+        #     :default => "the default when nothing else matches"
+        #   }
+        # * platform families can be specified as Symbols or Strings
+        # * multiple platform families can be grouped by using an Array as the key
+        # * values for platform families can be any object, with no restrictions. Some examples: 
+	#   - [:stop, :start]
+	#   - "mysql-devel"
+        #   - { :key => "value" }
+        def initialize(platform_family_hash)
+          @values = {}
+	  @values["default"] = nil
+          platform_family_hash.each { |platform_families, value| set(platform_families, value)}
+        end
+
+        def value_for_node(node)
+	  if node.key?(:platform_family)
+            platform_family = node[:platform_family].to_s
+            if @values.key?(platform_family)
+              @values[platform_family]
+	    else
+              @values["default"]
+            end
+	  else
+            @values["default"]
+	  end
+        end
+
+        private
+
+        def set(platform_family, value)
+          if platform_family.to_s == 'default'
+            @values["default"] = value
+          else
+            Array(platform_family).each { |family| @values[family.to_s] = value }
+            value
+          end
+        end
+      end
+
+
+      # Given a hash mapping platform families to values, select a value from the hash. Supports a single
+      # base default if platform family is not in the map. Arrays may be passed as hash keys and will be 
+      # expanded.  
+      #
+      # === Parameters
+      # platform_family_hash:: A hash in the form { platform_family_name => value } 
+      #
+      # === Returns
+      # value:: Whatever the most specific value of the hash is.
+      def value_for_platform_family(platform_family_hash) 
+        PlatformFamilyDependentValue.new(platform_family_hash).value_for_node(node)
+      end
+      
+      # Given a list of platform families, returns true if the current recipe is being run on a 
+      # node within that platform family, false otherwise. 
+      #
+      # === Parameters
+      # args:: A list of platform families. Each platform family can be in string or symbol format.  
+      #
+      # === Returns
+      # true:: if the current node platform family is in the list. 
+      # false:: if the current node platform family is not in the list. 
+      def platform_family?(*args)
+        has_pf = false
+        args.flatten.each do |platform_family|
+	  has_pf = true if platform_family.to_s == node[:platform_family] 
+        end 
+        has_pf
+      end	
+      
       def search(*args, &block)
         # If you pass a block, or have at least the start argument, do raw result parsing
         #

data/lib/chef/mixin/language_include_recipe.rb

@@ -25,11 +25,17 @@ class Chef
       def include_recipe(*recipe_names)
         result_recipes = Array.new
         recipe_names.flatten.each do |recipe_name|
-          if node.run_state[:seen_recipes].has_key?(recipe_name)
+          if node.run_state[:seen_recipes].has_key?(recipe_name) or node.run_state[:seen_recipes].has_key?(recipe_name + "::default")
             Chef::Log.debug("I am not loading #{recipe_name}, because I have already seen it.")
             next
           end
 
+          result_recipes << load_recipe(recipe_name)
+        end
+        result_recipes
+      end
+
+      def load_recipe(recipe_name)
           Chef::Log.debug("Loading Recipe #{recipe_name} via include_recipe")
           node.run_state[:seen_recipes][recipe_name] = true
 
@@ -37,9 +43,7 @@ class Chef
 
           run_context = self.is_a?(Chef::RunContext) ? self : self.run_context
           cookbook = run_context.cookbook_collection[cookbook_name]
-          result_recipes << cookbook.load_recipe(recipe_short_name, run_context)
-        end
-        result_recipes
+          cookbook.load_recipe(recipe_short_name, run_context)
       end
 
       def require_recipe(*args)

data/lib/chef/mixin/path_sanity.rb

@@ -0,0 +1,67 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class Chef
+  module Mixin
+    module PathSanity
+
+      def enforce_path_sanity(env=ENV)
+        if Chef::Config[:enforce_path_sanity]
+          path_separator = Chef::Platform.windows? ? ';' : ':'
+          existing_paths = env["PATH"].split(path_separator)
+          # ensure the Ruby and Gem bindirs are included
+          # mainly for 'full-stack' Chef installs
+          paths_to_add = []
+          paths_to_add << ruby_bindir unless sane_paths.include?(ruby_bindir)
+          paths_to_add << gem_bindir unless sane_paths.include?(gem_bindir)
+          paths_to_add << sane_paths if sane_paths
+          paths_to_add.flatten!.compact!
+          paths_to_add.each do |sane_path|
+            unless existing_paths.include?(sane_path)
+              env_path = env["PATH"].dup
+              env_path << path_separator unless env["PATH"].empty?
+              env_path << sane_path
+              env["PATH"] = env_path
+            end
+          end
+        end
+      end
+
+      private
+
+      def sane_paths
+        @sane_paths ||= begin
+          if Chef::Platform.windows?
+            %w[]
+          else
+            %w[/usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin]
+          end
+        end
+      end
+
+      def ruby_bindir
+        RbConfig::CONFIG['bindir']
+      end
+
+      def gem_bindir
+        Gem.bindir
+      end
+
+    end
+  end
+end

data/lib/chef/mixin/recipe_definition_dsl_core.rb

@@ -7,9 +7,9 @@
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
-# 
+#
 #     http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -18,6 +18,7 @@
 #
 
 require 'chef/resource'
+require 'chef/resource_platform_map'
 require 'chef/mixin/convert_to_class_name'
 require 'chef/mixin/language'
 
@@ -29,14 +30,14 @@ require 'chef/mixin/language'
 class Chef
   module Mixin
     module RecipeDefinitionDSLCore
-      
+
       include Chef::Mixin::ConvertToClassName
       include Chef::Mixin::Language
-      
+
       def method_missing(method_symbol, *args, &block)
         # If we have a definition that matches, we want to use that instead.  This should
         # let you do some really crazy over-riding of "native" types, if you really want
-        # to. 
+        # to.
         if run_context.definitions.has_key?(method_symbol)
           # This dupes the high level object, but we still need to dup the params
           new_def = run_context.definitions[method_symbol].dup
@@ -50,15 +51,18 @@ class Chef
           new_recipe.instance_eval(&new_def.recipe)
         else
           # Otherwise, we're rocking the regular resource call route.
-          method_name = method_symbol.to_s
-          rname = convert_to_class_name(method_name)
 
-          super unless Chef::Resource.const_defined?(rname)
-          raise ArgumentError, "You must supply a name when declaring a #{method_name} resource" unless args.size > 0
+          # Checks the new platform => short_name => resource mapping initially
+          # then fall back to the older approach (Chef::Resource.const_get) for
+          # backward compatibility
+          resource_class = Chef::Resource.resource_for_node(method_symbol, run_context.node)
+
+          super unless resource_class
+          raise ArgumentError, "You must supply a name when declaring a #{method_symbol} resource" unless args.size > 0
 
           # If we have a resource like this one, we want to steal its state
           args << run_context
-          resource = Chef::Resource.const_get(rname).new(*args)
+          resource = resource_class.new(*args)
           resource.load_prior_resource
           resource.cookbook_name = cookbook_name
           resource.recipe_name = @recipe_name
@@ -66,13 +70,17 @@ class Chef
           resource.source_line = caller[0]
           # Determine whether this resource is being created in the context of an enclosing Provider
           resource.enclosing_provider = self.is_a?(Chef::Provider) ? self : nil
+          # Evaluate resource attribute DSL
           resource.instance_eval(&block) if block
 
+          # Run optional resource hook
+          resource.after_created
+
           run_context.resource_collection.insert(resource)
           resource
         end
       end
-      
+
     end
   end
 end

data/lib/chef/mixin/securable.rb

@@ -0,0 +1,152 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Copyright:: Copyright (c) 2011 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+class Chef
+  module Mixin
+    module Securable
+
+      def owner(arg=nil)
+        set_or_return(
+          :owner,
+          arg,
+          :regex => Chef::Config[:user_valid_regex]
+        )
+      end
+
+      alias :user :owner
+
+      def group(arg=nil)
+        set_or_return(
+          :group,
+          arg,
+          :regex => Chef::Config[:group_valid_regex]
+        )
+      end
+
+      def mode(arg=nil)
+        set_or_return(
+          :mode,
+          arg,
+          :callbacks => {
+            "not in valid numeric range" => lambda { |m|
+              if m.kind_of?(String)
+                m =~ /^0/ || m="0#{m}"
+              end
+
+              # Windows does not support the sticky or setuid bits
+              if Chef::Platform.windows?
+                Integer(m)<=0777 && Integer(m)>=0
+              else
+                Integer(m)<=07777 && Integer(m)>=0
+              end
+            },
+          }
+        )
+      end
+
+      # TODO should this be separated into different files?
+      if RUBY_PLATFORM =~ /mswin|mingw|windows/
+
+        # supports params like this:
+        #
+        #   rights :read, ["Administrators","Everyone"]
+        #   rights :deny, "Pinky"
+        #   rights :full_control, "Users", :applies_to_children => true
+        #   rights :write, "John Keiser", :applies_to_children => :containers_only, :applies_to_self => false, :one_level_deep => true
+        #
+        # should also also allow multiple right declarations
+        # in a single resource block as the data will be merged
+        # into a single internal hash
+        #
+        # This method 'creates' rights attributes..this allows us to have
+        # multiple instances of the attribute with separate runtime states.
+        # See +Chef::Resource::RemoteDirectory+ for example usage (rights and files_rights)
+        def self.rights_attribute(name)
+          define_method(name) do |*args|
+            # Ruby 1.8 compat: default the arguments
+            permissions = args.length >= 1 ? args[0] : nil
+            principals = args.length >= 2 ? args[1] : nil
+            args_hash = args.length >= 3 ? args[2] : nil
+            raise ArgumentError.new("wrong number of arguments (#{args.length} for 3)") if args.length >= 4
+
+            rights = self.instance_variable_get("@#{name.to_s}".to_sym)
+            unless permissions == nil
+              input = {
+                :permissions => permissions,
+                :principals => principals
+              }
+              input.merge!(args_hash) if args_hash != nil
+
+              validations = {:permissions => { :required => true },
+                             :principals => { :required => true, :kind_of => [String, Array] },
+                             :applies_to_children => { :equal_to => [ true, false, :containers_only, :objects_only ]},
+                             :applies_to_self => { :kind_of => [ TrueClass, FalseClass ] },
+                             :one_level_deep => { :kind_of => [ TrueClass, FalseClass ] }
+                            }
+              validate(input, validations)
+
+              [ permissions ].flatten.each do |permission|
+                if permission.is_a?(Integer)
+                  if permission < 0 || permission > 1<<32
+                    raise ArgumentError, "permissions flags must be positive and <= 32 bits (#{permission})"
+                  end
+                elsif !([:full_control, :modify, :read_execute, :read, :write].include?(permission.to_sym))
+                  raise ArgumentError, "permissions parameter must be :full_control, :modify, :read_execute, :read, :write or an integer representing Windows permission flags"
+                end
+              end
+
+              [ principals ].flatten.each do |principal|
+                if !principal.is_a?(String)
+                  raise ArgumentError, "principals parameter must be a string or array of strings representing usernames"
+                end
+              end
+
+              if input[:applies_to_children] == false
+                if input[:applies_to_self] == false
+                  raise ArgumentError, "'rights' attribute must specify either :applies_to_children or :applies_to_self."
+                end
+                if input[:one_level_deep] == true
+                  raise ArgumentError, "'rights' attribute specified :one_level_deep without specifying :applies_to_children."
+                end
+              end
+              rights ||= []
+              rights << input
+            end
+            set_or_return(
+              name,
+              rights,
+              {}
+            )
+          end
+        end
+
+        # create a default 'rights' attribute
+        rights_attribute(:rights)
+        rights_attribute(:deny_rights)
+
+        def inherits(arg=nil)
+          set_or_return(
+            :inherits,
+            arg,
+            :kind_of => [ TrueClass, FalseClass ]
+          )
+        end
+      end
+    end
+  end
+end