chef 10.34.6 → 11.0.0.beta.0

data/lib/chef/resources.rb

@@ -50,6 +50,7 @@ require 'chef/resource/pacman_package'
 require 'chef/resource/perl'
 require 'chef/resource/portage_package'
 require 'chef/resource/python'
+require 'chef/resource/registry_key'
 require 'chef/resource/remote_directory'
 require 'chef/resource/remote_file'
 require 'chef/resource/rpm_package'
@@ -64,5 +65,5 @@ require 'chef/resource/smartos_package'
 require 'chef/resource/template'
 require 'chef/resource/timestamped_deploy'
 require 'chef/resource/user'
-require 'chef/resource/whyrun_safe_ruby_block'
 require 'chef/resource/yum_package'
+require 'chef/resource/lwrp_base'

data/lib/chef/rest.rb

@@ -30,7 +30,8 @@ require 'chef/rest/rest_request'
 require 'chef/monkey_patches/string'
 require 'chef/monkey_patches/net_http'
 require 'chef/config'
-
+require 'chef/exceptions'
+require 'chef/platform'
 
 
 class Chef
@@ -61,7 +62,9 @@ class Chef
       @url = url
       @cookies = CookieJar.instance
       @default_headers = options[:headers] || {}
-      @auth_credentials = AuthCredentials.new(client_name, signing_key_filename)
+      @signing_key_filename = signing_key_filename
+      @key = load_signing_key(@signing_key_filename, options[:raw_key])
+      @auth_credentials = AuthCredentials.new(client_name, @key)
       @sign_on_redirect, @sign_request = true, true
       @redirects_followed = 0
       @redirect_limit = 10
@@ -70,7 +73,7 @@ class Chef
     end
 
     def signing_key_filename
-      @auth_credentials.key_file
+      @signing_key_filename
     end
 
     def client_name
@@ -78,51 +81,7 @@ class Chef
     end
 
     def signing_key
-      @auth_credentials.raw_key
-    end
-
-    # Register the client
-    #--
-    # Requires you to load chef/api_client beforehand. explicit require is removed since
-    # most users of this class have no need for chef/api_client. This functionality
-    # should be moved anyway...
-    def register(name=Chef::Config[:node_name], destination=Chef::Config[:client_key])
-      if (File.exists?(destination) &&  !File.writable?(destination))
-        raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination} - check permissions?"
-      end
-      nc = Chef::ApiClient.new
-      nc.name(name)
-
-      catch(:done) do
-        retries = config[:client_registration_retries] || 5
-        0.upto(retries) do |n|
-          begin
-            response = nc.save(true, true)
-            Chef::Log.debug("Registration response: #{response.inspect}")
-            private_key = if response.respond_to?(:[])
-              response["private_key"]
-            else
-              response.private_key
-            end
-            unless private_key
-              raise Chef::Exceptions::CannotWritePrivateKey, "The response from the server did not include a private key!"
-            end
-            # Write out the private key
-            ::File.open(destination, "w") {|f|
-              f.chmod(0600)
-              f.print(private_key)
-            }
-            throw :done
-          rescue IOError
-            raise Chef::Exceptions::CannotWritePrivateKey, "I cannot write your private key to #{destination}"
-          rescue Net::HTTPFatalError => e
-            Chef::Log.warn("Failed attempt #{n} of #{retries+1} on client creation")
-            raise unless e.response.code == "500"
-          end
-        end
-      end
-
-      true
+      @raw_key
     end
 
     # Send an HTTP GET request to the path
@@ -133,7 +92,7 @@ class Chef
     # path:: The path to GET
     # raw:: Whether you want the raw body returned, or JSON inflated.  Defaults
     #   to JSON inflated.
-    def get_rest(path, raw=false, headers={})
+    def get(path, raw=false, headers={})
       if raw
         streaming_request(create_url(path), headers)
       else
@@ -141,21 +100,33 @@ class Chef
       end
     end
 
+    def head(path, headers={})
+      api_request(:HEAD, create_url(path), headers)
+    end
+
+    alias :get_rest :get
+
     # Send an HTTP DELETE request to the path
-    def delete_rest(path, headers={})
+    def delete(path, headers={})
       api_request(:DELETE, create_url(path), headers)
     end
 
+    alias :delete_rest :delete
+
     # Send an HTTP POST request to the path
-    def post_rest(path, json, headers={})
+    def post(path, json, headers={})
       api_request(:POST, create_url(path), headers, json)
     end
 
+    alias :post_rest :post
+
     # Send an HTTP PUT request to the path
-    def put_rest(path, json, headers={})
+    def put(path, json, headers={})
       api_request(:PUT, create_url(path), headers, json)
     end
 
+    alias :put_rest :put
+
     # Streams a download to a tempfile, then yields the tempfile to a block.
     # After the download, the tempfile will be closed and unlinked.
     # If you rename the tempfile, it will not be deleted.
@@ -177,69 +148,6 @@ class Chef
       auth_credentials.sign_requests? && @sign_request
     end
 
-    # ==== DEPRECATED
-    # Use +api_request+ instead
-    #--
-    # Actually run an HTTP request.  First argument is the HTTP method,
-    # which should be one of :GET, :PUT, :POST or :DELETE.  Next is the
-    # URL, then an object to include in the body (which will be converted with
-    # .to_json). The limit argument is unused, it is present for backwards
-    # compatibility. Configure the redirect limit with #redirect_limit=
-    # instead.
-    #
-    # Typically, you won't use this method -- instead, you'll use one of
-    # the helper methods (get_rest, post_rest, etc.)
-    #
-    # Will return the body of the response on success.
-    def run_request(method, url, headers={}, data=false, limit=nil, raw=false)
-      json_body = data ? Chef::JSONCompat.to_json(data) : nil
-      # Force encoding to binary to fix SSL related EOFErrors
-      # cf. http://tickets.opscode.com/browse/CHEF-2363
-      # http://redmine.ruby-lang.org/issues/5233
-      json_body.force_encoding(Encoding::BINARY) if json_body.respond_to?(:force_encoding)
-      headers = build_headers(method, url, headers, json_body, raw)
-
-      tf, response_body = nil, nil
-
-      retriable_rest_request(method, url, json_body, headers) do |rest_request|
-
-        res = rest_request.call do |response|
-          if raw
-            tf = stream_to_tempfile(url, response)
-          else
-            response_body = decompress_body(response)
-          end
-        end
-
-        case res
-        when Net::HTTPSuccess
-          if res['content-type'] =~ /json/
-            Chef::JSONCompat.from_json(response_body)
-          else
-            if method == :HEAD
-              true
-            elsif raw
-              tf
-            else
-              response_body
-            end
-          end
-        when Net::HTTPNotModified # Must be tested before Net::HTTPRedirection because it's subclass.
-          false
-        when Net::HTTPRedirection
-          follow_redirect {run_request(method, create_url(res['location']), headers, false, nil, raw)}
-        else
-          if res['content-type'] =~ /json/
-            exception = Chef::JSONCompat.from_json(response_body)
-            msg = "HTTP Request Returned #{res.code} #{res.message}: "
-            msg << (exception["error"].respond_to?(:join) ? exception["error"].join(", ") : exception["error"].to_s)
-            Chef::Log.warn(msg)
-          end
-          res.error!
-        end
-      end
-    end
-
     # Runs an HTTP request to a JSON API with JSON body. File Download not supported.
     def api_request(method, url, headers={}, data=false)
       json_body = data ? Chef::JSONCompat.to_json(data) : nil
@@ -267,26 +175,20 @@ class Chef
 
           response_body = decompress_body(response)
 
-          # 204 is successful, Net::HTTP returns nil response body.
-          # Don't attempt to parse it.
-          if response.kind_of?(Net::HTTPNoContent)
-            response_body
-          elsif response.kind_of?(Net::HTTPSuccess)
+          if response.kind_of?(Net::HTTPSuccess)
             if response['content-type'] =~ /json/
               Chef::JSONCompat.from_json(response_body.chomp)
             else
               Chef::Log.warn("Expected JSON response, but got content-type '#{response['content-type']}'")
-              response_body
+              response_body.to_s
             end
+          elsif response.kind_of?(Net::HTTPNotModified) # Must be tested before Net::HTTPRedirection because it's subclass.
+            false
           elsif redirect_location = redirected_to(response)
-            if [:GET, :HEAD].include?(method)
-              follow_redirect {api_request(method, create_url(redirect_location), headers)}
-            else
-              raise Exceptions::InvalidRedirect, "#{method} request was redirected from #{url} to #{redirect_location}. Only GET and HEAD support redirects."
-            end
+            follow_redirect {api_request(:GET, create_url(redirect_location))}
           else
             # have to decompress the body before making an exception for it. But the body could be nil.
-            response.body.replace(decompress_body(response)) if response.body.respond_to?(:replace)
+            response.body.replace(response_body) if response.body.respond_to?(:replace)
 
             if response['content-type'] =~ /json/
               exception = Chef::JSONCompat.from_json(response_body)
@@ -306,7 +208,7 @@ class Chef
     end
 
     def decompress_body(response)
-      if gzip_disabled?
+      if gzip_disabled? || response.body.nil?
         response.body
       else
         case response[CONTENT_ENCODING]
@@ -340,7 +242,7 @@ class Chef
                 tempfile = stream_to_tempfile(url, r, &block)
                 yield tempfile
               ensure
-                tempfile && tempfile.close!
+                tempfile.close!
               end
             else
               tempfile = stream_to_tempfile(url, r)
@@ -449,10 +351,9 @@ class Chef
 
     def build_headers(method, url, headers={}, json_body=false, raw=false)
       headers                 = @default_headers.merge(headers)
-      headers['Host']         = "#{url.host}:#{url.port}"
       #headers['Accept']       = "application/json" unless raw
       headers['Accept']       = "application/json" unless raw
-      headers["Content-Type"] = 'application/json' if json_body && !headers.keys.map(&:downcase).include?("content-type")
+      headers["Content-Type"] = 'application/json' if json_body
       headers['Content-Length'] = json_body.bytesize.to_s if json_body
       headers[RESTRequest::ACCEPT_ENCODING] = RESTRequest::ENCODING_GZIP_DEFLATE unless gzip_disabled?
       headers.merge!(authentication_headers(method, url, json_body)) if sign_requests?
@@ -515,5 +416,23 @@ class Chef
       end
     end
 
+    def load_signing_key(key_file, raw_key = nil)
+      if (!!key_file)
+        @raw_key = IO.read(key_file).strip
+      elsif (!!raw_key)
+        @raw_key = raw_key.strip
+      else
+        return nil
+      end
+      @key = OpenSSL::PKey::RSA.new(@raw_key)
+    rescue SystemCallError, IOError => e
+      Chef::Log.warn "Failed to read the private key #{key_file}: #{e.inspect}"
+      raise Chef::Exceptions::PrivateKeyMissing, "I cannot read #{key_file}, which you told me to use to sign requests!"
+    rescue OpenSSL::PKey::RSAError
+      msg = "The file #{key_file} or :raw_key option does not contain a correctly formatted private key.\n"
+      msg << "The key file should begin with '-----BEGIN RSA PRIVATE KEY-----' and end with '-----END RSA PRIVATE KEY-----'"
+      raise Chef::Exceptions::InvalidPrivateKey, msg
+    end
+
   end
 end

data/lib/chef/rest/auth_credentials.rb

@@ -20,22 +20,20 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-require 'chef/exceptions'
 require 'chef/log'
 require 'mixlib/authentication/signedheaderauth'
 
 class Chef
   class REST
     class AuthCredentials
-      attr_reader :key_file, :client_name, :key, :raw_key
+      attr_reader :client_name, :key
 
-      def initialize(client_name=nil, key_file=nil)
-        @client_name, @key_file = client_name, key_file
-        load_signing_key if sign_requests?
+      def initialize(client_name=nil, key=nil)
+        @client_name, @key = client_name, key
       end
 
       def sign_requests?
-        !!key_file
+        !!key
       end
 
       def signature_headers(request_params={})
@@ -54,20 +52,6 @@ class Chef
         signed.inject({}){|memo, kv| memo["#{kv[0].to_s.upcase}"] = kv[1];memo}
       end
 
-      private
-
-      def load_signing_key
-        @raw_key = IO.read(key_file).strip
-        @key = OpenSSL::PKey::RSA.new(@raw_key)
-      rescue SystemCallError, IOError => e
-        Chef::Log.warn "Failed to read the private key #{key_file}: #{e.inspect}"
-        raise Chef::Exceptions::PrivateKeyMissing, "I cannot read #{key_file}, which you told me to use to sign requests!"
-      rescue OpenSSL::PKey::RSAError
-        msg = "The file #{key_file} does not contain a correctly formatted private key.\n"
-        msg << "The key file should begin with '-----BEGIN RSA PRIVATE KEY-----' and end with '-----END RSA PRIVATE KEY-----'"
-        raise Chef::Exceptions::InvalidPrivateKey, msg
-      end
-
     end
   end
 end

data/lib/chef/rest/rest_request.rb

@@ -82,10 +82,6 @@ class Chef
         @url.host
       end
 
-      def hostname
-        @url.hostname
-      end
-
       def port
         @url.port
       end
@@ -159,12 +155,12 @@ class Chef
       def configure_http_client
         http_proxy = proxy_uri
         if http_proxy.nil?
-          @http_client = Net::HTTP.new(hostname, port)
+          @http_client = Net::HTTP.new(host, port)
         else
           Chef::Log.debug("Using #{http_proxy.host}:#{http_proxy.port} for proxy")
           user = Chef::Config["#{url.scheme}_proxy_user"]
           pass = Chef::Config["#{url.scheme}_proxy_pass"]
-          @http_client = Net::HTTP.Proxy(http_proxy.host, http_proxy.port, user, pass).new(hostname, port)
+          @http_client = Net::HTTP.Proxy(http_proxy.host, http_proxy.port, user, pass).new(host, port)
         end
         if url.scheme == HTTPS
           @http_client.use_ssl = true
@@ -200,7 +196,6 @@ class Chef
         end
 
         @http_client.read_timeout = config[:rest_timeout]
-        @http_client.open_timeout = config[:rest_timeout]
       end
 
 

data/lib/chef/role.rb

@@ -21,9 +21,7 @@
 require 'chef/config'
 require 'chef/mixin/params_validate'
 require 'chef/mixin/from_file'
-require 'chef/couchdb'
 require 'chef/run_list'
-require 'chef/index_queue'
 require 'chef/mash'
 require 'chef/json_compat'
 require 'chef/search/query'
@@ -33,51 +31,14 @@ class Chef
 
     include Chef::Mixin::FromFile
     include Chef::Mixin::ParamsValidate
-    include Chef::IndexQueue::Indexable
-
-    DESIGN_DOCUMENT = {
-      "version" => 6,
-      "language" => "javascript",
-      "views" => {
-        "all" => {
-          "map" => <<-EOJS
-          function(doc) {
-            if (doc.chef_type == "role") {
-              emit(doc.name, doc);
-            }
-          }
-          EOJS
-        },
-        "all_id" => {
-          "map" => <<-EOJS
-          function(doc) {
-            if (doc.chef_type == "role") {
-              emit(doc.name, doc.name);
-            }
-          }
-          EOJS
-        }
-      }
-    }
-
-    attr_accessor :couchdb_rev, :couchdb
-    attr_reader :couchdb_id
 
     # Create a new Chef::Role object.
-    def initialize(couchdb=nil)
+    def initialize
       @name = ''
       @description = ''
       @default_attributes = Mash.new
       @override_attributes = Mash.new
       @env_run_lists = {"_default" => Chef::RunList.new}
-      @couchdb_rev = nil
-      @couchdb_id = nil
-      @couchdb = couchdb || Chef::CouchDB.new
-    end
-
-    def couchdb_id=(value)
-      @couchdb_id = value
-      self.index_id = value
     end
 
     def chef_server_rest
@@ -177,7 +138,6 @@ class Chef
           accumulator
         end
       }
-      result["_rev"] = couchdb_rev if couchdb_rev
       result
     end
 
@@ -214,20 +174,9 @@ class Chef
       end
       role.env_run_lists(env_run_list_hash)
 
-      role.couchdb_rev = o["_rev"] if o.has_key?("_rev")
-      role.index_id = role.couchdb_id
-      role.couchdb_id = o["_id"] if o.has_key?("_id")
       role
     end
 
-    # List all the Chef::Role objects in the CouchDB.  If inflate is set to true, you will get
-    # the full list of all Roles, fully inflated.
-    def self.cdb_list(inflate=false, couchdb=nil)
-      rs = (couchdb || Chef::CouchDB.new).list("roles", inflate)
-      lookup = (inflate ? "value" : "key")
-      rs["rows"].collect { |r| r[lookup] }
-    end
-
     # Get the list of all roles from the API.
     def self.list(inflate=false)
       if inflate
@@ -241,24 +190,11 @@ class Chef
       end
     end
 
-    # Load a role by name from CouchDB
-    def self.cdb_load(name, couchdb=nil)
-      (couchdb || Chef::CouchDB.new).load("role", name)
-    end
-
     # Load a role by name from the API
     def self.load(name)
       chef_server_rest.get_rest("roles/#{name}")
     end
 
-    def self.exists?(rolename, couchdb)
-      begin
-        self.cdb_load(rolename, couchdb)
-      rescue Chef::Exceptions::CouchDBNotFound
-        nil
-      end
-    end
-
     def environment(env_name)
       chef_server_rest.get_rest("roles/#{@name}/environments/#{env_name}")
     end
@@ -267,21 +203,11 @@ class Chef
       chef_server_rest.get_rest("roles/#{@name}/environments")
     end
 
-    # Remove this role from the CouchDB
-    def cdb_destroy
-      couchdb.delete("role", @name, couchdb_rev)
-    end
-
     # Remove this role via the REST API
     def destroy
       chef_server_rest.delete_rest("roles/#{@name}")
     end
 
-    # Save this role to the CouchDB
-    def cdb_save
-      self.couchdb_rev = couchdb.store("role", @name, self)["rev"]
-    end
-
     # Save this role via the REST API
     def save
       begin
@@ -299,11 +225,6 @@ class Chef
       self
     end
 
-    # Set up our CouchDB design document
-    def self.create_design_document(couchdb=nil)
-      (couchdb || Chef::CouchDB.new).create_design_document("roles", DESIGN_DOCUMENT)
-    end
-
     # As a string
     def to_s
       "role[#{@name}]"
@@ -328,22 +249,5 @@ class Chef
       end
     end
 
-    # Sync all the json roles with couchdb from disk
-    def self.sync_from_disk_to_couchdb
-      Dir[File.join(Chef::Config[:role_path], "*.json")].each do |role_file|
-        short_name = File.basename(role_file, ".json")
-        Chef::Log.warn("Loading #{short_name}")
-        r = Chef::Role.from_disk(short_name, "json")
-        begin
-          couch_role = Chef::Role.cdb_load(short_name)
-          r.couchdb_rev = couch_role.couchdb_rev
-          Chef::Log.debug("Replacing role #{short_name} with data from #{role_file}")
-        rescue Chef::Exceptions::CouchDBNotFound
-          Chef::Log.debug("Creating role #{short_name} with data from #{role_file}")
-        end
-        r.cdb_save
-      end
-    end
-
   end
 end