chef 13.6.4 → 13.7.16

data/lib/chef/knife/configure.rb

@@ -17,6 +17,7 @@
 #
 
 require "chef/knife"
+require "chef/util/path_helper"
 
 class Chef
   class Knife
@@ -67,24 +68,22 @@ class Chef
       end
 
       def run
-        ask_user_for_config_path
-
         FileUtils.mkdir_p(chef_config_path)
+        config_file = File.join(chef_config_path, "credentials")
 
         ask_user_for_config
 
-        ::File.open(config[:config_file], "w") do |f|
+        config_file = File.expand_path(config_file)
+        if File.exist?(config_file)
+          confirm("Overwrite #{config_file}?")
+        end
+        ::File.open(config_file, "w") do |f|
           f.puts <<-EOH
-node_name                '#{new_client_name}'
-client_key               '#{new_client_key}'
-validation_client_name   '#{validation_client_name}'
-validation_key           '#{validation_key}'
-chef_server_url          '#{chef_server}'
-syntax_check_cache_path  '#{File.join(chef_config_path, "syntax_check_cache")}'
+[default]
+client_name     = '#{new_client_name}'
+client_key      = '#{new_client_key}'
+chef_server_url = '#{chef_server}'
 EOH
-          unless chef_repo.empty?
-            f.puts "cookbook_path [ '#{chef_repo}/cookbooks' ]"
-          end
         end
 
         if config[:initial]
@@ -109,26 +108,11 @@ EOH
           ui.msg("Before running commands with Knife")
           ui.msg("")
           ui.msg("*****")
-          ui.msg("")
-          ui.msg("You must place your validation key in:")
-          ui.msg("  #{validation_key}")
-          ui.msg("Before generating instance data with Knife")
-          ui.msg("")
-          ui.msg("*****")
         end
 
         ui.msg("Configuration file written to #{config[:config_file]}")
       end
 
-      def ask_user_for_config_path
-        config[:config_file] ||= ask_question("Where should I put the config file? ", :default => "#{Chef::Config[:user_home]}/.chef/knife.rb")
-        # have to use expand path to expand the tilde character to the user's home
-        config[:config_file] = File.expand_path(config[:config_file])
-        if File.exists?(config[:config_file])
-          confirm("Overwrite #{config[:config_file]}")
-        end
-      end
-
       def ask_user_for_config
         server_name = guess_servername
         @chef_server = config[:chef_server_url] || ask_question("Please enter the chef server URL: ", :default => "https://#{server_name}/organizations/myorg")
@@ -140,10 +124,6 @@ EOH
         else
           @new_client_name        = config[:node_name] || ask_question("Please enter an existing username or clientname for the API: ", :default => Etc.getlogin)
         end
-        @validation_client_name = config[:validation_client_name] || ask_question("Please enter the validation clientname: ", :default => "chef-validator")
-        @validation_key         = config[:validation_key] || ask_question("Please enter the location of the validation key: ", :default => "/etc/chef-server/chef-validator.pem")
-        @validation_key         = File.expand_path(@validation_key)
-        @chef_repo              = config[:repository] || ask_question("Please enter the path to a chef repository (or leave blank): ")
 
         @new_client_key = config[:client_key] || File.join(chef_config_path, "#{@new_client_name}.pem")
         @new_client_key = File.expand_path(@new_client_key)
@@ -157,12 +137,8 @@ EOH
         o[:fqdn] || o[:machinename] || o[:hostname] || "localhost"
       end
 
-      def config_file
-        config[:config_file]
-      end
-
       def chef_config_path
-        File.dirname(config_file)
+        Chef::Util::PathHelper.home(".chef")
       end
     end
   end

data/lib/chef/knife/cookbook_upload.rb

@@ -146,12 +146,12 @@ class Chef
           end
 
           if upload_failures == 0
-            ui.info "Uploaded #{upload_ok} cookbook#{upload_ok > 1 ? "s" : ""}."
+            ui.info "Uploaded #{upload_ok} cookbook#{upload_ok == 1 ? "" : "s"}."
           elsif upload_failures > 0 && upload_ok > 0
-            ui.warn "Uploaded #{upload_ok} cookbook#{upload_ok > 1 ? "s" : ""} ok but #{upload_failures} " +
-              "cookbook#{upload_failures > 1 ? "s" : ""} upload failed."
+            ui.warn "Uploaded #{upload_ok} cookbook#{upload_ok == 1 ? "" : "s"} ok but #{upload_failures} " +
+              "cookbook#{upload_failures == 1 ? "" : "s"} upload failed."
           elsif upload_failures > 0 && upload_ok == 0
-            ui.error "Failed to upload #{upload_failures} cookbook#{upload_failures > 1 ? "s" : ""}."
+            ui.error "Failed to upload #{upload_failures} cookbook#{upload_failures == 1 ? "" : "s"}."
             exit 1
           end
         end

data/lib/chef/knife/core/bootstrap_context.rb

@@ -255,7 +255,7 @@ validation_client_name "#{@chef_config[:validation_client_name]}"
                   content << "mkdir #{file_on_node}\n"
                 else
                   content << "cat > #{file_on_node} <<'EOP'\n" +
-                    f.read + "\nEOP\n"
+                    f.read.gsub("'", "'\\\\''") + "\nEOP\n"
                 end
               end
             end

data/lib/chef/knife/core/status_presenter.rb

@@ -101,9 +101,10 @@ class Chef
             fqdn = (node[:ec2] && node[:ec2][:public_hostname]) || node[:fqdn]
             name = node["name"] || node.name
 
-            hours, minutes, = time_difference_in_hms(node["ohai_time"])
+            hours, minutes, seconds = time_difference_in_hms(node["ohai_time"])
             hours_text   = "#{hours} hour#{hours == 1 ? ' ' : 's'}"
             minutes_text = "#{minutes} minute#{minutes == 1 ? ' ' : 's'}"
+            seconds_text = "#{seconds} second#{seconds == 1 ? ' ' : 's'}"
             run_list = "#{node['run_list']}" if config[:run_list]
             if hours > 24
               color = :red
@@ -111,9 +112,12 @@ class Chef
             elsif hours >= 1
               color = :yellow
               text = hours_text
-            else
+            elsif minutes >= 1
               color = :green
               text = minutes_text
+            else
+              color = :green
+              text = seconds_text
             end
 
             line_parts = Array.new

data/lib/chef/knife/core/ui.rb

@@ -172,7 +172,7 @@ class Chef
             tf.sync = true
             tf.puts output
             tf.close
-            raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_using.html for details." unless system("#{config[:editor]} #{tf.path}")
+            raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup.html for details." unless system("#{config[:editor]} #{tf.path}")
 
             output = IO.read(tf.path)
           end

data/lib/chef/knife/data_bag_secret_options.rb

@@ -95,7 +95,7 @@ class Chef
 
       ##
       # Determine if the user has specified an appropriate secret for encrypting data bag items.
-      # @returns boolean
+      # @return boolean
       def base_encryption_secret_provided?(need_encrypt_flag = true)
         validate_secrets
 

data/lib/chef/knife/data_bag_show.rb

@@ -51,7 +51,7 @@ class Chef
                       ui.warn("Encrypted data bag detected, but no secret provided for decoding. Displaying encrypted data.")
                       format_for_display(raw_data)
                     else
-                      ui.warn("Unencrypted data bag detected, ignoring any provided secret options.")
+                      ui.warn("Unencrypted data bag detected, ignoring any provided secret options.") if secret
                       format_for_display(raw_data)
                     end
 

data/lib/chef/knife/edit.rb

@@ -58,7 +58,7 @@ class Chef
 
             # Let the user edit the temporary file
             if !system("#{config[:editor]} #{file.path}")
-              raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_using.html for details."
+              raise "Please set EDITOR environment variable. See https://docs.chef.io/knife_setup.html for details."
             end
 
             result_text = IO.read(file.path)

data/lib/chef/knife/ssh.rb

@@ -46,11 +46,10 @@ class Chef
         :default => nil,
         :proc => lambda { |o| o.to_i }
 
-      option :attribute,
+      option :ssh_attribute,
         :short => "-a ATTR",
         :long => "--attribute ATTR",
-        :description => "The attribute to use for opening the connection - default depends on the context",
-        :proc => Proc.new { |key| Chef::Config[:knife][:ssh_attribute] = key.strip }
+        :description => "The attribute to use for opening the connection - default depends on the context"
 
       option :manual,
         :short => "-m",
@@ -59,6 +58,10 @@ class Chef
         :description => "QUERY is a space separated list of servers",
         :default => false
 
+      option :prefix_attribute,
+        :long => "--prefix-attribute ATTR",
+        :description => "The attribute to use for prefixing the ouput - default depends on the context"
+
       option :ssh_user,
         :short => "-x USERNAME",
         :long => "--ssh-user USERNAME",
@@ -181,27 +184,34 @@ class Chef
         session_from_list(list)
       end
 
-      def get_ssh_attribute(node)
+      def get_prefix_attribute(item)
+        # Order of precedence for prefix
+        # 1) config value (cli or knife config)
+        # 2) nil
+        msg = "Using node attribute '%s' as the prefix: %s"
+        if item["prefix"]
+          Chef::Log.debug(sprintf(msg, config[:prefix_attribute], item["prefix"]))
+          item["prefix"]
+        else
+          nil
+        end
+      end
+
+      def get_ssh_attribute(item)
         # Order of precedence for ssh target
-        # 1) command line attribute
-        # 2) configuration file
-        # 3) cloud attribute
-        # 4) fqdn
-        if node["config"]
-          Chef::Log.debug("Using node attribute '#{config[:attribute]}' as the ssh target: #{node["config"]}")
-          node["config"]
-        elsif Chef::Config[:knife][:ssh_attribute]
-          Chef::Log.debug("Using node attribute #{Chef::Config[:knife][:ssh_attribute]}: #{node["knife_config"]}")
-          node["knife_config"]
-        elsif node["cloud"] &&
-            node["cloud"]["public_hostname"] &&
-            !node["cloud"]["public_hostname"].empty?
-          Chef::Log.debug("Using node attribute 'cloud[:public_hostname]' automatically as the ssh target: #{node["cloud"]["public_hostname"]}")
-          node["cloud"]["public_hostname"]
+        # 1) config value (cli or knife config)
+        # 2) cloud attribute
+        # 3) fqdn
+        msg = "Using node attribute '%s' as the ssh target: %s"
+        if item["target"]
+          Chef::Log.debug(sprintf(msg, config[:ssh_attribute], item["target"]))
+          item["target"]
+        elsif !item.dig("cloud", "public_hostname").to_s.empty?
+          Chef::Log.debug(sprintf(msg, "cloud.public_hostname", item["cloud"]["public_hostname"]))
+          item["cloud"]["public_hostname"]
         else
-          # falling back to default of fqdn
-          Chef::Log.debug("Using node attribute 'fqdn' as the ssh target: #{node["fqdn"]}")
-          node["fqdn"]
+          Chef::Log.debug(sprintf(msg, "fqdn", item["fqdn"]))
+          item["fqdn"]
         end
       end
 
@@ -212,14 +222,12 @@ class Chef
 
         separator = ui.presenter.attribute_field_separator
 
-        # if we've set an attribute to use on the command line
-        if config[:attribute]
-          required_attributes[:config] = config[:attribute].split(separator)
+        if config[:prefix_attribute]
+          required_attributes[:prefix] = config[:prefix_attribute].split(separator)
         end
 
-        # if we've configured an attribute in our config
-        if Chef::Config[:knife][:ssh_attribute]
-          required_attributes[:knife_config] = Chef::Config[:knife][:ssh_attribute].split(separator)
+        if config[:ssh_attribute]
+          required_attributes[:target] = config[:ssh_attribute].split(separator)
         end
 
         @search_count = 0
@@ -232,8 +240,9 @@ class Chef
           # returned node object
           host = get_ssh_attribute(item)
           next if host.nil?
-          ssh_port = item[:cloud].nil? ? nil : item[:cloud][:public_ssh_port]
-          srv = [host, ssh_port]
+          prefix = get_prefix_attribute(item)
+          ssh_port = item.dig("cloud", "public_ssh_port")
+          srv = [host, ssh_port, prefix]
           list.push(srv)
         end
 
@@ -282,7 +291,8 @@ class Chef
 
       def session_from_list(list)
         list.each do |item|
-          host, ssh_port = item
+          host, ssh_port, prefix = item
+          prefix = host unless prefix
           Chef::Log.debug("Adding #{host}")
           session_opts = session_options(host, ssh_port)
           # Handle port overrides for the main connection.
@@ -291,12 +301,14 @@ class Chef
           # Handle connection timeout
           session_opts[:timeout] = Chef::Config[:knife][:ssh_timeout] if Chef::Config[:knife][:ssh_timeout]
           session_opts[:timeout] = config[:ssh_timeout] if config[:ssh_timeout]
+          # Handle session prefix
+          session_opts[:properties] = { prefix: prefix }
           # Create the hostspec.
           hostspec = session_opts[:user] ? "#{session_opts.delete(:user)}@#{host}" : host
           # Connect a new session on the multi.
           session.use(hostspec, session_opts)
 
-          @longest = host.length if host.length > @longest
+          @longest = prefix.length if prefix.length > @longest
         end
 
         session
@@ -342,9 +354,9 @@ class Chef
             chan.exec command do |ch, success|
               raise ArgumentError, "Cannot execute #{command}" unless success
               ch.on_data do |ichannel, data|
-                print_data(ichannel[:host], data)
+                print_data(ichannel.connection[:prefix], data)
                 if data =~ /^knife sudo password: /
-                  print_data(ichannel[:host], "\n")
+                  print_data(ichannel.connection[:prefix], "\n")
                   ichannel.send_data("#{get_password}\n")
                 end
               end
@@ -461,7 +473,7 @@ class Chef
           end.join(" \\; ")
         end
 
-        tmux_name = "'knife ssh #{@name_args[0].tr(':', '=')}'"
+        tmux_name = "'knife ssh #{@name_args[0].tr(':.', '=-')}'"
         begin
           server = session.servers_for.first
           cmd = ["tmux new-session -d -s #{tmux_name}",

data/lib/chef/knife/user_create.rb

@@ -78,6 +78,8 @@ knife user create for Open Source 11 Server is being deprecated.
 Open Source 11 Server user commands now live under the knife osc_user namespace.
 For backwards compatibility, we will forward this request to knife osc_user create.
 If you are using an Open Source 11 Server, please use that command to avoid this warning.
+NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
+in Chef 15 which will be released April 2019.
 EOF
       end
 

data/lib/chef/knife/user_delete.rb

@@ -37,6 +37,8 @@ knife user delete for Open Source 11 Server is being deprecated.
 Open Source 11 Server user commands now live under the knife osc_user namespace.
 For backwards compatibility, we will forward this request to knife osc_user delete.
 If you are using an Open Source 11 Server, please use that command to avoid this warning.
+NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
+in Chef 15 which will be released April 2019.
 EOF
       end
 

data/lib/chef/knife/user_edit.rb

@@ -37,6 +37,8 @@ knife user edit for Open Source 11 Server is being deprecated.
 Open Source 11 Server user commands now live under the knife oc_user namespace.
 For backwards compatibility, we will forward this request to knife osc_user edit.
 If you are using an Open Source 11 Server, please use that command to avoid this warning.
+NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
+in Chef 15 which will be released April 2019.
 EOF
       end
 

data/lib/chef/knife/user_reregister.rb

@@ -37,6 +37,8 @@ knife user reregister for Open Source 11 Server is being deprecated.
 Open Source 11 Server user commands now live under the knife osc_user namespace.
 For backwards compatibility, we will forward this request to knife osc_user reregister.
 If you are using an Open Source 11 Server, please use that command to avoid this warning.
+NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
+in Chef 15 which will be released April 2019.
 EOF
       end
 

data/lib/chef/knife/user_show.rb

@@ -39,6 +39,8 @@ knife user show for Open Source 11 Server is being deprecated.
 Open Source 11 Server user commands now live under the knife osc_user namespace.
 For backwards compatibility, we will forward this request to knife osc_user show.
 If you are using an Open Source 11 Server, please use that command to avoid this warning.
+NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
+in Chef 15 which will be released April 2019.
 EOF
       end
 

data/lib/chef/mixin/powershell_out.rb

@@ -74,7 +74,7 @@ class Chef
       # Helper to build a powershell command around the script to run.
       #
       # @param script [String] script to run
-      # @retrurn [String] powershell command to execute
+      # @return [String] powershell command to execute
       def build_powershell_command(script)
         flags = [
           # Hides the copyright banner at startup.

data/lib/chef/node/attribute.rb

@@ -17,7 +17,6 @@
 # limitations under the License.
 #
 
-require "chef/node/mixin/deep_merge_cache"
 require "chef/node/mixin/immutablize_hash"
 require "chef/node/mixin/state_tracking"
 require "chef/node/immutable_collections"
@@ -45,7 +44,6 @@ class Chef
       # expects.  This include should probably be deleted?
       include Enumerable
 
-      include Chef::Node::Mixin::DeepMergeCache
       include Chef::Node::Mixin::StateTracking
       include Chef::Node::Mixin::ImmutablizeHash
 
@@ -187,6 +185,9 @@ class Chef
        # return the automatic level attribute component
       attr_reader :automatic
 
+      # return the immutablemash deep merge cache
+      attr_reader :deep_merge_cache
+
       def initialize(normal, default, override, automatic, node = nil)
         @default        = VividMash.new(default, self, node, :default)
         @env_default    = VividMash.new({}, self, node, :env_default)
@@ -202,7 +203,8 @@ class Chef
 
         @automatic      = VividMash.new(automatic, self, node, :automatic)
 
-        super(nil, self, node, :merged)
+        @deep_merge_cache = ImmutableMash.new({}, self, node, :merged)
+        @__node__ = node
       end
 
        # Debug what's going on with an attribute. +args+ is a path spec to the
@@ -226,6 +228,22 @@ class Chef
         end
       end
 
+      def reset
+        @deep_merge_cache = ImmutableMash.new({}, self, @__node__, :merged)
+      end
+
+      def reset_cache(*path)
+        if path.empty?
+          reset
+        else
+          container = read(*path)
+          case container
+          when Hash, Array
+            container.reset
+          end
+        end
+      end
+
        # Set the cookbook level default attribute component to +new_data+.
       def default=(new_data)
         reset
@@ -290,7 +308,7 @@ class Chef
 
        # clears attributes from all precedence levels
       def rm(*args)
-        with_deep_merged_return_value(self, *args) do
+        with_deep_merged_return_value(combined_all, *args) do
           rm_default(*args)
           rm_normal(*args)
           rm_override(*args)
@@ -337,6 +355,9 @@ class Chef
       def with_deep_merged_return_value(obj, *path, last)
         hash = obj.read(*path)
         return nil unless hash.is_a?(Hash)
+        # coerce from immutablemash/vividmash to plain-old Hash
+        # also de-immutablizes and dup's the return value correctly in chef-13
+        hash = hash.to_hash
         ret = hash[last]
         yield
         ret
@@ -398,16 +419,16 @@ class Chef
        # all of node['foo'] even if the user only requires node['foo']['bar']['baz'].
        #
 
-      def merged_attributes(*path)
-        merge_all(path)
+      def combined_override(*path)
+        merge_overrides(path)
       end
 
-      def combined_override(*path)
-        immutablize(merge_overrides(path))
+      def combined_all(*path)
+        path.empty? ? self : read(*path)
       end
 
       def combined_default(*path)
-        immutablize(merge_defaults(path))
+        merge_defaults(path)
       end
 
       def normal_unless(*args)
@@ -476,6 +497,14 @@ class Chef
         merged_attributes.to_s
       end
 
+      def [](key)
+        @deep_merge_cache[key]
+      end
+
+      def merged_attributes
+        @deep_merge_cache
+      end
+
       def inspect
         "#<#{self.class} " << (COMPONENTS + [:@merged_attributes, :@properties]).map do |iv|
           "#{iv}=#{instance_variable_get(iv).inspect}"
@@ -484,7 +513,14 @@ class Chef
 
       private
 
-       # Helper method for merge_all/merge_defaults/merge_overrides.
+      # For elements like Fixnums, true, nil...
+      def safe_dup(e)
+        e.dup
+      rescue TypeError
+        e
+      end
+
+       # Helper method for merge_defaults/merge_overrides.
        #
        # apply_path(thing, [ "foo", "bar", "baz" ]) = thing["foo"]["bar"]["baz"]
        #
@@ -514,34 +550,6 @@ class Chef
         end
       end
 
-       # For elements like Fixnums, true, nil...
-      def safe_dup(e)
-        e.dup
-      rescue TypeError
-        e
-      end
-
-       # Deep merge all attribute levels using hash-only merging between different precidence
-       # levels (so override arrays completely replace arrays set at any default level).
-       #
-       # The path allows for selectively deep-merging a subtree of the node object.
-       #
-       # @param path [Array] Array of args to method chain to descend into the node object
-       # @return [attr] Deep Merged values (may be VividMash, Hash, Array, etc) from the node object
-      def merge_all(path)
-        components = [
-          merge_defaults(path),
-          apply_path(@normal, path),
-          merge_overrides(path),
-          apply_path(@automatic, path),
-        ]
-
-        ret = components.inject(NIL) do |merged, component|
-          hash_only_merge!(merged, component)
-        end
-        ret == NIL ? nil : ret
-      end
-
        # Deep merge the default attribute levels with array merging.
        #
        # The path allows for selectively deep-merging a subtree of the node object.
@@ -613,38 +621,6 @@ class Chef
         end
       end
 
-      # @api private
-      def hash_only_merge!(merge_onto, merge_with)
-        # If there are two Hashes, recursively merge.
-        if merge_onto.kind_of?(Hash) && merge_with.kind_of?(Hash)
-          merge_with.each do |key, merge_with_value|
-            value =
-              if merge_onto.has_key?(key)
-                hash_only_merge!(safe_dup(merge_onto[key]), merge_with_value)
-              else
-                merge_with_value
-              end
-
-            # internal_set bypasses converting keys, does convert values and allows writing to immutable mashes
-            merge_onto.internal_set(key, value)
-          end
-          merge_onto
-
-        # If merge_with is nil, don't replace merge_onto
-        elsif merge_with.nil?
-          merge_onto
-
-        # In all other cases, replace merge_onto with merge_with
-        else
-          if merge_with.kind_of?(Hash)
-            Chef::Node::ImmutableMash.new(merge_with)
-          elsif merge_with.kind_of?(Array)
-            Chef::Node::ImmutableArray.new(merge_with)
-          else
-            merge_with
-          end
-        end
-      end
     end
   end
 end