chef 13.6.4 → 13.7.16

data/lib/chef/resource/windows_service.rb

@@ -20,6 +20,9 @@ require "chef/resource/service"
 
 class Chef
   class Resource
+    # Use the windows_service resource to manage a service on the Microsoft Windows platform.
+    #
+    # @since 12.0
     class WindowsService < Chef::Resource::Service
 
       # Until #1773 is resolved, you need to manually specify the windows_service resource

data/lib/chef/resource/windows_task.rb

@@ -20,21 +20,18 @@ require "chef/resource"
 
 class Chef
   class Resource
+    # Use the windows_task resource to create, delete or run a Windows scheduled task. Requires Windows Server 2008
+    # or later due to API usage.
+    # @since 13.0
     class WindowsTask < Chef::Resource
 
+      resource_name :windows_task
       provides :windows_task, os: "windows"
 
       allowed_actions :create, :delete, :run, :end, :enable, :disable
       default_action :create
 
-      def initialize(name, run_context = nil)
-        super
-        @resource_name = :windows_task
-        @task_name = name
-        @action = :create
-      end
-
-      property :task_name, String, regex: [/\A[^\/\:\*\?\<\>\|]+\z/]
+      property :task_name, String, regex: [/\A[^\/\:\*\?\<\>\|]+\z/], name_property: true
       property :command, String
       property :cwd, String
       property :user, String, default: "SYSTEM"
@@ -44,22 +41,22 @@ class Chef
       property :interactive_enabled, [TrueClass, FalseClass], default: false
       property :frequency_modifier, [Integer, String], default: 1
       property :frequency, equal_to: [:minute,
-                                       :hourly,
-                                       :daily,
-                                       :weekly,
-                                       :monthly,
-                                       :once,
-                                       :on_logon,
-                                       :onstart,
-                                       :on_idle,
-                                       :none], default: :hourly
+                                      :hourly,
+                                      :daily,
+                                      :weekly,
+                                      :monthly,
+                                      :once,
+                                      :on_logon,
+                                      :onstart,
+                                      :on_idle,
+                                      :none], default: :hourly
       property :start_day, String
       property :start_time, String
       property :day, [String, Integer]
       property :months, String
       property :idle_time, Integer
-      property :random_delay, String
-      property :execution_time_limit, String
+      property :random_delay, [String, Integer]
+      property :execution_time_limit, [String, Integer], default: "PT72H" # 72 hours in ISO8601 duration format
 
       attr_accessor :exists, :status, :enabled
 
@@ -71,15 +68,11 @@ class Chef
         end
 
         if execution_time_limit
-          raise ArgumentError, "Invalid value passed for `execution_time_limit`. Please pass seconds as a String e.g. '60'." if execution_time_limit.to_i == 0
-          duration = sec_to_dur(execution_time_limit)
-          execution_time_limit(duration)
-        else
-          # schtask sets execution_time_limit as PT72H by default
-          # We are setting the default value here so that we can do idempotency check later
-          # Note: We can't use `default` in the property
-          # because it will raise error for Invalid values passed as "PT72H" is not in seconds
-          execution_time_limit("PT72H")
+          unless execution_time_limit == "PT72H" # don't double convert an ISO8601 format duration
+            raise ArgumentError, "Invalid value passed for `execution_time_limit`. Please pass seconds as an Integer (e.g. 60) or a String with numeric values only (e.g. '60')." unless numeric_value_in_string?(execution_time_limit)
+            duration = sec_to_dur(execution_time_limit)
+            execution_time_limit(duration)
+          end
         end
 
         validate_start_time(start_time, frequency)
@@ -89,45 +82,57 @@ class Chef
         validate_create_frequency_modifier(frequency, frequency_modifier)
         validate_create_day(day, frequency) if day
         validate_create_months(months, frequency) if months
-        validate_idle_time(idle_time, frequency) if idle_time
+        validate_idle_time(idle_time, frequency) if ( !idle_time.nil? && ([:minute, :hourly, :daily, :weekly, :monthly].include? frequency)) || (idle_time.nil? || !(idle_time > 0 && idle_time <= 999)) && !([:minute, :hourly, :daily, :weekly, :monthly].include? frequency)
       end
 
       private
 
+      # Validate the passed value is numeric values only if it is a string
+      def numeric_value_in_string?(val)
+        return true if Integer(val)
+      rescue ArgumentError
+        false
+      end
+
       def validate_random_delay(random_delay, frequency)
         if [:once, :on_logon, :onstart, :on_idle, :none].include? frequency
           raise ArgumentError, "`random_delay` property is supported only for frequency :minute, :hourly, :daily, :weekly and :monthly"
         end
 
-        raise ArgumentError, "Invalid value passed for `random_delay`. Please pass seconds as a String e.g. '60'." if random_delay.to_i == 0
+        raise ArgumentError, "Invalid value passed for `random_delay`. Please pass seconds as an Integer (e.g. 60) or a String with numeric values only (e.g. '60')." unless numeric_value_in_string?(random_delay)
       end
 
+      # @todo when we drop ruby 2.3 support this should be converted to .match?() instead of =~f
       def validate_start_day(start_day, frequency)
         if [:once, :on_logon, :onstart, :on_idle, :none].include? frequency
           raise ArgumentError, "`start_day` property is not supported with frequency: #{frequency}"
         end
+
+        # make sure the start_day is in MM/DD/YYYY format: http://rubular.com/r/cgjHemtWl5
+        raise ArgumentError, "`start_day` property must be in the MM/DD/YYYY format." unless /^(0[1-9]|1[012])[- \/.](0[1-9]|[12][0-9]|3[01])[- \/.](19|20)\d\d$/ =~ start_day
       end
 
+      # @todo when we drop ruby 2.3 support this should be converted to .match?() instead of =~
       def validate_start_time(start_time, frequency)
-        if frequency == :once
-          raise ArgumentError, "`start_time` needs to be provided with `frequency :once`" unless start_time
-        elsif frequency == :none
-          raise ArgumentError, "`start_time` property is not supported with `frequency :none`" if start_time
+        if start_time
+          raise ArgumentError, "`start_time` property is not supported with `frequency :none`" if frequency == :none
+          raise ArgumentError, "`start_time` property must be in the HH:mm format (e.g. 6:20pm -> 18:20)." unless /^[0-2][0-9]:[0-5][0-9]$/ =~ start_time
+        else
+          raise ArgumentError, "`start_time` needs to be provided with `frequency :once`" if frequency == :once
         end
       end
 
       SYSTEM_USERS = ['NT AUTHORITY\SYSTEM', "SYSTEM", 'NT AUTHORITY\LOCALSERVICE', 'NT AUTHORITY\NETWORKSERVICE', 'BUILTIN\USERS', "USERS"].freeze
 
       def validate_user_and_password(user, password)
-        if user && use_password?(user)
-          if password.nil?
-            raise ArgumentError, "Can't specify a non-system user without a password!"
-          end
+        if password_required?(user) && password.nil?
+          raise ArgumentError, %q{Cannot specify a user other than the system users without specifying a password!. Valid passwordless users: 'NT AUTHORITY\SYSTEM', 'SYSTEM', 'NT AUTHORITY\LOCALSERVICE', 'NT AUTHORITY\NETWORKSERVICE', 'BUILTIN\USERS', 'USERS'}
         end
       end
 
-      def use_password?(user)
-        @use_password ||= !SYSTEM_USERS.include?(user.upcase)
+      def password_required?(user)
+        return false if user.nil?
+        @password_required ||= !SYSTEM_USERS.include?(user.upcase)
       end
 
       def validate_interactive_setting(interactive_enabled, password)
@@ -143,23 +148,23 @@ class Chef
           case frequency
           when :minute
             unless frequency_modifier.to_i > 0 && frequency_modifier.to_i <= 1439
-              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid.  Valid values for :minute frequency are 1 - 1439."
+              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid. Valid values for :minute frequency are 1 - 1439."
             end
           when :hourly
             unless frequency_modifier.to_i > 0 && frequency_modifier.to_i <= 23
-              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid.  Valid values for :hourly frequency are 1 - 23."
+              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid. Valid values for :hourly frequency are 1 - 23."
             end
           when :daily
             unless frequency_modifier.to_i > 0 && frequency_modifier.to_i <= 365
-              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid.  Valid values for :daily frequency are 1 - 365."
+              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid. Valid values for :daily frequency are 1 - 365."
             end
           when :weekly
             unless frequency_modifier.to_i > 0 && frequency_modifier.to_i <= 52
-              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid.  Valid values for :weekly frequency are 1 - 52."
+              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid. Valid values for :weekly frequency are 1 - 52."
             end
           when :monthly
             unless ("1".."12").to_a.push("FIRST", "SECOND", "THIRD", "FOURTH", "LAST", "LASTDAY").include?(frequency_modifier.to_s.upcase)
-              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid.  Valid values for :monthly frequency are 1 - 12, 'FIRST', 'SECOND', 'THIRD', 'FOURTH', 'LAST', 'LASTDAY'."
+              raise ArgumentError, "frequency_modifier value #{frequency_modifier} is invalid. Valid values for :monthly frequency are 1 - 12, 'FIRST', 'SECOND', 'THIRD', 'FOURTH', 'LAST', 'LASTDAY'."
             end
           end
         end
@@ -167,26 +172,24 @@ class Chef
 
       def validate_create_day(day, frequency)
         unless [:weekly, :monthly].include?(frequency)
-          raise "day attribute is only valid for tasks that run monthly or weekly"
+          raise "day property is only valid for tasks that run monthly or weekly"
         end
         if day.is_a?(String) && day.to_i.to_s != day
           days = day.split(",")
           days.each do |d|
             unless ["mon", "tue", "wed", "thu", "fri", "sat", "sun", "*"].include?(d.strip.downcase)
-              raise "day attribute invalid.  Only valid values are: MON, TUE, WED, THU, FRI, SAT, SUN and *.  Multiple values must be separated by a comma."
+              raise ArgumentError, "day property invalid. Only valid values are: MON, TUE, WED, THU, FRI, SAT, SUN and *. Multiple values must be separated by a comma."
             end
           end
         end
       end
 
       def validate_create_months(months, frequency)
-        unless [:monthly].include?(frequency)
-          raise "months attribute is only valid for tasks that run monthly"
-        end
+        raise ArgumentError, "months property is only valid for tasks that run monthly" unless frequency == :monthly
         if months.is_a? String
           months.split(",").each do |month|
             unless ["JAN", "FEB", "MAR", "APR", "MAY", "JUN", "JUL", "AUG", "SEP", "OCT", "NOV", "DEC", "*"].include?(month.strip.upcase)
-              raise "months attribute invalid. Only valid values are: JAN, FEB, MAR, APR, MAY, JUN, JUL, AUG, SEP, OCT, NOV, DEC and *. Multiple values must be separated by a comma."
+              raise ArgumentError, "months property invalid. Only valid values are: JAN, FEB, MAR, APR, MAY, JUN, JUL, AUG, SEP, OCT, NOV, DEC and *. Multiple values must be separated by a comma."
             end
           end
         end
@@ -194,47 +197,23 @@ class Chef
 
       def validate_idle_time(idle_time, frequency)
         unless [:on_idle].include?(frequency)
-          raise "idle_time attribute is only valid for tasks that run on_idle"
+          raise ArgumentError, "idle_time property is only valid for tasks that run on_idle"
         end
-
-        unless idle_time.to_i > 0 && idle_time.to_i <= 999
-          raise "idle_time value #{idle_time} is invalid.  Valid values for :on_idle frequency are 1 - 999."
+        if idle_time.nil?
+          raise ArgumentError, "idle_time value should be set for :on_idle frequency."
+        end
+        unless idle_time > 0 && idle_time <= 999
+          raise ArgumentError, "idle_time value #{idle_time} is invalid. Valid values for :on_idle frequency are 1 - 999."
         end
       end
 
-      # Convert the number of seconds to an ISO8601 duration format
-      # @see http://tools.ietf.org/html/rfc2445#section-4.3.6
-      # @param [Integer] seconds The amount of seconds for this duration
+      # Converts the number of seconds to an ISO8601 duration format and returns it.
+      # Ref : https://github.com/arnau/ISO8601/blob/master/lib/iso8601/duration.rb#L18-L23
+      # e.g.
+      # ISO8601::Duration.new(65707200)
+      # returns 'P65707200S'
       def sec_to_dur(seconds)
-        seconds = seconds.to_i
-        return if seconds == 0
-        iso_str = "P"
-        if seconds > 604_800 # more than a week
-          weeks = seconds / 604_800
-          seconds -= (604_800 * weeks)
-          iso_str << "#{weeks}W"
-        end
-        if seconds > 86_400 # more than a day
-          days = seconds / 86_400
-          seconds -= (86_400 * days)
-          iso_str << "#{days}D"
-        end
-        if seconds > 0
-          iso_str << "T"
-          if seconds > 3600 # more than an hour
-            hours = seconds / 3600
-            seconds -= (3600 * hours)
-            iso_str << "#{hours}H"
-          end
-          if seconds > 60 # more than a minute
-            minutes = seconds / 60
-            seconds -= (60 * minutes)
-            iso_str << "#{minutes}M"
-          end
-          iso_str << "#{seconds}S"
-        end
-
-        iso_str
+        ISO8601::Duration.new(seconds.to_i).to_s
       end
 
     end

data/lib/chef/resource/yum_repository.rb

@@ -1,6 +1,6 @@
 #
 # Author:: Thom May (<thom@chef.io>)
-# Copyright:: Copyright (c) 2016 Chef Software, Inc.
+# Copyright:: Copyright (c) 2016-2017 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,55 +20,59 @@ require "chef/resource"
 
 class Chef
   class Resource
+    # Use the yum_repository resource to manage a Yum repository configuration file located at /etc/yum.repos.d/repositoryid.repo
+    # on the local machine. This configuration file specifies which repositories to reference, how to handle cached data, etc.
+    #
+    # @since 12.14
     class YumRepository < Chef::Resource
       resource_name :yum_repository
       provides :yum_repository
 
       # http://linux.die.net/man/5/yum.conf as well as
       # http://dnf.readthedocs.io/en/latest/conf_ref.html
-      property :baseurl, [String, Array], regex: /.*/
+      property :baseurl, [String, Array]
       property :clean_headers, [TrueClass, FalseClass], default: false # deprecated
       property :clean_metadata, [TrueClass, FalseClass], default: true
       property :cost, String, regex: /^\d+$/
-      property :description, String, regex: /.*/, default: "Yum Repository"
+      property :description, String, default: "Yum Repository"
       property :enabled, [TrueClass, FalseClass], default: true
       property :enablegroups, [TrueClass, FalseClass]
-      property :exclude, String, regex: /.*/
+      property :exclude, String
       property :failovermethod, String, equal_to: %w{priority roundrobin}
       property :fastestmirror_enabled, [TrueClass, FalseClass]
       property :gpgcheck, [TrueClass, FalseClass], default: true
-      property :gpgkey, [String, Array], regex: /.*/
+      property :gpgkey, [String, Array]
       property :http_caching, String, equal_to: %w{packages all none}
-      property :include_config, String, regex: /.*/
-      property :includepkgs, String, regex: /.*/
+      property :include_config, String
+      property :includepkgs, String
       property :keepalive, [TrueClass, FalseClass]
       property :make_cache, [TrueClass, FalseClass], default: true
       property :max_retries, [String, Integer]
       property :metadata_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/, /never/]
-      property :metalink, String, regex: /.*/
+      property :metalink, String
       property :mirror_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/]
-      property :mirrorexpire, String, regex: /.*/
+      property :mirrorexpire, String
       property :mirrorlist_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/]
-      property :mirrorlist, String, regex: /.*/
+      property :mirrorlist, String
       property :mode, default: "0644"
       property :options, Hash
-      property :password, String, regex: /.*/
-      property :priority, String, regex: /^(\d?[0-9]|[0-9][0-9])$/
-      property :proxy_password, String, regex: /.*/
-      property :proxy_username, String, regex: /.*/
-      property :proxy, String, regex: /.*/
+      property :password, String
+      property :priority, String, regex: /^(\d?[1-9]|[0-9][0-9])$/
+      property :proxy_password, String
+      property :proxy_username, String
+      property :proxy, String
       property :repo_gpgcheck, [TrueClass, FalseClass]
       property :report_instanceid, [TrueClass, FalseClass]
-      property :repositoryid, String, regex: /.*/, name_property: true
+      property :repositoryid, String, name_property: true
       property :skip_if_unavailable, [TrueClass, FalseClass]
-      property :source, String, regex: /.*/
-      property :sslcacert, String, regex: /.*/
-      property :sslclientcert, String, regex: /.*/
-      property :sslclientkey, String, regex: /.*/
+      property :source, String
+      property :sslcacert, String
+      property :sslclientcert, String
+      property :sslclientkey, String
       property :sslverify, [TrueClass, FalseClass]
-      property :timeout, String, regex: /^\d+$/
       property :throttle, [String, Integer]
-      property :username, String, regex: /.*/
+      property :timeout, String, regex: /^\d+$/
+      property :username, String
 
       default_action :create
       allowed_actions :create, :remove, :makecache, :add, :delete

data/lib/chef/resource/zypper_package.rb

@@ -20,6 +20,8 @@ require "chef/resource/package"
 
 class Chef
   class Resource
+    # Use the zypper_package resource to install, upgrade, and remove packages with Zypper for the SUSE Enterprise and
+    # OpenSUSE platforms.
     class ZypperPackage < Chef::Resource::Package
       resource_name :zypper_package
       provides :package, platform_family: "suse"

data/lib/chef/resource/zypper_repository.rb

@@ -20,6 +20,11 @@ require "chef/resource"
 
 class Chef
   class Resource
+    # The zypper_repository resource allows for the creation of Zypper package repositories on SUSE Enterprise Linux and
+    # openSUSE systems. This resource maintains full compatibility with the zypper_repository resource in the existing
+    # zypper cookbook.
+    #
+    # @since 13.3
     class ZypperRepository < Chef::Resource
       resource_name :zypper_repository
       provides :zypper_repo
@@ -38,7 +43,7 @@ class Chef
       property :keeppackages, [true, false], default: false
       property :mode, default: "0644"
       property :refresh_cache, [true, false], default: true
-      property :source, String, regex: /.*/
+      property :source, String
       property :cookbook, String
       property :gpgautoimportkeys, [true, false], default: true
 

data/lib/chef/run_context.rb

@@ -29,7 +29,6 @@ require "forwardable"
 
 class Chef
 
-  # == Chef::RunContext
   # Value object that loads and tracks the context of a Chef run
   class RunContext
     #
@@ -312,7 +311,7 @@ class Chef
     #
     # @param recipe_names [Array[String]] The recipe name (e.g 'my_cookbook' or
     #   'my_cookbook::my_resource').
-    # @param current_cookbook The cookbook we are currently running in.
+    # @param current_cookbook [String] The cookbook we are currently running in.
     #
     # @return A truthy value if the load occurred; `false` if already loaded.
     #
@@ -556,11 +555,18 @@ ERROR_MESSAGE
       @reboot_info = reboot_info
     end
 
+    #
+    # Cancels a pending reboot
+    #
     def cancel_reboot
       Chef::Log.info "Changing reboot status from #{reboot_info.inspect} to {}"
       @reboot_info = {}
     end
 
+    #
+    # Checks to see if a reboot has been requested
+    # @return [Boolean]
+    #
     def reboot_requested?
       reboot_info.size > 0
     end

data/lib/chef/server_api.rb

@@ -31,6 +31,7 @@ class Chef
 
     def initialize(url = Chef::Config[:chef_server_url], options = {})
       options[:client_name] ||= Chef::Config[:node_name]
+      options[:raw_key] ||= Chef::Config[:client_key_contents]
       options[:signing_key_filename] ||= Chef::Config[:client_key] unless options[:raw_key]
       options[:signing_key_filename] = nil if chef_zero_uri?(url)
       options[:inflate_json_class] = false

data/lib/chef/util/selinux.rb

@@ -48,10 +48,11 @@ class Chef
 
       def restore_security_context(file_path, recursive = false)
         if restorecon_path
-          restorecon_command = recursive ? "#{restorecon_path} -R -r" : "#{restorecon_path} -R"
-          restorecon_command += " \"#{file_path}\""
-          Chef::Log.debug("Restoring selinux security content with #{restorecon_command}")
-          shell_out!(restorecon_command)
+          restorecon_flags = [ "-R" ]
+          restorecon_flags << "-r" if recursive
+          restorecon_flags << file_path
+          Chef::Log.debug("Restoring selinux security content with #{restorecon_path}")
+          shell_out_compact!(restorecon_path, restorecon_flags)
         else
           Chef::Log.warn "Can not find 'restorecon' on the system. Skipping selinux security context restore."
         end