chef 15.17.4-universal-mingw32 → 16.0.257-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +14 -20
- data/README.md +6 -6
- data/Rakefile +18 -23
- data/chef-universal-mingw32.gemspec +4 -4
- data/chef.gemspec +10 -26
- data/distro/powershell/chef/chef.psm1 +3 -3
- data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
- data/lib/chef/action_collection.rb +16 -5
- data/lib/chef/api_client/registration.rb +2 -2
- data/lib/chef/application.rb +33 -54
- data/lib/chef/application/apply.rb +20 -3
- data/lib/chef/application/base.rb +8 -3
- data/lib/chef/application/exit_code.rb +2 -2
- data/lib/chef/application/knife.rb +1 -1
- data/lib/chef/chef_class.rb +4 -4
- data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
- data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
- data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
- data/lib/chef/chef_fs/file_system/chef_server/rest_list_entry.rb +6 -2
- data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/base_file.rb +0 -1
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +5 -5
- data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
- data/lib/chef/chef_fs/path_utils.rb +3 -3
- data/lib/chef/client.rb +16 -14
- data/lib/chef/config.rb +1 -1
- data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
- data/lib/chef/cookbook/gem_installer.rb +1 -1
- data/lib/chef/cookbook/metadata.rb +45 -22
- data/lib/chef/cookbook_version.rb +40 -5
- data/lib/chef/data_bag.rb +2 -2
- data/lib/chef/data_collector/error_handlers.rb +1 -1
- data/lib/chef/data_collector/run_end_message.rb +7 -1
- data/lib/chef/deprecated.rb +1 -9
- data/lib/chef/dist.rb +8 -0
- data/lib/chef/dsl/chef_vault.rb +84 -0
- data/lib/chef/dsl/declare_resource.rb +7 -5
- data/lib/chef/dsl/platform_introspection.rb +2 -3
- data/lib/chef/dsl/recipe.rb +7 -12
- data/lib/chef/dsl/universal.rb +3 -7
- data/lib/chef/environment.rb +2 -2
- data/lib/chef/event_dispatch/base.rb +3 -0
- data/lib/chef/exceptions.rb +0 -3
- data/lib/chef/formatters/doc.rb +1 -1
- data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
- data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
- data/lib/chef/formatters/indentable_output_stream.rb +7 -16
- data/lib/chef/http.rb +1 -2
- data/lib/chef/http/http_request.rb +3 -2
- data/lib/chef/knife.rb +1 -3
- data/lib/chef/knife/acl_add.rb +57 -0
- data/lib/chef/knife/acl_base.rb +183 -0
- data/lib/chef/knife/acl_bulk_add.rb +78 -0
- data/lib/chef/knife/acl_bulk_remove.rb +83 -0
- data/lib/chef/knife/acl_remove.rb +62 -0
- data/lib/chef/knife/acl_show.rb +56 -0
- data/lib/chef/knife/bootstrap.rb +93 -97
- data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
- data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
- data/lib/chef/knife/bootstrap/templates/chef-full.erb +20 -20
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +13 -15
- data/lib/chef/knife/bootstrap/train_connector.rb +0 -1
- data/lib/chef/knife/cookbook_download.rb +1 -1
- data/lib/chef/knife/cookbook_metadata.rb +1 -1
- data/lib/chef/knife/core/bootstrap_context.rb +63 -60
- data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
- data/lib/chef/knife/core/generic_presenter.rb +4 -3
- data/lib/chef/knife/core/hashed_command_loader.rb +2 -3
- data/lib/chef/knife/core/node_presenter.rb +2 -2
- data/lib/chef/knife/core/status_presenter.rb +5 -5
- data/lib/chef/knife/core/subcommand_loader.rb +1 -1
- data/lib/chef/knife/core/ui.rb +17 -1
- data/lib/chef/knife/core/windows_bootstrap_context.rb +45 -58
- data/lib/chef/knife/data_bag_secret_options.rb +18 -45
- data/lib/chef/knife/environment_compare.rb +1 -1
- data/lib/chef/knife/exec.rb +2 -2
- data/lib/chef/knife/group_add.rb +55 -0
- data/lib/chef/knife/{cookbook_site_download.rb → group_create.rb} +21 -12
- data/lib/chef/knife/group_destroy.rb +53 -0
- data/lib/chef/knife/{cookbook_site_list.rb → group_list.rb} +14 -11
- data/lib/chef/knife/group_remove.rb +56 -0
- data/lib/chef/knife/{cookbook_site_install.rb → group_show.rb} +21 -12
- data/lib/chef/knife/list.rb +1 -1
- data/lib/chef/knife/ssh.rb +12 -50
- data/lib/chef/knife/status.rb +3 -3
- data/lib/chef/knife/supermarket_download.rb +1 -2
- data/lib/chef/knife/supermarket_install.rb +1 -2
- data/lib/chef/knife/supermarket_list.rb +1 -2
- data/lib/chef/knife/supermarket_search.rb +1 -2
- data/lib/chef/knife/supermarket_share.rb +1 -2
- data/lib/chef/knife/supermarket_show.rb +1 -2
- data/lib/chef/knife/supermarket_unshare.rb +1 -2
- data/lib/chef/knife/{cookbook_site_show.rb → user_dissociate.rb} +15 -13
- data/lib/chef/knife/{cookbook_site_search.rb → user_invite_add.rb} +16 -13
- data/lib/chef/knife/user_invite_list.rb +34 -0
- data/lib/chef/knife/user_invite_recind.rb +63 -0
- data/lib/chef/knife/yaml_convert.rb +91 -0
- data/lib/chef/log.rb +1 -1
- data/lib/chef/mixin/create_path.rb +8 -8
- data/lib/chef/mixin/openssl_helper.rb +3 -26
- data/lib/chef/mixin/powershell_exec.rb +10 -1
- data/lib/chef/mixin/powershell_out.rb +1 -1
- data/lib/chef/mixin/properties.rb +13 -1
- data/lib/chef/mixin/shell_out.rb +0 -4
- data/lib/chef/mixin/template.rb +0 -1
- data/lib/chef/monkey_patches/net_http.rb +0 -4
- data/lib/chef/node.rb +18 -6
- data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
- data/lib/chef/node/mixin/immutablize_array.rb +4 -0
- data/lib/chef/node/mixin/immutablize_hash.rb +3 -0
- data/lib/chef/node_map.rb +7 -36
- data/lib/chef/platform/priority_map.rb +4 -4
- data/lib/chef/platform/query_helpers.rb +6 -34
- data/lib/chef/powershell.rb +14 -0
- data/lib/chef/property.rb +22 -4
- data/lib/chef/provider.rb +40 -6
- data/lib/chef/provider/cron.rb +2 -2
- data/lib/chef/provider/directory.rb +2 -2
- data/lib/chef/provider/dsc_resource.rb +1 -1
- data/lib/chef/provider/dsc_script.rb +1 -1
- data/lib/chef/provider/execute.rb +2 -8
- data/lib/chef/provider/file.rb +5 -5
- data/lib/chef/provider/git.rb +84 -27
- data/lib/chef/provider/group.rb +4 -4
- data/lib/chef/provider/http_request.rb +6 -6
- data/lib/chef/provider/ifconfig.rb +4 -4
- data/lib/chef/provider/launchd.rb +36 -51
- data/lib/chef/provider/link.rb +2 -2
- data/lib/chef/provider/mount.rb +5 -5
- data/lib/chef/provider/mount/solaris.rb +1 -0
- data/lib/chef/provider/osx_profile.rb +7 -3
- data/lib/chef/provider/package.rb +2 -2
- data/lib/chef/provider/package/cab.rb +3 -4
- data/lib/chef/provider/package/chocolatey.rb +1 -3
- data/lib/chef/provider/package/dnf.rb +66 -10
- data/lib/chef/provider/package/dnf/dnf_helper.py +84 -30
- data/lib/chef/provider/package/dnf/python_helper.rb +79 -36
- data/lib/chef/provider/package/dnf/version.rb +5 -1
- data/lib/chef/provider/package/freebsd/pkgng.rb +1 -3
- data/lib/chef/provider/package/homebrew.rb +106 -42
- data/lib/chef/provider/package/msu.rb +3 -1
- data/lib/chef/provider/package/pacman.rb +25 -34
- data/lib/chef/provider/package/powershell.rb +2 -6
- data/lib/chef/provider/package/rubygems.rb +29 -2
- data/lib/chef/provider/package/snap.rb +27 -96
- data/lib/chef/provider/package/windows.rb +3 -2
- data/lib/chef/provider/package/windows/msi.rb +2 -2
- data/lib/chef/provider/package/yum.rb +0 -8
- data/lib/chef/provider/package/yum/yum_helper.py +0 -4
- data/lib/chef/provider/package/zypper.rb +1 -1
- data/lib/chef/provider/powershell_script.rb +4 -10
- data/lib/chef/provider/registry_key.rb +4 -4
- data/lib/chef/provider/remote_directory.rb +3 -3
- data/lib/chef/provider/remote_file/ftp.rb +3 -2
- data/lib/chef/provider/remote_file/local_file.rb +2 -1
- data/lib/chef/provider/remote_file/sftp.rb +3 -2
- data/lib/chef/provider/route.rb +5 -3
- data/lib/chef/provider/ruby_block.rb +1 -1
- data/lib/chef/provider/script.rb +2 -2
- data/lib/chef/provider/service.rb +8 -8
- data/lib/chef/provider/service/aixinit.rb +1 -1
- data/lib/chef/provider/service/arch.rb +2 -2
- data/lib/chef/provider/service/debian.rb +31 -29
- data/lib/chef/provider/service/gentoo.rb +2 -2
- data/lib/chef/provider/service/macosx.rb +7 -12
- data/lib/chef/provider/service/openbsd.rb +1 -1
- data/lib/chef/provider/service/redhat.rb +2 -2
- data/lib/chef/provider/service/simple.rb +3 -3
- data/lib/chef/provider/service/systemd.rb +12 -12
- data/lib/chef/provider/service/upstart.rb +1 -1
- data/lib/chef/provider/service/windows.rb +5 -11
- data/lib/chef/provider/subversion.rb +25 -5
- data/lib/chef/provider/systemd_unit.rb +26 -25
- data/lib/chef/provider/user.rb +6 -6
- data/lib/chef/provider/user/dscl.rb +3 -3
- data/lib/chef/provider/user/mac.rb +10 -9
- data/lib/chef/provider/whyrun_safe_ruby_block.rb +1 -1
- data/lib/chef/provider/windows_env.rb +3 -3
- data/lib/chef/provider/windows_script.rb +2 -2
- data/lib/chef/provider/windows_task.rb +7 -9
- data/lib/chef/provider/yum_repository.rb +1 -1
- data/lib/chef/provider/zypper_repository.rb +11 -31
- data/lib/chef/providers.rb +0 -6
- data/lib/chef/recipe.rb +36 -0
- data/lib/chef/resource.rb +41 -56
- data/lib/chef/resource/action_class.rb +24 -22
- data/lib/chef/resource/alternatives.rb +149 -0
- data/lib/chef/resource/apt_package.rb +2 -1
- data/lib/chef/resource/apt_preference.rb +69 -2
- data/lib/chef/resource/apt_repository.rb +337 -5
- data/lib/chef/resource/apt_update.rb +52 -1
- data/lib/chef/resource/archive_file.rb +9 -29
- data/lib/chef/resource/bash.rb +2 -0
- data/lib/chef/resource/bff_package.rb +9 -1
- data/lib/chef/resource/breakpoint.rb +0 -1
- data/lib/chef/resource/build_essential.rb +42 -48
- data/lib/chef/resource/cab_package.rb +8 -1
- data/lib/chef/resource/chef_client_cron.rb +225 -0
- data/lib/chef/resource/chef_client_scheduled_task.rb +198 -0
- data/lib/chef/resource/chef_client_systemd_timer.rb +177 -0
- data/lib/chef/resource/chef_gem.rb +9 -16
- data/lib/chef/resource/chef_handler.rb +2 -1
- data/lib/chef/resource/chef_sleep.rb +0 -1
- data/lib/chef/resource/chef_vault_secret.rb +135 -0
- data/lib/chef/resource/chocolatey_config.rb +3 -1
- data/lib/chef/resource/chocolatey_feature.rb +2 -1
- data/lib/chef/resource/chocolatey_package.rb +2 -1
- data/lib/chef/resource/chocolatey_source.rb +2 -1
- data/lib/chef/resource/cookbook_file.rb +1 -1
- data/lib/chef/resource/cron.rb +22 -68
- data/lib/chef/resource/cron_access.rb +8 -15
- data/lib/chef/resource/cron_d.rb +9 -75
- data/lib/chef/resource/csh.rb +2 -0
- data/lib/chef/resource/directory.rb +2 -2
- data/lib/chef/resource/dmg_package.rb +4 -4
- data/lib/chef/resource/dnf_package.rb +2 -3
- data/lib/chef/resource/dpkg_package.rb +2 -1
- data/lib/chef/resource/dsc_resource.rb +6 -4
- data/lib/chef/resource/dsc_script.rb +3 -2
- data/lib/chef/resource/execute.rb +13 -12
- data/lib/chef/resource/file.rb +3 -1
- data/lib/chef/resource/freebsd_package.rb +2 -1
- data/lib/chef/resource/gem_package.rb +14 -6
- data/lib/chef/resource/group.rb +4 -1
- data/lib/chef/resource/helpers/cron_validations.rb +98 -0
- data/lib/chef/resource/homebrew_cask.rb +5 -4
- data/lib/chef/resource/homebrew_package.rb +4 -2
- data/lib/chef/resource/homebrew_tap.rb +2 -1
- data/lib/chef/resource/hostname.rb +41 -36
- data/lib/chef/resource/http_request.rb +0 -1
- data/lib/chef/resource/ifconfig.rb +1 -1
- data/lib/chef/resource/ips_package.rb +10 -2
- data/lib/chef/resource/kernel_module.rb +29 -29
- data/lib/chef/resource/ksh.rb +2 -0
- data/lib/chef/resource/launchd.rb +6 -6
- data/lib/chef/resource/link.rb +1 -23
- data/lib/chef/resource/locale.rb +58 -24
- data/lib/chef/resource/log.rb +12 -1
- data/lib/chef/resource/lwrp_base.rb +1 -8
- data/lib/chef/resource/macos_userdefaults.rb +9 -6
- data/lib/chef/resource/macosx_service.rb +2 -1
- data/lib/chef/resource/macports_package.rb +10 -2
- data/lib/chef/resource/mdadm.rb +62 -2
- data/lib/chef/resource/mount.rb +3 -0
- data/lib/chef/resource/msu_package.rb +13 -1
- data/lib/chef/resource/notify_group.rb +8 -3
- data/lib/chef/resource/ohai.rb +19 -3
- data/lib/chef/resource/ohai_hint.rb +3 -12
- data/lib/chef/resource/openbsd_package.rb +9 -1
- data/lib/chef/resource/openssl_dhparam.rb +10 -1
- data/lib/chef/resource/openssl_ec_private_key.rb +23 -1
- data/lib/chef/resource/openssl_ec_public_key.rb +21 -1
- data/lib/chef/resource/openssl_rsa_private_key.rb +20 -1
- data/lib/chef/resource/openssl_rsa_public_key.rb +22 -1
- data/lib/chef/resource/openssl_x509_certificate.rb +37 -1
- data/lib/chef/resource/openssl_x509_crl.rb +12 -1
- data/lib/chef/resource/openssl_x509_request.rb +37 -1
- data/lib/chef/resource/osx_profile.rb +3 -2
- data/lib/chef/resource/package.rb +2 -1
- data/lib/chef/resource/pacman_package.rb +2 -1
- data/lib/chef/resource/paludis_package.rb +12 -3
- data/lib/chef/resource/perl.rb +2 -0
- data/lib/chef/resource/plist.rb +207 -0
- data/lib/chef/resource/portage_package.rb +13 -3
- data/lib/chef/resource/powershell_package.rb +1 -3
- data/lib/chef/resource/powershell_package_source.rb +3 -1
- data/lib/chef/resource/powershell_script.rb +7 -17
- data/lib/chef/resource/python.rb +2 -0
- data/lib/chef/resource/reboot.rb +0 -1
- data/lib/chef/resource/registry_key.rb +1 -2
- data/lib/chef/resource/remote_directory.rb +2 -0
- data/lib/chef/resource/remote_file.rb +2 -0
- data/lib/chef/resource/rhsm_errata.rb +0 -1
- data/lib/chef/resource/rhsm_errata_level.rb +0 -1
- data/lib/chef/resource/rhsm_register.rb +2 -1
- data/lib/chef/resource/rhsm_repo.rb +3 -1
- data/lib/chef/resource/rhsm_subscription.rb +4 -1
- data/lib/chef/resource/route.rb +5 -1
- data/lib/chef/resource/rpm_package.rb +9 -2
- data/lib/chef/resource/ruby.rb +2 -0
- data/lib/chef/resource/ruby_block.rb +1 -1
- data/lib/chef/resource/scm/_scm.rb +48 -0
- data/lib/chef/resource/{scm.rb → scm/git.rb} +16 -30
- data/lib/chef/resource/{subversion.rb → scm/subversion.rb} +8 -5
- data/lib/chef/resource/script.rb +6 -3
- data/lib/chef/resource/service.rb +6 -7
- data/lib/chef/resource/smartos_package.rb +9 -1
- data/lib/chef/resource/snap_package.rb +3 -1
- data/lib/chef/resource/solaris_package.rb +9 -1
- data/lib/chef/resource/ssh_known_hosts_entry.rb +6 -3
- data/lib/chef/resource/sudo.rb +9 -9
- data/lib/chef/resource/support/cron.d.erb +1 -1
- data/lib/chef/resource/support/cron_access.erb +1 -1
- data/lib/chef/resource/support/sudoer.erb +1 -2
- data/lib/chef/resource/support/ulimit.erb +41 -0
- data/lib/chef/resource/swap_file.rb +5 -3
- data/lib/chef/resource/sysctl.rb +2 -2
- data/lib/chef/resource/systemd_unit.rb +4 -2
- data/lib/chef/resource/template.rb +0 -1
- data/lib/chef/resource/timezone.rb +7 -18
- data/lib/chef/resource/user.rb +1 -3
- data/lib/chef/resource/user/aix_user.rb +0 -2
- data/lib/chef/resource/user/dscl_user.rb +1 -1
- data/lib/chef/resource/user/linux_user.rb +0 -2
- data/lib/chef/resource/user/mac_user.rb +1 -1
- data/lib/chef/resource/user/pw_user.rb +0 -2
- data/lib/chef/resource/user/solaris_user.rb +0 -2
- data/lib/chef/resource/user/windows_user.rb +0 -2
- data/lib/chef/resource/user_ulimit.rb +114 -0
- data/lib/chef/resource/whyrun_safe_ruby_block.rb +1 -0
- data/lib/chef/resource/windows_ad_join.rb +19 -6
- data/lib/chef/resource/windows_auto_run.rb +0 -1
- data/lib/chef/resource/windows_certificate.rb +1 -1
- data/lib/chef/resource/windows_dfs_folder.rb +0 -1
- data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
- data/lib/chef/resource/windows_dfs_server.rb +0 -1
- data/lib/chef/resource/windows_dns_record.rb +0 -1
- data/lib/chef/resource/windows_dns_zone.rb +0 -1
- data/lib/chef/resource/windows_env.rb +2 -3
- data/lib/chef/resource/windows_feature.rb +2 -2
- data/lib/chef/resource/windows_feature_dism.rb +9 -22
- data/lib/chef/resource/windows_feature_powershell.rb +17 -82
- data/lib/chef/resource/windows_firewall_rule.rb +119 -10
- data/lib/chef/resource/windows_font.rb +1 -3
- data/lib/chef/resource/windows_package.rb +13 -4
- data/lib/chef/resource/windows_pagefile.rb +0 -1
- data/lib/chef/resource/windows_path.rb +0 -1
- data/lib/chef/resource/windows_printer.rb +0 -1
- data/lib/chef/resource/windows_printer_port.rb +0 -1
- data/lib/chef/resource/windows_script.rb +3 -4
- data/lib/chef/resource/windows_security_policy.rb +90 -0
- data/lib/chef/resource/windows_service.rb +45 -31
- data/lib/chef/resource/windows_share.rb +3 -7
- data/lib/chef/resource/windows_shortcut.rb +0 -1
- data/lib/chef/resource/windows_task.rb +14 -15
- data/lib/chef/resource/windows_uac.rb +0 -1
- data/lib/chef/resource/windows_user_privilege.rb +157 -0
- data/lib/chef/resource/windows_workgroup.rb +0 -1
- data/lib/chef/resource/yum_package.rb +3 -1
- data/lib/chef/resource/yum_repository.rb +2 -1
- data/lib/chef/resource/zypper_package.rb +3 -2
- data/lib/chef/resource/zypper_repository.rb +2 -1
- data/lib/chef/resource_builder.rb +8 -0
- data/lib/chef/resource_inspector.rb +6 -6
- data/lib/chef/resource_resolver.rb +7 -14
- data/lib/chef/resources.rb +11 -3
- data/lib/chef/role.rb +2 -2
- data/lib/chef/run_context/cookbook_compiler.rb +29 -5
- data/lib/chef/shell.rb +23 -32
- data/lib/chef/shell/shell_session.rb +0 -2
- data/lib/chef/util/diff.rb +1 -1
- data/lib/chef/util/dsc/configuration_generator.rb +1 -1
- data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
- data/lib/chef/util/powershell/cmdlet.rb +1 -1
- data/lib/chef/version.rb +2 -2
- data/lib/chef/version_string.rb +1 -1
- data/lib/chef/win32/api/file.rb +18 -18
- data/lib/chef/win32/api/security.rb +6 -0
- data/lib/chef/win32/file.rb +3 -11
- data/lib/chef/win32/process.rb +2 -2
- data/lib/chef/win32/security.rb +40 -2
- data/spec/functional/assets/inittest +8 -7
- data/spec/functional/knife/ssh_spec.rb +27 -23
- data/spec/functional/resource/aix_service_spec.rb +1 -0
- data/spec/functional/resource/aixinit_service_spec.rb +8 -7
- data/spec/functional/resource/apt_package_spec.rb +1 -0
- data/spec/functional/resource/bff_spec.rb +2 -2
- data/spec/functional/resource/cookbook_file_spec.rb +1 -1
- data/spec/functional/resource/cron_spec.rb +11 -29
- data/spec/functional/resource/dnf_package_spec.rb +441 -156
- data/spec/functional/resource/dsc_resource_spec.rb +1 -1
- data/spec/functional/resource/git_spec.rb +184 -134
- data/spec/functional/resource/insserv_spec.rb +6 -5
- data/spec/functional/resource/link_spec.rb +17 -17
- data/spec/functional/resource/locale_spec.rb +13 -2
- data/spec/functional/resource/powershell_script_spec.rb +7 -68
- data/spec/functional/resource/rpm_spec.rb +2 -2
- data/spec/functional/resource/user/dscl_spec.rb +2 -2
- data/spec/functional/resource/user/mac_user_spec.rb +2 -2
- data/spec/functional/resource/windows_certificate_spec.rb +3 -3
- data/spec/functional/resource/windows_security_policy_spec.rb +90 -0
- data/spec/functional/resource/windows_task_spec.rb +8 -8
- data/spec/functional/resource/windows_user_privilege_spec.rb +193 -0
- data/spec/functional/run_lock_spec.rb +1 -2
- data/spec/functional/shell_spec.rb +6 -6
- data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
- data/spec/functional/version_spec.rb +1 -1
- data/spec/functional/win32/registry_spec.rb +0 -6
- data/spec/functional/win32/security_spec.rb +22 -0
- data/spec/functional/win32/service_manager_spec.rb +1 -1
- data/spec/integration/client/client_spec.rb +123 -2
- data/spec/integration/knife/cookbook_show_spec.rb +28 -26
- data/spec/integration/knife/data_bag_show_spec.rb +1 -1
- data/spec/integration/knife/raw_spec.rb +30 -2
- data/spec/integration/knife/show_spec.rb +32 -3
- data/spec/integration/recipes/accumulator_spec.rb +1 -1
- data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -5
- data/spec/integration/recipes/lwrp_spec.rb +1 -1
- data/spec/integration/recipes/noop_resource_spec.rb +1 -1
- data/spec/integration/recipes/notifies_spec.rb +50 -21
- data/spec/integration/recipes/notifying_block_spec.rb +9 -6
- data/spec/integration/recipes/provider_choice.rb +2 -0
- data/spec/integration/recipes/recipe_dsl_spec.rb +46 -144
- data/spec/integration/recipes/resource_action_spec.rb +16 -11
- data/spec/integration/recipes/resource_converge_if_changed_spec.rb +1 -3
- data/spec/integration/recipes/resource_load_spec.rb +133 -13
- data/spec/integration/recipes/unified_mode_spec.rb +1 -1
- data/spec/integration/recipes/use_partial_spec.rb +112 -0
- data/spec/integration/solo/solo_spec.rb +3 -3
- data/spec/scripts/ssl-serve.rb +1 -1
- data/spec/spec_helper.rb +11 -14
- data/spec/support/chef_helpers.rb +2 -2
- data/spec/support/lib/chef/resource/zen_follower.rb +2 -0
- data/spec/support/platform_helpers.rb +44 -19
- data/spec/support/platforms/win32/spec_service.rb +1 -1
- data/spec/support/recipe_dsl_helper.rb +83 -0
- data/spec/support/shared/functional/directory_resource.rb +1 -1
- data/spec/support/shared/functional/execute_resource.rb +1 -1
- data/spec/support/shared/functional/file_resource.rb +3 -3
- data/spec/support/shared/functional/win32_service.rb +1 -1
- data/spec/support/shared/functional/windows_script.rb +5 -18
- data/spec/support/shared/integration/knife_support.rb +14 -8
- data/spec/unit/application/apply_spec.rb +3 -0
- data/spec/unit/application/client_spec.rb +5 -1
- data/spec/unit/application_spec.rb +1 -9
- data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +4 -2
- data/spec/unit/client_spec.rb +7 -5
- data/spec/unit/cookbook/gem_installer_spec.rb +3 -4
- data/spec/unit/cookbook/metadata_spec.rb +38 -19
- data/spec/unit/data_bag_spec.rb +1 -1
- data/spec/unit/data_collector_spec.rb +38 -17
- data/spec/unit/dsl/platform_introspection_spec.rb +0 -1
- data/spec/unit/environment_spec.rb +7 -7
- data/spec/unit/event_dispatch/dispatcher_spec.rb +0 -3
- data/spec/unit/file_access_control_spec.rb +1 -1
- data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +15 -15
- data/spec/unit/knife/bootstrap/client_builder_spec.rb +9 -9
- data/spec/unit/knife/bootstrap_spec.rb +36 -54
- data/spec/unit/knife/cookbook_download_spec.rb +4 -4
- data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
- data/spec/unit/knife/cookbook_show_spec.rb +1 -0
- data/spec/unit/knife/cookbook_upload_spec.rb +6 -5
- data/spec/unit/knife/core/bootstrap_context_spec.rb +23 -43
- data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
- data/spec/unit/knife/core/ui_spec.rb +16 -0
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +8 -68
- data/spec/unit/knife/data_bag_secret_options_spec.rb +22 -14
- data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
- data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
- data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
- data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
- data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
- data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
- data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
- data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
- data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
- data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
- data/spec/unit/knife/ssh_spec.rb +10 -113
- data/spec/unit/knife/status_spec.rb +1 -1
- data/spec/unit/knife/supermarket_share_spec.rb +3 -5
- data/spec/unit/knife_spec.rb +18 -0
- data/spec/unit/lwrp_spec.rb +4 -4
- data/spec/unit/mixin/powershell_exec_spec.rb +10 -0
- data/spec/unit/mixin/securable_spec.rb +1 -0
- data/spec/unit/mixin/user_context_spec.rb +9 -1
- data/spec/unit/node/attribute_spec.rb +2 -2
- data/spec/unit/node_spec.rb +24 -0
- data/spec/unit/platform/query_helpers_spec.rb +0 -143
- data/spec/unit/property/state_spec.rb +12 -7
- data/spec/unit/property/validation_spec.rb +25 -1
- data/spec/unit/property_spec.rb +18 -15
- data/spec/unit/provider/apt_preference_spec.rb +14 -10
- data/spec/unit/provider/apt_repository_spec.rb +9 -11
- data/spec/unit/provider/apt_update_spec.rb +12 -11
- data/spec/unit/provider/cookbook_file_spec.rb +4 -4
- data/spec/unit/provider/cron_spec.rb +2 -2
- data/spec/unit/provider/directory_spec.rb +4 -15
- data/spec/unit/provider/file_spec.rb +4 -4
- data/spec/unit/provider/git_spec.rb +44 -4
- data/spec/unit/provider/link_spec.rb +0 -1
- data/spec/unit/provider/log_spec.rb +3 -3
- data/spec/unit/provider/mdadm_spec.rb +3 -3
- data/spec/unit/provider/osx_profile_spec.rb +2 -2
- data/spec/unit/provider/package/dnf/python_helper_spec.rb +2 -2
- data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
- data/spec/unit/provider/package/homebrew_spec.rb +280 -174
- data/spec/unit/provider/package/msu_spec.rb +3 -3
- data/spec/unit/provider/package/pacman_spec.rb +65 -147
- data/spec/unit/provider/package/powershell_spec.rb +88 -96
- data/spec/unit/provider/package/rubygems_spec.rb +221 -31
- data/spec/unit/provider/package/snap_spec.rb +1 -1
- data/spec/unit/provider/package/windows/exe_spec.rb +1 -1
- data/spec/unit/provider/package/windows_spec.rb +53 -30
- data/spec/unit/provider/powershell_script_spec.rb +21 -61
- data/spec/unit/provider/remote_file_spec.rb +3 -4
- data/spec/unit/provider/service/arch_service_spec.rb +2 -3
- data/spec/unit/provider/service/debian_service_spec.rb +35 -14
- data/spec/unit/provider/service/gentoo_service_spec.rb +8 -8
- data/spec/unit/provider/service/macosx_spec.rb +210 -214
- data/spec/unit/provider/service/redhat_spec.rb +2 -2
- data/spec/unit/provider/service/systemd_service_spec.rb +23 -23
- data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
- data/spec/unit/provider/service/windows_spec.rb +6 -2
- data/spec/unit/provider/subversion_spec.rb +4 -2
- data/spec/unit/provider/systemd_unit_spec.rb +24 -28
- data/spec/unit/provider/template_spec.rb +3 -4
- data/spec/unit/provider/zypper_repository_spec.rb +25 -75
- data/spec/unit/provider_resolver_spec.rb +11 -11
- data/spec/unit/provider_spec.rb +0 -1
- data/spec/unit/recipe_spec.rb +68 -0
- data/spec/unit/resource/alternatives_spec.rb +120 -0
- data/spec/unit/resource/apt_preference_spec.rb +0 -18
- data/spec/unit/resource/apt_repository_spec.rb +0 -18
- data/spec/unit/resource/apt_update_spec.rb +0 -18
- data/spec/unit/resource/archive_file_spec.rb +2 -11
- data/spec/unit/resource/chef_client_cron_spec.rb +119 -0
- data/spec/unit/resource/chef_client_scheduled_task_spec.rb +102 -0
- data/spec/unit/resource/chef_client_systemd_timer_spec.rb +70 -0
- data/spec/unit/resource/chef_vault_secret_spec.rb +40 -0
- data/spec/unit/resource/chocolatey_source_spec.rb +2 -1
- data/spec/unit/resource/cron_d_spec.rb +6 -48
- data/spec/unit/resource/cron_spec.rb +4 -10
- data/spec/unit/resource/gem_package_spec.rb +3 -3
- data/spec/unit/resource/helpers/cron_validations_spec.rb +77 -0
- data/spec/unit/resource/link_spec.rb +0 -4
- data/spec/unit/resource/locale_spec.rb +0 -34
- data/spec/unit/resource/ohai_spec.rb +56 -2
- data/spec/unit/resource/plist_spec.rb +130 -0
- data/spec/unit/resource/powershell_script_spec.rb +0 -5
- data/spec/unit/resource/{git_spec.rb → scm/git_spec.rb} +50 -2
- data/spec/unit/resource/{scm_spec.rb → scm/scm.rb} +1 -52
- data/spec/unit/resource/{subversion_spec.rb → scm/subversion_spec.rb} +2 -3
- data/spec/unit/resource/service_spec.rb +4 -0
- data/spec/unit/resource/user_spec.rb +2 -2
- data/spec/unit/resource/user_ulimit_spec.rb +53 -0
- data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
- data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
- data/spec/unit/resource/windows_feature_dism_spec.rb +2 -17
- data/spec/unit/resource/windows_feature_powershell_spec.rb +6 -47
- data/spec/unit/resource/windows_firewall_rule_spec.rb +88 -41
- data/spec/unit/resource/windows_package_spec.rb +4 -1
- data/spec/unit/resource/windows_service_spec.rb +9 -0
- data/spec/unit/resource/windows_task_spec.rb +1 -1
- data/spec/unit/resource/windows_uac_spec.rb +2 -2
- data/spec/unit/resource/yum_repository_spec.rb +21 -21
- data/spec/unit/resource_reporter_spec.rb +1 -5
- data/spec/unit/resource_spec.rb +11 -4
- data/spec/unit/role_spec.rb +11 -11
- data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
- data/spec/unit/run_context_spec.rb +1 -1
- data/spec/unit/search/query_spec.rb +1 -1
- data/spec/unit/util/threaded_job_queue_spec.rb +0 -9
- data/spec/unit/win32/security_spec.rb +3 -4
- data/tasks/rspec.rb +1 -1
- metadata +116 -87
- data/lib/chef/dsl/core.rb +0 -52
- data/lib/chef/knife/cookbook_site_share.rb +0 -41
- data/lib/chef/knife/cookbook_site_unshare.rb +0 -41
- data/lib/chef/provider/apt_preference.rb +0 -93
- data/lib/chef/provider/apt_repository.rb +0 -358
- data/lib/chef/provider/apt_update.rb +0 -79
- data/lib/chef/provider/log.rb +0 -43
- data/lib/chef/provider/mdadm.rb +0 -85
- data/lib/chef/provider/ohai.rb +0 -45
- data/lib/chef/resource/git.rb +0 -37
- data/spec/functional/resource/windows_font_spec.rb +0 -49
- data/spec/unit/provider/ohai_spec.rb +0 -84
@@ -29,42 +29,44 @@ class Chef
|
|
29
29
|
"#{new_resource || "<no resource>"} action #{action ? action.inspect : "<no action>"}"
|
30
30
|
end
|
31
31
|
|
32
|
-
|
33
|
-
|
34
|
-
#
|
35
|
-
def load_current_resource
|
32
|
+
def return_load_current_value
|
33
|
+
resource = nil
|
36
34
|
if new_resource.respond_to?(:load_current_value!)
|
37
|
-
|
38
|
-
current_resource = new_resource.dup
|
35
|
+
resource = new_resource.class.new(new_resource.name, new_resource.run_context)
|
39
36
|
|
40
|
-
#
|
41
|
-
#
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
property.reset(current_resource)
|
37
|
+
# copy the non-desired state, the identity properties and name property to the new resource
|
38
|
+
# (the desired state values must be loaded by load_current_value)
|
39
|
+
resource.class.properties.each_value do |property|
|
40
|
+
if !property.desired_state? || property.identity? || property.name_property?
|
41
|
+
property.set(resource, new_resource.send(property.name)) if new_resource.class.properties[property.name].is_set?(new_resource)
|
46
42
|
end
|
47
43
|
end
|
48
44
|
|
49
|
-
#
|
50
|
-
#
|
45
|
+
# we support optionally passing the new_resource as an arg to load_current_value and
|
46
|
+
# load_current_value can raise in order to clear the current_resource to nil
|
51
47
|
begin
|
52
|
-
|
53
|
-
|
54
|
-
if current_resource.method(:load_current_value!).arity > 0
|
55
|
-
current_resource.load_current_value!(new_resource)
|
48
|
+
if resource.method(:load_current_value!).arity > 0
|
49
|
+
resource.load_current_value!(new_resource)
|
56
50
|
else
|
57
|
-
|
51
|
+
resource.load_current_value!
|
58
52
|
end
|
59
53
|
rescue Chef::Exceptions::CurrentValueDoesNotExist
|
60
|
-
|
54
|
+
resource = nil
|
61
55
|
end
|
62
56
|
end
|
57
|
+
resource
|
58
|
+
end
|
59
|
+
|
60
|
+
# build the before state (current_resource)
|
61
|
+
def load_current_resource
|
62
|
+
@current_resource = return_load_current_value
|
63
|
+
end
|
63
64
|
|
64
|
-
|
65
|
+
# build the after state (after_resource)
|
66
|
+
def load_after_resource
|
67
|
+
@after_resource = return_load_current_value
|
65
68
|
end
|
66
69
|
|
67
|
-
# @todo: remove in Chef-15
|
68
70
|
def self.include_resource_dsl?
|
69
71
|
true
|
70
72
|
end
|
@@ -0,0 +1,149 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Copyright (c) Chef Software Inc.
|
3
|
+
# Copyright:: 2016-2020, Virender Khatri
|
4
|
+
#
|
5
|
+
# License:: Apache License, Version 2.0
|
6
|
+
#
|
7
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
8
|
+
# you may not use this file except in compliance with the License.
|
9
|
+
# You may obtain a copy of the License at
|
10
|
+
#
|
11
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
12
|
+
#
|
13
|
+
# Unless required by applicable law or agreed to in writing, software
|
14
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
15
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
16
|
+
# See the License for the specific language governing permissions and
|
17
|
+
# limitations under the License.
|
18
|
+
#
|
19
|
+
|
20
|
+
require_relative "../resource"
|
21
|
+
|
22
|
+
class Chef
|
23
|
+
class Resource
|
24
|
+
class Alternatives < Chef::Resource
|
25
|
+
unified_mode true
|
26
|
+
|
27
|
+
provides(:alternatives) { true }
|
28
|
+
|
29
|
+
description "The alternatives resource allows for configuration of command alternatives in Linux using the alternatives or update-alternatives packages."
|
30
|
+
introduced "16.0"
|
31
|
+
|
32
|
+
property :link_name, String, name_property: true
|
33
|
+
property :link, String, default: lazy { |n| "/usr/bin/#{n.link_name}" }
|
34
|
+
property :path, String
|
35
|
+
property :priority, [String, Integer], coerce: proc { |n| n.to_i }
|
36
|
+
|
37
|
+
def define_resource_requirements
|
38
|
+
requirements.assert(:install) do |a|
|
39
|
+
a.assertion do
|
40
|
+
!new_resource.priority.nil?
|
41
|
+
end
|
42
|
+
|
43
|
+
a.failure_message("Could not set alternatives for #{new_resource.link_name}, you must provide the :priority property")
|
44
|
+
end
|
45
|
+
|
46
|
+
requirements.assert(:install, :set, :remove) do |a|
|
47
|
+
a.assertion do
|
48
|
+
!new_resource.path.nil?
|
49
|
+
end
|
50
|
+
|
51
|
+
a.failure_message("Could not set alternatives for #{new_resource.link_name}, you must provide the :path property")
|
52
|
+
end
|
53
|
+
|
54
|
+
requirements.assert(:install, :set, :remove) do |a|
|
55
|
+
a.assertion do
|
56
|
+
::File.exist?(new_resource.path)
|
57
|
+
end
|
58
|
+
|
59
|
+
a.whyrun("Assuming file #{new_resource.path} already exists or was created already")
|
60
|
+
a.failure_message("Could not set alternatives for #{new_resource.link_name}, missing #{new_resource.path}")
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
action :install do
|
65
|
+
if path_priority != new_resource.priority
|
66
|
+
converge_by("adding alternative #{new_resource.link} #{new_resource.link_name} #{new_resource.path} #{new_resource.priority}") do
|
67
|
+
output = shell_out(alternatives_cmd, "--install", new_resource.link, new_resource.link_name, new_resource.path, new_resource.priority)
|
68
|
+
unless output.exitstatus == 0
|
69
|
+
raise "failed to add alternative #{new_resource.link} #{new_resource.link_name} #{new_resource.path} #{new_resource.priority}"
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
action :set do
|
76
|
+
if current_path != new_resource.path
|
77
|
+
converge_by("setting alternative #{new_resource.link_name} #{new_resource.path}") do
|
78
|
+
output = shell_out(alternatives_cmd, "--set", new_resource.link_name, new_resource.path)
|
79
|
+
unless output.exitstatus == 0
|
80
|
+
raise "failed to set alternative #{new_resource.link_name} #{new_resource.path} \n #{output.stdout.strip}"
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
action :remove do
|
87
|
+
if path_exists?
|
88
|
+
converge_by("removing alternative #{new_resource.link_name} #{new_resource.path}") do
|
89
|
+
shell_out(alternatives_cmd, "--remove", new_resource.link_name, new_resource.path)
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
|
94
|
+
action :auto do
|
95
|
+
converge_by("setting auto alternative #{new_resource.link_name}") do
|
96
|
+
shell_out(alternatives_cmd, "--auto", new_resource.link_name)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
action :refresh do
|
101
|
+
converge_by("refreshing alternative #{new_resource.link_name}") do
|
102
|
+
shell_out(alternatives_cmd, "--refresh", new_resource.link_name)
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
action_class do
|
107
|
+
#
|
108
|
+
# @return [String] The appropriate alternatives command based on the platform
|
109
|
+
#
|
110
|
+
def alternatives_cmd
|
111
|
+
if debian?
|
112
|
+
"update-alternatives"
|
113
|
+
else
|
114
|
+
"alternatives"
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
#
|
119
|
+
# @return [Integer] The current path priority for the link_name alternative
|
120
|
+
#
|
121
|
+
def path_priority
|
122
|
+
# https://rubular.com/r/IcUlEU0mSNaMm3
|
123
|
+
escaped_path = Regexp.new(Regexp.escape("#{new_resource.path} - priority ") + "(.*)")
|
124
|
+
match = shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match(escaped_path)
|
125
|
+
|
126
|
+
match.nil? ? nil : match[1].to_i
|
127
|
+
end
|
128
|
+
|
129
|
+
#
|
130
|
+
# @return [String] The current path for the link_name alternative
|
131
|
+
#
|
132
|
+
def current_path
|
133
|
+
# https://rubular.com/r/ylsuvzUtquRPqc
|
134
|
+
match = shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match(/link currently points to (.*)/)
|
135
|
+
match[1]
|
136
|
+
end
|
137
|
+
|
138
|
+
#
|
139
|
+
# @return [Boolean] does the path exist for the link_name alternative
|
140
|
+
#
|
141
|
+
def path_exists?
|
142
|
+
# https://rubular.com/r/ogvDdq8h2IKRff
|
143
|
+
escaped_path = Regexp.new(Regexp.escape("#{new_resource.path} - priority"))
|
144
|
+
shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match?(escaped_path)
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
@@ -21,7 +21,8 @@ require_relative "package"
|
|
21
21
|
class Chef
|
22
22
|
class Resource
|
23
23
|
class AptPackage < Chef::Resource::Package
|
24
|
-
|
24
|
+
unified_mode true
|
25
|
+
|
25
26
|
provides :apt_package, target_mode: true
|
26
27
|
provides :package, platform_family: "debian", target_mode: true
|
27
28
|
|
@@ -22,7 +22,8 @@ class Chef
|
|
22
22
|
class Resource
|
23
23
|
# @since 13.3
|
24
24
|
class AptPreference < Chef::Resource
|
25
|
-
|
25
|
+
unified_mode true
|
26
|
+
|
26
27
|
provides(:apt_preference) { true }
|
27
28
|
|
28
29
|
description "The apt_preference resource allows for the creation of APT preference files. Preference files are used to control which package versions and sources are prioritized during installation."
|
@@ -42,11 +43,77 @@ class Chef
|
|
42
43
|
required: true
|
43
44
|
|
44
45
|
property :pin_priority, [String, Integer],
|
45
|
-
description: "Sets the Pin-Priority for a package.",
|
46
|
+
description: "Sets the Pin-Priority for a package. See <https://wiki.debian.org/AptPreferences> for more details.",
|
46
47
|
required: true
|
47
48
|
|
48
49
|
default_action :add
|
49
50
|
allowed_actions :add, :remove
|
51
|
+
|
52
|
+
APT_PREFERENCE_DIR = "/etc/apt/preferences.d".freeze
|
53
|
+
|
54
|
+
action_class do
|
55
|
+
# Build preferences.d file contents
|
56
|
+
def build_pref(package_name, pin, pin_priority)
|
57
|
+
"Package: #{package_name}\nPin: #{pin}\nPin-Priority: #{pin_priority}\n"
|
58
|
+
end
|
59
|
+
|
60
|
+
def safe_name(name)
|
61
|
+
name.tr(".", "_").gsub("*", "wildcard")
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
action :add do
|
66
|
+
return unless debian?
|
67
|
+
|
68
|
+
preference = build_pref(
|
69
|
+
new_resource.glob || new_resource.package_name,
|
70
|
+
new_resource.pin,
|
71
|
+
new_resource.pin_priority
|
72
|
+
)
|
73
|
+
|
74
|
+
directory APT_PREFERENCE_DIR do
|
75
|
+
mode "0755"
|
76
|
+
action :create
|
77
|
+
end
|
78
|
+
|
79
|
+
sanitized_prefname = safe_name(new_resource.package_name)
|
80
|
+
|
81
|
+
# cleanup any existing pref files w/o the sanitized name (created by old apt cookbook)
|
82
|
+
if (sanitized_prefname != new_resource.package_name) && ::File.exist?("#{APT_PREFERENCE_DIR}/#{new_resource.package_name}.pref")
|
83
|
+
logger.warn "Replacing legacy #{new_resource.package_name}.pref with #{sanitized_prefname}.pref in #{APT_PREFERENCE_DIR}"
|
84
|
+
file "#{APT_PREFERENCE_DIR}/#{new_resource.package_name}.pref" do
|
85
|
+
action :delete
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
# cleanup any existing pref files without the .pref extension (created by old apt cookbook)
|
90
|
+
if ::File.exist?("#{APT_PREFERENCE_DIR}/#{new_resource.package_name}")
|
91
|
+
logger.warn "Replacing legacy #{new_resource.package_name} with #{sanitized_prefname}.pref in #{APT_PREFERENCE_DIR}"
|
92
|
+
file "#{APT_PREFERENCE_DIR}/#{new_resource.package_name}" do
|
93
|
+
action :delete
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
file "#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref" do
|
98
|
+
mode "0644"
|
99
|
+
content preference
|
100
|
+
action :create
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
action :remove do
|
105
|
+
return unless debian?
|
106
|
+
|
107
|
+
sanitized_prefname = safe_name(new_resource.package_name)
|
108
|
+
|
109
|
+
if ::File.exist?("#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref")
|
110
|
+
logger.info "Un-pinning #{sanitized_prefname} from #{APT_PREFERENCE_DIR}"
|
111
|
+
file "#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref" do
|
112
|
+
action :delete
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
50
117
|
end
|
51
118
|
end
|
52
119
|
end
|
@@ -17,11 +17,15 @@
|
|
17
17
|
#
|
18
18
|
|
19
19
|
require_relative "../resource"
|
20
|
+
require_relative "../http/simple"
|
21
|
+
require "tmpdir" unless defined?(Dir.mktmpdir)
|
22
|
+
require "addressable" unless defined?(Addressable)
|
20
23
|
|
21
24
|
class Chef
|
22
25
|
class Resource
|
23
26
|
class AptRepository < Chef::Resource
|
24
|
-
|
27
|
+
unified_mode true
|
28
|
+
|
25
29
|
provides(:apt_repository) { true }
|
26
30
|
|
27
31
|
description "Use the apt_repository resource to specify additional APT repositories. Adding a new repository will update the APT package cache immediately."
|
@@ -111,12 +115,12 @@ class Chef
|
|
111
115
|
description: "The base of the Debian distribution."
|
112
116
|
|
113
117
|
property :distribution, [ String, nil, FalseClass ],
|
114
|
-
description: "Usually a distribution's codename, such as
|
115
|
-
default: lazy { node["lsb"]["codename"] }, default_description: "The LSB codename of the
|
118
|
+
description: "Usually a distribution's codename, such as xenial, bionic, or focal.",
|
119
|
+
default: lazy { node["lsb"]["codename"] }, default_description: "The LSB codename of the node such as 'focal'."
|
116
120
|
|
117
121
|
property :components, Array,
|
118
122
|
description: "Package groupings, such as 'main' and 'stable'.",
|
119
|
-
default: lazy { [] }
|
123
|
+
default: lazy { [] }, default_description: "'main' if using a PPA repository."
|
120
124
|
|
121
125
|
property :arch, [String, nil, FalseClass],
|
122
126
|
description: "Constrain packages to a particular CPU architecture such as 'i386' or 'amd64'."
|
@@ -138,7 +142,7 @@ class Chef
|
|
138
142
|
default: lazy { [] }, coerce: proc { |x| x ? Array(x) : x }
|
139
143
|
|
140
144
|
property :key_proxy, [String, nil, FalseClass],
|
141
|
-
description: "If set, a specified proxy is passed to GPG via http-proxy
|
145
|
+
description: "If set, a specified proxy is passed to GPG via `http-proxy=`."
|
142
146
|
|
143
147
|
property :cookbook, [String, nil, FalseClass],
|
144
148
|
description: "If key should be a cookbook_file, specify a cookbook where the key is located for files/default. Default value is nil, so it will use the cookbook where the resource is used.",
|
@@ -150,6 +154,334 @@ class Chef
|
|
150
154
|
|
151
155
|
default_action :add
|
152
156
|
allowed_actions :add, :remove
|
157
|
+
|
158
|
+
action_class do
|
159
|
+
LIST_APT_KEY_FINGERPRINTS = %w{apt-key adv --list-public-keys --with-fingerprint --with-colons}.freeze
|
160
|
+
|
161
|
+
# is the provided ID a key ID from a keyserver. Looks at length and HEX only values
|
162
|
+
# @param [String] id the key value passed by the user that *may* be an ID
|
163
|
+
def is_key_id?(id)
|
164
|
+
id = id[2..-1] if id.start_with?("0x")
|
165
|
+
id =~ /^\h+$/ && [8, 16, 40].include?(id.length)
|
166
|
+
end
|
167
|
+
|
168
|
+
# run the specified command and extract the fingerprints from the output
|
169
|
+
# accepts a command so it can be used to extract both the current key's fingerprints
|
170
|
+
# and the fingerprint of the new key
|
171
|
+
# @param [Array<String>] cmd the command to run
|
172
|
+
#
|
173
|
+
# @return [Array] an array of fingerprints
|
174
|
+
def extract_fingerprints_from_cmd(*cmd)
|
175
|
+
so = shell_out(*cmd)
|
176
|
+
so.stdout.split(/\n/).map do |t|
|
177
|
+
if z = t.match(/^fpr:+([0-9A-F]+):/)
|
178
|
+
z[1].split.join
|
179
|
+
end
|
180
|
+
end.compact
|
181
|
+
end
|
182
|
+
|
183
|
+
# validate the key against the apt keystore to see if that version is expired
|
184
|
+
# @param [String] key
|
185
|
+
#
|
186
|
+
# @return [Boolean] is the key valid or not
|
187
|
+
def key_is_valid?(key)
|
188
|
+
valid = true
|
189
|
+
|
190
|
+
so = shell_out("apt-key", "list")
|
191
|
+
so.stdout.split(/\n/).map do |t|
|
192
|
+
if t =~ %r{^\/#{key}.*\[expired: .*\]$}
|
193
|
+
logger.debug "Found expired key: #{t}"
|
194
|
+
valid = false
|
195
|
+
break
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
logger.debug "key #{key} #{valid ? "is valid" : "is not valid"}"
|
200
|
+
valid
|
201
|
+
end
|
202
|
+
|
203
|
+
# return the specified cookbook name or the cookbook containing the
|
204
|
+
# resource.
|
205
|
+
#
|
206
|
+
# @return [String] name of the cookbook
|
207
|
+
def cookbook_name
|
208
|
+
new_resource.cookbook || new_resource.cookbook_name
|
209
|
+
end
|
210
|
+
|
211
|
+
# determine if a cookbook file is available in the run
|
212
|
+
# @param [String] fn the path to the cookbook file
|
213
|
+
#
|
214
|
+
# @return [Boolean] cookbook file exists or doesn't
|
215
|
+
def has_cookbook_file?(fn)
|
216
|
+
run_context.has_cookbook_file_in_cookbook?(cookbook_name, fn)
|
217
|
+
end
|
218
|
+
|
219
|
+
# determine if there are any new keys by comparing the fingerprints of installed
|
220
|
+
# keys to those of the passed file
|
221
|
+
# @param [String] file the keyfile of the new repository
|
222
|
+
#
|
223
|
+
# @return [Boolean] true: no new keys in the file. false: there are new keys
|
224
|
+
def no_new_keys?(file)
|
225
|
+
# Now we are using the option --with-colons that works across old os versions
|
226
|
+
# as well as the latest (16.10). This for both `apt-key` and `gpg` commands
|
227
|
+
installed_keys = extract_fingerprints_from_cmd(*LIST_APT_KEY_FINGERPRINTS)
|
228
|
+
proposed_keys = extract_fingerprints_from_cmd("gpg", "--with-fingerprint", "--with-colons", file)
|
229
|
+
(installed_keys & proposed_keys).sort == proposed_keys.sort
|
230
|
+
end
|
231
|
+
|
232
|
+
# Given the provided key URI determine what kind of chef resource we need
|
233
|
+
# to fetch the key
|
234
|
+
# @param [String] uri the uri of the gpg key (local path or http URL)
|
235
|
+
#
|
236
|
+
# @raise [Chef::Exceptions::FileNotFound] Key isn't remote or found in the current run
|
237
|
+
#
|
238
|
+
# @return [Symbol] :remote_file or :cookbook_file
|
239
|
+
def key_type(uri)
|
240
|
+
if uri.start_with?("http")
|
241
|
+
:remote_file
|
242
|
+
elsif has_cookbook_file?(uri)
|
243
|
+
:cookbook_file
|
244
|
+
else
|
245
|
+
raise Chef::Exceptions::FileNotFound, "Cannot locate key file: #{uri}"
|
246
|
+
end
|
247
|
+
end
|
248
|
+
|
249
|
+
# Fetch the key using either cookbook_file or remote_file, validate it,
|
250
|
+
# and install it with apt-key add
|
251
|
+
# @param [String] key the key to install
|
252
|
+
#
|
253
|
+
# @raise [RuntimeError] Invalid key which can't verify the apt repository
|
254
|
+
#
|
255
|
+
# @return [void]
|
256
|
+
def install_key_from_uri(key)
|
257
|
+
key_name = key.gsub(/[^0-9A-Za-z\-]/, "_")
|
258
|
+
cached_keyfile = ::File.join(Chef::Config[:file_cache_path], key_name)
|
259
|
+
tmp_dir = Dir.mktmpdir(".gpg")
|
260
|
+
at_exit { FileUtils.remove_entry(tmp_dir) }
|
261
|
+
|
262
|
+
declare_resource(key_type(key), cached_keyfile) do
|
263
|
+
source key
|
264
|
+
mode "0644"
|
265
|
+
sensitive new_resource.sensitive
|
266
|
+
action :create
|
267
|
+
verify "gpg --homedir #{tmp_dir} %{path}"
|
268
|
+
end
|
269
|
+
|
270
|
+
execute "apt-key add #{cached_keyfile}" do
|
271
|
+
command [ "apt-key", "add", cached_keyfile ]
|
272
|
+
default_env true
|
273
|
+
sensitive new_resource.sensitive
|
274
|
+
action :run
|
275
|
+
not_if { no_new_keys?(cached_keyfile) }
|
276
|
+
notifies :run, "execute[apt-cache gencaches]", :immediately
|
277
|
+
end
|
278
|
+
end
|
279
|
+
|
280
|
+
# build the apt-key command to install the keyserver
|
281
|
+
# @param [String] key the key to install
|
282
|
+
# @param [String] keyserver the key server to use
|
283
|
+
#
|
284
|
+
# @return [String] the full apt-key command to run
|
285
|
+
def keyserver_install_cmd(key, keyserver)
|
286
|
+
cmd = "apt-key adv --no-tty --recv"
|
287
|
+
cmd << " --keyserver-options http-proxy=#{new_resource.key_proxy}" if new_resource.key_proxy
|
288
|
+
cmd << " --keyserver "
|
289
|
+
cmd << if keyserver.start_with?("hkp://")
|
290
|
+
keyserver
|
291
|
+
else
|
292
|
+
"hkp://#{keyserver}:80"
|
293
|
+
end
|
294
|
+
|
295
|
+
cmd << " #{key}"
|
296
|
+
cmd
|
297
|
+
end
|
298
|
+
|
299
|
+
# @param [String] key
|
300
|
+
# @param [String] keyserver
|
301
|
+
#
|
302
|
+
# @raise [RuntimeError] Invalid key which can't verify the apt repository
|
303
|
+
#
|
304
|
+
# @return [void]
|
305
|
+
def install_key_from_keyserver(key, keyserver = new_resource.keyserver)
|
306
|
+
execute "install-key #{key}" do
|
307
|
+
command keyserver_install_cmd(key, keyserver)
|
308
|
+
default_env true
|
309
|
+
sensitive new_resource.sensitive
|
310
|
+
not_if do
|
311
|
+
present = extract_fingerprints_from_cmd(*LIST_APT_KEY_FINGERPRINTS).any? do |fp|
|
312
|
+
fp.end_with? key.upcase
|
313
|
+
end
|
314
|
+
present && key_is_valid?(key.upcase)
|
315
|
+
end
|
316
|
+
notifies :run, "execute[apt-cache gencaches]", :immediately
|
317
|
+
end
|
318
|
+
|
319
|
+
raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?(key.upcase)
|
320
|
+
end
|
321
|
+
|
322
|
+
# @param [String] owner
|
323
|
+
# @param [String] repo
|
324
|
+
#
|
325
|
+
# @raise [RuntimeError] Could not access the Launchpad PPA API
|
326
|
+
#
|
327
|
+
# @return [void]
|
328
|
+
def install_ppa_key(owner, repo)
|
329
|
+
url = "https://launchpad.net/api/1.0/~#{owner}/+archive/#{repo}"
|
330
|
+
key_id = Chef::HTTP::Simple.new(url).get("signing_key_fingerprint").delete('"')
|
331
|
+
install_key_from_keyserver(key_id, "keyserver.ubuntu.com")
|
332
|
+
rescue Net::HTTPClientException => e
|
333
|
+
raise "Could not access Launchpad ppa API: #{e.message}"
|
334
|
+
end
|
335
|
+
|
336
|
+
# determine if the repository URL is a PPA
|
337
|
+
# @param [String] url the url of the repository
|
338
|
+
#
|
339
|
+
# @return [Boolean] is the repo URL a PPA
|
340
|
+
def is_ppa_url?(url)
|
341
|
+
url.start_with?("ppa:")
|
342
|
+
end
|
343
|
+
|
344
|
+
# determine the repository's components:
|
345
|
+
# - "components" property if defined
|
346
|
+
# - "main" if "components" not defined and the repo is a PPA URL
|
347
|
+
# - otherwise nothing
|
348
|
+
#
|
349
|
+
# @return [String] the repository component
|
350
|
+
def repo_components
|
351
|
+
if is_ppa_url?(new_resource.uri) && new_resource.components.empty?
|
352
|
+
"main"
|
353
|
+
else
|
354
|
+
new_resource.components
|
355
|
+
end
|
356
|
+
end
|
357
|
+
|
358
|
+
# given a PPA return a PPA URL in http://ppa.launchpad.net format
|
359
|
+
# @param [String] ppa the ppa URL
|
360
|
+
#
|
361
|
+
# @return [String] full PPA URL
|
362
|
+
def make_ppa_url(ppa)
|
363
|
+
owner, repo = ppa[4..-1].split("/")
|
364
|
+
repo ||= "ppa"
|
365
|
+
|
366
|
+
install_ppa_key(owner, repo)
|
367
|
+
"http://ppa.launchpad.net/#{owner}/#{repo}/ubuntu"
|
368
|
+
end
|
369
|
+
|
370
|
+
# build complete repo text that will be written to the config
|
371
|
+
# @param [String] uri
|
372
|
+
# @param [Array] components
|
373
|
+
# @param [Boolean] trusted
|
374
|
+
# @param [String] arch
|
375
|
+
# @param [Boolean] add_src
|
376
|
+
#
|
377
|
+
# @return [String] complete repo config text
|
378
|
+
def build_repo(uri, distribution, components, trusted, arch, add_src = false)
|
379
|
+
uri = make_ppa_url(uri) if is_ppa_url?(uri)
|
380
|
+
|
381
|
+
uri = Addressable::URI.parse(uri)
|
382
|
+
components = Array(components).join(" ")
|
383
|
+
options = []
|
384
|
+
options << "arch=#{arch}" if arch
|
385
|
+
options << "trusted=yes" if trusted
|
386
|
+
optstr = unless options.empty?
|
387
|
+
"[" + options.join(" ") + "]"
|
388
|
+
end
|
389
|
+
info = [ optstr, uri.normalize.to_s, distribution, components ].compact.join(" ")
|
390
|
+
repo = "deb #{info}\n"
|
391
|
+
repo << "deb-src #{info}\n" if add_src
|
392
|
+
repo
|
393
|
+
end
|
394
|
+
|
395
|
+
# clean up a potentially legacy file from before we fixed the usage of
|
396
|
+
# new_resource.name vs. new_resource.repo_name. We might have the
|
397
|
+
# name.list file hanging around and need to clean it up.
|
398
|
+
#
|
399
|
+
# @return [void]
|
400
|
+
def cleanup_legacy_file!
|
401
|
+
legacy_path = "/etc/apt/sources.list.d/#{new_resource.name}.list"
|
402
|
+
if new_resource.name != new_resource.repo_name && ::File.exist?(legacy_path)
|
403
|
+
converge_by "Cleaning up legacy #{legacy_path} repo file" do
|
404
|
+
file legacy_path do
|
405
|
+
action :delete
|
406
|
+
# Not triggering an update since it isn't super likely to be needed.
|
407
|
+
end
|
408
|
+
end
|
409
|
+
end
|
410
|
+
end
|
411
|
+
end
|
412
|
+
|
413
|
+
action :add do
|
414
|
+
return unless debian?
|
415
|
+
|
416
|
+
execute "apt-cache gencaches" do
|
417
|
+
command %w{apt-cache gencaches}
|
418
|
+
default_env true
|
419
|
+
ignore_failure true
|
420
|
+
action :nothing
|
421
|
+
end
|
422
|
+
|
423
|
+
apt_update new_resource.name do
|
424
|
+
ignore_failure true
|
425
|
+
action :nothing
|
426
|
+
end
|
427
|
+
|
428
|
+
if new_resource.key.nil?
|
429
|
+
logger.debug "No 'key' property specified skipping key import"
|
430
|
+
else
|
431
|
+
new_resource.key.each do |k|
|
432
|
+
if is_key_id?(k) && !has_cookbook_file?(k)
|
433
|
+
install_key_from_keyserver(k)
|
434
|
+
else
|
435
|
+
install_key_from_uri(k)
|
436
|
+
end
|
437
|
+
end
|
438
|
+
end
|
439
|
+
|
440
|
+
cleanup_legacy_file!
|
441
|
+
|
442
|
+
repo = build_repo(
|
443
|
+
new_resource.uri,
|
444
|
+
new_resource.distribution,
|
445
|
+
repo_components,
|
446
|
+
new_resource.trusted,
|
447
|
+
new_resource.arch,
|
448
|
+
new_resource.deb_src
|
449
|
+
)
|
450
|
+
|
451
|
+
file "/etc/apt/sources.list.d/#{new_resource.repo_name}.list" do
|
452
|
+
owner "root"
|
453
|
+
group "root"
|
454
|
+
mode "0644"
|
455
|
+
content repo
|
456
|
+
sensitive new_resource.sensitive
|
457
|
+
action :create
|
458
|
+
notifies :run, "execute[apt-cache gencaches]", :immediately
|
459
|
+
notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild
|
460
|
+
end
|
461
|
+
end
|
462
|
+
|
463
|
+
action :remove do
|
464
|
+
return unless debian?
|
465
|
+
|
466
|
+
cleanup_legacy_file!
|
467
|
+
if ::File.exist?("/etc/apt/sources.list.d/#{new_resource.repo_name}.list")
|
468
|
+
converge_by "Removing #{new_resource.repo_name} repository from /etc/apt/sources.list.d/" do
|
469
|
+
apt_update new_resource.name do
|
470
|
+
ignore_failure true
|
471
|
+
action :nothing
|
472
|
+
end
|
473
|
+
|
474
|
+
file "/etc/apt/sources.list.d/#{new_resource.repo_name}.list" do
|
475
|
+
sensitive new_resource.sensitive
|
476
|
+
action :delete
|
477
|
+
notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild
|
478
|
+
end
|
479
|
+
end
|
480
|
+
else
|
481
|
+
logger.trace("/etc/apt/sources.list.d/#{new_resource.repo_name}.list does not exist. Nothing to do")
|
482
|
+
end
|
483
|
+
end
|
484
|
+
|
153
485
|
end
|
154
486
|
end
|
155
487
|
end
|