chef 15.17.4-universal-mingw32 → 16.0.257-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (571) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +14 -20
  3. data/README.md +6 -6
  4. data/Rakefile +18 -23
  5. data/chef-universal-mingw32.gemspec +4 -4
  6. data/chef.gemspec +10 -26
  7. data/distro/powershell/chef/chef.psm1 +3 -3
  8. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  9. data/lib/chef/action_collection.rb +16 -5
  10. data/lib/chef/api_client/registration.rb +2 -2
  11. data/lib/chef/application.rb +33 -54
  12. data/lib/chef/application/apply.rb +20 -3
  13. data/lib/chef/application/base.rb +8 -3
  14. data/lib/chef/application/exit_code.rb +2 -2
  15. data/lib/chef/application/knife.rb +1 -1
  16. data/lib/chef/chef_class.rb +4 -4
  17. data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
  18. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
  19. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
  20. data/lib/chef/chef_fs/file_system/chef_server/rest_list_entry.rb +6 -2
  21. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
  22. data/lib/chef/chef_fs/file_system/repository/base_file.rb +0 -1
  23. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
  24. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  25. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +5 -5
  26. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  27. data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
  28. data/lib/chef/chef_fs/path_utils.rb +3 -3
  29. data/lib/chef/client.rb +16 -14
  30. data/lib/chef/config.rb +1 -1
  31. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  32. data/lib/chef/cookbook/gem_installer.rb +1 -1
  33. data/lib/chef/cookbook/metadata.rb +45 -22
  34. data/lib/chef/cookbook_version.rb +40 -5
  35. data/lib/chef/data_bag.rb +2 -2
  36. data/lib/chef/data_collector/error_handlers.rb +1 -1
  37. data/lib/chef/data_collector/run_end_message.rb +7 -1
  38. data/lib/chef/deprecated.rb +1 -9
  39. data/lib/chef/dist.rb +8 -0
  40. data/lib/chef/dsl/chef_vault.rb +84 -0
  41. data/lib/chef/dsl/declare_resource.rb +7 -5
  42. data/lib/chef/dsl/platform_introspection.rb +2 -3
  43. data/lib/chef/dsl/recipe.rb +7 -12
  44. data/lib/chef/dsl/universal.rb +3 -7
  45. data/lib/chef/environment.rb +2 -2
  46. data/lib/chef/event_dispatch/base.rb +3 -0
  47. data/lib/chef/exceptions.rb +0 -3
  48. data/lib/chef/formatters/doc.rb +1 -1
  49. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  50. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  51. data/lib/chef/formatters/indentable_output_stream.rb +7 -16
  52. data/lib/chef/http.rb +1 -2
  53. data/lib/chef/http/http_request.rb +3 -2
  54. data/lib/chef/knife.rb +1 -3
  55. data/lib/chef/knife/acl_add.rb +57 -0
  56. data/lib/chef/knife/acl_base.rb +183 -0
  57. data/lib/chef/knife/acl_bulk_add.rb +78 -0
  58. data/lib/chef/knife/acl_bulk_remove.rb +83 -0
  59. data/lib/chef/knife/acl_remove.rb +62 -0
  60. data/lib/chef/knife/acl_show.rb +56 -0
  61. data/lib/chef/knife/bootstrap.rb +93 -97
  62. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  63. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  64. data/lib/chef/knife/bootstrap/templates/chef-full.erb +20 -20
  65. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +13 -15
  66. data/lib/chef/knife/bootstrap/train_connector.rb +0 -1
  67. data/lib/chef/knife/cookbook_download.rb +1 -1
  68. data/lib/chef/knife/cookbook_metadata.rb +1 -1
  69. data/lib/chef/knife/core/bootstrap_context.rb +63 -60
  70. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  71. data/lib/chef/knife/core/generic_presenter.rb +4 -3
  72. data/lib/chef/knife/core/hashed_command_loader.rb +2 -3
  73. data/lib/chef/knife/core/node_presenter.rb +2 -2
  74. data/lib/chef/knife/core/status_presenter.rb +5 -5
  75. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  76. data/lib/chef/knife/core/ui.rb +17 -1
  77. data/lib/chef/knife/core/windows_bootstrap_context.rb +45 -58
  78. data/lib/chef/knife/data_bag_secret_options.rb +18 -45
  79. data/lib/chef/knife/environment_compare.rb +1 -1
  80. data/lib/chef/knife/exec.rb +2 -2
  81. data/lib/chef/knife/group_add.rb +55 -0
  82. data/lib/chef/knife/{cookbook_site_download.rb → group_create.rb} +21 -12
  83. data/lib/chef/knife/group_destroy.rb +53 -0
  84. data/lib/chef/knife/{cookbook_site_list.rb → group_list.rb} +14 -11
  85. data/lib/chef/knife/group_remove.rb +56 -0
  86. data/lib/chef/knife/{cookbook_site_install.rb → group_show.rb} +21 -12
  87. data/lib/chef/knife/list.rb +1 -1
  88. data/lib/chef/knife/ssh.rb +12 -50
  89. data/lib/chef/knife/status.rb +3 -3
  90. data/lib/chef/knife/supermarket_download.rb +1 -2
  91. data/lib/chef/knife/supermarket_install.rb +1 -2
  92. data/lib/chef/knife/supermarket_list.rb +1 -2
  93. data/lib/chef/knife/supermarket_search.rb +1 -2
  94. data/lib/chef/knife/supermarket_share.rb +1 -2
  95. data/lib/chef/knife/supermarket_show.rb +1 -2
  96. data/lib/chef/knife/supermarket_unshare.rb +1 -2
  97. data/lib/chef/knife/{cookbook_site_show.rb → user_dissociate.rb} +15 -13
  98. data/lib/chef/knife/{cookbook_site_search.rb → user_invite_add.rb} +16 -13
  99. data/lib/chef/knife/user_invite_list.rb +34 -0
  100. data/lib/chef/knife/user_invite_recind.rb +63 -0
  101. data/lib/chef/knife/yaml_convert.rb +91 -0
  102. data/lib/chef/log.rb +1 -1
  103. data/lib/chef/mixin/create_path.rb +8 -8
  104. data/lib/chef/mixin/openssl_helper.rb +3 -26
  105. data/lib/chef/mixin/powershell_exec.rb +10 -1
  106. data/lib/chef/mixin/powershell_out.rb +1 -1
  107. data/lib/chef/mixin/properties.rb +13 -1
  108. data/lib/chef/mixin/shell_out.rb +0 -4
  109. data/lib/chef/mixin/template.rb +0 -1
  110. data/lib/chef/monkey_patches/net_http.rb +0 -4
  111. data/lib/chef/node.rb +18 -6
  112. data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
  113. data/lib/chef/node/mixin/immutablize_array.rb +4 -0
  114. data/lib/chef/node/mixin/immutablize_hash.rb +3 -0
  115. data/lib/chef/node_map.rb +7 -36
  116. data/lib/chef/platform/priority_map.rb +4 -4
  117. data/lib/chef/platform/query_helpers.rb +6 -34
  118. data/lib/chef/powershell.rb +14 -0
  119. data/lib/chef/property.rb +22 -4
  120. data/lib/chef/provider.rb +40 -6
  121. data/lib/chef/provider/cron.rb +2 -2
  122. data/lib/chef/provider/directory.rb +2 -2
  123. data/lib/chef/provider/dsc_resource.rb +1 -1
  124. data/lib/chef/provider/dsc_script.rb +1 -1
  125. data/lib/chef/provider/execute.rb +2 -8
  126. data/lib/chef/provider/file.rb +5 -5
  127. data/lib/chef/provider/git.rb +84 -27
  128. data/lib/chef/provider/group.rb +4 -4
  129. data/lib/chef/provider/http_request.rb +6 -6
  130. data/lib/chef/provider/ifconfig.rb +4 -4
  131. data/lib/chef/provider/launchd.rb +36 -51
  132. data/lib/chef/provider/link.rb +2 -2
  133. data/lib/chef/provider/mount.rb +5 -5
  134. data/lib/chef/provider/mount/solaris.rb +1 -0
  135. data/lib/chef/provider/osx_profile.rb +7 -3
  136. data/lib/chef/provider/package.rb +2 -2
  137. data/lib/chef/provider/package/cab.rb +3 -4
  138. data/lib/chef/provider/package/chocolatey.rb +1 -3
  139. data/lib/chef/provider/package/dnf.rb +66 -10
  140. data/lib/chef/provider/package/dnf/dnf_helper.py +84 -30
  141. data/lib/chef/provider/package/dnf/python_helper.rb +79 -36
  142. data/lib/chef/provider/package/dnf/version.rb +5 -1
  143. data/lib/chef/provider/package/freebsd/pkgng.rb +1 -3
  144. data/lib/chef/provider/package/homebrew.rb +106 -42
  145. data/lib/chef/provider/package/msu.rb +3 -1
  146. data/lib/chef/provider/package/pacman.rb +25 -34
  147. data/lib/chef/provider/package/powershell.rb +2 -6
  148. data/lib/chef/provider/package/rubygems.rb +29 -2
  149. data/lib/chef/provider/package/snap.rb +27 -96
  150. data/lib/chef/provider/package/windows.rb +3 -2
  151. data/lib/chef/provider/package/windows/msi.rb +2 -2
  152. data/lib/chef/provider/package/yum.rb +0 -8
  153. data/lib/chef/provider/package/yum/yum_helper.py +0 -4
  154. data/lib/chef/provider/package/zypper.rb +1 -1
  155. data/lib/chef/provider/powershell_script.rb +4 -10
  156. data/lib/chef/provider/registry_key.rb +4 -4
  157. data/lib/chef/provider/remote_directory.rb +3 -3
  158. data/lib/chef/provider/remote_file/ftp.rb +3 -2
  159. data/lib/chef/provider/remote_file/local_file.rb +2 -1
  160. data/lib/chef/provider/remote_file/sftp.rb +3 -2
  161. data/lib/chef/provider/route.rb +5 -3
  162. data/lib/chef/provider/ruby_block.rb +1 -1
  163. data/lib/chef/provider/script.rb +2 -2
  164. data/lib/chef/provider/service.rb +8 -8
  165. data/lib/chef/provider/service/aixinit.rb +1 -1
  166. data/lib/chef/provider/service/arch.rb +2 -2
  167. data/lib/chef/provider/service/debian.rb +31 -29
  168. data/lib/chef/provider/service/gentoo.rb +2 -2
  169. data/lib/chef/provider/service/macosx.rb +7 -12
  170. data/lib/chef/provider/service/openbsd.rb +1 -1
  171. data/lib/chef/provider/service/redhat.rb +2 -2
  172. data/lib/chef/provider/service/simple.rb +3 -3
  173. data/lib/chef/provider/service/systemd.rb +12 -12
  174. data/lib/chef/provider/service/upstart.rb +1 -1
  175. data/lib/chef/provider/service/windows.rb +5 -11
  176. data/lib/chef/provider/subversion.rb +25 -5
  177. data/lib/chef/provider/systemd_unit.rb +26 -25
  178. data/lib/chef/provider/user.rb +6 -6
  179. data/lib/chef/provider/user/dscl.rb +3 -3
  180. data/lib/chef/provider/user/mac.rb +10 -9
  181. data/lib/chef/provider/whyrun_safe_ruby_block.rb +1 -1
  182. data/lib/chef/provider/windows_env.rb +3 -3
  183. data/lib/chef/provider/windows_script.rb +2 -2
  184. data/lib/chef/provider/windows_task.rb +7 -9
  185. data/lib/chef/provider/yum_repository.rb +1 -1
  186. data/lib/chef/provider/zypper_repository.rb +11 -31
  187. data/lib/chef/providers.rb +0 -6
  188. data/lib/chef/recipe.rb +36 -0
  189. data/lib/chef/resource.rb +41 -56
  190. data/lib/chef/resource/action_class.rb +24 -22
  191. data/lib/chef/resource/alternatives.rb +149 -0
  192. data/lib/chef/resource/apt_package.rb +2 -1
  193. data/lib/chef/resource/apt_preference.rb +69 -2
  194. data/lib/chef/resource/apt_repository.rb +337 -5
  195. data/lib/chef/resource/apt_update.rb +52 -1
  196. data/lib/chef/resource/archive_file.rb +9 -29
  197. data/lib/chef/resource/bash.rb +2 -0
  198. data/lib/chef/resource/bff_package.rb +9 -1
  199. data/lib/chef/resource/breakpoint.rb +0 -1
  200. data/lib/chef/resource/build_essential.rb +42 -48
  201. data/lib/chef/resource/cab_package.rb +8 -1
  202. data/lib/chef/resource/chef_client_cron.rb +225 -0
  203. data/lib/chef/resource/chef_client_scheduled_task.rb +198 -0
  204. data/lib/chef/resource/chef_client_systemd_timer.rb +177 -0
  205. data/lib/chef/resource/chef_gem.rb +9 -16
  206. data/lib/chef/resource/chef_handler.rb +2 -1
  207. data/lib/chef/resource/chef_sleep.rb +0 -1
  208. data/lib/chef/resource/chef_vault_secret.rb +135 -0
  209. data/lib/chef/resource/chocolatey_config.rb +3 -1
  210. data/lib/chef/resource/chocolatey_feature.rb +2 -1
  211. data/lib/chef/resource/chocolatey_package.rb +2 -1
  212. data/lib/chef/resource/chocolatey_source.rb +2 -1
  213. data/lib/chef/resource/cookbook_file.rb +1 -1
  214. data/lib/chef/resource/cron.rb +22 -68
  215. data/lib/chef/resource/cron_access.rb +8 -15
  216. data/lib/chef/resource/cron_d.rb +9 -75
  217. data/lib/chef/resource/csh.rb +2 -0
  218. data/lib/chef/resource/directory.rb +2 -2
  219. data/lib/chef/resource/dmg_package.rb +4 -4
  220. data/lib/chef/resource/dnf_package.rb +2 -3
  221. data/lib/chef/resource/dpkg_package.rb +2 -1
  222. data/lib/chef/resource/dsc_resource.rb +6 -4
  223. data/lib/chef/resource/dsc_script.rb +3 -2
  224. data/lib/chef/resource/execute.rb +13 -12
  225. data/lib/chef/resource/file.rb +3 -1
  226. data/lib/chef/resource/freebsd_package.rb +2 -1
  227. data/lib/chef/resource/gem_package.rb +14 -6
  228. data/lib/chef/resource/group.rb +4 -1
  229. data/lib/chef/resource/helpers/cron_validations.rb +98 -0
  230. data/lib/chef/resource/homebrew_cask.rb +5 -4
  231. data/lib/chef/resource/homebrew_package.rb +4 -2
  232. data/lib/chef/resource/homebrew_tap.rb +2 -1
  233. data/lib/chef/resource/hostname.rb +41 -36
  234. data/lib/chef/resource/http_request.rb +0 -1
  235. data/lib/chef/resource/ifconfig.rb +1 -1
  236. data/lib/chef/resource/ips_package.rb +10 -2
  237. data/lib/chef/resource/kernel_module.rb +29 -29
  238. data/lib/chef/resource/ksh.rb +2 -0
  239. data/lib/chef/resource/launchd.rb +6 -6
  240. data/lib/chef/resource/link.rb +1 -23
  241. data/lib/chef/resource/locale.rb +58 -24
  242. data/lib/chef/resource/log.rb +12 -1
  243. data/lib/chef/resource/lwrp_base.rb +1 -8
  244. data/lib/chef/resource/macos_userdefaults.rb +9 -6
  245. data/lib/chef/resource/macosx_service.rb +2 -1
  246. data/lib/chef/resource/macports_package.rb +10 -2
  247. data/lib/chef/resource/mdadm.rb +62 -2
  248. data/lib/chef/resource/mount.rb +3 -0
  249. data/lib/chef/resource/msu_package.rb +13 -1
  250. data/lib/chef/resource/notify_group.rb +8 -3
  251. data/lib/chef/resource/ohai.rb +19 -3
  252. data/lib/chef/resource/ohai_hint.rb +3 -12
  253. data/lib/chef/resource/openbsd_package.rb +9 -1
  254. data/lib/chef/resource/openssl_dhparam.rb +10 -1
  255. data/lib/chef/resource/openssl_ec_private_key.rb +23 -1
  256. data/lib/chef/resource/openssl_ec_public_key.rb +21 -1
  257. data/lib/chef/resource/openssl_rsa_private_key.rb +20 -1
  258. data/lib/chef/resource/openssl_rsa_public_key.rb +22 -1
  259. data/lib/chef/resource/openssl_x509_certificate.rb +37 -1
  260. data/lib/chef/resource/openssl_x509_crl.rb +12 -1
  261. data/lib/chef/resource/openssl_x509_request.rb +37 -1
  262. data/lib/chef/resource/osx_profile.rb +3 -2
  263. data/lib/chef/resource/package.rb +2 -1
  264. data/lib/chef/resource/pacman_package.rb +2 -1
  265. data/lib/chef/resource/paludis_package.rb +12 -3
  266. data/lib/chef/resource/perl.rb +2 -0
  267. data/lib/chef/resource/plist.rb +207 -0
  268. data/lib/chef/resource/portage_package.rb +13 -3
  269. data/lib/chef/resource/powershell_package.rb +1 -3
  270. data/lib/chef/resource/powershell_package_source.rb +3 -1
  271. data/lib/chef/resource/powershell_script.rb +7 -17
  272. data/lib/chef/resource/python.rb +2 -0
  273. data/lib/chef/resource/reboot.rb +0 -1
  274. data/lib/chef/resource/registry_key.rb +1 -2
  275. data/lib/chef/resource/remote_directory.rb +2 -0
  276. data/lib/chef/resource/remote_file.rb +2 -0
  277. data/lib/chef/resource/rhsm_errata.rb +0 -1
  278. data/lib/chef/resource/rhsm_errata_level.rb +0 -1
  279. data/lib/chef/resource/rhsm_register.rb +2 -1
  280. data/lib/chef/resource/rhsm_repo.rb +3 -1
  281. data/lib/chef/resource/rhsm_subscription.rb +4 -1
  282. data/lib/chef/resource/route.rb +5 -1
  283. data/lib/chef/resource/rpm_package.rb +9 -2
  284. data/lib/chef/resource/ruby.rb +2 -0
  285. data/lib/chef/resource/ruby_block.rb +1 -1
  286. data/lib/chef/resource/scm/_scm.rb +48 -0
  287. data/lib/chef/resource/{scm.rb → scm/git.rb} +16 -30
  288. data/lib/chef/resource/{subversion.rb → scm/subversion.rb} +8 -5
  289. data/lib/chef/resource/script.rb +6 -3
  290. data/lib/chef/resource/service.rb +6 -7
  291. data/lib/chef/resource/smartos_package.rb +9 -1
  292. data/lib/chef/resource/snap_package.rb +3 -1
  293. data/lib/chef/resource/solaris_package.rb +9 -1
  294. data/lib/chef/resource/ssh_known_hosts_entry.rb +6 -3
  295. data/lib/chef/resource/sudo.rb +9 -9
  296. data/lib/chef/resource/support/cron.d.erb +1 -1
  297. data/lib/chef/resource/support/cron_access.erb +1 -1
  298. data/lib/chef/resource/support/sudoer.erb +1 -2
  299. data/lib/chef/resource/support/ulimit.erb +41 -0
  300. data/lib/chef/resource/swap_file.rb +5 -3
  301. data/lib/chef/resource/sysctl.rb +2 -2
  302. data/lib/chef/resource/systemd_unit.rb +4 -2
  303. data/lib/chef/resource/template.rb +0 -1
  304. data/lib/chef/resource/timezone.rb +7 -18
  305. data/lib/chef/resource/user.rb +1 -3
  306. data/lib/chef/resource/user/aix_user.rb +0 -2
  307. data/lib/chef/resource/user/dscl_user.rb +1 -1
  308. data/lib/chef/resource/user/linux_user.rb +0 -2
  309. data/lib/chef/resource/user/mac_user.rb +1 -1
  310. data/lib/chef/resource/user/pw_user.rb +0 -2
  311. data/lib/chef/resource/user/solaris_user.rb +0 -2
  312. data/lib/chef/resource/user/windows_user.rb +0 -2
  313. data/lib/chef/resource/user_ulimit.rb +114 -0
  314. data/lib/chef/resource/whyrun_safe_ruby_block.rb +1 -0
  315. data/lib/chef/resource/windows_ad_join.rb +19 -6
  316. data/lib/chef/resource/windows_auto_run.rb +0 -1
  317. data/lib/chef/resource/windows_certificate.rb +1 -1
  318. data/lib/chef/resource/windows_dfs_folder.rb +0 -1
  319. data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
  320. data/lib/chef/resource/windows_dfs_server.rb +0 -1
  321. data/lib/chef/resource/windows_dns_record.rb +0 -1
  322. data/lib/chef/resource/windows_dns_zone.rb +0 -1
  323. data/lib/chef/resource/windows_env.rb +2 -3
  324. data/lib/chef/resource/windows_feature.rb +2 -2
  325. data/lib/chef/resource/windows_feature_dism.rb +9 -22
  326. data/lib/chef/resource/windows_feature_powershell.rb +17 -82
  327. data/lib/chef/resource/windows_firewall_rule.rb +119 -10
  328. data/lib/chef/resource/windows_font.rb +1 -3
  329. data/lib/chef/resource/windows_package.rb +13 -4
  330. data/lib/chef/resource/windows_pagefile.rb +0 -1
  331. data/lib/chef/resource/windows_path.rb +0 -1
  332. data/lib/chef/resource/windows_printer.rb +0 -1
  333. data/lib/chef/resource/windows_printer_port.rb +0 -1
  334. data/lib/chef/resource/windows_script.rb +3 -4
  335. data/lib/chef/resource/windows_security_policy.rb +90 -0
  336. data/lib/chef/resource/windows_service.rb +45 -31
  337. data/lib/chef/resource/windows_share.rb +3 -7
  338. data/lib/chef/resource/windows_shortcut.rb +0 -1
  339. data/lib/chef/resource/windows_task.rb +14 -15
  340. data/lib/chef/resource/windows_uac.rb +0 -1
  341. data/lib/chef/resource/windows_user_privilege.rb +157 -0
  342. data/lib/chef/resource/windows_workgroup.rb +0 -1
  343. data/lib/chef/resource/yum_package.rb +3 -1
  344. data/lib/chef/resource/yum_repository.rb +2 -1
  345. data/lib/chef/resource/zypper_package.rb +3 -2
  346. data/lib/chef/resource/zypper_repository.rb +2 -1
  347. data/lib/chef/resource_builder.rb +8 -0
  348. data/lib/chef/resource_inspector.rb +6 -6
  349. data/lib/chef/resource_resolver.rb +7 -14
  350. data/lib/chef/resources.rb +11 -3
  351. data/lib/chef/role.rb +2 -2
  352. data/lib/chef/run_context/cookbook_compiler.rb +29 -5
  353. data/lib/chef/shell.rb +23 -32
  354. data/lib/chef/shell/shell_session.rb +0 -2
  355. data/lib/chef/util/diff.rb +1 -1
  356. data/lib/chef/util/dsc/configuration_generator.rb +1 -1
  357. data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
  358. data/lib/chef/util/powershell/cmdlet.rb +1 -1
  359. data/lib/chef/version.rb +2 -2
  360. data/lib/chef/version_string.rb +1 -1
  361. data/lib/chef/win32/api/file.rb +18 -18
  362. data/lib/chef/win32/api/security.rb +6 -0
  363. data/lib/chef/win32/file.rb +3 -11
  364. data/lib/chef/win32/process.rb +2 -2
  365. data/lib/chef/win32/security.rb +40 -2
  366. data/spec/functional/assets/inittest +8 -7
  367. data/spec/functional/knife/ssh_spec.rb +27 -23
  368. data/spec/functional/resource/aix_service_spec.rb +1 -0
  369. data/spec/functional/resource/aixinit_service_spec.rb +8 -7
  370. data/spec/functional/resource/apt_package_spec.rb +1 -0
  371. data/spec/functional/resource/bff_spec.rb +2 -2
  372. data/spec/functional/resource/cookbook_file_spec.rb +1 -1
  373. data/spec/functional/resource/cron_spec.rb +11 -29
  374. data/spec/functional/resource/dnf_package_spec.rb +441 -156
  375. data/spec/functional/resource/dsc_resource_spec.rb +1 -1
  376. data/spec/functional/resource/git_spec.rb +184 -134
  377. data/spec/functional/resource/insserv_spec.rb +6 -5
  378. data/spec/functional/resource/link_spec.rb +17 -17
  379. data/spec/functional/resource/locale_spec.rb +13 -2
  380. data/spec/functional/resource/powershell_script_spec.rb +7 -68
  381. data/spec/functional/resource/rpm_spec.rb +2 -2
  382. data/spec/functional/resource/user/dscl_spec.rb +2 -2
  383. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  384. data/spec/functional/resource/windows_certificate_spec.rb +3 -3
  385. data/spec/functional/resource/windows_security_policy_spec.rb +90 -0
  386. data/spec/functional/resource/windows_task_spec.rb +8 -8
  387. data/spec/functional/resource/windows_user_privilege_spec.rb +193 -0
  388. data/spec/functional/run_lock_spec.rb +1 -2
  389. data/spec/functional/shell_spec.rb +6 -6
  390. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  391. data/spec/functional/version_spec.rb +1 -1
  392. data/spec/functional/win32/registry_spec.rb +0 -6
  393. data/spec/functional/win32/security_spec.rb +22 -0
  394. data/spec/functional/win32/service_manager_spec.rb +1 -1
  395. data/spec/integration/client/client_spec.rb +123 -2
  396. data/spec/integration/knife/cookbook_show_spec.rb +28 -26
  397. data/spec/integration/knife/data_bag_show_spec.rb +1 -1
  398. data/spec/integration/knife/raw_spec.rb +30 -2
  399. data/spec/integration/knife/show_spec.rb +32 -3
  400. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  401. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -5
  402. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  403. data/spec/integration/recipes/noop_resource_spec.rb +1 -1
  404. data/spec/integration/recipes/notifies_spec.rb +50 -21
  405. data/spec/integration/recipes/notifying_block_spec.rb +9 -6
  406. data/spec/integration/recipes/provider_choice.rb +2 -0
  407. data/spec/integration/recipes/recipe_dsl_spec.rb +46 -144
  408. data/spec/integration/recipes/resource_action_spec.rb +16 -11
  409. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +1 -3
  410. data/spec/integration/recipes/resource_load_spec.rb +133 -13
  411. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  412. data/spec/integration/recipes/use_partial_spec.rb +112 -0
  413. data/spec/integration/solo/solo_spec.rb +3 -3
  414. data/spec/scripts/ssl-serve.rb +1 -1
  415. data/spec/spec_helper.rb +11 -14
  416. data/spec/support/chef_helpers.rb +2 -2
  417. data/spec/support/lib/chef/resource/zen_follower.rb +2 -0
  418. data/spec/support/platform_helpers.rb +44 -19
  419. data/spec/support/platforms/win32/spec_service.rb +1 -1
  420. data/spec/support/recipe_dsl_helper.rb +83 -0
  421. data/spec/support/shared/functional/directory_resource.rb +1 -1
  422. data/spec/support/shared/functional/execute_resource.rb +1 -1
  423. data/spec/support/shared/functional/file_resource.rb +3 -3
  424. data/spec/support/shared/functional/win32_service.rb +1 -1
  425. data/spec/support/shared/functional/windows_script.rb +5 -18
  426. data/spec/support/shared/integration/knife_support.rb +14 -8
  427. data/spec/unit/application/apply_spec.rb +3 -0
  428. data/spec/unit/application/client_spec.rb +5 -1
  429. data/spec/unit/application_spec.rb +1 -9
  430. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +4 -2
  431. data/spec/unit/client_spec.rb +7 -5
  432. data/spec/unit/cookbook/gem_installer_spec.rb +3 -4
  433. data/spec/unit/cookbook/metadata_spec.rb +38 -19
  434. data/spec/unit/data_bag_spec.rb +1 -1
  435. data/spec/unit/data_collector_spec.rb +38 -17
  436. data/spec/unit/dsl/platform_introspection_spec.rb +0 -1
  437. data/spec/unit/environment_spec.rb +7 -7
  438. data/spec/unit/event_dispatch/dispatcher_spec.rb +0 -3
  439. data/spec/unit/file_access_control_spec.rb +1 -1
  440. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +15 -15
  441. data/spec/unit/knife/bootstrap/client_builder_spec.rb +9 -9
  442. data/spec/unit/knife/bootstrap_spec.rb +36 -54
  443. data/spec/unit/knife/cookbook_download_spec.rb +4 -4
  444. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
  445. data/spec/unit/knife/cookbook_show_spec.rb +1 -0
  446. data/spec/unit/knife/cookbook_upload_spec.rb +6 -5
  447. data/spec/unit/knife/core/bootstrap_context_spec.rb +23 -43
  448. data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
  449. data/spec/unit/knife/core/ui_spec.rb +16 -0
  450. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +8 -68
  451. data/spec/unit/knife/data_bag_secret_options_spec.rb +22 -14
  452. data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
  453. data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
  454. data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
  455. data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
  456. data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
  457. data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
  458. data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
  459. data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
  460. data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
  461. data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
  462. data/spec/unit/knife/ssh_spec.rb +10 -113
  463. data/spec/unit/knife/status_spec.rb +1 -1
  464. data/spec/unit/knife/supermarket_share_spec.rb +3 -5
  465. data/spec/unit/knife_spec.rb +18 -0
  466. data/spec/unit/lwrp_spec.rb +4 -4
  467. data/spec/unit/mixin/powershell_exec_spec.rb +10 -0
  468. data/spec/unit/mixin/securable_spec.rb +1 -0
  469. data/spec/unit/mixin/user_context_spec.rb +9 -1
  470. data/spec/unit/node/attribute_spec.rb +2 -2
  471. data/spec/unit/node_spec.rb +24 -0
  472. data/spec/unit/platform/query_helpers_spec.rb +0 -143
  473. data/spec/unit/property/state_spec.rb +12 -7
  474. data/spec/unit/property/validation_spec.rb +25 -1
  475. data/spec/unit/property_spec.rb +18 -15
  476. data/spec/unit/provider/apt_preference_spec.rb +14 -10
  477. data/spec/unit/provider/apt_repository_spec.rb +9 -11
  478. data/spec/unit/provider/apt_update_spec.rb +12 -11
  479. data/spec/unit/provider/cookbook_file_spec.rb +4 -4
  480. data/spec/unit/provider/cron_spec.rb +2 -2
  481. data/spec/unit/provider/directory_spec.rb +4 -15
  482. data/spec/unit/provider/file_spec.rb +4 -4
  483. data/spec/unit/provider/git_spec.rb +44 -4
  484. data/spec/unit/provider/link_spec.rb +0 -1
  485. data/spec/unit/provider/log_spec.rb +3 -3
  486. data/spec/unit/provider/mdadm_spec.rb +3 -3
  487. data/spec/unit/provider/osx_profile_spec.rb +2 -2
  488. data/spec/unit/provider/package/dnf/python_helper_spec.rb +2 -2
  489. data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
  490. data/spec/unit/provider/package/homebrew_spec.rb +280 -174
  491. data/spec/unit/provider/package/msu_spec.rb +3 -3
  492. data/spec/unit/provider/package/pacman_spec.rb +65 -147
  493. data/spec/unit/provider/package/powershell_spec.rb +88 -96
  494. data/spec/unit/provider/package/rubygems_spec.rb +221 -31
  495. data/spec/unit/provider/package/snap_spec.rb +1 -1
  496. data/spec/unit/provider/package/windows/exe_spec.rb +1 -1
  497. data/spec/unit/provider/package/windows_spec.rb +53 -30
  498. data/spec/unit/provider/powershell_script_spec.rb +21 -61
  499. data/spec/unit/provider/remote_file_spec.rb +3 -4
  500. data/spec/unit/provider/service/arch_service_spec.rb +2 -3
  501. data/spec/unit/provider/service/debian_service_spec.rb +35 -14
  502. data/spec/unit/provider/service/gentoo_service_spec.rb +8 -8
  503. data/spec/unit/provider/service/macosx_spec.rb +210 -214
  504. data/spec/unit/provider/service/redhat_spec.rb +2 -2
  505. data/spec/unit/provider/service/systemd_service_spec.rb +23 -23
  506. data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
  507. data/spec/unit/provider/service/windows_spec.rb +6 -2
  508. data/spec/unit/provider/subversion_spec.rb +4 -2
  509. data/spec/unit/provider/systemd_unit_spec.rb +24 -28
  510. data/spec/unit/provider/template_spec.rb +3 -4
  511. data/spec/unit/provider/zypper_repository_spec.rb +25 -75
  512. data/spec/unit/provider_resolver_spec.rb +11 -11
  513. data/spec/unit/provider_spec.rb +0 -1
  514. data/spec/unit/recipe_spec.rb +68 -0
  515. data/spec/unit/resource/alternatives_spec.rb +120 -0
  516. data/spec/unit/resource/apt_preference_spec.rb +0 -18
  517. data/spec/unit/resource/apt_repository_spec.rb +0 -18
  518. data/spec/unit/resource/apt_update_spec.rb +0 -18
  519. data/spec/unit/resource/archive_file_spec.rb +2 -11
  520. data/spec/unit/resource/chef_client_cron_spec.rb +119 -0
  521. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +102 -0
  522. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +70 -0
  523. data/spec/unit/resource/chef_vault_secret_spec.rb +40 -0
  524. data/spec/unit/resource/chocolatey_source_spec.rb +2 -1
  525. data/spec/unit/resource/cron_d_spec.rb +6 -48
  526. data/spec/unit/resource/cron_spec.rb +4 -10
  527. data/spec/unit/resource/gem_package_spec.rb +3 -3
  528. data/spec/unit/resource/helpers/cron_validations_spec.rb +77 -0
  529. data/spec/unit/resource/link_spec.rb +0 -4
  530. data/spec/unit/resource/locale_spec.rb +0 -34
  531. data/spec/unit/resource/ohai_spec.rb +56 -2
  532. data/spec/unit/resource/plist_spec.rb +130 -0
  533. data/spec/unit/resource/powershell_script_spec.rb +0 -5
  534. data/spec/unit/resource/{git_spec.rb → scm/git_spec.rb} +50 -2
  535. data/spec/unit/resource/{scm_spec.rb → scm/scm.rb} +1 -52
  536. data/spec/unit/resource/{subversion_spec.rb → scm/subversion_spec.rb} +2 -3
  537. data/spec/unit/resource/service_spec.rb +4 -0
  538. data/spec/unit/resource/user_spec.rb +2 -2
  539. data/spec/unit/resource/user_ulimit_spec.rb +53 -0
  540. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  541. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  542. data/spec/unit/resource/windows_feature_dism_spec.rb +2 -17
  543. data/spec/unit/resource/windows_feature_powershell_spec.rb +6 -47
  544. data/spec/unit/resource/windows_firewall_rule_spec.rb +88 -41
  545. data/spec/unit/resource/windows_package_spec.rb +4 -1
  546. data/spec/unit/resource/windows_service_spec.rb +9 -0
  547. data/spec/unit/resource/windows_task_spec.rb +1 -1
  548. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  549. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  550. data/spec/unit/resource_reporter_spec.rb +1 -5
  551. data/spec/unit/resource_spec.rb +11 -4
  552. data/spec/unit/role_spec.rb +11 -11
  553. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  554. data/spec/unit/run_context_spec.rb +1 -1
  555. data/spec/unit/search/query_spec.rb +1 -1
  556. data/spec/unit/util/threaded_job_queue_spec.rb +0 -9
  557. data/spec/unit/win32/security_spec.rb +3 -4
  558. data/tasks/rspec.rb +1 -1
  559. metadata +116 -87
  560. data/lib/chef/dsl/core.rb +0 -52
  561. data/lib/chef/knife/cookbook_site_share.rb +0 -41
  562. data/lib/chef/knife/cookbook_site_unshare.rb +0 -41
  563. data/lib/chef/provider/apt_preference.rb +0 -93
  564. data/lib/chef/provider/apt_repository.rb +0 -358
  565. data/lib/chef/provider/apt_update.rb +0 -79
  566. data/lib/chef/provider/log.rb +0 -43
  567. data/lib/chef/provider/mdadm.rb +0 -85
  568. data/lib/chef/provider/ohai.rb +0 -45
  569. data/lib/chef/resource/git.rb +0 -37
  570. data/spec/functional/resource/windows_font_spec.rb +0 -49
  571. data/spec/unit/provider/ohai_spec.rb +0 -84
@@ -29,42 +29,44 @@ class Chef
29
29
  "#{new_resource || "<no resource>"} action #{action ? action.inspect : "<no action>"}"
30
30
  end
31
31
 
32
- #
33
- # If load_current_value! is defined on the resource, use that.
34
- #
35
- def load_current_resource
32
+ def return_load_current_value
33
+ resource = nil
36
34
  if new_resource.respond_to?(:load_current_value!)
37
- # dup the resource and then reset desired-state properties.
38
- current_resource = new_resource.dup
35
+ resource = new_resource.class.new(new_resource.name, new_resource.run_context)
39
36
 
40
- # We clear desired state in the copy, because it is supposed to be actual state.
41
- # We keep identity properties and non-desired-state, which are assumed to be
42
- # "control" values like `recurse: true`
43
- current_resource.class.properties.each_value do |property|
44
- if property.desired_state? && !property.identity? && !property.name_property?
45
- property.reset(current_resource)
37
+ # copy the non-desired state, the identity properties and name property to the new resource
38
+ # (the desired state values must be loaded by load_current_value)
39
+ resource.class.properties.each_value do |property|
40
+ if !property.desired_state? || property.identity? || property.name_property?
41
+ property.set(resource, new_resource.send(property.name)) if new_resource.class.properties[property.name].is_set?(new_resource)
46
42
  end
47
43
  end
48
44
 
49
- # Call the actual load_current_value! method. If it raises
50
- # CurrentValueDoesNotExist, set current_resource to `nil`.
45
+ # we support optionally passing the new_resource as an arg to load_current_value and
46
+ # load_current_value can raise in order to clear the current_resource to nil
51
47
  begin
52
- # If the user specifies load_current_value do |desired_resource|, we
53
- # pass in the desired resource as well as the current one.
54
- if current_resource.method(:load_current_value!).arity > 0
55
- current_resource.load_current_value!(new_resource)
48
+ if resource.method(:load_current_value!).arity > 0
49
+ resource.load_current_value!(new_resource)
56
50
  else
57
- current_resource.load_current_value!
51
+ resource.load_current_value!
58
52
  end
59
53
  rescue Chef::Exceptions::CurrentValueDoesNotExist
60
- current_resource = nil
54
+ resource = nil
61
55
  end
62
56
  end
57
+ resource
58
+ end
59
+
60
+ # build the before state (current_resource)
61
+ def load_current_resource
62
+ @current_resource = return_load_current_value
63
+ end
63
64
 
64
- @current_resource = current_resource
65
+ # build the after state (after_resource)
66
+ def load_after_resource
67
+ @after_resource = return_load_current_value
65
68
  end
66
69
 
67
- # @todo: remove in Chef-15
68
70
  def self.include_resource_dsl?
69
71
  true
70
72
  end
@@ -0,0 +1,149 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # Copyright:: 2016-2020, Virender Khatri
4
+ #
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../resource"
21
+
22
+ class Chef
23
+ class Resource
24
+ class Alternatives < Chef::Resource
25
+ unified_mode true
26
+
27
+ provides(:alternatives) { true }
28
+
29
+ description "The alternatives resource allows for configuration of command alternatives in Linux using the alternatives or update-alternatives packages."
30
+ introduced "16.0"
31
+
32
+ property :link_name, String, name_property: true
33
+ property :link, String, default: lazy { |n| "/usr/bin/#{n.link_name}" }
34
+ property :path, String
35
+ property :priority, [String, Integer], coerce: proc { |n| n.to_i }
36
+
37
+ def define_resource_requirements
38
+ requirements.assert(:install) do |a|
39
+ a.assertion do
40
+ !new_resource.priority.nil?
41
+ end
42
+
43
+ a.failure_message("Could not set alternatives for #{new_resource.link_name}, you must provide the :priority property")
44
+ end
45
+
46
+ requirements.assert(:install, :set, :remove) do |a|
47
+ a.assertion do
48
+ !new_resource.path.nil?
49
+ end
50
+
51
+ a.failure_message("Could not set alternatives for #{new_resource.link_name}, you must provide the :path property")
52
+ end
53
+
54
+ requirements.assert(:install, :set, :remove) do |a|
55
+ a.assertion do
56
+ ::File.exist?(new_resource.path)
57
+ end
58
+
59
+ a.whyrun("Assuming file #{new_resource.path} already exists or was created already")
60
+ a.failure_message("Could not set alternatives for #{new_resource.link_name}, missing #{new_resource.path}")
61
+ end
62
+ end
63
+
64
+ action :install do
65
+ if path_priority != new_resource.priority
66
+ converge_by("adding alternative #{new_resource.link} #{new_resource.link_name} #{new_resource.path} #{new_resource.priority}") do
67
+ output = shell_out(alternatives_cmd, "--install", new_resource.link, new_resource.link_name, new_resource.path, new_resource.priority)
68
+ unless output.exitstatus == 0
69
+ raise "failed to add alternative #{new_resource.link} #{new_resource.link_name} #{new_resource.path} #{new_resource.priority}"
70
+ end
71
+ end
72
+ end
73
+ end
74
+
75
+ action :set do
76
+ if current_path != new_resource.path
77
+ converge_by("setting alternative #{new_resource.link_name} #{new_resource.path}") do
78
+ output = shell_out(alternatives_cmd, "--set", new_resource.link_name, new_resource.path)
79
+ unless output.exitstatus == 0
80
+ raise "failed to set alternative #{new_resource.link_name} #{new_resource.path} \n #{output.stdout.strip}"
81
+ end
82
+ end
83
+ end
84
+ end
85
+
86
+ action :remove do
87
+ if path_exists?
88
+ converge_by("removing alternative #{new_resource.link_name} #{new_resource.path}") do
89
+ shell_out(alternatives_cmd, "--remove", new_resource.link_name, new_resource.path)
90
+ end
91
+ end
92
+ end
93
+
94
+ action :auto do
95
+ converge_by("setting auto alternative #{new_resource.link_name}") do
96
+ shell_out(alternatives_cmd, "--auto", new_resource.link_name)
97
+ end
98
+ end
99
+
100
+ action :refresh do
101
+ converge_by("refreshing alternative #{new_resource.link_name}") do
102
+ shell_out(alternatives_cmd, "--refresh", new_resource.link_name)
103
+ end
104
+ end
105
+
106
+ action_class do
107
+ #
108
+ # @return [String] The appropriate alternatives command based on the platform
109
+ #
110
+ def alternatives_cmd
111
+ if debian?
112
+ "update-alternatives"
113
+ else
114
+ "alternatives"
115
+ end
116
+ end
117
+
118
+ #
119
+ # @return [Integer] The current path priority for the link_name alternative
120
+ #
121
+ def path_priority
122
+ # https://rubular.com/r/IcUlEU0mSNaMm3
123
+ escaped_path = Regexp.new(Regexp.escape("#{new_resource.path} - priority ") + "(.*)")
124
+ match = shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match(escaped_path)
125
+
126
+ match.nil? ? nil : match[1].to_i
127
+ end
128
+
129
+ #
130
+ # @return [String] The current path for the link_name alternative
131
+ #
132
+ def current_path
133
+ # https://rubular.com/r/ylsuvzUtquRPqc
134
+ match = shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match(/link currently points to (.*)/)
135
+ match[1]
136
+ end
137
+
138
+ #
139
+ # @return [Boolean] does the path exist for the link_name alternative
140
+ #
141
+ def path_exists?
142
+ # https://rubular.com/r/ogvDdq8h2IKRff
143
+ escaped_path = Regexp.new(Regexp.escape("#{new_resource.path} - priority"))
144
+ shell_out(alternatives_cmd, "--display", new_resource.link_name).stdout.match?(escaped_path)
145
+ end
146
+ end
147
+ end
148
+ end
149
+ end
@@ -21,7 +21,8 @@ require_relative "package"
21
21
  class Chef
22
22
  class Resource
23
23
  class AptPackage < Chef::Resource::Package
24
- resource_name :apt_package
24
+ unified_mode true
25
+
25
26
  provides :apt_package, target_mode: true
26
27
  provides :package, platform_family: "debian", target_mode: true
27
28
 
@@ -22,7 +22,8 @@ class Chef
22
22
  class Resource
23
23
  # @since 13.3
24
24
  class AptPreference < Chef::Resource
25
- resource_name :apt_preference
25
+ unified_mode true
26
+
26
27
  provides(:apt_preference) { true }
27
28
 
28
29
  description "The apt_preference resource allows for the creation of APT preference files. Preference files are used to control which package versions and sources are prioritized during installation."
@@ -42,11 +43,77 @@ class Chef
42
43
  required: true
43
44
 
44
45
  property :pin_priority, [String, Integer],
45
- description: "Sets the Pin-Priority for a package.",
46
+ description: "Sets the Pin-Priority for a package. See <https://wiki.debian.org/AptPreferences> for more details.",
46
47
  required: true
47
48
 
48
49
  default_action :add
49
50
  allowed_actions :add, :remove
51
+
52
+ APT_PREFERENCE_DIR = "/etc/apt/preferences.d".freeze
53
+
54
+ action_class do
55
+ # Build preferences.d file contents
56
+ def build_pref(package_name, pin, pin_priority)
57
+ "Package: #{package_name}\nPin: #{pin}\nPin-Priority: #{pin_priority}\n"
58
+ end
59
+
60
+ def safe_name(name)
61
+ name.tr(".", "_").gsub("*", "wildcard")
62
+ end
63
+ end
64
+
65
+ action :add do
66
+ return unless debian?
67
+
68
+ preference = build_pref(
69
+ new_resource.glob || new_resource.package_name,
70
+ new_resource.pin,
71
+ new_resource.pin_priority
72
+ )
73
+
74
+ directory APT_PREFERENCE_DIR do
75
+ mode "0755"
76
+ action :create
77
+ end
78
+
79
+ sanitized_prefname = safe_name(new_resource.package_name)
80
+
81
+ # cleanup any existing pref files w/o the sanitized name (created by old apt cookbook)
82
+ if (sanitized_prefname != new_resource.package_name) && ::File.exist?("#{APT_PREFERENCE_DIR}/#{new_resource.package_name}.pref")
83
+ logger.warn "Replacing legacy #{new_resource.package_name}.pref with #{sanitized_prefname}.pref in #{APT_PREFERENCE_DIR}"
84
+ file "#{APT_PREFERENCE_DIR}/#{new_resource.package_name}.pref" do
85
+ action :delete
86
+ end
87
+ end
88
+
89
+ # cleanup any existing pref files without the .pref extension (created by old apt cookbook)
90
+ if ::File.exist?("#{APT_PREFERENCE_DIR}/#{new_resource.package_name}")
91
+ logger.warn "Replacing legacy #{new_resource.package_name} with #{sanitized_prefname}.pref in #{APT_PREFERENCE_DIR}"
92
+ file "#{APT_PREFERENCE_DIR}/#{new_resource.package_name}" do
93
+ action :delete
94
+ end
95
+ end
96
+
97
+ file "#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref" do
98
+ mode "0644"
99
+ content preference
100
+ action :create
101
+ end
102
+ end
103
+
104
+ action :remove do
105
+ return unless debian?
106
+
107
+ sanitized_prefname = safe_name(new_resource.package_name)
108
+
109
+ if ::File.exist?("#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref")
110
+ logger.info "Un-pinning #{sanitized_prefname} from #{APT_PREFERENCE_DIR}"
111
+ file "#{APT_PREFERENCE_DIR}/#{sanitized_prefname}.pref" do
112
+ action :delete
113
+ end
114
+ end
115
+ end
116
+
50
117
  end
51
118
  end
52
119
  end
@@ -17,11 +17,15 @@
17
17
  #
18
18
 
19
19
  require_relative "../resource"
20
+ require_relative "../http/simple"
21
+ require "tmpdir" unless defined?(Dir.mktmpdir)
22
+ require "addressable" unless defined?(Addressable)
20
23
 
21
24
  class Chef
22
25
  class Resource
23
26
  class AptRepository < Chef::Resource
24
- resource_name :apt_repository
27
+ unified_mode true
28
+
25
29
  provides(:apt_repository) { true }
26
30
 
27
31
  description "Use the apt_repository resource to specify additional APT repositories. Adding a new repository will update the APT package cache immediately."
@@ -111,12 +115,12 @@ class Chef
111
115
  description: "The base of the Debian distribution."
112
116
 
113
117
  property :distribution, [ String, nil, FalseClass ],
114
- description: "Usually a distribution's codename, such as trusty, xenial or bionic. Default value: the codename of the node's distro.",
115
- default: lazy { node["lsb"]["codename"] }, default_description: "The LSB codename of the host such as 'bionic'."
118
+ description: "Usually a distribution's codename, such as xenial, bionic, or focal.",
119
+ default: lazy { node["lsb"]["codename"] }, default_description: "The LSB codename of the node such as 'focal'."
116
120
 
117
121
  property :components, Array,
118
122
  description: "Package groupings, such as 'main' and 'stable'.",
119
- default: lazy { [] }
123
+ default: lazy { [] }, default_description: "'main' if using a PPA repository."
120
124
 
121
125
  property :arch, [String, nil, FalseClass],
122
126
  description: "Constrain packages to a particular CPU architecture such as 'i386' or 'amd64'."
@@ -138,7 +142,7 @@ class Chef
138
142
  default: lazy { [] }, coerce: proc { |x| x ? Array(x) : x }
139
143
 
140
144
  property :key_proxy, [String, nil, FalseClass],
141
- description: "If set, a specified proxy is passed to GPG via http-proxy=."
145
+ description: "If set, a specified proxy is passed to GPG via `http-proxy=`."
142
146
 
143
147
  property :cookbook, [String, nil, FalseClass],
144
148
  description: "If key should be a cookbook_file, specify a cookbook where the key is located for files/default. Default value is nil, so it will use the cookbook where the resource is used.",
@@ -150,6 +154,334 @@ class Chef
150
154
 
151
155
  default_action :add
152
156
  allowed_actions :add, :remove
157
+
158
+ action_class do
159
+ LIST_APT_KEY_FINGERPRINTS = %w{apt-key adv --list-public-keys --with-fingerprint --with-colons}.freeze
160
+
161
+ # is the provided ID a key ID from a keyserver. Looks at length and HEX only values
162
+ # @param [String] id the key value passed by the user that *may* be an ID
163
+ def is_key_id?(id)
164
+ id = id[2..-1] if id.start_with?("0x")
165
+ id =~ /^\h+$/ && [8, 16, 40].include?(id.length)
166
+ end
167
+
168
+ # run the specified command and extract the fingerprints from the output
169
+ # accepts a command so it can be used to extract both the current key's fingerprints
170
+ # and the fingerprint of the new key
171
+ # @param [Array<String>] cmd the command to run
172
+ #
173
+ # @return [Array] an array of fingerprints
174
+ def extract_fingerprints_from_cmd(*cmd)
175
+ so = shell_out(*cmd)
176
+ so.stdout.split(/\n/).map do |t|
177
+ if z = t.match(/^fpr:+([0-9A-F]+):/)
178
+ z[1].split.join
179
+ end
180
+ end.compact
181
+ end
182
+
183
+ # validate the key against the apt keystore to see if that version is expired
184
+ # @param [String] key
185
+ #
186
+ # @return [Boolean] is the key valid or not
187
+ def key_is_valid?(key)
188
+ valid = true
189
+
190
+ so = shell_out("apt-key", "list")
191
+ so.stdout.split(/\n/).map do |t|
192
+ if t =~ %r{^\/#{key}.*\[expired: .*\]$}
193
+ logger.debug "Found expired key: #{t}"
194
+ valid = false
195
+ break
196
+ end
197
+ end
198
+
199
+ logger.debug "key #{key} #{valid ? "is valid" : "is not valid"}"
200
+ valid
201
+ end
202
+
203
+ # return the specified cookbook name or the cookbook containing the
204
+ # resource.
205
+ #
206
+ # @return [String] name of the cookbook
207
+ def cookbook_name
208
+ new_resource.cookbook || new_resource.cookbook_name
209
+ end
210
+
211
+ # determine if a cookbook file is available in the run
212
+ # @param [String] fn the path to the cookbook file
213
+ #
214
+ # @return [Boolean] cookbook file exists or doesn't
215
+ def has_cookbook_file?(fn)
216
+ run_context.has_cookbook_file_in_cookbook?(cookbook_name, fn)
217
+ end
218
+
219
+ # determine if there are any new keys by comparing the fingerprints of installed
220
+ # keys to those of the passed file
221
+ # @param [String] file the keyfile of the new repository
222
+ #
223
+ # @return [Boolean] true: no new keys in the file. false: there are new keys
224
+ def no_new_keys?(file)
225
+ # Now we are using the option --with-colons that works across old os versions
226
+ # as well as the latest (16.10). This for both `apt-key` and `gpg` commands
227
+ installed_keys = extract_fingerprints_from_cmd(*LIST_APT_KEY_FINGERPRINTS)
228
+ proposed_keys = extract_fingerprints_from_cmd("gpg", "--with-fingerprint", "--with-colons", file)
229
+ (installed_keys & proposed_keys).sort == proposed_keys.sort
230
+ end
231
+
232
+ # Given the provided key URI determine what kind of chef resource we need
233
+ # to fetch the key
234
+ # @param [String] uri the uri of the gpg key (local path or http URL)
235
+ #
236
+ # @raise [Chef::Exceptions::FileNotFound] Key isn't remote or found in the current run
237
+ #
238
+ # @return [Symbol] :remote_file or :cookbook_file
239
+ def key_type(uri)
240
+ if uri.start_with?("http")
241
+ :remote_file
242
+ elsif has_cookbook_file?(uri)
243
+ :cookbook_file
244
+ else
245
+ raise Chef::Exceptions::FileNotFound, "Cannot locate key file: #{uri}"
246
+ end
247
+ end
248
+
249
+ # Fetch the key using either cookbook_file or remote_file, validate it,
250
+ # and install it with apt-key add
251
+ # @param [String] key the key to install
252
+ #
253
+ # @raise [RuntimeError] Invalid key which can't verify the apt repository
254
+ #
255
+ # @return [void]
256
+ def install_key_from_uri(key)
257
+ key_name = key.gsub(/[^0-9A-Za-z\-]/, "_")
258
+ cached_keyfile = ::File.join(Chef::Config[:file_cache_path], key_name)
259
+ tmp_dir = Dir.mktmpdir(".gpg")
260
+ at_exit { FileUtils.remove_entry(tmp_dir) }
261
+
262
+ declare_resource(key_type(key), cached_keyfile) do
263
+ source key
264
+ mode "0644"
265
+ sensitive new_resource.sensitive
266
+ action :create
267
+ verify "gpg --homedir #{tmp_dir} %{path}"
268
+ end
269
+
270
+ execute "apt-key add #{cached_keyfile}" do
271
+ command [ "apt-key", "add", cached_keyfile ]
272
+ default_env true
273
+ sensitive new_resource.sensitive
274
+ action :run
275
+ not_if { no_new_keys?(cached_keyfile) }
276
+ notifies :run, "execute[apt-cache gencaches]", :immediately
277
+ end
278
+ end
279
+
280
+ # build the apt-key command to install the keyserver
281
+ # @param [String] key the key to install
282
+ # @param [String] keyserver the key server to use
283
+ #
284
+ # @return [String] the full apt-key command to run
285
+ def keyserver_install_cmd(key, keyserver)
286
+ cmd = "apt-key adv --no-tty --recv"
287
+ cmd << " --keyserver-options http-proxy=#{new_resource.key_proxy}" if new_resource.key_proxy
288
+ cmd << " --keyserver "
289
+ cmd << if keyserver.start_with?("hkp://")
290
+ keyserver
291
+ else
292
+ "hkp://#{keyserver}:80"
293
+ end
294
+
295
+ cmd << " #{key}"
296
+ cmd
297
+ end
298
+
299
+ # @param [String] key
300
+ # @param [String] keyserver
301
+ #
302
+ # @raise [RuntimeError] Invalid key which can't verify the apt repository
303
+ #
304
+ # @return [void]
305
+ def install_key_from_keyserver(key, keyserver = new_resource.keyserver)
306
+ execute "install-key #{key}" do
307
+ command keyserver_install_cmd(key, keyserver)
308
+ default_env true
309
+ sensitive new_resource.sensitive
310
+ not_if do
311
+ present = extract_fingerprints_from_cmd(*LIST_APT_KEY_FINGERPRINTS).any? do |fp|
312
+ fp.end_with? key.upcase
313
+ end
314
+ present && key_is_valid?(key.upcase)
315
+ end
316
+ notifies :run, "execute[apt-cache gencaches]", :immediately
317
+ end
318
+
319
+ raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?(key.upcase)
320
+ end
321
+
322
+ # @param [String] owner
323
+ # @param [String] repo
324
+ #
325
+ # @raise [RuntimeError] Could not access the Launchpad PPA API
326
+ #
327
+ # @return [void]
328
+ def install_ppa_key(owner, repo)
329
+ url = "https://launchpad.net/api/1.0/~#{owner}/+archive/#{repo}"
330
+ key_id = Chef::HTTP::Simple.new(url).get("signing_key_fingerprint").delete('"')
331
+ install_key_from_keyserver(key_id, "keyserver.ubuntu.com")
332
+ rescue Net::HTTPClientException => e
333
+ raise "Could not access Launchpad ppa API: #{e.message}"
334
+ end
335
+
336
+ # determine if the repository URL is a PPA
337
+ # @param [String] url the url of the repository
338
+ #
339
+ # @return [Boolean] is the repo URL a PPA
340
+ def is_ppa_url?(url)
341
+ url.start_with?("ppa:")
342
+ end
343
+
344
+ # determine the repository's components:
345
+ # - "components" property if defined
346
+ # - "main" if "components" not defined and the repo is a PPA URL
347
+ # - otherwise nothing
348
+ #
349
+ # @return [String] the repository component
350
+ def repo_components
351
+ if is_ppa_url?(new_resource.uri) && new_resource.components.empty?
352
+ "main"
353
+ else
354
+ new_resource.components
355
+ end
356
+ end
357
+
358
+ # given a PPA return a PPA URL in http://ppa.launchpad.net format
359
+ # @param [String] ppa the ppa URL
360
+ #
361
+ # @return [String] full PPA URL
362
+ def make_ppa_url(ppa)
363
+ owner, repo = ppa[4..-1].split("/")
364
+ repo ||= "ppa"
365
+
366
+ install_ppa_key(owner, repo)
367
+ "http://ppa.launchpad.net/#{owner}/#{repo}/ubuntu"
368
+ end
369
+
370
+ # build complete repo text that will be written to the config
371
+ # @param [String] uri
372
+ # @param [Array] components
373
+ # @param [Boolean] trusted
374
+ # @param [String] arch
375
+ # @param [Boolean] add_src
376
+ #
377
+ # @return [String] complete repo config text
378
+ def build_repo(uri, distribution, components, trusted, arch, add_src = false)
379
+ uri = make_ppa_url(uri) if is_ppa_url?(uri)
380
+
381
+ uri = Addressable::URI.parse(uri)
382
+ components = Array(components).join(" ")
383
+ options = []
384
+ options << "arch=#{arch}" if arch
385
+ options << "trusted=yes" if trusted
386
+ optstr = unless options.empty?
387
+ "[" + options.join(" ") + "]"
388
+ end
389
+ info = [ optstr, uri.normalize.to_s, distribution, components ].compact.join(" ")
390
+ repo = "deb #{info}\n"
391
+ repo << "deb-src #{info}\n" if add_src
392
+ repo
393
+ end
394
+
395
+ # clean up a potentially legacy file from before we fixed the usage of
396
+ # new_resource.name vs. new_resource.repo_name. We might have the
397
+ # name.list file hanging around and need to clean it up.
398
+ #
399
+ # @return [void]
400
+ def cleanup_legacy_file!
401
+ legacy_path = "/etc/apt/sources.list.d/#{new_resource.name}.list"
402
+ if new_resource.name != new_resource.repo_name && ::File.exist?(legacy_path)
403
+ converge_by "Cleaning up legacy #{legacy_path} repo file" do
404
+ file legacy_path do
405
+ action :delete
406
+ # Not triggering an update since it isn't super likely to be needed.
407
+ end
408
+ end
409
+ end
410
+ end
411
+ end
412
+
413
+ action :add do
414
+ return unless debian?
415
+
416
+ execute "apt-cache gencaches" do
417
+ command %w{apt-cache gencaches}
418
+ default_env true
419
+ ignore_failure true
420
+ action :nothing
421
+ end
422
+
423
+ apt_update new_resource.name do
424
+ ignore_failure true
425
+ action :nothing
426
+ end
427
+
428
+ if new_resource.key.nil?
429
+ logger.debug "No 'key' property specified skipping key import"
430
+ else
431
+ new_resource.key.each do |k|
432
+ if is_key_id?(k) && !has_cookbook_file?(k)
433
+ install_key_from_keyserver(k)
434
+ else
435
+ install_key_from_uri(k)
436
+ end
437
+ end
438
+ end
439
+
440
+ cleanup_legacy_file!
441
+
442
+ repo = build_repo(
443
+ new_resource.uri,
444
+ new_resource.distribution,
445
+ repo_components,
446
+ new_resource.trusted,
447
+ new_resource.arch,
448
+ new_resource.deb_src
449
+ )
450
+
451
+ file "/etc/apt/sources.list.d/#{new_resource.repo_name}.list" do
452
+ owner "root"
453
+ group "root"
454
+ mode "0644"
455
+ content repo
456
+ sensitive new_resource.sensitive
457
+ action :create
458
+ notifies :run, "execute[apt-cache gencaches]", :immediately
459
+ notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild
460
+ end
461
+ end
462
+
463
+ action :remove do
464
+ return unless debian?
465
+
466
+ cleanup_legacy_file!
467
+ if ::File.exist?("/etc/apt/sources.list.d/#{new_resource.repo_name}.list")
468
+ converge_by "Removing #{new_resource.repo_name} repository from /etc/apt/sources.list.d/" do
469
+ apt_update new_resource.name do
470
+ ignore_failure true
471
+ action :nothing
472
+ end
473
+
474
+ file "/etc/apt/sources.list.d/#{new_resource.repo_name}.list" do
475
+ sensitive new_resource.sensitive
476
+ action :delete
477
+ notifies :update, "apt_update[#{new_resource.name}]", :immediately if new_resource.cache_rebuild
478
+ end
479
+ end
480
+ else
481
+ logger.trace("/etc/apt/sources.list.d/#{new_resource.repo_name}.list does not exist. Nothing to do")
482
+ end
483
+ end
484
+
153
485
  end
154
486
  end
155
487
  end