chef 15.17.4-universal-mingw32 → 16.0.257-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (571) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +14 -20
  3. data/README.md +6 -6
  4. data/Rakefile +18 -23
  5. data/chef-universal-mingw32.gemspec +4 -4
  6. data/chef.gemspec +10 -26
  7. data/distro/powershell/chef/chef.psm1 +3 -3
  8. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  9. data/lib/chef/action_collection.rb +16 -5
  10. data/lib/chef/api_client/registration.rb +2 -2
  11. data/lib/chef/application.rb +33 -54
  12. data/lib/chef/application/apply.rb +20 -3
  13. data/lib/chef/application/base.rb +8 -3
  14. data/lib/chef/application/exit_code.rb +2 -2
  15. data/lib/chef/application/knife.rb +1 -1
  16. data/lib/chef/chef_class.rb +4 -4
  17. data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
  18. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
  19. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
  20. data/lib/chef/chef_fs/file_system/chef_server/rest_list_entry.rb +6 -2
  21. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
  22. data/lib/chef/chef_fs/file_system/repository/base_file.rb +0 -1
  23. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
  24. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  25. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +5 -5
  26. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  27. data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
  28. data/lib/chef/chef_fs/path_utils.rb +3 -3
  29. data/lib/chef/client.rb +16 -14
  30. data/lib/chef/config.rb +1 -1
  31. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  32. data/lib/chef/cookbook/gem_installer.rb +1 -1
  33. data/lib/chef/cookbook/metadata.rb +45 -22
  34. data/lib/chef/cookbook_version.rb +40 -5
  35. data/lib/chef/data_bag.rb +2 -2
  36. data/lib/chef/data_collector/error_handlers.rb +1 -1
  37. data/lib/chef/data_collector/run_end_message.rb +7 -1
  38. data/lib/chef/deprecated.rb +1 -9
  39. data/lib/chef/dist.rb +8 -0
  40. data/lib/chef/dsl/chef_vault.rb +84 -0
  41. data/lib/chef/dsl/declare_resource.rb +7 -5
  42. data/lib/chef/dsl/platform_introspection.rb +2 -3
  43. data/lib/chef/dsl/recipe.rb +7 -12
  44. data/lib/chef/dsl/universal.rb +3 -7
  45. data/lib/chef/environment.rb +2 -2
  46. data/lib/chef/event_dispatch/base.rb +3 -0
  47. data/lib/chef/exceptions.rb +0 -3
  48. data/lib/chef/formatters/doc.rb +1 -1
  49. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  50. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  51. data/lib/chef/formatters/indentable_output_stream.rb +7 -16
  52. data/lib/chef/http.rb +1 -2
  53. data/lib/chef/http/http_request.rb +3 -2
  54. data/lib/chef/knife.rb +1 -3
  55. data/lib/chef/knife/acl_add.rb +57 -0
  56. data/lib/chef/knife/acl_base.rb +183 -0
  57. data/lib/chef/knife/acl_bulk_add.rb +78 -0
  58. data/lib/chef/knife/acl_bulk_remove.rb +83 -0
  59. data/lib/chef/knife/acl_remove.rb +62 -0
  60. data/lib/chef/knife/acl_show.rb +56 -0
  61. data/lib/chef/knife/bootstrap.rb +93 -97
  62. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  63. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  64. data/lib/chef/knife/bootstrap/templates/chef-full.erb +20 -20
  65. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +13 -15
  66. data/lib/chef/knife/bootstrap/train_connector.rb +0 -1
  67. data/lib/chef/knife/cookbook_download.rb +1 -1
  68. data/lib/chef/knife/cookbook_metadata.rb +1 -1
  69. data/lib/chef/knife/core/bootstrap_context.rb +63 -60
  70. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  71. data/lib/chef/knife/core/generic_presenter.rb +4 -3
  72. data/lib/chef/knife/core/hashed_command_loader.rb +2 -3
  73. data/lib/chef/knife/core/node_presenter.rb +2 -2
  74. data/lib/chef/knife/core/status_presenter.rb +5 -5
  75. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  76. data/lib/chef/knife/core/ui.rb +17 -1
  77. data/lib/chef/knife/core/windows_bootstrap_context.rb +45 -58
  78. data/lib/chef/knife/data_bag_secret_options.rb +18 -45
  79. data/lib/chef/knife/environment_compare.rb +1 -1
  80. data/lib/chef/knife/exec.rb +2 -2
  81. data/lib/chef/knife/group_add.rb +55 -0
  82. data/lib/chef/knife/{cookbook_site_download.rb → group_create.rb} +21 -12
  83. data/lib/chef/knife/group_destroy.rb +53 -0
  84. data/lib/chef/knife/{cookbook_site_list.rb → group_list.rb} +14 -11
  85. data/lib/chef/knife/group_remove.rb +56 -0
  86. data/lib/chef/knife/{cookbook_site_install.rb → group_show.rb} +21 -12
  87. data/lib/chef/knife/list.rb +1 -1
  88. data/lib/chef/knife/ssh.rb +12 -50
  89. data/lib/chef/knife/status.rb +3 -3
  90. data/lib/chef/knife/supermarket_download.rb +1 -2
  91. data/lib/chef/knife/supermarket_install.rb +1 -2
  92. data/lib/chef/knife/supermarket_list.rb +1 -2
  93. data/lib/chef/knife/supermarket_search.rb +1 -2
  94. data/lib/chef/knife/supermarket_share.rb +1 -2
  95. data/lib/chef/knife/supermarket_show.rb +1 -2
  96. data/lib/chef/knife/supermarket_unshare.rb +1 -2
  97. data/lib/chef/knife/{cookbook_site_show.rb → user_dissociate.rb} +15 -13
  98. data/lib/chef/knife/{cookbook_site_search.rb → user_invite_add.rb} +16 -13
  99. data/lib/chef/knife/user_invite_list.rb +34 -0
  100. data/lib/chef/knife/user_invite_recind.rb +63 -0
  101. data/lib/chef/knife/yaml_convert.rb +91 -0
  102. data/lib/chef/log.rb +1 -1
  103. data/lib/chef/mixin/create_path.rb +8 -8
  104. data/lib/chef/mixin/openssl_helper.rb +3 -26
  105. data/lib/chef/mixin/powershell_exec.rb +10 -1
  106. data/lib/chef/mixin/powershell_out.rb +1 -1
  107. data/lib/chef/mixin/properties.rb +13 -1
  108. data/lib/chef/mixin/shell_out.rb +0 -4
  109. data/lib/chef/mixin/template.rb +0 -1
  110. data/lib/chef/monkey_patches/net_http.rb +0 -4
  111. data/lib/chef/node.rb +18 -6
  112. data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
  113. data/lib/chef/node/mixin/immutablize_array.rb +4 -0
  114. data/lib/chef/node/mixin/immutablize_hash.rb +3 -0
  115. data/lib/chef/node_map.rb +7 -36
  116. data/lib/chef/platform/priority_map.rb +4 -4
  117. data/lib/chef/platform/query_helpers.rb +6 -34
  118. data/lib/chef/powershell.rb +14 -0
  119. data/lib/chef/property.rb +22 -4
  120. data/lib/chef/provider.rb +40 -6
  121. data/lib/chef/provider/cron.rb +2 -2
  122. data/lib/chef/provider/directory.rb +2 -2
  123. data/lib/chef/provider/dsc_resource.rb +1 -1
  124. data/lib/chef/provider/dsc_script.rb +1 -1
  125. data/lib/chef/provider/execute.rb +2 -8
  126. data/lib/chef/provider/file.rb +5 -5
  127. data/lib/chef/provider/git.rb +84 -27
  128. data/lib/chef/provider/group.rb +4 -4
  129. data/lib/chef/provider/http_request.rb +6 -6
  130. data/lib/chef/provider/ifconfig.rb +4 -4
  131. data/lib/chef/provider/launchd.rb +36 -51
  132. data/lib/chef/provider/link.rb +2 -2
  133. data/lib/chef/provider/mount.rb +5 -5
  134. data/lib/chef/provider/mount/solaris.rb +1 -0
  135. data/lib/chef/provider/osx_profile.rb +7 -3
  136. data/lib/chef/provider/package.rb +2 -2
  137. data/lib/chef/provider/package/cab.rb +3 -4
  138. data/lib/chef/provider/package/chocolatey.rb +1 -3
  139. data/lib/chef/provider/package/dnf.rb +66 -10
  140. data/lib/chef/provider/package/dnf/dnf_helper.py +84 -30
  141. data/lib/chef/provider/package/dnf/python_helper.rb +79 -36
  142. data/lib/chef/provider/package/dnf/version.rb +5 -1
  143. data/lib/chef/provider/package/freebsd/pkgng.rb +1 -3
  144. data/lib/chef/provider/package/homebrew.rb +106 -42
  145. data/lib/chef/provider/package/msu.rb +3 -1
  146. data/lib/chef/provider/package/pacman.rb +25 -34
  147. data/lib/chef/provider/package/powershell.rb +2 -6
  148. data/lib/chef/provider/package/rubygems.rb +29 -2
  149. data/lib/chef/provider/package/snap.rb +27 -96
  150. data/lib/chef/provider/package/windows.rb +3 -2
  151. data/lib/chef/provider/package/windows/msi.rb +2 -2
  152. data/lib/chef/provider/package/yum.rb +0 -8
  153. data/lib/chef/provider/package/yum/yum_helper.py +0 -4
  154. data/lib/chef/provider/package/zypper.rb +1 -1
  155. data/lib/chef/provider/powershell_script.rb +4 -10
  156. data/lib/chef/provider/registry_key.rb +4 -4
  157. data/lib/chef/provider/remote_directory.rb +3 -3
  158. data/lib/chef/provider/remote_file/ftp.rb +3 -2
  159. data/lib/chef/provider/remote_file/local_file.rb +2 -1
  160. data/lib/chef/provider/remote_file/sftp.rb +3 -2
  161. data/lib/chef/provider/route.rb +5 -3
  162. data/lib/chef/provider/ruby_block.rb +1 -1
  163. data/lib/chef/provider/script.rb +2 -2
  164. data/lib/chef/provider/service.rb +8 -8
  165. data/lib/chef/provider/service/aixinit.rb +1 -1
  166. data/lib/chef/provider/service/arch.rb +2 -2
  167. data/lib/chef/provider/service/debian.rb +31 -29
  168. data/lib/chef/provider/service/gentoo.rb +2 -2
  169. data/lib/chef/provider/service/macosx.rb +7 -12
  170. data/lib/chef/provider/service/openbsd.rb +1 -1
  171. data/lib/chef/provider/service/redhat.rb +2 -2
  172. data/lib/chef/provider/service/simple.rb +3 -3
  173. data/lib/chef/provider/service/systemd.rb +12 -12
  174. data/lib/chef/provider/service/upstart.rb +1 -1
  175. data/lib/chef/provider/service/windows.rb +5 -11
  176. data/lib/chef/provider/subversion.rb +25 -5
  177. data/lib/chef/provider/systemd_unit.rb +26 -25
  178. data/lib/chef/provider/user.rb +6 -6
  179. data/lib/chef/provider/user/dscl.rb +3 -3
  180. data/lib/chef/provider/user/mac.rb +10 -9
  181. data/lib/chef/provider/whyrun_safe_ruby_block.rb +1 -1
  182. data/lib/chef/provider/windows_env.rb +3 -3
  183. data/lib/chef/provider/windows_script.rb +2 -2
  184. data/lib/chef/provider/windows_task.rb +7 -9
  185. data/lib/chef/provider/yum_repository.rb +1 -1
  186. data/lib/chef/provider/zypper_repository.rb +11 -31
  187. data/lib/chef/providers.rb +0 -6
  188. data/lib/chef/recipe.rb +36 -0
  189. data/lib/chef/resource.rb +41 -56
  190. data/lib/chef/resource/action_class.rb +24 -22
  191. data/lib/chef/resource/alternatives.rb +149 -0
  192. data/lib/chef/resource/apt_package.rb +2 -1
  193. data/lib/chef/resource/apt_preference.rb +69 -2
  194. data/lib/chef/resource/apt_repository.rb +337 -5
  195. data/lib/chef/resource/apt_update.rb +52 -1
  196. data/lib/chef/resource/archive_file.rb +9 -29
  197. data/lib/chef/resource/bash.rb +2 -0
  198. data/lib/chef/resource/bff_package.rb +9 -1
  199. data/lib/chef/resource/breakpoint.rb +0 -1
  200. data/lib/chef/resource/build_essential.rb +42 -48
  201. data/lib/chef/resource/cab_package.rb +8 -1
  202. data/lib/chef/resource/chef_client_cron.rb +225 -0
  203. data/lib/chef/resource/chef_client_scheduled_task.rb +198 -0
  204. data/lib/chef/resource/chef_client_systemd_timer.rb +177 -0
  205. data/lib/chef/resource/chef_gem.rb +9 -16
  206. data/lib/chef/resource/chef_handler.rb +2 -1
  207. data/lib/chef/resource/chef_sleep.rb +0 -1
  208. data/lib/chef/resource/chef_vault_secret.rb +135 -0
  209. data/lib/chef/resource/chocolatey_config.rb +3 -1
  210. data/lib/chef/resource/chocolatey_feature.rb +2 -1
  211. data/lib/chef/resource/chocolatey_package.rb +2 -1
  212. data/lib/chef/resource/chocolatey_source.rb +2 -1
  213. data/lib/chef/resource/cookbook_file.rb +1 -1
  214. data/lib/chef/resource/cron.rb +22 -68
  215. data/lib/chef/resource/cron_access.rb +8 -15
  216. data/lib/chef/resource/cron_d.rb +9 -75
  217. data/lib/chef/resource/csh.rb +2 -0
  218. data/lib/chef/resource/directory.rb +2 -2
  219. data/lib/chef/resource/dmg_package.rb +4 -4
  220. data/lib/chef/resource/dnf_package.rb +2 -3
  221. data/lib/chef/resource/dpkg_package.rb +2 -1
  222. data/lib/chef/resource/dsc_resource.rb +6 -4
  223. data/lib/chef/resource/dsc_script.rb +3 -2
  224. data/lib/chef/resource/execute.rb +13 -12
  225. data/lib/chef/resource/file.rb +3 -1
  226. data/lib/chef/resource/freebsd_package.rb +2 -1
  227. data/lib/chef/resource/gem_package.rb +14 -6
  228. data/lib/chef/resource/group.rb +4 -1
  229. data/lib/chef/resource/helpers/cron_validations.rb +98 -0
  230. data/lib/chef/resource/homebrew_cask.rb +5 -4
  231. data/lib/chef/resource/homebrew_package.rb +4 -2
  232. data/lib/chef/resource/homebrew_tap.rb +2 -1
  233. data/lib/chef/resource/hostname.rb +41 -36
  234. data/lib/chef/resource/http_request.rb +0 -1
  235. data/lib/chef/resource/ifconfig.rb +1 -1
  236. data/lib/chef/resource/ips_package.rb +10 -2
  237. data/lib/chef/resource/kernel_module.rb +29 -29
  238. data/lib/chef/resource/ksh.rb +2 -0
  239. data/lib/chef/resource/launchd.rb +6 -6
  240. data/lib/chef/resource/link.rb +1 -23
  241. data/lib/chef/resource/locale.rb +58 -24
  242. data/lib/chef/resource/log.rb +12 -1
  243. data/lib/chef/resource/lwrp_base.rb +1 -8
  244. data/lib/chef/resource/macos_userdefaults.rb +9 -6
  245. data/lib/chef/resource/macosx_service.rb +2 -1
  246. data/lib/chef/resource/macports_package.rb +10 -2
  247. data/lib/chef/resource/mdadm.rb +62 -2
  248. data/lib/chef/resource/mount.rb +3 -0
  249. data/lib/chef/resource/msu_package.rb +13 -1
  250. data/lib/chef/resource/notify_group.rb +8 -3
  251. data/lib/chef/resource/ohai.rb +19 -3
  252. data/lib/chef/resource/ohai_hint.rb +3 -12
  253. data/lib/chef/resource/openbsd_package.rb +9 -1
  254. data/lib/chef/resource/openssl_dhparam.rb +10 -1
  255. data/lib/chef/resource/openssl_ec_private_key.rb +23 -1
  256. data/lib/chef/resource/openssl_ec_public_key.rb +21 -1
  257. data/lib/chef/resource/openssl_rsa_private_key.rb +20 -1
  258. data/lib/chef/resource/openssl_rsa_public_key.rb +22 -1
  259. data/lib/chef/resource/openssl_x509_certificate.rb +37 -1
  260. data/lib/chef/resource/openssl_x509_crl.rb +12 -1
  261. data/lib/chef/resource/openssl_x509_request.rb +37 -1
  262. data/lib/chef/resource/osx_profile.rb +3 -2
  263. data/lib/chef/resource/package.rb +2 -1
  264. data/lib/chef/resource/pacman_package.rb +2 -1
  265. data/lib/chef/resource/paludis_package.rb +12 -3
  266. data/lib/chef/resource/perl.rb +2 -0
  267. data/lib/chef/resource/plist.rb +207 -0
  268. data/lib/chef/resource/portage_package.rb +13 -3
  269. data/lib/chef/resource/powershell_package.rb +1 -3
  270. data/lib/chef/resource/powershell_package_source.rb +3 -1
  271. data/lib/chef/resource/powershell_script.rb +7 -17
  272. data/lib/chef/resource/python.rb +2 -0
  273. data/lib/chef/resource/reboot.rb +0 -1
  274. data/lib/chef/resource/registry_key.rb +1 -2
  275. data/lib/chef/resource/remote_directory.rb +2 -0
  276. data/lib/chef/resource/remote_file.rb +2 -0
  277. data/lib/chef/resource/rhsm_errata.rb +0 -1
  278. data/lib/chef/resource/rhsm_errata_level.rb +0 -1
  279. data/lib/chef/resource/rhsm_register.rb +2 -1
  280. data/lib/chef/resource/rhsm_repo.rb +3 -1
  281. data/lib/chef/resource/rhsm_subscription.rb +4 -1
  282. data/lib/chef/resource/route.rb +5 -1
  283. data/lib/chef/resource/rpm_package.rb +9 -2
  284. data/lib/chef/resource/ruby.rb +2 -0
  285. data/lib/chef/resource/ruby_block.rb +1 -1
  286. data/lib/chef/resource/scm/_scm.rb +48 -0
  287. data/lib/chef/resource/{scm.rb → scm/git.rb} +16 -30
  288. data/lib/chef/resource/{subversion.rb → scm/subversion.rb} +8 -5
  289. data/lib/chef/resource/script.rb +6 -3
  290. data/lib/chef/resource/service.rb +6 -7
  291. data/lib/chef/resource/smartos_package.rb +9 -1
  292. data/lib/chef/resource/snap_package.rb +3 -1
  293. data/lib/chef/resource/solaris_package.rb +9 -1
  294. data/lib/chef/resource/ssh_known_hosts_entry.rb +6 -3
  295. data/lib/chef/resource/sudo.rb +9 -9
  296. data/lib/chef/resource/support/cron.d.erb +1 -1
  297. data/lib/chef/resource/support/cron_access.erb +1 -1
  298. data/lib/chef/resource/support/sudoer.erb +1 -2
  299. data/lib/chef/resource/support/ulimit.erb +41 -0
  300. data/lib/chef/resource/swap_file.rb +5 -3
  301. data/lib/chef/resource/sysctl.rb +2 -2
  302. data/lib/chef/resource/systemd_unit.rb +4 -2
  303. data/lib/chef/resource/template.rb +0 -1
  304. data/lib/chef/resource/timezone.rb +7 -18
  305. data/lib/chef/resource/user.rb +1 -3
  306. data/lib/chef/resource/user/aix_user.rb +0 -2
  307. data/lib/chef/resource/user/dscl_user.rb +1 -1
  308. data/lib/chef/resource/user/linux_user.rb +0 -2
  309. data/lib/chef/resource/user/mac_user.rb +1 -1
  310. data/lib/chef/resource/user/pw_user.rb +0 -2
  311. data/lib/chef/resource/user/solaris_user.rb +0 -2
  312. data/lib/chef/resource/user/windows_user.rb +0 -2
  313. data/lib/chef/resource/user_ulimit.rb +114 -0
  314. data/lib/chef/resource/whyrun_safe_ruby_block.rb +1 -0
  315. data/lib/chef/resource/windows_ad_join.rb +19 -6
  316. data/lib/chef/resource/windows_auto_run.rb +0 -1
  317. data/lib/chef/resource/windows_certificate.rb +1 -1
  318. data/lib/chef/resource/windows_dfs_folder.rb +0 -1
  319. data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
  320. data/lib/chef/resource/windows_dfs_server.rb +0 -1
  321. data/lib/chef/resource/windows_dns_record.rb +0 -1
  322. data/lib/chef/resource/windows_dns_zone.rb +0 -1
  323. data/lib/chef/resource/windows_env.rb +2 -3
  324. data/lib/chef/resource/windows_feature.rb +2 -2
  325. data/lib/chef/resource/windows_feature_dism.rb +9 -22
  326. data/lib/chef/resource/windows_feature_powershell.rb +17 -82
  327. data/lib/chef/resource/windows_firewall_rule.rb +119 -10
  328. data/lib/chef/resource/windows_font.rb +1 -3
  329. data/lib/chef/resource/windows_package.rb +13 -4
  330. data/lib/chef/resource/windows_pagefile.rb +0 -1
  331. data/lib/chef/resource/windows_path.rb +0 -1
  332. data/lib/chef/resource/windows_printer.rb +0 -1
  333. data/lib/chef/resource/windows_printer_port.rb +0 -1
  334. data/lib/chef/resource/windows_script.rb +3 -4
  335. data/lib/chef/resource/windows_security_policy.rb +90 -0
  336. data/lib/chef/resource/windows_service.rb +45 -31
  337. data/lib/chef/resource/windows_share.rb +3 -7
  338. data/lib/chef/resource/windows_shortcut.rb +0 -1
  339. data/lib/chef/resource/windows_task.rb +14 -15
  340. data/lib/chef/resource/windows_uac.rb +0 -1
  341. data/lib/chef/resource/windows_user_privilege.rb +157 -0
  342. data/lib/chef/resource/windows_workgroup.rb +0 -1
  343. data/lib/chef/resource/yum_package.rb +3 -1
  344. data/lib/chef/resource/yum_repository.rb +2 -1
  345. data/lib/chef/resource/zypper_package.rb +3 -2
  346. data/lib/chef/resource/zypper_repository.rb +2 -1
  347. data/lib/chef/resource_builder.rb +8 -0
  348. data/lib/chef/resource_inspector.rb +6 -6
  349. data/lib/chef/resource_resolver.rb +7 -14
  350. data/lib/chef/resources.rb +11 -3
  351. data/lib/chef/role.rb +2 -2
  352. data/lib/chef/run_context/cookbook_compiler.rb +29 -5
  353. data/lib/chef/shell.rb +23 -32
  354. data/lib/chef/shell/shell_session.rb +0 -2
  355. data/lib/chef/util/diff.rb +1 -1
  356. data/lib/chef/util/dsc/configuration_generator.rb +1 -1
  357. data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
  358. data/lib/chef/util/powershell/cmdlet.rb +1 -1
  359. data/lib/chef/version.rb +2 -2
  360. data/lib/chef/version_string.rb +1 -1
  361. data/lib/chef/win32/api/file.rb +18 -18
  362. data/lib/chef/win32/api/security.rb +6 -0
  363. data/lib/chef/win32/file.rb +3 -11
  364. data/lib/chef/win32/process.rb +2 -2
  365. data/lib/chef/win32/security.rb +40 -2
  366. data/spec/functional/assets/inittest +8 -7
  367. data/spec/functional/knife/ssh_spec.rb +27 -23
  368. data/spec/functional/resource/aix_service_spec.rb +1 -0
  369. data/spec/functional/resource/aixinit_service_spec.rb +8 -7
  370. data/spec/functional/resource/apt_package_spec.rb +1 -0
  371. data/spec/functional/resource/bff_spec.rb +2 -2
  372. data/spec/functional/resource/cookbook_file_spec.rb +1 -1
  373. data/spec/functional/resource/cron_spec.rb +11 -29
  374. data/spec/functional/resource/dnf_package_spec.rb +441 -156
  375. data/spec/functional/resource/dsc_resource_spec.rb +1 -1
  376. data/spec/functional/resource/git_spec.rb +184 -134
  377. data/spec/functional/resource/insserv_spec.rb +6 -5
  378. data/spec/functional/resource/link_spec.rb +17 -17
  379. data/spec/functional/resource/locale_spec.rb +13 -2
  380. data/spec/functional/resource/powershell_script_spec.rb +7 -68
  381. data/spec/functional/resource/rpm_spec.rb +2 -2
  382. data/spec/functional/resource/user/dscl_spec.rb +2 -2
  383. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  384. data/spec/functional/resource/windows_certificate_spec.rb +3 -3
  385. data/spec/functional/resource/windows_security_policy_spec.rb +90 -0
  386. data/spec/functional/resource/windows_task_spec.rb +8 -8
  387. data/spec/functional/resource/windows_user_privilege_spec.rb +193 -0
  388. data/spec/functional/run_lock_spec.rb +1 -2
  389. data/spec/functional/shell_spec.rb +6 -6
  390. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  391. data/spec/functional/version_spec.rb +1 -1
  392. data/spec/functional/win32/registry_spec.rb +0 -6
  393. data/spec/functional/win32/security_spec.rb +22 -0
  394. data/spec/functional/win32/service_manager_spec.rb +1 -1
  395. data/spec/integration/client/client_spec.rb +123 -2
  396. data/spec/integration/knife/cookbook_show_spec.rb +28 -26
  397. data/spec/integration/knife/data_bag_show_spec.rb +1 -1
  398. data/spec/integration/knife/raw_spec.rb +30 -2
  399. data/spec/integration/knife/show_spec.rb +32 -3
  400. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  401. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -5
  402. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  403. data/spec/integration/recipes/noop_resource_spec.rb +1 -1
  404. data/spec/integration/recipes/notifies_spec.rb +50 -21
  405. data/spec/integration/recipes/notifying_block_spec.rb +9 -6
  406. data/spec/integration/recipes/provider_choice.rb +2 -0
  407. data/spec/integration/recipes/recipe_dsl_spec.rb +46 -144
  408. data/spec/integration/recipes/resource_action_spec.rb +16 -11
  409. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +1 -3
  410. data/spec/integration/recipes/resource_load_spec.rb +133 -13
  411. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  412. data/spec/integration/recipes/use_partial_spec.rb +112 -0
  413. data/spec/integration/solo/solo_spec.rb +3 -3
  414. data/spec/scripts/ssl-serve.rb +1 -1
  415. data/spec/spec_helper.rb +11 -14
  416. data/spec/support/chef_helpers.rb +2 -2
  417. data/spec/support/lib/chef/resource/zen_follower.rb +2 -0
  418. data/spec/support/platform_helpers.rb +44 -19
  419. data/spec/support/platforms/win32/spec_service.rb +1 -1
  420. data/spec/support/recipe_dsl_helper.rb +83 -0
  421. data/spec/support/shared/functional/directory_resource.rb +1 -1
  422. data/spec/support/shared/functional/execute_resource.rb +1 -1
  423. data/spec/support/shared/functional/file_resource.rb +3 -3
  424. data/spec/support/shared/functional/win32_service.rb +1 -1
  425. data/spec/support/shared/functional/windows_script.rb +5 -18
  426. data/spec/support/shared/integration/knife_support.rb +14 -8
  427. data/spec/unit/application/apply_spec.rb +3 -0
  428. data/spec/unit/application/client_spec.rb +5 -1
  429. data/spec/unit/application_spec.rb +1 -9
  430. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +4 -2
  431. data/spec/unit/client_spec.rb +7 -5
  432. data/spec/unit/cookbook/gem_installer_spec.rb +3 -4
  433. data/spec/unit/cookbook/metadata_spec.rb +38 -19
  434. data/spec/unit/data_bag_spec.rb +1 -1
  435. data/spec/unit/data_collector_spec.rb +38 -17
  436. data/spec/unit/dsl/platform_introspection_spec.rb +0 -1
  437. data/spec/unit/environment_spec.rb +7 -7
  438. data/spec/unit/event_dispatch/dispatcher_spec.rb +0 -3
  439. data/spec/unit/file_access_control_spec.rb +1 -1
  440. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +15 -15
  441. data/spec/unit/knife/bootstrap/client_builder_spec.rb +9 -9
  442. data/spec/unit/knife/bootstrap_spec.rb +36 -54
  443. data/spec/unit/knife/cookbook_download_spec.rb +4 -4
  444. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
  445. data/spec/unit/knife/cookbook_show_spec.rb +1 -0
  446. data/spec/unit/knife/cookbook_upload_spec.rb +6 -5
  447. data/spec/unit/knife/core/bootstrap_context_spec.rb +23 -43
  448. data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
  449. data/spec/unit/knife/core/ui_spec.rb +16 -0
  450. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +8 -68
  451. data/spec/unit/knife/data_bag_secret_options_spec.rb +22 -14
  452. data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
  453. data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
  454. data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
  455. data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
  456. data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
  457. data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
  458. data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
  459. data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
  460. data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
  461. data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
  462. data/spec/unit/knife/ssh_spec.rb +10 -113
  463. data/spec/unit/knife/status_spec.rb +1 -1
  464. data/spec/unit/knife/supermarket_share_spec.rb +3 -5
  465. data/spec/unit/knife_spec.rb +18 -0
  466. data/spec/unit/lwrp_spec.rb +4 -4
  467. data/spec/unit/mixin/powershell_exec_spec.rb +10 -0
  468. data/spec/unit/mixin/securable_spec.rb +1 -0
  469. data/spec/unit/mixin/user_context_spec.rb +9 -1
  470. data/spec/unit/node/attribute_spec.rb +2 -2
  471. data/spec/unit/node_spec.rb +24 -0
  472. data/spec/unit/platform/query_helpers_spec.rb +0 -143
  473. data/spec/unit/property/state_spec.rb +12 -7
  474. data/spec/unit/property/validation_spec.rb +25 -1
  475. data/spec/unit/property_spec.rb +18 -15
  476. data/spec/unit/provider/apt_preference_spec.rb +14 -10
  477. data/spec/unit/provider/apt_repository_spec.rb +9 -11
  478. data/spec/unit/provider/apt_update_spec.rb +12 -11
  479. data/spec/unit/provider/cookbook_file_spec.rb +4 -4
  480. data/spec/unit/provider/cron_spec.rb +2 -2
  481. data/spec/unit/provider/directory_spec.rb +4 -15
  482. data/spec/unit/provider/file_spec.rb +4 -4
  483. data/spec/unit/provider/git_spec.rb +44 -4
  484. data/spec/unit/provider/link_spec.rb +0 -1
  485. data/spec/unit/provider/log_spec.rb +3 -3
  486. data/spec/unit/provider/mdadm_spec.rb +3 -3
  487. data/spec/unit/provider/osx_profile_spec.rb +2 -2
  488. data/spec/unit/provider/package/dnf/python_helper_spec.rb +2 -2
  489. data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
  490. data/spec/unit/provider/package/homebrew_spec.rb +280 -174
  491. data/spec/unit/provider/package/msu_spec.rb +3 -3
  492. data/spec/unit/provider/package/pacman_spec.rb +65 -147
  493. data/spec/unit/provider/package/powershell_spec.rb +88 -96
  494. data/spec/unit/provider/package/rubygems_spec.rb +221 -31
  495. data/spec/unit/provider/package/snap_spec.rb +1 -1
  496. data/spec/unit/provider/package/windows/exe_spec.rb +1 -1
  497. data/spec/unit/provider/package/windows_spec.rb +53 -30
  498. data/spec/unit/provider/powershell_script_spec.rb +21 -61
  499. data/spec/unit/provider/remote_file_spec.rb +3 -4
  500. data/spec/unit/provider/service/arch_service_spec.rb +2 -3
  501. data/spec/unit/provider/service/debian_service_spec.rb +35 -14
  502. data/spec/unit/provider/service/gentoo_service_spec.rb +8 -8
  503. data/spec/unit/provider/service/macosx_spec.rb +210 -214
  504. data/spec/unit/provider/service/redhat_spec.rb +2 -2
  505. data/spec/unit/provider/service/systemd_service_spec.rb +23 -23
  506. data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
  507. data/spec/unit/provider/service/windows_spec.rb +6 -2
  508. data/spec/unit/provider/subversion_spec.rb +4 -2
  509. data/spec/unit/provider/systemd_unit_spec.rb +24 -28
  510. data/spec/unit/provider/template_spec.rb +3 -4
  511. data/spec/unit/provider/zypper_repository_spec.rb +25 -75
  512. data/spec/unit/provider_resolver_spec.rb +11 -11
  513. data/spec/unit/provider_spec.rb +0 -1
  514. data/spec/unit/recipe_spec.rb +68 -0
  515. data/spec/unit/resource/alternatives_spec.rb +120 -0
  516. data/spec/unit/resource/apt_preference_spec.rb +0 -18
  517. data/spec/unit/resource/apt_repository_spec.rb +0 -18
  518. data/spec/unit/resource/apt_update_spec.rb +0 -18
  519. data/spec/unit/resource/archive_file_spec.rb +2 -11
  520. data/spec/unit/resource/chef_client_cron_spec.rb +119 -0
  521. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +102 -0
  522. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +70 -0
  523. data/spec/unit/resource/chef_vault_secret_spec.rb +40 -0
  524. data/spec/unit/resource/chocolatey_source_spec.rb +2 -1
  525. data/spec/unit/resource/cron_d_spec.rb +6 -48
  526. data/spec/unit/resource/cron_spec.rb +4 -10
  527. data/spec/unit/resource/gem_package_spec.rb +3 -3
  528. data/spec/unit/resource/helpers/cron_validations_spec.rb +77 -0
  529. data/spec/unit/resource/link_spec.rb +0 -4
  530. data/spec/unit/resource/locale_spec.rb +0 -34
  531. data/spec/unit/resource/ohai_spec.rb +56 -2
  532. data/spec/unit/resource/plist_spec.rb +130 -0
  533. data/spec/unit/resource/powershell_script_spec.rb +0 -5
  534. data/spec/unit/resource/{git_spec.rb → scm/git_spec.rb} +50 -2
  535. data/spec/unit/resource/{scm_spec.rb → scm/scm.rb} +1 -52
  536. data/spec/unit/resource/{subversion_spec.rb → scm/subversion_spec.rb} +2 -3
  537. data/spec/unit/resource/service_spec.rb +4 -0
  538. data/spec/unit/resource/user_spec.rb +2 -2
  539. data/spec/unit/resource/user_ulimit_spec.rb +53 -0
  540. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  541. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  542. data/spec/unit/resource/windows_feature_dism_spec.rb +2 -17
  543. data/spec/unit/resource/windows_feature_powershell_spec.rb +6 -47
  544. data/spec/unit/resource/windows_firewall_rule_spec.rb +88 -41
  545. data/spec/unit/resource/windows_package_spec.rb +4 -1
  546. data/spec/unit/resource/windows_service_spec.rb +9 -0
  547. data/spec/unit/resource/windows_task_spec.rb +1 -1
  548. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  549. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  550. data/spec/unit/resource_reporter_spec.rb +1 -5
  551. data/spec/unit/resource_spec.rb +11 -4
  552. data/spec/unit/role_spec.rb +11 -11
  553. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  554. data/spec/unit/run_context_spec.rb +1 -1
  555. data/spec/unit/search/query_spec.rb +1 -1
  556. data/spec/unit/util/threaded_job_queue_spec.rb +0 -9
  557. data/spec/unit/win32/security_spec.rb +3 -4
  558. data/tasks/rspec.rb +1 -1
  559. metadata +116 -87
  560. data/lib/chef/dsl/core.rb +0 -52
  561. data/lib/chef/knife/cookbook_site_share.rb +0 -41
  562. data/lib/chef/knife/cookbook_site_unshare.rb +0 -41
  563. data/lib/chef/provider/apt_preference.rb +0 -93
  564. data/lib/chef/provider/apt_repository.rb +0 -358
  565. data/lib/chef/provider/apt_update.rb +0 -79
  566. data/lib/chef/provider/log.rb +0 -43
  567. data/lib/chef/provider/mdadm.rb +0 -85
  568. data/lib/chef/provider/ohai.rb +0 -45
  569. data/lib/chef/resource/git.rb +0 -37
  570. data/spec/functional/resource/windows_font_spec.rb +0 -49
  571. data/spec/unit/provider/ohai_spec.rb +0 -84
@@ -0,0 +1,83 @@
1
+ #
2
+ # Author:: Jeremiah Snapp (jeremiah@chef.io)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "../knife"
20
+
21
+ class Chef
22
+ class Knife
23
+ class AclBulkRemove < Chef::Knife
24
+ category "acl"
25
+ banner "knife acl bulk remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE REGEX PERMS"
26
+
27
+ deps do
28
+ require_relative "acl_base"
29
+ include Chef::Knife::AclBase
30
+ end
31
+
32
+ def run
33
+ member_type, member_name, object_type, regex, perms = name_args
34
+ object_name_matcher = /#{regex}/
35
+
36
+ if name_args.length != 5
37
+ show_usage
38
+ ui.fatal "You must specify the member type [client|group|user], member name, object type, object name REGEX and perms"
39
+ exit 1
40
+ end
41
+
42
+ if member_name == "pivotal" && %w{client user}.include?(member_type)
43
+ ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
44
+ exit 1
45
+ end
46
+ if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
47
+ ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
48
+ ui.fatal " Removal could prevent future attempts to modify permissions."
49
+ exit 1
50
+ end
51
+ validate_perm_type!(perms)
52
+ validate_member_type!(member_type)
53
+ validate_member_name!(member_name)
54
+ validate_object_type!(object_type)
55
+ validate_member_exists!(member_type, member_name)
56
+
57
+ if %w{containers groups}.include?(object_type)
58
+ ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
59
+ exit 1
60
+ end
61
+
62
+ objects_to_modify = []
63
+ all_objects = rest.get_rest(object_type)
64
+ objects_to_modify = all_objects.keys.select { |object_name| object_name =~ object_name_matcher }
65
+
66
+ if objects_to_modify.empty?
67
+ ui.info "No #{object_type} match the expression /#{regex}/"
68
+ exit 0
69
+ end
70
+
71
+ ui.msg("The ACL of the following #{object_type} will be modified:")
72
+ ui.msg("")
73
+ ui.msg(ui.list(objects_to_modify.sort, :columns_down))
74
+ ui.msg("")
75
+ ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")
76
+
77
+ objects_to_modify.each do |object_name|
78
+ remove_from_acl!(member_type, member_name, object_type, object_name, perms)
79
+ end
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,62 @@
1
+ #
2
+ # Author:: Steven Danna (steve@chef.io)
3
+ # Author:: Jeremiah Snapp (jeremiah@chef.io)
4
+ # Copyright:: Copyright (c) Chef Software Inc.
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../knife"
21
+
22
+ class Chef
23
+ class Knife
24
+ class AclRemove < Chef::Knife
25
+ category "acl"
26
+ banner "knife acl remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE OBJECT_NAME PERMS"
27
+
28
+ deps do
29
+ require_relative "acl_base"
30
+ include Chef::Knife::AclBase
31
+ end
32
+
33
+ def run
34
+ member_type, member_name, object_type, object_name, perms = name_args
35
+
36
+ if name_args.length != 5
37
+ show_usage
38
+ ui.fatal "You must specify the member type [client|group|user], member name, object type, object name and perms"
39
+ exit 1
40
+ end
41
+
42
+ if member_name == "pivotal" && %w{client user}.include?(member_type)
43
+ ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
44
+ exit 1
45
+ end
46
+ if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
47
+ ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
48
+ ui.fatal " Removal could prevent future attempts to modify permissions."
49
+ exit 1
50
+ end
51
+ validate_perm_type!(perms)
52
+ validate_member_type!(member_type)
53
+ validate_member_name!(member_name)
54
+ validate_object_name!(object_name)
55
+ validate_object_type!(object_type)
56
+ validate_member_exists!(member_type, member_name)
57
+
58
+ remove_from_acl!(member_type, member_name, object_type, object_name, perms)
59
+ end
60
+ end
61
+ end
62
+ end
@@ -0,0 +1,56 @@
1
+ #
2
+ # Author:: Steven Danna (steve@chef.io)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "../knife"
20
+
21
+ class Chef
22
+ class Knife
23
+ class AclShow < Chef::Knife
24
+ category "acl"
25
+ banner "knife acl show OBJECT_TYPE OBJECT_NAME"
26
+
27
+ deps do
28
+ require_relative "acl_base"
29
+ include Chef::Knife::AclBase
30
+ end
31
+
32
+ def run
33
+ object_type, object_name = name_args
34
+
35
+ if name_args.length != 2
36
+ show_usage
37
+ ui.fatal "You must specify an object type and object name"
38
+ exit 1
39
+ end
40
+
41
+ validate_object_type!(object_type)
42
+ validate_object_name!(object_name)
43
+ acl = get_acl(object_type, object_name)
44
+ PERM_TYPES.each do |perm|
45
+ # Filter out the actors field if we have
46
+ # users and clients. Note that if one is present,
47
+ # both will be - but we're checking both for completeness.
48
+ if acl[perm].key?("users") && acl[perm].key?("clients")
49
+ acl[perm].delete "actors"
50
+ end
51
+ end
52
+ ui.output acl
53
+ end
54
+ end
55
+ end
56
+ end
@@ -86,7 +86,6 @@ class Chef
86
86
  short: "-w AUTH-METHOD",
87
87
  long: "--winrm-auth-method AUTH-METHOD",
88
88
  description: "The WinRM authentication method to use.",
89
- proc: Proc.new { |protocol| Chef::Config[:knife][:winrm_auth_method] = protocol },
90
89
  in: WINRM_AUTH_PROTOCOL_LIST
91
90
 
92
91
  option :winrm_basic_auth_only,
@@ -94,37 +93,32 @@ class Chef
94
93
  description: "For WinRM basic authentication when using the 'ssl' auth method.",
95
94
  boolean: true
96
95
 
97
- # This option was provided in knife bootstrap windows winrm,
98
- # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
99
- # option :kerberos_keytab_file,
100
- # :short => "-T KEYTAB_FILE",
101
- # :long => "--keytab-file KEYTAB_FILE",
102
- # :description => "The Kerberos keytab file used for authentication",
103
- # :proc => Proc.new { |keytab| Chef::Config[:knife][:kerberos_keytab_file] = keytab }
96
+ # This option was provided in knife bootstrap windows winrm,
97
+ # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
98
+ # option :kerberos_keytab_file,
99
+ # :short => "-T KEYTAB_FILE",
100
+ # :long => "--keytab-file KEYTAB_FILE",
101
+ # :description => "The Kerberos keytab file used for authentication"
104
102
 
105
103
  option :kerberos_realm,
106
104
  short: "-R KERBEROS_REALM",
107
105
  long: "--kerberos-realm KERBEROS_REALM",
108
- description: "The Kerberos realm used for authentication.",
109
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_realm] = protocol }
106
+ description: "The Kerberos realm used for authentication."
110
107
 
111
108
  option :kerberos_service,
112
109
  short: "-S KERBEROS_SERVICE",
113
110
  long: "--kerberos-service KERBEROS_SERVICE",
114
- description: "The Kerberos service used for authentication.",
115
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_service] = protocol }
111
+ description: "The Kerberos service used for authentication."
116
112
 
117
113
  ## SSH Authentication
118
114
  option :ssh_gateway,
119
115
  short: "-G GATEWAY",
120
116
  long: "--ssh-gateway GATEWAY",
121
- description: "The SSH gateway.",
122
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
117
+ description: "The SSH gateway."
123
118
 
124
119
  option :ssh_gateway_identity,
125
120
  long: "--ssh-gateway-identity SSH_GATEWAY_IDENTITY",
126
- description: "The SSH identity file used for gateway authentication.",
127
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key }
121
+ description: "The SSH identity file used for gateway authentication."
128
122
 
129
123
  option :ssh_forward_agent,
130
124
  short: "-A",
@@ -140,7 +134,8 @@ class Chef
140
134
  option :ssh_verify_host_key,
141
135
  long: "--ssh-verify-host-key VALUE",
142
136
  description: "Verify host key. Default is 'always'.",
143
- in: %w{always accept_new accept_new_or_local_tunnel never}
137
+ in: %w{always accept_new accept_new_or_local_tunnel never},
138
+ default: "always"
144
139
 
145
140
  #
146
141
  # bootstrap options
@@ -160,8 +155,7 @@ class Chef
160
155
  # client.rb content via chef-full/bootstrap_context
161
156
  option :bootstrap_proxy,
162
157
  long: "--bootstrap-proxy PROXY_URL",
163
- description: "The proxy server for the node being bootstrapped.",
164
- proc: Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
158
+ description: "The proxy server for the node being bootstrapped."
165
159
 
166
160
  # client.rb content via bootstrap_context
167
161
  option :bootstrap_proxy_user,
@@ -176,8 +170,7 @@ class Chef
176
170
  # client.rb content via bootstrap_context
177
171
  option :bootstrap_no_proxy,
178
172
  long: "--bootstrap-no-proxy [NO_PROXY_URL|NO_PROXY_IP]",
179
- description: "Do not proxy locations for the node being bootstrapped",
180
- proc: Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
173
+ description: "Do not proxy locations for the node being bootstrapped"
181
174
 
182
175
  # client.rb content via bootstrap_context
183
176
  option :bootstrap_template,
@@ -270,21 +263,16 @@ class Chef
270
263
  proc: lambda { |o| Chef::JSONCompat.parse(File.read(o)) },
271
264
  default: nil
272
265
 
273
- # Note that several of the below options are used by bootstrap template,
274
- # but only from the passed-in knife config; it does not use the
275
- # config from the CLI for those values. We cannot always used the merged
276
- # config, because in some cases the knife keys thIn those cases, the option
277
- # will have a proc that assigns the value into Chef::Config[:knife]
278
-
279
266
  # bootstrap template
280
267
  # Create ohai hints in /etc/chef/ohai/hints, fname=hintname, content=value
281
- option :hint,
268
+ option :hints,
282
269
  long: "--hint HINT_NAME[=HINT_FILE]",
283
270
  description: "Specify an Ohai hint to be set on the bootstrap target. Use multiple --hint options to specify multiple hints.",
284
- proc: Proc.new { |h|
285
- Chef::Config[:knife][:hints] ||= {}
286
- name, path = h.split("=")
287
- Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : {}
271
+ proc: Proc.new { |hint, accumulator|
272
+ accumulator ||= {}
273
+ name, path = hint.split("=", 2)
274
+ accumulator[name] = path ? Chef::JSONCompat.parse(::File.read(path)) : {}
275
+ accumulator
288
276
  }
289
277
 
290
278
  # bootstrap override: url of a an installer shell script touse in place of omnitruck
@@ -292,8 +280,7 @@ class Chef
292
280
  # the provided options to knife bootstrap, so we set the Chef::Config option here.
293
281
  option :bootstrap_url,
294
282
  long: "--bootstrap-url URL",
295
- description: "URL to a custom installation script.",
296
- proc: Proc.new { |u| Chef::Config[:knife][:bootstrap_url] = u }
283
+ description: "URL to a custom installation script."
297
284
 
298
285
  option :bootstrap_product,
299
286
  long: "--bootstrap-product PRODUCT",
@@ -309,26 +296,22 @@ class Chef
309
296
  # bootstrap override: Do this instead of our own setup.sh from omnitruck. Causes bootstrap_url to be ignored.
310
297
  option :bootstrap_install_command,
311
298
  long: "--bootstrap-install-command COMMANDS",
312
- description: "Custom command to install #{Chef::Dist::PRODUCT}.",
313
- proc: Proc.new { |ic| Chef::Config[:knife][:bootstrap_install_command] = ic }
299
+ description: "Custom command to install #{Chef::Dist::PRODUCT}."
314
300
 
315
301
  # bootstrap template: Run this command first in the bootstrap script
316
302
  option :bootstrap_preinstall_command,
317
303
  long: "--bootstrap-preinstall-command COMMANDS",
318
- description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}.",
319
- proc: Proc.new { |preic| Chef::Config[:knife][:bootstrap_preinstall_command] = preic }
304
+ description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}."
320
305
 
321
306
  # bootstrap template
322
307
  option :bootstrap_wget_options,
323
308
  long: "--bootstrap-wget-options OPTIONS",
324
- description: "Add options to wget when installing #{Chef::Dist::PRODUCT}.",
325
- proc: Proc.new { |wo| Chef::Config[:knife][:bootstrap_wget_options] = wo }
309
+ description: "Add options to wget when installing #{Chef::Dist::PRODUCT}."
326
310
 
327
311
  # bootstrap template
328
312
  option :bootstrap_curl_options,
329
313
  long: "--bootstrap-curl-options OPTIONS",
330
- description: "Add options to curl when install #{Chef::Dist::PRODUCT}.",
331
- proc: Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
314
+ description: "Add options to curl when install #{Chef::Dist::PRODUCT}."
332
315
 
333
316
  # chef_vault_handler
334
317
  option :bootstrap_vault_file,
@@ -344,12 +327,12 @@ class Chef
344
327
  option :bootstrap_vault_item,
345
328
  long: "--bootstrap-vault-item VAULT_ITEM",
346
329
  description: 'A single vault and item to update as "vault:item".',
347
- proc: Proc.new { |i|
330
+ proc: Proc.new { |i, accumulator|
348
331
  (vault, item) = i.split(/:/)
349
- Chef::Config[:knife][:bootstrap_vault_item] ||= {}
350
- Chef::Config[:knife][:bootstrap_vault_item][vault] ||= []
351
- Chef::Config[:knife][:bootstrap_vault_item][vault].push(item)
352
- Chef::Config[:knife][:bootstrap_vault_item]
332
+ accumulator ||= {}
333
+ accumulator[vault] ||= []
334
+ accumulator[vault].push(item)
335
+ accumulator
353
336
  }
354
337
 
355
338
  # Deprecated options. These must be declared after
@@ -434,14 +417,14 @@ class Chef
434
417
  def client_builder
435
418
  @client_builder ||= Chef::Knife::Bootstrap::ClientBuilder.new(
436
419
  chef_config: Chef::Config,
437
- knife_config: config,
420
+ config: config,
438
421
  ui: ui
439
422
  )
440
423
  end
441
424
 
442
425
  def chef_vault_handler
443
426
  @chef_vault_handler ||= Chef::Knife::Bootstrap::ChefVaultHandler.new(
444
- knife_config: config,
427
+ config: config,
445
428
  ui: ui
446
429
  )
447
430
  end
@@ -466,7 +449,7 @@ class Chef
466
449
  # @return [String] Default bootstrap template
467
450
  def default_bootstrap_template
468
451
  if connection.windows?
469
- "windows-#{Chef::Dist::CLIENT}-msi"
452
+ "windows-chef-client-msi"
470
453
  else
471
454
  "chef-full"
472
455
  end
@@ -497,7 +480,7 @@ class Chef
497
480
  template = bootstrap_template
498
481
 
499
482
  # Use the template directly if it's a path to an actual file
500
- if File.exist?(template)
483
+ if File.exists?(template)
501
484
  Chef::Log.trace("Using the specified bootstrap template: #{File.dirname(template)}")
502
485
  return template
503
486
  end
@@ -512,7 +495,7 @@ class Chef
512
495
 
513
496
  template_file = Array(bootstrap_files).find do |bootstrap_template|
514
497
  Chef::Log.trace("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
515
- File.exist?(bootstrap_template)
498
+ File.exists?(bootstrap_template)
516
499
  end
517
500
 
518
501
  unless template_file
@@ -555,7 +538,7 @@ class Chef
555
538
  end
556
539
 
557
540
  def run
558
- check_license if ChefConfig::Dist::ENFORCE_LICENSE
541
+ check_license
559
542
 
560
543
  plugin_setup!
561
544
  validate_name_args!
@@ -597,8 +580,11 @@ class Chef
597
580
 
598
581
  bootstrap_context.client_pem = client_builder.client_path
599
582
  else
600
- ui.warn "Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}..."
601
- ui.warn "Remove the key file or remove the 'validation_key' configuration option from your config.rb (knife.rb) to use more secure user credentials for client registration."
583
+ ui.info <<~EOM
584
+ Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}...
585
+ Delete your validation key in order to use your user credentials for client registration instead.
586
+ EOM
587
+
602
588
  end
603
589
  end
604
590
 
@@ -616,7 +602,7 @@ class Chef
616
602
  end
617
603
 
618
604
  def connect!
619
- ui.info("Connecting to #{ui.color(server_name, :bold)} using #{connection_protocol}")
605
+ ui.info("Connecting to #{ui.color(server_name, :bold)}")
620
606
  opts ||= connection_opts.dup
621
607
  do_connect(opts)
622
608
  rescue Train::Error => e
@@ -683,9 +669,8 @@ class Chef
683
669
  return @connection_protocol if @connection_protocol
684
670
 
685
671
  from_url = host_descriptor =~ %r{^(.*)://} ? $1 : nil
686
- from_cli = config[:connection_protocol]
687
- from_knife = Chef::Config[:knife][:connection_protocol]
688
- @connection_protocol = from_url || from_cli || from_knife || "ssh"
672
+ from_knife = config[:connection_protocol]
673
+ @connection_protocol = from_url || from_knife || "ssh"
689
674
  end
690
675
 
691
676
  def do_connect(conn_options)
@@ -721,6 +706,10 @@ class Chef
721
706
  true
722
707
  end
723
708
 
709
+ def winrm_auth_method
710
+ config_value(:winrm_auth_method, :winrm_authentication_protocol, "negotiate")
711
+ end
712
+
724
713
  # Fail if using plaintext auth without ssl because
725
714
  # this can expose keys in plaintext on the wire.
726
715
  # TODO test for this method
@@ -729,8 +718,8 @@ class Chef
729
718
  return true unless winrm?
730
719
 
731
720
  if Chef::Config[:validation_key] && !File.exist?(File.expand_path(Chef::Config[:validation_key]))
732
- if config_value(:winrm_auth_method) == "plaintext" &&
733
- config_value(:winrm_ssl) != true
721
+ if winrm_auth_method == "plaintext" &&
722
+ config[:winrm_ssl] != true
734
723
  ui.error <<~EOM
735
724
  Validatorless bootstrap over unsecure winrm channels could expose your
736
725
  key to network sniffing.
@@ -854,9 +843,9 @@ class Chef
854
843
  # Reference:
855
844
  # https://github.com/chef/knife-windows/blob/92d151298142be4a4750c5b54bb264f8d5b81b8a/lib/chef/knife/winrm_knife_base.rb#L271-L273
856
845
  # TODO Seems like we should also do a similar warning if ssh_verify_host == false
857
- if config_value(:ca_trust_file).nil? &&
858
- config_value(:winrm_no_verify_cert) &&
859
- config_value(:winrm_ssl_peer_fingerprint).nil?
846
+ if config[:ca_trust_file].nil? &&
847
+ config[:winrm_no_verify_cert] &&
848
+ config[:winrm_ssl_peer_fingerprint].nil?
860
849
  ui.warn <<~WARN
861
850
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
862
851
  SSL validation of HTTPS requests for the WinRM transport is disabled.
@@ -902,16 +891,13 @@ class Chef
902
891
 
903
892
  # Common configuration for all protocols
904
893
  def base_opts
905
- port = config_value(:connection_port,
906
- knife_key_for_protocol(connection_protocol, :port))
907
- user = config_value(:connection_user,
908
- knife_key_for_protocol(connection_protocol, :user))
894
+ port = config_for_protocol(:port)
895
+ user = config_for_protocol(:user)
909
896
  {}.tap do |opts|
910
897
  opts[:logger] = Chef::Log
911
- # We do not store password in Chef::Config, so only use CLI `config` here
912
898
  opts[:password] = config[:connection_password] if config.key?(:connection_password)
913
899
  opts[:user] = user if user
914
- opts[:max_wait_until_ready] = config_value(:max_wait).to_f unless config_value(:max_wait).nil?
900
+ opts[:max_wait_until_ready] = config[:max_wait].to_f unless config[:max_wait].nil?
915
901
  # TODO - when would we need to provide rdp_port vs port? Or are they not mutually exclusive?
916
902
  opts[:port] = port if port
917
903
  end
@@ -919,7 +905,7 @@ class Chef
919
905
 
920
906
  def host_verify_opts
921
907
  if winrm?
922
- { self_signed: config_value(:winrm_no_verify_cert) === true }
908
+ { self_signed: config[:winrm_no_verify_cert] === true }
923
909
  elsif ssh?
924
910
  # Fall back to the old knife config key name for back compat.
925
911
  { verify_host_key: config_value(:ssh_verify_host_key, :host_key_verify, "always") }
@@ -933,7 +919,7 @@ class Chef
933
919
  return opts if winrm?
934
920
 
935
921
  opts[:non_interactive] = true # Prevent password prompts from underlying net/ssh
936
- opts[:forward_agent] = (config_value(:ssh_forward_agent) === true)
922
+ opts[:forward_agent] = (config[:ssh_forward_agent] === true)
937
923
  opts[:connection_timeout] = session_timeout
938
924
  opts
939
925
  end
@@ -942,7 +928,7 @@ class Chef
942
928
  opts = {}
943
929
  return opts if winrm?
944
930
 
945
- identity_file = config_value(:ssh_identity_file)
931
+ identity_file = config[:ssh_identity_file]
946
932
  if identity_file
947
933
  opts[:key_files] = [identity_file]
948
934
  # We only set keys_only based on the explicit ssh_identity_file;
@@ -962,7 +948,7 @@ class Chef
962
948
  opts[:keys_only] = false
963
949
  end
964
950
 
965
- gateway_identity_file = config_value(:ssh_gateway) ? config_value(:ssh_gateway_identity) : nil
951
+ gateway_identity_file = config[:ssh_gateway] ? config[:ssh_gateway_identity] : nil
966
952
  unless gateway_identity_file.nil?
967
953
  opts[:key_files] << gateway_identity_file
968
954
  end
@@ -972,8 +958,8 @@ class Chef
972
958
 
973
959
  def gateway_opts
974
960
  opts = {}
975
- if config_value(:ssh_gateway)
976
- split = config_value(:ssh_gateway).split("@", 2)
961
+ if config[:ssh_gateway]
962
+ split = config[:ssh_gateway].split("@", 2)
977
963
  if split.length == 1
978
964
  gw_host = split[0]
979
965
  else
@@ -1019,21 +1005,20 @@ class Chef
1019
1005
  def winrm_opts
1020
1006
  return {} unless winrm?
1021
1007
 
1022
- auth_method = config_value(:winrm_auth_method, :winrm_auth_method, "negotiate")
1023
1008
  opts = {
1024
- winrm_transport: auth_method, # winrm gem and train calls auth method 'transport'
1025
- winrm_basic_auth_only: config_value(:winrm_basic_auth_only) || false,
1026
- ssl: config_value(:winrm_ssl) === true,
1027
- ssl_peer_fingerprint: config_value(:winrm_ssl_peer_fingerprint),
1009
+ winrm_transport: winrm_auth_method, # winrm gem and train calls auth method 'transport'
1010
+ winrm_basic_auth_only: config[:winrm_basic_auth_only] || false,
1011
+ ssl: config[:winrm_ssl] === true,
1012
+ ssl_peer_fingerprint: config[:winrm_ssl_peer_fingerprint],
1028
1013
  }
1029
1014
 
1030
- if auth_method == "kerberos"
1031
- opts[:kerberos_service] = config_value(:kerberos_service) if config_value(:kerberos_service)
1032
- opts[:kerberos_realm] = config_value(:kerberos_realm) if config_value(:kerberos_service)
1015
+ if winrm_auth_method == "kerberos"
1016
+ opts[:kerberos_service] = config[:kerberos_service] if config[:kerberos_service]
1017
+ opts[:kerberos_realm] = config[:kerberos_realm] if config[:kerberos_service]
1033
1018
  end
1034
1019
 
1035
- if config_value(:ca_trust_file)
1036
- opts[:ca_trust_path] = config_value(:ca_trust_file)
1020
+ if config[:ca_trust_file]
1021
+ opts[:ca_trust_path] = config[:ca_trust_file]
1037
1022
  end
1038
1023
 
1039
1024
  opts[:operation_timeout] = session_timeout
@@ -1058,17 +1043,18 @@ class Chef
1058
1043
  }
1059
1044
  end
1060
1045
 
1061
- # Knife plugins should just use the config hash and not call this method. In the
1062
- # future there will be a way to deprecate Chef::Config options in addition to the
1063
- # CLI options, which will eliminate this methods primary purpose.
1046
+ # This is for deprecating config options. The fallback_key can be used
1047
+ # to pull an old knife config option out of the config file when the
1048
+ # cli value has been renamed. This is different from the deprecated
1049
+ # cli values, since these are for config options that have no corresponding
1050
+ # cli value.
1064
1051
  #
1065
- # In Chef-16 the single-argument verison of this function will be deprecated and
1066
- # config_value(:whatver) should be converted to config[:whatever]. That never had
1067
- # any purpose and never should have been used this way.
1052
+ # DO NOT USE - this whole API is considered deprecated
1068
1053
  #
1069
1054
  # @api deprecated
1070
1055
  #
1071
1056
  def config_value(key, fallback_key = nil, default = nil)
1057
+ Chef.deprecated(:knife_bootstrap_apis, "Use of config_value without a fallback_key is deprecated. Knife plugin authors should access the config hash directly, which does correct merging of cli and config options.") if fallback_key.nil?
1072
1058
  if config.key?(key)
1073
1059
  # the first key is the primary key so we check the merged hash first
1074
1060
  config[key]
@@ -1097,6 +1083,8 @@ class Chef
1097
1083
  end
1098
1084
  end
1099
1085
 
1086
+ private
1087
+
1100
1088
  # To avoid cluttering the CLI options, some flags (such as port and user)
1101
1089
  # are shared between protocols. However, there is still a need to allow the operator
1102
1090
  # to specify defaults separately, since they may not be the same values for different
@@ -1105,12 +1093,20 @@ class Chef
1105
1093
  # These keys are available in Chef::Config, and are prefixed with the protocol name.
1106
1094
  # For example, :user CLI option will map to :winrm_user and :ssh_user Chef::Config keys,
1107
1095
  # based on the connection protocol in use.
1108
- def knife_key_for_protocol(new_option, option = nil)
1109
- option = new_option if option.nil? # hacky compat with both old Chef-15 style and new Chef-16 style API signature
1110
- "#{connection_protocol}_#{option}".to_sym
1096
+
1097
+ # @api private
1098
+ def config_for_protocol(option)
1099
+ if option == :port
1100
+ config[:connection_port] || config[knife_key_for_protocol(option)]
1101
+ else
1102
+ config[:connection_user] || config[knife_key_for_protocol(option)]
1103
+ end
1111
1104
  end
1112
1105
 
1113
- private
1106
+ # @api private
1107
+ def knife_key_for_protocol(option)
1108
+ "#{connection_protocol}_#{option}".to_sym
1109
+ end
1114
1110
 
1115
1111
  # True if policy_name and run_list are both given
1116
1112
  def policyfile_and_run_list_given?
@@ -1133,7 +1129,7 @@ class Chef
1133
1129
  # session_timeout option has a default that may not arrive, particularly if
1134
1130
  # we're being invoked from a plugin that doesn't merge_config.
1135
1131
  def session_timeout
1136
- timeout = config_value(:session_timeout)
1132
+ timeout = config[:session_timeout]
1137
1133
  return options[:session_timeout][:default] if timeout.nil?
1138
1134
 
1139
1135
  timeout.to_i