chef 15.17.4-universal-mingw32 → 16.0.257-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (571) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +14 -20
  3. data/README.md +6 -6
  4. data/Rakefile +18 -23
  5. data/chef-universal-mingw32.gemspec +4 -4
  6. data/chef.gemspec +10 -26
  7. data/distro/powershell/chef/chef.psm1 +3 -3
  8. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  9. data/lib/chef/action_collection.rb +16 -5
  10. data/lib/chef/api_client/registration.rb +2 -2
  11. data/lib/chef/application.rb +33 -54
  12. data/lib/chef/application/apply.rb +20 -3
  13. data/lib/chef/application/base.rb +8 -3
  14. data/lib/chef/application/exit_code.rb +2 -2
  15. data/lib/chef/application/knife.rb +1 -1
  16. data/lib/chef/chef_class.rb +4 -4
  17. data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
  18. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
  19. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
  20. data/lib/chef/chef_fs/file_system/chef_server/rest_list_entry.rb +6 -2
  21. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
  22. data/lib/chef/chef_fs/file_system/repository/base_file.rb +0 -1
  23. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
  24. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  25. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +5 -5
  26. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  27. data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
  28. data/lib/chef/chef_fs/path_utils.rb +3 -3
  29. data/lib/chef/client.rb +16 -14
  30. data/lib/chef/config.rb +1 -1
  31. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  32. data/lib/chef/cookbook/gem_installer.rb +1 -1
  33. data/lib/chef/cookbook/metadata.rb +45 -22
  34. data/lib/chef/cookbook_version.rb +40 -5
  35. data/lib/chef/data_bag.rb +2 -2
  36. data/lib/chef/data_collector/error_handlers.rb +1 -1
  37. data/lib/chef/data_collector/run_end_message.rb +7 -1
  38. data/lib/chef/deprecated.rb +1 -9
  39. data/lib/chef/dist.rb +8 -0
  40. data/lib/chef/dsl/chef_vault.rb +84 -0
  41. data/lib/chef/dsl/declare_resource.rb +7 -5
  42. data/lib/chef/dsl/platform_introspection.rb +2 -3
  43. data/lib/chef/dsl/recipe.rb +7 -12
  44. data/lib/chef/dsl/universal.rb +3 -7
  45. data/lib/chef/environment.rb +2 -2
  46. data/lib/chef/event_dispatch/base.rb +3 -0
  47. data/lib/chef/exceptions.rb +0 -3
  48. data/lib/chef/formatters/doc.rb +1 -1
  49. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  50. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  51. data/lib/chef/formatters/indentable_output_stream.rb +7 -16
  52. data/lib/chef/http.rb +1 -2
  53. data/lib/chef/http/http_request.rb +3 -2
  54. data/lib/chef/knife.rb +1 -3
  55. data/lib/chef/knife/acl_add.rb +57 -0
  56. data/lib/chef/knife/acl_base.rb +183 -0
  57. data/lib/chef/knife/acl_bulk_add.rb +78 -0
  58. data/lib/chef/knife/acl_bulk_remove.rb +83 -0
  59. data/lib/chef/knife/acl_remove.rb +62 -0
  60. data/lib/chef/knife/acl_show.rb +56 -0
  61. data/lib/chef/knife/bootstrap.rb +93 -97
  62. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  63. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  64. data/lib/chef/knife/bootstrap/templates/chef-full.erb +20 -20
  65. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +13 -15
  66. data/lib/chef/knife/bootstrap/train_connector.rb +0 -1
  67. data/lib/chef/knife/cookbook_download.rb +1 -1
  68. data/lib/chef/knife/cookbook_metadata.rb +1 -1
  69. data/lib/chef/knife/core/bootstrap_context.rb +63 -60
  70. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  71. data/lib/chef/knife/core/generic_presenter.rb +4 -3
  72. data/lib/chef/knife/core/hashed_command_loader.rb +2 -3
  73. data/lib/chef/knife/core/node_presenter.rb +2 -2
  74. data/lib/chef/knife/core/status_presenter.rb +5 -5
  75. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  76. data/lib/chef/knife/core/ui.rb +17 -1
  77. data/lib/chef/knife/core/windows_bootstrap_context.rb +45 -58
  78. data/lib/chef/knife/data_bag_secret_options.rb +18 -45
  79. data/lib/chef/knife/environment_compare.rb +1 -1
  80. data/lib/chef/knife/exec.rb +2 -2
  81. data/lib/chef/knife/group_add.rb +55 -0
  82. data/lib/chef/knife/{cookbook_site_download.rb → group_create.rb} +21 -12
  83. data/lib/chef/knife/group_destroy.rb +53 -0
  84. data/lib/chef/knife/{cookbook_site_list.rb → group_list.rb} +14 -11
  85. data/lib/chef/knife/group_remove.rb +56 -0
  86. data/lib/chef/knife/{cookbook_site_install.rb → group_show.rb} +21 -12
  87. data/lib/chef/knife/list.rb +1 -1
  88. data/lib/chef/knife/ssh.rb +12 -50
  89. data/lib/chef/knife/status.rb +3 -3
  90. data/lib/chef/knife/supermarket_download.rb +1 -2
  91. data/lib/chef/knife/supermarket_install.rb +1 -2
  92. data/lib/chef/knife/supermarket_list.rb +1 -2
  93. data/lib/chef/knife/supermarket_search.rb +1 -2
  94. data/lib/chef/knife/supermarket_share.rb +1 -2
  95. data/lib/chef/knife/supermarket_show.rb +1 -2
  96. data/lib/chef/knife/supermarket_unshare.rb +1 -2
  97. data/lib/chef/knife/{cookbook_site_show.rb → user_dissociate.rb} +15 -13
  98. data/lib/chef/knife/{cookbook_site_search.rb → user_invite_add.rb} +16 -13
  99. data/lib/chef/knife/user_invite_list.rb +34 -0
  100. data/lib/chef/knife/user_invite_recind.rb +63 -0
  101. data/lib/chef/knife/yaml_convert.rb +91 -0
  102. data/lib/chef/log.rb +1 -1
  103. data/lib/chef/mixin/create_path.rb +8 -8
  104. data/lib/chef/mixin/openssl_helper.rb +3 -26
  105. data/lib/chef/mixin/powershell_exec.rb +10 -1
  106. data/lib/chef/mixin/powershell_out.rb +1 -1
  107. data/lib/chef/mixin/properties.rb +13 -1
  108. data/lib/chef/mixin/shell_out.rb +0 -4
  109. data/lib/chef/mixin/template.rb +0 -1
  110. data/lib/chef/monkey_patches/net_http.rb +0 -4
  111. data/lib/chef/node.rb +18 -6
  112. data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
  113. data/lib/chef/node/mixin/immutablize_array.rb +4 -0
  114. data/lib/chef/node/mixin/immutablize_hash.rb +3 -0
  115. data/lib/chef/node_map.rb +7 -36
  116. data/lib/chef/platform/priority_map.rb +4 -4
  117. data/lib/chef/platform/query_helpers.rb +6 -34
  118. data/lib/chef/powershell.rb +14 -0
  119. data/lib/chef/property.rb +22 -4
  120. data/lib/chef/provider.rb +40 -6
  121. data/lib/chef/provider/cron.rb +2 -2
  122. data/lib/chef/provider/directory.rb +2 -2
  123. data/lib/chef/provider/dsc_resource.rb +1 -1
  124. data/lib/chef/provider/dsc_script.rb +1 -1
  125. data/lib/chef/provider/execute.rb +2 -8
  126. data/lib/chef/provider/file.rb +5 -5
  127. data/lib/chef/provider/git.rb +84 -27
  128. data/lib/chef/provider/group.rb +4 -4
  129. data/lib/chef/provider/http_request.rb +6 -6
  130. data/lib/chef/provider/ifconfig.rb +4 -4
  131. data/lib/chef/provider/launchd.rb +36 -51
  132. data/lib/chef/provider/link.rb +2 -2
  133. data/lib/chef/provider/mount.rb +5 -5
  134. data/lib/chef/provider/mount/solaris.rb +1 -0
  135. data/lib/chef/provider/osx_profile.rb +7 -3
  136. data/lib/chef/provider/package.rb +2 -2
  137. data/lib/chef/provider/package/cab.rb +3 -4
  138. data/lib/chef/provider/package/chocolatey.rb +1 -3
  139. data/lib/chef/provider/package/dnf.rb +66 -10
  140. data/lib/chef/provider/package/dnf/dnf_helper.py +84 -30
  141. data/lib/chef/provider/package/dnf/python_helper.rb +79 -36
  142. data/lib/chef/provider/package/dnf/version.rb +5 -1
  143. data/lib/chef/provider/package/freebsd/pkgng.rb +1 -3
  144. data/lib/chef/provider/package/homebrew.rb +106 -42
  145. data/lib/chef/provider/package/msu.rb +3 -1
  146. data/lib/chef/provider/package/pacman.rb +25 -34
  147. data/lib/chef/provider/package/powershell.rb +2 -6
  148. data/lib/chef/provider/package/rubygems.rb +29 -2
  149. data/lib/chef/provider/package/snap.rb +27 -96
  150. data/lib/chef/provider/package/windows.rb +3 -2
  151. data/lib/chef/provider/package/windows/msi.rb +2 -2
  152. data/lib/chef/provider/package/yum.rb +0 -8
  153. data/lib/chef/provider/package/yum/yum_helper.py +0 -4
  154. data/lib/chef/provider/package/zypper.rb +1 -1
  155. data/lib/chef/provider/powershell_script.rb +4 -10
  156. data/lib/chef/provider/registry_key.rb +4 -4
  157. data/lib/chef/provider/remote_directory.rb +3 -3
  158. data/lib/chef/provider/remote_file/ftp.rb +3 -2
  159. data/lib/chef/provider/remote_file/local_file.rb +2 -1
  160. data/lib/chef/provider/remote_file/sftp.rb +3 -2
  161. data/lib/chef/provider/route.rb +5 -3
  162. data/lib/chef/provider/ruby_block.rb +1 -1
  163. data/lib/chef/provider/script.rb +2 -2
  164. data/lib/chef/provider/service.rb +8 -8
  165. data/lib/chef/provider/service/aixinit.rb +1 -1
  166. data/lib/chef/provider/service/arch.rb +2 -2
  167. data/lib/chef/provider/service/debian.rb +31 -29
  168. data/lib/chef/provider/service/gentoo.rb +2 -2
  169. data/lib/chef/provider/service/macosx.rb +7 -12
  170. data/lib/chef/provider/service/openbsd.rb +1 -1
  171. data/lib/chef/provider/service/redhat.rb +2 -2
  172. data/lib/chef/provider/service/simple.rb +3 -3
  173. data/lib/chef/provider/service/systemd.rb +12 -12
  174. data/lib/chef/provider/service/upstart.rb +1 -1
  175. data/lib/chef/provider/service/windows.rb +5 -11
  176. data/lib/chef/provider/subversion.rb +25 -5
  177. data/lib/chef/provider/systemd_unit.rb +26 -25
  178. data/lib/chef/provider/user.rb +6 -6
  179. data/lib/chef/provider/user/dscl.rb +3 -3
  180. data/lib/chef/provider/user/mac.rb +10 -9
  181. data/lib/chef/provider/whyrun_safe_ruby_block.rb +1 -1
  182. data/lib/chef/provider/windows_env.rb +3 -3
  183. data/lib/chef/provider/windows_script.rb +2 -2
  184. data/lib/chef/provider/windows_task.rb +7 -9
  185. data/lib/chef/provider/yum_repository.rb +1 -1
  186. data/lib/chef/provider/zypper_repository.rb +11 -31
  187. data/lib/chef/providers.rb +0 -6
  188. data/lib/chef/recipe.rb +36 -0
  189. data/lib/chef/resource.rb +41 -56
  190. data/lib/chef/resource/action_class.rb +24 -22
  191. data/lib/chef/resource/alternatives.rb +149 -0
  192. data/lib/chef/resource/apt_package.rb +2 -1
  193. data/lib/chef/resource/apt_preference.rb +69 -2
  194. data/lib/chef/resource/apt_repository.rb +337 -5
  195. data/lib/chef/resource/apt_update.rb +52 -1
  196. data/lib/chef/resource/archive_file.rb +9 -29
  197. data/lib/chef/resource/bash.rb +2 -0
  198. data/lib/chef/resource/bff_package.rb +9 -1
  199. data/lib/chef/resource/breakpoint.rb +0 -1
  200. data/lib/chef/resource/build_essential.rb +42 -48
  201. data/lib/chef/resource/cab_package.rb +8 -1
  202. data/lib/chef/resource/chef_client_cron.rb +225 -0
  203. data/lib/chef/resource/chef_client_scheduled_task.rb +198 -0
  204. data/lib/chef/resource/chef_client_systemd_timer.rb +177 -0
  205. data/lib/chef/resource/chef_gem.rb +9 -16
  206. data/lib/chef/resource/chef_handler.rb +2 -1
  207. data/lib/chef/resource/chef_sleep.rb +0 -1
  208. data/lib/chef/resource/chef_vault_secret.rb +135 -0
  209. data/lib/chef/resource/chocolatey_config.rb +3 -1
  210. data/lib/chef/resource/chocolatey_feature.rb +2 -1
  211. data/lib/chef/resource/chocolatey_package.rb +2 -1
  212. data/lib/chef/resource/chocolatey_source.rb +2 -1
  213. data/lib/chef/resource/cookbook_file.rb +1 -1
  214. data/lib/chef/resource/cron.rb +22 -68
  215. data/lib/chef/resource/cron_access.rb +8 -15
  216. data/lib/chef/resource/cron_d.rb +9 -75
  217. data/lib/chef/resource/csh.rb +2 -0
  218. data/lib/chef/resource/directory.rb +2 -2
  219. data/lib/chef/resource/dmg_package.rb +4 -4
  220. data/lib/chef/resource/dnf_package.rb +2 -3
  221. data/lib/chef/resource/dpkg_package.rb +2 -1
  222. data/lib/chef/resource/dsc_resource.rb +6 -4
  223. data/lib/chef/resource/dsc_script.rb +3 -2
  224. data/lib/chef/resource/execute.rb +13 -12
  225. data/lib/chef/resource/file.rb +3 -1
  226. data/lib/chef/resource/freebsd_package.rb +2 -1
  227. data/lib/chef/resource/gem_package.rb +14 -6
  228. data/lib/chef/resource/group.rb +4 -1
  229. data/lib/chef/resource/helpers/cron_validations.rb +98 -0
  230. data/lib/chef/resource/homebrew_cask.rb +5 -4
  231. data/lib/chef/resource/homebrew_package.rb +4 -2
  232. data/lib/chef/resource/homebrew_tap.rb +2 -1
  233. data/lib/chef/resource/hostname.rb +41 -36
  234. data/lib/chef/resource/http_request.rb +0 -1
  235. data/lib/chef/resource/ifconfig.rb +1 -1
  236. data/lib/chef/resource/ips_package.rb +10 -2
  237. data/lib/chef/resource/kernel_module.rb +29 -29
  238. data/lib/chef/resource/ksh.rb +2 -0
  239. data/lib/chef/resource/launchd.rb +6 -6
  240. data/lib/chef/resource/link.rb +1 -23
  241. data/lib/chef/resource/locale.rb +58 -24
  242. data/lib/chef/resource/log.rb +12 -1
  243. data/lib/chef/resource/lwrp_base.rb +1 -8
  244. data/lib/chef/resource/macos_userdefaults.rb +9 -6
  245. data/lib/chef/resource/macosx_service.rb +2 -1
  246. data/lib/chef/resource/macports_package.rb +10 -2
  247. data/lib/chef/resource/mdadm.rb +62 -2
  248. data/lib/chef/resource/mount.rb +3 -0
  249. data/lib/chef/resource/msu_package.rb +13 -1
  250. data/lib/chef/resource/notify_group.rb +8 -3
  251. data/lib/chef/resource/ohai.rb +19 -3
  252. data/lib/chef/resource/ohai_hint.rb +3 -12
  253. data/lib/chef/resource/openbsd_package.rb +9 -1
  254. data/lib/chef/resource/openssl_dhparam.rb +10 -1
  255. data/lib/chef/resource/openssl_ec_private_key.rb +23 -1
  256. data/lib/chef/resource/openssl_ec_public_key.rb +21 -1
  257. data/lib/chef/resource/openssl_rsa_private_key.rb +20 -1
  258. data/lib/chef/resource/openssl_rsa_public_key.rb +22 -1
  259. data/lib/chef/resource/openssl_x509_certificate.rb +37 -1
  260. data/lib/chef/resource/openssl_x509_crl.rb +12 -1
  261. data/lib/chef/resource/openssl_x509_request.rb +37 -1
  262. data/lib/chef/resource/osx_profile.rb +3 -2
  263. data/lib/chef/resource/package.rb +2 -1
  264. data/lib/chef/resource/pacman_package.rb +2 -1
  265. data/lib/chef/resource/paludis_package.rb +12 -3
  266. data/lib/chef/resource/perl.rb +2 -0
  267. data/lib/chef/resource/plist.rb +207 -0
  268. data/lib/chef/resource/portage_package.rb +13 -3
  269. data/lib/chef/resource/powershell_package.rb +1 -3
  270. data/lib/chef/resource/powershell_package_source.rb +3 -1
  271. data/lib/chef/resource/powershell_script.rb +7 -17
  272. data/lib/chef/resource/python.rb +2 -0
  273. data/lib/chef/resource/reboot.rb +0 -1
  274. data/lib/chef/resource/registry_key.rb +1 -2
  275. data/lib/chef/resource/remote_directory.rb +2 -0
  276. data/lib/chef/resource/remote_file.rb +2 -0
  277. data/lib/chef/resource/rhsm_errata.rb +0 -1
  278. data/lib/chef/resource/rhsm_errata_level.rb +0 -1
  279. data/lib/chef/resource/rhsm_register.rb +2 -1
  280. data/lib/chef/resource/rhsm_repo.rb +3 -1
  281. data/lib/chef/resource/rhsm_subscription.rb +4 -1
  282. data/lib/chef/resource/route.rb +5 -1
  283. data/lib/chef/resource/rpm_package.rb +9 -2
  284. data/lib/chef/resource/ruby.rb +2 -0
  285. data/lib/chef/resource/ruby_block.rb +1 -1
  286. data/lib/chef/resource/scm/_scm.rb +48 -0
  287. data/lib/chef/resource/{scm.rb → scm/git.rb} +16 -30
  288. data/lib/chef/resource/{subversion.rb → scm/subversion.rb} +8 -5
  289. data/lib/chef/resource/script.rb +6 -3
  290. data/lib/chef/resource/service.rb +6 -7
  291. data/lib/chef/resource/smartos_package.rb +9 -1
  292. data/lib/chef/resource/snap_package.rb +3 -1
  293. data/lib/chef/resource/solaris_package.rb +9 -1
  294. data/lib/chef/resource/ssh_known_hosts_entry.rb +6 -3
  295. data/lib/chef/resource/sudo.rb +9 -9
  296. data/lib/chef/resource/support/cron.d.erb +1 -1
  297. data/lib/chef/resource/support/cron_access.erb +1 -1
  298. data/lib/chef/resource/support/sudoer.erb +1 -2
  299. data/lib/chef/resource/support/ulimit.erb +41 -0
  300. data/lib/chef/resource/swap_file.rb +5 -3
  301. data/lib/chef/resource/sysctl.rb +2 -2
  302. data/lib/chef/resource/systemd_unit.rb +4 -2
  303. data/lib/chef/resource/template.rb +0 -1
  304. data/lib/chef/resource/timezone.rb +7 -18
  305. data/lib/chef/resource/user.rb +1 -3
  306. data/lib/chef/resource/user/aix_user.rb +0 -2
  307. data/lib/chef/resource/user/dscl_user.rb +1 -1
  308. data/lib/chef/resource/user/linux_user.rb +0 -2
  309. data/lib/chef/resource/user/mac_user.rb +1 -1
  310. data/lib/chef/resource/user/pw_user.rb +0 -2
  311. data/lib/chef/resource/user/solaris_user.rb +0 -2
  312. data/lib/chef/resource/user/windows_user.rb +0 -2
  313. data/lib/chef/resource/user_ulimit.rb +114 -0
  314. data/lib/chef/resource/whyrun_safe_ruby_block.rb +1 -0
  315. data/lib/chef/resource/windows_ad_join.rb +19 -6
  316. data/lib/chef/resource/windows_auto_run.rb +0 -1
  317. data/lib/chef/resource/windows_certificate.rb +1 -1
  318. data/lib/chef/resource/windows_dfs_folder.rb +0 -1
  319. data/lib/chef/resource/windows_dfs_namespace.rb +0 -1
  320. data/lib/chef/resource/windows_dfs_server.rb +0 -1
  321. data/lib/chef/resource/windows_dns_record.rb +0 -1
  322. data/lib/chef/resource/windows_dns_zone.rb +0 -1
  323. data/lib/chef/resource/windows_env.rb +2 -3
  324. data/lib/chef/resource/windows_feature.rb +2 -2
  325. data/lib/chef/resource/windows_feature_dism.rb +9 -22
  326. data/lib/chef/resource/windows_feature_powershell.rb +17 -82
  327. data/lib/chef/resource/windows_firewall_rule.rb +119 -10
  328. data/lib/chef/resource/windows_font.rb +1 -3
  329. data/lib/chef/resource/windows_package.rb +13 -4
  330. data/lib/chef/resource/windows_pagefile.rb +0 -1
  331. data/lib/chef/resource/windows_path.rb +0 -1
  332. data/lib/chef/resource/windows_printer.rb +0 -1
  333. data/lib/chef/resource/windows_printer_port.rb +0 -1
  334. data/lib/chef/resource/windows_script.rb +3 -4
  335. data/lib/chef/resource/windows_security_policy.rb +90 -0
  336. data/lib/chef/resource/windows_service.rb +45 -31
  337. data/lib/chef/resource/windows_share.rb +3 -7
  338. data/lib/chef/resource/windows_shortcut.rb +0 -1
  339. data/lib/chef/resource/windows_task.rb +14 -15
  340. data/lib/chef/resource/windows_uac.rb +0 -1
  341. data/lib/chef/resource/windows_user_privilege.rb +157 -0
  342. data/lib/chef/resource/windows_workgroup.rb +0 -1
  343. data/lib/chef/resource/yum_package.rb +3 -1
  344. data/lib/chef/resource/yum_repository.rb +2 -1
  345. data/lib/chef/resource/zypper_package.rb +3 -2
  346. data/lib/chef/resource/zypper_repository.rb +2 -1
  347. data/lib/chef/resource_builder.rb +8 -0
  348. data/lib/chef/resource_inspector.rb +6 -6
  349. data/lib/chef/resource_resolver.rb +7 -14
  350. data/lib/chef/resources.rb +11 -3
  351. data/lib/chef/role.rb +2 -2
  352. data/lib/chef/run_context/cookbook_compiler.rb +29 -5
  353. data/lib/chef/shell.rb +23 -32
  354. data/lib/chef/shell/shell_session.rb +0 -2
  355. data/lib/chef/util/diff.rb +1 -1
  356. data/lib/chef/util/dsc/configuration_generator.rb +1 -1
  357. data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
  358. data/lib/chef/util/powershell/cmdlet.rb +1 -1
  359. data/lib/chef/version.rb +2 -2
  360. data/lib/chef/version_string.rb +1 -1
  361. data/lib/chef/win32/api/file.rb +18 -18
  362. data/lib/chef/win32/api/security.rb +6 -0
  363. data/lib/chef/win32/file.rb +3 -11
  364. data/lib/chef/win32/process.rb +2 -2
  365. data/lib/chef/win32/security.rb +40 -2
  366. data/spec/functional/assets/inittest +8 -7
  367. data/spec/functional/knife/ssh_spec.rb +27 -23
  368. data/spec/functional/resource/aix_service_spec.rb +1 -0
  369. data/spec/functional/resource/aixinit_service_spec.rb +8 -7
  370. data/spec/functional/resource/apt_package_spec.rb +1 -0
  371. data/spec/functional/resource/bff_spec.rb +2 -2
  372. data/spec/functional/resource/cookbook_file_spec.rb +1 -1
  373. data/spec/functional/resource/cron_spec.rb +11 -29
  374. data/spec/functional/resource/dnf_package_spec.rb +441 -156
  375. data/spec/functional/resource/dsc_resource_spec.rb +1 -1
  376. data/spec/functional/resource/git_spec.rb +184 -134
  377. data/spec/functional/resource/insserv_spec.rb +6 -5
  378. data/spec/functional/resource/link_spec.rb +17 -17
  379. data/spec/functional/resource/locale_spec.rb +13 -2
  380. data/spec/functional/resource/powershell_script_spec.rb +7 -68
  381. data/spec/functional/resource/rpm_spec.rb +2 -2
  382. data/spec/functional/resource/user/dscl_spec.rb +2 -2
  383. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  384. data/spec/functional/resource/windows_certificate_spec.rb +3 -3
  385. data/spec/functional/resource/windows_security_policy_spec.rb +90 -0
  386. data/spec/functional/resource/windows_task_spec.rb +8 -8
  387. data/spec/functional/resource/windows_user_privilege_spec.rb +193 -0
  388. data/spec/functional/run_lock_spec.rb +1 -2
  389. data/spec/functional/shell_spec.rb +6 -6
  390. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  391. data/spec/functional/version_spec.rb +1 -1
  392. data/spec/functional/win32/registry_spec.rb +0 -6
  393. data/spec/functional/win32/security_spec.rb +22 -0
  394. data/spec/functional/win32/service_manager_spec.rb +1 -1
  395. data/spec/integration/client/client_spec.rb +123 -2
  396. data/spec/integration/knife/cookbook_show_spec.rb +28 -26
  397. data/spec/integration/knife/data_bag_show_spec.rb +1 -1
  398. data/spec/integration/knife/raw_spec.rb +30 -2
  399. data/spec/integration/knife/show_spec.rb +32 -3
  400. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  401. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -5
  402. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  403. data/spec/integration/recipes/noop_resource_spec.rb +1 -1
  404. data/spec/integration/recipes/notifies_spec.rb +50 -21
  405. data/spec/integration/recipes/notifying_block_spec.rb +9 -6
  406. data/spec/integration/recipes/provider_choice.rb +2 -0
  407. data/spec/integration/recipes/recipe_dsl_spec.rb +46 -144
  408. data/spec/integration/recipes/resource_action_spec.rb +16 -11
  409. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +1 -3
  410. data/spec/integration/recipes/resource_load_spec.rb +133 -13
  411. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  412. data/spec/integration/recipes/use_partial_spec.rb +112 -0
  413. data/spec/integration/solo/solo_spec.rb +3 -3
  414. data/spec/scripts/ssl-serve.rb +1 -1
  415. data/spec/spec_helper.rb +11 -14
  416. data/spec/support/chef_helpers.rb +2 -2
  417. data/spec/support/lib/chef/resource/zen_follower.rb +2 -0
  418. data/spec/support/platform_helpers.rb +44 -19
  419. data/spec/support/platforms/win32/spec_service.rb +1 -1
  420. data/spec/support/recipe_dsl_helper.rb +83 -0
  421. data/spec/support/shared/functional/directory_resource.rb +1 -1
  422. data/spec/support/shared/functional/execute_resource.rb +1 -1
  423. data/spec/support/shared/functional/file_resource.rb +3 -3
  424. data/spec/support/shared/functional/win32_service.rb +1 -1
  425. data/spec/support/shared/functional/windows_script.rb +5 -18
  426. data/spec/support/shared/integration/knife_support.rb +14 -8
  427. data/spec/unit/application/apply_spec.rb +3 -0
  428. data/spec/unit/application/client_spec.rb +5 -1
  429. data/spec/unit/application_spec.rb +1 -9
  430. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +4 -2
  431. data/spec/unit/client_spec.rb +7 -5
  432. data/spec/unit/cookbook/gem_installer_spec.rb +3 -4
  433. data/spec/unit/cookbook/metadata_spec.rb +38 -19
  434. data/spec/unit/data_bag_spec.rb +1 -1
  435. data/spec/unit/data_collector_spec.rb +38 -17
  436. data/spec/unit/dsl/platform_introspection_spec.rb +0 -1
  437. data/spec/unit/environment_spec.rb +7 -7
  438. data/spec/unit/event_dispatch/dispatcher_spec.rb +0 -3
  439. data/spec/unit/file_access_control_spec.rb +1 -1
  440. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +15 -15
  441. data/spec/unit/knife/bootstrap/client_builder_spec.rb +9 -9
  442. data/spec/unit/knife/bootstrap_spec.rb +36 -54
  443. data/spec/unit/knife/cookbook_download_spec.rb +4 -4
  444. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
  445. data/spec/unit/knife/cookbook_show_spec.rb +1 -0
  446. data/spec/unit/knife/cookbook_upload_spec.rb +6 -5
  447. data/spec/unit/knife/core/bootstrap_context_spec.rb +23 -43
  448. data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
  449. data/spec/unit/knife/core/ui_spec.rb +16 -0
  450. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +8 -68
  451. data/spec/unit/knife/data_bag_secret_options_spec.rb +22 -14
  452. data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
  453. data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
  454. data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
  455. data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
  456. data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
  457. data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
  458. data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
  459. data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
  460. data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
  461. data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
  462. data/spec/unit/knife/ssh_spec.rb +10 -113
  463. data/spec/unit/knife/status_spec.rb +1 -1
  464. data/spec/unit/knife/supermarket_share_spec.rb +3 -5
  465. data/spec/unit/knife_spec.rb +18 -0
  466. data/spec/unit/lwrp_spec.rb +4 -4
  467. data/spec/unit/mixin/powershell_exec_spec.rb +10 -0
  468. data/spec/unit/mixin/securable_spec.rb +1 -0
  469. data/spec/unit/mixin/user_context_spec.rb +9 -1
  470. data/spec/unit/node/attribute_spec.rb +2 -2
  471. data/spec/unit/node_spec.rb +24 -0
  472. data/spec/unit/platform/query_helpers_spec.rb +0 -143
  473. data/spec/unit/property/state_spec.rb +12 -7
  474. data/spec/unit/property/validation_spec.rb +25 -1
  475. data/spec/unit/property_spec.rb +18 -15
  476. data/spec/unit/provider/apt_preference_spec.rb +14 -10
  477. data/spec/unit/provider/apt_repository_spec.rb +9 -11
  478. data/spec/unit/provider/apt_update_spec.rb +12 -11
  479. data/spec/unit/provider/cookbook_file_spec.rb +4 -4
  480. data/spec/unit/provider/cron_spec.rb +2 -2
  481. data/spec/unit/provider/directory_spec.rb +4 -15
  482. data/spec/unit/provider/file_spec.rb +4 -4
  483. data/spec/unit/provider/git_spec.rb +44 -4
  484. data/spec/unit/provider/link_spec.rb +0 -1
  485. data/spec/unit/provider/log_spec.rb +3 -3
  486. data/spec/unit/provider/mdadm_spec.rb +3 -3
  487. data/spec/unit/provider/osx_profile_spec.rb +2 -2
  488. data/spec/unit/provider/package/dnf/python_helper_spec.rb +2 -2
  489. data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
  490. data/spec/unit/provider/package/homebrew_spec.rb +280 -174
  491. data/spec/unit/provider/package/msu_spec.rb +3 -3
  492. data/spec/unit/provider/package/pacman_spec.rb +65 -147
  493. data/spec/unit/provider/package/powershell_spec.rb +88 -96
  494. data/spec/unit/provider/package/rubygems_spec.rb +221 -31
  495. data/spec/unit/provider/package/snap_spec.rb +1 -1
  496. data/spec/unit/provider/package/windows/exe_spec.rb +1 -1
  497. data/spec/unit/provider/package/windows_spec.rb +53 -30
  498. data/spec/unit/provider/powershell_script_spec.rb +21 -61
  499. data/spec/unit/provider/remote_file_spec.rb +3 -4
  500. data/spec/unit/provider/service/arch_service_spec.rb +2 -3
  501. data/spec/unit/provider/service/debian_service_spec.rb +35 -14
  502. data/spec/unit/provider/service/gentoo_service_spec.rb +8 -8
  503. data/spec/unit/provider/service/macosx_spec.rb +210 -214
  504. data/spec/unit/provider/service/redhat_spec.rb +2 -2
  505. data/spec/unit/provider/service/systemd_service_spec.rb +23 -23
  506. data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
  507. data/spec/unit/provider/service/windows_spec.rb +6 -2
  508. data/spec/unit/provider/subversion_spec.rb +4 -2
  509. data/spec/unit/provider/systemd_unit_spec.rb +24 -28
  510. data/spec/unit/provider/template_spec.rb +3 -4
  511. data/spec/unit/provider/zypper_repository_spec.rb +25 -75
  512. data/spec/unit/provider_resolver_spec.rb +11 -11
  513. data/spec/unit/provider_spec.rb +0 -1
  514. data/spec/unit/recipe_spec.rb +68 -0
  515. data/spec/unit/resource/alternatives_spec.rb +120 -0
  516. data/spec/unit/resource/apt_preference_spec.rb +0 -18
  517. data/spec/unit/resource/apt_repository_spec.rb +0 -18
  518. data/spec/unit/resource/apt_update_spec.rb +0 -18
  519. data/spec/unit/resource/archive_file_spec.rb +2 -11
  520. data/spec/unit/resource/chef_client_cron_spec.rb +119 -0
  521. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +102 -0
  522. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +70 -0
  523. data/spec/unit/resource/chef_vault_secret_spec.rb +40 -0
  524. data/spec/unit/resource/chocolatey_source_spec.rb +2 -1
  525. data/spec/unit/resource/cron_d_spec.rb +6 -48
  526. data/spec/unit/resource/cron_spec.rb +4 -10
  527. data/spec/unit/resource/gem_package_spec.rb +3 -3
  528. data/spec/unit/resource/helpers/cron_validations_spec.rb +77 -0
  529. data/spec/unit/resource/link_spec.rb +0 -4
  530. data/spec/unit/resource/locale_spec.rb +0 -34
  531. data/spec/unit/resource/ohai_spec.rb +56 -2
  532. data/spec/unit/resource/plist_spec.rb +130 -0
  533. data/spec/unit/resource/powershell_script_spec.rb +0 -5
  534. data/spec/unit/resource/{git_spec.rb → scm/git_spec.rb} +50 -2
  535. data/spec/unit/resource/{scm_spec.rb → scm/scm.rb} +1 -52
  536. data/spec/unit/resource/{subversion_spec.rb → scm/subversion_spec.rb} +2 -3
  537. data/spec/unit/resource/service_spec.rb +4 -0
  538. data/spec/unit/resource/user_spec.rb +2 -2
  539. data/spec/unit/resource/user_ulimit_spec.rb +53 -0
  540. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  541. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  542. data/spec/unit/resource/windows_feature_dism_spec.rb +2 -17
  543. data/spec/unit/resource/windows_feature_powershell_spec.rb +6 -47
  544. data/spec/unit/resource/windows_firewall_rule_spec.rb +88 -41
  545. data/spec/unit/resource/windows_package_spec.rb +4 -1
  546. data/spec/unit/resource/windows_service_spec.rb +9 -0
  547. data/spec/unit/resource/windows_task_spec.rb +1 -1
  548. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  549. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  550. data/spec/unit/resource_reporter_spec.rb +1 -5
  551. data/spec/unit/resource_spec.rb +11 -4
  552. data/spec/unit/role_spec.rb +11 -11
  553. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  554. data/spec/unit/run_context_spec.rb +1 -1
  555. data/spec/unit/search/query_spec.rb +1 -1
  556. data/spec/unit/util/threaded_job_queue_spec.rb +0 -9
  557. data/spec/unit/win32/security_spec.rb +3 -4
  558. data/tasks/rspec.rb +1 -1
  559. metadata +116 -87
  560. data/lib/chef/dsl/core.rb +0 -52
  561. data/lib/chef/knife/cookbook_site_share.rb +0 -41
  562. data/lib/chef/knife/cookbook_site_unshare.rb +0 -41
  563. data/lib/chef/provider/apt_preference.rb +0 -93
  564. data/lib/chef/provider/apt_repository.rb +0 -358
  565. data/lib/chef/provider/apt_update.rb +0 -79
  566. data/lib/chef/provider/log.rb +0 -43
  567. data/lib/chef/provider/mdadm.rb +0 -85
  568. data/lib/chef/provider/ohai.rb +0 -45
  569. data/lib/chef/resource/git.rb +0 -37
  570. data/spec/functional/resource/windows_font_spec.rb +0 -49
  571. data/spec/unit/provider/ohai_spec.rb +0 -84
@@ -0,0 +1,83 @@
1
+ #
2
+ # Author:: Jeremiah Snapp (jeremiah@chef.io)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "../knife"
20
+
21
+ class Chef
22
+ class Knife
23
+ class AclBulkRemove < Chef::Knife
24
+ category "acl"
25
+ banner "knife acl bulk remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE REGEX PERMS"
26
+
27
+ deps do
28
+ require_relative "acl_base"
29
+ include Chef::Knife::AclBase
30
+ end
31
+
32
+ def run
33
+ member_type, member_name, object_type, regex, perms = name_args
34
+ object_name_matcher = /#{regex}/
35
+
36
+ if name_args.length != 5
37
+ show_usage
38
+ ui.fatal "You must specify the member type [client|group|user], member name, object type, object name REGEX and perms"
39
+ exit 1
40
+ end
41
+
42
+ if member_name == "pivotal" && %w{client user}.include?(member_type)
43
+ ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
44
+ exit 1
45
+ end
46
+ if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
47
+ ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
48
+ ui.fatal " Removal could prevent future attempts to modify permissions."
49
+ exit 1
50
+ end
51
+ validate_perm_type!(perms)
52
+ validate_member_type!(member_type)
53
+ validate_member_name!(member_name)
54
+ validate_object_type!(object_type)
55
+ validate_member_exists!(member_type, member_name)
56
+
57
+ if %w{containers groups}.include?(object_type)
58
+ ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
59
+ exit 1
60
+ end
61
+
62
+ objects_to_modify = []
63
+ all_objects = rest.get_rest(object_type)
64
+ objects_to_modify = all_objects.keys.select { |object_name| object_name =~ object_name_matcher }
65
+
66
+ if objects_to_modify.empty?
67
+ ui.info "No #{object_type} match the expression /#{regex}/"
68
+ exit 0
69
+ end
70
+
71
+ ui.msg("The ACL of the following #{object_type} will be modified:")
72
+ ui.msg("")
73
+ ui.msg(ui.list(objects_to_modify.sort, :columns_down))
74
+ ui.msg("")
75
+ ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")
76
+
77
+ objects_to_modify.each do |object_name|
78
+ remove_from_acl!(member_type, member_name, object_type, object_name, perms)
79
+ end
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,62 @@
1
+ #
2
+ # Author:: Steven Danna (steve@chef.io)
3
+ # Author:: Jeremiah Snapp (jeremiah@chef.io)
4
+ # Copyright:: Copyright (c) Chef Software Inc.
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../knife"
21
+
22
+ class Chef
23
+ class Knife
24
+ class AclRemove < Chef::Knife
25
+ category "acl"
26
+ banner "knife acl remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE OBJECT_NAME PERMS"
27
+
28
+ deps do
29
+ require_relative "acl_base"
30
+ include Chef::Knife::AclBase
31
+ end
32
+
33
+ def run
34
+ member_type, member_name, object_type, object_name, perms = name_args
35
+
36
+ if name_args.length != 5
37
+ show_usage
38
+ ui.fatal "You must specify the member type [client|group|user], member name, object type, object name and perms"
39
+ exit 1
40
+ end
41
+
42
+ if member_name == "pivotal" && %w{client user}.include?(member_type)
43
+ ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
44
+ exit 1
45
+ end
46
+ if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
47
+ ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
48
+ ui.fatal " Removal could prevent future attempts to modify permissions."
49
+ exit 1
50
+ end
51
+ validate_perm_type!(perms)
52
+ validate_member_type!(member_type)
53
+ validate_member_name!(member_name)
54
+ validate_object_name!(object_name)
55
+ validate_object_type!(object_type)
56
+ validate_member_exists!(member_type, member_name)
57
+
58
+ remove_from_acl!(member_type, member_name, object_type, object_name, perms)
59
+ end
60
+ end
61
+ end
62
+ end
@@ -0,0 +1,56 @@
1
+ #
2
+ # Author:: Steven Danna (steve@chef.io)
3
+ # Copyright:: Copyright (c) Chef Software Inc.
4
+ # License:: Apache License, Version 2.0
5
+ #
6
+ # Licensed under the Apache License, Version 2.0 (the "License");
7
+ # you may not use this file except in compliance with the License.
8
+ # You may obtain a copy of the License at
9
+ #
10
+ # http://www.apache.org/licenses/LICENSE-2.0
11
+ #
12
+ # Unless required by applicable law or agreed to in writing, software
13
+ # distributed under the License is distributed on an "AS IS" BASIS,
14
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ # See the License for the specific language governing permissions and
16
+ # limitations under the License.
17
+ #
18
+
19
+ require_relative "../knife"
20
+
21
+ class Chef
22
+ class Knife
23
+ class AclShow < Chef::Knife
24
+ category "acl"
25
+ banner "knife acl show OBJECT_TYPE OBJECT_NAME"
26
+
27
+ deps do
28
+ require_relative "acl_base"
29
+ include Chef::Knife::AclBase
30
+ end
31
+
32
+ def run
33
+ object_type, object_name = name_args
34
+
35
+ if name_args.length != 2
36
+ show_usage
37
+ ui.fatal "You must specify an object type and object name"
38
+ exit 1
39
+ end
40
+
41
+ validate_object_type!(object_type)
42
+ validate_object_name!(object_name)
43
+ acl = get_acl(object_type, object_name)
44
+ PERM_TYPES.each do |perm|
45
+ # Filter out the actors field if we have
46
+ # users and clients. Note that if one is present,
47
+ # both will be - but we're checking both for completeness.
48
+ if acl[perm].key?("users") && acl[perm].key?("clients")
49
+ acl[perm].delete "actors"
50
+ end
51
+ end
52
+ ui.output acl
53
+ end
54
+ end
55
+ end
56
+ end
@@ -86,7 +86,6 @@ class Chef
86
86
  short: "-w AUTH-METHOD",
87
87
  long: "--winrm-auth-method AUTH-METHOD",
88
88
  description: "The WinRM authentication method to use.",
89
- proc: Proc.new { |protocol| Chef::Config[:knife][:winrm_auth_method] = protocol },
90
89
  in: WINRM_AUTH_PROTOCOL_LIST
91
90
 
92
91
  option :winrm_basic_auth_only,
@@ -94,37 +93,32 @@ class Chef
94
93
  description: "For WinRM basic authentication when using the 'ssl' auth method.",
95
94
  boolean: true
96
95
 
97
- # This option was provided in knife bootstrap windows winrm,
98
- # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
99
- # option :kerberos_keytab_file,
100
- # :short => "-T KEYTAB_FILE",
101
- # :long => "--keytab-file KEYTAB_FILE",
102
- # :description => "The Kerberos keytab file used for authentication",
103
- # :proc => Proc.new { |keytab| Chef::Config[:knife][:kerberos_keytab_file] = keytab }
96
+ # This option was provided in knife bootstrap windows winrm,
97
+ # but it is ignored in knife-windows/WinrmSession, and so remains unimplemeneted here.
98
+ # option :kerberos_keytab_file,
99
+ # :short => "-T KEYTAB_FILE",
100
+ # :long => "--keytab-file KEYTAB_FILE",
101
+ # :description => "The Kerberos keytab file used for authentication"
104
102
 
105
103
  option :kerberos_realm,
106
104
  short: "-R KERBEROS_REALM",
107
105
  long: "--kerberos-realm KERBEROS_REALM",
108
- description: "The Kerberos realm used for authentication.",
109
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_realm] = protocol }
106
+ description: "The Kerberos realm used for authentication."
110
107
 
111
108
  option :kerberos_service,
112
109
  short: "-S KERBEROS_SERVICE",
113
110
  long: "--kerberos-service KERBEROS_SERVICE",
114
- description: "The Kerberos service used for authentication.",
115
- proc: Proc.new { |protocol| Chef::Config[:knife][:kerberos_service] = protocol }
111
+ description: "The Kerberos service used for authentication."
116
112
 
117
113
  ## SSH Authentication
118
114
  option :ssh_gateway,
119
115
  short: "-G GATEWAY",
120
116
  long: "--ssh-gateway GATEWAY",
121
- description: "The SSH gateway.",
122
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway] = key }
117
+ description: "The SSH gateway."
123
118
 
124
119
  option :ssh_gateway_identity,
125
120
  long: "--ssh-gateway-identity SSH_GATEWAY_IDENTITY",
126
- description: "The SSH identity file used for gateway authentication.",
127
- proc: Proc.new { |key| Chef::Config[:knife][:ssh_gateway_identity] = key }
121
+ description: "The SSH identity file used for gateway authentication."
128
122
 
129
123
  option :ssh_forward_agent,
130
124
  short: "-A",
@@ -140,7 +134,8 @@ class Chef
140
134
  option :ssh_verify_host_key,
141
135
  long: "--ssh-verify-host-key VALUE",
142
136
  description: "Verify host key. Default is 'always'.",
143
- in: %w{always accept_new accept_new_or_local_tunnel never}
137
+ in: %w{always accept_new accept_new_or_local_tunnel never},
138
+ default: "always"
144
139
 
145
140
  #
146
141
  # bootstrap options
@@ -160,8 +155,7 @@ class Chef
160
155
  # client.rb content via chef-full/bootstrap_context
161
156
  option :bootstrap_proxy,
162
157
  long: "--bootstrap-proxy PROXY_URL",
163
- description: "The proxy server for the node being bootstrapped.",
164
- proc: Proc.new { |p| Chef::Config[:knife][:bootstrap_proxy] = p }
158
+ description: "The proxy server for the node being bootstrapped."
165
159
 
166
160
  # client.rb content via bootstrap_context
167
161
  option :bootstrap_proxy_user,
@@ -176,8 +170,7 @@ class Chef
176
170
  # client.rb content via bootstrap_context
177
171
  option :bootstrap_no_proxy,
178
172
  long: "--bootstrap-no-proxy [NO_PROXY_URL|NO_PROXY_IP]",
179
- description: "Do not proxy locations for the node being bootstrapped",
180
- proc: Proc.new { |np| Chef::Config[:knife][:bootstrap_no_proxy] = np }
173
+ description: "Do not proxy locations for the node being bootstrapped"
181
174
 
182
175
  # client.rb content via bootstrap_context
183
176
  option :bootstrap_template,
@@ -270,21 +263,16 @@ class Chef
270
263
  proc: lambda { |o| Chef::JSONCompat.parse(File.read(o)) },
271
264
  default: nil
272
265
 
273
- # Note that several of the below options are used by bootstrap template,
274
- # but only from the passed-in knife config; it does not use the
275
- # config from the CLI for those values. We cannot always used the merged
276
- # config, because in some cases the knife keys thIn those cases, the option
277
- # will have a proc that assigns the value into Chef::Config[:knife]
278
-
279
266
  # bootstrap template
280
267
  # Create ohai hints in /etc/chef/ohai/hints, fname=hintname, content=value
281
- option :hint,
268
+ option :hints,
282
269
  long: "--hint HINT_NAME[=HINT_FILE]",
283
270
  description: "Specify an Ohai hint to be set on the bootstrap target. Use multiple --hint options to specify multiple hints.",
284
- proc: Proc.new { |h|
285
- Chef::Config[:knife][:hints] ||= {}
286
- name, path = h.split("=")
287
- Chef::Config[:knife][:hints][name] = path ? Chef::JSONCompat.parse(::File.read(path)) : {}
271
+ proc: Proc.new { |hint, accumulator|
272
+ accumulator ||= {}
273
+ name, path = hint.split("=", 2)
274
+ accumulator[name] = path ? Chef::JSONCompat.parse(::File.read(path)) : {}
275
+ accumulator
288
276
  }
289
277
 
290
278
  # bootstrap override: url of a an installer shell script touse in place of omnitruck
@@ -292,8 +280,7 @@ class Chef
292
280
  # the provided options to knife bootstrap, so we set the Chef::Config option here.
293
281
  option :bootstrap_url,
294
282
  long: "--bootstrap-url URL",
295
- description: "URL to a custom installation script.",
296
- proc: Proc.new { |u| Chef::Config[:knife][:bootstrap_url] = u }
283
+ description: "URL to a custom installation script."
297
284
 
298
285
  option :bootstrap_product,
299
286
  long: "--bootstrap-product PRODUCT",
@@ -309,26 +296,22 @@ class Chef
309
296
  # bootstrap override: Do this instead of our own setup.sh from omnitruck. Causes bootstrap_url to be ignored.
310
297
  option :bootstrap_install_command,
311
298
  long: "--bootstrap-install-command COMMANDS",
312
- description: "Custom command to install #{Chef::Dist::PRODUCT}.",
313
- proc: Proc.new { |ic| Chef::Config[:knife][:bootstrap_install_command] = ic }
299
+ description: "Custom command to install #{Chef::Dist::PRODUCT}."
314
300
 
315
301
  # bootstrap template: Run this command first in the bootstrap script
316
302
  option :bootstrap_preinstall_command,
317
303
  long: "--bootstrap-preinstall-command COMMANDS",
318
- description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}.",
319
- proc: Proc.new { |preic| Chef::Config[:knife][:bootstrap_preinstall_command] = preic }
304
+ description: "Custom commands to run before installing #{Chef::Dist::PRODUCT}."
320
305
 
321
306
  # bootstrap template
322
307
  option :bootstrap_wget_options,
323
308
  long: "--bootstrap-wget-options OPTIONS",
324
- description: "Add options to wget when installing #{Chef::Dist::PRODUCT}.",
325
- proc: Proc.new { |wo| Chef::Config[:knife][:bootstrap_wget_options] = wo }
309
+ description: "Add options to wget when installing #{Chef::Dist::PRODUCT}."
326
310
 
327
311
  # bootstrap template
328
312
  option :bootstrap_curl_options,
329
313
  long: "--bootstrap-curl-options OPTIONS",
330
- description: "Add options to curl when install #{Chef::Dist::PRODUCT}.",
331
- proc: Proc.new { |co| Chef::Config[:knife][:bootstrap_curl_options] = co }
314
+ description: "Add options to curl when install #{Chef::Dist::PRODUCT}."
332
315
 
333
316
  # chef_vault_handler
334
317
  option :bootstrap_vault_file,
@@ -344,12 +327,12 @@ class Chef
344
327
  option :bootstrap_vault_item,
345
328
  long: "--bootstrap-vault-item VAULT_ITEM",
346
329
  description: 'A single vault and item to update as "vault:item".',
347
- proc: Proc.new { |i|
330
+ proc: Proc.new { |i, accumulator|
348
331
  (vault, item) = i.split(/:/)
349
- Chef::Config[:knife][:bootstrap_vault_item] ||= {}
350
- Chef::Config[:knife][:bootstrap_vault_item][vault] ||= []
351
- Chef::Config[:knife][:bootstrap_vault_item][vault].push(item)
352
- Chef::Config[:knife][:bootstrap_vault_item]
332
+ accumulator ||= {}
333
+ accumulator[vault] ||= []
334
+ accumulator[vault].push(item)
335
+ accumulator
353
336
  }
354
337
 
355
338
  # Deprecated options. These must be declared after
@@ -434,14 +417,14 @@ class Chef
434
417
  def client_builder
435
418
  @client_builder ||= Chef::Knife::Bootstrap::ClientBuilder.new(
436
419
  chef_config: Chef::Config,
437
- knife_config: config,
420
+ config: config,
438
421
  ui: ui
439
422
  )
440
423
  end
441
424
 
442
425
  def chef_vault_handler
443
426
  @chef_vault_handler ||= Chef::Knife::Bootstrap::ChefVaultHandler.new(
444
- knife_config: config,
427
+ config: config,
445
428
  ui: ui
446
429
  )
447
430
  end
@@ -466,7 +449,7 @@ class Chef
466
449
  # @return [String] Default bootstrap template
467
450
  def default_bootstrap_template
468
451
  if connection.windows?
469
- "windows-#{Chef::Dist::CLIENT}-msi"
452
+ "windows-chef-client-msi"
470
453
  else
471
454
  "chef-full"
472
455
  end
@@ -497,7 +480,7 @@ class Chef
497
480
  template = bootstrap_template
498
481
 
499
482
  # Use the template directly if it's a path to an actual file
500
- if File.exist?(template)
483
+ if File.exists?(template)
501
484
  Chef::Log.trace("Using the specified bootstrap template: #{File.dirname(template)}")
502
485
  return template
503
486
  end
@@ -512,7 +495,7 @@ class Chef
512
495
 
513
496
  template_file = Array(bootstrap_files).find do |bootstrap_template|
514
497
  Chef::Log.trace("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
515
- File.exist?(bootstrap_template)
498
+ File.exists?(bootstrap_template)
516
499
  end
517
500
 
518
501
  unless template_file
@@ -555,7 +538,7 @@ class Chef
555
538
  end
556
539
 
557
540
  def run
558
- check_license if ChefConfig::Dist::ENFORCE_LICENSE
541
+ check_license
559
542
 
560
543
  plugin_setup!
561
544
  validate_name_args!
@@ -597,8 +580,11 @@ class Chef
597
580
 
598
581
  bootstrap_context.client_pem = client_builder.client_path
599
582
  else
600
- ui.warn "Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}..."
601
- ui.warn "Remove the key file or remove the 'validation_key' configuration option from your config.rb (knife.rb) to use more secure user credentials for client registration."
583
+ ui.info <<~EOM
584
+ Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}...
585
+ Delete your validation key in order to use your user credentials for client registration instead.
586
+ EOM
587
+
602
588
  end
603
589
  end
604
590
 
@@ -616,7 +602,7 @@ class Chef
616
602
  end
617
603
 
618
604
  def connect!
619
- ui.info("Connecting to #{ui.color(server_name, :bold)} using #{connection_protocol}")
605
+ ui.info("Connecting to #{ui.color(server_name, :bold)}")
620
606
  opts ||= connection_opts.dup
621
607
  do_connect(opts)
622
608
  rescue Train::Error => e
@@ -683,9 +669,8 @@ class Chef
683
669
  return @connection_protocol if @connection_protocol
684
670
 
685
671
  from_url = host_descriptor =~ %r{^(.*)://} ? $1 : nil
686
- from_cli = config[:connection_protocol]
687
- from_knife = Chef::Config[:knife][:connection_protocol]
688
- @connection_protocol = from_url || from_cli || from_knife || "ssh"
672
+ from_knife = config[:connection_protocol]
673
+ @connection_protocol = from_url || from_knife || "ssh"
689
674
  end
690
675
 
691
676
  def do_connect(conn_options)
@@ -721,6 +706,10 @@ class Chef
721
706
  true
722
707
  end
723
708
 
709
+ def winrm_auth_method
710
+ config_value(:winrm_auth_method, :winrm_authentication_protocol, "negotiate")
711
+ end
712
+
724
713
  # Fail if using plaintext auth without ssl because
725
714
  # this can expose keys in plaintext on the wire.
726
715
  # TODO test for this method
@@ -729,8 +718,8 @@ class Chef
729
718
  return true unless winrm?
730
719
 
731
720
  if Chef::Config[:validation_key] && !File.exist?(File.expand_path(Chef::Config[:validation_key]))
732
- if config_value(:winrm_auth_method) == "plaintext" &&
733
- config_value(:winrm_ssl) != true
721
+ if winrm_auth_method == "plaintext" &&
722
+ config[:winrm_ssl] != true
734
723
  ui.error <<~EOM
735
724
  Validatorless bootstrap over unsecure winrm channels could expose your
736
725
  key to network sniffing.
@@ -854,9 +843,9 @@ class Chef
854
843
  # Reference:
855
844
  # https://github.com/chef/knife-windows/blob/92d151298142be4a4750c5b54bb264f8d5b81b8a/lib/chef/knife/winrm_knife_base.rb#L271-L273
856
845
  # TODO Seems like we should also do a similar warning if ssh_verify_host == false
857
- if config_value(:ca_trust_file).nil? &&
858
- config_value(:winrm_no_verify_cert) &&
859
- config_value(:winrm_ssl_peer_fingerprint).nil?
846
+ if config[:ca_trust_file].nil? &&
847
+ config[:winrm_no_verify_cert] &&
848
+ config[:winrm_ssl_peer_fingerprint].nil?
860
849
  ui.warn <<~WARN
861
850
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
862
851
  SSL validation of HTTPS requests for the WinRM transport is disabled.
@@ -902,16 +891,13 @@ class Chef
902
891
 
903
892
  # Common configuration for all protocols
904
893
  def base_opts
905
- port = config_value(:connection_port,
906
- knife_key_for_protocol(connection_protocol, :port))
907
- user = config_value(:connection_user,
908
- knife_key_for_protocol(connection_protocol, :user))
894
+ port = config_for_protocol(:port)
895
+ user = config_for_protocol(:user)
909
896
  {}.tap do |opts|
910
897
  opts[:logger] = Chef::Log
911
- # We do not store password in Chef::Config, so only use CLI `config` here
912
898
  opts[:password] = config[:connection_password] if config.key?(:connection_password)
913
899
  opts[:user] = user if user
914
- opts[:max_wait_until_ready] = config_value(:max_wait).to_f unless config_value(:max_wait).nil?
900
+ opts[:max_wait_until_ready] = config[:max_wait].to_f unless config[:max_wait].nil?
915
901
  # TODO - when would we need to provide rdp_port vs port? Or are they not mutually exclusive?
916
902
  opts[:port] = port if port
917
903
  end
@@ -919,7 +905,7 @@ class Chef
919
905
 
920
906
  def host_verify_opts
921
907
  if winrm?
922
- { self_signed: config_value(:winrm_no_verify_cert) === true }
908
+ { self_signed: config[:winrm_no_verify_cert] === true }
923
909
  elsif ssh?
924
910
  # Fall back to the old knife config key name for back compat.
925
911
  { verify_host_key: config_value(:ssh_verify_host_key, :host_key_verify, "always") }
@@ -933,7 +919,7 @@ class Chef
933
919
  return opts if winrm?
934
920
 
935
921
  opts[:non_interactive] = true # Prevent password prompts from underlying net/ssh
936
- opts[:forward_agent] = (config_value(:ssh_forward_agent) === true)
922
+ opts[:forward_agent] = (config[:ssh_forward_agent] === true)
937
923
  opts[:connection_timeout] = session_timeout
938
924
  opts
939
925
  end
@@ -942,7 +928,7 @@ class Chef
942
928
  opts = {}
943
929
  return opts if winrm?
944
930
 
945
- identity_file = config_value(:ssh_identity_file)
931
+ identity_file = config[:ssh_identity_file]
946
932
  if identity_file
947
933
  opts[:key_files] = [identity_file]
948
934
  # We only set keys_only based on the explicit ssh_identity_file;
@@ -962,7 +948,7 @@ class Chef
962
948
  opts[:keys_only] = false
963
949
  end
964
950
 
965
- gateway_identity_file = config_value(:ssh_gateway) ? config_value(:ssh_gateway_identity) : nil
951
+ gateway_identity_file = config[:ssh_gateway] ? config[:ssh_gateway_identity] : nil
966
952
  unless gateway_identity_file.nil?
967
953
  opts[:key_files] << gateway_identity_file
968
954
  end
@@ -972,8 +958,8 @@ class Chef
972
958
 
973
959
  def gateway_opts
974
960
  opts = {}
975
- if config_value(:ssh_gateway)
976
- split = config_value(:ssh_gateway).split("@", 2)
961
+ if config[:ssh_gateway]
962
+ split = config[:ssh_gateway].split("@", 2)
977
963
  if split.length == 1
978
964
  gw_host = split[0]
979
965
  else
@@ -1019,21 +1005,20 @@ class Chef
1019
1005
  def winrm_opts
1020
1006
  return {} unless winrm?
1021
1007
 
1022
- auth_method = config_value(:winrm_auth_method, :winrm_auth_method, "negotiate")
1023
1008
  opts = {
1024
- winrm_transport: auth_method, # winrm gem and train calls auth method 'transport'
1025
- winrm_basic_auth_only: config_value(:winrm_basic_auth_only) || false,
1026
- ssl: config_value(:winrm_ssl) === true,
1027
- ssl_peer_fingerprint: config_value(:winrm_ssl_peer_fingerprint),
1009
+ winrm_transport: winrm_auth_method, # winrm gem and train calls auth method 'transport'
1010
+ winrm_basic_auth_only: config[:winrm_basic_auth_only] || false,
1011
+ ssl: config[:winrm_ssl] === true,
1012
+ ssl_peer_fingerprint: config[:winrm_ssl_peer_fingerprint],
1028
1013
  }
1029
1014
 
1030
- if auth_method == "kerberos"
1031
- opts[:kerberos_service] = config_value(:kerberos_service) if config_value(:kerberos_service)
1032
- opts[:kerberos_realm] = config_value(:kerberos_realm) if config_value(:kerberos_service)
1015
+ if winrm_auth_method == "kerberos"
1016
+ opts[:kerberos_service] = config[:kerberos_service] if config[:kerberos_service]
1017
+ opts[:kerberos_realm] = config[:kerberos_realm] if config[:kerberos_service]
1033
1018
  end
1034
1019
 
1035
- if config_value(:ca_trust_file)
1036
- opts[:ca_trust_path] = config_value(:ca_trust_file)
1020
+ if config[:ca_trust_file]
1021
+ opts[:ca_trust_path] = config[:ca_trust_file]
1037
1022
  end
1038
1023
 
1039
1024
  opts[:operation_timeout] = session_timeout
@@ -1058,17 +1043,18 @@ class Chef
1058
1043
  }
1059
1044
  end
1060
1045
 
1061
- # Knife plugins should just use the config hash and not call this method. In the
1062
- # future there will be a way to deprecate Chef::Config options in addition to the
1063
- # CLI options, which will eliminate this methods primary purpose.
1046
+ # This is for deprecating config options. The fallback_key can be used
1047
+ # to pull an old knife config option out of the config file when the
1048
+ # cli value has been renamed. This is different from the deprecated
1049
+ # cli values, since these are for config options that have no corresponding
1050
+ # cli value.
1064
1051
  #
1065
- # In Chef-16 the single-argument verison of this function will be deprecated and
1066
- # config_value(:whatver) should be converted to config[:whatever]. That never had
1067
- # any purpose and never should have been used this way.
1052
+ # DO NOT USE - this whole API is considered deprecated
1068
1053
  #
1069
1054
  # @api deprecated
1070
1055
  #
1071
1056
  def config_value(key, fallback_key = nil, default = nil)
1057
+ Chef.deprecated(:knife_bootstrap_apis, "Use of config_value without a fallback_key is deprecated. Knife plugin authors should access the config hash directly, which does correct merging of cli and config options.") if fallback_key.nil?
1072
1058
  if config.key?(key)
1073
1059
  # the first key is the primary key so we check the merged hash first
1074
1060
  config[key]
@@ -1097,6 +1083,8 @@ class Chef
1097
1083
  end
1098
1084
  end
1099
1085
 
1086
+ private
1087
+
1100
1088
  # To avoid cluttering the CLI options, some flags (such as port and user)
1101
1089
  # are shared between protocols. However, there is still a need to allow the operator
1102
1090
  # to specify defaults separately, since they may not be the same values for different
@@ -1105,12 +1093,20 @@ class Chef
1105
1093
  # These keys are available in Chef::Config, and are prefixed with the protocol name.
1106
1094
  # For example, :user CLI option will map to :winrm_user and :ssh_user Chef::Config keys,
1107
1095
  # based on the connection protocol in use.
1108
- def knife_key_for_protocol(new_option, option = nil)
1109
- option = new_option if option.nil? # hacky compat with both old Chef-15 style and new Chef-16 style API signature
1110
- "#{connection_protocol}_#{option}".to_sym
1096
+
1097
+ # @api private
1098
+ def config_for_protocol(option)
1099
+ if option == :port
1100
+ config[:connection_port] || config[knife_key_for_protocol(option)]
1101
+ else
1102
+ config[:connection_user] || config[knife_key_for_protocol(option)]
1103
+ end
1111
1104
  end
1112
1105
 
1113
- private
1106
+ # @api private
1107
+ def knife_key_for_protocol(option)
1108
+ "#{connection_protocol}_#{option}".to_sym
1109
+ end
1114
1110
 
1115
1111
  # True if policy_name and run_list are both given
1116
1112
  def policyfile_and_run_list_given?
@@ -1133,7 +1129,7 @@ class Chef
1133
1129
  # session_timeout option has a default that may not arrive, particularly if
1134
1130
  # we're being invoked from a plugin that doesn't merge_config.
1135
1131
  def session_timeout
1136
- timeout = config_value(:session_timeout)
1132
+ timeout = config[:session_timeout]
1137
1133
  return options[:session_timeout][:default] if timeout.nil?
1138
1134
 
1139
1135
  timeout.to_i