chef 15.17.4 → 16.0.257

data/lib/chef/knife/core/gem_glob_loader.rb

@@ -47,7 +47,7 @@ class Chef
 
         def find_subcommands_via_dirglob
           # The "require paths" of the core knife subcommands bundled with chef
-          files = Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(File.expand_path("../../knife", __dir__)), "*.rb")]
+          files = Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(File.expand_path("../../../knife", __FILE__)), "*.rb")]
           subcommand_files = {}
           files.each do |knife_file|
             rel_path = knife_file[/#{CHEF_ROOT}#{Regexp.escape(File::SEPARATOR)}(.*)\.rb/, 1]

data/lib/chef/knife/core/generic_presenter.rb

@@ -37,9 +37,10 @@ class Chef
               short: "-a ATTR1 [-a ATTR2]",
               long: "--attribute ATTR1 [--attribute ATTR2] ",
               description: "Show one or more attributes",
-              proc: Proc.new { |a|
-                Chef::Config[:knife][:attribute] ||= []
-                Chef::Config[:knife][:attribute].push(a)
+              proc: Proc.new { |arg, accumulator|
+                accumulator ||= []
+                accumulator << arg
+                accumulator
               }
           end
         end

data/lib/chef/knife/core/hashed_command_loader.rb

@@ -27,7 +27,6 @@ class Chef
         KEY = "_autogenerated_command_paths".freeze
 
         attr_accessor :manifest
-
         def initialize(chef_config_dir, plugin_manifest)
           super(chef_config_dir)
           @manifest = plugin_manifest
@@ -53,7 +52,7 @@ class Chef
             paths = manifest[KEY]["plugins_paths"][command]
             if paths && paths.is_a?(Array)
               # It is only an error if all the paths don't exist
-              if paths.all? { |sc| !File.exist?(sc) }
+              if paths.all? { |sc| !File.exists?(sc) }
                 errors[command] = paths
               end
             end
@@ -77,7 +76,7 @@ class Chef
             false
           else
             paths.each do |sc|
-              if File.exist?(sc)
+              if File.exists?(sc)
                 Kernel.load sc
               else
                 return false

data/lib/chef/knife/core/node_presenter.rb

@@ -94,8 +94,8 @@ class Chef
         def summarize(data)
           if data.is_a?(Chef::Node)
             node = data
-            # special case ec2 with their split horizon whatsis.
-            ip = (node[:ec2] && node[:ec2][:public_ipv4]) || node[:ipaddress]
+            # special case clouds with their split horizon whatsis.
+            ip = (node[:cloud] && node[:cloud][:public_ipv4_addrs] && node[:cloud][:public_ipv4_addrs].first) || node[:ipaddress]
 
             summarized = <<~SUMMARY
               #{ui.color("Node Name:", :bold)}   #{ui.color(node.name, :bold)}

data/lib/chef/knife/core/status_presenter.rb

@@ -67,8 +67,8 @@ class Chef
 
             result["name"] = node["name"] || node.name
             result["chef_environment"] = node["chef_environment"]
-            ip = (node["ec2"] && node["ec2"]["public_ipv4"]) || node["ipaddress"]
-            fqdn = (node["ec2"] && node["ec2"]["public_hostname"]) || node["fqdn"]
+            ip = (node["cloud"] && node["cloud"]["public_ipv4_addrs"].first) || node["ipaddress"]
+            fqdn = (node["cloud"] && node["cloud"]["public_hostname"]) || node["fqdn"]
             result["ip"] = ip if ip
             result["fqdn"] = fqdn if fqdn
             result["run_list"] = node.run_list if config["run_list"]
@@ -95,9 +95,9 @@ class Chef
           summarized = ""
           list.each do |data|
             node = data
-            # special case ec2 with their split horizon whatsis.
-            ip = (node[:ec2] && node[:ec2][:public_ipv4]) || node[:ipaddress]
-            fqdn = (node[:ec2] && node[:ec2][:public_hostname]) || node[:fqdn]
+            # special case clouds with their split horizon whatsis.
+            ip = (node[:cloud] && node[:cloud][:public_ipv4_addrs] && node[:cloud][:public_ipv4_addrs].first) || node[:ipaddress]
+            fqdn = (node[:cloud] && node[:cloud][:public_hostname]) || node[:fqdn]
             name = node["name"] || node.name
 
             if config[:run_list]

data/lib/chef/knife/core/subcommand_loader.rb

@@ -125,7 +125,7 @@ class Chef
       #
       def find_subcommands_via_dirglob
         # The "require paths" of the core knife subcommands bundled with chef
-        files = Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(File.expand_path("../../knife", __dir__)), "*.rb")]
+        files = Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(File.expand_path("../../../knife", __FILE__)), "*.rb")]
         subcommand_files = {}
         files.each do |knife_file|
           rel_path = knife_file[/#{CHEF_ROOT}#{Regexp.escape(File::SEPARATOR)}(.*)\.rb/, 1]

data/lib/chef/knife/core/ui.rb

@@ -61,6 +61,14 @@ class Chef
         end
       end
 
+      # pastel.decorate is a lightweight replacement for highline.color
+      def pastel
+        @pastel ||= begin
+          require "pastel"
+          Pastel.new
+        end
+      end
+
       # Prints a message to stdout. Aliased as +info+ for compatibility with
       # the logger API.
       #
@@ -132,9 +140,17 @@ class Chef
         log("#{color("FATAL:", :red, :bold)} #{message}")
       end
 
+      # Print a message describing a fatal error and exit 1
+      #
+      # @param message [String] the text string
+      def fatal!(message)
+        fatal(message)
+        exit 1
+      end
+
       def color(string, *colors)
         if color?
-          highline.color(string, *colors)
+          pastel.decorate(string, *colors)
         else
           string
         end

data/lib/chef/knife/core/windows_bootstrap_context.rb

@@ -30,6 +30,8 @@ class Chef
       # * @run_list - the run list for the node to boostrap
       #
       class WindowsBootstrapContext < BootstrapContext
+        attr_accessor :config
+        attr_accessor :chef_config
 
         def initialize(config, run_list, chef_config, secret = nil)
           @config       = config
@@ -39,31 +41,16 @@ class Chef
           super(config, run_list, chef_config, secret)
         end
 
-        # This is a duplicate of ChefConfig::PathHelper.cleanpath, however
-        # this presumes Windows so we can avoid changing the method definitions
-        # across Chef, ChefConfig, and ChefUtils for the circumstance where
-        # the methods are being run for a system other than the one Ruby is
-        # executing on.
-        #
-        # We only need to cleanpath the paths that we are passing to cmd.exe,
-        # anything written to a configuration file or passed as an argument
-        # will be interpreted by ruby later and do the right thing.
-        def cleanpath(path)
-          path = Pathname.new(path).cleanpath.to_s
-          path = path.gsub(File::SEPARATOR, '\\')
-          path
-        end
-
         def validation_key
-          if File.exist?(File.expand_path(@chef_config[:validation_key]))
-            IO.read(File.expand_path(@chef_config[:validation_key]))
+          if File.exist?(File.expand_path(chef_config[:validation_key]))
+            IO.read(File.expand_path(chef_config[:validation_key]))
           else
             false
           end
         end
 
         def secret
-          escape_and_echo(@config[:secret])
+          escape_and_echo(config[:secret])
         end
 
         def trusted_certs_script
@@ -72,25 +59,25 @@ class Chef
 
         def config_content
           client_rb = <<~CONFIG
-            chef_server_url  "#{@chef_config[:chef_server_url]}"
-            validation_client_name "#{@chef_config[:validation_client_name]}"
+            chef_server_url  "#{chef_config[:chef_server_url]}"
+            validation_client_name "#{chef_config[:validation_client_name]}"
             file_cache_path   "#{ChefConfig::Config.var_chef_dir(true)}/cache"
             file_backup_path  "#{ChefConfig::Config.var_chef_dir(true)}/backup"
             cache_options     ({:path => "#{ChefConfig::Config.etc_chef_dir(true)}/cache/checksums", :skip_expires => true})
           CONFIG
 
-          unless @chef_config[:chef_license].nil?
-            client_rb << "chef_license \"#{@chef_config[:chef_license]}\"\n"
+          unless chef_config[:chef_license].nil?
+            client_rb << "chef_license \"#{chef_config[:chef_license]}\"\n"
           end
 
-          if @config[:chef_node_name]
-            client_rb << %Q{node_name "#{@config[:chef_node_name]}"\n}
+          if config[:chef_node_name]
+            client_rb << %Q{node_name "#{config[:chef_node_name]}"\n}
           else
             client_rb << "# Using default node name (fqdn)\n"
           end
 
-          if @chef_config[:config_log_level]
-            client_rb << %Q{log_level :#{@chef_config[:config_log_level]}\n}
+          if chef_config[:config_log_level]
+            client_rb << %Q{log_level :#{chef_config[:config_log_level]}\n}
           else
             client_rb << "log_level        :auto\n"
           end
@@ -99,21 +86,21 @@ class Chef
 
           # We configure :verify_api_cert only when it's overridden on the CLI
           # or when specified in the knife config.
-          if !@config[:node_verify_api_cert].nil? || knife_config.key?(:verify_api_cert)
-            value = @config[:node_verify_api_cert].nil? ? knife_config[:verify_api_cert] : @config[:node_verify_api_cert]
+          if !config[:node_verify_api_cert].nil? || config.key?(:verify_api_cert)
+            value = config[:node_verify_api_cert].nil? ? config[:verify_api_cert] : config[:node_verify_api_cert]
             client_rb << %Q{verify_api_cert #{value}\n}
           end
 
           # We configure :ssl_verify_mode only when it's overridden on the CLI
           # or when specified in the knife config.
-          if @config[:node_ssl_verify_mode] || knife_config.key?(:ssl_verify_mode)
-            value = case @config[:node_ssl_verify_mode]
+          if config[:node_ssl_verify_mode] || config.key?(:ssl_verify_mode)
+            value = case config[:node_ssl_verify_mode]
                     when "peer"
                       :verify_peer
                     when "none"
                       :verify_none
                     when nil
-                      knife_config[:ssl_verify_mode]
+                      config[:ssl_verify_mode]
                     else
                       nil
                     end
@@ -123,22 +110,22 @@ class Chef
             end
           end
 
-          if @config[:ssl_verify_mode]
-            client_rb << %Q{ssl_verify_mode :#{knife_config[:ssl_verify_mode]}\n}
+          if config[:ssl_verify_mode]
+            client_rb << %Q{ssl_verify_mode :#{config[:ssl_verify_mode]}\n}
           end
 
-          if knife_config[:bootstrap_proxy]
+          if config[:bootstrap_proxy]
             client_rb << "\n"
-            client_rb << %Q{http_proxy        "#{knife_config[:bootstrap_proxy]}"\n}
-            client_rb << %Q{https_proxy       "#{knife_config[:bootstrap_proxy]}"\n}
-            client_rb << %Q{no_proxy          "#{knife_config[:bootstrap_no_proxy]}"\n} if knife_config[:bootstrap_no_proxy]
+            client_rb << %Q{http_proxy        "#{config[:bootstrap_proxy]}"\n}
+            client_rb << %Q{https_proxy       "#{config[:bootstrap_proxy]}"\n}
+            client_rb << %Q{no_proxy          "#{config[:bootstrap_no_proxy]}"\n} if config[:bootstrap_no_proxy]
           end
 
-          if knife_config[:bootstrap_no_proxy]
-            client_rb << %Q{no_proxy       "#{knife_config[:bootstrap_no_proxy]}"\n}
+          if config[:bootstrap_no_proxy]
+            client_rb << %Q{no_proxy       "#{config[:bootstrap_no_proxy]}"\n}
           end
 
-          if @config[:secret]
+          if config[:secret]
             client_rb << %Q{encrypted_data_bag_secret "#{ChefConfig::Config.etc_chef_dir(true)}/encrypted_data_bag_secret"\n}
           end
 
@@ -146,7 +133,7 @@ class Chef
             client_rb << %Q{trusted_certs_dir "#{ChefConfig::Config.etc_chef_dir(true)}/trusted_certs"\n}
           end
 
-          if Chef::Config[:fips]
+          if chef_config[:fips]
             client_rb << "fips true\n"
           end
 
@@ -154,18 +141,18 @@ class Chef
         end
 
         def get_log_location
-          if @chef_config[:config_log_location].equal?(:win_evt)
-            %Q{:#{@chef_config[:config_log_location]}\n}
-          elsif @chef_config[:config_log_location].equal?(:syslog)
+          if chef_config[:config_log_location].equal?(:win_evt)
+            %Q{:#{chef_config[:config_log_location]}\n}
+          elsif chef_config[:config_log_location].equal?(:syslog)
             raise "syslog is not supported for log_location on Windows OS\n"
-          elsif @chef_config[:config_log_location].equal?(STDOUT)
+          elsif chef_config[:config_log_location].equal?(STDOUT)
             "STDOUT\n"
-          elsif @chef_config[:config_log_location].equal?(STDERR)
+          elsif chef_config[:config_log_location].equal?(STDERR)
             "STDERR\n"
-          elsif @chef_config[:config_log_location].nil? || @chef_config[:config_log_location].empty?
+          elsif chef_config[:config_log_location].nil? || chef_config[:config_log_location].empty?
             "STDOUT\n"
-          elsif @chef_config[:config_log_location]
-            %Q{"#{@chef_config[:config_log_location]}"\n}
+          elsif chef_config[:config_log_location]
+            %Q{"#{chef_config[:config_log_location]}"\n}
           else
             "STDOUT\n"
           end
@@ -173,7 +160,7 @@ class Chef
 
         def start_chef
           bootstrap_environment_option = bootstrap_environment.nil? ? "" : " -E #{bootstrap_environment}"
-          start_chef = "SET \"PATH=%SystemRoot%\\system32;%SystemRoot%;%SystemRoot%\\System32\\Wbem;%SYSTEMROOT%\\System32\\WindowsPowerShell\\v1.0\\;C:\\ruby\\bin;#{ChefConfig::Config.c_opscode_dir}\\bin;#{ChefConfig::Config.c_opscode_dir}\\embedded\\bin\;%PATH%\"\n"
+          start_chef = "SET \"PATH=%SystemRoot%\\system32;%SystemRoot%;%SystemRoot%\\System32\\Wbem;%SYSTEMROOT%\\System32\\WindowsPowerShell\\v1.0\\;C:\\ruby\\bin;#{ChefConfig::Config.c_opscode_dir}\\#{ChefConfig::Dist::DIR_SUFFIX}\\bin;#{ChefConfig::Config.c_opscode_dir}\\#{ChefConfig::Dist::DIR_SUFFIX}\\embedded\\bin\;%PATH%\"\n"
           start_chef << "#{Chef::Dist::CLIENT} -c #{ChefConfig::Config.etc_chef_dir(true)}/client.rb -j #{ChefConfig::Config.etc_chef_dir(true)}/first-boot.json#{bootstrap_environment_option}\n"
         end
 
@@ -275,7 +262,7 @@ class Chef
         end
 
         def bootstrap_directory
-          cleanpath(ChefConfig::Config.etc_chef_dir(true))
+          ChefConfig::Config.etc_chef_dir(true)
         end
 
         def local_download_path
@@ -285,15 +272,15 @@ class Chef
         # Build a URL to query www.chef.io that will redirect to the correct
         # Chef Infra msi download.
         def msi_url(machine_os = nil, machine_arch = nil, download_context = nil)
-          if @config[:msi_url].nil? || @config[:msi_url].empty?
+          if config[:msi_url].nil? || config[:msi_url].empty?
             url = "https://www.chef.io/chef/download?p=windows"
             url += "&pv=#{machine_os}" unless machine_os.nil?
             url += "&m=#{machine_arch}" unless machine_arch.nil?
             url += "&DownloadContext=#{download_context}" unless download_context.nil?
-            url += "&channel=#{@config[:channel]}"
+            url += "&channel=#{config[:channel]}"
             url += "&v=#{version_to_install}"
           else
-            @config[:msi_url]
+            config[:msi_url]
           end
         end
 
@@ -318,8 +305,8 @@ class Chef
         # This string should contain both the commands necessary to both create the files, as well as their content
         def trusted_certs_content
           content = ""
-          if @chef_config[:trusted_certs_dir]
-            Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(@chef_config[:trusted_certs_dir]), "*.{crt,pem}")).each do |cert|
+          if chef_config[:trusted_certs_dir]
+            Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(chef_config[:trusted_certs_dir]), "*.{crt,pem}")).each do |cert|
               content << "> #{bootstrap_directory}/trusted_certs/#{File.basename(cert)} (\n" +
                 escape_and_echo(IO.read(File.expand_path(cert))) + "\n)\n"
             end
@@ -329,8 +316,8 @@ class Chef
 
         def client_d_content
           content = ""
-          if @chef_config[:client_d_dir] && File.exist?(@chef_config[:client_d_dir])
-            root = Pathname(@chef_config[:client_d_dir])
+          if chef_config[:client_d_dir] && File.exist?(chef_config[:client_d_dir])
+            root = Pathname(chef_config[:client_d_dir])
             root.find do |f|
               relative = f.relative_path_from(root)
               if f != root

data/lib/chef/knife/data_bag_secret_options.rb

@@ -34,18 +34,13 @@ class Chef
       # are provided.
 
       def self.included(base)
-        base.option :secret,
-          short: "-s SECRET",
+        base.option :cl_secret,
           long: "--secret SECRET",
-          description: "The secret key to use to encrypt data bag item values. Can also be defaulted in your config with the key 'secret'.",
-          # Need to store value from command line in separate variable - knife#merge_configs populates same keys
-          # on config object from
-          proc: Proc.new { |s| set_cl_secret(s) }
+          description: "The secret key to use to encrypt data bag item values. Can also be defaulted in your config with the key 'secret'."
 
-        base.option :secret_file,
+        base.option :cl_secret_file,
           long: "--secret-file SECRET_FILE",
-          description: "A file containing the secret key to use to encrypt data bag item values. Can also be defaulted in your config with the key 'secret_file'.",
-          proc: Proc.new { |sf| set_cl_secret_file(sf) }
+          description: "A file containing the secret key to use to encrypt data bag item values. Can also be defaulted in your config with the key 'secret_file'."
 
         base.option :encrypt,
           long: "--encrypt",
@@ -67,32 +62,25 @@ class Chef
         # IE, if we are not running 'knife data bag *' we don't need to load 'chef/encrypted_data_bag_item'
         require_relative "../encrypted_data_bag_item"
 
-        if has_cl_secret?
-          config[:secret]
-        elsif has_cl_secret_file?
-          Chef::EncryptedDataBagItem.load_secret(config[:secret_file])
-        elsif secret = knife_config[:secret]
+        if config[:cl_secret]
+          config[:cl_secret]
+        elsif config[:cl_secret_file]
+          Chef::EncryptedDataBagItem.load_secret(config[:cl_secret_file])
+        elsif secret = config[:secret]
           secret
         else
-          secret_file = knife_config[:secret_file]
+          secret_file = config[:secret_file]
           Chef::EncryptedDataBagItem.load_secret(secret_file)
         end
       end
 
       def validate_secrets
-        if has_cl_secret?
-          if opt_parser.default_argv.include?("-s")
-            ui.warn("Secret short option -s is deprecated and will remove in the future. Please use --secret instead.
-")
-          end
-
-          if has_cl_secret_file?
-            ui.fatal("Please specify only one of --secret, --secret-file")
-            exit(1)
-          end
+        if config[:cl_secret] && config[:cl_secret_file]
+          ui.fatal("Please specify only one of --secret, --secret-file")
+          exit(1)
         end
 
-        if knife_config[:secret] && knife_config[:secret_file]
+        if config[:secret] && config[:secret_file]
           ui.fatal("Please specify only one of 'secret' or 'secret_file' in your config file")
           exit(1)
         end
@@ -106,41 +94,26 @@ class Chef
       def base_encryption_secret_provided?(need_encrypt_flag = true)
         validate_secrets
 
-        return true if has_cl_secret? || has_cl_secret_file?
+        return true if config[:cl_secret] || config[:cl_secret_file]
 
         if need_encrypt_flag
           if config[:encrypt]
-            unless knife_config[:secret] || knife_config[:secret_file]
+            unless config[:secret] || config[:secret_file]
               ui.fatal("No secret or secret_file specified in config, unable to encrypt item.")
               exit(1)
             end
             return true
           end
           return false
-        elsif knife_config[:secret] || knife_config[:secret_file]
+        elsif config[:secret] || config[:secret_file]
           # Certain situations (show and bootstrap) don't need a --encrypt flag to use the config file secret
           return true
         end
         false
       end
 
-      def has_cl_secret?
-        Chef::Config[:knife].key?(:cl_secret)
-      end
-
-      def self.set_cl_secret(s)
-        Chef::Config[:knife][:cl_secret] = s
-      end
-
-      def has_cl_secret_file?
-        Chef::Config[:knife].key?(:cl_secret_file)
-      end
-
-      def self.set_cl_secret_file(sf)
-        Chef::Config[:knife][:cl_secret_file] = sf
-      end
-
       def knife_config
+        Chef.deprecated(:knife_bootstrap_apis, "The `knife_config` bootstrap helper has been deprecated, use the properly merged `config` helper instead")
         Chef::Config.key?(:knife) ? Chef::Config[:knife] : {}
       end