chef 16.0.257-universal-mingw32 → 16.2.44-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (391) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +3 -1
  3. data/README.md +3 -3
  4. data/Rakefile +44 -16
  5. data/chef.gemspec +4 -4
  6. data/distro/powershell/chef/chef.psm1 +3 -3
  7. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  8. data/lib/chef/application/apply.rb +2 -2
  9. data/lib/chef/application/base.rb +1 -1
  10. data/lib/chef/application/client.rb +1 -1
  11. data/lib/chef/application/exit_code.rb +2 -2
  12. data/lib/chef/application/windows_service_manager.rb +1 -1
  13. data/lib/chef/chef_fs/chef_fs_data_store.rb +3 -3
  14. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  15. data/lib/chef/chef_fs/file_system/chef_server/acls_dir.rb +1 -1
  16. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +1 -1
  17. data/lib/chef/chef_fs/file_system/chef_server/policies_dir.rb +1 -1
  18. data/lib/chef/chef_fs/file_system/chef_server/rest_list_dir.rb +1 -1
  19. data/lib/chef/chef_fs/file_system/multiplexed_dir.rb +1 -1
  20. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  21. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  22. data/lib/chef/chef_fs/path_utils.rb +4 -4
  23. data/lib/chef/cookbook/chefignore.rb +1 -1
  24. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  25. data/lib/chef/cookbook/metadata.rb +2 -2
  26. data/lib/chef/cookbook_loader.rb +1 -1
  27. data/lib/chef/cookbook_manifest.rb +1 -1
  28. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  29. data/lib/chef/cookbook_version.rb +7 -7
  30. data/lib/chef/data_bag.rb +4 -4
  31. data/lib/chef/data_collector.rb +1 -1
  32. data/lib/chef/data_collector/error_handlers.rb +1 -1
  33. data/lib/chef/decorator/lazy_array.rb +2 -2
  34. data/lib/chef/deprecated.rb +5 -1
  35. data/lib/chef/digester.rb +4 -4
  36. data/lib/chef/dsl/declare_resource.rb +1 -1
  37. data/lib/chef/dsl/platform_introspection.rb +1 -1
  38. data/lib/chef/encrypted_data_bag_item/decryptor.rb +1 -1
  39. data/lib/chef/encrypted_data_bag_item/encryptor.rb +1 -1
  40. data/lib/chef/file_access_control.rb +1 -1
  41. data/lib/chef/formatters/base.rb +1 -1
  42. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  43. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  44. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  45. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  46. data/lib/chef/http.rb +18 -3
  47. data/lib/chef/http/decompressor.rb +1 -1
  48. data/lib/chef/http/http_request.rb +1 -1
  49. data/lib/chef/http/json_output.rb +1 -1
  50. data/lib/chef/http/ssl_policies.rb +18 -0
  51. data/lib/chef/json_compat.rb +1 -1
  52. data/lib/chef/key.rb +1 -1
  53. data/lib/chef/knife.rb +2 -2
  54. data/lib/chef/knife/bootstrap.rb +13 -16
  55. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  56. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  57. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  58. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +3 -1
  59. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  60. data/lib/chef/knife/config_get.rb +1 -1
  61. data/lib/chef/knife/cookbook_delete.rb +1 -1
  62. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  63. data/lib/chef/knife/core/hashed_command_loader.rb +1 -1
  64. data/lib/chef/knife/core/node_presenter.rb +1 -1
  65. data/lib/chef/knife/core/status_presenter.rb +1 -1
  66. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  67. data/lib/chef/knife/core/windows_bootstrap_context.rb +18 -3
  68. data/lib/chef/knife/data_bag_create.rb +1 -1
  69. data/lib/chef/knife/environment_compare.rb +1 -1
  70. data/lib/chef/knife/key_create_base.rb +1 -1
  71. data/lib/chef/knife/key_edit_base.rb +1 -1
  72. data/lib/chef/knife/list.rb +1 -1
  73. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  74. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  75. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  76. data/lib/chef/knife/ssh.rb +2 -2
  77. data/lib/chef/knife/supermarket_install.rb +1 -1
  78. data/lib/chef/knife/supermarket_share.rb +1 -1
  79. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  80. data/lib/chef/knife/{user_invite_recind.rb → user_invite_rescind.rb} +6 -6
  81. data/lib/chef/knife/yaml_convert.rb +2 -2
  82. data/lib/chef/log.rb +1 -1
  83. data/lib/chef/mixin/api_version_request_handling.rb +1 -1
  84. data/lib/chef/mixin/checksum.rb +0 -1
  85. data/lib/chef/mixin/create_path.rb +8 -8
  86. data/lib/chef/mixin/openssl_helper.rb +4 -4
  87. data/lib/chef/mixin/properties.rb +4 -2
  88. data/lib/chef/mixin/securable.rb +2 -2
  89. data/lib/chef/mixin/shell_out.rb +1 -1
  90. data/lib/chef/node/attribute.rb +2 -2
  91. data/lib/chef/node/immutable_collections.rb +1 -1
  92. data/lib/chef/node/mixin/deep_merge_cache.rb +7 -7
  93. data/lib/chef/policy_builder/policyfile.rb +1 -1
  94. data/lib/chef/powershell.rb +1 -1
  95. data/lib/chef/property.rb +2 -2
  96. data/lib/chef/provider.rb +3 -3
  97. data/lib/chef/provider/batch.rb +3 -10
  98. data/lib/chef/provider/cron.rb +2 -14
  99. data/lib/chef/provider/directory.rb +1 -1
  100. data/lib/chef/provider/execute.rb +3 -2
  101. data/lib/chef/provider/file.rb +1 -1
  102. data/lib/chef/provider/group/dscl.rb +2 -2
  103. data/lib/chef/provider/group/windows.rb +1 -1
  104. data/lib/chef/provider/ifconfig.rb +7 -7
  105. data/lib/chef/provider/launchd.rb +28 -32
  106. data/lib/chef/provider/mount/aix.rb +1 -1
  107. data/lib/chef/provider/mount/windows.rb +2 -2
  108. data/lib/chef/provider/noop.rb +1 -1
  109. data/lib/chef/provider/package/cab.rb +1 -1
  110. data/lib/chef/provider/package/chocolatey.rb +1 -1
  111. data/lib/chef/provider/package/dpkg.rb +1 -1
  112. data/lib/chef/provider/package/freebsd/base.rb +2 -1
  113. data/lib/chef/provider/package/homebrew.rb +1 -1
  114. data/lib/chef/provider/package/macports.rb +0 -2
  115. data/lib/chef/provider/package/openbsd.rb +1 -1
  116. data/lib/chef/provider/package/portage.rb +3 -2
  117. data/lib/chef/provider/package/powershell.rb +6 -2
  118. data/lib/chef/provider/package/rubygems.rb +3 -3
  119. data/lib/chef/provider/package/snap.rb +96 -27
  120. data/lib/chef/provider/package/windows.rb +27 -52
  121. data/lib/chef/provider/package/windows/msi.rb +3 -3
  122. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  123. data/lib/chef/provider/package/yum.rb +1 -1
  124. data/lib/chef/provider/package/yum/yum_cache.rb +1 -1
  125. data/lib/chef/provider/powershell_script.rb +11 -15
  126. data/lib/chef/provider/remote_directory.rb +2 -2
  127. data/lib/chef/provider/remote_file/http.rb +4 -1
  128. data/lib/chef/provider/script.rb +4 -75
  129. data/lib/chef/provider/service/arch.rb +2 -2
  130. data/lib/chef/provider/service/debian.rb +2 -2
  131. data/lib/chef/provider/service/macosx.rb +13 -2
  132. data/lib/chef/provider/service/openbsd.rb +4 -4
  133. data/lib/chef/provider/service/redhat.rb +1 -1
  134. data/lib/chef/provider/service/simple.rb +3 -3
  135. data/lib/chef/provider/service/upstart.rb +1 -1
  136. data/lib/chef/provider/service/windows.rb +1 -1
  137. data/lib/chef/provider/subversion.rb +2 -2
  138. data/lib/chef/provider/user/aix.rb +1 -1
  139. data/lib/chef/provider/user/dscl.rb +7 -7
  140. data/lib/chef/provider/user/linux.rb +3 -3
  141. data/lib/chef/provider/user/mac.rb +15 -11
  142. data/lib/chef/provider/windows_script.rb +87 -25
  143. data/lib/chef/provider/windows_task.rb +5 -3
  144. data/lib/chef/provider/zypper_repository.rb +30 -10
  145. data/lib/chef/resource.rb +25 -14
  146. data/lib/chef/resource/alternatives.rb +65 -4
  147. data/lib/chef/resource/apt_package.rb +31 -2
  148. data/lib/chef/resource/apt_preference.rb +34 -5
  149. data/lib/chef/resource/apt_repository.rb +22 -15
  150. data/lib/chef/resource/apt_update.rb +6 -4
  151. data/lib/chef/resource/archive_file.rb +33 -12
  152. data/lib/chef/resource/bash.rb +1 -2
  153. data/lib/chef/resource/batch.rb +5 -3
  154. data/lib/chef/resource/bff_package.rb +1 -1
  155. data/lib/chef/resource/breakpoint.rb +1 -1
  156. data/lib/chef/resource/build_essential.rb +8 -4
  157. data/lib/chef/resource/cab_package.rb +1 -1
  158. data/lib/chef/resource/chef_client_cron.rb +12 -9
  159. data/lib/chef/resource/chef_client_scheduled_task.rb +22 -7
  160. data/lib/chef/resource/chef_client_systemd_timer.rb +10 -7
  161. data/lib/chef/resource/chef_gem.rb +6 -2
  162. data/lib/chef/resource/chef_handler.rb +3 -3
  163. data/lib/chef/resource/chef_sleep.rb +7 -4
  164. data/lib/chef/resource/chef_vault_secret.rb +4 -4
  165. data/lib/chef/resource/chocolatey_config.rb +5 -3
  166. data/lib/chef/resource/chocolatey_feature.rb +5 -3
  167. data/lib/chef/resource/chocolatey_package.rb +5 -3
  168. data/lib/chef/resource/chocolatey_source.rb +5 -3
  169. data/lib/chef/resource/cookbook_file.rb +3 -2
  170. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  171. data/lib/chef/resource/cron/cron.rb +46 -0
  172. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +28 -94
  173. data/lib/chef/resource/cron_access.rb +17 -6
  174. data/lib/chef/resource/csh.rb +1 -2
  175. data/lib/chef/resource/directory.rb +1 -1
  176. data/lib/chef/resource/dmg_package.rb +18 -15
  177. data/lib/chef/resource/dnf_package.rb +1 -1
  178. data/lib/chef/resource/dpkg_package.rb +1 -1
  179. data/lib/chef/resource/execute.rb +479 -9
  180. data/lib/chef/resource/file.rb +11 -8
  181. data/lib/chef/resource/freebsd_package.rb +2 -2
  182. data/lib/chef/resource/gem_package.rb +6 -6
  183. data/lib/chef/resource/group.rb +1 -1
  184. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  185. data/lib/chef/resource/homebrew_cask.rb +1 -1
  186. data/lib/chef/resource/homebrew_package.rb +30 -1
  187. data/lib/chef/resource/homebrew_tap.rb +1 -1
  188. data/lib/chef/resource/homebrew_update.rb +107 -0
  189. data/lib/chef/resource/hostname.rb +11 -24
  190. data/lib/chef/resource/http_request.rb +1 -1
  191. data/lib/chef/resource/ifconfig.rb +7 -7
  192. data/lib/chef/resource/ips_package.rb +1 -1
  193. data/lib/chef/resource/kernel_module.rb +15 -2
  194. data/lib/chef/resource/ksh.rb +1 -1
  195. data/lib/chef/resource/launchd.rb +5 -5
  196. data/lib/chef/resource/link.rb +4 -4
  197. data/lib/chef/resource/locale.rb +4 -4
  198. data/lib/chef/resource/log.rb +1 -1
  199. data/lib/chef/resource/macos_userdefaults.rb +15 -10
  200. data/lib/chef/resource/macosx_service.rb +1 -1
  201. data/lib/chef/resource/macports_package.rb +1 -1
  202. data/lib/chef/resource/mdadm.rb +1 -1
  203. data/lib/chef/resource/mount.rb +2 -2
  204. data/lib/chef/resource/msu_package.rb +2 -2
  205. data/lib/chef/resource/ohai.rb +1 -1
  206. data/lib/chef/resource/ohai_hint.rb +1 -1
  207. data/lib/chef/resource/openbsd_package.rb +1 -1
  208. data/lib/chef/resource/openssl_dhparam.rb +1 -1
  209. data/lib/chef/resource/openssl_ec_private_key.rb +1 -1
  210. data/lib/chef/resource/openssl_ec_public_key.rb +1 -1
  211. data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
  212. data/lib/chef/resource/openssl_rsa_public_key.rb +1 -1
  213. data/lib/chef/resource/openssl_x509_certificate.rb +1 -1
  214. data/lib/chef/resource/openssl_x509_crl.rb +1 -1
  215. data/lib/chef/resource/openssl_x509_request.rb +1 -1
  216. data/lib/chef/resource/osx_profile.rb +1 -1
  217. data/lib/chef/resource/package.rb +1 -1
  218. data/lib/chef/resource/pacman_package.rb +1 -1
  219. data/lib/chef/resource/paludis_package.rb +1 -1
  220. data/lib/chef/resource/perl.rb +1 -2
  221. data/lib/chef/resource/plist.rb +24 -5
  222. data/lib/chef/resource/portage_package.rb +1 -1
  223. data/lib/chef/resource/powershell_package.rb +1 -1
  224. data/lib/chef/resource/powershell_package_source.rb +1 -1
  225. data/lib/chef/resource/powershell_script.rb +5 -3
  226. data/lib/chef/resource/python.rb +1 -2
  227. data/lib/chef/resource/reboot.rb +1 -1
  228. data/lib/chef/resource/registry_key.rb +1 -1
  229. data/lib/chef/resource/remote_directory.rb +1 -1
  230. data/lib/chef/resource/remote_file.rb +26 -11
  231. data/lib/chef/resource/rhsm_errata.rb +1 -3
  232. data/lib/chef/resource/rhsm_errata_level.rb +1 -1
  233. data/lib/chef/resource/rhsm_register.rb +1 -2
  234. data/lib/chef/resource/rhsm_repo.rb +1 -2
  235. data/lib/chef/resource/rhsm_subscription.rb +1 -3
  236. data/lib/chef/resource/route.rb +1 -1
  237. data/lib/chef/resource/rpm_package.rb +5 -2
  238. data/lib/chef/resource/ruby.rb +1 -2
  239. data/lib/chef/resource/ruby_block.rb +1 -4
  240. data/lib/chef/resource/scm/_scm.rb +4 -3
  241. data/lib/chef/resource/scm/git.rb +2 -2
  242. data/lib/chef/resource/scm/subversion.rb +2 -2
  243. data/lib/chef/resource/script.rb +1 -1
  244. data/lib/chef/resource/service.rb +1 -1
  245. data/lib/chef/resource/smartos_package.rb +1 -1
  246. data/lib/chef/resource/snap_package.rb +1 -1
  247. data/lib/chef/resource/solaris_package.rb +1 -1
  248. data/lib/chef/resource/ssh_known_hosts_entry.rb +1 -1
  249. data/lib/chef/resource/sudo.rb +4 -4
  250. data/lib/chef/resource/swap_file.rb +2 -2
  251. data/lib/chef/resource/sysctl.rb +61 -2
  252. data/lib/chef/resource/systemd_unit.rb +2 -2
  253. data/lib/chef/resource/template.rb +1 -1
  254. data/lib/chef/resource/timezone.rb +1 -1
  255. data/lib/chef/resource/user.rb +2 -2
  256. data/lib/chef/resource/user_ulimit.rb +24 -22
  257. data/lib/chef/resource/windows_ad_join.rb +31 -2
  258. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  259. data/lib/chef/resource/windows_auto_run.rb +13 -2
  260. data/lib/chef/resource/windows_certificate.rb +28 -2
  261. data/lib/chef/resource/windows_dfs_folder.rb +1 -1
  262. data/lib/chef/resource/windows_dfs_namespace.rb +1 -1
  263. data/lib/chef/resource/windows_dfs_server.rb +2 -2
  264. data/lib/chef/resource/windows_env.rb +10 -1
  265. data/lib/chef/resource/windows_feature.rb +57 -2
  266. data/lib/chef/resource/windows_feature_dism.rb +15 -2
  267. data/lib/chef/resource/windows_feature_powershell.rb +29 -2
  268. data/lib/chef/resource/windows_firewall_rule.rb +11 -7
  269. data/lib/chef/resource/windows_font.rb +13 -4
  270. data/lib/chef/resource/windows_package.rb +66 -6
  271. data/lib/chef/resource/windows_pagefile.rb +32 -4
  272. data/lib/chef/resource/windows_path.rb +18 -1
  273. data/lib/chef/resource/windows_printer.rb +26 -6
  274. data/lib/chef/resource/windows_printer_port.rb +29 -1
  275. data/lib/chef/resource/windows_script.rb +2 -16
  276. data/lib/chef/resource/windows_security_policy.rb +47 -16
  277. data/lib/chef/resource/windows_service.rb +1 -1
  278. data/lib/chef/resource/windows_share.rb +23 -3
  279. data/lib/chef/resource/windows_shortcut.rb +13 -3
  280. data/lib/chef/resource/windows_task.rb +143 -29
  281. data/lib/chef/resource/windows_uac.rb +20 -1
  282. data/lib/chef/resource/windows_user_privilege.rb +45 -3
  283. data/lib/chef/resource/windows_workgroup.rb +19 -3
  284. data/lib/chef/resource/yum_package.rb +88 -6
  285. data/lib/chef/resource/yum_repository.rb +36 -19
  286. data/lib/chef/resource/zypper_package.rb +29 -3
  287. data/lib/chef/resource/zypper_repository.rb +17 -5
  288. data/lib/chef/resource_inspector.rb +5 -4
  289. data/lib/chef/resources.rb +4 -2
  290. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  291. data/lib/chef/scan_access_control.rb +1 -1
  292. data/lib/chef/search/query.rb +1 -1
  293. data/lib/chef/shell/ext.rb +1 -1
  294. data/lib/chef/util/diff.rb +2 -2
  295. data/lib/chef/util/dsc/lcm_output_parser.rb +3 -3
  296. data/lib/chef/util/windows/net_user.rb +1 -1
  297. data/lib/chef/util/windows/volume.rb +1 -1
  298. data/lib/chef/version.rb +1 -1
  299. data/lib/chef/win32/api.rb +2 -2
  300. data/lib/chef/win32/api/error.rb +3 -1
  301. data/lib/chef/win32/api/file.rb +18 -18
  302. data/lib/chef/win32/api/net.rb +1 -0
  303. data/lib/chef/win32/file.rb +1 -1
  304. data/lib/chef/win32/mutex.rb +1 -1
  305. data/lib/chef/win32/net.rb +1 -0
  306. data/lib/chef/win32/process.rb +2 -2
  307. data/lib/chef/win32/registry.rb +2 -2
  308. data/lib/chef/win32/security.rb +1 -1
  309. data/lib/chef/win32/security/sid.rb +4 -4
  310. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  311. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  312. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  313. data/spec/functional/resource/cron_spec.rb +10 -0
  314. data/spec/functional/resource/dnf_package_spec.rb +2 -2
  315. data/spec/functional/resource/git_spec.rb +6 -6
  316. data/spec/functional/resource/launchd_spec.rb +232 -0
  317. data/spec/functional/resource/link_spec.rb +3 -3
  318. data/spec/functional/resource/remote_file_spec.rb +3 -3
  319. data/spec/functional/resource/user/dscl_spec.rb +1 -1
  320. data/spec/functional/resource/user/mac_user_spec.rb +1 -1
  321. data/spec/functional/resource/windows_task_spec.rb +12 -12
  322. data/spec/integration/knife/raw_spec.rb +4 -4
  323. data/spec/integration/knife/redirection_spec.rb +2 -2
  324. data/spec/support/chef_helpers.rb +1 -1
  325. data/spec/support/platform_helpers.rb +1 -14
  326. data/spec/support/platforms/win32/spec_service.rb +1 -1
  327. data/spec/support/shared/functional/execute_resource.rb +1 -1
  328. data/spec/support/shared/functional/file_resource.rb +1 -1
  329. data/spec/support/shared/functional/http.rb +2 -2
  330. data/spec/support/shared/functional/windows_script.rb +1 -1
  331. data/spec/support/shared/unit/execute_resource.rb +1 -1
  332. data/spec/support/shared/unit/mock_shellout.rb +1 -1
  333. data/spec/support/shared/unit/provider/useradd_based_user_provider.rb +4 -4
  334. data/spec/unit/application_spec.rb +7 -0
  335. data/spec/unit/data_bag_spec.rb +1 -1
  336. data/spec/unit/file_access_control_spec.rb +1 -1
  337. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  338. data/spec/unit/knife/bootstrap_spec.rb +2 -2
  339. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +7 -1
  340. data/spec/unit/knife/role_env_run_list_add_spec.rb +6 -6
  341. data/spec/unit/knife/role_env_run_list_clear_spec.rb +4 -4
  342. data/spec/unit/knife/role_env_run_list_remove_spec.rb +4 -4
  343. data/spec/unit/knife/role_env_run_list_replace_spec.rb +4 -4
  344. data/spec/unit/knife/role_env_run_list_set_spec.rb +4 -4
  345. data/spec/unit/knife/role_run_list_add_spec.rb +6 -6
  346. data/spec/unit/knife/role_run_list_clear_spec.rb +4 -4
  347. data/spec/unit/knife/role_run_list_remove_spec.rb +4 -4
  348. data/spec/unit/knife/role_run_list_replace_spec.rb +4 -4
  349. data/spec/unit/knife/role_run_list_set_spec.rb +4 -4
  350. data/spec/unit/mixin/openssl_helper_spec.rb +4 -4
  351. data/spec/unit/mixin/shell_out_spec.rb +25 -31
  352. data/spec/unit/mixin/user_context_spec.rb +1 -9
  353. data/spec/unit/node/attribute_spec.rb +1 -1
  354. data/spec/unit/property_spec.rb +1 -1
  355. data/spec/unit/provider/apt_repository_spec.rb +27 -27
  356. data/spec/unit/provider/batch_spec.rb +130 -0
  357. data/spec/unit/provider/cron_spec.rb +9 -49
  358. data/spec/unit/provider/git_spec.rb +3 -3
  359. data/spec/unit/provider/group/groupadd_spec.rb +1 -1
  360. data/spec/unit/provider/launchd_spec.rb +8 -50
  361. data/spec/unit/provider/osx_profile_spec.rb +2 -2
  362. data/spec/unit/provider/package/msu_spec.rb +3 -3
  363. data/spec/unit/provider/package/portage_spec.rb +2 -2
  364. data/spec/unit/provider/package/powershell_spec.rb +96 -87
  365. data/spec/unit/provider/package/snap_spec.rb +1 -1
  366. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  367. data/spec/unit/provider/script_spec.rb +20 -110
  368. data/spec/unit/provider/service/gentoo_service_spec.rb +1 -1
  369. data/spec/unit/provider/zypper_repository_spec.rb +75 -25
  370. data/spec/unit/provider_resolver_spec.rb +11 -11
  371. data/spec/unit/resource/archive_file_spec.rb +11 -2
  372. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  373. data/spec/unit/resource/cron_spec.rb +2 -2
  374. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  375. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  376. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  377. data/spec/unit/resource/timezone_spec.rb +1 -1
  378. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  379. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  380. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  381. data/spec/unit/resource/windows_package_spec.rb +10 -0
  382. data/spec/unit/resource/windows_task_spec.rb +1 -1
  383. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  384. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  385. data/spec/unit/resource_spec.rb +67 -1
  386. data/spec/unit/run_context_spec.rb +1 -1
  387. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  388. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  389. data/spec/unit/win32/registry_spec.rb +1 -1
  390. metadata +28 -27
  391. data/lib/chef/resource/cron.rb +0 -157
@@ -28,21 +28,24 @@ class Chef
28
28
  provides(:cron_manage) # legacy name @todo in Chef 15 we should { true } this so it wins over the cookbook
29
29
 
30
30
  introduced "14.4"
31
- description "Use the cron_access resource to manage the /etc/cron.allow and /etc/cron.deny files."
31
+ description "Use the **cron_access** resource to manage cron's cron.allow and cron.deny files. Note: This resource previously shipped in the `cron` cookbook as `cron_manage`, which it can still be used as for backwards compatibility with existing Chef Infra Client releases."
32
32
  examples <<~DOC
33
- Add the mike user to cron.allow
33
+ **Add the mike user to cron.allow**
34
+
34
35
  ```ruby
35
36
  cron_access 'mike'
36
37
  ```
37
38
 
38
- Add the mike user to cron.deny
39
+ **Add the mike user to cron.deny**
40
+
39
41
  ```ruby
40
42
  cron_access 'mike' do
41
43
  action :deny
42
44
  end
43
45
  ```
44
46
 
45
- Specify the username with the user property
47
+ **Specify the username with the user property**
48
+
46
49
  ```ruby
47
50
  cron_access 'Deny the jenkins user access to cron for security purposes' do
48
51
  user 'jenkins'
@@ -55,11 +58,18 @@ class Chef
55
58
  description: "An optional property to set the user name if it differs from the resource block's name.",
56
59
  name_property: true
57
60
 
61
+ CRON_PATHS = {
62
+ "aix" => "/var/adm/cron",
63
+ "solaris" => "/etc/cron.d",
64
+ "default" => "/etc",
65
+ }.freeze
66
+
58
67
  action :allow do
59
68
  description "Add the user to the cron.allow file."
69
+ allow_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.allow")
60
70
 
61
71
  with_run_context :root do
62
- edit_resource(:template, "/etc/cron.allow") do |new_resource|
72
+ edit_resource(:template, allow_path) do |new_resource|
63
73
  source ::File.expand_path("../support/cron_access.erb", __FILE__)
64
74
  local true
65
75
  mode "0600"
@@ -73,9 +83,10 @@ class Chef
73
83
 
74
84
  action :deny do
75
85
  description "Add the user to the cron.deny file."
86
+ deny_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.deny")
76
87
 
77
88
  with_run_context :root do
78
- edit_resource(:template, "/etc/cron.deny") do |new_resource|
89
+ edit_resource(:template, deny_path) do |new_resource|
79
90
  source ::File.expand_path("../support/cron_access.erb", __FILE__)
80
91
  local true
81
92
  mode "0600"
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "script"
20
- require_relative "../provider/script"
21
20
 
22
21
  class Chef
23
22
  class Resource
@@ -26,7 +25,7 @@ class Chef
26
25
 
27
26
  provides :csh
28
27
 
29
- description "Use the csh resource to execute scripts using the csh interpreter."\
28
+ description "Use the **csh** resource to execute scripts using the csh interpreter."\
30
29
  " This resource may also use any of the actions and properties that are"\
31
30
  " available to the execute resource. Commands that are executed with this"\
32
31
  " resource are (by their nature) not idempotent, as they are typically"\
@@ -28,7 +28,7 @@ class Chef
28
28
 
29
29
  provides :directory
30
30
 
31
- description "Use the directory resource to manage a directory, which is a hierarchy"\
31
+ description "Use the **directory** resource to manage a directory, which is a hierarchy"\
32
32
  " of folders that comprises all of the information stored on a computer."\
33
33
  " The root directory is the top-level, under which the rest of the directory"\
34
34
  " is organized. The directory resource uses the name property to specify the"\
@@ -24,10 +24,11 @@ class Chef
24
24
 
25
25
  provides(:dmg_package) { true }
26
26
 
27
- description "Use the dmg_package resource to install a package from a .dmg file. The resource will retrieve the dmg file from a remote URL, mount it using OS X's hdidutil, copy the application (.app directory) to the specified destination (/Applications), and detach the image using hdiutil. The dmg file will be stored in the Chef::Config[:file_cache_path]."
27
+ description "Use the **dmg_package** resource to install a package from a .dmg file. The resource will retrieve the dmg file from a remote URL, mount it using macOS' `hdidutil`, copy the application (.app directory) to the specified destination (`/Applications`), and detach the image using `hdiutil`. The dmg file will be stored in the `Chef::Config[:file_cache_path]`."
28
28
  introduced "14.0"
29
29
  examples <<~DOC
30
- Install Google Chrome via the DMG package
30
+ **Install Google Chrome via the DMG package**:
31
+
31
32
  ```ruby
32
33
  dmg_package 'Google Chrome' do
33
34
  dmg_name 'googlechrome'
@@ -37,7 +38,8 @@ class Chef
37
38
  end
38
39
  ```
39
40
 
40
- Install Virtualbox from the .mpkg
41
+ **Install Virtualbox from the .mpkg**:
42
+
41
43
  ```ruby
42
44
  dmg_package 'Virtualbox' do
43
45
  source 'http://dlc.sun.com.edgesuite.net/virtualbox/4.0.8/VirtualBox-4.0.8-71778-OSX.dmg'
@@ -45,7 +47,8 @@ class Chef
45
47
  end
46
48
  ```
47
49
 
48
- Install pgAdmin and automatically accept the EULA
50
+ **Install pgAdmin and automatically accept the EULA**:
51
+
49
52
  ```ruby
50
53
  dmg_package 'pgAdmin3' do
51
54
  source 'http://wwwmaster.postgresql.org/redir/198/h/pgadmin3/release/v1.12.3/osx/pgadmin3-1.12.3.dmg'
@@ -56,31 +59,31 @@ class Chef
56
59
  DOC
57
60
 
58
61
  property :app, String,
59
- description: "The name of the application as it appears in the /Volumes directory if it differs from the resource block's name.",
62
+ description: "The name of the application as it appears in the `/Volumes` directory if it differs from the resource block's name.",
60
63
  name_property: true
61
64
 
62
65
  property :source, String,
63
- description: "The remote URL that is used to download the .dmg file, if specified."
66
+ description: "The remote URL that is used to download the `.dmg` file, if specified."
64
67
 
65
68
  property :file, String,
66
- description: "The full path to the .dmg file on the local system."
69
+ description: "The full path to the `.dmg` file on the local system."
67
70
 
68
71
  property :owner, [String, Integer],
69
72
  description: "The user that should own the package installation."
70
73
 
71
74
  property :destination, String,
72
- description: "The directory to copy the .app into.",
75
+ description: "The directory to copy the `.app` into.",
73
76
  default: "/Applications"
74
77
 
75
78
  property :checksum, String,
76
- description: "The sha256 checksum of the .dmg file to download."
79
+ description: "The sha256 checksum of the `.dmg` file to download."
77
80
 
78
81
  property :volumes_dir, String,
79
- description: "The directory under /Volumes where the dmg is mounted if it differs from the name of the .dmg file.",
82
+ description: "The directory under `/Volumes` where the `dmg` is mounted if it differs from the name of the `.dmg` file.",
80
83
  default: lazy { app }, default_description: "The value passed for the application name."
81
84
 
82
85
  property :dmg_name, String,
83
- description: "The name of the .dmg file if it differs from that of the app, or if the name has spaces.",
86
+ description: "The name of the `.dmg` file if it differs from that of the app, or if the name has spaces.",
84
87
  desired_state: false,
85
88
  default: lazy { app }, default_description: "The value passed for the application name."
86
89
 
@@ -90,18 +93,18 @@ class Chef
90
93
  default: "app", desired_state: false
91
94
 
92
95
  property :package_id, String,
93
- description: "The package ID that is registered with pkgutil when a pkg or mpkg is installed."
96
+ description: "The package ID that is registered with `pkgutil` when a `pkg` or `mpkg` is installed."
94
97
 
95
98
  property :dmg_passphrase, String,
96
- description: "Specify a passphrase to be used to decrypt the .dmg file during the mount process.",
99
+ description: "Specify a passphrase to be used to decrypt the `.dmg` file during the mount process.",
97
100
  desired_state: false
98
101
 
99
102
  property :accept_eula, [TrueClass, FalseClass],
100
- description: "Specify whether to accept the EULA. Certain dmgs require acceptance of EULA before mounting.",
103
+ description: "Specify whether to accept the EULA. Certain dmg files require acceptance of EULA before mounting.",
101
104
  default: false, desired_state: false
102
105
 
103
106
  property :headers, Hash,
104
- description: "Allows custom HTTP headers (like cookies) to be set on the remote_file resource.",
107
+ description: "Allows custom HTTP headers (like cookies) to be set on the `remote_file` resource.",
105
108
  desired_state: false
106
109
 
107
110
  property :allow_untrusted, [TrueClass, FalseClass],
@@ -40,7 +40,7 @@ class Chef
40
40
  which("dnf")
41
41
  end
42
42
 
43
- description "Use the dnf_package resource to install, upgrade, and remove packages with DNF for Fedora and RHEL 8+. The dnf_package resource is able to resolve provides data for packages much like DNF can do when it is run from the command line. This allows a variety of options for installing packages, like minimum versions, virtual provides and library names."
43
+ description "Use the **dnf_package** resource to install, upgrade, and remove packages with DNF for Fedora and RHEL 8+. The dnf_package resource is able to resolve provides data for packages much like DNF can do when it is run from the command line. This allows a variety of options for installing packages, like minimum versions, virtual provides and library names."
44
44
  introduced "12.18"
45
45
 
46
46
  allowed_actions :install, :upgrade, :remove, :purge, :reconfig, :lock, :unlock, :flush_cache
@@ -25,7 +25,7 @@ class Chef
25
25
 
26
26
  provides :dpkg_package
27
27
 
28
- description "Use the dpkg_package resource to manage packages for the dpkg platform. When a package is installed from a local file, it must be added to the node using the remote_file or cookbook_file resources."
28
+ description "Use the **dpkg_package** resource to manage packages for the dpkg platform. When a package is installed from a local file, it must be added to the node using the **remote_file** or **cookbook_file** resources."
29
29
 
30
30
  property :source, [ String, Array, nil ],
31
31
  description: "The path to a package in the local file system."
@@ -27,10 +27,476 @@ class Chef
27
27
 
28
28
  provides :execute, target_mode: true
29
29
 
30
- description "Use the execute resource to execute a single command. Commands that"\
31
- " are executed with this resource are (by their nature) not idempotent,"\
32
- " as they are typically unique to the environment in which they are run."\
33
- " Use not_if and only_if to guard this resource for idempotence."
30
+ description "Use the **execute** resource to execute a single command. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence. Note: Use the **script** resource to execute a script using a specific interpreter (Ruby, Python, Perl, csh, or Bash)."
31
+
32
+ examples <<~EXAMPLES
33
+ **Run a command upon notification**:
34
+
35
+ ```ruby
36
+ execute 'slapadd' do
37
+ command 'slapadd < /tmp/something.ldif'
38
+ creates '/var/lib/slapd/uid.bdb'
39
+
40
+ action :nothing
41
+ end
42
+
43
+ template '/tmp/something.ldif' do
44
+ source 'something.ldif'
45
+
46
+ notifies :run, 'execute[slapadd]', :immediately
47
+ end
48
+ ```
49
+
50
+ **Run a touch file only once while running a command**:
51
+
52
+ ```ruby
53
+ execute 'upgrade script' do
54
+ command 'php upgrade-application.php && touch /var/application/.upgraded'
55
+
56
+ creates '/var/application/.upgraded'
57
+ action :run
58
+ end
59
+ ```
60
+
61
+ **Run a command which requires an environment variable**:
62
+
63
+ ```ruby
64
+ execute 'slapadd' do
65
+ command 'slapadd < /tmp/something.ldif'
66
+ creates '/var/lib/slapd/uid.bdb'
67
+
68
+ action :run
69
+ environment ({'HOME' => '/home/my_home'})
70
+ end
71
+ ```
72
+
73
+ **Delete a repository using yum to scrub the cache**:
74
+
75
+ ```ruby
76
+ # the following code sample thanks to gaffneyc @ https://gist.github.com/918711
77
+ execute 'clean-yum-cache' do
78
+ command 'yum clean all'
79
+ action :nothing
80
+ end
81
+
82
+ file '/etc/yum.repos.d/bad.repo' do
83
+ action :delete
84
+ notifies :run, 'execute[clean-yum-cache]', :immediately
85
+ end
86
+ ```
87
+
88
+ **Prevent restart and reconfigure if configuration is broken**:
89
+
90
+ Use the `:nothing` action (common to all resources) to prevent the test from
91
+ starting automatically, and then use the `subscribes` notification to run a
92
+ configuration test when a change to the template is detected.
93
+
94
+ ```ruby
95
+ execute 'test-nagios-config' do
96
+ command 'nagios3 --verify-config'
97
+ action :nothing
98
+ subscribes :run, 'template[/etc/nagios3/configures-nagios.conf]', :immediately
99
+ end
100
+ ```
101
+
102
+ **Notify in a specific order**:
103
+
104
+ To notify multiple resources, and then have these resources run in a certain
105
+ order, do something like the following.
106
+
107
+ ```ruby
108
+ execute 'foo' do
109
+ command '...'
110
+ notifies :create, 'template[baz]', :immediately
111
+ notifies :install, 'package[bar]', :immediately
112
+ notifies :run, 'execute[final]', :immediately
113
+ end
114
+
115
+ template 'baz' do
116
+ #...
117
+ notifies :run, 'execute[restart_baz]', :immediately
118
+ end
119
+
120
+ package 'bar'
121
+ execute 'restart_baz'
122
+ execute 'final' do
123
+ command '...'
124
+ end
125
+ ```
126
+
127
+ where the sequencing will be in the same order as the resources are listed in
128
+ the recipe: `execute 'foo'`, `template 'baz'`, `execute [restart_baz]`,
129
+ `package 'bar'`, and `execute 'final'`.
130
+
131
+ **Execute a command using a template**:
132
+
133
+ The following example shows how to set up IPv4 packet forwarding using the
134
+ **execute** resource to run a command named `forward_ipv4` that uses a template
135
+ defined by the **template** resource.
136
+
137
+ ```ruby
138
+ execute 'forward_ipv4' do
139
+ command 'echo > /proc/.../ipv4/ip_forward'
140
+ action :nothing
141
+ end
142
+
143
+ template '/etc/file_name.conf' do
144
+ source 'routing/file_name.conf.erb'
145
+
146
+ notifies :run, 'execute[forward_ipv4]', :delayed
147
+ end
148
+ ```
149
+
150
+ where the `command` property for the **execute** resource contains the command
151
+ that is to be run and the `source` property for the **template** resource
152
+ specifies which template to use. The `notifies` property for the **template**
153
+ specifies that the `execute[forward_ipv4]` (which is defined by the **execute**
154
+ resource) should be queued up and run at the end of a Chef Infra Client run.
155
+
156
+ **Add a rule to an IP table**:
157
+
158
+ The following example shows how to add a rule named `test_rule` to an IP table
159
+ using the **execute** resource to run a command using a template that is defined
160
+ by the **template** resource:
161
+
162
+ ```ruby
163
+ execute 'test_rule' do
164
+ command 'command_to_run
165
+ --option value
166
+ --option value
167
+ --source \#{node[:name_of_node][:ipsec][:local][:subnet]}
168
+ -j test_rule'
169
+
170
+ action :nothing
171
+ end
172
+
173
+ template '/etc/file_name.local' do
174
+ source 'routing/file_name.local.erb'
175
+ notifies :run, 'execute[test_rule]', :delayed
176
+ end
177
+ ```
178
+
179
+ where the `command` property for the **execute** resource contains the command
180
+ that is to be run and the `source` property for the **template** resource
181
+ specifies which template to use. The `notifies` property for the **template**
182
+ specifies that the `execute[test_rule]` (which is defined by the **execute**
183
+ resource) should be queued up and run at the end of a Chef Infra Client run.
184
+
185
+ **Stop a service, do stuff, and then restart it**:
186
+
187
+ The following example shows how to use the **execute**, **service**, and
188
+ **mount** resources together to ensure that a node running on Amazon EC2 is
189
+ running MySQL. This example does the following:
190
+
191
+ - Checks to see if the Amazon EC2 node has MySQL
192
+ - If the node has MySQL, stops MySQL
193
+ - Installs MySQL
194
+ - Mounts the node
195
+ - Restarts MySQL
196
+
197
+ ```ruby
198
+ # the following code sample comes from the ``server_ec2``
199
+ # recipe in the following cookbook:
200
+ # https://github.com/chef-cookbooks/mysql
201
+
202
+ if (node.attribute?('ec2') && !FileTest.directory?(node['mysql']['ec2_path']))
203
+ service 'mysql' do
204
+ action :stop
205
+ end
206
+
207
+ execute 'install-mysql' do
208
+ command "mv \#{node['mysql']['data_dir']} \#{node['mysql']['ec2_path']}"
209
+ not_if { ::File.directory?(node['mysql']['ec2_path']) }
210
+ end
211
+
212
+ [node['mysql']['ec2_path'], node['mysql']['data_dir']].each do |dir|
213
+ directory dir do
214
+ owner 'mysql'
215
+ group 'mysql'
216
+ end
217
+ end
218
+
219
+ mount node['mysql']['data_dir'] do
220
+ device node['mysql']['ec2_path']
221
+ fstype 'none'
222
+ options 'bind,rw'
223
+ action [:mount, :enable]
224
+ end
225
+
226
+ service 'mysql' do
227
+ action :start
228
+ end
229
+ end
230
+ ```
231
+
232
+ where
233
+
234
+ - the two **service** resources are used to stop, and then restart the MySQL service
235
+ - the **execute** resource is used to install MySQL
236
+ - the **mount** resource is used to mount the node and enable MySQL
237
+
238
+ **Use the platform_family? method**:
239
+
240
+ The following is an example of using the `platform_family?` method in the Recipe
241
+ DSL to create a variable that can be used with other resources in the same
242
+ recipe. In this example, `platform_family?` is being used to ensure that a
243
+ specific binary is used for a specific platform before using the **remote_file**
244
+ resource to download a file from a remote location, and then using the
245
+ **execute** resource to install that file by running a command.
246
+
247
+ ```ruby
248
+ if platform_family?('rhel')
249
+ pip_binary = '/usr/bin/pip'
250
+ else
251
+ pip_binary = '/usr/local/bin/pip'
252
+ end
253
+
254
+ remote_file "\#{Chef::Config[:file_cache_path]}/distribute_setup.py" do
255
+ source 'http://python-distribute.org/distribute_setup.py'
256
+ mode '0755'
257
+ not_if { ::File.exist?(pip_binary) }
258
+ end
259
+
260
+ execute 'install-pip' do
261
+ cwd Chef::Config[:file_cache_path]
262
+ command <<~EOF
263
+ # command for installing Python goes here
264
+ EOF
265
+ not_if { ::File.exist?(pip_binary) }
266
+ end
267
+ ```
268
+
269
+ where a command for installing Python might look something like:
270
+
271
+ ```ruby
272
+ \#{node['python']['binary']} distribute_setup.py \#{::File.dirname(pip_binary)}/easy_install pip
273
+ ```
274
+
275
+ **Control a service using the execute resource**:
276
+
277
+ <div class="admonition-warning">
278
+ <p class="admonition-warning-title">Warning</p>
279
+ <div class="admonition-warning-text">
280
+ This is an example of something that should NOT be done. Use the **service**
281
+ resource to control a service, not the **execute** resource.
282
+ </div>
283
+ </div>
284
+
285
+ Do something like this:
286
+
287
+ ```ruby
288
+ service 'tomcat' do
289
+ action :start
290
+ end
291
+ ```
292
+
293
+ and NOT something like this:
294
+
295
+ ```ruby
296
+ execute 'start-tomcat' do
297
+ command '/etc/init.d/tomcat start'
298
+ action :run
299
+ end
300
+ ```
301
+
302
+ There is no reason to use the **execute** resource to control a service because
303
+ the **service** resource exposes the `start_command` property directly, which
304
+ gives a recipe full control over the command issued in a much cleaner, more
305
+ direct manner.
306
+
307
+ **Use the search recipe DSL method to find users**:
308
+
309
+ The following example shows how to use the `search` method in the Recipe DSL to
310
+ search for users:
311
+
312
+ ```ruby
313
+ # the following code sample comes from the openvpn cookbook:
314
+
315
+ search("users", "*:*") do |u|
316
+ execute "generate-openvpn-\#{u['id']}" do
317
+ command "./pkitool \#{u['id']}"
318
+ cwd '/etc/openvpn/easy-rsa'
319
+ end
320
+
321
+ %w{ conf ovpn }.each do |ext|
322
+ template "\#{node['openvpn']['key_dir']}/\#{u['id']}.\#{ext}" do
323
+ source 'client.conf.erb'
324
+ variables :username => u['id']
325
+ end
326
+ end
327
+ end
328
+ ```
329
+
330
+ where
331
+
332
+ - the search data will be used to create **execute** resources
333
+ - the **template** resource tells Chef Infra Client which template to use
334
+
335
+ **Enable remote login for macOS**:
336
+
337
+ ```ruby
338
+ execute 'enable ssh' do
339
+ command '/usr/sbin/systemsetup -setremotelogin on'
340
+ not_if '/usr/sbin/systemsetup -getremotelogin | /usr/bin/grep On'
341
+ action :run
342
+ end
343
+ ```
344
+
345
+ **Execute code immediately, based on the template resource**:
346
+
347
+ By default, notifications are `:delayed`, that is they are queued up as they are
348
+ triggered, and then executed at the very end of a Chef Infra Client run. To run
349
+ kan action immediately, use `:immediately`:
350
+
351
+ ```ruby
352
+ template '/etc/nagios3/configures-nagios.conf' do
353
+ # other parameters
354
+ notifies :run, 'execute[test-nagios-config]', :immediately
355
+ end
356
+ ```
357
+
358
+ and then Chef Infra Client would immediately run the following:
359
+
360
+ ```ruby
361
+ execute 'test-nagios-config' do
362
+ command 'nagios3 --verify-config'
363
+ action :nothing
364
+ end
365
+ ```
366
+
367
+ **Sourcing a file**:
368
+
369
+ The **execute** resource cannot be used to source a file (e.g. `command 'source
370
+ filename'`). The following example will fail because `source` is not an
371
+ executable:
372
+
373
+ ```ruby
374
+ execute 'foo' do
375
+ command 'source /tmp/foo.sh'
376
+ end
377
+ ```
378
+
379
+
380
+ Instead, use the **script** resource or one of the **script**-based resources
381
+ (**bash**, **csh**, **perl**, **python**, or **ruby**). For example:
382
+
383
+ ```ruby
384
+ bash 'foo' do
385
+ code 'source /tmp/foo.sh'
386
+ end
387
+ ```
388
+
389
+ **Run a Knife command**:
390
+
391
+ ```ruby
392
+ execute 'create_user' do
393
+ command <<~EOM
394
+ knife user create \#{user}
395
+ --admin
396
+ --password password
397
+ --disable-editing
398
+ --file /home/vagrant/.chef/user.pem
399
+ --config /tmp/knife-admin.rb
400
+ EOM
401
+ end
402
+ ```
403
+
404
+ **Run install command into virtual environment**:
405
+
406
+ The following example shows how to install a lightweight JavaScript framework
407
+ into Vagrant:
408
+
409
+ ```ruby
410
+ execute "install q and zombiejs" do
411
+ cwd "/home/vagrant"
412
+ user "vagrant"
413
+ environment ({'HOME' => '/home/vagrant', 'USER' => 'vagrant'})
414
+ command "npm install -g q zombie should mocha coffee-script"
415
+ action :run
416
+ end
417
+ ```
418
+
419
+ **Run a command as a named user**:
420
+
421
+ The following example shows how to run `bundle install` from a Chef Infra Client
422
+ run as a specific user. This will put the gem into the path of the user
423
+ (`vagrant`) instead of the root user (under which the Chef Infra Client runs):
424
+
425
+ ```ruby
426
+ execute '/opt/chefdk/embedded/bin/bundle install' do
427
+ cwd node['chef_workstation']['bundler_path']
428
+ user node['chef_workstation']['user']
429
+
430
+ environment ({
431
+ 'HOME' => "/home/\#{node['chef_workstation']['user']}",
432
+ 'USER' => node['chef_workstation']['user']
433
+ })
434
+ not_if 'bundle check'
435
+ end
436
+ ```
437
+
438
+ **Run a command as an alternate user**:
439
+
440
+ *Note*: When Chef is running as a service, this feature requires that the user
441
+ that Chef runs as has 'SeAssignPrimaryTokenPrivilege' (aka
442
+ 'SE_ASSIGNPRIMARYTOKEN_NAME') user right. By default only LocalSystem and
443
+ NetworkService have this right when running as a service. This is necessary
444
+ even if the user is an Administrator.
445
+
446
+ This right can be added and checked in a recipe using this example:
447
+
448
+ ```ruby
449
+ # Add 'SeAssignPrimaryTokenPrivilege' for the user
450
+ Chef::ReservedNames::Win32::Security.add_account_right('<user>', 'SeAssignPrimaryTokenPrivilege')
451
+
452
+ # Check if the user has 'SeAssignPrimaryTokenPrivilege' rights
453
+ Chef::ReservedNames::Win32::Security.get_account_right('<user>').include?('SeAssignPrimaryTokenPrivilege')
454
+ ```
455
+
456
+ The following example shows how to run `mkdir test_dir` from a Chef Infra Client
457
+ run as an alternate user.
458
+
459
+ ```ruby
460
+ # Passing only username and password
461
+ execute 'mkdir test_dir' do
462
+ cwd Chef::Config[:file_cache_path]
463
+
464
+ user "username"
465
+ password "password"
466
+ end
467
+
468
+ # Passing username and domain
469
+ execute 'mkdir test_dir' do
470
+ cwd Chef::Config[:file_cache_path]
471
+
472
+ domain "domain-name"
473
+ user "user"
474
+ password "password"
475
+ end
476
+
477
+ # Passing username = 'domain-name\\username'. No domain is passed
478
+ execute 'mkdir test_dir' do
479
+ cwd Chef::Config[:file_cache_path]
480
+
481
+ user "domain-name\\username"
482
+ password "password"
483
+ end
484
+
485
+ # Passing username = 'username@domain-name'. No domain is passed
486
+ execute 'mkdir test_dir' do
487
+ cwd Chef::Config[:file_cache_path]
488
+
489
+ user "username@domain-name"
490
+ password "password"
491
+ end
492
+ ```
493
+
494
+ **Run a command with an external input file**:
495
+
496
+ execute 'md5sum' do
497
+ input File.read(__FILE__)
498
+ end
499
+ EXAMPLES
34
500
 
35
501
  # The ResourceGuardInterpreter wraps a resource's guards in another resource. That inner resource
36
502
  # needs to behave differently during (for example) why_run mode, so we flag it here. For why_run mode
@@ -62,13 +528,13 @@ class Chef
62
528
  description: "The current working directory from which the command will be run."
63
529
 
64
530
  property :environment, Hash,
65
- description: "A Hash of environment variables in the form of ({'ENV_VARIABLE' => 'VALUE'})."
531
+ description: "A Hash of environment variables in the form of `({'ENV_VARIABLE' => 'VALUE'})`. **Note**: These variables must exist for a command to be run successfully."
66
532
 
67
533
  property :group, [ String, Integer ],
68
534
  description: "The group name or group ID that must be changed before running a command."
69
535
 
70
536
  property :live_stream, [ TrueClass, FalseClass ], default: false,
71
- description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::CLIENT} event stream."
537
+ description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::PRODUCT} event stream."
72
538
 
73
539
  # default_env defaults to `false` so that the command execution more exactly matches what the user gets on the command line without magic
74
540
  property :default_env, [ TrueClass, FalseClass ], desired_state: false, default: false,
@@ -84,7 +550,7 @@ class Chef
84
550
  desired_state: false
85
551
 
86
552
  property :user, [ String, Integer ],
87
- description: "The user name of the user identity with which to launch the new process. The user name may optionally be specifed with a domain, i.e. domainuser or user@my.dns.domain.com via Universal Principal Name (UPN)format. It can also be specified without a domain simply as user if the domain is instead specified using the domain property. On Windows only, if this property is specified, the password property must be specified."
553
+ description: "The user name of the user identity with which to launch the new process. The user name may optionally be specified with a domain, i.e. domainuser or user@my.dns.domain.com via Universal Principal Name (UPN)format. It can also be specified without a domain simply as user if the domain is instead specified using the domain property. On Windows only, if this property is specified, the password property must be specified."
88
554
 
89
555
  property :domain, String,
90
556
  introduced: "12.21",
@@ -96,13 +562,17 @@ class Chef
96
562
 
97
563
  # lazy used to set default value of sensitive to true if password is set
98
564
  property :sensitive, [ TrueClass, FalseClass ],
99
- description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::CLIENT}.",
565
+ description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::PRODUCT}.",
100
566
  default: lazy { password ? true : false }, default_description: "True if the password property is set. False otherwise."
101
567
 
102
568
  property :elevated, [ TrueClass, FalseClass ], default: false,
103
- description: "Determines whether the script will run with elevated permissions to circumvent User Access Control (UAC) interactively blocking the process.\nThis will cause the process to be run under a batch login instead of an interactive login. The user running #{Chef::Dist::CLIENT} needs the Replace a process level token and Adjust Memory Quotas for a process permissions. The user that is running the command needs the Log on as a batch job permission.\nBecause this requires a login, the user and password properties are required.",
569
+ description: "Determines whether the script will run with elevated permissions to circumvent User Access Control (UAC) interactively blocking the process.\nThis will cause the process to be run under a batch login instead of an interactive login. The user running #{Chef::Dist::CLIENT} needs the 'Replace a process level token' and 'Adjust Memory Quotas for a process' permissions. The user that is running the command needs the 'Log on as a batch job' permission.\nBecause this requires a login, the user and password properties are required.",
104
570
  introduced: "13.3"
105
571
 
572
+ property :input, [String],
573
+ introduced: "16.2",
574
+ description: "An optional property to set the input sent to the command as STDIN."
575
+
106
576
  alias :env :environment
107
577
 
108
578
  def self.set_guard_inherited_attributes(*inherited_attributes)