chef 16.0.287-universal-mingw32 → 16.2.73-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (333) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -3
  3. data/README.md +3 -3
  4. data/Rakefile +3 -2
  5. data/chef.gemspec +5 -5
  6. data/distro/powershell/chef/chef.psm1 +3 -3
  7. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  8. data/lib/chef/application/apply.rb +2 -1
  9. data/lib/chef/application/base.rb +1 -1
  10. data/lib/chef/application/client.rb +1 -1
  11. data/lib/chef/application/windows_service_manager.rb +1 -1
  12. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  13. data/lib/chef/chef_fs/file_system/chef_server/acls_dir.rb +1 -1
  14. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
  15. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  16. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  17. data/lib/chef/chef_fs/path_utils.rb +4 -4
  18. data/lib/chef/cookbook/chefignore.rb +1 -1
  19. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  20. data/lib/chef/cookbook/metadata.rb +2 -2
  21. data/lib/chef/cookbook_loader.rb +1 -1
  22. data/lib/chef/cookbook_manifest.rb +1 -1
  23. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  24. data/lib/chef/cookbook_version.rb +4 -4
  25. data/lib/chef/data_bag.rb +4 -4
  26. data/lib/chef/data_collector.rb +1 -1
  27. data/lib/chef/data_collector/error_handlers.rb +1 -1
  28. data/lib/chef/decorator/lazy_array.rb +2 -2
  29. data/lib/chef/deprecated.rb +4 -0
  30. data/lib/chef/digester.rb +5 -4
  31. data/lib/chef/dsl/declare_resource.rb +1 -1
  32. data/lib/chef/encrypted_data_bag_item/decryptor.rb +1 -1
  33. data/lib/chef/encrypted_data_bag_item/encryptor.rb +1 -1
  34. data/lib/chef/file_access_control.rb +1 -1
  35. data/lib/chef/file_access_control/windows.rb +2 -2
  36. data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
  37. data/lib/chef/formatters/base.rb +1 -1
  38. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  39. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +2 -2
  40. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +7 -7
  41. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  42. data/lib/chef/http.rb +19 -4
  43. data/lib/chef/http/decompressor.rb +1 -1
  44. data/lib/chef/http/http_request.rb +1 -1
  45. data/lib/chef/http/json_output.rb +1 -1
  46. data/lib/chef/http/ssl_policies.rb +18 -0
  47. data/lib/chef/json_compat.rb +1 -1
  48. data/lib/chef/key.rb +1 -1
  49. data/lib/chef/knife.rb +2 -2
  50. data/lib/chef/knife/bootstrap.rb +20 -14
  51. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  52. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  53. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  54. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +3 -1
  55. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  56. data/lib/chef/knife/config_get.rb +1 -1
  57. data/lib/chef/knife/config_use_profile.rb +15 -5
  58. data/lib/chef/knife/cookbook_delete.rb +1 -1
  59. data/lib/chef/knife/cookbook_upload.rb +1 -4
  60. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  61. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  62. data/lib/chef/knife/core/hashed_command_loader.rb +1 -1
  63. data/lib/chef/knife/core/node_presenter.rb +1 -1
  64. data/lib/chef/knife/core/status_presenter.rb +1 -1
  65. data/lib/chef/knife/core/subcommand_loader.rb +1 -1
  66. data/lib/chef/knife/core/windows_bootstrap_context.rb +19 -4
  67. data/lib/chef/knife/data_bag_create.rb +1 -1
  68. data/lib/chef/knife/key_create_base.rb +1 -1
  69. data/lib/chef/knife/key_edit_base.rb +1 -1
  70. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  71. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  72. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  73. data/lib/chef/knife/ssh.rb +2 -2
  74. data/lib/chef/knife/supermarket_share.rb +1 -1
  75. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  76. data/lib/chef/log.rb +1 -1
  77. data/lib/chef/mixin/api_version_request_handling.rb +1 -1
  78. data/lib/chef/mixin/checksum.rb +0 -1
  79. data/lib/chef/mixin/openssl_helper.rb +4 -4
  80. data/lib/chef/mixin/properties.rb +2 -2
  81. data/lib/chef/mixin/securable.rb +2 -2
  82. data/lib/chef/mixin/shell_out.rb +1 -1
  83. data/lib/chef/node/attribute.rb +2 -2
  84. data/lib/chef/node/immutable_collections.rb +1 -1
  85. data/lib/chef/policy_builder/policyfile.rb +1 -1
  86. data/lib/chef/powershell.rb +1 -1
  87. data/lib/chef/property.rb +2 -2
  88. data/lib/chef/provider.rb +3 -3
  89. data/lib/chef/provider/batch.rb +3 -10
  90. data/lib/chef/provider/cron.rb +2 -14
  91. data/lib/chef/provider/directory.rb +1 -1
  92. data/lib/chef/provider/execute.rb +2 -1
  93. data/lib/chef/provider/file.rb +1 -1
  94. data/lib/chef/provider/group/dscl.rb +2 -2
  95. data/lib/chef/provider/group/windows.rb +1 -1
  96. data/lib/chef/provider/ifconfig.rb +7 -7
  97. data/lib/chef/provider/launchd.rb +11 -9
  98. data/lib/chef/provider/mount/aix.rb +1 -1
  99. data/lib/chef/provider/mount/windows.rb +2 -2
  100. data/lib/chef/provider/noop.rb +1 -1
  101. data/lib/chef/provider/package/cab.rb +1 -1
  102. data/lib/chef/provider/package/chocolatey.rb +1 -1
  103. data/lib/chef/provider/package/dpkg.rb +1 -1
  104. data/lib/chef/provider/package/openbsd.rb +1 -1
  105. data/lib/chef/provider/package/portage.rb +3 -2
  106. data/lib/chef/provider/package/powershell.rb +6 -2
  107. data/lib/chef/provider/package/rubygems.rb +3 -3
  108. data/lib/chef/provider/package/snap.rb +96 -27
  109. data/lib/chef/provider/package/windows.rb +2 -2
  110. data/lib/chef/provider/package/windows/msi.rb +3 -3
  111. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  112. data/lib/chef/provider/package/yum.rb +1 -1
  113. data/lib/chef/provider/package/yum/yum_cache.rb +1 -1
  114. data/lib/chef/provider/powershell_script.rb +11 -15
  115. data/lib/chef/provider/remote_directory.rb +2 -2
  116. data/lib/chef/provider/remote_file/http.rb +4 -1
  117. data/lib/chef/provider/script.rb +4 -75
  118. data/lib/chef/provider/service/arch.rb +2 -2
  119. data/lib/chef/provider/service/debian.rb +2 -2
  120. data/lib/chef/provider/service/macosx.rb +9 -0
  121. data/lib/chef/provider/service/openbsd.rb +4 -4
  122. data/lib/chef/provider/service/redhat.rb +1 -1
  123. data/lib/chef/provider/service/upstart.rb +1 -1
  124. data/lib/chef/provider/service/windows.rb +1 -1
  125. data/lib/chef/provider/subversion.rb +2 -2
  126. data/lib/chef/provider/user/aix.rb +1 -1
  127. data/lib/chef/provider/user/dscl.rb +6 -6
  128. data/lib/chef/provider/user/linux.rb +3 -3
  129. data/lib/chef/provider/user/mac.rb +15 -11
  130. data/lib/chef/provider/windows_script.rb +87 -25
  131. data/lib/chef/provider/windows_task.rb +4 -2
  132. data/lib/chef/provider/zypper_repository.rb +30 -10
  133. data/lib/chef/resource.rb +25 -14
  134. data/lib/chef/resource/alternatives.rb +1 -1
  135. data/lib/chef/resource/apt_package.rb +1 -1
  136. data/lib/chef/resource/archive_file.rb +28 -8
  137. data/lib/chef/resource/bash.rb +0 -1
  138. data/lib/chef/resource/batch.rb +4 -2
  139. data/lib/chef/resource/chef_client_scheduled_task.rb +13 -1
  140. data/lib/chef/resource/chef_gem.rb +57 -21
  141. data/lib/chef/resource/chef_handler.rb +2 -2
  142. data/lib/chef/resource/chef_vault_secret.rb +1 -1
  143. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  144. data/lib/chef/resource/cron/cron.rb +46 -0
  145. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +7 -87
  146. data/lib/chef/resource/cron_access.rb +11 -3
  147. data/lib/chef/resource/csh.rb +0 -1
  148. data/lib/chef/resource/dmg_package.rb +2 -2
  149. data/lib/chef/resource/execute.rb +478 -8
  150. data/lib/chef/resource/file.rb +10 -8
  151. data/lib/chef/resource/freebsd_package.rb +1 -1
  152. data/lib/chef/resource/gem_package.rb +35 -2
  153. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  154. data/lib/chef/resource/homebrew_package.rb +30 -1
  155. data/lib/chef/resource/homebrew_update.rb +107 -0
  156. data/lib/chef/resource/hostname.rb +7 -20
  157. data/lib/chef/resource/kernel_module.rb +14 -1
  158. data/lib/chef/resource/launchd.rb +1 -1
  159. data/lib/chef/resource/locale.rb +3 -3
  160. data/lib/chef/resource/macos_userdefaults.rb +11 -6
  161. data/lib/chef/resource/mount.rb +1 -1
  162. data/lib/chef/resource/perl.rb +0 -1
  163. data/lib/chef/resource/plist.rb +23 -4
  164. data/lib/chef/resource/powershell_script.rb +4 -2
  165. data/lib/chef/resource/python.rb +0 -1
  166. data/lib/chef/resource/remote_file.rb +26 -10
  167. data/lib/chef/resource/ruby.rb +0 -1
  168. data/lib/chef/resource/scm/git.rb +1 -1
  169. data/lib/chef/resource/ssh_known_hosts_entry.rb +15 -0
  170. data/lib/chef/resource/sudo.rb +29 -2
  171. data/lib/chef/resource/swap_file.rb +17 -0
  172. data/lib/chef/resource/template.rb +1 -1
  173. data/lib/chef/resource/timezone.rb +15 -0
  174. data/lib/chef/resource/windows_ad_join.rb +30 -1
  175. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  176. data/lib/chef/resource/windows_auto_run.rb +11 -0
  177. data/lib/chef/resource/windows_certificate.rb +27 -1
  178. data/lib/chef/resource/windows_dfs_server.rb +1 -1
  179. data/lib/chef/resource/windows_font.rb +3 -3
  180. data/lib/chef/resource/windows_package.rb +1 -1
  181. data/lib/chef/resource/windows_pagefile.rb +2 -2
  182. data/lib/chef/resource/windows_script.rb +2 -16
  183. data/lib/chef/resource/windows_security_policy.rb +47 -16
  184. data/lib/chef/resource/windows_shortcut.rb +1 -2
  185. data/lib/chef/resource/windows_task.rb +10 -10
  186. data/lib/chef/resource/windows_user_privilege.rb +70 -5
  187. data/lib/chef/resource/yum_repository.rb +9 -9
  188. data/lib/chef/resource_inspector.rb +4 -3
  189. data/lib/chef/resources.rb +4 -2
  190. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  191. data/lib/chef/search/query.rb +1 -1
  192. data/lib/chef/shell/ext.rb +1 -1
  193. data/lib/chef/util/diff.rb +2 -2
  194. data/lib/chef/util/windows/net_user.rb +1 -1
  195. data/lib/chef/util/windows/volume.rb +1 -1
  196. data/lib/chef/version.rb +1 -1
  197. data/lib/chef/win32/api.rb +2 -2
  198. data/lib/chef/win32/api/error.rb +3 -1
  199. data/lib/chef/win32/api/file.rb +1 -1
  200. data/lib/chef/win32/api/net.rb +1 -0
  201. data/lib/chef/win32/file.rb +1 -1
  202. data/lib/chef/win32/mutex.rb +1 -1
  203. data/lib/chef/win32/net.rb +1 -0
  204. data/lib/chef/win32/registry.rb +2 -2
  205. data/lib/chef/win32/security.rb +1 -1
  206. data/lib/chef/win32/security/sid.rb +4 -4
  207. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  208. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  209. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  210. data/spec/functional/knife/configure_spec.rb +1 -1
  211. data/spec/functional/resource/aix_service_spec.rb +10 -1
  212. data/spec/functional/resource/aixinit_service_spec.rb +1 -1
  213. data/spec/functional/resource/bash_spec.rb +3 -2
  214. data/spec/functional/resource/bff_spec.rb +1 -1
  215. data/spec/functional/resource/chocolatey_package_spec.rb +4 -0
  216. data/spec/functional/resource/cron_spec.rb +20 -1
  217. data/spec/functional/resource/dnf_package_spec.rb +6 -3
  218. data/spec/functional/resource/execute_spec.rb +1 -1
  219. data/spec/functional/resource/git_spec.rb +6 -6
  220. data/spec/functional/resource/group_spec.rb +9 -1
  221. data/spec/functional/resource/ifconfig_spec.rb +9 -1
  222. data/spec/functional/resource/insserv_spec.rb +3 -2
  223. data/spec/functional/resource/launchd_spec.rb +232 -0
  224. data/spec/functional/resource/link_spec.rb +2 -5
  225. data/spec/functional/resource/mount_spec.rb +9 -1
  226. data/spec/functional/resource/msu_package_spec.rb +9 -3
  227. data/spec/functional/resource/powershell_script_spec.rb +4 -4
  228. data/spec/functional/resource/remote_file_spec.rb +8 -8
  229. data/spec/functional/resource/rpm_spec.rb +1 -1
  230. data/spec/functional/resource/timezone_spec.rb +2 -0
  231. data/spec/functional/resource/windows_package_spec.rb +0 -1
  232. data/spec/functional/resource/windows_path_spec.rb +4 -0
  233. data/spec/functional/resource/windows_security_policy_spec.rb +0 -1
  234. data/spec/functional/resource/windows_service_spec.rb +4 -0
  235. data/spec/functional/resource/windows_task_spec.rb +16 -15
  236. data/spec/functional/resource/windows_user_privilege_spec.rb +0 -1
  237. data/spec/functional/resource/yum_package_spec.rb +4 -1
  238. data/spec/functional/resource/zypper_package_spec.rb +4 -1
  239. data/spec/functional/shell_spec.rb +0 -1
  240. data/spec/functional/win32/crypto_spec.rb +1 -1
  241. data/spec/integration/knife/config_use_profile_spec.rb +55 -2
  242. data/spec/integration/knife/cookbook_upload_spec.rb +1 -1
  243. data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
  244. data/spec/integration/knife/environment_from_file_spec.rb +1 -1
  245. data/spec/integration/knife/node_from_file_spec.rb +1 -1
  246. data/spec/integration/knife/role_from_file_spec.rb +1 -1
  247. data/spec/integration/recipes/recipe_dsl_spec.rb +4 -0
  248. data/spec/integration/recipes/resource_load_spec.rb +2 -2
  249. data/spec/support/chef_helpers.rb +1 -1
  250. data/spec/support/platform_helpers.rb +1 -1
  251. data/spec/support/platforms/win32/spec_service.rb +1 -1
  252. data/spec/support/shared/functional/execute_resource.rb +1 -1
  253. data/spec/support/shared/functional/securable_resource.rb +1 -2
  254. data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
  255. data/spec/support/shared/functional/windows_script.rb +3 -3
  256. data/spec/support/shared/unit/execute_resource.rb +1 -1
  257. data/spec/support/shared/unit/provider/file.rb +12 -8
  258. data/spec/support/shared/unit/provider/useradd_based_user_provider.rb +4 -4
  259. data/spec/unit/application/solo_spec.rb +4 -2
  260. data/spec/unit/application_spec.rb +7 -0
  261. data/spec/unit/chef_fs/config_spec.rb +2 -2
  262. data/spec/unit/chef_fs/diff_spec.rb +8 -8
  263. data/spec/unit/client_spec.rb +4 -1
  264. data/spec/unit/cookbook/synchronizer_spec.rb +26 -24
  265. data/spec/unit/data_bag_spec.rb +6 -3
  266. data/spec/unit/decorator_spec.rb +23 -23
  267. data/spec/unit/environment_spec.rb +5 -1
  268. data/spec/unit/guard_interpreter_spec.rb +1 -1
  269. data/spec/unit/http/api_versions_spec.rb +1 -1
  270. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  271. data/spec/unit/knife/bootstrap_spec.rb +3 -2
  272. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  273. data/spec/unit/knife/cookbook_show_spec.rb +6 -7
  274. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +7 -1
  275. data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
  276. data/spec/unit/lwrp_spec.rb +5 -2
  277. data/spec/unit/mixin/openssl_helper_spec.rb +4 -4
  278. data/spec/unit/mixin/powershell_out_spec.rb +2 -4
  279. data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
  280. data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
  281. data/spec/unit/mixin/unformatter_spec.rb +2 -2
  282. data/spec/unit/mixin/uris_spec.rb +1 -1
  283. data/spec/unit/mixin/user_context_spec.rb +1 -9
  284. data/spec/unit/node/attribute_spec.rb +1 -1
  285. data/spec/unit/property_spec.rb +1 -1
  286. data/spec/unit/provider/batch_spec.rb +130 -0
  287. data/spec/unit/provider/cron/unix_spec.rb +1 -1
  288. data/spec/unit/provider/cron_spec.rb +9 -49
  289. data/spec/unit/provider/dsc_resource_spec.rb +22 -38
  290. data/spec/unit/provider/dsc_script_spec.rb +10 -10
  291. data/spec/unit/provider/execute_spec.rb +1 -1
  292. data/spec/unit/provider/git_spec.rb +3 -3
  293. data/spec/unit/provider/group/groupadd_spec.rb +1 -1
  294. data/spec/unit/provider/launchd_spec.rb +0 -42
  295. data/spec/unit/provider/mdadm_spec.rb +1 -3
  296. data/spec/unit/provider/package/openbsd_spec.rb +1 -1
  297. data/spec/unit/provider/package/pacman_spec.rb +17 -20
  298. data/spec/unit/provider/package/portage_spec.rb +2 -2
  299. data/spec/unit/provider/package/powershell_spec.rb +96 -87
  300. data/spec/unit/provider/package/snap_spec.rb +1 -1
  301. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
  302. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  303. data/spec/unit/provider/script_spec.rb +20 -110
  304. data/spec/unit/provider/user/dscl_spec.rb +2 -2
  305. data/spec/unit/provider/windows_env_spec.rb +5 -4
  306. data/spec/unit/provider/zypper_repository_spec.rb +60 -10
  307. data/spec/unit/resource/archive_file_spec.rb +11 -2
  308. data/spec/unit/resource/chef_client_cron_spec.rb +23 -7
  309. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  310. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +7 -4
  311. data/spec/unit/resource/cron_spec.rb +2 -2
  312. data/spec/unit/resource/file/verification_spec.rb +2 -1
  313. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  314. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  315. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  316. data/spec/unit/resource/timezone_spec.rb +1 -1
  317. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  318. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  319. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  320. data/spec/unit/resource/windows_task_spec.rb +1 -1
  321. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  322. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  323. data/spec/unit/resource_spec.rb +84 -1
  324. data/spec/unit/role_spec.rb +23 -21
  325. data/spec/unit/util/backup_spec.rb +1 -1
  326. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  327. data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
  328. data/spec/unit/util/selinux_spec.rb +2 -1
  329. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  330. data/spec/unit/win32/registry_spec.rb +1 -1
  331. metadata +37 -31
  332. data/lib/chef/resource/cron.rb +0 -157
  333. data/spec/functional/resource/base.rb +0 -28
@@ -45,7 +45,7 @@ class Chef
45
45
  chef_vault_secret 'root-password' do
46
46
  admins 'jtimberman,paulmooring'
47
47
  data_bag 'secrets'
48
- raw_data({'auth' => 'DontUseThisPasswordForRoot'})
48
+ raw_data({'auth' => 'DoNotUseThisPasswordForRoot'})
49
49
  search '*:*'
50
50
  end
51
51
  ```
@@ -0,0 +1,98 @@
1
+ unified_mode true
2
+
3
+ TIMEOUT_OPTS = %w{duration preserve-status foreground kill-after signal}.freeze
4
+ TIMEOUT_REGEX = /\A\S+/.freeze
5
+ WEEKDAYS = {
6
+ sunday: "0", monday: "1", tuesday: "2", wednesday: "3", thursday: "4", friday: "5", saturday: "6",
7
+ sun: "0", mon: "1", tue: "2", wed: "3", thu: "4", fri: "5", sat: "6"
8
+ }.freeze
9
+
10
+ property :minute, [Integer, String],
11
+ description: "The minute at which the cron entry should run (`0 - 59`).",
12
+ default: "*", callbacks: {
13
+ "should be a valid minute spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 59) },
14
+ }
15
+
16
+ property :hour, [Integer, String],
17
+ description: "The hour at which the cron entry is to run (`0 - 23`).",
18
+ default: "*", callbacks: {
19
+ "should be a valid hour spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 23) },
20
+ }
21
+
22
+ property :day, [Integer, String],
23
+ description: "The day of month at which the cron entry should run (`1 - 31`).",
24
+ default: "*", callbacks: {
25
+ "should be a valid day spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 1, 31) },
26
+ }
27
+
28
+ property :month, [Integer, String],
29
+ description: "The month in the year on which a cron entry is to run (`1 - 12`, `jan-dec`, or `*`).",
30
+ default: "*", callbacks: {
31
+ "should be a valid month spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_month(spec) },
32
+ }
33
+
34
+ property :weekday, [Integer, String, Symbol],
35
+ description: "The day of the week on which this entry is to run (`0-7`, `mon-sun`, `monday-sunday`, or `*`), where Sunday is both `0` and `7`.",
36
+ default: "*", coerce: proc { |day| weekday_in_crontab(day) },
37
+ callbacks: {
38
+ "should be a valid weekday spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_dow(spec) },
39
+ }
40
+
41
+ property :shell, String,
42
+ description: "Set the `SHELL` environment variable."
43
+
44
+ property :path, String,
45
+ description: "Set the `PATH` environment variable."
46
+
47
+ property :home, String,
48
+ description: "Set the `HOME` environment variable."
49
+
50
+ property :mailto, String,
51
+ description: "Set the `MAILTO` environment variable."
52
+
53
+ property :command, String,
54
+ description: "The command to be run, or the path to a file that contains the command to be run.",
55
+ identity: true,
56
+ required: [:create]
57
+
58
+ property :user, String,
59
+ description: "The name of the user that runs the command.",
60
+ default: "root"
61
+
62
+ property :environment, Hash,
63
+ description: "A Hash containing additional arbitrary environment variables under which the cron job will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`. **Note**: These variables must exist for a command to be run successfully.",
64
+ default: lazy { {} }
65
+
66
+ property :time_out, Hash,
67
+ description: "A Hash of timeouts in the form of `({'OPTION' => 'VALUE'})`. Accepted valid options are:
68
+ - `preserve-status` (BOOL, default: 'false'),
69
+ - `foreground` (BOOL, default: 'false'),
70
+ - `kill-after` (in seconds),
71
+ - `signal` (a name like 'HUP' or a number)",
72
+ default: lazy { {} },
73
+ introduced: "15.7",
74
+ coerce: proc { |h|
75
+ if h.is_a?(Hash)
76
+ invalid_keys = h.keys - TIMEOUT_OPTS
77
+ unless invalid_keys.empty?
78
+ error_msg = "Key of option time_out must be equal to one of: \"#{TIMEOUT_OPTS.join('", "')}\"! You passed \"#{invalid_keys.join(", ")}\"."
79
+ raise Chef::Exceptions::ValidationFailed, error_msg
80
+ end
81
+ unless h.values.all? { |x| x =~ TIMEOUT_REGEX }
82
+ error_msg = "Values of option time_out should be non-empty strings without any leading whitespace."
83
+ raise Chef::Exceptions::ValidationFailed, error_msg
84
+ end
85
+ h
86
+ elsif h.is_a?(Integer) || h.is_a?(String)
87
+ { "duration" => h }
88
+ end
89
+ }
90
+
91
+ private
92
+ # Convert weekday input value into crontab format that
93
+ # could be written in the crontab
94
+ # @return [Integer, String] A weekday formed as per the user inputs.
95
+ def weekday_in_crontab(day)
96
+ weekday = day.to_s.downcase.to_sym
97
+ WEEKDAYS[weekday] || day
98
+ end
@@ -0,0 +1,46 @@
1
+ #
2
+ # Author:: Bryan McLellan (btm@loftninjas.org)
3
+ # Author:: Tyler Cloke (<tyler@chef.io>)
4
+ # Copyright:: Copyright 2009-2016, Bryan McLellan
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../../resource"
21
+ require_relative "../helpers/cron_validations"
22
+ require_relative "../../provider/cron" # do not remove. we actually need this below
23
+
24
+ class Chef
25
+ class Resource
26
+ class Cron < Chef::Resource
27
+ unified_mode true
28
+
29
+ use "cron_shared"
30
+
31
+ provides :cron
32
+
33
+ description "Use the **cron** resource to manage cron entries for time-based job scheduling. Properties for a schedule will default to * if not provided. The cron resource requires access to a crontab program, typically cron."
34
+
35
+ state_attrs :minute, :hour, :day, :month, :weekday, :user
36
+
37
+ default_action :create
38
+ allowed_actions :create, :delete
39
+
40
+ property :time, Symbol,
41
+ description: "A time interval.",
42
+ equal_to: Chef::Provider::Cron::SPECIAL_TIME_VALUES
43
+
44
+ end
45
+ end
46
+ end
@@ -15,15 +15,18 @@
15
15
  # limitations under the License.
16
16
  #
17
17
 
18
- require_relative "../resource"
19
- require_relative "helpers/cron_validations"
18
+ require_relative "../../resource"
19
+ require_relative "../helpers/cron_validations"
20
20
  require "shellwords" unless defined?(Shellwords)
21
- require_relative "../dist"
21
+ require_relative "../../dist"
22
22
 
23
23
  class Chef
24
24
  class Resource
25
25
  class CronD < Chef::Resource
26
26
  unified_mode true
27
+
28
+ use "cron_shared"
29
+
27
30
  provides :cron_d
28
31
 
29
32
  introduced "14.4"
@@ -98,92 +101,9 @@ class Chef
98
101
  description: "Schedule your cron job with one of the special predefined value instead of ** * pattern.",
99
102
  equal_to: %w{ @reboot @yearly @annually @monthly @weekly @daily @midnight @hourly }
100
103
 
101
- property :minute, [Integer, String],
102
- description: "The minute at which the cron entry should run (`0 - 59`).",
103
- default: "*", callbacks: {
104
- "should be a valid minute spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 59) },
105
- }
106
-
107
- property :hour, [Integer, String],
108
- description: "The hour at which the cron entry is to run (`0 - 23`).",
109
- default: "*", callbacks: {
110
- "should be a valid hour spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 23) },
111
- }
112
-
113
- property :day, [Integer, String],
114
- description: "The day of month at which the cron entry should run (`1 - 31`).",
115
- default: "*", callbacks: {
116
- "should be a valid day spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 1, 31) },
117
- }
118
-
119
- property :month, [Integer, String],
120
- description: "The month in the year on which a cron entry is to run (`1 - 12`, `jan-dec`, or `*`).",
121
- default: "*", callbacks: {
122
- "should be a valid month spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_month(spec) },
123
- }
124
-
125
- property :weekday, [Integer, String],
126
- description: "The day of the week on which this entry is to run (`0-7`, `mon-sun`, or `*`), where Sunday is both `0` and `7`.",
127
- default: "*", callbacks: {
128
- "should be a valid weekday spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_dow(spec) },
129
- }
130
-
131
- property :command, String,
132
- description: "The command to run.",
133
- required: [:create]
134
-
135
- property :user, String,
136
- description: "The name of the user that runs the command.",
137
- default: "root"
138
-
139
- property :mailto, String,
140
- description: "Set the `MAILTO` environment variable in the cron.d file."
141
-
142
- property :path, String,
143
- description: "Set the `PATH` environment variable in the cron.d file."
144
-
145
- property :home, String,
146
- description: "Set the `HOME` environment variable in the cron.d file."
147
-
148
- property :shell, String,
149
- description: "Set the `SHELL` environment variable in the cron.d file."
150
-
151
104
  property :comment, String,
152
105
  description: "A comment to place in the cron.d file."
153
106
 
154
- property :environment, Hash,
155
- description: "A Hash containing additional arbitrary environment variables under which the cron job will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`.",
156
- default: lazy { {} }
157
-
158
- TIMEOUT_OPTS = %w{duration preserve-status foreground kill-after signal}.freeze
159
- TIMEOUT_REGEX = /\A\S+/.freeze
160
-
161
- property :time_out, Hash,
162
- description: "A Hash of timeouts in the form of `({'OPTION' => 'VALUE'})`.
163
- Accepted valid options are:
164
- `preserve-status` (BOOL, default: 'false'),
165
- `foreground` (BOOL, default: 'false'),
166
- `kill-after` (in seconds),
167
- `signal` (a name like 'HUP' or a number)",
168
- default: lazy { {} },
169
- introduced: "15.7",
170
- coerce: proc { |h|
171
- if h.is_a?(Hash)
172
- invalid_keys = h.keys - TIMEOUT_OPTS
173
- unless invalid_keys.empty?
174
- error_msg = "Key of option time_out must be equal to one of: \"#{TIMEOUT_OPTS.join('", "')}\"! You passed \"#{invalid_keys.join(", ")}\"."
175
- raise Chef::Exceptions::ValidationFailed, error_msg
176
- end
177
- unless h.values.all? { |x| x =~ TIMEOUT_REGEX }
178
- error_msg = "Values of option time_out should be non-empty string without any leading whitespaces."
179
- raise Chef::Exceptions::ValidationFailed, error_msg
180
- end
181
- h
182
- elsif h.is_a?(Integer) || h.is_a?(String)
183
- { "duration" => h }
184
- end
185
- }
186
-
187
107
  property :mode, [String, Integer],
188
108
  description: "The octal mode of the generated crontab file.",
189
109
  default: "0600"
@@ -238,7 +158,7 @@ class Chef
238
158
 
239
159
  # @todo this is Chef 12 era cleanup. Someday we should remove it all
240
160
  template "/etc/cron.d/#{sanitized_name}" do
241
- source ::File.expand_path("../support/cron.d.erb", __FILE__)
161
+ source ::File.expand_path("../../support/cron.d.erb", __FILE__)
242
162
  local true
243
163
  mode new_resource.mode
244
164
  variables(
@@ -28,7 +28,7 @@ class Chef
28
28
  provides(:cron_manage) # legacy name @todo in Chef 15 we should { true } this so it wins over the cookbook
29
29
 
30
30
  introduced "14.4"
31
- description "Use the **cron_access** resource to manage the /etc/cron.allow and /etc/cron.deny files. Note: This resource previously shipped in the `cron` cookbook as `cron_manage`, which it can still be used as for backwards compatibility with existing Chef Infra Client releases."
31
+ description "Use the **cron_access** resource to manage cron's cron.allow and cron.deny files. Note: This resource previously shipped in the `cron` cookbook as `cron_manage`, which it can still be used as for backwards compatibility with existing Chef Infra Client releases."
32
32
  examples <<~DOC
33
33
  **Add the mike user to cron.allow**
34
34
 
@@ -58,11 +58,18 @@ class Chef
58
58
  description: "An optional property to set the user name if it differs from the resource block's name.",
59
59
  name_property: true
60
60
 
61
+ CRON_PATHS = {
62
+ "aix" => "/var/adm/cron",
63
+ "solaris" => "/etc/cron.d",
64
+ "default" => "/etc",
65
+ }.freeze
66
+
61
67
  action :allow do
62
68
  description "Add the user to the cron.allow file."
69
+ allow_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.allow")
63
70
 
64
71
  with_run_context :root do
65
- edit_resource(:template, "/etc/cron.allow") do |new_resource|
72
+ edit_resource(:template, allow_path) do |new_resource|
66
73
  source ::File.expand_path("../support/cron_access.erb", __FILE__)
67
74
  local true
68
75
  mode "0600"
@@ -76,9 +83,10 @@ class Chef
76
83
 
77
84
  action :deny do
78
85
  description "Add the user to the cron.deny file."
86
+ deny_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.deny")
79
87
 
80
88
  with_run_context :root do
81
- edit_resource(:template, "/etc/cron.deny") do |new_resource|
89
+ edit_resource(:template, deny_path) do |new_resource|
82
90
  source ::File.expand_path("../support/cron_access.erb", __FILE__)
83
91
  local true
84
92
  mode "0600"
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "script"
20
- require_relative "../provider/script"
21
20
 
22
21
  class Chef
23
22
  class Resource
@@ -38,7 +38,7 @@ class Chef
38
38
  end
39
39
  ```
40
40
 
41
- **Install Virtualbox from the .mpkg**:
41
+ **Install VirtualBox from the .mpkg**:
42
42
 
43
43
  ```ruby
44
44
  dmg_package 'Virtualbox' do
@@ -66,7 +66,7 @@ class Chef
66
66
  description: "The remote URL that is used to download the `.dmg` file, if specified."
67
67
 
68
68
  property :file, String,
69
- description: "The full path to the `.dmg` file on the local system."
69
+ description: "The absolute path to the `.dmg` file on the local system."
70
70
 
71
71
  property :owner, [String, Integer],
72
72
  description: "The user that should own the package installation."
@@ -27,10 +27,476 @@ class Chef
27
27
 
28
28
  provides :execute, target_mode: true
29
29
 
30
- description "Use the **execute** resource to execute a single command. Commands that"\
31
- " are executed with this resource are (by their nature) not idempotent,"\
32
- " as they are typically unique to the environment in which they are run."\
33
- " Use not_if and only_if to guard this resource for idempotence."
30
+ description "Use the **execute** resource to execute a single command. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence. Note: Use the **script** resource to execute a script using a specific interpreter (Ruby, Python, Perl, csh, or Bash)."
31
+
32
+ examples <<~EXAMPLES
33
+ **Run a command upon notification**:
34
+
35
+ ```ruby
36
+ execute 'slapadd' do
37
+ command 'slapadd < /tmp/something.ldif'
38
+ creates '/var/lib/slapd/uid.bdb'
39
+
40
+ action :nothing
41
+ end
42
+
43
+ template '/tmp/something.ldif' do
44
+ source 'something.ldif'
45
+
46
+ notifies :run, 'execute[slapadd]', :immediately
47
+ end
48
+ ```
49
+
50
+ **Run a touch file only once while running a command**:
51
+
52
+ ```ruby
53
+ execute 'upgrade script' do
54
+ command 'php upgrade-application.php && touch /var/application/.upgraded'
55
+
56
+ creates '/var/application/.upgraded'
57
+ action :run
58
+ end
59
+ ```
60
+
61
+ **Run a command which requires an environment variable**:
62
+
63
+ ```ruby
64
+ execute 'slapadd' do
65
+ command 'slapadd < /tmp/something.ldif'
66
+ creates '/var/lib/slapd/uid.bdb'
67
+
68
+ action :run
69
+ environment ({'HOME' => '/home/my_home'})
70
+ end
71
+ ```
72
+
73
+ **Delete a repository using yum to scrub the cache**:
74
+
75
+ ```ruby
76
+ # the following code sample thanks to gaffneyc @ https://gist.github.com/918711
77
+ execute 'clean-yum-cache' do
78
+ command 'yum clean all'
79
+ action :nothing
80
+ end
81
+
82
+ file '/etc/yum.repos.d/bad.repo' do
83
+ action :delete
84
+ notifies :run, 'execute[clean-yum-cache]', :immediately
85
+ end
86
+ ```
87
+
88
+ **Prevent restart and reconfigure if configuration is broken**:
89
+
90
+ Use the `:nothing` action (common to all resources) to prevent the test from
91
+ starting automatically, and then use the `subscribes` notification to run a
92
+ configuration test when a change to the template is detected.
93
+
94
+ ```ruby
95
+ execute 'test-nagios-config' do
96
+ command 'nagios3 --verify-config'
97
+ action :nothing
98
+ subscribes :run, 'template[/etc/nagios3/configures-nagios.conf]', :immediately
99
+ end
100
+ ```
101
+
102
+ **Notify in a specific order**:
103
+
104
+ To notify multiple resources, and then have these resources run in a certain
105
+ order, do something like the following.
106
+
107
+ ```ruby
108
+ execute 'foo' do
109
+ command '...'
110
+ notifies :create, 'template[baz]', :immediately
111
+ notifies :install, 'package[bar]', :immediately
112
+ notifies :run, 'execute[final]', :immediately
113
+ end
114
+
115
+ template 'baz' do
116
+ #...
117
+ notifies :run, 'execute[restart_baz]', :immediately
118
+ end
119
+
120
+ package 'bar'
121
+ execute 'restart_baz'
122
+ execute 'final' do
123
+ command '...'
124
+ end
125
+ ```
126
+
127
+ where the sequencing will be in the same order as the resources are listed in
128
+ the recipe: `execute 'foo'`, `template 'baz'`, `execute [restart_baz]`,
129
+ `package 'bar'`, and `execute 'final'`.
130
+
131
+ **Execute a command using a template**:
132
+
133
+ The following example shows how to set up IPv4 packet forwarding using the
134
+ **execute** resource to run a command named `forward_ipv4` that uses a template
135
+ defined by the **template** resource.
136
+
137
+ ```ruby
138
+ execute 'forward_ipv4' do
139
+ command 'echo > /proc/.../ipv4/ip_forward'
140
+ action :nothing
141
+ end
142
+
143
+ template '/etc/file_name.conf' do
144
+ source 'routing/file_name.conf.erb'
145
+
146
+ notifies :run, 'execute[forward_ipv4]', :delayed
147
+ end
148
+ ```
149
+
150
+ where the `command` property for the **execute** resource contains the command
151
+ that is to be run and the `source` property for the **template** resource
152
+ specifies which template to use. The `notifies` property for the **template**
153
+ specifies that the `execute[forward_ipv4]` (which is defined by the **execute**
154
+ resource) should be queued up and run at the end of a Chef Infra Client run.
155
+
156
+ **Add a rule to an IP table**:
157
+
158
+ The following example shows how to add a rule named `test_rule` to an IP table
159
+ using the **execute** resource to run a command using a template that is defined
160
+ by the **template** resource:
161
+
162
+ ```ruby
163
+ execute 'test_rule' do
164
+ command 'command_to_run
165
+ --option value
166
+ --option value
167
+ --source \#{node[:name_of_node][:ipsec][:local][:subnet]}
168
+ -j test_rule'
169
+
170
+ action :nothing
171
+ end
172
+
173
+ template '/etc/file_name.local' do
174
+ source 'routing/file_name.local.erb'
175
+ notifies :run, 'execute[test_rule]', :delayed
176
+ end
177
+ ```
178
+
179
+ where the `command` property for the **execute** resource contains the command
180
+ that is to be run and the `source` property for the **template** resource
181
+ specifies which template to use. The `notifies` property for the **template**
182
+ specifies that the `execute[test_rule]` (which is defined by the **execute**
183
+ resource) should be queued up and run at the end of a Chef Infra Client run.
184
+
185
+ **Stop a service, do stuff, and then restart it**:
186
+
187
+ The following example shows how to use the **execute**, **service**, and
188
+ **mount** resources together to ensure that a node running on Amazon EC2 is
189
+ running MySQL. This example does the following:
190
+
191
+ - Checks to see if the Amazon EC2 node has MySQL
192
+ - If the node has MySQL, stops MySQL
193
+ - Installs MySQL
194
+ - Mounts the node
195
+ - Restarts MySQL
196
+
197
+ ```ruby
198
+ # the following code sample comes from the ``server_ec2``
199
+ # recipe in the following cookbook:
200
+ # https://github.com/chef-cookbooks/mysql
201
+
202
+ if (node.attribute?('ec2') && !FileTest.directory?(node['mysql']['ec2_path']))
203
+ service 'mysql' do
204
+ action :stop
205
+ end
206
+
207
+ execute 'install-mysql' do
208
+ command "mv \#{node['mysql']['data_dir']} \#{node['mysql']['ec2_path']}"
209
+ not_if { ::File.directory?(node['mysql']['ec2_path']) }
210
+ end
211
+
212
+ [node['mysql']['ec2_path'], node['mysql']['data_dir']].each do |dir|
213
+ directory dir do
214
+ owner 'mysql'
215
+ group 'mysql'
216
+ end
217
+ end
218
+
219
+ mount node['mysql']['data_dir'] do
220
+ device node['mysql']['ec2_path']
221
+ fstype 'none'
222
+ options 'bind,rw'
223
+ action [:mount, :enable]
224
+ end
225
+
226
+ service 'mysql' do
227
+ action :start
228
+ end
229
+ end
230
+ ```
231
+
232
+ where
233
+
234
+ - the two **service** resources are used to stop, and then restart the MySQL service
235
+ - the **execute** resource is used to install MySQL
236
+ - the **mount** resource is used to mount the node and enable MySQL
237
+
238
+ **Use the platform_family? method**:
239
+
240
+ The following is an example of using the `platform_family?` method in the Recipe
241
+ DSL to create a variable that can be used with other resources in the same
242
+ recipe. In this example, `platform_family?` is being used to ensure that a
243
+ specific binary is used for a specific platform before using the **remote_file**
244
+ resource to download a file from a remote location, and then using the
245
+ **execute** resource to install that file by running a command.
246
+
247
+ ```ruby
248
+ if platform_family?('rhel')
249
+ pip_binary = '/usr/bin/pip'
250
+ else
251
+ pip_binary = '/usr/local/bin/pip'
252
+ end
253
+
254
+ remote_file "\#{Chef::Config[:file_cache_path]}/distribute_setup.py" do
255
+ source 'http://python-distribute.org/distribute_setup.py'
256
+ mode '0755'
257
+ not_if { ::File.exist?(pip_binary) }
258
+ end
259
+
260
+ execute 'install-pip' do
261
+ cwd Chef::Config[:file_cache_path]
262
+ command <<~EOF
263
+ # command for installing Python goes here
264
+ EOF
265
+ not_if { ::File.exist?(pip_binary) }
266
+ end
267
+ ```
268
+
269
+ where a command for installing Python might look something like:
270
+
271
+ ```ruby
272
+ \#{node['python']['binary']} distribute_setup.py \#{::File.dirname(pip_binary)}/easy_install pip
273
+ ```
274
+
275
+ **Control a service using the execute resource**:
276
+
277
+ <div class="admonition-warning">
278
+ <p class="admonition-warning-title">Warning</p>
279
+ <div class="admonition-warning-text">
280
+ This is an example of something that should NOT be done. Use the **service**
281
+ resource to control a service, not the **execute** resource.
282
+ </div>
283
+ </div>
284
+
285
+ Do something like this:
286
+
287
+ ```ruby
288
+ service 'tomcat' do
289
+ action :start
290
+ end
291
+ ```
292
+
293
+ and NOT something like this:
294
+
295
+ ```ruby
296
+ execute 'start-tomcat' do
297
+ command '/etc/init.d/tomcat start'
298
+ action :run
299
+ end
300
+ ```
301
+
302
+ There is no reason to use the **execute** resource to control a service because
303
+ the **service** resource exposes the `start_command` property directly, which
304
+ gives a recipe full control over the command issued in a much cleaner, more
305
+ direct manner.
306
+
307
+ **Use the search recipe DSL method to find users**:
308
+
309
+ The following example shows how to use the `search` method in the Recipe DSL to
310
+ search for users:
311
+
312
+ ```ruby
313
+ # the following code sample comes from the openvpn cookbook:
314
+
315
+ search("users", "*:*") do |u|
316
+ execute "generate-openvpn-\#{u['id']}" do
317
+ command "./pkitool \#{u['id']}"
318
+ cwd '/etc/openvpn/easy-rsa'
319
+ end
320
+
321
+ %w{ conf ovpn }.each do |ext|
322
+ template "\#{node['openvpn']['key_dir']}/\#{u['id']}.\#{ext}" do
323
+ source 'client.conf.erb'
324
+ variables :username => u['id']
325
+ end
326
+ end
327
+ end
328
+ ```
329
+
330
+ where
331
+
332
+ - the search data will be used to create **execute** resources
333
+ - the **template** resource tells Chef Infra Client which template to use
334
+
335
+ **Enable remote login for macOS**:
336
+
337
+ ```ruby
338
+ execute 'enable ssh' do
339
+ command '/usr/sbin/systemsetup -setremotelogin on'
340
+ not_if '/usr/sbin/systemsetup -getremotelogin | /usr/bin/grep On'
341
+ action :run
342
+ end
343
+ ```
344
+
345
+ **Execute code immediately, based on the template resource**:
346
+
347
+ By default, notifications are `:delayed`, that is they are queued up as they are
348
+ triggered, and then executed at the very end of a Chef Infra Client run. To run
349
+ kan action immediately, use `:immediately`:
350
+
351
+ ```ruby
352
+ template '/etc/nagios3/configures-nagios.conf' do
353
+ # other parameters
354
+ notifies :run, 'execute[test-nagios-config]', :immediately
355
+ end
356
+ ```
357
+
358
+ and then Chef Infra Client would immediately run the following:
359
+
360
+ ```ruby
361
+ execute 'test-nagios-config' do
362
+ command 'nagios3 --verify-config'
363
+ action :nothing
364
+ end
365
+ ```
366
+
367
+ **Sourcing a file**:
368
+
369
+ The **execute** resource cannot be used to source a file (e.g. `command 'source
370
+ filename'`). The following example will fail because `source` is not an
371
+ executable:
372
+
373
+ ```ruby
374
+ execute 'foo' do
375
+ command 'source /tmp/foo.sh'
376
+ end
377
+ ```
378
+
379
+
380
+ Instead, use the **script** resource or one of the **script**-based resources
381
+ (**bash**, **csh**, **perl**, **python**, or **ruby**). For example:
382
+
383
+ ```ruby
384
+ bash 'foo' do
385
+ code 'source /tmp/foo.sh'
386
+ end
387
+ ```
388
+
389
+ **Run a Knife command**:
390
+
391
+ ```ruby
392
+ execute 'create_user' do
393
+ command <<~EOM
394
+ knife user create \#{user}
395
+ --admin
396
+ --password password
397
+ --disable-editing
398
+ --file /home/vagrant/.chef/user.pem
399
+ --config /tmp/knife-admin.rb
400
+ EOM
401
+ end
402
+ ```
403
+
404
+ **Run install command into virtual environment**:
405
+
406
+ The following example shows how to install a lightweight JavaScript framework
407
+ into Vagrant:
408
+
409
+ ```ruby
410
+ execute "install q and zombiejs" do
411
+ cwd "/home/vagrant"
412
+ user "vagrant"
413
+ environment ({'HOME' => '/home/vagrant', 'USER' => 'vagrant'})
414
+ command "npm install -g q zombie should mocha coffee-script"
415
+ action :run
416
+ end
417
+ ```
418
+
419
+ **Run a command as a named user**:
420
+
421
+ The following example shows how to run `bundle install` from a Chef Infra Client
422
+ run as a specific user. This will put the gem into the path of the user
423
+ (`vagrant`) instead of the root user (under which the Chef Infra Client runs):
424
+
425
+ ```ruby
426
+ execute '/opt/chefdk/embedded/bin/bundle install' do
427
+ cwd node['chef_workstation']['bundler_path']
428
+ user node['chef_workstation']['user']
429
+
430
+ environment ({
431
+ 'HOME' => "/home/\#{node['chef_workstation']['user']}",
432
+ 'USER' => node['chef_workstation']['user']
433
+ })
434
+ not_if 'bundle check'
435
+ end
436
+ ```
437
+
438
+ **Run a command as an alternate user**:
439
+
440
+ *Note*: When Chef is running as a service, this feature requires that the user
441
+ that Chef runs as has 'SeAssignPrimaryTokenPrivilege' (aka
442
+ 'SE_ASSIGNPRIMARYTOKEN_NAME') user right. By default only LocalSystem and
443
+ NetworkService have this right when running as a service. This is necessary
444
+ even if the user is an Administrator.
445
+
446
+ This right can be added and checked in a recipe using this example:
447
+
448
+ ```ruby
449
+ # Add 'SeAssignPrimaryTokenPrivilege' for the user
450
+ Chef::ReservedNames::Win32::Security.add_account_right('<user>', 'SeAssignPrimaryTokenPrivilege')
451
+
452
+ # Check if the user has 'SeAssignPrimaryTokenPrivilege' rights
453
+ Chef::ReservedNames::Win32::Security.get_account_right('<user>').include?('SeAssignPrimaryTokenPrivilege')
454
+ ```
455
+
456
+ The following example shows how to run `mkdir test_dir` from a Chef Infra Client
457
+ run as an alternate user.
458
+
459
+ ```ruby
460
+ # Passing only username and password
461
+ execute 'mkdir test_dir' do
462
+ cwd Chef::Config[:file_cache_path]
463
+
464
+ user "username"
465
+ password "password"
466
+ end
467
+
468
+ # Passing username and domain
469
+ execute 'mkdir test_dir' do
470
+ cwd Chef::Config[:file_cache_path]
471
+
472
+ domain "domain-name"
473
+ user "user"
474
+ password "password"
475
+ end
476
+
477
+ # Passing username = 'domain-name\\username'. No domain is passed
478
+ execute 'mkdir test_dir' do
479
+ cwd Chef::Config[:file_cache_path]
480
+
481
+ user "domain-name\\username"
482
+ password "password"
483
+ end
484
+
485
+ # Passing username = 'username@domain-name'. No domain is passed
486
+ execute 'mkdir test_dir' do
487
+ cwd Chef::Config[:file_cache_path]
488
+
489
+ user "username@domain-name"
490
+ password "password"
491
+ end
492
+ ```
493
+
494
+ **Run a command with an external input file**:
495
+
496
+ execute 'md5sum' do
497
+ input File.read(__FILE__)
498
+ end
499
+ EXAMPLES
34
500
 
35
501
  # The ResourceGuardInterpreter wraps a resource's guards in another resource. That inner resource
36
502
  # needs to behave differently during (for example) why_run mode, so we flag it here. For why_run mode
@@ -62,13 +528,13 @@ class Chef
62
528
  description: "The current working directory from which the command will be run."
63
529
 
64
530
  property :environment, Hash,
65
- description: "A Hash of environment variables in the form of ({'ENV_VARIABLE' => 'VALUE'})."
531
+ description: "A Hash of environment variables in the form of `({'ENV_VARIABLE' => 'VALUE'})`. **Note**: These variables must exist for a command to be run successfully."
66
532
 
67
533
  property :group, [ String, Integer ],
68
534
  description: "The group name or group ID that must be changed before running a command."
69
535
 
70
536
  property :live_stream, [ TrueClass, FalseClass ], default: false,
71
- description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::CLIENT} event stream."
537
+ description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::PRODUCT} event stream."
72
538
 
73
539
  # default_env defaults to `false` so that the command execution more exactly matches what the user gets on the command line without magic
74
540
  property :default_env, [ TrueClass, FalseClass ], desired_state: false, default: false,
@@ -84,7 +550,7 @@ class Chef
84
550
  desired_state: false
85
551
 
86
552
  property :user, [ String, Integer ],
87
- description: "The user name of the user identity with which to launch the new process. The user name may optionally be specifed with a domain, i.e. domainuser or user@my.dns.domain.com via Universal Principal Name (UPN)format. It can also be specified without a domain simply as user if the domain is instead specified using the domain property. On Windows only, if this property is specified, the password property must be specified."
553
+ description: "The user name of the user identity with which to launch the new process. The user name may optionally be specified with a domain, i.e. domainuser or user@my.dns.domain.com via Universal Principal Name (UPN)format. It can also be specified without a domain simply as user if the domain is instead specified using the domain property. On Windows only, if this property is specified, the password property must be specified."
88
554
 
89
555
  property :domain, String,
90
556
  introduced: "12.21",
@@ -96,13 +562,17 @@ class Chef
96
562
 
97
563
  # lazy used to set default value of sensitive to true if password is set
98
564
  property :sensitive, [ TrueClass, FalseClass ],
99
- description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::CLIENT}.",
565
+ description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::PRODUCT}.",
100
566
  default: lazy { password ? true : false }, default_description: "True if the password property is set. False otherwise."
101
567
 
102
568
  property :elevated, [ TrueClass, FalseClass ], default: false,
103
569
  description: "Determines whether the script will run with elevated permissions to circumvent User Access Control (UAC) interactively blocking the process.\nThis will cause the process to be run under a batch login instead of an interactive login. The user running #{Chef::Dist::CLIENT} needs the 'Replace a process level token' and 'Adjust Memory Quotas for a process' permissions. The user that is running the command needs the 'Log on as a batch job' permission.\nBecause this requires a login, the user and password properties are required.",
104
570
  introduced: "13.3"
105
571
 
572
+ property :input, [String],
573
+ introduced: "16.2",
574
+ description: "An optional property to set the input sent to the command as STDIN."
575
+
106
576
  alias :env :environment
107
577
 
108
578
  def self.set_guard_inherited_attributes(*inherited_attributes)