chef 16.1.0-universal-mingw32 → 16.3.38-universal-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (424) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -7
  3. data/README.md +3 -3
  4. data/Rakefile +4 -3
  5. data/chef-universal-mingw32.gemspec +2 -2
  6. data/chef.gemspec +7 -6
  7. data/distro/powershell/chef/chef.psm1 +3 -3
  8. data/distro/templates/powershell/chef/chef.psm1.erb +3 -3
  9. data/lib/chef/application.rb +12 -0
  10. data/lib/chef/application/apply.rb +2 -1
  11. data/lib/chef/application/base.rb +1 -1
  12. data/lib/chef/application/client.rb +1 -1
  13. data/lib/chef/application/windows_service_manager.rb +1 -1
  14. data/lib/chef/{whitelist.rb → attribute_allowlist.rb} +11 -11
  15. data/lib/chef/{blacklist.rb → attribute_blocklist.rb} +9 -9
  16. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  17. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +1 -2
  18. data/lib/chef/chef_fs/file_system/chef_server/acls_dir.rb +1 -1
  19. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
  20. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +1 -5
  21. data/lib/chef/chef_fs/file_system/repository/base_file.rb +1 -0
  22. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  23. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +2 -2
  24. data/lib/chef/chef_fs/path_utils.rb +4 -4
  25. data/lib/chef/client.rb +3 -3
  26. data/lib/chef/cookbook/chefignore.rb +1 -1
  27. data/lib/chef/cookbook/file_system_file_vendor.rb +1 -1
  28. data/lib/chef/cookbook/metadata.rb +2 -2
  29. data/lib/chef/cookbook/remote_file_vendor.rb +1 -3
  30. data/lib/chef/cookbook/syntax_check.rb +1 -2
  31. data/lib/chef/cookbook_loader.rb +16 -30
  32. data/lib/chef/cookbook_manifest.rb +1 -1
  33. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  34. data/lib/chef/cookbook_version.rb +4 -4
  35. data/lib/chef/data_bag.rb +5 -6
  36. data/lib/chef/data_collector.rb +1 -1
  37. data/lib/chef/data_collector/error_handlers.rb +1 -1
  38. data/lib/chef/decorator/lazy_array.rb +2 -2
  39. data/lib/chef/deprecated.rb +12 -0
  40. data/lib/chef/digester.rb +5 -4
  41. data/lib/chef/dsl/declare_resource.rb +1 -1
  42. data/lib/chef/dsl/platform_introspection.rb +2 -0
  43. data/lib/chef/encrypted_data_bag_item/decryptor.rb +1 -1
  44. data/lib/chef/encrypted_data_bag_item/encryptor.rb +1 -1
  45. data/lib/chef/environment.rb +1 -2
  46. data/lib/chef/exceptions.rb +3 -0
  47. data/lib/chef/file_access_control.rb +1 -1
  48. data/lib/chef/file_access_control/windows.rb +2 -2
  49. data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
  50. data/lib/chef/formatters/base.rb +1 -1
  51. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  52. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  53. data/lib/chef/http.rb +19 -4
  54. data/lib/chef/http/authenticator.rb +1 -1
  55. data/lib/chef/http/decompressor.rb +1 -1
  56. data/lib/chef/http/http_request.rb +1 -1
  57. data/lib/chef/http/json_output.rb +1 -1
  58. data/lib/chef/http/ssl_policies.rb +18 -0
  59. data/lib/chef/json_compat.rb +1 -1
  60. data/lib/chef/key.rb +1 -1
  61. data/lib/chef/knife.rb +6 -6
  62. data/lib/chef/knife/bootstrap.rb +24 -24
  63. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  64. data/lib/chef/knife/bootstrap/client_builder.rb +1 -1
  65. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  66. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +3 -1
  67. data/lib/chef/knife/bootstrap/train_connector.rb +1 -0
  68. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  69. data/lib/chef/knife/config_get.rb +2 -1
  70. data/lib/chef/knife/config_list_profiles.rb +4 -1
  71. data/lib/chef/knife/config_use_profile.rb +15 -5
  72. data/lib/chef/knife/configure.rb +1 -1
  73. data/lib/chef/knife/cookbook_delete.rb +1 -1
  74. data/lib/chef/knife/cookbook_upload.rb +6 -14
  75. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  76. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  77. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  78. data/lib/chef/knife/core/hashed_command_loader.rb +2 -1
  79. data/lib/chef/knife/core/node_presenter.rb +1 -1
  80. data/lib/chef/knife/core/status_presenter.rb +1 -1
  81. data/lib/chef/knife/core/subcommand_loader.rb +21 -2
  82. data/lib/chef/knife/core/ui.rb +8 -2
  83. data/lib/chef/knife/core/windows_bootstrap_context.rb +18 -4
  84. data/lib/chef/knife/data_bag_create.rb +1 -1
  85. data/lib/chef/knife/key_create_base.rb +1 -1
  86. data/lib/chef/knife/key_edit_base.rb +1 -1
  87. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  88. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  89. data/lib/chef/knife/rehash.rb +3 -21
  90. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  91. data/lib/chef/knife/ssh.rb +7 -3
  92. data/lib/chef/knife/supermarket_share.rb +1 -1
  93. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  94. data/lib/chef/log.rb +8 -3
  95. data/lib/chef/mixin/api_version_request_handling.rb +1 -1
  96. data/lib/chef/mixin/checksum.rb +0 -1
  97. data/{spec/functional/resource/base.rb → lib/chef/mixin/chef_utils_wiring.rb} +24 -12
  98. data/{spec/unit/log_spec.rb → lib/chef/mixin/default_paths.rb} +13 -5
  99. data/lib/chef/mixin/openssl_helper.rb +31 -9
  100. data/lib/chef/mixin/path_sanity.rb +5 -4
  101. data/lib/chef/mixin/properties.rb +2 -2
  102. data/lib/chef/mixin/securable.rb +2 -2
  103. data/lib/chef/mixin/shell_out.rb +4 -188
  104. data/lib/chef/mixin/template.rb +1 -0
  105. data/lib/chef/mixin/which.rb +6 -3
  106. data/lib/chef/mixins.rb +1 -0
  107. data/lib/chef/node.rb +36 -12
  108. data/lib/chef/node/attribute.rb +2 -2
  109. data/lib/chef/node/immutable_collections.rb +1 -1
  110. data/lib/chef/node_map.rb +21 -18
  111. data/lib/chef/platform/service_helpers.rb +31 -28
  112. data/lib/chef/policy_builder/policyfile.rb +1 -1
  113. data/lib/chef/powershell.rb +1 -1
  114. data/lib/chef/property.rb +2 -2
  115. data/lib/chef/provider.rb +3 -3
  116. data/lib/chef/provider/batch.rb +3 -10
  117. data/lib/chef/provider/cron.rb +2 -14
  118. data/lib/chef/provider/directory.rb +1 -1
  119. data/lib/chef/provider/execute.rb +2 -1
  120. data/lib/chef/provider/file.rb +1 -1
  121. data/lib/chef/provider/git.rb +12 -4
  122. data/lib/chef/provider/group/dscl.rb +2 -2
  123. data/lib/chef/provider/group/windows.rb +1 -1
  124. data/lib/chef/provider/ifconfig.rb +7 -7
  125. data/lib/chef/provider/mount/aix.rb +1 -1
  126. data/lib/chef/provider/mount/solaris.rb +0 -1
  127. data/lib/chef/provider/mount/windows.rb +2 -2
  128. data/lib/chef/provider/noop.rb +1 -1
  129. data/lib/chef/provider/package/chocolatey.rb +1 -1
  130. data/lib/chef/provider/package/dpkg.rb +1 -1
  131. data/lib/chef/provider/package/openbsd.rb +1 -1
  132. data/lib/chef/provider/package/portage.rb +3 -2
  133. data/lib/chef/provider/package/powershell.rb +6 -2
  134. data/lib/chef/provider/package/rubygems.rb +3 -3
  135. data/lib/chef/provider/package/snap.rb +97 -29
  136. data/lib/chef/provider/package/windows.rb +11 -6
  137. data/lib/chef/provider/package/windows/msi.rb +3 -3
  138. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  139. data/lib/chef/provider/package/yum.rb +1 -1
  140. data/lib/chef/provider/package/yum/yum_cache.rb +1 -1
  141. data/lib/chef/provider/package/zypper.rb +0 -1
  142. data/lib/chef/provider/powershell_script.rb +10 -14
  143. data/lib/chef/provider/remote_directory.rb +2 -2
  144. data/lib/chef/provider/remote_file/http.rb +4 -1
  145. data/lib/chef/provider/script.rb +4 -75
  146. data/lib/chef/provider/service.rb +2 -2
  147. data/lib/chef/provider/service/arch.rb +2 -2
  148. data/lib/chef/provider/service/debian.rb +2 -2
  149. data/lib/chef/provider/service/openbsd.rb +4 -4
  150. data/lib/chef/provider/service/redhat.rb +1 -1
  151. data/lib/chef/provider/service/upstart.rb +1 -1
  152. data/lib/chef/provider/service/windows.rb +1 -1
  153. data/lib/chef/provider/subversion.rb +2 -2
  154. data/lib/chef/provider/user/aix.rb +1 -1
  155. data/lib/chef/provider/user/dscl.rb +6 -6
  156. data/lib/chef/provider/user/linux.rb +3 -3
  157. data/lib/chef/provider/user/mac.rb +15 -11
  158. data/lib/chef/provider/windows_script.rb +87 -25
  159. data/lib/chef/provider/windows_task.rb +4 -2
  160. data/lib/chef/provider/yum_repository.rb +1 -1
  161. data/lib/chef/provider/zypper_repository.rb +31 -11
  162. data/lib/chef/resource.rb +27 -14
  163. data/lib/chef/resource/alternatives.rb +1 -1
  164. data/lib/chef/resource/apt_package.rb +1 -1
  165. data/lib/chef/resource/archive_file.rb +28 -8
  166. data/lib/chef/resource/bash.rb +0 -1
  167. data/lib/chef/resource/batch.rb +4 -2
  168. data/lib/chef/resource/build_essential.rb +2 -2
  169. data/lib/chef/resource/chef_client_scheduled_task.rb +14 -2
  170. data/lib/chef/resource/chef_gem.rb +57 -21
  171. data/lib/chef/resource/chef_handler.rb +2 -2
  172. data/lib/chef/resource/chef_vault_secret.rb +1 -1
  173. data/lib/chef/resource/chocolatey_feature.rb +1 -2
  174. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  175. data/lib/chef/resource/cron/cron.rb +46 -0
  176. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +7 -87
  177. data/lib/chef/resource/cron_access.rb +13 -5
  178. data/lib/chef/resource/csh.rb +0 -1
  179. data/lib/chef/resource/dmg_package.rb +2 -2
  180. data/lib/chef/resource/execute.rb +480 -10
  181. data/lib/chef/resource/file.rb +10 -8
  182. data/lib/chef/resource/freebsd_package.rb +1 -1
  183. data/lib/chef/resource/gem_package.rb +35 -2
  184. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  185. data/lib/chef/resource/homebrew_package.rb +30 -1
  186. data/lib/chef/resource/homebrew_update.rb +107 -0
  187. data/lib/chef/resource/hostname.rb +7 -20
  188. data/lib/chef/resource/kernel_module.rb +14 -1
  189. data/lib/chef/resource/launchd.rb +1 -1
  190. data/lib/chef/resource/locale.rb +3 -3
  191. data/lib/chef/resource/lwrp_base.rb +1 -0
  192. data/lib/chef/resource/macos_userdefaults.rb +176 -56
  193. data/lib/chef/resource/mount.rb +1 -1
  194. data/lib/chef/resource/openssl_x509_certificate.rb +11 -14
  195. data/lib/chef/resource/openssl_x509_crl.rb +1 -2
  196. data/lib/chef/resource/perl.rb +0 -1
  197. data/lib/chef/resource/plist.rb +23 -4
  198. data/lib/chef/resource/powershell_script.rb +4 -2
  199. data/lib/chef/resource/python.rb +0 -1
  200. data/lib/chef/resource/remote_file.rb +26 -10
  201. data/lib/chef/resource/ruby.rb +0 -1
  202. data/lib/chef/resource/scm/git.rb +1 -1
  203. data/lib/chef/resource/service.rb +2 -2
  204. data/lib/chef/resource/ssh_known_hosts_entry.rb +16 -1
  205. data/lib/chef/resource/sudo.rb +30 -3
  206. data/lib/chef/resource/swap_file.rb +17 -0
  207. data/lib/chef/resource/template.rb +1 -1
  208. data/lib/chef/resource/timezone.rb +15 -0
  209. data/lib/chef/resource/user_ulimit.rb +1 -1
  210. data/lib/chef/resource/windows_ad_join.rb +30 -1
  211. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  212. data/lib/chef/resource/windows_auto_run.rb +11 -0
  213. data/lib/chef/resource/windows_certificate.rb +27 -1
  214. data/lib/chef/resource/windows_dfs_server.rb +1 -1
  215. data/lib/chef/resource/windows_dns_record.rb +17 -0
  216. data/lib/chef/resource/windows_firewall_profile.rb +197 -0
  217. data/lib/chef/resource/windows_font.rb +3 -3
  218. data/lib/chef/resource/windows_package.rb +1 -1
  219. data/lib/chef/resource/windows_pagefile.rb +2 -2
  220. data/lib/chef/resource/windows_script.rb +2 -16
  221. data/lib/chef/resource/windows_security_policy.rb +67 -36
  222. data/lib/chef/resource/windows_shortcut.rb +1 -2
  223. data/lib/chef/resource/windows_task.rb +10 -10
  224. data/lib/chef/resource/windows_user_privilege.rb +33 -10
  225. data/lib/chef/resource/yum_repository.rb +9 -9
  226. data/lib/chef/resource_inspector.rb +11 -4
  227. data/lib/chef/resources.rb +5 -2
  228. data/lib/chef/role.rb +1 -2
  229. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  230. data/lib/chef/search/query.rb +1 -1
  231. data/lib/chef/shell/ext.rb +1 -1
  232. data/lib/chef/shell/shell_session.rb +2 -0
  233. data/lib/chef/util/diff.rb +2 -3
  234. data/lib/chef/util/windows/net_user.rb +1 -1
  235. data/lib/chef/util/windows/volume.rb +1 -1
  236. data/lib/chef/version.rb +2 -2
  237. data/lib/chef/win32/api.rb +2 -2
  238. data/lib/chef/win32/api/error.rb +3 -1
  239. data/lib/chef/win32/api/file.rb +1 -1
  240. data/lib/chef/win32/api/net.rb +1 -0
  241. data/lib/chef/win32/file.rb +1 -1
  242. data/lib/chef/win32/mutex.rb +1 -1
  243. data/lib/chef/win32/net.rb +1 -0
  244. data/lib/chef/win32/registry.rb +3 -4
  245. data/lib/chef/win32/security.rb +1 -1
  246. data/lib/chef/win32/security/sid.rb +4 -4
  247. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  248. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  249. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  250. data/spec/functional/knife/configure_spec.rb +1 -1
  251. data/spec/functional/knife/ssh_spec.rb +5 -16
  252. data/spec/functional/resource/aix_service_spec.rb +9 -2
  253. data/spec/functional/resource/aixinit_service_spec.rb +1 -2
  254. data/spec/functional/resource/apt_package_spec.rb +0 -1
  255. data/spec/functional/resource/bash_spec.rb +3 -2
  256. data/spec/functional/resource/bff_spec.rb +1 -1
  257. data/spec/functional/resource/chocolatey_package_spec.rb +4 -0
  258. data/spec/functional/resource/cron_spec.rb +20 -2
  259. data/spec/functional/resource/dnf_package_spec.rb +6 -3
  260. data/spec/functional/resource/execute_spec.rb +1 -1
  261. data/spec/functional/resource/git_spec.rb +29 -7
  262. data/spec/functional/resource/group_spec.rb +15 -3
  263. data/spec/functional/resource/ifconfig_spec.rb +9 -1
  264. data/spec/functional/resource/insserv_spec.rb +3 -3
  265. data/spec/functional/resource/link_spec.rb +2 -5
  266. data/spec/functional/resource/mount_spec.rb +9 -1
  267. data/spec/functional/resource/msu_package_spec.rb +9 -3
  268. data/spec/functional/resource/powershell_script_spec.rb +4 -4
  269. data/spec/functional/resource/remote_file_spec.rb +9 -15
  270. data/spec/functional/resource/rpm_spec.rb +1 -1
  271. data/spec/functional/resource/timezone_spec.rb +2 -0
  272. data/spec/functional/resource/windows_package_spec.rb +0 -1
  273. data/spec/functional/resource/windows_path_spec.rb +4 -0
  274. data/spec/functional/resource/windows_security_policy_spec.rb +0 -1
  275. data/spec/functional/resource/windows_service_spec.rb +4 -0
  276. data/spec/functional/resource/windows_task_spec.rb +16 -15
  277. data/spec/functional/resource/windows_user_privilege_spec.rb +1 -2
  278. data/spec/functional/resource/yum_package_spec.rb +4 -1
  279. data/spec/functional/resource/zypper_package_spec.rb +4 -1
  280. data/spec/functional/run_lock_spec.rb +2 -1
  281. data/spec/functional/shell_spec.rb +5 -6
  282. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  283. data/spec/functional/version_spec.rb +1 -1
  284. data/spec/functional/win32/crypto_spec.rb +1 -1
  285. data/spec/integration/knife/config_list_profiles_spec.rb +30 -2
  286. data/spec/integration/knife/config_use_profile_spec.rb +55 -2
  287. data/spec/integration/knife/cookbook_upload_spec.rb +28 -1
  288. data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
  289. data/spec/integration/knife/environment_from_file_spec.rb +1 -1
  290. data/spec/integration/knife/node_from_file_spec.rb +1 -1
  291. data/spec/integration/knife/role_from_file_spec.rb +1 -1
  292. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  293. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
  294. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  295. data/spec/integration/recipes/notifies_spec.rb +1 -1
  296. data/spec/integration/recipes/notifying_block_spec.rb +1 -1
  297. data/spec/integration/recipes/recipe_dsl_spec.rb +5 -1
  298. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +2 -0
  299. data/spec/integration/recipes/resource_load_spec.rb +4 -2
  300. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  301. data/spec/integration/recipes/use_partial_spec.rb +1 -1
  302. data/spec/scripts/ssl-serve.rb +1 -1
  303. data/spec/spec_helper.rb +10 -4
  304. data/spec/support/chef_helpers.rb +2 -21
  305. data/spec/support/platform_helpers.rb +1 -3
  306. data/spec/support/platforms/win32/spec_service.rb +1 -1
  307. data/spec/support/shared/functional/execute_resource.rb +1 -1
  308. data/spec/support/shared/functional/file_resource.rb +0 -1
  309. data/spec/support/shared/functional/securable_resource.rb +1 -2
  310. data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
  311. data/spec/support/shared/functional/windows_script.rb +3 -3
  312. data/spec/support/shared/integration/knife_support.rb +2 -9
  313. data/spec/support/shared/unit/application_dot_d.rb +0 -1
  314. data/spec/support/shared/unit/execute_resource.rb +1 -1
  315. data/spec/support/shared/unit/provider/file.rb +12 -8
  316. data/spec/support/shared/unit/provider/useradd_based_user_provider.rb +4 -4
  317. data/spec/unit/application/solo_spec.rb +4 -2
  318. data/spec/unit/application_spec.rb +11 -2
  319. data/spec/unit/chef_fs/config_spec.rb +2 -2
  320. data/spec/unit/chef_fs/diff_spec.rb +8 -8
  321. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +2 -4
  322. data/spec/unit/chef_fs/{parallelizer.rb → parallelizer_spec.rb} +1 -1
  323. data/spec/unit/client_spec.rb +4 -1
  324. data/spec/unit/cookbook/gem_installer_spec.rb +2 -1
  325. data/spec/unit/cookbook/synchronizer_spec.rb +26 -24
  326. data/spec/unit/data_bag_spec.rb +6 -3
  327. data/spec/unit/data_collector_spec.rb +1 -1
  328. data/spec/unit/decorator_spec.rb +23 -23
  329. data/spec/unit/dsl/platform_introspection_spec.rb +1 -0
  330. data/spec/unit/environment_spec.rb +5 -1
  331. data/spec/unit/event_dispatch/dispatcher_spec.rb +3 -0
  332. data/spec/unit/guard_interpreter_spec.rb +1 -1
  333. data/spec/unit/http/api_versions_spec.rb +1 -1
  334. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  335. data/spec/unit/json_compat_spec.rb +1 -1
  336. data/spec/unit/knife/bootstrap_spec.rb +5 -8
  337. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  338. data/spec/unit/knife/cookbook_show_spec.rb +6 -7
  339. data/spec/unit/knife/cookbook_upload_spec.rb +7 -10
  340. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +7 -1
  341. data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
  342. data/spec/unit/log/syslog_spec.rb +6 -10
  343. data/spec/unit/log/winevt_spec.rb +21 -13
  344. data/spec/unit/lwrp_spec.rb +9 -6
  345. data/spec/unit/mixin/{path_sanity_spec.rb → default_paths_spec.rb} +14 -14
  346. data/spec/unit/mixin/openssl_helper_spec.rb +4 -4
  347. data/spec/unit/mixin/powershell_exec_spec.rb +1 -1
  348. data/spec/unit/mixin/powershell_out_spec.rb +2 -4
  349. data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
  350. data/spec/unit/mixin/securable_spec.rb +0 -1
  351. data/spec/unit/mixin/shell_out_spec.rb +25 -26
  352. data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
  353. data/spec/unit/mixin/unformatter_spec.rb +2 -2
  354. data/spec/unit/mixin/uris_spec.rb +1 -1
  355. data/spec/unit/mixin/user_context_spec.rb +1 -9
  356. data/spec/unit/mixin/which.rb +8 -0
  357. data/spec/unit/node/attribute_spec.rb +1 -1
  358. data/spec/unit/node_spec.rb +98 -11
  359. data/spec/unit/property_spec.rb +6 -6
  360. data/spec/unit/provider/batch_spec.rb +130 -0
  361. data/spec/unit/provider/cron/unix_spec.rb +1 -1
  362. data/spec/unit/provider/cron_spec.rb +9 -49
  363. data/spec/unit/provider/dsc_resource_spec.rb +22 -38
  364. data/spec/unit/provider/dsc_script_spec.rb +10 -10
  365. data/spec/unit/provider/execute_spec.rb +1 -8
  366. data/spec/unit/provider/git_spec.rb +3 -3
  367. data/spec/unit/provider/group/groupadd_spec.rb +1 -1
  368. data/spec/unit/provider/ifconfig_spec.rb +0 -1
  369. data/spec/unit/provider/mdadm_spec.rb +1 -3
  370. data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -1
  371. data/spec/unit/provider/package/openbsd_spec.rb +1 -1
  372. data/spec/unit/provider/package/pacman_spec.rb +17 -20
  373. data/spec/unit/provider/package/portage_spec.rb +2 -2
  374. data/spec/unit/provider/package/powershell_spec.rb +96 -87
  375. data/spec/unit/provider/package/rubygems_spec.rb +5 -10
  376. data/spec/unit/provider/package/smartos_spec.rb +1 -1
  377. data/spec/unit/provider/package/snap_spec.rb +1 -1
  378. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
  379. data/spec/unit/provider/package/windows_spec.rb +30 -53
  380. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  381. data/spec/unit/provider/script_spec.rb +20 -110
  382. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  383. data/spec/unit/provider/service/windows_spec.rb +2 -6
  384. data/spec/unit/provider/systemd_unit_spec.rb +28 -24
  385. data/spec/unit/provider/user/dscl_spec.rb +2 -2
  386. data/spec/unit/provider/windows_env_spec.rb +5 -4
  387. data/spec/unit/provider/zypper_repository_spec.rb +60 -10
  388. data/spec/unit/provider_spec.rb +1 -0
  389. data/spec/unit/resource/archive_file_spec.rb +11 -2
  390. data/spec/unit/resource/chef_client_cron_spec.rb +23 -7
  391. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  392. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +7 -4
  393. data/spec/unit/resource/cron_spec.rb +2 -2
  394. data/spec/unit/resource/execute_spec.rb +10 -0
  395. data/spec/unit/resource/file/verification_spec.rb +2 -1
  396. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  397. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  398. data/spec/unit/resource/macos_user_defaults_spec.rb +103 -2
  399. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  400. data/spec/unit/resource/timezone_spec.rb +1 -1
  401. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  402. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  403. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  404. data/spec/unit/resource/windows_firewall_profile_spec.rb +77 -0
  405. data/spec/unit/resource/windows_package_spec.rb +1 -0
  406. data/spec/unit/resource/windows_task_spec.rb +1 -1
  407. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  408. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  409. data/spec/unit/resource_reporter_spec.rb +1 -1
  410. data/spec/unit/resource_spec.rb +84 -1
  411. data/spec/unit/role_spec.rb +23 -21
  412. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  413. data/spec/unit/run_lock_spec.rb +1 -1
  414. data/spec/unit/scan_access_control_spec.rb +1 -1
  415. data/spec/unit/util/backup_spec.rb +1 -1
  416. data/spec/unit/util/diff_spec.rb +1 -15
  417. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  418. data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
  419. data/spec/unit/util/selinux_spec.rb +2 -1
  420. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  421. data/spec/unit/win32/registry_spec.rb +1 -1
  422. data/spec/unit/win32/security_spec.rb +4 -3
  423. metadata +68 -40
  424. data/lib/chef/resource/cron.rb +0 -157
@@ -40,7 +40,7 @@ class Chef
40
40
  shell_out!("userdel", userdel_options, new_resource.username)
41
41
  end
42
42
 
43
- # Aix does not support -r like other unix, sytem account is created by adding to 'system' group
43
+ # Aix does not support -r like other unix, system account is created by adding to 'system' group
44
44
  def useradd_options
45
45
  opts = []
46
46
  opts << "-g" << "system" if new_resource.system
@@ -215,7 +215,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
215
215
  next_uid_guess = base_uid
216
216
  users_uids = run_dscl("list", "/Users", "uid")
217
217
  while next_uid_guess < search_limit + base_uid
218
- if users_uids =~ Regexp.new("#{Regexp.escape(next_uid_guess.to_s)}\n")
218
+ if users_uids&.match?(Regexp.new("#{Regexp.escape(next_uid_guess.to_s)}\n"))
219
219
  next_uid_guess += 1
220
220
  else
221
221
  uid = next_uid_guess
@@ -291,7 +291,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
291
291
  end
292
292
 
293
293
  def validate_home_dir_specification!
294
- unless new_resource.home =~ %r{^/}
294
+ unless %r{^/}.match?(new_resource.home)
295
295
  raise(Chef::Exceptions::InvalidHomeDirectory, "invalid path spec for User: '#{new_resource.username}', home directory: '#{new_resource.home}'")
296
296
  end
297
297
  end
@@ -382,7 +382,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
382
382
  salt,
383
383
  iterations,
384
384
  128,
385
- OpenSSL::Digest::SHA512.new
385
+ OpenSSL::Digest.new("SHA512")
386
386
  )
387
387
  end
388
388
 
@@ -536,7 +536,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
536
536
 
537
537
  # We flush the cache here in order to make sure that we read fresh information
538
538
  # for the user.
539
- shell_out("dscacheutil", "-flushcache") # FIXME: this is MacOS version dependent
539
+ shell_out("dscacheutil", "-flushcache") # FIXME: this is macOS version dependent
540
540
 
541
541
  begin
542
542
  user_plist_file = "#{USER_PLIST_DIRECTORY}/#{new_resource.username}.plist"
@@ -587,7 +587,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
587
587
  result = shell_out("dscl", ".", "-#{args[0]}", args[1..-1])
588
588
  return "" if ( args.first =~ /^delete/ ) && ( result.exitstatus != 0 )
589
589
  raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") unless result.exitstatus == 0
590
- raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") if result.stdout =~ /No such key: /
590
+ raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") if /No such key: /.match?(result.stdout)
591
591
 
592
592
  result.stdout
593
593
  end
@@ -627,7 +627,7 @@ in 'password', with the associated 'salt' and 'iterations'.")
627
627
  salt,
628
628
  current_resource.iterations,
629
629
  128,
630
- OpenSSL::Digest::SHA512.new
630
+ OpenSSL::Digest.new("SHA512")
631
631
  ).unpack("H*").first == current_resource.password
632
632
  end
633
633
 
@@ -96,7 +96,7 @@ class Chef
96
96
  passwd_s = shell_out("passwd", "-S", new_resource.username, returns: [ 0, 1 ])
97
97
 
98
98
  # checking "does not exist" has to come before exit code handling since centos and ubuntu differ in exit codes
99
- if passwd_s.stderr =~ /does not exist/
99
+ if /does not exist/.match?(passwd_s.stderr)
100
100
  return false if whyrun_mode?
101
101
 
102
102
  raise Chef::Exceptions::User, "User #{new_resource.username} does not exist when checking lock status for #{new_resource}"
@@ -108,8 +108,8 @@ class Chef
108
108
  # now the actual output parsing
109
109
  @locked = nil
110
110
  status_line = passwd_s.stdout.split(" ")
111
- @locked = false if status_line[1] =~ /^[PN]/
112
- @locked = true if status_line[1] =~ /^L/
111
+ @locked = false if /^[PN]/.match?(status_line[1])
112
+ @locked = true if /^L/.match?(status_line[1])
113
113
 
114
114
  raise Chef::Exceptions::User, "Cannot determine if user #{new_resource.username} is locked for #{new_resource}" if @locked.nil?
115
115
 
@@ -102,7 +102,7 @@ class Chef
102
102
  shadow_hash_hex = user_plist[:shadow_hash][0]
103
103
  return unless shadow_hash_hex && shadow_hash_hex != ""
104
104
 
105
- # The password infomation is stored in the ShadowHashData key in the
105
+ # The password information is stored in the ShadowHashData key in the
106
106
  # plist. However, parsing it is a bit tricky as the value is itself
107
107
  # another encoded binary plist. We have to extract the encoded plist,
108
108
  # decode it from hex to a binary plist and then convert the binary
@@ -116,6 +116,8 @@ class Chef
116
116
  #
117
117
  # eg:
118
118
  #
119
+ # spellchecker: disable
120
+ #
119
121
  # <array>
120
122
  # <string>77687920 63616e27 74206170 706c6520 6275696c 6420636f 6e736973 74656e74 20746f6f 6c696e67</string>
121
123
  # </array>
@@ -126,6 +128,8 @@ class Chef
126
128
  # <data>AADKAAAKAA4LAA0MAAAAAAAAAAA=</data>
127
129
  # </array>
128
130
  #
131
+ # spellchecker: disable
132
+ #
129
133
  begin
130
134
  shadow_binary_plist = [shadow_hash_hex.delete(" ")].pack("H*")
131
135
  shadow_xml_plist = shell_out("plutil", "-convert", "xml1", "-o", "-", "-", input: shadow_binary_plist).stdout
@@ -159,7 +163,7 @@ class Chef
159
163
  # a problem. We'll check stderr and make sure we see that it finished
160
164
  # correctly.
161
165
  res = run_sysadminctl(cmd)
162
- unless res.downcase =~ /creating user/
166
+ unless /creating user/.match?(res.downcase)
163
167
  raise Chef::Exceptions::User, "error when creating user: #{res}"
164
168
  end
165
169
 
@@ -179,7 +183,7 @@ class Chef
179
183
  end
180
184
 
181
185
  if new_resource.manage_home
182
- # "sydadminctl -addUser" will create the home directory if it's
186
+ # "sysadminctl -addUser" will create the home directory if it's
183
187
  # the default /Users/<username>, otherwise it sets it in plist
184
188
  # but does not create it. Here we'll ensure that it gets created
185
189
  # if we've been given a directory that is not the default.
@@ -305,7 +309,7 @@ class Chef
305
309
  # sysadminctl doesn't exit with a non-zero exit code if it encounters
306
310
  # a problem. We'll check stderr and make sure we see that it finished
307
311
  res = run_sysadminctl(cmd)
308
- unless res.downcase =~ /deleting record|not found/
312
+ unless /deleting record|not found/.match?(res.downcase)
309
313
  raise Chef::Exceptions::User, "error deleting user: #{res}"
310
314
  end
311
315
 
@@ -368,7 +372,7 @@ class Chef
368
372
  next_uid_guess = base_uid
369
373
  users_uids = run_dscl("list", "/Users", "uid")
370
374
  while next_uid_guess < search_limit + base_uid
371
- if users_uids =~ Regexp.new("#{Regexp.escape(next_uid_guess.to_s)}\n")
375
+ if users_uids&.match?(Regexp.new("#{Regexp.escape(next_uid_guess.to_s)}\n"))
372
376
  next_uid_guess += 1
373
377
  else
374
378
  uid = next_uid_guess
@@ -426,7 +430,7 @@ class Chef
426
430
  # sysadminctl doesn't exit with a non-zero exit code if it encounters
427
431
  # a problem. We'll check stderr and make sure we see that it finished
428
432
  res = run_sysadminctl(cmd)
429
- unless res.downcase =~ /done/
433
+ unless /done/.match?(res.downcase)
430
434
  raise Chef::Exceptions::User, "error when modifying SecureToken: #{res}"
431
435
  end
432
436
 
@@ -491,7 +495,7 @@ class Chef
491
495
  convert_to_binary(current_resource.salt),
492
496
  current_resource.iterations.to_i,
493
497
  128,
494
- OpenSSL::Digest::SHA512.new
498
+ OpenSSL::Digest.new("SHA512")
495
499
  ).unpack("H*")[0] != current_resource.password
496
500
  end
497
501
 
@@ -517,7 +521,7 @@ class Chef
517
521
  salt.string,
518
522
  new_resource.iterations,
519
523
  128,
520
- OpenSSL::Digest::SHA512.new
524
+ OpenSSL::Digest.new("SHA512")
521
525
  )
522
526
  )
523
527
  end
@@ -554,7 +558,7 @@ class Chef
554
558
  # 0x0A End of record denoted by \n
555
559
  # 0x5C Escaping is denoted by \
556
560
  # 0x3A Fields are separated by :
557
- # 0x2C Values are seperated by ,
561
+ # 0x2C Values are separated by ,
558
562
  # dsRecTypeStandard:Users The record type we're configuring
559
563
  # 2 How many properties we're going to set
560
564
  # dsAttrTypeStandard:RecordName Property 1: our users record name
@@ -598,7 +602,7 @@ class Chef
598
602
 
599
603
  def run_sysadminctl(args)
600
604
  # sysadminctl doesn't exit with a non-zero code when errors are encountered
601
- # and ouputs everything to STDERR instead of STDOUT and STDERR. Therefore we'll
605
+ # and outputs everything to STDERR instead of STDOUT and STDERR. Therefore we'll
602
606
  # return the STDERR and let the caller handle it.
603
607
  shell_out!("sysadminctl", args).stderr
604
608
  end
@@ -607,7 +611,7 @@ class Chef
607
611
  result = shell_out("dscl", "-plist", ".", "-#{args[0]}", args[1..-1])
608
612
  return "" if ( args.first =~ /^delete/ ) && ( result.exitstatus != 0 )
609
613
  raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") unless result.exitstatus == 0
610
- raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") if result.stdout =~ /No such key: /
614
+ raise(Chef::Exceptions::DsclCommandFailed, "dscl error: #{result.inspect}") if /No such key: /.match?(result.stdout)
611
615
 
612
616
  result.stdout
613
617
  end
@@ -18,57 +18,119 @@
18
18
 
19
19
  require_relative "script"
20
20
  require_relative "../mixin/windows_architecture_helper"
21
+ require_relative "../win32/security" if ChefUtils.windows?
22
+ require "tempfile" unless defined?(Tempfile)
21
23
 
22
24
  class Chef
23
25
  class Provider
24
26
  class WindowsScript < Chef::Provider::Script
25
27
 
26
- attr_reader :is_forced_32bit
27
-
28
28
  protected
29
29
 
30
- include Chef::Mixin::WindowsArchitectureHelper
31
-
32
- def initialize( new_resource, run_context, script_extension = "")
33
- super( new_resource, run_context )
34
- @script_extension = script_extension
30
+ attr_accessor :script_file_path
35
31
 
36
- target_architecture = if new_resource.architecture.nil?
37
- node_windows_architecture(run_context.node)
38
- else
39
- new_resource.architecture
40
- end
41
-
42
- @is_wow64 = wow64_architecture_override_required?(run_context.node, target_architecture)
32
+ include Chef::Mixin::WindowsArchitectureHelper
43
33
 
44
- @is_forced_32bit = forced_32bit_override_required?(run_context.node, target_architecture)
34
+ def target_architecture
35
+ @target_architecture ||= if new_resource.architecture.nil?
36
+ node_windows_architecture(run_context.node)
37
+ else
38
+ new_resource.architecture
39
+ end
45
40
  end
46
41
 
47
- public
42
+ def basepath
43
+ if forced_32bit_override_required?(run_context.node, target_architecture)
44
+ wow64_directory
45
+ else
46
+ run_context.node["kernel"]["os_info"]["system_directory"]
47
+ end
48
+ end
48
49
 
49
- action :run do
50
+ def with_wow64_redirection_disabled
50
51
  wow64_redirection_state = nil
51
52
 
52
- if @is_wow64
53
- wow64_redirection_state = disable_wow64_file_redirection(@run_context.node)
53
+ if wow64_architecture_override_required?(run_context.node, target_architecture)
54
+ wow64_redirection_state = disable_wow64_file_redirection(run_context.node)
54
55
  end
55
56
 
56
57
  begin
57
- super()
58
+ yield
58
59
  rescue
59
60
  raise
60
61
  ensure
61
62
  unless wow64_redirection_state.nil?
62
- restore_wow64_file_redirection(@run_context.node, wow64_redirection_state)
63
+ restore_wow64_file_redirection(run_context.node, wow64_redirection_state)
63
64
  end
64
65
  end
65
66
  end
66
67
 
67
- def script_file
68
- base_script_name = "chef-script"
69
- temp_file_arguments = [ base_script_name, @script_extension ]
68
+ def command
69
+ "\"#{interpreter}\" #{flags} \"#{script_file_path}\""
70
+ end
71
+
72
+ def grant_alternate_user_read_access(file_path)
73
+ # Do nothing if an alternate user isn't specified -- the file
74
+ # will already have the correct permissions for the user as part
75
+ # of the default ACL behavior on Windows.
76
+ return if new_resource.user.nil?
77
+
78
+ # Duplicate the script file's existing DACL
79
+ # so we can add an ACE later
80
+ securable_object = Chef::ReservedNames::Win32::Security::SecurableObject.new(file_path)
81
+ aces = securable_object.security_descriptor.dacl.reduce([]) { |result, current| result.push(current) }
82
+
83
+ username = new_resource.user
84
+
85
+ if new_resource.domain
86
+ username = new_resource.domain + '\\' + new_resource.user
87
+ end
88
+
89
+ # Create an ACE that allows the alternate user read access to the script
90
+ # file so it can be read and executed.
91
+ user_sid = Chef::ReservedNames::Win32::Security::SID.from_account(username)
92
+ read_ace = Chef::ReservedNames::Win32::Security::ACE.access_allowed(user_sid, Chef::ReservedNames::Win32::API::Security::GENERIC_READ | Chef::ReservedNames::Win32::API::Security::GENERIC_EXECUTE, 0)
93
+ aces.push(read_ace)
94
+ acl = Chef::ReservedNames::Win32::Security::ACL.create(aces)
95
+
96
+ # This actually applies the modified DACL to the file
97
+ # Use parentheses to bypass RuboCop / ChefStyle warning
98
+ # about useless setter
99
+ (securable_object.dacl = acl)
100
+ end
101
+
102
+ def with_temp_script_file
103
+ Tempfile.open(["chef-script", script_extension]) do |script_file|
104
+ script_file.puts(code)
105
+ script_file.close
106
+
107
+ grant_alternate_user_read_access(script_file.path)
108
+
109
+ # This needs to be set here so that the call to #command in Execute works.
110
+ self.script_file_path = script_file.path
111
+
112
+ yield
113
+
114
+ self.script_file_path = nil
115
+ end
116
+ end
117
+
118
+ def input
119
+ nil
120
+ end
121
+
122
+ public
123
+
124
+ action :run do
125
+ with_wow64_redirection_disabled do
126
+ with_temp_script_file do
127
+ super()
128
+ end
129
+ end
130
+ end
70
131
 
71
- @script_file ||= Tempfile.open(temp_file_arguments)
132
+ def script_extension
133
+ raise Chef::Exceptions::Override, "You must override #{__method__} in #{self}"
72
134
  end
73
135
  end
74
136
  end
@@ -72,6 +72,7 @@ class Chef
72
72
  6 => TaskScheduler::TASK_SIXTH,
73
73
  7 => TaskScheduler::TASK_SEVENTH,
74
74
  8 => TaskScheduler::TASK_EIGHTH,
75
+ # cspell:disable-next-line
75
76
  9 => TaskScheduler::TASK_NINETH,
76
77
  10 => TaskScheduler::TASK_TENTH,
77
78
  11 => TaskScheduler::TASK_ELEVENTH,
@@ -93,6 +94,7 @@ class Chef
93
94
  27 => TaskScheduler::TASK_TWENTY_SEVENTH,
94
95
  28 => TaskScheduler::TASK_TWENTY_EIGHTH,
95
96
  29 => TaskScheduler::TASK_TWENTY_NINTH,
97
+ # cspell:disable-next-line
96
98
  30 => TaskScheduler::TASK_THIRTYETH,
97
99
  31 => TaskScheduler::TASK_THIRTY_FIRST,
98
100
  }.freeze
@@ -229,7 +231,7 @@ class Chef
229
231
 
230
232
  private
231
233
 
232
- # seprated command arguments from :command property
234
+ # separated command arguments from :command property
233
235
  def set_command_and_arguments
234
236
  cmd, *args = Chef::Util::PathHelper.split_args(new_resource.command)
235
237
  new_resource.command = cmd
@@ -577,7 +579,7 @@ class Chef
577
579
 
578
580
  def logon_type
579
581
  # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa383566(v=vs.85).aspx
580
- # if nothing is passed as logon_type the TASK_LOGON_SERVICE_ACCOUNT is getting set as default so using that for comparision.
582
+ # if nothing is passed as logon_type the TASK_LOGON_SERVICE_ACCOUNT is getting set as default so using that for comparison.
581
583
  user_id = new_resource.user.to_s
582
584
  password = new_resource.password.to_s
583
585
  if Chef::ReservedNames::Win32::Security::SID.service_account_user?(user_id)
@@ -37,7 +37,7 @@ class Chef
37
37
  if template_available?(new_resource.source)
38
38
  source new_resource.source
39
39
  else
40
- source ::File.expand_path("../support/yum_repo.erb", __FILE__)
40
+ source ::File.expand_path("support/yum_repo.erb", __dir__)
41
41
  local true
42
42
  end
43
43
  sensitive new_resource.sensitive
@@ -41,7 +41,7 @@ class Chef
41
41
  if template_available?(new_resource.source)
42
42
  source new_resource.source
43
43
  else
44
- source ::File.expand_path("../support/zypper_repo.erb", __FILE__)
44
+ source ::File.expand_path("support/zypper_repo.erb", __dir__)
45
45
  local true
46
46
  end
47
47
  sensitive new_resource.sensitive
@@ -115,28 +115,48 @@ class Chef
115
115
  end
116
116
  end
117
117
 
118
+ # the version of gpg installed on the system
119
+ #
120
+ # @return [Gem::Version] the version of GPG
121
+ def gpg_version
122
+ so = shell_out!("gpg --version")
123
+ # matches 2.0 and 2.2 versions from SLES 12 and 15: https://rubular.com/r/e6D0WfGK6SXvUp
124
+ version = /gpg \(GnuPG\)\s*(.*)/.match(so.stdout)[1]
125
+ logger.trace("GPG package version is #{version}")
126
+ Gem::Version.new(version)
127
+ end
128
+
118
129
  # is the provided key already installed
119
130
  # @param [String] key_path the path to the key on the local filesystem
120
131
  #
121
132
  # @return [boolean] is the key already known by rpm
122
133
  def key_installed?(key_path)
123
- so = shell_out("rpm -qa gpg-pubkey*")
134
+ so = shell_out("/bin/rpm -qa gpg-pubkey*")
124
135
  # expected output & match: http://rubular.com/r/RdF7EcXEtb
125
- status = /gpg-pubkey-#{key_fingerprint(key_path)}/.match(so.stdout)
136
+ status = /gpg-pubkey-#{short_key_id(key_path)}/.match(so.stdout)
126
137
  logger.trace("GPG key at #{key_path} is known by rpm? #{status ? "true" : "false"}")
127
138
  status
128
139
  end
129
140
 
130
- # extract the gpg key fingerprint from a local file
141
+ # extract the gpg key's short key id from a local file. Learning moment: This 8 hex value ID
142
+ # is sometimes incorrectly called the fingerprint. The fingerprint is the full length value
143
+ # and googling for that will just result in sad times.
144
+ #
131
145
  # @param [String] key_path the path to the key on the local filesystem
132
146
  #
133
- # @return [String] the fingerprint of the key
134
- def key_fingerprint(key_path)
135
- so = shell_out!("gpg --with-fingerprint #{key_path}")
136
- # expected output and match: http://rubular.com/r/BpfMjxySQM
137
- fingerprint = %r{pub\s*\S*/(\S*)}.match(so.stdout)[1].downcase
138
- logger.trace("GPG fingerprint of key at #{key_path} is #{fingerprint}")
139
- fingerprint
147
+ # @return [String] the short key id of the key
148
+ def short_key_id(key_path)
149
+ if gpg_version >= Gem::Version.new("2.2") # SLES 15+
150
+ so = shell_out!("gpg --import-options import-show --dry-run --import --with-colons #{key_path}")
151
+ # expected output and match: https://rubular.com/r/uXWJo3yfkli1qA
152
+ short_key_id = /fpr:*\h*(\h{8}):/.match(so.stdout)[1].downcase
153
+ else # SLES 12 and earlier
154
+ so = shell_out!("gpg --with-fingerprint #{key_path}")
155
+ # expected output and match: http://rubular.com/r/BpfMjxySQM
156
+ short_key_id = %r{pub\s*\S*/(\S*)}.match(so.stdout)[1].downcase
157
+ end
158
+ logger.trace("GPG short key ID of key at #{key_path} is #{short_key_id}")
159
+ short_key_id
140
160
  end
141
161
 
142
162
  # install the provided gpg key