chef 16.1.16-universal-mingw32 → 16.3.45-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (364) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -7
  3. data/README.md +3 -3
  4. data/Rakefile +3 -16
  5. data/chef-universal-mingw32.gemspec +2 -2
  6. data/chef.gemspec +7 -6
  7. data/lib/chef/application.rb +12 -0
  8. data/lib/chef/application/apply.rb +2 -1
  9. data/lib/chef/application/base.rb +1 -1
  10. data/lib/chef/application/client.rb +1 -1
  11. data/lib/chef/application/windows_service_manager.rb +1 -1
  12. data/lib/chef/{whitelist.rb → attribute_allowlist.rb} +11 -11
  13. data/lib/chef/{blacklist.rb → attribute_blocklist.rb} +9 -9
  14. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  15. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +1 -2
  16. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
  17. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +1 -5
  18. data/lib/chef/chef_fs/file_system/repository/base_file.rb +1 -0
  19. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  20. data/lib/chef/chef_fs/path_utils.rb +1 -1
  21. data/lib/chef/client.rb +3 -3
  22. data/lib/chef/cookbook/chefignore.rb +1 -1
  23. data/lib/chef/cookbook/metadata.rb +1 -1
  24. data/lib/chef/cookbook/remote_file_vendor.rb +1 -3
  25. data/lib/chef/cookbook/syntax_check.rb +1 -2
  26. data/lib/chef/cookbook_loader.rb +15 -29
  27. data/lib/chef/cookbook_version.rb +2 -2
  28. data/lib/chef/data_bag.rb +5 -6
  29. data/lib/chef/deprecated.rb +12 -0
  30. data/lib/chef/digester.rb +3 -2
  31. data/lib/chef/dsl/platform_introspection.rb +2 -0
  32. data/lib/chef/environment.rb +1 -2
  33. data/lib/chef/exceptions.rb +3 -0
  34. data/lib/chef/file_access_control.rb +1 -1
  35. data/lib/chef/file_access_control/windows.rb +2 -2
  36. data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
  37. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  38. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  39. data/lib/chef/handler.rb +2 -0
  40. data/lib/chef/http.rb +27 -13
  41. data/lib/chef/http/authenticator.rb +3 -1
  42. data/lib/chef/http/http_request.rb +1 -1
  43. data/lib/chef/http/json_output.rb +1 -1
  44. data/lib/chef/http/ssl_policies.rb +18 -0
  45. data/lib/chef/knife.rb +5 -5
  46. data/lib/chef/knife/bootstrap.rb +19 -19
  47. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  48. data/lib/chef/knife/bootstrap/train_connector.rb +1 -0
  49. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  50. data/lib/chef/knife/config_get.rb +2 -1
  51. data/lib/chef/knife/config_list_profiles.rb +4 -1
  52. data/lib/chef/knife/config_use_profile.rb +15 -5
  53. data/lib/chef/knife/configure.rb +1 -1
  54. data/lib/chef/knife/cookbook_delete.rb +1 -1
  55. data/lib/chef/knife/cookbook_upload.rb +6 -14
  56. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  57. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  58. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  59. data/lib/chef/knife/core/hashed_command_loader.rb +1 -0
  60. data/lib/chef/knife/core/subcommand_loader.rb +20 -1
  61. data/lib/chef/knife/core/ui.rb +8 -2
  62. data/lib/chef/knife/core/windows_bootstrap_context.rb +2 -3
  63. data/lib/chef/knife/data_bag_create.rb +1 -1
  64. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  65. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  66. data/lib/chef/knife/rehash.rb +3 -21
  67. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  68. data/lib/chef/knife/ssh.rb +6 -2
  69. data/lib/chef/knife/supermarket_share.rb +1 -1
  70. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  71. data/lib/chef/log.rb +8 -3
  72. data/{spec/functional/resource/base.rb → lib/chef/mixin/chef_utils_wiring.rb} +24 -12
  73. data/{spec/unit/log_spec.rb → lib/chef/mixin/default_paths.rb} +13 -5
  74. data/lib/chef/mixin/openssl_helper.rb +27 -5
  75. data/lib/chef/mixin/path_sanity.rb +5 -4
  76. data/lib/chef/mixin/securable.rb +2 -2
  77. data/lib/chef/mixin/shell_out.rb +4 -188
  78. data/lib/chef/mixin/template.rb +1 -0
  79. data/lib/chef/mixin/which.rb +6 -3
  80. data/lib/chef/mixins.rb +1 -0
  81. data/lib/chef/node.rb +36 -12
  82. data/lib/chef/node_map.rb +21 -18
  83. data/lib/chef/platform/service_helpers.rb +31 -28
  84. data/lib/chef/powershell.rb +1 -1
  85. data/lib/chef/provider/batch.rb +3 -10
  86. data/lib/chef/provider/cron.rb +2 -14
  87. data/lib/chef/provider/execute.rb +2 -1
  88. data/lib/chef/provider/git.rb +12 -4
  89. data/lib/chef/provider/group/dscl.rb +2 -2
  90. data/lib/chef/provider/group/windows.rb +1 -1
  91. data/lib/chef/provider/ifconfig.rb +7 -7
  92. data/lib/chef/provider/mount/aix.rb +1 -1
  93. data/lib/chef/provider/mount/solaris.rb +0 -1
  94. data/lib/chef/provider/mount/windows.rb +2 -2
  95. data/lib/chef/provider/noop.rb +1 -1
  96. data/lib/chef/provider/package/openbsd.rb +1 -1
  97. data/lib/chef/provider/package/portage.rb +2 -2
  98. data/lib/chef/provider/package/powershell.rb +6 -2
  99. data/lib/chef/provider/package/rubygems.rb +2 -2
  100. data/lib/chef/provider/package/snap.rb +97 -29
  101. data/lib/chef/provider/package/windows.rb +9 -4
  102. data/lib/chef/provider/package/windows/msi.rb +3 -3
  103. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  104. data/lib/chef/provider/package/zypper.rb +0 -1
  105. data/lib/chef/provider/powershell_script.rb +10 -14
  106. data/lib/chef/provider/remote_file/http.rb +4 -1
  107. data/lib/chef/provider/script.rb +4 -75
  108. data/lib/chef/provider/service.rb +2 -2
  109. data/lib/chef/provider/service/arch.rb +1 -1
  110. data/lib/chef/provider/service/debian.rb +2 -2
  111. data/lib/chef/provider/service/openbsd.rb +4 -4
  112. data/lib/chef/provider/service/redhat.rb +1 -1
  113. data/lib/chef/provider/service/windows.rb +1 -1
  114. data/lib/chef/provider/subversion.rb +2 -2
  115. data/lib/chef/provider/user/dscl.rb +4 -4
  116. data/lib/chef/provider/user/linux.rb +3 -3
  117. data/lib/chef/provider/user/mac.rb +5 -5
  118. data/lib/chef/provider/windows_script.rb +87 -25
  119. data/lib/chef/provider/yum_repository.rb +1 -1
  120. data/lib/chef/provider/zypper_repository.rb +31 -11
  121. data/lib/chef/resource.rb +24 -11
  122. data/lib/chef/resource/alternatives.rb +1 -1
  123. data/lib/chef/resource/apt_package.rb +1 -1
  124. data/lib/chef/resource/archive_file.rb +28 -8
  125. data/lib/chef/resource/bash.rb +0 -1
  126. data/lib/chef/resource/batch.rb +4 -2
  127. data/lib/chef/resource/build_essential.rb +2 -2
  128. data/lib/chef/resource/chef_client_scheduled_task.rb +14 -2
  129. data/lib/chef/resource/chef_gem.rb +57 -21
  130. data/lib/chef/resource/chocolatey_feature.rb +1 -2
  131. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  132. data/lib/chef/resource/cron/cron.rb +46 -0
  133. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +7 -87
  134. data/lib/chef/resource/cron_access.rb +13 -5
  135. data/lib/chef/resource/csh.rb +0 -1
  136. data/lib/chef/resource/dmg_package.rb +2 -2
  137. data/lib/chef/resource/execute.rb +479 -9
  138. data/lib/chef/resource/file.rb +1 -1
  139. data/lib/chef/resource/freebsd_package.rb +1 -1
  140. data/lib/chef/resource/gem_package.rb +35 -2
  141. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  142. data/lib/chef/resource/homebrew_package.rb +30 -1
  143. data/lib/chef/resource/homebrew_update.rb +107 -0
  144. data/lib/chef/resource/hostname.rb +23 -36
  145. data/lib/chef/resource/kernel_module.rb +14 -1
  146. data/lib/chef/resource/launchd.rb +1 -1
  147. data/lib/chef/resource/lwrp_base.rb +1 -0
  148. data/lib/chef/resource/macos_userdefaults.rb +176 -61
  149. data/lib/chef/resource/mount.rb +1 -1
  150. data/lib/chef/resource/openssl_x509_certificate.rb +11 -14
  151. data/lib/chef/resource/openssl_x509_crl.rb +1 -2
  152. data/lib/chef/resource/perl.rb +0 -1
  153. data/lib/chef/resource/plist.rb +23 -4
  154. data/lib/chef/resource/powershell_script.rb +4 -2
  155. data/lib/chef/resource/python.rb +0 -1
  156. data/lib/chef/resource/remote_file.rb +26 -10
  157. data/lib/chef/resource/ruby.rb +0 -1
  158. data/lib/chef/resource/service.rb +2 -2
  159. data/lib/chef/resource/ssh_known_hosts_entry.rb +16 -1
  160. data/lib/chef/resource/sudo.rb +30 -3
  161. data/lib/chef/resource/swap_file.rb +17 -0
  162. data/lib/chef/resource/template.rb +1 -1
  163. data/lib/chef/resource/timezone.rb +15 -0
  164. data/lib/chef/resource/user_ulimit.rb +1 -1
  165. data/lib/chef/resource/windows_ad_join.rb +30 -1
  166. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  167. data/lib/chef/resource/windows_auto_run.rb +11 -0
  168. data/lib/chef/resource/windows_certificate.rb +26 -0
  169. data/lib/chef/resource/windows_dns_record.rb +17 -0
  170. data/lib/chef/resource/windows_firewall_profile.rb +197 -0
  171. data/lib/chef/resource/windows_font.rb +3 -3
  172. data/lib/chef/resource/windows_package.rb +1 -1
  173. data/lib/chef/resource/windows_pagefile.rb +1 -1
  174. data/lib/chef/resource/windows_script.rb +2 -16
  175. data/lib/chef/resource/windows_security_policy.rb +67 -36
  176. data/lib/chef/resource/windows_shortcut.rb +1 -2
  177. data/lib/chef/resource/windows_task.rb +4 -4
  178. data/lib/chef/resource/windows_user_privilege.rb +30 -7
  179. data/lib/chef/resource/yum_repository.rb +9 -9
  180. data/lib/chef/resource_inspector.rb +7 -1
  181. data/lib/chef/resources.rb +5 -2
  182. data/lib/chef/role.rb +1 -2
  183. data/lib/chef/search/query.rb +1 -1
  184. data/lib/chef/server_api_versions.rb +4 -0
  185. data/lib/chef/shell/shell_session.rb +2 -0
  186. data/lib/chef/util/diff.rb +2 -3
  187. data/lib/chef/util/windows/net_user.rb +1 -1
  188. data/lib/chef/util/windows/volume.rb +1 -1
  189. data/lib/chef/version.rb +2 -2
  190. data/lib/chef/win32/file.rb +1 -1
  191. data/lib/chef/win32/registry.rb +3 -4
  192. data/lib/chef/win32/security.rb +1 -1
  193. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  194. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  195. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  196. data/spec/functional/knife/configure_spec.rb +1 -1
  197. data/spec/functional/knife/ssh_spec.rb +5 -16
  198. data/spec/functional/resource/aix_service_spec.rb +9 -2
  199. data/spec/functional/resource/aixinit_service_spec.rb +1 -2
  200. data/spec/functional/resource/apt_package_spec.rb +0 -1
  201. data/spec/functional/resource/bash_spec.rb +3 -2
  202. data/spec/functional/resource/bff_spec.rb +1 -1
  203. data/spec/functional/resource/chocolatey_package_spec.rb +4 -0
  204. data/spec/functional/resource/cron_spec.rb +20 -2
  205. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  206. data/spec/functional/resource/execute_spec.rb +1 -1
  207. data/spec/functional/resource/git_spec.rb +23 -1
  208. data/spec/functional/resource/group_spec.rb +15 -3
  209. data/spec/functional/resource/ifconfig_spec.rb +9 -1
  210. data/spec/functional/resource/insserv_spec.rb +3 -3
  211. data/spec/functional/resource/link_spec.rb +2 -5
  212. data/spec/functional/resource/mount_spec.rb +9 -1
  213. data/spec/functional/resource/msu_package_spec.rb +9 -3
  214. data/spec/functional/resource/powershell_script_spec.rb +4 -4
  215. data/spec/functional/resource/remote_file_spec.rb +9 -15
  216. data/spec/functional/resource/rpm_spec.rb +1 -1
  217. data/spec/functional/resource/timezone_spec.rb +2 -0
  218. data/spec/functional/resource/windows_package_spec.rb +0 -1
  219. data/spec/functional/resource/windows_path_spec.rb +4 -0
  220. data/spec/functional/resource/windows_security_policy_spec.rb +0 -1
  221. data/spec/functional/resource/windows_service_spec.rb +4 -0
  222. data/spec/functional/resource/windows_task_spec.rb +12 -11
  223. data/spec/functional/resource/windows_user_privilege_spec.rb +1 -2
  224. data/spec/functional/resource/yum_package_spec.rb +4 -1
  225. data/spec/functional/resource/zypper_package_spec.rb +4 -1
  226. data/spec/functional/run_lock_spec.rb +2 -1
  227. data/spec/functional/shell_spec.rb +5 -6
  228. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  229. data/spec/functional/version_spec.rb +1 -1
  230. data/spec/functional/win32/crypto_spec.rb +1 -1
  231. data/spec/integration/knife/config_list_profiles_spec.rb +30 -2
  232. data/spec/integration/knife/config_use_profile_spec.rb +55 -2
  233. data/spec/integration/knife/cookbook_upload_spec.rb +28 -1
  234. data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
  235. data/spec/integration/knife/environment_from_file_spec.rb +1 -1
  236. data/spec/integration/knife/node_from_file_spec.rb +1 -1
  237. data/spec/integration/knife/role_from_file_spec.rb +1 -1
  238. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  239. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
  240. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  241. data/spec/integration/recipes/notifies_spec.rb +1 -1
  242. data/spec/integration/recipes/notifying_block_spec.rb +1 -1
  243. data/spec/integration/recipes/recipe_dsl_spec.rb +5 -1
  244. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +2 -0
  245. data/spec/integration/recipes/resource_load_spec.rb +4 -2
  246. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  247. data/spec/integration/recipes/use_partial_spec.rb +1 -1
  248. data/spec/scripts/ssl-serve.rb +1 -1
  249. data/spec/spec_helper.rb +10 -4
  250. data/spec/support/chef_helpers.rb +1 -20
  251. data/spec/support/platform_helpers.rb +1 -3
  252. data/spec/support/platforms/win32/spec_service.rb +1 -1
  253. data/spec/support/shared/functional/execute_resource.rb +1 -1
  254. data/spec/support/shared/functional/file_resource.rb +0 -1
  255. data/spec/support/shared/functional/securable_resource.rb +1 -2
  256. data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
  257. data/spec/support/shared/functional/windows_script.rb +2 -2
  258. data/spec/support/shared/integration/knife_support.rb +2 -9
  259. data/spec/support/shared/unit/application_dot_d.rb +0 -1
  260. data/spec/support/shared/unit/execute_resource.rb +1 -1
  261. data/spec/support/shared/unit/provider/file.rb +12 -8
  262. data/spec/unit/application/solo_spec.rb +4 -2
  263. data/spec/unit/application_spec.rb +11 -2
  264. data/spec/unit/chef_fs/config_spec.rb +2 -2
  265. data/spec/unit/chef_fs/diff_spec.rb +8 -8
  266. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +2 -4
  267. data/spec/unit/chef_fs/{parallelizer.rb → parallelizer_spec.rb} +1 -1
  268. data/spec/unit/client_spec.rb +4 -1
  269. data/spec/unit/cookbook/gem_installer_spec.rb +2 -1
  270. data/spec/unit/cookbook/synchronizer_spec.rb +26 -24
  271. data/spec/unit/data_bag_spec.rb +6 -3
  272. data/spec/unit/data_collector_spec.rb +1 -1
  273. data/spec/unit/decorator_spec.rb +23 -23
  274. data/spec/unit/dsl/platform_introspection_spec.rb +1 -0
  275. data/spec/unit/environment_spec.rb +5 -1
  276. data/spec/unit/event_dispatch/dispatcher_spec.rb +3 -0
  277. data/spec/unit/guard_interpreter_spec.rb +1 -1
  278. data/spec/unit/http/api_versions_spec.rb +20 -2
  279. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  280. data/spec/unit/json_compat_spec.rb +1 -1
  281. data/spec/unit/knife/bootstrap_spec.rb +5 -8
  282. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  283. data/spec/unit/knife/cookbook_show_spec.rb +6 -7
  284. data/spec/unit/knife/cookbook_upload_spec.rb +7 -10
  285. data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
  286. data/spec/unit/log/syslog_spec.rb +6 -10
  287. data/spec/unit/log/winevt_spec.rb +21 -13
  288. data/spec/unit/lwrp_spec.rb +9 -6
  289. data/spec/unit/mixin/{path_sanity_spec.rb → default_paths_spec.rb} +14 -14
  290. data/spec/unit/mixin/powershell_exec_spec.rb +1 -1
  291. data/spec/unit/mixin/powershell_out_spec.rb +2 -4
  292. data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
  293. data/spec/unit/mixin/securable_spec.rb +0 -1
  294. data/spec/unit/mixin/shell_out_spec.rb +25 -26
  295. data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
  296. data/spec/unit/mixin/unformatter_spec.rb +2 -2
  297. data/spec/unit/mixin/uris_spec.rb +1 -1
  298. data/spec/unit/mixin/user_context_spec.rb +1 -9
  299. data/spec/unit/mixin/which.rb +8 -0
  300. data/spec/unit/node_spec.rb +98 -11
  301. data/spec/unit/property_spec.rb +6 -6
  302. data/spec/unit/provider/batch_spec.rb +130 -0
  303. data/spec/unit/provider/cron/unix_spec.rb +1 -1
  304. data/spec/unit/provider/cron_spec.rb +9 -49
  305. data/spec/unit/provider/dsc_resource_spec.rb +22 -38
  306. data/spec/unit/provider/dsc_script_spec.rb +10 -10
  307. data/spec/unit/provider/execute_spec.rb +1 -8
  308. data/spec/unit/provider/git_spec.rb +3 -3
  309. data/spec/unit/provider/ifconfig_spec.rb +0 -1
  310. data/spec/unit/provider/mdadm_spec.rb +1 -3
  311. data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -1
  312. data/spec/unit/provider/package/openbsd_spec.rb +1 -1
  313. data/spec/unit/provider/package/pacman_spec.rb +17 -20
  314. data/spec/unit/provider/package/powershell_spec.rb +95 -86
  315. data/spec/unit/provider/package/rubygems_spec.rb +5 -10
  316. data/spec/unit/provider/package/smartos_spec.rb +1 -1
  317. data/spec/unit/provider/package/snap_spec.rb +1 -1
  318. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
  319. data/spec/unit/provider/package/windows_spec.rb +30 -53
  320. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  321. data/spec/unit/provider/script_spec.rb +20 -110
  322. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  323. data/spec/unit/provider/service/windows_spec.rb +2 -6
  324. data/spec/unit/provider/systemd_unit_spec.rb +28 -24
  325. data/spec/unit/provider/user/dscl_spec.rb +2 -2
  326. data/spec/unit/provider/windows_env_spec.rb +5 -4
  327. data/spec/unit/provider/zypper_repository_spec.rb +60 -10
  328. data/spec/unit/provider_spec.rb +1 -0
  329. data/spec/unit/resource/archive_file_spec.rb +11 -2
  330. data/spec/unit/resource/chef_client_cron_spec.rb +23 -7
  331. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  332. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +7 -4
  333. data/spec/unit/resource/cron_spec.rb +2 -2
  334. data/spec/unit/resource/execute_spec.rb +10 -0
  335. data/spec/unit/resource/file/verification_spec.rb +2 -1
  336. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  337. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  338. data/spec/unit/resource/macos_user_defaults_spec.rb +103 -2
  339. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  340. data/spec/unit/resource/timezone_spec.rb +1 -1
  341. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  342. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  343. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  344. data/spec/unit/resource/windows_firewall_profile_spec.rb +77 -0
  345. data/spec/unit/resource/windows_package_spec.rb +1 -0
  346. data/spec/unit/resource/windows_task_spec.rb +1 -1
  347. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  348. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  349. data/spec/unit/resource_reporter_spec.rb +1 -1
  350. data/spec/unit/resource_spec.rb +84 -1
  351. data/spec/unit/role_spec.rb +23 -21
  352. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  353. data/spec/unit/run_lock_spec.rb +1 -1
  354. data/spec/unit/scan_access_control_spec.rb +1 -1
  355. data/spec/unit/server_api_spec.rb +43 -16
  356. data/spec/unit/util/backup_spec.rb +1 -1
  357. data/spec/unit/util/diff_spec.rb +1 -15
  358. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  359. data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
  360. data/spec/unit/util/selinux_spec.rb +2 -1
  361. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  362. data/spec/unit/win32/security_spec.rb +4 -3
  363. metadata +68 -40
  364. data/lib/chef/resource/cron.rb +0 -157
@@ -24,7 +24,7 @@ class Chef
24
24
  class HTTP
25
25
  class Authenticator
26
26
 
27
- DEFAULT_SERVER_API_VERSION = "1".freeze
27
+ DEFAULT_SERVER_API_VERSION = "2".freeze
28
28
 
29
29
  attr_reader :signing_key_filename
30
30
  attr_reader :raw_key
@@ -68,6 +68,8 @@ class Chef
68
68
  version_class.best_request_version
69
69
  elsif api_version
70
70
  api_version
71
+ elsif Chef::ServerAPIVersions.instance.negotiated?
72
+ Chef::ServerAPIVersions.instance.max_server_version.to_s
71
73
  else
72
74
  DEFAULT_SERVER_API_VERSION
73
75
  end
@@ -128,7 +128,7 @@ class Chef
128
128
  rescue NoMethodError => e
129
129
  # http://redmine.ruby-lang.org/issues/show/2708
130
130
  # http://redmine.ruby-lang.org/issues/show/2758
131
- if e.to_s =~ /#{Regexp.escape(%q{undefined method `closed?' for nil:NilClass})}/
131
+ if /#{Regexp.escape(%q{undefined method `closed?' for nil:NilClass})}/.match?(e.to_s)
132
132
  Chef::Log.trace("Rescued error in http connect, re-raising as Errno::ECONNREFUSED to hide bug in net/http")
133
133
  Chef::Log.trace("#{e.class.name}: #{e}")
134
134
  Chef::Log.trace(e.backtrace.join("\n"))
@@ -47,7 +47,7 @@ class Chef
47
47
  # needed to keep conditional get stuff working correctly.
48
48
  return [http_response, rest_request, return_value] if return_value == false
49
49
 
50
- if http_response["content-type"] =~ /json/
50
+ if /json/.match?(http_response["content-type"])
51
51
  if http_response.body.nil?
52
52
  return_value = nil
53
53
  elsif raw_output
@@ -129,5 +129,23 @@ class Chef
129
129
  end
130
130
  end
131
131
 
132
+ # This policy is used when we want to explicitly turn on verification
133
+ # for a specific request regardless of the API Policy. For example, when
134
+ # doing a `remote_file` where the user specified `verify_mode :verify_peer`
135
+ class VerifyPeerSSLPolicy < DefaultSSLPolicy
136
+ def set_verify_mode
137
+ http_client.verify_mode = OpenSSL::SSL::VERIFY_PEER
138
+ end
139
+ end
140
+
141
+ # This policy is used when we want to explicitly turn off verification
142
+ # for a specific request regardless of the API Policy. For example, when
143
+ # doing a `remote_file` where the user specified `verify_mode :verify_none`
144
+ class VerifyNoneSSLPolicy < DefaultSSLPolicy
145
+ def set_verify_mode
146
+ http_client.verify_mode = OpenSSL::SSL::VERIFY_NONE
147
+ end
148
+ end
149
+
132
150
  end
133
151
  end
@@ -20,10 +20,10 @@
20
20
  require "forwardable" unless defined?(Forwardable)
21
21
  require_relative "version"
22
22
  require "mixlib/cli" unless defined?(Mixlib::CLI)
23
- require "chef-utils/dsl/path_sanity" unless defined?(ChefUtils::DSL::PathSanity)
23
+ require "chef-utils/dsl/default_paths" unless defined?(ChefUtils::DSL::DefaultPaths)
24
24
  require_relative "workstation_config_loader"
25
25
  require_relative "mixin/convert_to_class_name"
26
- require_relative "mixin/path_sanity"
26
+ require_relative "mixin/default_paths"
27
27
  require_relative "knife/core/subcommand_loader"
28
28
  require_relative "knife/core/ui"
29
29
  require_relative "local_mode"
@@ -40,7 +40,7 @@ class Chef
40
40
  Chef::HTTP::HTTPRequest.user_agent = "#{Chef::Dist::PRODUCT} Knife#{Chef::HTTP::HTTPRequest::UA_COMMON}"
41
41
 
42
42
  include Mixlib::CLI
43
- include ChefUtils::DSL::PathSanity
43
+ include ChefUtils::DSL::DefaultPaths
44
44
  extend Chef::Mixin::ConvertToClassName
45
45
  extend Forwardable
46
46
 
@@ -248,7 +248,7 @@ class Chef
248
248
  category_desc = preferred_category ? preferred_category + " " : ""
249
249
  msg "Available #{category_desc}subcommands: (for details, knife SUB-COMMAND --help)\n\n"
250
250
  subcommand_loader.list_commands(preferred_category).sort.each do |category, commands|
251
- next if category =~ /deprecated/i
251
+ next if /deprecated/i.match?(category)
252
252
 
253
253
  msg "** #{category.upcase} COMMANDS **"
254
254
  commands.sort.each do |command|
@@ -484,7 +484,7 @@ class Chef
484
484
  unless respond_to?(:run)
485
485
  ui.error "You need to add a #run method to your knife command before you can use it"
486
486
  end
487
- ENV["PATH"] = sanitized_path if Chef::Config[:enforce_path_sanity]
487
+ ENV["PATH"] = default_paths if Chef::Config[:enforce_default_paths] || Chef::Config[:enforce_path_sanity]
488
488
  maybe_setup_fips
489
489
  Chef::LocalMode.with_server_connectivity do
490
490
  run
@@ -538,7 +538,7 @@ class Chef
538
538
  end
539
539
 
540
540
  def run
541
- check_license
541
+ check_license if ChefConfig::Dist::ENFORCE_LICENSE
542
542
 
543
543
  plugin_setup!
544
544
  validate_name_args!
@@ -580,11 +580,8 @@ class Chef
580
580
 
581
581
  bootstrap_context.client_pem = client_builder.client_path
582
582
  else
583
- ui.info <<~EOM
584
- Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}...
585
- Delete your validation key in order to use your user credentials for client registration instead.
586
- EOM
587
-
583
+ ui.warn "Performing legacy client registration with the validation key at #{Chef::Config[:validation_key]}..."
584
+ ui.warn "Remove the key file or remove the 'validation_key' configuration option from your config.rb (knife.rb) to use more secure user credentials for client registration."
588
585
  end
589
586
  end
590
587
 
@@ -602,7 +599,7 @@ class Chef
602
599
  end
603
600
 
604
601
  def connect!
605
- ui.info("Connecting to #{ui.color(server_name, :bold)}")
602
+ ui.info("Connecting to #{ui.color(server_name, :bold)} using #{connection_protocol}")
606
603
  opts ||= connection_opts.dup
607
604
  do_connect(opts)
608
605
  rescue Train::Error => e
@@ -633,9 +630,7 @@ class Chef
633
630
  raise
634
631
  else
635
632
  ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
636
- password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:") do |q|
637
- q.echo = false
638
- end
633
+ password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:", echo: false)
639
634
  end
640
635
 
641
636
  opts.merge! force_ssh_password_opts(password)
@@ -649,9 +644,7 @@ class Chef
649
644
  raise
650
645
  else
651
646
  ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
652
- password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:") do |q|
653
- q.echo = false
654
- end
647
+ password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:", echo: false)
655
648
  end
656
649
 
657
650
  opts.merge! force_winrm_password_opts(password)
@@ -684,9 +677,7 @@ class Chef
684
677
  retry
685
678
  elsif config[:use_sudo_password] && (e.reason == :sudo_password_required || e.reason == :bad_sudo_password) && limit < 3
686
679
  ui.warn("Failed to authenticate #{conn_options[:user]} to #{server_name} - #{e.message} \n sudo: #{limit} incorrect password attempt")
687
- sudo_password = ui.ask("Enter sudo password for #{conn_options[:user]}@#{server_name}:") do |q|
688
- q.echo = false
689
- end
680
+ sudo_password = ui.ask("Enter sudo password for #{conn_options[:user]}@#{server_name}:", echo: false)
690
681
  limit += 1
691
682
  conn_options[:sudo_password] = sudo_password
692
683
 
@@ -706,8 +697,17 @@ class Chef
706
697
  true
707
698
  end
708
699
 
700
+ # FIXME: someone needs to clean this up properly: https://github.com/chef/chef/issues/9645
701
+ # This code is deliberately left without an abstraction around deprecating the config options to avoid knife plugins from
702
+ # using those methods (which will need to be deprecated and break them) via inheritance (ruby does not have a true `private`
703
+ # so the lack of any inheritable implementation is because of that).
704
+ #
709
705
  def winrm_auth_method
710
- config_value(:winrm_auth_method, :winrm_authentication_protocol, "negotiate")
706
+ config.key?(:winrm_auth_method) ? config[:winrm_auth_method] : config.key?(:winrm_authentications_protocol) ? config[:winrm_authentication_protocol] : "negotiate" # rubocop:disable Style/NestedTernaryOperator
707
+ end
708
+
709
+ def ssh_verify_host_key
710
+ config.key?(:ssh_verify_host_key) ? config[:ssh_verify_host_key] : config.key?(:host_key_verify) ? config[:host_key_verify] : "always" # rubocop:disable Style/NestedTernaryOperator
711
711
  end
712
712
 
713
713
  # Fail if using plaintext auth without ssl because
@@ -908,7 +908,7 @@ class Chef
908
908
  { self_signed: config[:winrm_no_verify_cert] === true }
909
909
  elsif ssh?
910
910
  # Fall back to the old knife config key name for back compat.
911
- { verify_host_key: config_value(:ssh_verify_host_key, :host_key_verify, "always") }
911
+ { verify_host_key: ssh_verify_host_key }
912
912
  else
913
913
  {}
914
914
  end
@@ -1054,7 +1054,7 @@ class Chef
1054
1054
  # @api deprecated
1055
1055
  #
1056
1056
  def config_value(key, fallback_key = nil, default = nil)
1057
- Chef.deprecated(:knife_bootstrap_apis, "Use of config_value without a fallback_key is deprecated. Knife plugin authors should access the config hash directly, which does correct merging of cli and config options.") if fallback_key.nil?
1057
+ Chef.deprecated(:knife_bootstrap_apis, "Use of config_value is deprecated. Knife plugin authors should access the config hash directly, which does correct merging of cli and config options.")
1058
1058
  if config.key?(key)
1059
1059
  # the first key is the primary key so we check the merged hash first
1060
1060
  config[key]
@@ -185,50 +185,50 @@ if test "x$tmp_dir" != "x"; then
185
185
  rm -r "$tmp_dir"
186
186
  fi
187
187
 
188
- mkdir -p <%= ChefConfig::Config.etc_chef_dir(false) %>
188
+ mkdir -p /etc/chef
189
189
 
190
190
  <% if client_pem -%>
191
- (umask 077 && (cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/client.pem <<'EOP'
191
+ (umask 077 && (cat > /etc/chef/client.pem <<'EOP'
192
192
  <%= ::File.read(::File.expand_path(client_pem)) %>
193
193
  EOP
194
194
  )) || exit 1
195
195
  <% end -%>
196
196
 
197
197
  <% if validation_key -%>
198
- (umask 077 && (cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/validation.pem <<'EOP'
198
+ (umask 077 && (cat > /etc/chef/validation.pem <<'EOP'
199
199
  <%= validation_key %>
200
200
  EOP
201
201
  )) || exit 1
202
202
  <% end -%>
203
203
 
204
204
  <% if encrypted_data_bag_secret -%>
205
- (umask 077 && (cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/encrypted_data_bag_secret <<'EOP'
205
+ (umask 077 && (cat > /etc/chef/encrypted_data_bag_secret <<'EOP'
206
206
  <%= encrypted_data_bag_secret %>
207
207
  EOP
208
208
  )) || exit 1
209
209
  <% end -%>
210
210
 
211
211
  <% unless trusted_certs.empty? -%>
212
- mkdir -p <%= ChefConfig::Config.etc_chef_dir(false) %>/trusted_certs
212
+ mkdir -p /etc/chef/trusted_certs
213
213
  <%= trusted_certs %>
214
214
  <% end -%>
215
215
 
216
216
  <%# Generate Ohai Hints -%>
217
217
  <% unless @config[:hints].nil? || @config[:hints].empty? -%>
218
- mkdir -p <%= ChefConfig::Config.etc_chef_dir(false) %>/ohai/hints
218
+ mkdir -p /etc/chef/ohai/hints
219
219
 
220
220
  <% @config[:hints].each do |name, hash| -%>
221
- cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/ohai/hints/<%= name %>.json <<'EOP'
221
+ cat > /etc/chef/ohai/hints/<%= name %>.json <<'EOP'
222
222
  <%= Chef::JSONCompat.to_json(hash) %>
223
223
  EOP
224
224
  <% end -%>
225
225
  <% end -%>
226
226
 
227
- cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/client.rb <<'EOP'
227
+ cat > /etc/chef/client.rb <<'EOP'
228
228
  <%= config_content %>
229
229
  EOP
230
230
 
231
- cat > <%= ChefConfig::Config.etc_chef_dir(false) %>/first-boot.json <<'EOP'
231
+ cat > /etc/chef/first-boot.json <<'EOP'
232
232
  <%= Chef::JSONCompat.to_json(first_boot) %>
233
233
  EOP
234
234
 
@@ -322,6 +322,7 @@ class Chef
322
322
 
323
323
  class RemoteExecutionFailed < StandardError
324
324
  attr_reader :exit_status, :command, :hostname, :stdout, :stderr
325
+
325
326
  def initialize(hostname, command, result)
326
327
  @hostname = hostname
327
328
  @exit_status = result.exit_status
@@ -44,7 +44,7 @@ class Chef
44
44
  clients_to_delete = {}
45
45
  validators_to_delete = {}
46
46
  all_clients.each do |name, client|
47
- next unless name =~ matcher
47
+ next unless name&.match?(matcher)
48
48
 
49
49
  if client.validator
50
50
  validators_to_delete[client.name] = client
@@ -62,6 +62,7 @@ class Chef
62
62
  config_data.delete(:color)
63
63
  # Only keep these if true, false is much less important because it's the default.
64
64
  config_data.delete(:local_mode) unless config_data[:local_mode]
65
+ config_data.delete(:enforce_default_paths) unless config_data[:enforce_default_paths]
65
66
  config_data.delete(:enforce_path_sanity) unless config_data[:enforce_path_sanity]
66
67
  end
67
68
 
@@ -75,7 +76,7 @@ class Chef
75
76
  # It's a regex.
76
77
  filter_re = Regexp.new($1, $2 ? Regexp::IGNORECASE : 0)
77
78
  config_data.each do |key, value|
78
- output_data[key] = value if key.to_s =~ filter_re
79
+ output_data[key] = value if key.to_s&.match?(filter_re)
79
80
  end
80
81
  else
81
82
  # It's a dotted path string.
@@ -32,6 +32,10 @@ class Chef
32
32
  description: "Ignore the current config.rb/knife.rb configuration.",
33
33
  default: false
34
34
 
35
+ def configure_chef
36
+ apply_computed_config
37
+ end
38
+
35
39
  def run
36
40
  credentials_data = self.class.config_loader.parse_credentials_file
37
41
  if credentials_data.nil? || credentials_data.empty?
@@ -72,7 +76,6 @@ class Chef
72
76
  # Try to reset the config.
73
77
  unless config[:ignore_knife_rb]
74
78
  Chef::Config.reset
75
- Chef::WorkstationConfigLoader.new(config[:config_file], Chef::Log, profile: config[:profile]).load
76
79
  apply_computed_config
77
80
  end
78
81
 
@@ -33,17 +33,27 @@ class Chef
33
33
  end
34
34
 
35
35
  def run
36
+ credentials_data = self.class.config_loader.parse_credentials_file
36
37
  context_file = ChefConfig::PathHelper.home(".chef", "context").freeze
37
38
  profile = @name_args[0]&.strip
38
- if profile && !profile.empty?
39
+ if profile.nil? || profile.empty?
40
+ show_usage
41
+ ui.fatal("You must specify a profile")
42
+ exit 1
43
+ end
44
+
45
+ if credentials_data.nil? || credentials_data.empty?
46
+ ui.fatal("No profiles found, #{self.class.config_loader.credentials_file_path} does not exist or is empty")
47
+ exit 1
48
+ end
49
+
50
+ if credentials_data[profile].nil?
51
+ raise ChefConfig::ConfigurationError, "Profile #{profile} doesn't exist. Please add it to #{self.class.config_loader.credentials_file_path} and if it is profile with DNS name check that you are not missing single quotes around it as per docs https://docs.chef.io/workstation/knife_setup/#knife-profiles."
52
+ else
39
53
  # Ensure the .chef/ folder exists.
40
54
  FileUtils.mkdir_p(File.dirname(context_file))
41
55
  IO.write(context_file, "#{profile}\n")
42
56
  ui.msg("Set default profile to #{profile}")
43
- else
44
- show_usage
45
- ui.fatal("You must specify a profile")
46
- exit 1
47
57
  end
48
58
  end
49
59
 
@@ -92,7 +92,7 @@ class Chef
92
92
  user_create = Chef::Knife::UserCreate.new
93
93
  user_create.name_args = [ new_client_name ]
94
94
  user_create.config[:user_password] = config[:user_password] ||
95
- ui.ask("Please enter a password for the new user: ") { |q| q.echo = false }
95
+ ui.ask("Please enter a password for the new user: ", echo: false)
96
96
  user_create.config[:admin] = true
97
97
  user_create.config[:file] = new_client_key
98
98
  user_create.config[:yes] = true
@@ -89,7 +89,7 @@ class Chef
89
89
  url_and_version["versions"].map { |url_by_version| url_by_version["version"] }
90
90
  end.flatten
91
91
  rescue Net::HTTPClientException => e
92
- if e.to_s =~ /^404/
92
+ if /^404/.match?(e.to_s)
93
93
  ui.error("Cannot find a cookbook named #{@cookbook_name} to delete.")
94
94
  nil
95
95
  else
@@ -23,9 +23,6 @@ require_relative "../knife"
23
23
  class Chef
24
24
  class Knife
25
25
  class CookbookUpload < Knife
26
- CHECKSUM = "checksum".freeze
27
- MATCH_CHECKSUM = /[0-9a-f]{32,}/.freeze
28
-
29
26
  deps do
30
27
  require_relative "../mixin/file_class"
31
28
  include Chef::Mixin::FileClass
@@ -37,10 +34,10 @@ class Chef
37
34
  banner "knife cookbook upload [COOKBOOKS...] (options)"
38
35
 
39
36
  option :cookbook_path,
40
- short: "-o PATH:PATH",
41
- long: "--cookbook-path PATH:PATH",
42
- description: "A colon-separated path to look for cookbooks in.",
43
- proc: lambda { |o| o.split(":") }
37
+ short: "-o 'PATH:PATH'",
38
+ long: "--cookbook-path 'PATH:PATH'",
39
+ description: "A delimited path to search for cookbooks. On Unix the delimiter is ':', on Windows it is ';'.",
40
+ proc: lambda { |o| o.split(File::PATH_SEPARATOR) }
44
41
 
45
42
  option :freeze,
46
43
  long: "--freeze",
@@ -110,8 +107,7 @@ class Chef
110
107
  cookbook_path = config[:cookbook_path].respond_to?(:join) ? config[:cookbook_path].join(", ") : config[:cookbook_path]
111
108
  ui.warn("Could not find any cookbooks in your cookbook path: '#{File.expand_path(cookbook_path)}'. Use --cookbook-path to specify the desired path.")
112
109
  else
113
- begin
114
- tmp_cl = Chef::CookbookLoader.copy_to_tmp_dir_from_array(cookbooks)
110
+ Chef::CookbookLoader.copy_to_tmp_dir_from_array(cookbooks) do |tmp_cl|
115
111
  tmp_cl.load_cookbooks
116
112
  tmp_cl.compile_metadata
117
113
  tmp_cl.freeze_versions if config[:freeze]
@@ -130,7 +126,6 @@ class Chef
130
126
  ui.error("Uploading of some of the cookbooks must be failed. Remove cookbook whose version is frozen from your cookbooks repo OR use --force option.")
131
127
  upload_failures += 1
132
128
  rescue SystemExit => e
133
- tmp_cl.unlink!
134
129
  raise exit e.status
135
130
  end
136
131
  ui.info("Uploaded all cookbooks.") if upload_failures == 0
@@ -149,7 +144,6 @@ class Chef
149
144
  ui.warn("Not updating version constraints for #{cookbook_name} in the environment as the cookbook is frozen.")
150
145
  upload_failures += 1
151
146
  rescue SystemExit => e
152
- tmp_cl.unlink!
153
147
  raise exit e.status
154
148
  end
155
149
  end
@@ -167,8 +161,6 @@ class Chef
167
161
  unless version_constraints_to_update.empty?
168
162
  update_version_constraints(version_constraints_to_update) if config[:environment]
169
163
  end
170
- ensure
171
- tmp_cl.unlink!
172
164
  end
173
165
  end
174
166
  end
@@ -245,7 +237,7 @@ class Chef
245
237
  # manifest object, but the manifest becomes invalid when you
246
238
  # regenerate the metadata
247
239
  broken_files = cookbook.dup.manifest_records_by_path.select do |path, info|
248
- info[CHECKSUM].nil? || info[CHECKSUM] !~ MATCH_CHECKSUM
240
+ !/[0-9a-f]{32,}/.match?(info["checksum"])
249
241
  end
250
242
  unless broken_files.empty?
251
243
  broken_filenames = Array(broken_files).map { |path, info| path }
@@ -28,7 +28,7 @@ class Chef
28
28
  # bootstrap templates. For backwards compatibility, they +must+ set the
29
29
  # following instance variables:
30
30
  # * @config - a hash of knife's config values
31
- # * @run_list - the run list for the node to boostrap
31
+ # * @run_list - the run list for the node to bootstrap
32
32
  #
33
33
  class BootstrapContext
34
34
 
@@ -58,7 +58,7 @@ class Chef
58
58
  exit 1
59
59
  end
60
60
  cmd = git("status --porcelain")
61
- if cmd.stdout =~ DIRTY_REPO
61
+ if DIRTY_REPO.match?(cmd.stdout)
62
62
  ui.error "You have uncommitted changes to your cookbook repo (#{repo_path}):"
63
63
  ui.msg cmd.stdout
64
64
  ui.info "Commit or stash your changes before importing cookbooks"