chef 16.1.16-universal-mingw32 → 16.3.45-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (364) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -7
  3. data/README.md +3 -3
  4. data/Rakefile +3 -16
  5. data/chef-universal-mingw32.gemspec +2 -2
  6. data/chef.gemspec +7 -6
  7. data/lib/chef/application.rb +12 -0
  8. data/lib/chef/application/apply.rb +2 -1
  9. data/lib/chef/application/base.rb +1 -1
  10. data/lib/chef/application/client.rb +1 -1
  11. data/lib/chef/application/windows_service_manager.rb +1 -1
  12. data/lib/chef/{whitelist.rb → attribute_allowlist.rb} +11 -11
  13. data/lib/chef/{blacklist.rb → attribute_blocklist.rb} +9 -9
  14. data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  15. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +1 -2
  16. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
  17. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +1 -5
  18. data/lib/chef/chef_fs/file_system/repository/base_file.rb +1 -0
  19. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  20. data/lib/chef/chef_fs/path_utils.rb +1 -1
  21. data/lib/chef/client.rb +3 -3
  22. data/lib/chef/cookbook/chefignore.rb +1 -1
  23. data/lib/chef/cookbook/metadata.rb +1 -1
  24. data/lib/chef/cookbook/remote_file_vendor.rb +1 -3
  25. data/lib/chef/cookbook/syntax_check.rb +1 -2
  26. data/lib/chef/cookbook_loader.rb +15 -29
  27. data/lib/chef/cookbook_version.rb +2 -2
  28. data/lib/chef/data_bag.rb +5 -6
  29. data/lib/chef/deprecated.rb +12 -0
  30. data/lib/chef/digester.rb +3 -2
  31. data/lib/chef/dsl/platform_introspection.rb +2 -0
  32. data/lib/chef/environment.rb +1 -2
  33. data/lib/chef/exceptions.rb +3 -0
  34. data/lib/chef/file_access_control.rb +1 -1
  35. data/lib/chef/file_access_control/windows.rb +2 -2
  36. data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
  37. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +1 -1
  38. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +3 -3
  39. data/lib/chef/handler.rb +2 -0
  40. data/lib/chef/http.rb +27 -13
  41. data/lib/chef/http/authenticator.rb +3 -1
  42. data/lib/chef/http/http_request.rb +1 -1
  43. data/lib/chef/http/json_output.rb +1 -1
  44. data/lib/chef/http/ssl_policies.rb +18 -0
  45. data/lib/chef/knife.rb +5 -5
  46. data/lib/chef/knife/bootstrap.rb +19 -19
  47. data/lib/chef/knife/bootstrap/templates/chef-full.erb +9 -9
  48. data/lib/chef/knife/bootstrap/train_connector.rb +1 -0
  49. data/lib/chef/knife/client_bulk_delete.rb +1 -1
  50. data/lib/chef/knife/config_get.rb +2 -1
  51. data/lib/chef/knife/config_list_profiles.rb +4 -1
  52. data/lib/chef/knife/config_use_profile.rb +15 -5
  53. data/lib/chef/knife/configure.rb +1 -1
  54. data/lib/chef/knife/cookbook_delete.rb +1 -1
  55. data/lib/chef/knife/cookbook_upload.rb +6 -14
  56. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  57. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  58. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  59. data/lib/chef/knife/core/hashed_command_loader.rb +1 -0
  60. data/lib/chef/knife/core/subcommand_loader.rb +20 -1
  61. data/lib/chef/knife/core/ui.rb +8 -2
  62. data/lib/chef/knife/core/windows_bootstrap_context.rb +2 -3
  63. data/lib/chef/knife/data_bag_create.rb +1 -1
  64. data/lib/chef/knife/node_bulk_delete.rb +1 -1
  65. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  66. data/lib/chef/knife/rehash.rb +3 -21
  67. data/lib/chef/knife/role_bulk_delete.rb +1 -1
  68. data/lib/chef/knife/ssh.rb +6 -2
  69. data/lib/chef/knife/supermarket_share.rb +1 -1
  70. data/lib/chef/knife/supermarket_unshare.rb +1 -1
  71. data/lib/chef/log.rb +8 -3
  72. data/{spec/functional/resource/base.rb → lib/chef/mixin/chef_utils_wiring.rb} +24 -12
  73. data/{spec/unit/log_spec.rb → lib/chef/mixin/default_paths.rb} +13 -5
  74. data/lib/chef/mixin/openssl_helper.rb +27 -5
  75. data/lib/chef/mixin/path_sanity.rb +5 -4
  76. data/lib/chef/mixin/securable.rb +2 -2
  77. data/lib/chef/mixin/shell_out.rb +4 -188
  78. data/lib/chef/mixin/template.rb +1 -0
  79. data/lib/chef/mixin/which.rb +6 -3
  80. data/lib/chef/mixins.rb +1 -0
  81. data/lib/chef/node.rb +36 -12
  82. data/lib/chef/node_map.rb +21 -18
  83. data/lib/chef/platform/service_helpers.rb +31 -28
  84. data/lib/chef/powershell.rb +1 -1
  85. data/lib/chef/provider/batch.rb +3 -10
  86. data/lib/chef/provider/cron.rb +2 -14
  87. data/lib/chef/provider/execute.rb +2 -1
  88. data/lib/chef/provider/git.rb +12 -4
  89. data/lib/chef/provider/group/dscl.rb +2 -2
  90. data/lib/chef/provider/group/windows.rb +1 -1
  91. data/lib/chef/provider/ifconfig.rb +7 -7
  92. data/lib/chef/provider/mount/aix.rb +1 -1
  93. data/lib/chef/provider/mount/solaris.rb +0 -1
  94. data/lib/chef/provider/mount/windows.rb +2 -2
  95. data/lib/chef/provider/noop.rb +1 -1
  96. data/lib/chef/provider/package/openbsd.rb +1 -1
  97. data/lib/chef/provider/package/portage.rb +2 -2
  98. data/lib/chef/provider/package/powershell.rb +6 -2
  99. data/lib/chef/provider/package/rubygems.rb +2 -2
  100. data/lib/chef/provider/package/snap.rb +97 -29
  101. data/lib/chef/provider/package/windows.rb +9 -4
  102. data/lib/chef/provider/package/windows/msi.rb +3 -3
  103. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +1 -1
  104. data/lib/chef/provider/package/zypper.rb +0 -1
  105. data/lib/chef/provider/powershell_script.rb +10 -14
  106. data/lib/chef/provider/remote_file/http.rb +4 -1
  107. data/lib/chef/provider/script.rb +4 -75
  108. data/lib/chef/provider/service.rb +2 -2
  109. data/lib/chef/provider/service/arch.rb +1 -1
  110. data/lib/chef/provider/service/debian.rb +2 -2
  111. data/lib/chef/provider/service/openbsd.rb +4 -4
  112. data/lib/chef/provider/service/redhat.rb +1 -1
  113. data/lib/chef/provider/service/windows.rb +1 -1
  114. data/lib/chef/provider/subversion.rb +2 -2
  115. data/lib/chef/provider/user/dscl.rb +4 -4
  116. data/lib/chef/provider/user/linux.rb +3 -3
  117. data/lib/chef/provider/user/mac.rb +5 -5
  118. data/lib/chef/provider/windows_script.rb +87 -25
  119. data/lib/chef/provider/yum_repository.rb +1 -1
  120. data/lib/chef/provider/zypper_repository.rb +31 -11
  121. data/lib/chef/resource.rb +24 -11
  122. data/lib/chef/resource/alternatives.rb +1 -1
  123. data/lib/chef/resource/apt_package.rb +1 -1
  124. data/lib/chef/resource/archive_file.rb +28 -8
  125. data/lib/chef/resource/bash.rb +0 -1
  126. data/lib/chef/resource/batch.rb +4 -2
  127. data/lib/chef/resource/build_essential.rb +2 -2
  128. data/lib/chef/resource/chef_client_scheduled_task.rb +14 -2
  129. data/lib/chef/resource/chef_gem.rb +57 -21
  130. data/lib/chef/resource/chocolatey_feature.rb +1 -2
  131. data/lib/chef/resource/cron/_cron_shared.rb +98 -0
  132. data/lib/chef/resource/cron/cron.rb +46 -0
  133. data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +7 -87
  134. data/lib/chef/resource/cron_access.rb +13 -5
  135. data/lib/chef/resource/csh.rb +0 -1
  136. data/lib/chef/resource/dmg_package.rb +2 -2
  137. data/lib/chef/resource/execute.rb +479 -9
  138. data/lib/chef/resource/file.rb +1 -1
  139. data/lib/chef/resource/freebsd_package.rb +1 -1
  140. data/lib/chef/resource/gem_package.rb +35 -2
  141. data/lib/chef/resource/helpers/cron_validations.rb +6 -3
  142. data/lib/chef/resource/homebrew_package.rb +30 -1
  143. data/lib/chef/resource/homebrew_update.rb +107 -0
  144. data/lib/chef/resource/hostname.rb +23 -36
  145. data/lib/chef/resource/kernel_module.rb +14 -1
  146. data/lib/chef/resource/launchd.rb +1 -1
  147. data/lib/chef/resource/lwrp_base.rb +1 -0
  148. data/lib/chef/resource/macos_userdefaults.rb +176 -61
  149. data/lib/chef/resource/mount.rb +1 -1
  150. data/lib/chef/resource/openssl_x509_certificate.rb +11 -14
  151. data/lib/chef/resource/openssl_x509_crl.rb +1 -2
  152. data/lib/chef/resource/perl.rb +0 -1
  153. data/lib/chef/resource/plist.rb +23 -4
  154. data/lib/chef/resource/powershell_script.rb +4 -2
  155. data/lib/chef/resource/python.rb +0 -1
  156. data/lib/chef/resource/remote_file.rb +26 -10
  157. data/lib/chef/resource/ruby.rb +0 -1
  158. data/lib/chef/resource/service.rb +2 -2
  159. data/lib/chef/resource/ssh_known_hosts_entry.rb +16 -1
  160. data/lib/chef/resource/sudo.rb +30 -3
  161. data/lib/chef/resource/swap_file.rb +17 -0
  162. data/lib/chef/resource/template.rb +1 -1
  163. data/lib/chef/resource/timezone.rb +15 -0
  164. data/lib/chef/resource/user_ulimit.rb +1 -1
  165. data/lib/chef/resource/windows_ad_join.rb +30 -1
  166. data/lib/chef/resource/windows_audit_policy.rb +227 -0
  167. data/lib/chef/resource/windows_auto_run.rb +11 -0
  168. data/lib/chef/resource/windows_certificate.rb +26 -0
  169. data/lib/chef/resource/windows_dns_record.rb +17 -0
  170. data/lib/chef/resource/windows_firewall_profile.rb +197 -0
  171. data/lib/chef/resource/windows_font.rb +3 -3
  172. data/lib/chef/resource/windows_package.rb +1 -1
  173. data/lib/chef/resource/windows_pagefile.rb +1 -1
  174. data/lib/chef/resource/windows_script.rb +2 -16
  175. data/lib/chef/resource/windows_security_policy.rb +67 -36
  176. data/lib/chef/resource/windows_shortcut.rb +1 -2
  177. data/lib/chef/resource/windows_task.rb +4 -4
  178. data/lib/chef/resource/windows_user_privilege.rb +30 -7
  179. data/lib/chef/resource/yum_repository.rb +9 -9
  180. data/lib/chef/resource_inspector.rb +7 -1
  181. data/lib/chef/resources.rb +5 -2
  182. data/lib/chef/role.rb +1 -2
  183. data/lib/chef/search/query.rb +1 -1
  184. data/lib/chef/server_api_versions.rb +4 -0
  185. data/lib/chef/shell/shell_session.rb +2 -0
  186. data/lib/chef/util/diff.rb +2 -3
  187. data/lib/chef/util/windows/net_user.rb +1 -1
  188. data/lib/chef/util/windows/volume.rb +1 -1
  189. data/lib/chef/version.rb +2 -2
  190. data/lib/chef/win32/file.rb +1 -1
  191. data/lib/chef/win32/registry.rb +3 -4
  192. data/lib/chef/win32/security.rb +1 -1
  193. data/spec/data/lwrp/providers/buck_passer.rb +1 -1
  194. data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
  195. data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
  196. data/spec/functional/knife/configure_spec.rb +1 -1
  197. data/spec/functional/knife/ssh_spec.rb +5 -16
  198. data/spec/functional/resource/aix_service_spec.rb +9 -2
  199. data/spec/functional/resource/aixinit_service_spec.rb +1 -2
  200. data/spec/functional/resource/apt_package_spec.rb +0 -1
  201. data/spec/functional/resource/bash_spec.rb +3 -2
  202. data/spec/functional/resource/bff_spec.rb +1 -1
  203. data/spec/functional/resource/chocolatey_package_spec.rb +4 -0
  204. data/spec/functional/resource/cron_spec.rb +20 -2
  205. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  206. data/spec/functional/resource/execute_spec.rb +1 -1
  207. data/spec/functional/resource/git_spec.rb +23 -1
  208. data/spec/functional/resource/group_spec.rb +15 -3
  209. data/spec/functional/resource/ifconfig_spec.rb +9 -1
  210. data/spec/functional/resource/insserv_spec.rb +3 -3
  211. data/spec/functional/resource/link_spec.rb +2 -5
  212. data/spec/functional/resource/mount_spec.rb +9 -1
  213. data/spec/functional/resource/msu_package_spec.rb +9 -3
  214. data/spec/functional/resource/powershell_script_spec.rb +4 -4
  215. data/spec/functional/resource/remote_file_spec.rb +9 -15
  216. data/spec/functional/resource/rpm_spec.rb +1 -1
  217. data/spec/functional/resource/timezone_spec.rb +2 -0
  218. data/spec/functional/resource/windows_package_spec.rb +0 -1
  219. data/spec/functional/resource/windows_path_spec.rb +4 -0
  220. data/spec/functional/resource/windows_security_policy_spec.rb +0 -1
  221. data/spec/functional/resource/windows_service_spec.rb +4 -0
  222. data/spec/functional/resource/windows_task_spec.rb +12 -11
  223. data/spec/functional/resource/windows_user_privilege_spec.rb +1 -2
  224. data/spec/functional/resource/yum_package_spec.rb +4 -1
  225. data/spec/functional/resource/zypper_package_spec.rb +4 -1
  226. data/spec/functional/run_lock_spec.rb +2 -1
  227. data/spec/functional/shell_spec.rb +5 -6
  228. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  229. data/spec/functional/version_spec.rb +1 -1
  230. data/spec/functional/win32/crypto_spec.rb +1 -1
  231. data/spec/integration/knife/config_list_profiles_spec.rb +30 -2
  232. data/spec/integration/knife/config_use_profile_spec.rb +55 -2
  233. data/spec/integration/knife/cookbook_upload_spec.rb +28 -1
  234. data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
  235. data/spec/integration/knife/environment_from_file_spec.rb +1 -1
  236. data/spec/integration/knife/node_from_file_spec.rb +1 -1
  237. data/spec/integration/knife/role_from_file_spec.rb +1 -1
  238. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  239. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +1 -1
  240. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  241. data/spec/integration/recipes/notifies_spec.rb +1 -1
  242. data/spec/integration/recipes/notifying_block_spec.rb +1 -1
  243. data/spec/integration/recipes/recipe_dsl_spec.rb +5 -1
  244. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +2 -0
  245. data/spec/integration/recipes/resource_load_spec.rb +4 -2
  246. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  247. data/spec/integration/recipes/use_partial_spec.rb +1 -1
  248. data/spec/scripts/ssl-serve.rb +1 -1
  249. data/spec/spec_helper.rb +10 -4
  250. data/spec/support/chef_helpers.rb +1 -20
  251. data/spec/support/platform_helpers.rb +1 -3
  252. data/spec/support/platforms/win32/spec_service.rb +1 -1
  253. data/spec/support/shared/functional/execute_resource.rb +1 -1
  254. data/spec/support/shared/functional/file_resource.rb +0 -1
  255. data/spec/support/shared/functional/securable_resource.rb +1 -2
  256. data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
  257. data/spec/support/shared/functional/windows_script.rb +2 -2
  258. data/spec/support/shared/integration/knife_support.rb +2 -9
  259. data/spec/support/shared/unit/application_dot_d.rb +0 -1
  260. data/spec/support/shared/unit/execute_resource.rb +1 -1
  261. data/spec/support/shared/unit/provider/file.rb +12 -8
  262. data/spec/unit/application/solo_spec.rb +4 -2
  263. data/spec/unit/application_spec.rb +11 -2
  264. data/spec/unit/chef_fs/config_spec.rb +2 -2
  265. data/spec/unit/chef_fs/diff_spec.rb +8 -8
  266. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +2 -4
  267. data/spec/unit/chef_fs/{parallelizer.rb → parallelizer_spec.rb} +1 -1
  268. data/spec/unit/client_spec.rb +4 -1
  269. data/spec/unit/cookbook/gem_installer_spec.rb +2 -1
  270. data/spec/unit/cookbook/synchronizer_spec.rb +26 -24
  271. data/spec/unit/data_bag_spec.rb +6 -3
  272. data/spec/unit/data_collector_spec.rb +1 -1
  273. data/spec/unit/decorator_spec.rb +23 -23
  274. data/spec/unit/dsl/platform_introspection_spec.rb +1 -0
  275. data/spec/unit/environment_spec.rb +5 -1
  276. data/spec/unit/event_dispatch/dispatcher_spec.rb +3 -0
  277. data/spec/unit/guard_interpreter_spec.rb +1 -1
  278. data/spec/unit/http/api_versions_spec.rb +20 -2
  279. data/spec/unit/http/ssl_policies_spec.rb +20 -0
  280. data/spec/unit/json_compat_spec.rb +1 -1
  281. data/spec/unit/knife/bootstrap_spec.rb +5 -8
  282. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  283. data/spec/unit/knife/cookbook_show_spec.rb +6 -7
  284. data/spec/unit/knife/cookbook_upload_spec.rb +7 -10
  285. data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
  286. data/spec/unit/log/syslog_spec.rb +6 -10
  287. data/spec/unit/log/winevt_spec.rb +21 -13
  288. data/spec/unit/lwrp_spec.rb +9 -6
  289. data/spec/unit/mixin/{path_sanity_spec.rb → default_paths_spec.rb} +14 -14
  290. data/spec/unit/mixin/powershell_exec_spec.rb +1 -1
  291. data/spec/unit/mixin/powershell_out_spec.rb +2 -4
  292. data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
  293. data/spec/unit/mixin/securable_spec.rb +0 -1
  294. data/spec/unit/mixin/shell_out_spec.rb +25 -26
  295. data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
  296. data/spec/unit/mixin/unformatter_spec.rb +2 -2
  297. data/spec/unit/mixin/uris_spec.rb +1 -1
  298. data/spec/unit/mixin/user_context_spec.rb +1 -9
  299. data/spec/unit/mixin/which.rb +8 -0
  300. data/spec/unit/node_spec.rb +98 -11
  301. data/spec/unit/property_spec.rb +6 -6
  302. data/spec/unit/provider/batch_spec.rb +130 -0
  303. data/spec/unit/provider/cron/unix_spec.rb +1 -1
  304. data/spec/unit/provider/cron_spec.rb +9 -49
  305. data/spec/unit/provider/dsc_resource_spec.rb +22 -38
  306. data/spec/unit/provider/dsc_script_spec.rb +10 -10
  307. data/spec/unit/provider/execute_spec.rb +1 -8
  308. data/spec/unit/provider/git_spec.rb +3 -3
  309. data/spec/unit/provider/ifconfig_spec.rb +0 -1
  310. data/spec/unit/provider/mdadm_spec.rb +1 -3
  311. data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -1
  312. data/spec/unit/provider/package/openbsd_spec.rb +1 -1
  313. data/spec/unit/provider/package/pacman_spec.rb +17 -20
  314. data/spec/unit/provider/package/powershell_spec.rb +95 -86
  315. data/spec/unit/provider/package/rubygems_spec.rb +5 -10
  316. data/spec/unit/provider/package/smartos_spec.rb +1 -1
  317. data/spec/unit/provider/package/snap_spec.rb +1 -1
  318. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
  319. data/spec/unit/provider/package/windows_spec.rb +30 -53
  320. data/spec/unit/provider/powershell_script_spec.rb +3 -45
  321. data/spec/unit/provider/script_spec.rb +20 -110
  322. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  323. data/spec/unit/provider/service/windows_spec.rb +2 -6
  324. data/spec/unit/provider/systemd_unit_spec.rb +28 -24
  325. data/spec/unit/provider/user/dscl_spec.rb +2 -2
  326. data/spec/unit/provider/windows_env_spec.rb +5 -4
  327. data/spec/unit/provider/zypper_repository_spec.rb +60 -10
  328. data/spec/unit/provider_spec.rb +1 -0
  329. data/spec/unit/resource/archive_file_spec.rb +11 -2
  330. data/spec/unit/resource/chef_client_cron_spec.rb +23 -7
  331. data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
  332. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +7 -4
  333. data/spec/unit/resource/cron_spec.rb +2 -2
  334. data/spec/unit/resource/execute_spec.rb +10 -0
  335. data/spec/unit/resource/file/verification_spec.rb +2 -1
  336. data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
  337. data/spec/unit/resource/homebrew_update_spec.rb +30 -0
  338. data/spec/unit/resource/macos_user_defaults_spec.rb +103 -2
  339. data/spec/unit/resource/powershell_script_spec.rb +10 -15
  340. data/spec/unit/resource/timezone_spec.rb +1 -1
  341. data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
  342. data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
  343. data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
  344. data/spec/unit/resource/windows_firewall_profile_spec.rb +77 -0
  345. data/spec/unit/resource/windows_package_spec.rb +1 -0
  346. data/spec/unit/resource/windows_task_spec.rb +1 -1
  347. data/spec/unit/resource/windows_uac_spec.rb +2 -2
  348. data/spec/unit/resource/yum_repository_spec.rb +21 -21
  349. data/spec/unit/resource_reporter_spec.rb +1 -1
  350. data/spec/unit/resource_spec.rb +84 -1
  351. data/spec/unit/role_spec.rb +23 -21
  352. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  353. data/spec/unit/run_lock_spec.rb +1 -1
  354. data/spec/unit/scan_access_control_spec.rb +1 -1
  355. data/spec/unit/server_api_spec.rb +43 -16
  356. data/spec/unit/util/backup_spec.rb +1 -1
  357. data/spec/unit/util/diff_spec.rb +1 -15
  358. data/spec/unit/util/dsc/configuration_generator_spec.rb +1 -1
  359. data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
  360. data/spec/unit/util/selinux_spec.rb +2 -1
  361. data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
  362. data/spec/unit/win32/security_spec.rb +4 -3
  363. metadata +68 -40
  364. data/lib/chef/resource/cron.rb +0 -157
@@ -0,0 +1,46 @@
1
+ #
2
+ # Author:: Bryan McLellan (btm@loftninjas.org)
3
+ # Author:: Tyler Cloke (<tyler@chef.io>)
4
+ # Copyright:: Copyright 2009-2016, Bryan McLellan
5
+ # License:: Apache License, Version 2.0
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ require_relative "../../resource"
21
+ require_relative "../helpers/cron_validations"
22
+ require_relative "../../provider/cron" # do not remove. we actually need this below
23
+
24
+ class Chef
25
+ class Resource
26
+ class Cron < Chef::Resource
27
+ unified_mode true
28
+
29
+ use "cron_shared"
30
+
31
+ provides :cron
32
+
33
+ description "Use the **cron** resource to manage cron entries for time-based job scheduling. Properties for a schedule will default to * if not provided. The cron resource requires access to a crontab program, typically cron."
34
+
35
+ state_attrs :minute, :hour, :day, :month, :weekday, :user
36
+
37
+ default_action :create
38
+ allowed_actions :create, :delete
39
+
40
+ property :time, Symbol,
41
+ description: "A time interval.",
42
+ equal_to: Chef::Provider::Cron::SPECIAL_TIME_VALUES
43
+
44
+ end
45
+ end
46
+ end
@@ -15,15 +15,18 @@
15
15
  # limitations under the License.
16
16
  #
17
17
 
18
- require_relative "../resource"
19
- require_relative "helpers/cron_validations"
18
+ require_relative "../../resource"
19
+ require_relative "../helpers/cron_validations"
20
20
  require "shellwords" unless defined?(Shellwords)
21
- require_relative "../dist"
21
+ require_relative "../../dist"
22
22
 
23
23
  class Chef
24
24
  class Resource
25
25
  class CronD < Chef::Resource
26
26
  unified_mode true
27
+
28
+ use "cron_shared"
29
+
27
30
  provides :cron_d
28
31
 
29
32
  introduced "14.4"
@@ -98,92 +101,9 @@ class Chef
98
101
  description: "Schedule your cron job with one of the special predefined value instead of ** * pattern.",
99
102
  equal_to: %w{ @reboot @yearly @annually @monthly @weekly @daily @midnight @hourly }
100
103
 
101
- property :minute, [Integer, String],
102
- description: "The minute at which the cron entry should run (`0 - 59`).",
103
- default: "*", callbacks: {
104
- "should be a valid minute spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 59) },
105
- }
106
-
107
- property :hour, [Integer, String],
108
- description: "The hour at which the cron entry is to run (`0 - 23`).",
109
- default: "*", callbacks: {
110
- "should be a valid hour spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 0, 23) },
111
- }
112
-
113
- property :day, [Integer, String],
114
- description: "The day of month at which the cron entry should run (`1 - 31`).",
115
- default: "*", callbacks: {
116
- "should be a valid day spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_numeric(spec, 1, 31) },
117
- }
118
-
119
- property :month, [Integer, String],
120
- description: "The month in the year on which a cron entry is to run (`1 - 12`, `jan-dec`, or `*`).",
121
- default: "*", callbacks: {
122
- "should be a valid month spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_month(spec) },
123
- }
124
-
125
- property :weekday, [Integer, String],
126
- description: "The day of the week on which this entry is to run (`0-7`, `mon-sun`, or `*`), where Sunday is both `0` and `7`.",
127
- default: "*", callbacks: {
128
- "should be a valid weekday spec" => ->(spec) { Chef::ResourceHelpers::CronValidations.validate_dow(spec) },
129
- }
130
-
131
- property :command, String,
132
- description: "The command to run.",
133
- required: [:create]
134
-
135
- property :user, String,
136
- description: "The name of the user that runs the command.",
137
- default: "root"
138
-
139
- property :mailto, String,
140
- description: "Set the `MAILTO` environment variable in the cron.d file."
141
-
142
- property :path, String,
143
- description: "Set the `PATH` environment variable in the cron.d file."
144
-
145
- property :home, String,
146
- description: "Set the `HOME` environment variable in the cron.d file."
147
-
148
- property :shell, String,
149
- description: "Set the `SHELL` environment variable in the cron.d file."
150
-
151
104
  property :comment, String,
152
105
  description: "A comment to place in the cron.d file."
153
106
 
154
- property :environment, Hash,
155
- description: "A Hash containing additional arbitrary environment variables under which the cron job will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`.",
156
- default: lazy { {} }
157
-
158
- TIMEOUT_OPTS = %w{duration preserve-status foreground kill-after signal}.freeze
159
- TIMEOUT_REGEX = /\A\S+/.freeze
160
-
161
- property :time_out, Hash,
162
- description: "A Hash of timeouts in the form of `({'OPTION' => 'VALUE'})`.
163
- Accepted valid options are:
164
- `preserve-status` (BOOL, default: 'false'),
165
- `foreground` (BOOL, default: 'false'),
166
- `kill-after` (in seconds),
167
- `signal` (a name like 'HUP' or a number)",
168
- default: lazy { {} },
169
- introduced: "15.7",
170
- coerce: proc { |h|
171
- if h.is_a?(Hash)
172
- invalid_keys = h.keys - TIMEOUT_OPTS
173
- unless invalid_keys.empty?
174
- error_msg = "Key of option time_out must be equal to one of: \"#{TIMEOUT_OPTS.join('", "')}\"! You passed \"#{invalid_keys.join(", ")}\"."
175
- raise Chef::Exceptions::ValidationFailed, error_msg
176
- end
177
- unless h.values.all? { |x| x =~ TIMEOUT_REGEX }
178
- error_msg = "Values of option time_out should be non-empty string without any leading whitespace."
179
- raise Chef::Exceptions::ValidationFailed, error_msg
180
- end
181
- h
182
- elsif h.is_a?(Integer) || h.is_a?(String)
183
- { "duration" => h }
184
- end
185
- }
186
-
187
107
  property :mode, [String, Integer],
188
108
  description: "The octal mode of the generated crontab file.",
189
109
  default: "0600"
@@ -238,7 +158,7 @@ class Chef
238
158
 
239
159
  # @todo this is Chef 12 era cleanup. Someday we should remove it all
240
160
  template "/etc/cron.d/#{sanitized_name}" do
241
- source ::File.expand_path("../support/cron.d.erb", __FILE__)
161
+ source ::File.expand_path("../support/cron.d.erb", __dir__)
242
162
  local true
243
163
  mode new_resource.mode
244
164
  variables(
@@ -28,7 +28,7 @@ class Chef
28
28
  provides(:cron_manage) # legacy name @todo in Chef 15 we should { true } this so it wins over the cookbook
29
29
 
30
30
  introduced "14.4"
31
- description "Use the **cron_access** resource to manage the /etc/cron.allow and /etc/cron.deny files. Note: This resource previously shipped in the `cron` cookbook as `cron_manage`, which it can still be used as for backwards compatibility with existing Chef Infra Client releases."
31
+ description "Use the **cron_access** resource to manage cron's cron.allow and cron.deny files. Note: This resource previously shipped in the `cron` cookbook as `cron_manage`, which it can still be used as for backwards compatibility with existing Chef Infra Client releases."
32
32
  examples <<~DOC
33
33
  **Add the mike user to cron.allow**
34
34
 
@@ -58,12 +58,19 @@ class Chef
58
58
  description: "An optional property to set the user name if it differs from the resource block's name.",
59
59
  name_property: true
60
60
 
61
+ CRON_PATHS = {
62
+ "aix" => "/var/adm/cron",
63
+ "solaris" => "/etc/cron.d",
64
+ "default" => "/etc",
65
+ }.freeze
66
+
61
67
  action :allow do
62
68
  description "Add the user to the cron.allow file."
69
+ allow_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.allow")
63
70
 
64
71
  with_run_context :root do
65
- edit_resource(:template, "/etc/cron.allow") do |new_resource|
66
- source ::File.expand_path("../support/cron_access.erb", __FILE__)
72
+ edit_resource(:template, allow_path) do |new_resource|
73
+ source ::File.expand_path("support/cron_access.erb", __dir__)
67
74
  local true
68
75
  mode "0600"
69
76
  variables["users"] ||= []
@@ -76,10 +83,11 @@ class Chef
76
83
 
77
84
  action :deny do
78
85
  description "Add the user to the cron.deny file."
86
+ deny_path = ::File.join(value_for_platform_family(CRON_PATHS), "cron.deny")
79
87
 
80
88
  with_run_context :root do
81
- edit_resource(:template, "/etc/cron.deny") do |new_resource|
82
- source ::File.expand_path("../support/cron_access.erb", __FILE__)
89
+ edit_resource(:template, deny_path) do |new_resource|
90
+ source ::File.expand_path("support/cron_access.erb", __dir__)
83
91
  local true
84
92
  mode "0600"
85
93
  variables["users"] ||= []
@@ -17,7 +17,6 @@
17
17
  #
18
18
 
19
19
  require_relative "script"
20
- require_relative "../provider/script"
21
20
 
22
21
  class Chef
23
22
  class Resource
@@ -38,7 +38,7 @@ class Chef
38
38
  end
39
39
  ```
40
40
 
41
- **Install Virtualbox from the .mpkg**:
41
+ **Install VirtualBox from the .mpkg**:
42
42
 
43
43
  ```ruby
44
44
  dmg_package 'Virtualbox' do
@@ -66,7 +66,7 @@ class Chef
66
66
  description: "The remote URL that is used to download the `.dmg` file, if specified."
67
67
 
68
68
  property :file, String,
69
- description: "The full path to the `.dmg` file on the local system."
69
+ description: "The absolute path to the `.dmg` file on the local system."
70
70
 
71
71
  property :owner, [String, Integer],
72
72
  description: "The user that should own the package installation."
@@ -27,10 +27,476 @@ class Chef
27
27
 
28
28
  provides :execute, target_mode: true
29
29
 
30
- description "Use the **execute** resource to execute a single command. Commands that"\
31
- " are executed with this resource are (by their nature) not idempotent,"\
32
- " as they are typically unique to the environment in which they are run."\
33
- " Use not_if and only_if to guard this resource for idempotence."
30
+ description "Use the **execute** resource to execute a single command. Commands that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the environment in which they are run. Use not_if and only_if to guard this resource for idempotence. Note: Use the **script** resource to execute a script using a specific interpreter (Ruby, Python, Perl, csh, or Bash)."
31
+
32
+ examples <<~EXAMPLES
33
+ **Run a command upon notification**:
34
+
35
+ ```ruby
36
+ execute 'slapadd' do
37
+ command 'slapadd < /tmp/something.ldif'
38
+ creates '/var/lib/slapd/uid.bdb'
39
+
40
+ action :nothing
41
+ end
42
+
43
+ template '/tmp/something.ldif' do
44
+ source 'something.ldif'
45
+
46
+ notifies :run, 'execute[slapadd]', :immediately
47
+ end
48
+ ```
49
+
50
+ **Run a touch file only once while running a command**:
51
+
52
+ ```ruby
53
+ execute 'upgrade script' do
54
+ command 'php upgrade-application.php && touch /var/application/.upgraded'
55
+
56
+ creates '/var/application/.upgraded'
57
+ action :run
58
+ end
59
+ ```
60
+
61
+ **Run a command which requires an environment variable**:
62
+
63
+ ```ruby
64
+ execute 'slapadd' do
65
+ command 'slapadd < /tmp/something.ldif'
66
+ creates '/var/lib/slapd/uid.bdb'
67
+
68
+ action :run
69
+ environment ({'HOME' => '/home/my_home'})
70
+ end
71
+ ```
72
+
73
+ **Delete a repository using yum to scrub the cache**:
74
+
75
+ ```ruby
76
+ # the following code sample thanks to gaffneyc @ https://gist.github.com/918711
77
+ execute 'clean-yum-cache' do
78
+ command 'yum clean all'
79
+ action :nothing
80
+ end
81
+
82
+ file '/etc/yum.repos.d/bad.repo' do
83
+ action :delete
84
+ notifies :run, 'execute[clean-yum-cache]', :immediately
85
+ end
86
+ ```
87
+
88
+ **Prevent restart and reconfigure if configuration is broken**:
89
+
90
+ Use the `:nothing` action (common to all resources) to prevent the test from
91
+ starting automatically, and then use the `subscribes` notification to run a
92
+ configuration test when a change to the template is detected.
93
+
94
+ ```ruby
95
+ execute 'test-nagios-config' do
96
+ command 'nagios3 --verify-config'
97
+ action :nothing
98
+ subscribes :run, 'template[/etc/nagios3/configures-nagios.conf]', :immediately
99
+ end
100
+ ```
101
+
102
+ **Notify in a specific order**:
103
+
104
+ To notify multiple resources, and then have these resources run in a certain
105
+ order, do something like the following.
106
+
107
+ ```ruby
108
+ execute 'foo' do
109
+ command '...'
110
+ notifies :create, 'template[baz]', :immediately
111
+ notifies :install, 'package[bar]', :immediately
112
+ notifies :run, 'execute[final]', :immediately
113
+ end
114
+
115
+ template 'baz' do
116
+ #...
117
+ notifies :run, 'execute[restart_baz]', :immediately
118
+ end
119
+
120
+ package 'bar'
121
+ execute 'restart_baz'
122
+ execute 'final' do
123
+ command '...'
124
+ end
125
+ ```
126
+
127
+ where the sequencing will be in the same order as the resources are listed in
128
+ the recipe: `execute 'foo'`, `template 'baz'`, `execute [restart_baz]`,
129
+ `package 'bar'`, and `execute 'final'`.
130
+
131
+ **Execute a command using a template**:
132
+
133
+ The following example shows how to set up IPv4 packet forwarding using the
134
+ **execute** resource to run a command named `forward_ipv4` that uses a template
135
+ defined by the **template** resource.
136
+
137
+ ```ruby
138
+ execute 'forward_ipv4' do
139
+ command 'echo > /proc/.../ipv4/ip_forward'
140
+ action :nothing
141
+ end
142
+
143
+ template '/etc/file_name.conf' do
144
+ source 'routing/file_name.conf.erb'
145
+
146
+ notifies :run, 'execute[forward_ipv4]', :delayed
147
+ end
148
+ ```
149
+
150
+ where the `command` property for the **execute** resource contains the command
151
+ that is to be run and the `source` property for the **template** resource
152
+ specifies which template to use. The `notifies` property for the **template**
153
+ specifies that the `execute[forward_ipv4]` (which is defined by the **execute**
154
+ resource) should be queued up and run at the end of a Chef Infra Client run.
155
+
156
+ **Add a rule to an IP table**:
157
+
158
+ The following example shows how to add a rule named `test_rule` to an IP table
159
+ using the **execute** resource to run a command using a template that is defined
160
+ by the **template** resource:
161
+
162
+ ```ruby
163
+ execute 'test_rule' do
164
+ command 'command_to_run
165
+ --option value
166
+ --option value
167
+ --source \#{node[:name_of_node][:ipsec][:local][:subnet]}
168
+ -j test_rule'
169
+
170
+ action :nothing
171
+ end
172
+
173
+ template '/etc/file_name.local' do
174
+ source 'routing/file_name.local.erb'
175
+ notifies :run, 'execute[test_rule]', :delayed
176
+ end
177
+ ```
178
+
179
+ where the `command` property for the **execute** resource contains the command
180
+ that is to be run and the `source` property for the **template** resource
181
+ specifies which template to use. The `notifies` property for the **template**
182
+ specifies that the `execute[test_rule]` (which is defined by the **execute**
183
+ resource) should be queued up and run at the end of a Chef Infra Client run.
184
+
185
+ **Stop a service, do stuff, and then restart it**:
186
+
187
+ The following example shows how to use the **execute**, **service**, and
188
+ **mount** resources together to ensure that a node running on Amazon EC2 is
189
+ running MySQL. This example does the following:
190
+
191
+ - Checks to see if the Amazon EC2 node has MySQL
192
+ - If the node has MySQL, stops MySQL
193
+ - Installs MySQL
194
+ - Mounts the node
195
+ - Restarts MySQL
196
+
197
+ ```ruby
198
+ # the following code sample comes from the ``server_ec2``
199
+ # recipe in the following cookbook:
200
+ # https://github.com/chef-cookbooks/mysql
201
+
202
+ if (node.attribute?('ec2') && !FileTest.directory?(node['mysql']['ec2_path']))
203
+ service 'mysql' do
204
+ action :stop
205
+ end
206
+
207
+ execute 'install-mysql' do
208
+ command "mv \#{node['mysql']['data_dir']} \#{node['mysql']['ec2_path']}"
209
+ not_if { ::File.directory?(node['mysql']['ec2_path']) }
210
+ end
211
+
212
+ [node['mysql']['ec2_path'], node['mysql']['data_dir']].each do |dir|
213
+ directory dir do
214
+ owner 'mysql'
215
+ group 'mysql'
216
+ end
217
+ end
218
+
219
+ mount node['mysql']['data_dir'] do
220
+ device node['mysql']['ec2_path']
221
+ fstype 'none'
222
+ options 'bind,rw'
223
+ action [:mount, :enable]
224
+ end
225
+
226
+ service 'mysql' do
227
+ action :start
228
+ end
229
+ end
230
+ ```
231
+
232
+ where
233
+
234
+ - the two **service** resources are used to stop, and then restart the MySQL service
235
+ - the **execute** resource is used to install MySQL
236
+ - the **mount** resource is used to mount the node and enable MySQL
237
+
238
+ **Use the platform_family? method**:
239
+
240
+ The following is an example of using the `platform_family?` method in the Recipe
241
+ DSL to create a variable that can be used with other resources in the same
242
+ recipe. In this example, `platform_family?` is being used to ensure that a
243
+ specific binary is used for a specific platform before using the **remote_file**
244
+ resource to download a file from a remote location, and then using the
245
+ **execute** resource to install that file by running a command.
246
+
247
+ ```ruby
248
+ if platform_family?('rhel')
249
+ pip_binary = '/usr/bin/pip'
250
+ else
251
+ pip_binary = '/usr/local/bin/pip'
252
+ end
253
+
254
+ remote_file "\#{Chef::Config[:file_cache_path]}/distribute_setup.py" do
255
+ source 'http://python-distribute.org/distribute_setup.py'
256
+ mode '0755'
257
+ not_if { ::File.exist?(pip_binary) }
258
+ end
259
+
260
+ execute 'install-pip' do
261
+ cwd Chef::Config[:file_cache_path]
262
+ command <<~EOF
263
+ # command for installing Python goes here
264
+ EOF
265
+ not_if { ::File.exist?(pip_binary) }
266
+ end
267
+ ```
268
+
269
+ where a command for installing Python might look something like:
270
+
271
+ ```ruby
272
+ \#{node['python']['binary']} distribute_setup.py \#{::File.dirname(pip_binary)}/easy_install pip
273
+ ```
274
+
275
+ **Control a service using the execute resource**:
276
+
277
+ <div class="admonition-warning">
278
+ <p class="admonition-warning-title">Warning</p>
279
+ <div class="admonition-warning-text">
280
+ This is an example of something that should NOT be done. Use the **service**
281
+ resource to control a service, not the **execute** resource.
282
+ </div>
283
+ </div>
284
+
285
+ Do something like this:
286
+
287
+ ```ruby
288
+ service 'tomcat' do
289
+ action :start
290
+ end
291
+ ```
292
+
293
+ and NOT something like this:
294
+
295
+ ```ruby
296
+ execute 'start-tomcat' do
297
+ command '/etc/init.d/tomcat start'
298
+ action :run
299
+ end
300
+ ```
301
+
302
+ There is no reason to use the **execute** resource to control a service because
303
+ the **service** resource exposes the `start_command` property directly, which
304
+ gives a recipe full control over the command issued in a much cleaner, more
305
+ direct manner.
306
+
307
+ **Use the search recipe DSL method to find users**:
308
+
309
+ The following example shows how to use the `search` method in the Recipe DSL to
310
+ search for users:
311
+
312
+ ```ruby
313
+ # the following code sample comes from the openvpn cookbook:
314
+
315
+ search("users", "*:*") do |u|
316
+ execute "generate-openvpn-\#{u['id']}" do
317
+ command "./pkitool \#{u['id']}"
318
+ cwd '/etc/openvpn/easy-rsa'
319
+ end
320
+
321
+ %w{ conf ovpn }.each do |ext|
322
+ template "\#{node['openvpn']['key_dir']}/\#{u['id']}.\#{ext}" do
323
+ source 'client.conf.erb'
324
+ variables :username => u['id']
325
+ end
326
+ end
327
+ end
328
+ ```
329
+
330
+ where
331
+
332
+ - the search data will be used to create **execute** resources
333
+ - the **template** resource tells Chef Infra Client which template to use
334
+
335
+ **Enable remote login for macOS**:
336
+
337
+ ```ruby
338
+ execute 'enable ssh' do
339
+ command '/usr/sbin/systemsetup -setremotelogin on'
340
+ not_if '/usr/sbin/systemsetup -getremotelogin | /usr/bin/grep On'
341
+ action :run
342
+ end
343
+ ```
344
+
345
+ **Execute code immediately, based on the template resource**:
346
+
347
+ By default, notifications are `:delayed`, that is they are queued up as they are
348
+ triggered, and then executed at the very end of a Chef Infra Client run. To run
349
+ kan action immediately, use `:immediately`:
350
+
351
+ ```ruby
352
+ template '/etc/nagios3/configures-nagios.conf' do
353
+ # other parameters
354
+ notifies :run, 'execute[test-nagios-config]', :immediately
355
+ end
356
+ ```
357
+
358
+ and then Chef Infra Client would immediately run the following:
359
+
360
+ ```ruby
361
+ execute 'test-nagios-config' do
362
+ command 'nagios3 --verify-config'
363
+ action :nothing
364
+ end
365
+ ```
366
+
367
+ **Sourcing a file**:
368
+
369
+ The **execute** resource cannot be used to source a file (e.g. `command 'source
370
+ filename'`). The following example will fail because `source` is not an
371
+ executable:
372
+
373
+ ```ruby
374
+ execute 'foo' do
375
+ command 'source /tmp/foo.sh'
376
+ end
377
+ ```
378
+
379
+
380
+ Instead, use the **script** resource or one of the **script**-based resources
381
+ (**bash**, **csh**, **perl**, **python**, or **ruby**). For example:
382
+
383
+ ```ruby
384
+ bash 'foo' do
385
+ code 'source /tmp/foo.sh'
386
+ end
387
+ ```
388
+
389
+ **Run a Knife command**:
390
+
391
+ ```ruby
392
+ execute 'create_user' do
393
+ command <<~EOM
394
+ knife user create \#{user}
395
+ --admin
396
+ --password password
397
+ --disable-editing
398
+ --file /home/vagrant/.chef/user.pem
399
+ --config /tmp/knife-admin.rb
400
+ EOM
401
+ end
402
+ ```
403
+
404
+ **Run install command into virtual environment**:
405
+
406
+ The following example shows how to install a lightweight JavaScript framework
407
+ into Vagrant:
408
+
409
+ ```ruby
410
+ execute "install q and zombiejs" do
411
+ cwd "/home/vagrant"
412
+ user "vagrant"
413
+ environment ({'HOME' => '/home/vagrant', 'USER' => 'vagrant'})
414
+ command "npm install -g q zombie should mocha coffee-script"
415
+ action :run
416
+ end
417
+ ```
418
+
419
+ **Run a command as a named user**:
420
+
421
+ The following example shows how to run `bundle install` from a Chef Infra Client
422
+ run as a specific user. This will put the gem into the path of the user
423
+ (`vagrant`) instead of the root user (under which the Chef Infra Client runs):
424
+
425
+ ```ruby
426
+ execute '/opt/chefdk/embedded/bin/bundle install' do
427
+ cwd node['chef_workstation']['bundler_path']
428
+ user node['chef_workstation']['user']
429
+
430
+ environment ({
431
+ 'HOME' => "/home/\#{node['chef_workstation']['user']}",
432
+ 'USER' => node['chef_workstation']['user']
433
+ })
434
+ not_if 'bundle check'
435
+ end
436
+ ```
437
+
438
+ **Run a command as an alternate user**:
439
+
440
+ *Note*: When Chef is running as a service, this feature requires that the user
441
+ that Chef runs as has 'SeAssignPrimaryTokenPrivilege' (aka
442
+ 'SE_ASSIGNPRIMARYTOKEN_NAME') user right. By default only LocalSystem and
443
+ NetworkService have this right when running as a service. This is necessary
444
+ even if the user is an Administrator.
445
+
446
+ This right can be added and checked in a recipe using this example:
447
+
448
+ ```ruby
449
+ # Add 'SeAssignPrimaryTokenPrivilege' for the user
450
+ Chef::ReservedNames::Win32::Security.add_account_right('<user>', 'SeAssignPrimaryTokenPrivilege')
451
+
452
+ # Check if the user has 'SeAssignPrimaryTokenPrivilege' rights
453
+ Chef::ReservedNames::Win32::Security.get_account_right('<user>').include?('SeAssignPrimaryTokenPrivilege')
454
+ ```
455
+
456
+ The following example shows how to run `mkdir test_dir` from a Chef Infra Client
457
+ run as an alternate user.
458
+
459
+ ```ruby
460
+ # Passing only username and password
461
+ execute 'mkdir test_dir' do
462
+ cwd Chef::Config[:file_cache_path]
463
+
464
+ user "username"
465
+ password "password"
466
+ end
467
+
468
+ # Passing username and domain
469
+ execute 'mkdir test_dir' do
470
+ cwd Chef::Config[:file_cache_path]
471
+
472
+ domain "domain-name"
473
+ user "user"
474
+ password "password"
475
+ end
476
+
477
+ # Passing username = 'domain-name\\username'. No domain is passed
478
+ execute 'mkdir test_dir' do
479
+ cwd Chef::Config[:file_cache_path]
480
+
481
+ user "domain-name\\username"
482
+ password "password"
483
+ end
484
+
485
+ # Passing username = 'username@domain-name'. No domain is passed
486
+ execute 'mkdir test_dir' do
487
+ cwd Chef::Config[:file_cache_path]
488
+
489
+ user "username@domain-name"
490
+ password "password"
491
+ end
492
+ ```
493
+
494
+ **Run a command with an external input file**:
495
+
496
+ execute 'md5sum' do
497
+ input File.read(__FILE__)
498
+ end
499
+ EXAMPLES
34
500
 
35
501
  # The ResourceGuardInterpreter wraps a resource's guards in another resource. That inner resource
36
502
  # needs to behave differently during (for example) why_run mode, so we flag it here. For why_run mode
@@ -62,13 +528,13 @@ class Chef
62
528
  description: "The current working directory from which the command will be run."
63
529
 
64
530
  property :environment, Hash,
65
- description: "A Hash of environment variables in the form of ({'ENV_VARIABLE' => 'VALUE'})."
531
+ description: "A Hash of environment variables in the form of `({'ENV_VARIABLE' => 'VALUE'})`. **Note**: These variables must exist for a command to be run successfully."
66
532
 
67
533
  property :group, [ String, Integer ],
68
534
  description: "The group name or group ID that must be changed before running a command."
69
535
 
70
536
  property :live_stream, [ TrueClass, FalseClass ], default: false,
71
- description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::CLIENT} event stream."
537
+ description: "Send the output of the command run by this execute resource block to the #{Chef::Dist::PRODUCT} event stream."
72
538
 
73
539
  # default_env defaults to `false` so that the command execution more exactly matches what the user gets on the command line without magic
74
540
  property :default_env, [ TrueClass, FalseClass ], desired_state: false, default: false,
@@ -96,13 +562,17 @@ class Chef
96
562
 
97
563
  # lazy used to set default value of sensitive to true if password is set
98
564
  property :sensitive, [ TrueClass, FalseClass ],
99
- description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::CLIENT}.",
565
+ description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::PRODUCT}.",
100
566
  default: lazy { password ? true : false }, default_description: "True if the password property is set. False otherwise."
101
567
 
102
568
  property :elevated, [ TrueClass, FalseClass ], default: false,
103
569
  description: "Determines whether the script will run with elevated permissions to circumvent User Access Control (UAC) interactively blocking the process.\nThis will cause the process to be run under a batch login instead of an interactive login. The user running #{Chef::Dist::CLIENT} needs the 'Replace a process level token' and 'Adjust Memory Quotas for a process' permissions. The user that is running the command needs the 'Log on as a batch job' permission.\nBecause this requires a login, the user and password properties are required.",
104
570
  introduced: "13.3"
105
571
 
572
+ property :input, [String],
573
+ introduced: "16.2",
574
+ description: "An optional property to set the input sent to the command as STDIN."
575
+
106
576
  alias :env :environment
107
577
 
108
578
  def self.set_guard_inherited_attributes(*inherited_attributes)
@@ -160,11 +630,11 @@ class Chef
160
630
  end
161
631
 
162
632
  # if domain is provided in both username and domain
163
- if specified_user && ((specified_user.include? '\\') || (specified_user.include? "@")) && specified_domain
633
+ if specified_user.is_a?(String) && ((specified_user.include? '\\') || (specified_user.include? "@")) && specified_domain
164
634
  raise ArgumentError, "The domain is provided twice. Username: `#{specified_user}`, Domain: `#{specified_domain}`. Please specify domain only once."
165
635
  end
166
636
 
167
- if ! specified_user.nil? && specified_domain.nil?
637
+ if specified_user.is_a?(String) && specified_domain.nil?
168
638
  # Splitting username of format: Domain\Username
169
639
  domain_and_user = user.split('\\')
170
640