chef 16.1.16 → 16.18.30
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +32 -27
- data/README.md +5 -5
- data/Rakefile +35 -30
- data/bin/knife +1 -1
- data/chef-universal-mingw32.gemspec +5 -5
- data/chef.gemspec +32 -10
- data/lib/chef/action_collection.rb +5 -1
- data/lib/chef/api_client/registration.rb +2 -2
- data/lib/chef/application/apply.rb +19 -13
- data/lib/chef/application/base.rb +27 -24
- data/lib/chef/application/client.rb +17 -6
- data/lib/chef/application/exit_code.rb +13 -4
- data/lib/chef/application/knife.rb +22 -11
- data/lib/chef/application/solo.rb +2 -1
- data/lib/chef/application/windows_service.rb +39 -39
- data/lib/chef/application/windows_service_manager.rb +7 -7
- data/lib/chef/application.rb +33 -19
- data/lib/chef/{whitelist.rb → attribute_allowlist.rb} +11 -11
- data/lib/chef/{blacklist.rb → attribute_blocklist.rb} +9 -9
- data/lib/chef/chef_class.rb +0 -1
- data/lib/chef/chef_fs/chef_fs_data_store.rb +55 -55
- data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
- data/lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
- data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +1 -2
- data/lib/chef/chef_fs/file_pattern.rb +1 -1
- data/lib/chef/chef_fs/file_system/chef_server/acl_entry.rb +10 -10
- data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
- data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +1 -5
- data/lib/chef/chef_fs/file_system/chef_server/organization_invites_entry.rb +8 -8
- data/lib/chef/chef_fs/file_system/chef_server/organization_members_entry.rb +8 -8
- data/lib/chef/chef_fs/file_system/repository/base_file.rb +1 -0
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +2 -2
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +18 -18
- data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
- data/lib/chef/chef_fs/knife.rb +2 -2
- data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
- data/lib/chef/chef_fs/parallelizer.rb +0 -1
- data/lib/chef/chef_fs/path_utils.rb +1 -1
- data/lib/chef/client.rb +32 -59
- data/lib/chef/compliance/default_attributes.rb +97 -0
- data/lib/chef/compliance/fetcher/automate.rb +80 -0
- data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
- data/lib/chef/compliance/reporter/automate.rb +201 -0
- data/lib/chef/compliance/reporter/chef_server_automate.rb +94 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
- data/lib/chef/compliance/reporter/json_file.rb +19 -0
- data/lib/chef/compliance/runner.rb +269 -0
- data/lib/chef/cookbook/chefignore.rb +1 -1
- data/lib/chef/cookbook/cookbook_version_loader.rb +1 -1
- data/lib/chef/cookbook/gem_installer.rb +6 -2
- data/lib/chef/cookbook/metadata.rb +1 -1
- data/lib/chef/cookbook/remote_file_vendor.rb +1 -3
- data/lib/chef/cookbook/synchronizer.rb +2 -2
- data/lib/chef/cookbook/syntax_check.rb +1 -2
- data/lib/chef/cookbook_loader.rb +15 -29
- data/lib/chef/cookbook_manifest.rb +2 -1
- data/lib/chef/cookbook_site_streaming_uploader.rb +13 -11
- data/lib/chef/cookbook_uploader.rb +1 -1
- data/lib/chef/cookbook_version.rb +30 -11
- data/lib/chef/data_bag.rb +5 -6
- data/lib/chef/data_collector/config_validation.rb +22 -13
- data/lib/chef/data_collector/run_end_message.rb +15 -5
- data/lib/chef/data_collector/run_start_message.rb +1 -1
- data/lib/chef/data_collector.rb +7 -6
- data/lib/chef/deprecated.rb +27 -5
- data/lib/chef/deprecation/warnings.rb +2 -2
- data/lib/chef/digester.rb +4 -3
- data/lib/chef/dsl/chef_vault.rb +1 -1
- data/lib/chef/dsl/data_query.rb +2 -2
- data/lib/chef/dsl/platform_introspection.rb +10 -8
- data/lib/chef/dsl/reboot_pending.rb +1 -1
- data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
- data/lib/chef/encrypted_data_bag_item/decryptor.rb +3 -3
- data/lib/chef/encrypted_data_bag_item/encryptor.rb +3 -3
- data/lib/chef/encrypted_data_bag_item.rb +3 -4
- data/lib/chef/environment.rb +6 -7
- data/lib/chef/event_loggers/windows_eventlog.rb +2 -2
- data/lib/chef/exceptions.rb +16 -6
- data/lib/chef/file_access_control/windows.rb +12 -11
- data/lib/chef/file_access_control.rb +1 -1
- data/lib/chef/file_cache.rb +4 -4
- data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
- data/lib/chef/file_content_management/tempfile.rb +10 -10
- data/lib/chef/formatters/doc.rb +7 -6
- data/lib/chef/formatters/error_inspectors/api_error_formatting.rb +6 -5
- data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +3 -3
- data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +3 -3
- data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +9 -9
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +8 -8
- data/lib/chef/formatters/error_inspectors/run_list_expansion_error_inspector.rb +3 -3
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/formatters/indentable_output_stream.rb +2 -2
- data/lib/chef/formatters/minimal.rb +5 -4
- data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
- data/lib/chef/handler/json_file.rb +1 -1
- data/lib/chef/handler.rb +2 -0
- data/lib/chef/http/auth_credentials.rb +5 -1
- data/lib/chef/http/authenticator.rb +4 -2
- data/lib/chef/http/basic_client.rb +4 -2
- data/lib/chef/http/decompressor.rb +1 -1
- data/lib/chef/http/http_request.rb +8 -6
- data/lib/chef/http/json_output.rb +1 -1
- data/lib/chef/http/socketless_chef_zero_client.rb +5 -2
- data/lib/chef/http/ssl_policies.rb +52 -15
- data/lib/chef/http.rb +38 -31
- data/lib/chef/json_compat.rb +4 -9
- data/lib/chef/key.rb +1 -1
- data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
- data/lib/chef/knife/bootstrap/templates/chef-full.erb +12 -12
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +9 -9
- data/lib/chef/knife/bootstrap/train_connector.rb +2 -1
- data/lib/chef/knife/bootstrap.rb +93 -40
- data/lib/chef/knife/client_bulk_delete.rb +1 -1
- data/lib/chef/knife/client_create.rb +3 -3
- data/lib/chef/knife/config_get.rb +8 -96
- data/lib/chef/knife/config_get_profile.rb +9 -9
- data/lib/chef/knife/config_list.rb +139 -0
- data/lib/chef/knife/config_list_profiles.rb +8 -95
- data/lib/chef/knife/config_show.rb +127 -0
- data/lib/chef/knife/config_use.rb +61 -0
- data/lib/chef/knife/config_use_profile.rb +12 -17
- data/lib/chef/knife/configure.rb +5 -3
- data/lib/chef/knife/cookbook_delete.rb +1 -1
- data/lib/chef/knife/cookbook_download.rb +1 -1
- data/lib/chef/knife/cookbook_metadata.rb +1 -1
- data/lib/chef/knife/cookbook_upload.rb +29 -37
- data/lib/chef/knife/core/bootstrap_context.rb +3 -3
- data/lib/chef/knife/core/cookbook_scm_repo.rb +2 -2
- data/lib/chef/knife/core/formatting_options.rb +49 -0
- data/lib/chef/knife/core/gem_glob_loader.rb +2 -2
- data/lib/chef/knife/core/generic_presenter.rb +1 -1
- data/lib/chef/knife/core/hashed_command_loader.rb +3 -2
- data/lib/chef/knife/core/node_presenter.rb +0 -25
- data/lib/chef/knife/core/object_loader.rb +1 -1
- data/lib/chef/knife/core/status_presenter.rb +1 -26
- data/lib/chef/knife/core/subcommand_loader.rb +20 -1
- data/lib/chef/knife/core/ui.rb +12 -3
- data/lib/chef/knife/core/windows_bootstrap_context.rb +51 -42
- data/lib/chef/knife/data_bag_create.rb +1 -1
- data/lib/chef/knife/delete.rb +15 -15
- data/lib/chef/knife/exec.rb +4 -4
- data/lib/chef/knife/node_bulk_delete.rb +1 -1
- data/lib/chef/knife/node_policy_set.rb +2 -2
- data/lib/chef/knife/node_run_list_add.rb +1 -1
- data/lib/chef/knife/node_run_list_remove.rb +2 -2
- data/lib/chef/knife/node_run_list_set.rb +1 -1
- data/lib/chef/knife/node_show.rb +4 -3
- data/lib/chef/knife/rehash.rb +3 -21
- data/lib/chef/knife/role_bulk_delete.rb +1 -1
- data/lib/chef/knife/role_env_run_list_add.rb +1 -1
- data/lib/chef/knife/role_env_run_list_set.rb +1 -1
- data/lib/chef/knife/role_run_list_add.rb +1 -1
- data/lib/chef/knife/role_run_list_set.rb +1 -1
- data/lib/chef/knife/search.rb +2 -2
- data/lib/chef/knife/serve.rb +3 -3
- data/lib/chef/knife/ssh.rb +33 -12
- data/lib/chef/knife/ssl_check.rb +3 -3
- data/lib/chef/knife/status.rb +10 -13
- data/lib/chef/knife/supermarket_share.rb +1 -1
- data/lib/chef/knife/supermarket_unshare.rb +1 -1
- data/lib/chef/knife/tag_create.rb +1 -1
- data/lib/chef/knife/tag_delete.rb +1 -1
- data/lib/chef/knife/user_create.rb +2 -2
- data/lib/chef/knife/xargs.rb +19 -19
- data/lib/chef/knife/yaml_convert.rb +1 -1
- data/lib/chef/knife.rb +9 -9
- data/lib/chef/local_mode.rb +2 -2
- data/lib/chef/log/syslog.rb +2 -2
- data/lib/chef/log/winevt.rb +2 -2
- data/lib/chef/log.rb +8 -3
- data/lib/chef/mixin/checksum.rb +5 -0
- data/{spec/functional/resource/base.rb → lib/chef/mixin/chef_utils_wiring.rb} +24 -12
- data/lib/chef/mixin/convert_to_class_name.rb +0 -56
- data/lib/chef/mixin/deep_merge.rb +35 -18
- data/{spec/unit/monkey_patches/uri_spec.rb → lib/chef/mixin/default_paths.rb} +11 -13
- data/lib/chef/mixin/openssl_helper.rb +32 -11
- data/lib/chef/mixin/path_sanity.rb +5 -4
- data/lib/chef/mixin/powershell_exec.rb +17 -22
- data/lib/chef/mixin/powershell_out.rb +12 -5
- data/lib/chef/mixin/properties.rb +2 -0
- data/lib/chef/mixin/securable.rb +2 -2
- data/lib/chef/mixin/shell_out.rb +4 -188
- data/lib/chef/mixin/template.rb +4 -3
- data/lib/chef/mixin/unformatter.rb +1 -1
- data/lib/chef/mixin/uris.rb +4 -2
- data/lib/chef/mixin/versioned_api.rb +1 -2
- data/lib/chef/mixin/which.rb +6 -3
- data/lib/chef/mixins.rb +1 -0
- data/lib/chef/monkey_patches/webrick-utils.rb +10 -10
- data/lib/chef/node/attribute.rb +22 -7
- data/lib/chef/node/attribute_collections.rb +2 -6
- data/lib/chef/node/mixin/deep_merge_cache.rb +4 -4
- data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
- data/lib/chef/node.rb +43 -18
- data/lib/chef/node_map.rb +21 -18
- data/lib/chef/platform/query_helpers.rb +4 -4
- data/lib/chef/platform/service_helpers.rb +31 -28
- data/lib/chef/policy_builder/dynamic.rb +2 -0
- data/lib/chef/policy_builder/policyfile.rb +8 -3
- data/lib/chef/powershell.rb +10 -4
- data/lib/chef/property.rb +2 -2
- data/lib/chef/provider/batch.rb +3 -10
- data/lib/chef/provider/cron/unix.rb +0 -2
- data/lib/chef/provider/cron.rb +9 -28
- data/lib/chef/provider/dsc_resource.rb +12 -24
- data/lib/chef/provider/dsc_script.rb +16 -20
- data/lib/chef/provider/execute.rb +2 -1
- data/lib/chef/provider/file.rb +5 -5
- data/lib/chef/provider/git.rb +22 -14
- data/lib/chef/provider/group/dscl.rb +3 -3
- data/lib/chef/provider/group/suse.rb +5 -5
- data/lib/chef/provider/group/windows.rb +13 -2
- data/lib/chef/provider/group.rb +14 -8
- data/lib/chef/provider/ifconfig/debian.rb +38 -22
- data/lib/chef/provider/ifconfig/redhat.rb +54 -18
- data/lib/chef/provider/ifconfig.rb +16 -19
- data/lib/chef/provider/launchd.rb +3 -13
- data/lib/chef/provider/link.rb +0 -9
- data/lib/chef/provider/mount/aix.rb +1 -1
- data/lib/chef/provider/mount/linux.rb +67 -0
- data/lib/chef/provider/mount/mount.rb +41 -43
- data/lib/chef/provider/mount/solaris.rb +0 -1
- data/lib/chef/provider/mount/windows.rb +2 -2
- data/lib/chef/provider/mount.rb +23 -3
- data/lib/chef/provider/noop.rb +1 -1
- data/lib/chef/provider/package/apt.rb +1 -1
- data/lib/chef/provider/package/chocolatey.rb +6 -6
- data/lib/chef/provider/package/dnf/dnf_helper.py +23 -6
- data/lib/chef/provider/package/dnf/python_helper.rb +6 -6
- data/lib/chef/provider/package/dnf.rb +39 -12
- data/lib/chef/provider/package/dpkg.rb +3 -12
- data/lib/chef/provider/package/freebsd/base.rb +3 -2
- data/lib/chef/provider/package/freebsd/pkgng.rb +4 -2
- data/lib/chef/provider/package/homebrew.rb +1 -1
- data/lib/chef/provider/package/ips.rb +1 -1
- data/lib/chef/provider/package/openbsd.rb +1 -1
- data/lib/chef/provider/package/portage.rb +2 -2
- data/lib/chef/provider/package/powershell.rb +10 -2
- data/lib/chef/provider/package/rubygems.rb +25 -22
- data/lib/chef/provider/package/snap.rb +99 -34
- data/lib/chef/provider/package/solaris.rb +0 -2
- data/lib/chef/provider/package/windows/msi.rb +3 -3
- data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +12 -10
- data/lib/chef/provider/package/windows.rb +12 -7
- data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
- data/lib/chef/provider/package/yum/yum_helper.py +4 -10
- data/lib/chef/provider/package/zypper.rb +99 -73
- data/lib/chef/provider/package.rb +53 -18
- data/lib/chef/provider/powershell_script.rb +40 -17
- data/lib/chef/provider/registry_key.rb +4 -3
- data/lib/chef/provider/remote_file/content.rb +3 -0
- data/lib/chef/provider/remote_file/ftp.rb +6 -4
- data/lib/chef/provider/remote_file/http.rb +4 -1
- data/lib/chef/provider/remote_file/sftp.rb +6 -4
- data/lib/chef/provider/route.rb +4 -8
- data/lib/chef/provider/script.rb +4 -75
- data/lib/chef/provider/service/arch.rb +2 -2
- data/lib/chef/provider/service/debian.rb +5 -4
- data/lib/chef/provider/service/gentoo.rb +2 -2
- data/lib/chef/provider/service/macosx.rb +7 -7
- data/lib/chef/provider/service/openbsd.rb +5 -8
- data/lib/chef/provider/service/redhat.rb +4 -4
- data/lib/chef/provider/service/upstart.rb +1 -1
- data/lib/chef/provider/service/windows.rb +11 -11
- data/lib/chef/provider/service.rb +2 -2
- data/lib/chef/provider/subversion.rb +2 -2
- data/lib/chef/provider/systemd_unit.rb +0 -2
- data/lib/chef/provider/template/content.rb +2 -1
- data/lib/chef/provider/template_finder.rb +2 -10
- data/lib/chef/provider/user/aix.rb +1 -1
- data/lib/chef/provider/user/dscl.rb +10 -10
- data/lib/chef/provider/user/linux.rb +3 -3
- data/lib/chef/provider/user/mac.rb +29 -21
- data/lib/chef/provider/user/solaris.rb +1 -1
- data/lib/chef/provider/user/windows.rb +10 -3
- data/lib/chef/provider/user.rb +17 -9
- data/lib/chef/provider/windows_script.rb +87 -25
- data/lib/chef/provider/yum_repository.rb +3 -3
- data/lib/chef/provider/zypper_repository.rb +33 -14
- data/lib/chef/provider.rb +1 -5
- data/lib/chef/provider_resolver.rb +1 -1
- data/lib/chef/providers.rb +1 -4
- data/lib/chef/pwsh.rb +71 -0
- data/lib/chef/recipe.rb +2 -2
- data/lib/chef/resource/alternatives.rb +1 -1
- data/lib/chef/resource/apt_package.rb +1 -1
- data/lib/chef/resource/apt_repository.rb +7 -15
- data/lib/chef/resource/archive_file.rb +28 -8
- data/lib/chef/resource/bash.rb +119 -2
- data/lib/chef/resource/batch.rb +5 -3
- data/lib/chef/resource/bff_package.rb +22 -0
- data/lib/chef/resource/breakpoint.rb +59 -2
- data/lib/chef/resource/build_essential.rb +7 -10
- data/lib/chef/resource/cab_package.rb +29 -0
- data/lib/chef/resource/chef_client_config.rb +313 -0
- data/lib/chef/resource/chef_client_cron.rb +36 -29
- data/lib/chef/resource/chef_client_launchd.rb +194 -0
- data/lib/chef/resource/chef_client_scheduled_task.rb +36 -21
- data/lib/chef/resource/chef_client_systemd_timer.rb +29 -22
- data/lib/chef/resource/chef_client_trusted_certificate.rb +102 -0
- data/lib/chef/resource/chef_gem.rb +58 -22
- data/lib/chef/resource/chef_handler.rb +149 -4
- data/lib/chef/resource/chef_sleep.rb +3 -3
- data/lib/chef/resource/chef_vault_secret.rb +14 -14
- data/lib/chef/resource/chocolatey_feature.rb +1 -2
- data/lib/chef/resource/cookbook_file.rb +2 -2
- data/lib/chef/resource/cron/_cron_shared.rb +99 -0
- data/lib/chef/resource/cron/cron.rb +46 -0
- data/lib/chef/resource/{cron_d.rb → cron/cron_d.rb} +9 -89
- data/lib/chef/resource/cron_access.rb +13 -5
- data/lib/chef/resource/csh.rb +2 -3
- data/lib/chef/resource/dmg_package.rb +2 -2
- data/lib/chef/resource/dnf_package.rb +2 -2
- data/lib/chef/resource/dsc_resource.rb +0 -1
- data/lib/chef/resource/dsc_script.rb +9 -2
- data/lib/chef/resource/execute.rb +486 -15
- data/lib/chef/resource/file.rb +5 -5
- data/lib/chef/resource/freebsd_package.rb +1 -1
- data/lib/chef/resource/gem_package.rb +36 -3
- data/lib/chef/resource/helpers/cron_validations.rb +6 -3
- data/lib/chef/resource/homebrew_cask.rb +16 -10
- data/lib/chef/resource/homebrew_package.rb +32 -3
- data/lib/chef/resource/homebrew_update.rb +110 -0
- data/lib/chef/resource/hostname.rb +27 -40
- data/lib/chef/resource/http_request.rb +1 -1
- data/lib/chef/resource/ifconfig.rb +52 -5
- data/lib/chef/resource/kernel_module.rb +15 -2
- data/lib/chef/resource/ksh.rb +3 -3
- data/lib/chef/resource/launchd.rb +18 -17
- data/lib/chef/resource/locale.rb +4 -4
- data/lib/chef/resource/lwrp_base.rb +4 -5
- data/lib/chef/resource/macos_userdefaults.rb +176 -61
- data/lib/chef/resource/mdadm.rb +2 -2
- data/lib/chef/resource/mount.rb +9 -3
- data/lib/chef/resource/notify_group.rb +0 -1
- data/lib/chef/resource/ohai.rb +46 -3
- data/lib/chef/resource/ohai_hint.rb +33 -0
- data/lib/chef/resource/openssl_dhparam.rb +29 -5
- data/lib/chef/resource/openssl_ec_private_key.rb +8 -3
- data/lib/chef/resource/openssl_ec_public_key.rb +4 -2
- data/lib/chef/resource/openssl_rsa_private_key.rb +8 -3
- data/lib/chef/resource/openssl_rsa_public_key.rb +2 -0
- data/lib/chef/resource/openssl_x509_certificate.rb +49 -49
- data/lib/chef/resource/openssl_x509_crl.rb +22 -12
- data/lib/chef/resource/openssl_x509_request.rb +37 -36
- data/lib/chef/resource/osx_profile.rb +292 -6
- data/lib/chef/resource/perl.rb +2 -3
- data/lib/chef/resource/plist.rb +26 -11
- data/lib/chef/resource/powershell_package_source.rb +25 -24
- data/lib/chef/resource/powershell_script.rb +40 -41
- data/lib/chef/resource/python.rb +2 -3
- data/lib/chef/resource/reboot.rb +2 -2
- data/lib/chef/resource/registry_key.rb +93 -2
- data/lib/chef/resource/remote_directory.rb +1 -1
- data/lib/chef/resource/remote_file.rb +26 -10
- data/lib/chef/resource/rhsm_register.rb +39 -10
- data/lib/chef/resource/rhsm_subscription.rb +5 -5
- data/lib/chef/resource/route.rb +1 -1
- data/lib/chef/resource/ruby.rb +1 -6
- data/lib/chef/resource/ruby_block.rb +2 -2
- data/lib/chef/resource/scm/_scm.rb +2 -1
- data/lib/chef/resource/scm/git.rb +82 -1
- data/lib/chef/resource/scm/subversion.rb +14 -2
- data/lib/chef/resource/script.rb +2 -2
- data/lib/chef/resource/service.rb +5 -5
- data/lib/chef/resource/solaris_package.rb +0 -2
- data/lib/chef/resource/ssh_known_hosts_entry.rb +18 -3
- data/lib/chef/resource/sudo.rb +32 -5
- data/lib/chef/resource/support/client.erb +68 -0
- data/lib/chef/resource/support/cron.d.erb +1 -1
- data/lib/chef/resource/support/cron_access.erb +1 -1
- data/lib/chef/resource/support/sudoer.erb +1 -1
- data/lib/chef/resource/support/ulimit.erb +1 -1
- data/lib/chef/resource/swap_file.rb +17 -0
- data/lib/chef/resource/sysctl.rb +6 -10
- data/lib/chef/resource/systemd_unit.rb +45 -4
- data/lib/chef/resource/template.rb +4 -4
- data/lib/chef/resource/timezone.rb +122 -68
- data/lib/chef/resource/user/windows_user.rb +5 -0
- data/lib/chef/resource/user_ulimit.rb +2 -1
- data/lib/chef/resource/windows_ad_join.rb +51 -13
- data/lib/chef/resource/windows_audit_policy.rb +232 -0
- data/lib/chef/resource/windows_auto_run.rb +13 -0
- data/lib/chef/resource/windows_certificate.rb +95 -39
- data/lib/chef/resource/windows_dfs_folder.rb +2 -0
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -0
- data/lib/chef/resource/windows_dfs_server.rb +9 -4
- data/lib/chef/resource/windows_dns_record.rb +25 -5
- data/lib/chef/resource/windows_dns_zone.rb +12 -7
- data/lib/chef/resource/windows_env.rb +173 -0
- data/lib/chef/resource/windows_feature.rb +4 -0
- data/lib/chef/resource/windows_feature_dism.rb +10 -0
- data/lib/chef/resource/windows_feature_powershell.rb +14 -2
- data/lib/chef/resource/windows_firewall_profile.rb +196 -0
- data/lib/chef/resource/windows_firewall_rule.rb +14 -14
- data/lib/chef/resource/windows_font.rb +7 -5
- data/lib/chef/resource/windows_package.rb +30 -6
- data/lib/chef/resource/windows_pagefile.rb +5 -1
- data/lib/chef/resource/windows_path.rb +38 -0
- data/lib/chef/resource/windows_printer.rb +22 -21
- data/lib/chef/resource/windows_printer_port.rb +20 -17
- data/lib/chef/resource/windows_script.rb +2 -16
- data/lib/chef/resource/windows_security_policy.rb +98 -49
- data/lib/chef/resource/windows_service.rb +108 -0
- data/lib/chef/resource/windows_share.rb +23 -21
- data/lib/chef/resource/windows_shortcut.rb +3 -2
- data/lib/chef/resource/windows_task.rb +633 -32
- data/lib/chef/resource/windows_uac.rb +5 -1
- data/lib/chef/resource/windows_user_privilege.rb +111 -77
- data/lib/chef/resource/windows_workgroup.rb +11 -10
- data/lib/chef/resource/yum_package.rb +2 -2
- data/lib/chef/resource/yum_repository.rb +15 -10
- data/lib/chef/resource.rb +60 -27
- data/lib/chef/resource_collection/resource_set.rb +2 -6
- data/lib/chef/resource_collection/stepable_iterator.rb +1 -2
- data/lib/chef/resource_inspector.rb +82 -70
- data/lib/chef/resource_reporter.rb +1 -3
- data/lib/chef/resources.rb +9 -3
- data/lib/chef/role.rb +3 -4
- data/lib/chef/run_context/cookbook_compiler.rb +21 -21
- data/lib/chef/run_context.rb +2 -2
- data/lib/chef/run_lock.rb +3 -3
- data/lib/chef/run_status.rb +2 -6
- data/lib/chef/search/query.rb +7 -6
- data/lib/chef/server_api.rb +0 -4
- data/lib/chef/server_api_versions.rb +4 -0
- data/lib/chef/shell/ext.rb +15 -15
- data/lib/chef/shell/shell_session.rb +4 -2
- data/lib/chef/shell.rb +63 -27
- data/lib/chef/train_transport.rb +5 -104
- data/lib/chef/util/backup.rb +2 -2
- data/lib/chef/util/diff.rb +16 -17
- data/lib/chef/util/dsc/configuration_generator.rb +53 -12
- data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
- data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
- data/lib/chef/util/dsc/resource_store.rb +5 -11
- data/lib/chef/util/powershell/ps_credential.rb +18 -14
- data/lib/chef/util/threaded_job_queue.rb +0 -2
- data/lib/chef/util/windows/net_user.rb +1 -1
- data/lib/chef/util/windows/volume.rb +1 -1
- data/lib/chef/version.rb +2 -2
- data/lib/chef/version_string.rb +1 -1
- data/lib/chef/win32/api/file.rb +4 -0
- data/lib/chef/win32/api.rb +9 -2
- data/lib/chef/win32/crypto.rb +1 -1
- data/lib/chef/win32/file/version_info.rb +5 -5
- data/lib/chef/win32/file.rb +4 -4
- data/lib/chef/win32/registry.rb +4 -6
- data/lib/chef/win32/security/sid.rb +1 -1
- data/lib/chef/win32/security.rb +1 -1
- data/lib/chef/win32/unicode.rb +1 -1
- data/lib/chef/win32/version.rb +4 -2
- data/spec/data/lwrp/providers/buck_passer.rb +1 -1
- data/spec/data/lwrp/providers/buck_passer_2.rb +1 -1
- data/spec/data/lwrp/providers/embedded_resource_accesses_providers_scope.rb +1 -1
- data/spec/data/rubygems.org/latest_specs.4.8.gz +0 -0
- data/spec/data/rubygems.org/nonexistent_gem +0 -0
- data/spec/data/rubygems.org/sexp_processor +0 -0
- data/spec/data/rubygems.org/sexp_processor-4.15.1.gemspec.rz +0 -0
- data/spec/data/shef-config.rb +1 -1
- data/spec/data/ssl/binary/chef-rspec-der.cert +0 -0
- data/spec/data/ssl/binary/chef-rspec-der.key +0 -0
- data/spec/data/ssl/chef-rspec.cert +15 -15
- data/spec/functional/assets/yumrepo-empty/repodata/01a3b-filelists.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/401dc-filelists.xml.gz +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/5dc1e-primary.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/6bf96-other.xml.gz +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/7c365-other.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/dabe2-primary.xml.gz +0 -0
- data/spec/functional/assets/yumrepo-empty/repodata/repomd.xml +55 -0
- data/spec/functional/event_loggers/windows_eventlog_spec.rb +6 -5
- data/spec/functional/knife/configure_spec.rb +1 -1
- data/spec/functional/knife/ssh_spec.rb +5 -16
- data/spec/functional/mixin/powershell_out_spec.rb +11 -3
- data/spec/functional/resource/aix_service_spec.rb +11 -4
- data/spec/functional/resource/aixinit_service_spec.rb +9 -10
- data/spec/functional/resource/apt_package_spec.rb +4 -7
- data/spec/functional/resource/bash_spec.rb +3 -2
- data/spec/functional/resource/bff_spec.rb +3 -3
- data/spec/functional/resource/chocolatey_package_spec.rb +11 -3
- data/spec/functional/resource/cookbook_file_spec.rb +1 -1
- data/spec/functional/resource/cron_spec.rb +24 -6
- data/spec/functional/resource/dnf_package_spec.rb +323 -17
- data/spec/functional/resource/dsc_resource_spec.rb +1 -1
- data/spec/functional/resource/dsc_script_spec.rb +6 -10
- data/spec/functional/resource/execute_spec.rb +1 -1
- data/spec/functional/resource/git_spec.rb +23 -1
- data/spec/functional/resource/group_spec.rb +26 -10
- data/spec/functional/resource/ifconfig_spec.rb +9 -1
- data/spec/functional/resource/insserv_spec.rb +8 -8
- data/spec/functional/resource/link_spec.rb +30 -25
- data/spec/functional/resource/mount_spec.rb +19 -3
- data/spec/functional/resource/msu_package_spec.rb +9 -3
- data/spec/functional/resource/ohai_spec.rb +2 -10
- data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
- data/spec/functional/resource/powershell_script_spec.rb +65 -22
- data/spec/functional/resource/remote_file_spec.rb +9 -15
- data/spec/functional/resource/rpm_spec.rb +3 -3
- data/spec/functional/resource/timezone_spec.rb +2 -0
- data/spec/functional/resource/user/dscl_spec.rb +1 -1
- data/spec/functional/resource/user/mac_user_spec.rb +1 -1
- data/spec/functional/resource/windows_certificate_spec.rb +206 -382
- data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
- data/spec/functional/resource/windows_font_spec.rb +50 -0
- data/spec/functional/resource/windows_package_spec.rb +36 -11
- data/spec/functional/resource/windows_path_spec.rb +4 -0
- data/spec/functional/resource/windows_security_policy_spec.rb +0 -4
- data/spec/functional/resource/windows_service_spec.rb +4 -0
- data/spec/functional/resource/windows_share_spec.rb +103 -0
- data/spec/functional/resource/windows_task_spec.rb +27 -27
- data/spec/functional/resource/windows_user_privilege_spec.rb +1 -2
- data/spec/functional/resource/yum_package_spec.rb +16 -1
- data/spec/functional/resource/zypper_package_spec.rb +15 -1
- data/spec/functional/run_lock_spec.rb +26 -25
- data/spec/functional/shell_spec.rb +10 -6
- data/spec/functional/version_spec.rb +4 -4
- data/spec/functional/win32/crypto_spec.rb +1 -1
- data/spec/functional/win32/registry_spec.rb +8 -8
- data/spec/functional/win32/service_manager_spec.rb +1 -1
- data/spec/integration/client/client_spec.rb +6 -5
- data/spec/integration/client/exit_code_spec.rb +3 -2
- data/spec/integration/client/fips_spec.rb +21 -0
- data/spec/integration/client/ipv6_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +82 -0
- data/spec/integration/knife/client_key_create_spec.rb +1 -1
- data/spec/integration/knife/common_options_spec.rb +12 -12
- data/spec/integration/knife/config_list_spec.rb +220 -0
- data/spec/integration/knife/config_show_spec.rb +192 -0
- data/spec/integration/knife/config_use_spec.rb +198 -0
- data/spec/integration/knife/cookbook_api_ipv6_spec.rb +1 -1
- data/spec/integration/knife/cookbook_upload_spec.rb +28 -1
- data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
- data/spec/integration/knife/delete_spec.rb +1 -1
- data/spec/integration/knife/diff_spec.rb +3 -1
- data/spec/integration/knife/download_spec.rb +5 -3
- data/spec/integration/knife/environment_from_file_spec.rb +1 -1
- data/spec/integration/knife/node_create_spec.rb +1 -1
- data/spec/integration/knife/node_environment_set_spec.rb +1 -1
- data/spec/integration/knife/node_from_file_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
- data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
- data/spec/integration/knife/node_show_spec.rb +1 -1
- data/spec/integration/knife/role_from_file_spec.rb +1 -1
- data/spec/integration/knife/serve_spec.rb +5 -5
- data/spec/integration/knife/upload_spec.rb +8 -7
- data/spec/integration/ohai/ohai_spec.rb +61 -0
- data/spec/integration/recipes/accumulator_spec.rb +1 -1
- data/spec/integration/recipes/lwrp_inline_resources_spec.rb +2 -2
- data/spec/integration/recipes/lwrp_spec.rb +1 -1
- data/spec/integration/recipes/notifies_spec.rb +2 -2
- data/spec/integration/recipes/notifying_block_spec.rb +1 -1
- data/spec/integration/recipes/provider_choice.rb +2 -2
- data/spec/integration/recipes/recipe_dsl_spec.rb +6 -1
- data/spec/integration/recipes/remote_directory.rb +1 -1
- data/spec/integration/recipes/resource_action_spec.rb +14 -0
- data/spec/integration/recipes/resource_converge_if_changed_spec.rb +2 -0
- data/spec/integration/recipes/resource_load_spec.rb +4 -2
- data/spec/integration/recipes/unified_mode_spec.rb +1 -1
- data/spec/integration/recipes/use_partial_spec.rb +1 -1
- data/spec/integration/solo/solo_spec.rb +5 -5
- data/spec/spec_helper.rb +30 -17
- data/spec/stress/win32/file_spec.rb +1 -1
- data/spec/support/chef_helpers.rb +3 -22
- data/spec/support/lib/chef/resource/cat.rb +1 -1
- data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
- data/spec/support/matchers/leak.rb +2 -2
- data/spec/support/mock/platform.rb +24 -16
- data/spec/support/platform_helpers.rb +36 -41
- data/spec/support/platforms/win32/spec_service.rb +2 -2
- data/spec/support/shared/functional/directory_resource.rb +1 -1
- data/spec/support/shared/functional/execute_resource.rb +2 -2
- data/spec/support/shared/functional/file_resource.rb +20 -21
- data/spec/support/shared/functional/securable_resource.rb +109 -29
- data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
- data/spec/support/shared/functional/win32_service.rb +2 -2
- data/spec/support/shared/functional/windows_script.rb +5 -5
- data/spec/support/shared/integration/integration_helper.rb +22 -52
- data/spec/support/shared/integration/knife_support.rb +2 -9
- data/spec/support/shared/unit/application_dot_d.rb +5 -4
- data/spec/support/shared/unit/execute_resource.rb +1 -1
- data/spec/support/shared/unit/knife_shared.rb +1 -1
- data/spec/support/shared/unit/provider/file.rb +26 -8
- data/spec/support/shared/unit/script_resource.rb +10 -24
- data/spec/support/shared/unit/windows_script_resource.rb +16 -29
- data/spec/tiny_server.rb +0 -1
- data/spec/unit/application/client_spec.rb +2 -2
- data/spec/unit/application/exit_code_spec.rb +10 -0
- data/spec/unit/application/solo_spec.rb +4 -2
- data/spec/unit/application_spec.rb +15 -8
- data/spec/unit/chef_fs/config_spec.rb +3 -3
- data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
- data/spec/unit/chef_fs/diff_spec.rb +8 -8
- data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +2 -4
- data/spec/unit/chef_fs/{parallelizer.rb → parallelizer_spec.rb} +6 -2
- data/spec/unit/chef_fs/path_util_spec.rb +1 -1
- data/spec/unit/client_spec.rb +25 -5
- data/spec/unit/compliance/fetcher/automate_spec.rb +142 -0
- data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
- data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
- data/spec/unit/compliance/runner_spec.rb +215 -0
- data/spec/unit/cookbook/gem_installer_spec.rb +2 -1
- data/spec/unit/cookbook/synchronizer_spec.rb +28 -26
- data/spec/unit/cookbook_spec.rb +2 -2
- data/spec/unit/cookbook_version_spec.rb +52 -0
- data/spec/unit/daemon_spec.rb +1 -5
- data/spec/unit/data_bag_spec.rb +6 -3
- data/spec/unit/data_collector/config_validation_spec.rb +208 -0
- data/spec/unit/data_collector_spec.rb +100 -120
- data/spec/unit/decorator_spec.rb +23 -23
- data/spec/unit/dsl/declare_resource_spec.rb +1 -1
- data/spec/unit/dsl/platform_introspection_spec.rb +1 -0
- data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
- data/spec/unit/environment_spec.rb +12 -8
- data/spec/unit/event_dispatch/dispatcher_spec.rb +3 -0
- data/spec/unit/file_access_control_spec.rb +1 -1
- data/spec/unit/formatters/error_inspectors/resource_failure_inspector_spec.rb +2 -2
- data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
- data/spec/unit/guard_interpreter_spec.rb +1 -1
- data/spec/unit/http/api_versions_spec.rb +20 -2
- data/spec/unit/http/ssl_policies_spec.rb +125 -66
- data/spec/unit/json_compat_spec.rb +1 -1
- data/spec/unit/knife/bootstrap_spec.rb +69 -45
- data/spec/unit/knife/client_create_spec.rb +2 -2
- data/spec/unit/knife/configure_client_spec.rb +5 -5
- data/spec/unit/knife/configure_spec.rb +3 -3
- data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
- data/spec/unit/knife/cookbook_download_spec.rb +8 -8
- data/spec/unit/knife/cookbook_list_spec.rb +2 -2
- data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
- data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
- data/spec/unit/knife/cookbook_show_spec.rb +6 -7
- data/spec/unit/knife/cookbook_upload_spec.rb +7 -10
- data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
- data/spec/unit/knife/core/node_editor_spec.rb +1 -1
- data/spec/unit/knife/core/status_presenter_spec.rb +54 -0
- data/spec/unit/knife/core/ui_spec.rb +1 -0
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +24 -15
- data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
- data/spec/unit/knife/environment_compare_spec.rb +3 -3
- data/spec/unit/knife/ssh_spec.rb +2 -2
- data/spec/unit/knife/supermarket_download_spec.rb +8 -8
- data/spec/unit/knife/supermarket_list_spec.rb +3 -3
- data/spec/unit/knife/supermarket_search_spec.rb +1 -1
- data/spec/unit/knife/supermarket_share_spec.rb +6 -7
- data/spec/unit/knife/tag_create_spec.rb +1 -1
- data/spec/unit/knife/tag_delete_spec.rb +1 -1
- data/spec/unit/knife/user_create_spec.rb +1 -1
- data/spec/unit/log/syslog_spec.rb +6 -10
- data/spec/unit/log/winevt_spec.rb +21 -13
- data/spec/unit/lwrp_spec.rb +12 -9
- data/spec/unit/mixin/checksum_spec.rb +28 -0
- data/spec/unit/mixin/deep_merge_spec.rb +15 -0
- data/spec/unit/mixin/{path_sanity_spec.rb → default_paths_spec.rb} +14 -14
- data/spec/unit/mixin/openssl_helper_spec.rb +1 -8
- data/spec/unit/mixin/powershell_exec_spec.rb +43 -6
- data/spec/unit/mixin/powershell_out_spec.rb +16 -4
- data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
- data/spec/unit/mixin/securable_spec.rb +2 -3
- data/spec/unit/mixin/shell_out_spec.rb +25 -26
- data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
- data/spec/unit/mixin/template_spec.rb +30 -30
- data/spec/unit/mixin/unformatter_spec.rb +2 -2
- data/spec/unit/mixin/uris_spec.rb +1 -1
- data/spec/unit/mixin/user_context_spec.rb +1 -9
- data/spec/unit/mixin/which.rb +9 -1
- data/spec/unit/mixin/windows_architecture_helper_spec.rb +4 -4
- data/spec/unit/node/immutable_collections_spec.rb +8 -4
- data/spec/unit/node_spec.rb +103 -16
- data/spec/unit/platform/query_helpers_spec.rb +13 -14
- data/spec/unit/policy_builder/policyfile_spec.rb +11 -1
- data/spec/unit/property_spec.rb +6 -6
- data/spec/unit/provider/batch_spec.rb +130 -0
- data/spec/unit/provider/cron/unix_spec.rb +1 -1
- data/spec/unit/provider/cron_spec.rb +43 -49
- data/spec/unit/provider/dsc_resource_spec.rb +30 -63
- data/spec/unit/provider/dsc_script_spec.rb +11 -11
- data/spec/unit/provider/execute_spec.rb +1 -8
- data/spec/unit/provider/git_spec.rb +3 -3
- data/spec/unit/provider/group/windows_spec.rb +6 -0
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/ifconfig_spec.rb +0 -1
- data/spec/unit/provider/mdadm_spec.rb +1 -3
- data/spec/unit/provider/mount/linux_spec.rb +107 -0
- data/spec/unit/provider/mount/mount_spec.rb +73 -10
- data/spec/unit/provider/mount/solaris_spec.rb +1 -1
- data/spec/unit/provider/mount/windows_spec.rb +1 -0
- data/spec/unit/provider/mount_spec.rb +31 -0
- data/spec/unit/provider/package/chocolatey_spec.rb +2 -3
- data/spec/unit/provider/package/dnf/python_helper_spec.rb +8 -2
- data/spec/unit/provider/package/freebsd/pkgng_spec.rb +1 -1
- data/spec/unit/provider/package/openbsd_spec.rb +1 -1
- data/spec/unit/provider/package/pacman_spec.rb +17 -20
- data/spec/unit/provider/package/powershell_spec.rb +162 -99
- data/spec/unit/provider/package/rubygems_spec.rb +50 -20
- data/spec/unit/provider/package/smartos_spec.rb +1 -1
- data/spec/unit/provider/package/snap_spec.rb +1 -1
- data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
- data/spec/unit/provider/package/windows_spec.rb +30 -53
- data/spec/unit/provider/package/zypper_spec.rb +0 -25
- data/spec/unit/provider/package_spec.rb +2 -2
- data/spec/unit/provider/powershell_script_spec.rb +20 -44
- data/spec/unit/provider/remote_directory_spec.rb +9 -9
- data/spec/unit/provider/route_spec.rb +0 -2
- data/spec/unit/provider/script_spec.rb +20 -110
- data/spec/unit/provider/service/arch_service_spec.rb +3 -2
- data/spec/unit/provider/service/debian_service_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_service_spec.rb +7 -7
- data/spec/unit/provider/service/macosx_spec.rb +6 -6
- data/spec/unit/provider/service/redhat_spec.rb +3 -3
- data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
- data/spec/unit/provider/service/windows_spec.rb +2 -6
- data/spec/unit/provider/subversion_spec.rb +0 -3
- data/spec/unit/provider/systemd_unit_spec.rb +29 -25
- data/spec/unit/provider/user/dscl_spec.rb +2 -2
- data/spec/unit/provider/user_spec.rb +7 -1
- data/spec/unit/provider/windows_env_spec.rb +22 -37
- data/spec/unit/provider/windows_path_spec.rb +6 -11
- data/spec/unit/provider/windows_task_spec.rb +7 -6
- data/spec/unit/provider/zypper_repository_spec.rb +60 -10
- data/spec/unit/provider_spec.rb +1 -0
- data/spec/unit/recipe_spec.rb +1 -1
- data/spec/unit/resource/archive_file_spec.rb +23 -2
- data/spec/unit/resource/batch_spec.rb +6 -6
- data/spec/unit/resource/breakpoint_spec.rb +1 -1
- data/spec/unit/resource/build_essential_spec.rb +0 -12
- data/spec/unit/resource/chef_client_config_spec.rb +137 -0
- data/spec/unit/resource/chef_client_cron_spec.rb +51 -14
- data/spec/unit/resource/chef_client_launchd_spec.rb +127 -0
- data/spec/unit/resource/chef_client_scheduled_task_spec.rb +17 -7
- data/spec/unit/resource/chef_client_systemd_timer_spec.rb +43 -5
- data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +68 -0
- data/spec/unit/resource/cron_spec.rb +2 -2
- data/spec/unit/resource/execute_spec.rb +123 -118
- data/spec/unit/resource/file/verification_spec.rb +2 -1
- data/spec/unit/resource/helpers/cron_validations_spec.rb +5 -1
- data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
- data/spec/unit/resource/homebrew_update_spec.rb +30 -0
- data/spec/unit/resource/ifconfig_spec.rb +2 -10
- data/spec/unit/resource/launchd_spec.rb +8 -0
- data/spec/unit/resource/macos_user_defaults_spec.rb +103 -2
- data/spec/unit/resource/mount_spec.rb +28 -5
- data/spec/unit/resource/osx_profile_spec.rb +299 -0
- data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
- data/spec/unit/resource/powershell_script_spec.rb +15 -108
- data/spec/unit/resource/rhsm_register_spec.rb +56 -18
- data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
- data/spec/unit/resource/script_spec.rb +6 -1
- data/spec/unit/resource/service_spec.rb +2 -2
- data/spec/unit/resource/solaris_package_spec.rb +8 -10
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/timezone_spec.rb +64 -1
- data/spec/unit/{log_spec.rb → resource/user/windows_user_spec.rb} +16 -4
- data/spec/unit/resource/user_ulimit_spec.rb +14 -1
- data/spec/unit/resource/windows_audit_policy_spec.rb +64 -0
- data/spec/unit/resource/windows_certificate_spec.rb +12 -0
- data/spec/unit/resource/windows_dns_record_spec.rb +3 -3
- data/spec/unit/resource/windows_dns_zone_spec.rb +2 -2
- data/spec/unit/resource/windows_feature_powershell_spec.rb +30 -4
- data/spec/unit/resource/windows_firewall_profile_spec.rb +77 -0
- data/spec/unit/resource/windows_package_spec.rb +1 -0
- data/spec/unit/resource/windows_task_spec.rb +1 -1
- data/spec/unit/resource/windows_uac_spec.rb +3 -3
- data/spec/unit/resource/windows_user_privilege_spec.rb +55 -0
- data/spec/unit/resource/yum_repository_spec.rb +21 -21
- data/spec/unit/resource_inspector_spec.rb +10 -5
- data/spec/unit/resource_reporter_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +137 -3
- data/spec/unit/role_spec.rb +30 -28
- data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
- data/spec/unit/run_lock_spec.rb +6 -2
- data/spec/unit/runner_spec.rb +1 -2
- data/spec/unit/scan_access_control_spec.rb +1 -1
- data/spec/unit/server_api_spec.rb +43 -16
- data/spec/unit/shell/shell_ext_spec.rb +46 -3
- data/spec/unit/shell/shell_session_spec.rb +35 -64
- data/spec/unit/shell_spec.rb +18 -21
- data/spec/unit/train_transport_spec.rb +14 -13
- data/spec/unit/util/backup_spec.rb +1 -1
- data/spec/unit/util/diff_spec.rb +1 -15
- data/spec/unit/util/dsc/configuration_generator_spec.rb +80 -1
- data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
- data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
- data/spec/unit/util/selinux_spec.rb +4 -1
- data/spec/unit/util/threaded_job_queue_spec.rb +9 -0
- data/spec/unit/win32/security_spec.rb +4 -3
- data/tasks/rspec.rb +2 -4
- metadata +172 -104
- data/lib/chef/dist.rb +0 -68
- data/lib/chef/monkey_patches/net_http.rb +0 -22
- data/lib/chef/provider/osx_profile.rb +0 -255
- data/lib/chef/provider/windows_env.rb +0 -210
- data/lib/chef/provider/windows_path.rb +0 -61
- data/lib/chef/provider/windows_task.rb +0 -635
- data/lib/chef/resource/cron.rb +0 -157
- data/lib/chef/util/powershell/cmdlet.rb +0 -173
- data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
- data/spec/data/trusted_certs_empty/.gitkeep +0 -0
- data/spec/data/trusted_certs_empty/README.md +0 -1
- data/spec/functional/assets/yumrepo/repodata/4632d67cb92636e7575d911c24f0e04d3505a944e97c483abe0c3e73a7c62d33-filelists.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo/repodata/74599b793e54d877323837d2d81a1c3c594c44e4335f9528234bb490f7b9b439-other.xml.gz +0 -0
- data/spec/functional/assets/yumrepo/repodata/a845d418f919d2115ab95a56b2c76f6825ad0d0bede49181a55c04f58995d057-primary.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo/repodata/af9b7cf9ef23bd7b43068d74a460f3b5d06753d638e58e4a0c9edc35bfb9cdc4-other.sqlite.bz2 +0 -0
- data/spec/functional/assets/yumrepo/repodata/bdb4f5f1492a3b9532f22c43110a81500dd744f23da0aec5c33b2a41317c737d-filelists.xml.gz +0 -0
- data/spec/functional/assets/yumrepo/repodata/c10d1d34ce99e02f12ec96ef68360543ab1bb7c3cb81a4a2bf78df7d8597e9df-primary.xml.gz +0 -0
- data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
- data/spec/integration/knife/config_get_profile_spec.rb +0 -113
- data/spec/integration/knife/config_get_spec.rb +0 -191
- data/spec/integration/knife/config_list_profiles_spec.rb +0 -190
- data/spec/integration/knife/config_use_profile_spec.rb +0 -101
- data/spec/scripts/ssl-serve.rb +0 -47
- data/spec/support/mock/constant.rb +0 -52
- data/spec/unit/provider/osx_profile_spec.rb +0 -255
- data/spec/unit/provider_resolver_spec.rb +0 -885
- data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
- data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
- data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
@@ -20,6 +20,8 @@ require_relative "../resource"
|
|
20
20
|
class Chef
|
21
21
|
class Resource
|
22
22
|
class WindowsUac < Chef::Resource
|
23
|
+
unified_mode true
|
24
|
+
|
23
25
|
provides :windows_uac
|
24
26
|
|
25
27
|
description 'The *windows_uac* resource configures UAC on Windows hosts by setting registry keys at `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System`'
|
@@ -104,7 +106,9 @@ class Chef
|
|
104
106
|
#
|
105
107
|
# @return [Integer]
|
106
108
|
def consent_behavior_users_symbol_to_reg(sym)
|
107
|
-
|
109
|
+
# Since 2 isn't a valid value for ConsentPromptBehaviorUser, assign the value at index as nil.
|
110
|
+
# https://docs.microsoft.com/en-us/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings#registry-key-settings
|
111
|
+
[:auto_deny, :secure_prompt_for_creds, nil, :prompt_for_creds].index(sym)
|
108
112
|
end
|
109
113
|
end
|
110
114
|
end
|
@@ -21,54 +21,10 @@ require_relative "../resource"
|
|
21
21
|
class Chef
|
22
22
|
class Resource
|
23
23
|
class WindowsUserPrivilege < Chef::Resource
|
24
|
-
|
25
|
-
SeNetworkLogonRight
|
26
|
-
SeTcbPrivilege
|
27
|
-
SeMachineAccountPrivilege
|
28
|
-
SeIncreaseQuotaPrivilege
|
29
|
-
SeInteractiveLogonRight
|
30
|
-
SeRemoteInteractiveLogonRight
|
31
|
-
SeBackupPrivilege
|
32
|
-
SeChangeNotifyPrivilege
|
33
|
-
SeSystemtimePrivilege
|
34
|
-
SeTimeZonePrivilege
|
35
|
-
SeCreatePagefilePrivilege
|
36
|
-
SeCreateTokenPrivilege
|
37
|
-
SeCreateGlobalPrivilege
|
38
|
-
SeCreatePermanentPrivilege
|
39
|
-
SeCreateSymbolicLinkPrivilege
|
40
|
-
SeDebugPrivilege
|
41
|
-
SeDenyNetworkLogonRight
|
42
|
-
SeDenyBatchLogonRight
|
43
|
-
SeDenyServiceLogonRight
|
44
|
-
SeDenyInteractiveLogonRight
|
45
|
-
SeDenyRemoteInteractiveLogonRight
|
46
|
-
SeEnableDelegationPrivilege
|
47
|
-
SeRemoteShutdownPrivilege
|
48
|
-
SeAuditPrivilege
|
49
|
-
SeImpersonatePrivilege
|
50
|
-
SeIncreaseWorkingSetPrivilege
|
51
|
-
SeIncreaseBasePriorityPrivilege
|
52
|
-
SeLoadDriverPrivilege
|
53
|
-
SeLockMemoryPrivilege
|
54
|
-
SeBatchLogonRight
|
55
|
-
SeServiceLogonRight
|
56
|
-
SeSecurityPrivilege
|
57
|
-
SeRelabelPrivilege
|
58
|
-
SeSystemEnvironmentPrivilege
|
59
|
-
SeManageVolumePrivilege
|
60
|
-
SeProfileSingleProcessPrivilege
|
61
|
-
SeSystemProfilePrivilege
|
62
|
-
SeUndockPrivilege
|
63
|
-
SeAssignPrimaryTokenPrivilege
|
64
|
-
SeRestorePrivilege
|
65
|
-
SeShutdownPrivilege
|
66
|
-
SeSyncAgentPrivilege
|
67
|
-
SeTakeOwnershipPrivilege
|
68
|
-
}
|
24
|
+
unified_mode true
|
69
25
|
|
70
26
|
provides :windows_user_privilege
|
71
|
-
description "The windows_user_privilege resource allows to add
|
27
|
+
description "The windows_user_privilege resource allows to add a privilege to a principal or (User/Group).\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment"
|
72
28
|
|
73
29
|
introduced "16.0"
|
74
30
|
|
@@ -78,28 +34,37 @@ class Chef
|
|
78
34
|
```ruby
|
79
35
|
windows_user_privilege 'Network Logon Rights' do
|
80
36
|
privilege 'SeNetworkLogonRight'
|
81
|
-
users ['BUILTIN
|
37
|
+
users ['BUILTIN\\Administrators', 'NT AUTHORITY\\Authenticated Users']
|
82
38
|
action :set
|
83
39
|
end
|
84
40
|
```
|
85
41
|
|
86
|
-
**
|
42
|
+
**Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**:
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
windows_user_privilege 'Create Pagefile' do
|
46
|
+
privilege 'SeCreatePagefilePrivilege'
|
47
|
+
users ['BUILTIN\\Guests', 'BUILTIN\\Administrators']
|
48
|
+
action :set
|
49
|
+
end
|
50
|
+
```
|
51
|
+
|
52
|
+
**Add the SeDenyRemoteInteractiveLogonRight Privilege to the 'Remote interactive logon' principal**:
|
87
53
|
|
88
54
|
```ruby
|
89
55
|
windows_user_privilege 'Remote interactive logon' do
|
90
56
|
privilege 'SeDenyRemoteInteractiveLogonRight'
|
91
|
-
users ['Builtin\Guests', 'NT AUTHORITY\Local Account']
|
92
57
|
action :add
|
93
58
|
end
|
94
59
|
```
|
95
60
|
|
96
|
-
**
|
61
|
+
**Add to the Builtin Guests Group the SeCreatePageFile Privilege**:
|
97
62
|
|
98
63
|
```ruby
|
99
|
-
windows_user_privilege 'Create Pagefile' do
|
64
|
+
windows_user_privilege 'Guests add Create Pagefile' do
|
65
|
+
principal 'BUILTIN\\Guests'
|
100
66
|
privilege 'SeCreatePagefilePrivilege'
|
101
|
-
|
102
|
-
action :set
|
67
|
+
action :add
|
103
68
|
end
|
104
69
|
```
|
105
70
|
|
@@ -108,44 +73,99 @@ class Chef
|
|
108
73
|
```ruby
|
109
74
|
windows_user_privilege 'Create Pagefile' do
|
110
75
|
privilege 'SeCreatePagefilePrivilege'
|
111
|
-
users ['BUILTIN
|
76
|
+
users ['BUILTIN\\Guests']
|
112
77
|
action :remove
|
113
78
|
end
|
114
79
|
```
|
80
|
+
|
81
|
+
**Clear all users from the SeDenyNetworkLogonRight Privilege**:
|
82
|
+
|
83
|
+
```ruby
|
84
|
+
windows_user_privilege 'Allow any user the Network Logon right' do
|
85
|
+
privilege 'SeDenyNetworkLogonRight'
|
86
|
+
action :clear
|
87
|
+
end
|
88
|
+
```
|
115
89
|
DOC
|
116
90
|
|
91
|
+
PRIVILEGE_OPTS = %w{ SeAssignPrimaryTokenPrivilege
|
92
|
+
SeAuditPrivilege
|
93
|
+
SeBackupPrivilege
|
94
|
+
SeBatchLogonRight
|
95
|
+
SeChangeNotifyPrivilege
|
96
|
+
SeCreateGlobalPrivilege
|
97
|
+
SeCreatePagefilePrivilege
|
98
|
+
SeCreatePermanentPrivilege
|
99
|
+
SeCreateSymbolicLinkPrivilege
|
100
|
+
SeCreateTokenPrivilege
|
101
|
+
SeDebugPrivilege
|
102
|
+
SeDelegateSessionUserImpersonatePrivilege
|
103
|
+
SeDenyBatchLogonRight
|
104
|
+
SeDenyInteractiveLogonRight
|
105
|
+
SeDenyNetworkLogonRight
|
106
|
+
SeDenyRemoteInteractiveLogonRight
|
107
|
+
SeDenyServiceLogonRight
|
108
|
+
SeEnableDelegationPrivilege
|
109
|
+
SeImpersonatePrivilege
|
110
|
+
SeIncreaseBasePriorityPrivilege
|
111
|
+
SeIncreaseQuotaPrivilege
|
112
|
+
SeIncreaseWorkingSetPrivilege
|
113
|
+
SeInteractiveLogonRight
|
114
|
+
SeLoadDriverPrivilege
|
115
|
+
SeLockMemoryPrivilege
|
116
|
+
SeMachineAccountPrivilege
|
117
|
+
SeManageVolumePrivilege
|
118
|
+
SeNetworkLogonRight
|
119
|
+
SeProfileSingleProcessPrivilege
|
120
|
+
SeRelabelPrivilege
|
121
|
+
SeRemoteInteractiveLogonRight
|
122
|
+
SeRemoteShutdownPrivilege
|
123
|
+
SeRestorePrivilege
|
124
|
+
SeSecurityPrivilege
|
125
|
+
SeServiceLogonRight
|
126
|
+
SeShutdownPrivilege
|
127
|
+
SeSyncAgentPrivilege
|
128
|
+
SeSystemEnvironmentPrivilege
|
129
|
+
SeSystemProfilePrivilege
|
130
|
+
SeSystemtimePrivilege
|
131
|
+
SeTakeOwnershipPrivilege
|
132
|
+
SeTcbPrivilege
|
133
|
+
SeTimeZonePrivilege
|
134
|
+
SeTrustedCredManAccessPrivilege
|
135
|
+
SeUndockPrivilege
|
136
|
+
}.freeze
|
137
|
+
|
117
138
|
property :principal, String,
|
118
|
-
|
119
|
-
|
139
|
+
description: "An optional property to add the privilege for given principal. Use only with add and remove action. Principal can either be a User/Group or one of special identities found here Ref: https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/special-identities",
|
140
|
+
name_property: true
|
120
141
|
|
121
|
-
property :users, Array,
|
122
|
-
|
142
|
+
property :users, [Array, String],
|
143
|
+
description: "An optional property to set the privilege for given users. Use only with set action.",
|
144
|
+
coerce: proc { |v| Array(v) }
|
123
145
|
|
124
146
|
property :privilege, [Array, String],
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
},
|
132
|
-
}
|
147
|
+
description: "One or more privileges to set for principal or users/groups. For more information on what each privilege does Ref: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment",
|
148
|
+
required: true,
|
149
|
+
coerce: proc { |v| Array(v) },
|
150
|
+
callbacks: {
|
151
|
+
"Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? },
|
152
|
+
}, identity: true
|
133
153
|
|
134
154
|
load_current_value do |new_resource|
|
135
|
-
|
136
|
-
privilege Chef::ReservedNames::Win32::Security.get_account_right(new_resource.principal)
|
155
|
+
if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove))
|
156
|
+
privilege Chef::ReservedNames::Win32::Security.get_account_right(new_resource.principal)
|
137
157
|
end
|
138
158
|
end
|
139
159
|
|
140
|
-
action :add do
|
141
|
-
([*new_resource.privilege] - [*current_resource.privilege]).each do |
|
142
|
-
converge_by("adding
|
143
|
-
Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal,
|
160
|
+
action :add, description: "Add a privileges to a principal." do
|
161
|
+
([*new_resource.privilege] - [*current_resource.privilege]).each do |principal_right|
|
162
|
+
converge_by("adding principal '#{new_resource.principal}' privilege #{principal_right}") do
|
163
|
+
Chef::ReservedNames::Win32::Security.add_account_right(new_resource.principal, principal_right)
|
144
164
|
end
|
145
165
|
end
|
146
166
|
end
|
147
167
|
|
148
|
-
action :set do
|
168
|
+
action :set, description: "Set the privileges that are listed in the `privilege` property for only the users listed in the `users` property. All other users not listed with given privilege will be have the privilege removed." do
|
149
169
|
if new_resource.users.nil? || new_resource.users.empty?
|
150
170
|
raise Chef::Exceptions::ValidationFailed, "Users are required property with set action."
|
151
171
|
end
|
@@ -180,7 +200,21 @@ class Chef
|
|
180
200
|
end
|
181
201
|
end
|
182
202
|
|
183
|
-
action :
|
203
|
+
action :clear, description: "Clear all user privileges" do
|
204
|
+
new_resource.privilege.each do |privilege|
|
205
|
+
accounts = Chef::ReservedNames::Win32::Security.get_account_with_user_rights(privilege)
|
206
|
+
|
207
|
+
# comparing the existing accounts for privilege with users
|
208
|
+
# Removing only accounts which is not matching with users in new_resource
|
209
|
+
accounts.each do |account|
|
210
|
+
converge_by("removing user '#{account}' from privilege #{privilege}") do
|
211
|
+
Chef::ReservedNames::Win32::Security.remove_account_right(account, privilege)
|
212
|
+
end
|
213
|
+
end
|
214
|
+
end
|
215
|
+
end
|
216
|
+
|
217
|
+
action :remove, description: "Remove a principal privilege" do
|
184
218
|
curr_res_privilege = current_resource.privilege
|
185
219
|
missing_res_privileges = (new_resource.privilege - curr_res_privilege)
|
186
220
|
|
@@ -188,9 +222,9 @@ class Chef
|
|
188
222
|
Chef::Log.info("User \'#{new_resource.principal}\' for Privilege: #{missing_res_privileges.join(", ")} not found. Nothing to remove.")
|
189
223
|
end
|
190
224
|
|
191
|
-
(new_resource.privilege - missing_res_privileges).each do |
|
192
|
-
converge_by("removing
|
193
|
-
Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal,
|
225
|
+
(new_resource.privilege - missing_res_privileges).each do |principal_right|
|
226
|
+
converge_by("removing principal #{new_resource.principal} from privilege #{principal_right}") do
|
227
|
+
Chef::ReservedNames::Win32::Security.remove_account_right(new_resource.principal, principal_right)
|
194
228
|
end
|
195
229
|
end
|
196
230
|
end
|
@@ -16,15 +16,14 @@
|
|
16
16
|
#
|
17
17
|
|
18
18
|
require_relative "../resource"
|
19
|
-
|
20
|
-
require_relative "../dist"
|
19
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
21
20
|
|
22
21
|
class Chef
|
23
22
|
class Resource
|
24
23
|
class WindowsWorkgroup < Chef::Resource
|
25
|
-
|
24
|
+
unified_mode true
|
26
25
|
|
27
|
-
|
26
|
+
provides :windows_workgroup
|
28
27
|
|
29
28
|
description "Use the **windows_workgroup** resource to join or change the workgroup of a Windows host."
|
30
29
|
introduced "14.5"
|
@@ -57,12 +56,13 @@ class Chef
|
|
57
56
|
|
58
57
|
property :password, String,
|
59
58
|
description: "The password for the local administrator user. Required if using the `user` property.",
|
59
|
+
sensitive: true,
|
60
60
|
desired_state: false
|
61
61
|
|
62
62
|
property :reboot, Symbol,
|
63
63
|
equal_to: %i{never request_reboot reboot_now},
|
64
|
-
validation_message: "The reboot property accepts :immediate (reboot as soon as the resource completes), :delayed (reboot once the #{
|
65
|
-
description: "Controls the system reboot behavior post workgroup joining. Reboot immediately, after the #{
|
64
|
+
validation_message: "The reboot property accepts :immediate (reboot as soon as the resource completes), :delayed (reboot once the #{ChefUtils::Dist::Infra::PRODUCT} run completes), and :never (Don't reboot)",
|
65
|
+
description: "Controls the system reboot behavior post workgroup joining. Reboot immediately, after the #{ChefUtils::Dist::Infra::PRODUCT} run completes, or never. Note that a reboot is necessary for changes to take effect.",
|
66
66
|
coerce: proc { |x| clarify_reboot(x) },
|
67
67
|
default: :immediate, desired_state: false
|
68
68
|
|
@@ -83,6 +83,7 @@ class Chef
|
|
83
83
|
end
|
84
84
|
|
85
85
|
# define this again so we can default it to true. Otherwise failures print the password
|
86
|
+
# FIXME: this should now be unnecessary with the password property itself marked sensitive?
|
86
87
|
property :sensitive, [TrueClass, FalseClass],
|
87
88
|
default: true, desired_state: false
|
88
89
|
|
@@ -91,8 +92,8 @@ class Chef
|
|
91
92
|
|
92
93
|
unless workgroup_member?
|
93
94
|
converge_by("join workstation workgroup #{new_resource.workgroup_name}") do
|
94
|
-
ps_run =
|
95
|
-
raise "Failed to join the workgroup #{new_resource.workgroup_name}: #{ps_run.
|
95
|
+
ps_run = powershell_exec(join_command)
|
96
|
+
raise "Failed to join the workgroup #{new_resource.workgroup_name}: #{ps_run.errors}}" if ps_run.error?
|
96
97
|
|
97
98
|
unless new_resource.reboot == :never
|
98
99
|
reboot "Reboot to join workgroup #{new_resource.workgroup_name}" do
|
@@ -118,10 +119,10 @@ class Chef
|
|
118
119
|
|
119
120
|
# @return [Boolean] is the node a member of the workgroup specified in the resource
|
120
121
|
def workgroup_member?
|
121
|
-
node_workgroup =
|
122
|
+
node_workgroup = powershell_exec!("(Get-WmiObject -Class Win32_ComputerSystem).Workgroup")
|
122
123
|
raise "Failed to determine if system already a member of workgroup #{new_resource.workgroup_name}" if node_workgroup.error?
|
123
124
|
|
124
|
-
node_workgroup.
|
125
|
+
String(node_workgroup.result).downcase.strip == new_resource.workgroup_name.downcase
|
125
126
|
end
|
126
127
|
end
|
127
128
|
end
|
@@ -17,7 +17,7 @@
|
|
17
17
|
#
|
18
18
|
|
19
19
|
require_relative "package"
|
20
|
-
|
20
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
21
21
|
|
22
22
|
class Chef
|
23
23
|
class Resource
|
@@ -135,7 +135,7 @@ class Chef
|
|
135
135
|
coerce: proc { |x| x.is_a?(Array) ? x.to_a : x }
|
136
136
|
|
137
137
|
property :flush_cache, Hash,
|
138
|
-
description: "Flush the in-memory cache before or after a Yum operation that installs, upgrades, or removes a package. Accepts a Hash in the form: { :before => true/false, :after => true/false } or an Array in the form [ :before, :after ].\nYum automatically synchronizes remote metadata to a local cache. The #{
|
138
|
+
description: "Flush the in-memory cache before or after a Yum operation that installs, upgrades, or removes a package. Accepts a Hash in the form: { :before => true/false, :after => true/false } or an Array in the form [ :before, :after ].\nYum automatically synchronizes remote metadata to a local cache. The #{ChefUtils::Dist::Infra::CLIENT} creates a copy of the local cache, and then stores it in-memory during the #{ChefUtils::Dist::Infra::CLIENT} run. The in-memory cache allows packages to be installed during the #{ChefUtils::Dist::Infra::CLIENT} run without the need to continue synchronizing the remote metadata to the local cache while the #{ChefUtils::Dist::Infra::CLIENT} run is in-progress.",
|
139
139
|
default: { before: false, after: false },
|
140
140
|
coerce: proc { |v|
|
141
141
|
if v.is_a?(Hash)
|
@@ -37,7 +37,7 @@ class Chef
|
|
37
37
|
gpgkey 'http://artifacts.ourco.org/pub/yum/RPM-GPG-KEY-OURCO-8'
|
38
38
|
action :create
|
39
39
|
end
|
40
|
-
```
|
40
|
+
```
|
41
41
|
|
42
42
|
**Delete a repository**:
|
43
43
|
|
@@ -50,6 +50,11 @@ class Chef
|
|
50
50
|
|
51
51
|
# http://linux.die.net/man/5/yum.conf as well as
|
52
52
|
# http://dnf.readthedocs.io/en/latest/conf_ref.html
|
53
|
+
property :reposdir, String,
|
54
|
+
description: "The directory where the Yum repository files should be stored",
|
55
|
+
default: "/etc/yum.repos.d/",
|
56
|
+
introduced: "16.9"
|
57
|
+
|
53
58
|
property :baseurl, [String, Array],
|
54
59
|
description: "URL to the directory where the Yum repository's `repodata` directory lives. Can be an `http://`, `https://` or a `ftp://` URLs. You can specify multiple URLs in one `baseurl` statement."
|
55
60
|
|
@@ -95,7 +100,7 @@ class Chef
|
|
95
100
|
description: "URL pointing to the ASCII-armored GPG key file for the repository. This is used if Yum needs a public key to verify a package and the required key hasn't been imported into the RPM database. If this option is set, Yum will automatically import the key from the specified URL. Multiple URLs may be specified in the same manner as the baseurl option. If a GPG key is required to install a package from a repository, all keys specified for that repository will be installed.\nMultiple URLs may be specified in the same manner as the baseurl option. If a GPG key is required to install a package from a repository, all keys specified for that repository will be installed."
|
96
101
|
|
97
102
|
property :http_caching, String, equal_to: %w{packages all none},
|
98
|
-
description: "Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does. This option can take the following values
|
103
|
+
description: "Determines how upstream HTTP caches are instructed to handle any HTTP downloads that Yum does. This option can take the following values:\n - `all` means all HTTP downloads should be cached\n - `packages` means only RPM package downloads should be cached, but not repository metadata downloads\n - `none` means no HTTP downloads should be cached.\n\nThe default value of `all` is recommended unless you are experiencing caching related issues."
|
99
104
|
|
100
105
|
property :include_config, String,
|
101
106
|
description: "An external configuration file using the format `url://to/some/location`."
|
@@ -114,25 +119,25 @@ class Chef
|
|
114
119
|
description: "Number of times any attempt to retrieve a file should retry before returning an error. Setting this to `0` makes Yum try forever."
|
115
120
|
|
116
121
|
property :metadata_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/, /never/],
|
117
|
-
description: "Time (in seconds) after which the metadata will expire. If the current metadata downloaded is less than the value specified, then Yum will not update the metadata against the repository. If you find that Yum is not downloading information on updates as often as you would like lower the value of this option. You can also change from the default of using seconds to using days, hours or minutes by appending a
|
118
|
-
validation_message: "The metadata_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with
|
122
|
+
description: "Time (in seconds) after which the metadata will expire. If the current metadata downloaded is less than the value specified, then Yum will not update the metadata against the repository. If you find that Yum is not downloading information on updates as often as you would like lower the value of this option. You can also change from the default of using seconds to using days, hours or minutes by appending a `d`, `h` or `m` respectively. The default is six hours to compliment yum-updates running once per hour. It is also possible to use the word `never`, meaning that the metadata will never expire. Note: When using a metalink file, the metalink must always be newer than the metadata for the repository due to the validation, so this timeout also applies to the metalink file.",
|
123
|
+
validation_message: "The metadata_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with `d`, `h`, or `m`!"
|
119
124
|
|
120
125
|
property :metalink, String,
|
121
126
|
description: "Specifies a URL to a metalink file for the repomd.xml, a list of mirrors for the entire repository are generated by converting the mirrors for the repomd.xml file to a baseurl."
|
122
127
|
|
123
128
|
property :mirror_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/],
|
124
|
-
description: "Time (in seconds) after which the mirrorlist locally cached will expire. If the current mirrorlist is less than this many seconds old then Yum will not download another copy of the mirrorlist, it has the same extra format as metadata_expire. If you find that Yum is not downloading the mirrorlists as often as you would like lower the value of this option. You can also change from the default of using seconds to using days, hours or minutes by appending a
|
125
|
-
validation_message: "The mirror_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with
|
129
|
+
description: "Time (in seconds) after which the mirrorlist locally cached will expire. If the current mirrorlist is less than this many seconds old then Yum will not download another copy of the mirrorlist, it has the same extra format as metadata_expire. If you find that Yum is not downloading the mirrorlists as often as you would like lower the value of this option. You can also change from the default of using seconds to using days, hours or minutes by appending a `d`, `h` or `m` respectively.",
|
130
|
+
validation_message: "The mirror_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with `d`, `h`, or `m`!"
|
126
131
|
|
127
132
|
property :mirrorlist_expire, String, regex: [/^\d+$/, /^\d+[mhd]$/],
|
128
|
-
description: "Specifies the time (in seconds) after which the mirrorlist locally cached will expire. If the current mirrorlist is less than the value specified, then Yum will not download another copy of the mirrorlist. You can also change from the default of using seconds to using days, hours or minutes by appending a
|
129
|
-
validation_message: "The mirrorlist_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with
|
133
|
+
description: "Specifies the time (in seconds) after which the mirrorlist locally cached will expire. If the current mirrorlist is less than the value specified, then Yum will not download another copy of the mirrorlist. You can also change from the default of using seconds to using days, hours or minutes by appending a `d`, `h` or `m` respectively.",
|
134
|
+
validation_message: "The mirrorlist_expire property must be a numeric value for time in seconds, the string 'never', or a numeric value appended with with `d`, `h`, or `m`!"
|
130
135
|
|
131
136
|
property :mirrorlist, String,
|
132
137
|
description: "URL to a file containing a list of baseurls. This can be used instead of or with the baseurl option. Substitution variables, described below, can be used with this option."
|
133
138
|
|
134
139
|
property :mode, [String, Integer],
|
135
|
-
description: "Permissions mode of .repo file on disk. This is useful for scenarios where secrets are in the repo file. If this value is set to
|
140
|
+
description: "Permissions mode of .repo file on disk. This is useful for scenarios where secrets are in the repo file. If this value is set to `600`, normal users will not be able to use Yum search, Yum info, etc.",
|
136
141
|
default: "0644"
|
137
142
|
|
138
143
|
property :options, Hash,
|
@@ -142,7 +147,7 @@ class Chef
|
|
142
147
|
description: "Password to use with the username for basic authentication."
|
143
148
|
|
144
149
|
property :priority, String, regex: /^(\d?[1-9]|[0-9][0-9])$/,
|
145
|
-
description: "Assigns a priority to a repository where the priority value is between
|
150
|
+
description: "Assigns a priority to a repository where the priority value is between `1` and `99` inclusive. Priorities are used to enforce ordered protection of repositories. Packages from repositories with a lower priority (higher numerical value) will never be used to upgrade packages that were installed from a repository with a higher priority (lower numerical value). The repositories with the lowest numerical priority number have the highest priority.",
|
146
151
|
validation_message: "The priority property must be a numeric value from 1-99!"
|
147
152
|
|
148
153
|
property :proxy_password, String,
|
data/lib/chef/resource.rb
CHANGED
@@ -19,8 +19,6 @@
|
|
19
19
|
#
|
20
20
|
|
21
21
|
require_relative "exceptions"
|
22
|
-
require_relative "dsl/data_query"
|
23
|
-
require_relative "dsl/registry_helper"
|
24
22
|
require_relative "dsl/reboot_pending"
|
25
23
|
require_relative "dsl/resources"
|
26
24
|
require_relative "dsl/declare_resource"
|
@@ -38,7 +36,7 @@ require_relative "resource/resource_notification"
|
|
38
36
|
require_relative "provider_resolver"
|
39
37
|
require_relative "resource_resolver"
|
40
38
|
require_relative "provider"
|
41
|
-
|
39
|
+
autoload :Set, "set"
|
42
40
|
|
43
41
|
require_relative "mixin/deprecation"
|
44
42
|
require_relative "mixin/properties"
|
@@ -53,8 +51,6 @@ class Chef
|
|
53
51
|
#
|
54
52
|
|
55
53
|
include Chef::DSL::DeclareResource
|
56
|
-
include Chef::DSL::DataQuery
|
57
|
-
include Chef::DSL::RegistryHelper
|
58
54
|
include Chef::DSL::RebootPending
|
59
55
|
extend Chef::Mixin::Provides
|
60
56
|
|
@@ -451,6 +447,17 @@ class Chef
|
|
451
447
|
description: "Determines whether or not the resource is executed during the compile time phase.",
|
452
448
|
default: false, desired_state: false
|
453
449
|
|
450
|
+
# Set a umask to be used for the duration of converging the resource.
|
451
|
+
# Defaults to `nil`, which means to use the system umask.
|
452
|
+
#
|
453
|
+
# @param arg [String] The umask to apply while converging the resource.
|
454
|
+
# @return [Boolean] The umask to apply while converging the resource.
|
455
|
+
#
|
456
|
+
property :umask, String,
|
457
|
+
desired_state: false,
|
458
|
+
introduced: "16.2",
|
459
|
+
description: "Set a umask to be used for the duration of converging the resource. Defaults to `nil`, which means to use the system umask. Unsupported on Windows because Windows lacks a direct equivalent to UNIX's umask."
|
460
|
+
|
454
461
|
# The time it took (in seconds) to run the most recently-run action. Not
|
455
462
|
# cumulative across actions. This is set to 0 as soon as a new action starts
|
456
463
|
# running, and set to the elapsed time at the end of the action.
|
@@ -588,7 +595,9 @@ class Chef
|
|
588
595
|
begin
|
589
596
|
return if should_skip?(action)
|
590
597
|
|
591
|
-
|
598
|
+
with_umask do
|
599
|
+
provider_for_action(action).run_action
|
600
|
+
end
|
592
601
|
rescue StandardError => e
|
593
602
|
if ignore_failure
|
594
603
|
logger.error("#{custom_exception_message(e)}; ignore_failure is set, continuing")
|
@@ -612,12 +621,20 @@ class Chef
|
|
612
621
|
events.resource_completed(self)
|
613
622
|
end
|
614
623
|
|
624
|
+
def with_umask
|
625
|
+
old_value = ::File.umask(umask.oct) if umask
|
626
|
+
yield
|
627
|
+
ensure
|
628
|
+
::File.umask(old_value) if umask
|
629
|
+
end
|
630
|
+
|
615
631
|
#
|
616
632
|
# If we are currently initializing the resource, this will be true.
|
617
633
|
#
|
618
634
|
# Do NOT use this. It may be removed. It is for internal purposes only.
|
619
635
|
# @api private
|
620
636
|
attr_reader :resource_initializing
|
637
|
+
|
621
638
|
def resource_initializing=(value)
|
622
639
|
if value
|
623
640
|
@resource_initializing = true
|
@@ -642,17 +659,17 @@ class Chef
|
|
642
659
|
|
643
660
|
all_props = {}
|
644
661
|
self.class.state_properties.map do |p|
|
645
|
-
|
646
|
-
|
647
|
-
|
648
|
-
|
649
|
-
|
662
|
+
|
663
|
+
all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self))
|
664
|
+
rescue Chef::Exceptions::ValidationFailed
|
665
|
+
# This space left intentionally blank, the property was probably required or had an invalid default.
|
666
|
+
|
650
667
|
end
|
651
668
|
|
652
669
|
ivars = instance_variables.map(&:to_sym) - HIDDEN_IVARS
|
653
670
|
ivars.each do |ivar|
|
654
671
|
iv = ivar.to_s.sub(/^@/, "")
|
655
|
-
if all_props.
|
672
|
+
if all_props.key?(iv)
|
656
673
|
text << " #{iv} #{all_props[iv]}\n"
|
657
674
|
elsif (value = instance_variable_get(ivar)) && !(value.respond_to?(:empty?) && value.empty?)
|
658
675
|
text << " #{iv} #{value_to_text(value)}\n"
|
@@ -868,6 +885,7 @@ class Chef
|
|
868
885
|
# have.
|
869
886
|
#
|
870
887
|
attr_writer :allowed_actions
|
888
|
+
|
871
889
|
def allowed_actions(value = NOT_PASSED)
|
872
890
|
if value != NOT_PASSED
|
873
891
|
self.allowed_actions = value
|
@@ -950,16 +968,7 @@ class Chef
|
|
950
968
|
def self.resource_name(name = NOT_PASSED)
|
951
969
|
# Setter
|
952
970
|
if name != NOT_PASSED
|
953
|
-
|
954
|
-
@resource_name = name.to_sym
|
955
|
-
name = name.to_sym
|
956
|
-
# FIXME: determine a way to deprecate this magic behavior
|
957
|
-
unless Chef::ResourceResolver.includes_handler?(name, self)
|
958
|
-
provides name
|
959
|
-
end
|
960
|
-
else
|
961
|
-
@resource_name = nil
|
962
|
-
end
|
971
|
+
@resource_name = name.to_sym rescue nil
|
963
972
|
end
|
964
973
|
|
965
974
|
@resource_name = nil unless defined?(@resource_name)
|
@@ -1053,6 +1062,7 @@ class Chef
|
|
1053
1062
|
# action for the resource.
|
1054
1063
|
#
|
1055
1064
|
# @param name [Symbol] The action name to define.
|
1065
|
+
# @param description [String] optional description for the action
|
1056
1066
|
# @param recipe_block The recipe to run when the action is taken. This block
|
1057
1067
|
# takes no parameters, and will be evaluated in a new context containing:
|
1058
1068
|
#
|
@@ -1062,14 +1072,37 @@ class Chef
|
|
1062
1072
|
#
|
1063
1073
|
# @return The Action class implementing the action
|
1064
1074
|
#
|
1065
|
-
def self.action(action, &recipe_block)
|
1075
|
+
def self.action(action, description: nil, &recipe_block)
|
1066
1076
|
action = action.to_sym
|
1067
1077
|
declare_action_class
|
1068
1078
|
action_class.action(action, &recipe_block)
|
1069
1079
|
self.allowed_actions += [ action ]
|
1080
|
+
# Accept any non-nil description, which will correctly override
|
1081
|
+
# any specific inherited description.
|
1082
|
+
action_descriptions[action] = description unless description.nil?
|
1070
1083
|
default_action action if Array(default_action) == [:nothing]
|
1071
1084
|
end
|
1072
1085
|
|
1086
|
+
# Retrieve the description for a resource's action, if
|
1087
|
+
# any description has been included in the definition.
|
1088
|
+
#
|
1089
|
+
# @param action [Symbol,String] the action name
|
1090
|
+
# @return the description of the action provided, or nil if no description
|
1091
|
+
# was defined
|
1092
|
+
def self.action_description(action)
|
1093
|
+
action_descriptions[action.to_sym]
|
1094
|
+
end
|
1095
|
+
|
1096
|
+
# @api private
|
1097
|
+
#
|
1098
|
+
# @return existing action description hash, or newly-initialized
|
1099
|
+
# hash containing action descriptions inherited from parent Resource,
|
1100
|
+
# if any.
|
1101
|
+
def self.action_descriptions
|
1102
|
+
@action_descriptions ||=
|
1103
|
+
superclass.respond_to?(:action_descriptions) ? superclass.action_descriptions.dup : { nothing: nil }
|
1104
|
+
end
|
1105
|
+
|
1073
1106
|
# Define a method to load up this resource's properties with the current
|
1074
1107
|
# actual values.
|
1075
1108
|
#
|
@@ -1187,9 +1220,9 @@ class Chef
|
|
1187
1220
|
#
|
1188
1221
|
|
1189
1222
|
# FORBIDDEN_IVARS do not show up when the resource is converted to JSON (ie. hidden from data_collector and sending to the chef server via #to_json/to_h/as_json/inspect)
|
1190
|
-
FORBIDDEN_IVARS = %i{@run_context @logger @not_if @only_if @enclosing_provider @description @introduced @examples @validation_message @deprecated @default_description @skip_docs @executed_by_runner}.freeze
|
1223
|
+
FORBIDDEN_IVARS = %i{@run_context @logger @not_if @only_if @enclosing_provider @description @introduced @examples @validation_message @deprecated @default_description @skip_docs @executed_by_runner @action_descriptions}.freeze
|
1191
1224
|
# HIDDEN_IVARS do not show up when the resource is displayed to the user as text (ie. in the error inspector output via #to_text)
|
1192
|
-
HIDDEN_IVARS = %i{@allowed_actions @resource_name @source_line @run_context @logger @name @not_if @only_if @elapsed_time @enclosing_provider @description @introduced @examples @validation_message @deprecated @default_description @skip_docs @executed_by_runner}.freeze
|
1225
|
+
HIDDEN_IVARS = %i{@allowed_actions @resource_name @source_line @run_context @logger @name @not_if @only_if @elapsed_time @enclosing_provider @description @introduced @examples @validation_message @deprecated @default_description @skip_docs @executed_by_runner @action_descriptions}.freeze
|
1193
1226
|
|
1194
1227
|
include Chef::Mixin::ConvertToClassName
|
1195
1228
|
extend Chef::Mixin::ConvertToClassName
|
@@ -1471,7 +1504,7 @@ class Chef
|
|
1471
1504
|
def self.use(partial)
|
1472
1505
|
dirname = ::File.dirname(partial)
|
1473
1506
|
basename = ::File.basename(partial, ".rb")
|
1474
|
-
basename = basename[1
|
1507
|
+
basename = basename[1..] if basename.start_with?("_")
|
1475
1508
|
class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.absolute_path)))
|
1476
1509
|
end
|
1477
1510
|
|
@@ -1480,7 +1513,7 @@ class Chef
|
|
1480
1513
|
# @return Chef::CookbookVersion The cookbook in which this Resource was defined.
|
1481
1514
|
#
|
1482
1515
|
def cookbook_version
|
1483
|
-
if cookbook_name
|
1516
|
+
if cookbook_name && cookbook_name != "@recipe_files"
|
1484
1517
|
run_context.cookbook_collection[cookbook_name]
|
1485
1518
|
end
|
1486
1519
|
end
|