chef 16.10.17 → 16.14.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 69f33cf16fb2c5375f4bd85ecf86119b8f56840eba929598aded143828456df2
-  data.tar.gz: 617ac1141ca029b92c1a1eead375dcdf32e0d9edd59213283d496c5884a49d23
+  metadata.gz: 1c9b7fb70681334021fb8862c446ed789da0782c21a3eecaf332dbe2d6b140fa
+  data.tar.gz: 2324b707db73fa2b895253c881911713e59b72905055590dcef5bcf63e1105db
 SHA512:
-  metadata.gz: e2bd27946ce5b3c19ee09386d795e2409091f6faf326d6ee686d4d80141eed5e9391c7219b8f7d25aa3df5eda8d96f555fb1bab358379fb80aefc40d76065b65
-  data.tar.gz: 815f740eb7564b6c8b4c09422d2daafb6d84a664fac1f5d39cc41d018e9921116f78e3860d2e9d88eca39bdfdbffa9d1bb336712418cbf642d06e95f26cba1c3
+  metadata.gz: bf4e6692007a79c0ee84b88a10bd9f9a31df1458cbd00ae99922cca8a4c880a5739da83d103e44a263b55f035e8a7a822de84355bdf1124a4048b82f79649ae9
+  data.tar.gz: 4b296a37c1a5444c3100c31bb61c92e27c799b0082d8d8da3925eed2c641aa5faeea4c76127b2ec8c8c09ffacf1e610891a87138ce53e675d4c81fc1f1aaa353

data/Gemfile

@@ -1,7 +1,7 @@
 source "https://rubygems.org"
 
-# pin until issues with Windows builds in 1.14.2 are resolved
-gem "ffi", "=1.13.1"
+# 1.15+ is required for M1 mac builds
+gem "ffi", ">=1.15"
 
 # Note we do not use the gemspec DSL which restricts to the
 # gemspec for the current platform and filters out other platforms
@@ -35,8 +35,11 @@ group(:omnibus_package) do
 end
 
 group(:omnibus_package, :pry) do
-  gem "pry"
-  gem "pry-byebug"
+  # Locked because pry-byebug is broken with 13+
+  # some work is ongoing? https://github.com/deivid-rodriguez/pry-byebug/issues/343
+  gem "pry", "= 0.13.0"
+  # byebug does not install on freebsd on ruby 3.0
+  gem "pry-byebug" unless RUBY_PLATFORM =~ /freebsd/i
   gem "pry-stack_explorer"
 end
 

data/Rakefile

@@ -74,6 +74,17 @@ task :install do
   end
 end
 
+namespace :install do
+  task local: "pre_install:all"
+
+  task :local do
+    chef_bin_path = ::File.join(::File.dirname(__FILE__), "chef-bin")
+    Dir.chdir(chef_bin_path) do
+      sh("rake install:local")
+    end
+  end
+end
+
 task :pedant, :chef_zero_spec
 
 task :build_eventlog do

data/chef-universal-mingw32.gemspec

@@ -14,7 +14,7 @@ gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0"
 gemspec.add_dependency "wmi-lite", "~> 1.0"
 gemspec.add_dependency "win32-taskscheduler", "~> 2.0"
 gemspec.add_dependency "iso8601", ">= 0.12.1", "< 0.14" # validate 0.14 when it comes out
-gemspec.add_dependency "win32-certstore", "~> 0.5" # 0.5+ required for specifying user vs. system store
+gemspec.add_dependency "win32-certstore", "~> 0.5.0" # 0.5+ required for specifying user vs. system store
 gemspec.extensions << "ext/win32-eventlog/Rakefile"
 gemspec.files += Dir.glob("{distro,ext}/**/*")
 

data/chef.gemspec

@@ -44,7 +44,7 @@ Gem::Specification.new do |s|
   s.add_dependency "net-ssh-multi", "~> 1.2", ">= 1.2.1"
   s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0"
   s.add_dependency "ed25519", "~> 1.2" # ed25519 ssh key support
-  s.add_dependency "bcrypt_pbkdf", "= 1.1.0.rc2" # ed25519 ssh key support
+  s.add_dependency "bcrypt_pbkdf", "~> 1.1" # ed25519 ssh key support
   s.add_dependency "highline", ">= 1.6.9", "< 3"
   s.add_dependency "tty-prompt", "~> 0.21" # knife ui.ask prompt
   s.add_dependency "tty-screen", "~> 0.6" # knife list

data/lib/chef/compliance/default_attributes.rb

@@ -1,5 +1,5 @@
 # Author:: Stephan Renatus <srenatus@chef.io>
-# Copyright:: (c) 2016-2019, Chef Software Inc. <legal@chef.io>
+# Copyright:: Copyright (c) Chef Software Inc. <legal@chef.io>
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -87,7 +87,11 @@ class Chef
 
       # If enabled, a hash representation of the Chef Infra node object will be sent to Chef InSpec in an input
       # named `chef_node`.
-      "chef_node_attribute_enabled" => false
+      "chef_node_attribute_enabled" => false,
+
+      # Should the built-in compliance phase run. True and false force the behavior. Nil does magic based on if you have
+      # profiles defined but do not have the audit cookbook enabled.
+      "compliance_phase" => false
     )
   end
 end

data/lib/chef/compliance/runner.rb

@@ -22,8 +22,13 @@ class Chef
 
         logger.debug("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
         logger.debug("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
+        logger.debug("#{self.class}##{__method__}: compliance phase attr? #{node["audit"]["compliance_phase"]}")
 
-        inspec_profiles.any? && !audit_cookbook_present
+        if node["audit"]["compliance_phase"].nil?
+          inspec_profiles.any? && !audit_cookbook_present
+        else
+          node["audit"]["compliance_phase"]
+        end
       end
 
       def node=(node)

data/lib/chef/cookbook/gem_installer.rb

@@ -70,7 +70,11 @@ class Chef
                 unless Chef::Config[:skip_gem_metadata_installation]
                   # Add additional options to bundle install
                   cmd = [ "bundle", "install", Chef::Config[:gem_installer_bundler_options] ]
-                  so = shell_out!(cmd, cwd: dir, env: { "PATH" => path_with_prepended_ruby_bin })
+                  env = {
+                    "PATH" => path_with_prepended_ruby_bin,
+                    "BUNDLE_SILENCE_ROOT_WARNING" => "1",
+                  }
+                  so = shell_out!(cmd, cwd: dir, env: env)
                   Chef::Log.info(so.stdout)
                 end
               end

data/lib/chef/knife/core/windows_bootstrap_context.rb

@@ -294,11 +294,10 @@ class Chef
           "%TEMP%\\#{ChefUtils::Dist::Infra::CLIENT}-latest.msi"
         end
 
-        # Build a URL to query www.chef.io that will redirect to the correct
-        # Chef Infra msi download.
+        # Build a URL that will redirect to the correct Chef Infra msi download.
         def msi_url(machine_os = nil, machine_arch = nil, download_context = nil)
           if config[:msi_url].nil? || config[:msi_url].empty?
-            url = "https://www.chef.io/chef/download?p=windows"
+            url = "https://omnitruck.chef.io/chef/download?p=windows"
             url += "&pv=#{machine_os}" unless machine_os.nil?
             url += "&m=#{machine_arch}" unless machine_arch.nil?
             url += "&DownloadContext=#{download_context}" unless download_context.nil?

data/lib/chef/provider/file.rb

@@ -338,7 +338,7 @@ class Chef
           raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
         end
 
-        if tempfile
+        if tempfile && contents_changed?
           new_resource.verify.each do |v|
             unless v.verify(tempfile.path)
               backupfile = "#{Chef::Config[:file_cache_path]}/failed_validations/#{::File.basename(tempfile.path)}"

data/lib/chef/provider/mount.rb

@@ -175,8 +175,13 @@ class Chef
 
       # Returns the new_resource device as per device_type
       def device_fstab
-        # Removed "/" from the end of str, because it was causing idempotency issue.
-        device = @new_resource.device == "/" ? @new_resource.device : @new_resource.device.chomp("/")
+        # Removed "/" from the end of str unless it's a network mount, because it was causing idempotency issue.
+        device =
+          if @new_resource.device == "/" || @new_resource.device.match?(":/$")
+            @new_resource.device
+          else
+            @new_resource.device.chomp("/")
+          end
         case @new_resource.device_type
         when :device
           device

data/lib/chef/provider/package/dnf/dnf_helper.py

@@ -168,6 +168,10 @@ try:
         setup_exit_handler()
         line = inpipe.readline()
 
+        # only way to detect EOF in python
+        if line == "":
+            break
+
         try:
             command = json.loads(line)
         except ValueError:

data/lib/chef/provider/package/rubygems.rb

@@ -423,11 +423,11 @@ class Chef
         end
 
         def is_omnibus?
-          if %r{/(opscode|chef|chefdk)/embedded/bin}.match?(RbConfig::CONFIG["bindir"])
+          if %r{/(#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}|#{ChefUtils::Dist::Infra::SHORT}|#{ChefUtils::Dist::Workstation::DIR_SUFFIX})/embedded/bin}.match?(RbConfig::CONFIG["bindir"])
             logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
             # Omnibus installs to a static path because of linking on unix, find it.
             true
-          elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/opscode/chef/embedded/bin"
+          elsif RbConfig::CONFIG["bindir"].sub(/^\w:/, "") == "/#{ChefUtils::Dist::Org::LEGACY_CONF_DIR}/#{ChefUtils::Dist::Infra::SHORT}/embedded/bin"
             logger.trace("#{new_resource} detected omnibus installation in #{RbConfig::CONFIG["bindir"]}")
             # windows, with the drive letter removed
             true

data/lib/chef/provider/package/yum/yum_helper.py

@@ -196,6 +196,10 @@ try:
         setup_exit_handler()
         line = inpipe.readline()
 
+        # only way to detect EOF in python
+        if line == "":
+            break
+
         try:
             command = json.loads(line)
         except ValueError, e:

data/lib/chef/provider/service/macosx.rb

@@ -169,12 +169,12 @@ class Chef
 
         def load_service
           session = @session_type ? "-S #{@session_type} " : ""
-          cmd = "launchctl load -w " + session + @plist
+          cmd = "/bin/launchctl load -w " + session + @plist
           shell_out_as_user(cmd)
         end
 
         def unload_service
-          cmd = "launchctl unload -w " + @plist
+          cmd = "/bin/launchctl unload -w " + @plist
           shell_out_as_user(cmd)
         end
 
@@ -190,7 +190,7 @@ class Chef
         def set_service_status
           return if @plist.nil? || @service_label.to_s.empty?
 
-          cmd = "launchctl list #{@service_label}"
+          cmd = "/bin/launchctl list #{@service_label}"
           res = shell_out_as_user(cmd)
 
           if res.exitstatus == 0

data/lib/chef/resource/chef_client_cron.rb

@@ -213,7 +213,7 @@ class Chef
         #
         def log_command
           if new_resource.append_log_file
-            "-L #{::File.join(new_resource.log_directory, new_resource.log_file_name)}"
+            ">> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
           else
             "> #{::File.join(new_resource.log_directory, new_resource.log_file_name)} 2>&1"
           end

data/lib/chef/resource/chef_client_launchd.rb

@@ -134,7 +134,7 @@ class Chef
           standard_error_path ::File.join(new_resource.log_directory, new_resource.log_file_name)
           program_arguments ["/bin/bash",
                              "-c",
-                             "echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
+                             "echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; /bin/launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; /bin/launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
           action :enable # enable creates the plist & triggers service restarts on change
         end
 

data/lib/chef/version.rb

@@ -23,7 +23,7 @@ require_relative "version_string"
 
 class Chef
   CHEF_ROOT = File.expand_path("..", __dir__)
-  VERSION = Chef::VersionString.new("16.10.17")
+  VERSION = Chef::VersionString.new("16.14.1")
 end
 
 #

data/spec/functional/resource/cron_spec.rb

@@ -19,7 +19,7 @@
 require "spec_helper"
 require "chef/mixin/shell_out"
 
-describe Chef::Resource::Cron, :requires_root, :unix_only do
+describe Chef::Resource::Cron, :requires_root, :unix_only, :not_macos_gte_11 do
 
   include Chef::Mixin::ShellOut
 

data/spec/integration/compliance/compliance_spec.rb

@@ -4,7 +4,7 @@ require "support/shared/integration/integration_helper"
 require "chef/mixin/shell_out"
 require "chef-utils/dist"
 
-describe "chef-client with audit mode" do
+describe "chef-client with compliance phase" do
 
   include IntegrationSupport
   include Chef::Mixin::ShellOut
@@ -46,6 +46,7 @@ describe "chef-client with audit mode" do
       file "attributes.json", <<~FILE
         {
           "audit": {
+            "compliance_phase": true,
             "json_file": {
               "location": "#{report_file}"
             },

data/spec/spec_helper.rb

@@ -145,6 +145,7 @@ RSpec.configure do |config|
   config.filter_run_excluding macos_only: true unless macos?
   config.filter_run_excluding macos_1013: true unless macos_1013?
   config.filter_run_excluding macos_gte_1014: true unless macos_gte_1014?
+  config.filter_run_excluding not_macos_gte_11: true if macos_gte_11?
   config.filter_run_excluding not_supported_on_aix: true if aix?
   config.filter_run_excluding not_supported_on_solaris: true if solaris?
   config.filter_run_excluding not_supported_on_gce: true if gce?

data/spec/support/platform_helpers.rb

@@ -122,6 +122,10 @@ def macos?
   RUBY_PLATFORM.include?("darwin")
 end
 
+def macos_gte_11?
+  macos? && !!(ohai[:platform_version].to_i >= 11)
+end
+
 def solaris?
   RUBY_PLATFORM.include?("solaris")
 end

data/spec/support/shared/unit/provider/file.rb

@@ -479,12 +479,14 @@ shared_examples_for Chef::Provider::File do
         it "calls #verify on each verification with tempfile path" do
           provider.new_resource.verify windows? ? "REM" : "true"
           provider.new_resource.verify windows? ? "REM" : "true"
+          allow(provider).to receive(:contents_changed?).and_return(true)
           provider.send(:do_validate_content)
         end
 
         it "raises an exception if any verification fails" do
           allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
           allow(provider).to receive(:tempfile).and_return(tempfile)
+          allow(provider).to receive(:contents_changed?).and_return(true)
           provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
           provider.new_resource.verify.each do |v|
             allow(v).to receive(:verify).and_return(false)
@@ -492,9 +494,21 @@ shared_examples_for Chef::Provider::File do
           expect { provider.send(:do_validate_content) }.to raise_error(Chef::Exceptions::ValidationFailed)
         end
 
+        it "does not run verifications when the contents did not change" do
+          allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
+          allow(provider).to receive(:tempfile).and_return(tempfile)
+          allow(provider).to receive(:contents_changed?).and_return(false)
+          provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
+          provider.new_resource.verify.each do |v|
+            expect(v).not_to receive(:verify)
+          end
+          provider.send(:do_validate_content)
+        end
+
         it "does not show verification for sensitive resources" do
           allow(File).to receive(:directory?).with("C:\\Windows\\system32/cmd.exe").and_return(false)
           allow(provider).to receive(:tempfile).and_return(tempfile)
+          allow(provider).to receive(:contents_changed?).and_return(true)
           provider.new_resource.sensitive true
           provider.new_resource.verify windows? ? "cmd.exe c exit 1" : "false"
           provider.new_resource.verify.each do |v|

data/spec/unit/compliance/runner_spec.rb

@@ -13,36 +13,85 @@ describe Chef::Compliance::Runner do
 
   describe "#enabled?" do
 
-    it "is true if the node attributes have audit profiles and the audit cookbook is not present" do
+    it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is nil" do
       node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
+      node.normal["audit"]["compliance_phase"] = nil
 
       expect(runner).to be_enabled
     end
 
-    it "is false if the node attributes have audit profiles and the audit cookbook is present" do
+    it "is true if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is true" do
+      node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
+      node.normal["audit"]["compliance_phase"] = true
+
+      expect(runner).to be_enabled
+    end
+
+    it "is false if the node attributes have audit profiles and the audit cookbook is not present, and the compliance mode attribute is false" do
+      node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
+      node.normal["audit"]["compliance_phase"] = false
+
+      expect(runner).not_to be_enabled
+    end
+
+    it "is false if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
       stub_const("::Reporter::ChefAutomate", true)
       node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
+      node.normal["audit"]["compliance_phase"] = nil
 
       expect(runner).not_to be_enabled
     end
 
-    it "is false if the node attributes do not have audit profiles and the audit cookbook is not present" do
+    it "is true if the node attributes have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
+      stub_const("::Reporter::ChefAutomate", true)
+      node.normal["audit"]["profiles"]["ssh"] = { 'compliance': "base/ssh" }
+      node.normal["audit"]["compliance_phase"] = true
+
+      expect(runner).to be_enabled
+    end
+
+    it "is false if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is nil" do
       node.normal["audit"]["profiles"] = {}
+      node.normal["audit"]["compliance_phase"] = nil
 
       expect(runner).not_to be_enabled
     end
 
-    it "is false if the node attributes do not have audit profiles and the audit cookbook is present" do
+    it "is false if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is nil" do
       stub_const("::Reporter::ChefAutomate", true)
       node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
+      node.normal["audit"]["compliance_phase"] = nil
 
       expect(runner).not_to be_enabled
     end
 
-    it "is false if the node attributes do not have audit attributes and the audit cookbook is not present" do
+    it "is false if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is nil" do
       node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
+      node.normal["audit"]["compliance_phase"] = nil
+
       expect(runner).not_to be_enabled
     end
+
+    it "is true if the node attributes do not have audit profiles and the audit cookbook is not present, and the complince mode attribute is true" do
+      node.normal["audit"]["profiles"] = {}
+      node.normal["audit"]["compliance_phase"] = true
+
+      expect(runner).to be_enabled
+    end
+
+    it "is true if the node attributes do not have audit profiles and the audit cookbook is present, and the complince mode attribute is true" do
+      stub_const("::Reporter::ChefAutomate", true)
+      node.automatic["recipes"] = %w{ audit::default fancy_cookbook::fanciness tacobell::nachos }
+      node.normal["audit"]["compliance_phase"] = true
+
+      expect(runner).to be_enabled
+    end
+
+    it "is true if the node attributes do not have audit attributes and the audit cookbook is not present, and the complince mode attribute is true" do
+      node.automatic["recipes"] = %w{ fancy_cookbook::fanciness tacobell::nachos }
+      node.normal["audit"]["compliance_phase"] = true
+      expect(runner).to be_enabled
+    end
   end
 
   describe "#inspec_profiles" do

data/spec/unit/knife/core/windows_bootstrap_context_spec.rb

@@ -204,19 +204,19 @@ describe Chef::Knife::Core::WindowsBootstrapContext do
       end
 
       it "returns a chef.io msi url with minimal url parameters" do
-        reference_url = "https://www.chef.io/chef/download?p=windows&channel=stable&v=something"
+        reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=stable&v=something"
         expect(bootstrap_context.msi_url).to eq(reference_url)
       end
 
       it "returns a chef.io msi url with provided url parameters substituted" do
-        reference_url = "https://www.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&channel=stable&v=something"
+        reference_url = "https://omnitruck.chef.io/chef/download?p=windows&pv=machine&m=arch&DownloadContext=ctx&channel=stable&v=something"
         expect(bootstrap_context.msi_url("machine", "arch", "ctx")).to eq(reference_url)
       end
 
       context "when a channel is provided in config" do
         let(:config) { { channel: "current" } }
         it "returns a chef.io msi url with the requested channel" do
-          reference_url = "https://www.chef.io/chef/download?p=windows&channel=current&v=something"
+          reference_url = "https://omnitruck.chef.io/chef/download?p=windows&channel=current&v=something"
           expect(bootstrap_context.msi_url).to eq(reference_url)
         end
       end

data/spec/unit/provider/mount/mount_spec.rb

@@ -506,6 +506,57 @@ describe Chef::Provider::Mount::Mount do
       end
     end
 
+    context "network mount" do
+      before(:each) do
+        @node = Chef::Node.new
+        @events = Chef::EventDispatch::Dispatcher.new
+        @run_context = Chef::RunContext.new(@node, {}, @events)
+
+        @new_resource = Chef::Resource::Mount.new("/tmp/bar")
+        @new_resource.device      "cephserver:6789:/"
+        @new_resource.device_type :device
+        @new_resource.fstype      "cephfs"
+
+        @new_resource.supports remount: false
+
+        @provider = Chef::Provider::Mount::Mount.new(@new_resource, @run_context)
+
+        allow(::File).to receive(:exists?).with("cephserver:6789:/").and_return true
+        allow(::File).to receive(:exists?).with("/tmp/bar").and_return true
+        allow(::File).to receive(:realpath).with("cephserver:6789:/").and_return "cephserver:6789:/"
+        allow(::File).to receive(:realpath).with("/tmp/bar").and_return "/tmp/foo"
+      end
+
+      before do
+        @current_resource = Chef::Resource::Mount.new("/tmp/foo")
+        @current_resource.device       "cephserver:6789:/"
+        @current_resource.device_type  :device
+        @current_resource.fstype       "cephfs"
+
+        @provider.current_resource = @current_resource
+      end
+
+      it "should enable network mount if enabled isn't true" do
+        @current_resource.enabled(false)
+
+        @fstab = StringIO.new
+        allow(::File).to receive(:open).with("/etc/fstab", "a").and_yield(@fstab)
+        @provider.enable_fs
+        expect(@fstab.string).to match(%r{^cephserver:6789:/\s+/tmp/bar\s+cephfs\s+defaults\s+0\s+2\s*$})
+      end
+
+      it "should not enable network if enabled is true and resources match" do
+        @current_resource.enabled(true)
+        @current_resource.fstype("cephfs")
+        @current_resource.options(["defaults"])
+        @current_resource.dump(0)
+        @current_resource.pass(2)
+        expect(::File).not_to receive(:open).with("/etc/fstab", "a")
+
+        @provider.enable_fs
+      end
+    end
+
     # the fstab might contain the mount with the device as a device but the resource has a label.
     # we should not create two mount lines, but update the existing one
     # not supported on solaris because it can't cope with a UUID device type

data/spec/unit/provider/package/rubygems_spec.rb

@@ -482,10 +482,10 @@ describe Chef::Provider::Package::Rubygems do
       end
     end
 
-    context "when in omnibus chefdk" do
-      let(:bindir) { "/opt/chefdk/embedded/bin" }
+    context "when in omnibus chef-workstation" do
+      let(:bindir) { "/opt/chef-workstation/embedded/bin" }
 
-      it "recognizes chefdk as omnibus" do
+      it "recognizes chef-workstation as omnibus" do
         expect(provider.is_omnibus?).to be true
       end
     end

data/spec/unit/provider/service/macosx_spec.rb

@@ -78,7 +78,7 @@ describe Chef::Provider::Service::Macosx do
           @getpwuid = double("Etc::Passwd", { name: "mikedodge04" })
           allow(Etc).to receive(:getpwuid).and_return(@getpwuid)
           allow(node).to receive(:[]).with("platform_version").and_return("10.11.1")
-          cmd = "launchctl list #{service_label}"
+          cmd = "/bin/launchctl list #{service_label}"
           allow(provider).to receive(:shell_out)
             .with(/(#{su_cmd} '#{cmd}'|#{cmd})/, default_env: false)
             .and_return(double("Status",
@@ -265,7 +265,7 @@ describe Chef::Provider::Service::Macosx do
             end
 
             it "starts service via launchctl if service found" do
-              cmd = "launchctl load -w " + session + plist
+              cmd = "/bin/launchctl load -w " + session + plist
               expect(provider).to receive(:shell_out)
                 .with(/(#{su_cmd} .#{cmd}.|#{cmd})/, default_env: false)
                 .and_return(0)
@@ -297,7 +297,7 @@ describe Chef::Provider::Service::Macosx do
             end
 
             it "stops the service via launchctl if service found" do
-              cmd = "launchctl unload -w " + plist
+              cmd = "/bin/launchctl unload -w " + plist
               expect(provider).to receive(:shell_out)
                 .with(/(#{su_cmd} .#{cmd}.|#{cmd})/, default_env: false)
                 .and_return(0)

data/spec/unit/resource/chef_client_cron_spec.rb

@@ -93,41 +93,41 @@ describe Chef::Resource::ChefClientCron do
 
     it "creates a valid command if using all default properties" do
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} -L /var/log/chef/client.log"
+        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
       )
     end
 
     it "uses daemon_options if set" do
       resource.daemon_options ["--foo 1", "--bar 2"]
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /opt/chef/bin/chef-client --foo 1 --bar 2 -c #{root_path} -L /var/log/chef/client.log"
+        "/bin/sleep 123; /opt/chef/bin/chef-client --foo 1 --bar 2 -c #{root_path} >> /var/log/chef/client.log 2>&1"
       )
     end
 
     it "uses custom config dir if set" do
       resource.config_directory "/etc/some_other_dir"
-      expect(provider.client_command).to eql("/bin/sleep 123; /opt/chef/bin/chef-client -c /etc/some_other_dir/client.rb -L /var/log/chef/client.log")
+      expect(provider.client_command).to eql("/bin/sleep 123; /opt/chef/bin/chef-client -c /etc/some_other_dir/client.rb >> /var/log/chef/client.log 2>&1")
     end
 
     it "uses custom log files / paths if set" do
       resource.log_file_name "my-client.log"
       resource.log_directory "/var/log/my-chef/"
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} -L /var/log/my-chef/my-client.log"
+        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/my-chef/my-client.log 2>&1"
       )
     end
 
     it "uses mailto if set" do
       resource.mailto "bob@example.com"
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} -L /var/log/chef/client.log || echo \"Chef Infra Client execution failed\""
+        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1 || echo \"Chef Infra Client execution failed\""
       )
     end
 
     it "uses custom chef-client binary if set" do
       resource.chef_binary_path "/usr/local/bin/chef-client"
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /usr/local/bin/chef-client -c #{root_path} -L /var/log/chef/client.log"
+        "/bin/sleep 123; /usr/local/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
       )
     end
 
@@ -141,7 +141,7 @@ describe Chef::Resource::ChefClientCron do
     it "sets the license acceptance flag if set" do
       resource.accept_chef_license true
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} --chef-license accept -L /var/log/chef/client.log"
+        "/bin/sleep 123; /opt/chef/bin/chef-client -c #{root_path} --chef-license accept >> /var/log/chef/client.log 2>&1"
       )
     end
 
@@ -149,7 +149,7 @@ describe Chef::Resource::ChefClientCron do
       allow(provider).to receive(:which).with("nice").and_return("/usr/bin/nice")
       resource.nice(-15)
       expect(provider.client_command).to eql(
-        "/bin/sleep 123; /usr/bin/nice -n -15 /opt/chef/bin/chef-client -c #{root_path} -L /var/log/chef/client.log"
+        "/bin/sleep 123; /usr/bin/nice -n -15 /opt/chef/bin/chef-client -c #{root_path} >> /var/log/chef/client.log 2>&1"
       )
     end
   end

data/tasks/rspec.rb

@@ -28,7 +28,7 @@ begin
     %w{chef-utils chef-config}.each do |gem|
       Dir.chdir(gem) do
         Bundler.with_unbundled_env do
-          sh("bundle install --jobs=3 --retry=3")
+          sh("bundle install --jobs=3 --retry=3 --path=../vendor/bundle")
           sh("bundle exec rake spec")
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 16.10.17
+  version: 16.14.1
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-19 00:00:00.000000000 Z
+date: 2021-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.10.17
+        version: 16.14.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.10.17
+        version: 16.14.1
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.10.17
+        version: 16.14.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.10.17
+        version: 16.14.1
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -326,16 +326,16 @@ dependencies:
   name: bcrypt_pbkdf
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.0.rc2
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.0.rc2
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
@@ -2778,7 +2778,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: A systems integration framework, built to bring the benefits of configuration