chef 16.13.16-universal-mingw32 → 17.0.242-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (614) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +9 -10
  3. data/README.md +1 -1
  4. data/Rakefile +2 -2
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +6 -8
  7. data/lib/chef/application/base.rb +1 -1
  8. data/lib/chef/applications.rb +0 -1
  9. data/lib/chef/chef_fs/command_line.rb +5 -2
  10. data/lib/chef/chef_fs/file_system.rb +9 -10
  11. data/lib/chef/client.rb +2 -2
  12. data/lib/chef/compliance/default_attributes.rb +4 -3
  13. data/lib/chef/compliance/fetcher/automate.rb +0 -7
  14. data/lib/chef/compliance/reporter/automate.rb +17 -7
  15. data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
  16. data/lib/chef/compliance/reporter/cli.rb +77 -0
  17. data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
  18. data/lib/chef/compliance/reporter/json_file.rb +8 -1
  19. data/lib/chef/compliance/runner.rb +65 -27
  20. data/lib/chef/cookbook/synchronizer.rb +3 -5
  21. data/lib/chef/cookbook_loader.rb +2 -4
  22. data/lib/chef/cookbook_uploader.rb +0 -1
  23. data/lib/chef/data_bag_item.rb +11 -2
  24. data/lib/chef/delayed_evaluator.rb +4 -0
  25. data/lib/chef/deprecated.rb +4 -0
  26. data/lib/chef/dsl/chef_vault.rb +6 -6
  27. data/lib/chef/dsl/reboot_pending.rb +1 -2
  28. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
  29. data/lib/chef/group.rb +75 -0
  30. data/lib/chef/mixin/get_source_from_package.rb +1 -1
  31. data/lib/chef/node/attribute.rb +6 -4
  32. data/lib/chef/node/immutable_collections.rb +13 -0
  33. data/lib/chef/node/mixin/deep_merge_cache.rb +11 -7
  34. data/lib/chef/org.rb +3 -2
  35. data/lib/chef/property.rb +18 -0
  36. data/lib/chef/provider.rb +1 -1
  37. data/lib/chef/provider/cron.rb +1 -1
  38. data/lib/chef/provider/execute.rb +2 -1
  39. data/lib/chef/provider/file.rb +1 -1
  40. data/lib/chef/provider/git.rb +5 -7
  41. data/lib/chef/provider/group/groupadd.rb +3 -3
  42. data/lib/chef/provider/group/groupmod.rb +3 -3
  43. data/lib/chef/provider/group/pw.rb +3 -3
  44. data/lib/chef/provider/ifconfig.rb +2 -2
  45. data/lib/chef/provider/link.rb +2 -2
  46. data/lib/chef/provider/mount.rb +5 -5
  47. data/lib/chef/provider/mount/aix.rb +3 -3
  48. data/lib/chef/provider/mount/mount.rb +5 -5
  49. data/lib/chef/provider/mount/windows.rb +1 -1
  50. data/lib/chef/provider/package.rb +17 -21
  51. data/lib/chef/provider/package/apt.rb +27 -1
  52. data/lib/chef/provider/package/deb.rb +3 -3
  53. data/lib/chef/provider/package/dnf/dnf_helper.py +1 -1
  54. data/lib/chef/provider/package/portage.rb +2 -2
  55. data/lib/chef/provider/package/rubygems.rb +11 -17
  56. data/lib/chef/provider/package/windows.rb +2 -4
  57. data/lib/chef/provider/package/yum/yum_helper.py +1 -1
  58. data/lib/chef/provider/route.rb +2 -2
  59. data/lib/chef/provider/service.rb +6 -6
  60. data/lib/chef/provider/service/aixinit.rb +1 -1
  61. data/lib/chef/provider/service/debian.rb +1 -1
  62. data/lib/chef/provider/service/freebsd.rb +15 -21
  63. data/lib/chef/provider/service/macosx.rb +4 -4
  64. data/lib/chef/provider/service/systemd.rb +43 -14
  65. data/lib/chef/provider/service/upstart.rb +2 -13
  66. data/lib/chef/provider/service/windows.rb +12 -12
  67. data/lib/chef/provider/subversion.rb +10 -12
  68. data/lib/chef/provider/systemd_unit.rb +36 -10
  69. data/lib/chef/provider/template/content.rb +2 -6
  70. data/lib/chef/provider/user.rb +2 -2
  71. data/lib/chef/provider/user/dscl.rb +1 -1
  72. data/lib/chef/provider/user/mac.rb +17 -20
  73. data/lib/chef/provider/user/pw.rb +1 -1
  74. data/lib/chef/provider/user/windows.rb +1 -1
  75. data/lib/chef/provider/zypper_repository.rb +2 -2
  76. data/lib/chef/providers.rb +0 -1
  77. data/lib/chef/resource/alternatives.rb +6 -6
  78. data/lib/chef/resource/apt_package.rb +1 -1
  79. data/lib/chef/resource/apt_preference.rb +2 -2
  80. data/lib/chef/resource/apt_repository.rb +6 -6
  81. data/lib/chef/resource/apt_update.rb +3 -2
  82. data/lib/chef/resource/archive_file.rb +2 -3
  83. data/lib/chef/resource/breakpoint.rb +1 -1
  84. data/lib/chef/resource/build_essential.rb +2 -6
  85. data/lib/chef/resource/chef_client_config.rb +2 -2
  86. data/lib/chef/resource/chef_client_cron.rb +4 -4
  87. data/lib/chef/resource/chef_client_launchd.rb +3 -3
  88. data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
  89. data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
  90. data/lib/chef/resource/chef_handler.rb +3 -7
  91. data/lib/chef/resource/chef_sleep.rb +1 -1
  92. data/lib/chef/resource/chef_vault_secret.rb +3 -8
  93. data/lib/chef/resource/chocolatey_config.rb +2 -6
  94. data/lib/chef/resource/chocolatey_feature.rb +2 -6
  95. data/lib/chef/resource/chocolatey_source.rb +4 -10
  96. data/lib/chef/resource/cron/_cron_shared.rb +2 -2
  97. data/lib/chef/resource/cron_access.rb +2 -4
  98. data/lib/chef/resource/dmg_package.rb +6 -10
  99. data/lib/chef/resource/dpkg_package.rb +1 -1
  100. data/lib/chef/resource/execute.rb +6 -1
  101. data/lib/chef/resource/file.rb +1 -1
  102. data/lib/chef/resource/group.rb +2 -2
  103. data/lib/chef/resource/homebrew_cask.rb +2 -6
  104. data/lib/chef/resource/homebrew_tap.rb +2 -6
  105. data/lib/chef/resource/hostname.rb +21 -17
  106. data/lib/chef/resource/http_request.rb +1 -1
  107. data/lib/chef/resource/kernel_module.rb +6 -17
  108. data/lib/chef/resource/locale.rb +2 -3
  109. data/lib/chef/resource/lwrp_base.rb +4 -0
  110. data/lib/chef/resource/macos_userdefaults.rb +10 -14
  111. data/lib/chef/resource/mdadm.rb +53 -7
  112. data/lib/chef/resource/mount.rb +2 -1
  113. data/lib/chef/resource/openssl_ec_private_key.rb +2 -2
  114. data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
  115. data/lib/chef/resource/openssl_x509_certificate.rb +2 -2
  116. data/lib/chef/resource/plist.rb +7 -7
  117. data/lib/chef/resource/powershell_script.rb +1 -1
  118. data/lib/chef/resource/remote_file.rb +1 -1
  119. data/lib/chef/resource/rhsm_errata.rb +16 -1
  120. data/lib/chef/resource/rhsm_errata_level.rb +10 -1
  121. data/lib/chef/resource/rhsm_register.rb +12 -6
  122. data/lib/chef/resource/rhsm_repo.rb +2 -6
  123. data/lib/chef/resource/rhsm_subscription.rb +2 -6
  124. data/lib/chef/resource/scm/git.rb +1 -1
  125. data/lib/chef/resource/sudo.rb +6 -6
  126. data/lib/chef/resource/sysctl.rb +2 -6
  127. data/lib/chef/resource/systemd_unit.rb +2 -2
  128. data/lib/chef/resource/template.rb +1 -1
  129. data/lib/chef/resource/timezone.rb +1 -3
  130. data/lib/chef/resource/user/mac_user.rb +1 -1
  131. data/lib/chef/resource/user_ulimit.rb +2 -2
  132. data/lib/chef/resource/windows_ad_join.rb +2 -6
  133. data/lib/chef/resource/windows_audit_policy.rb +1 -1
  134. data/lib/chef/resource/windows_auto_run.rb +2 -5
  135. data/lib/chef/resource/windows_certificate.rb +207 -73
  136. data/lib/chef/resource/windows_dfs_folder.rb +2 -6
  137. data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
  138. data/lib/chef/resource/windows_dfs_server.rb +1 -3
  139. data/lib/chef/resource/windows_dns_record.rb +2 -6
  140. data/lib/chef/resource/windows_dns_zone.rb +2 -6
  141. data/lib/chef/resource/windows_env.rb +5 -4
  142. data/lib/chef/resource/windows_feature.rb +3 -9
  143. data/lib/chef/resource/windows_feature_dism.rb +2 -6
  144. data/lib/chef/resource/windows_feature_powershell.rb +3 -3
  145. data/lib/chef/resource/windows_firewall_profile.rb +4 -4
  146. data/lib/chef/resource/windows_firewall_rule.rb +2 -5
  147. data/lib/chef/resource/windows_font.rb +2 -4
  148. data/lib/chef/resource/windows_pagefile.rb +2 -6
  149. data/lib/chef/resource/windows_path.rb +2 -2
  150. data/lib/chef/resource/windows_printer.rb +4 -4
  151. data/lib/chef/resource/windows_printer_port.rb +6 -6
  152. data/lib/chef/resource/windows_security_policy.rb +53 -40
  153. data/lib/chef/resource/windows_share.rb +14 -21
  154. data/lib/chef/resource/windows_shortcut.rb +4 -6
  155. data/lib/chef/resource/windows_task.rb +17 -5
  156. data/lib/chef/resource/windows_uac.rb +1 -1
  157. data/lib/chef/resource/windows_user_privilege.rb +4 -4
  158. data/lib/chef/resource/windows_workgroup.rb +1 -2
  159. data/lib/chef/resources.rb +0 -1
  160. data/lib/chef/user.rb +0 -1
  161. data/lib/chef/user_v1.rb +3 -4
  162. data/lib/chef/util/dsc/configuration_generator.rb +1 -0
  163. data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
  164. data/lib/chef/version.rb +1 -1
  165. data/lib/chef/win32/registry.rb +4 -2
  166. data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
  167. data/spec/data/lwrp/resources/bar.rb +2 -0
  168. data/spec/data/lwrp/resources/buck_passer.rb +1 -0
  169. data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
  170. data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
  171. data/spec/data/lwrp/resources/foo.rb +2 -0
  172. data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
  173. data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
  174. data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
  175. data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
  176. data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
  177. data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
  178. data/spec/data/lwrp_override/resources/foo.rb +1 -0
  179. data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
  180. data/spec/data/rubygems.org/sexp_processor-info +49 -0
  181. data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
  182. data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
  183. data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
  184. data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
  185. data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
  186. data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
  187. data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
  188. data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
  189. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  190. data/spec/functional/resource/aixinit_service_spec.rb +7 -7
  191. data/spec/functional/resource/apt_package_spec.rb +1 -1
  192. data/spec/functional/resource/chocolatey_package_spec.rb +13 -0
  193. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  194. data/spec/functional/resource/registry_spec.rb +8 -8
  195. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  196. data/spec/functional/resource/windows_certificate_spec.rb +92 -35
  197. data/spec/functional/version_spec.rb +1 -1
  198. data/spec/functional/win32/registry_spec.rb +1 -1
  199. data/spec/integration/client/client_spec.rb +5 -2
  200. data/spec/integration/client/exit_code_spec.rb +1 -1
  201. data/spec/integration/client/ipv6_spec.rb +1 -1
  202. data/spec/integration/compliance/compliance_spec.rb +1 -1
  203. data/spec/integration/ohai/ohai_spec.rb +7 -6
  204. data/spec/integration/recipes/accumulator_spec.rb +13 -1
  205. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
  206. data/spec/integration/recipes/lwrp_spec.rb +3 -1
  207. data/spec/integration/recipes/notifies_spec.rb +15 -1
  208. data/spec/integration/recipes/notifying_block_spec.rb +2 -1
  209. data/spec/integration/recipes/recipe_dsl_spec.rb +9 -9
  210. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  211. data/spec/integration/recipes/use_partial_spec.rb +4 -1
  212. data/spec/spec_helper.rb +10 -13
  213. data/spec/support/chef_helpers.rb +0 -16
  214. data/spec/support/lib/chef/resource/with_state.rb +0 -1
  215. data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
  216. data/spec/support/lib/chef/resource/zen_master.rb +0 -1
  217. data/spec/support/matchers/leak.rb +7 -9
  218. data/spec/support/platform_helpers.rb +1 -8
  219. data/spec/support/shared/integration/integration_helper.rb +0 -1
  220. data/spec/support/shared/unit/script_resource.rb +2 -2
  221. data/spec/unit/application/solo_spec.rb +2 -2
  222. data/spec/unit/chef_fs/diff_spec.rb +1 -1
  223. data/spec/unit/chef_fs/file_system_spec.rb +1 -1
  224. data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
  225. data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
  226. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
  227. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
  228. data/spec/unit/compliance/runner_spec.rb +30 -4
  229. data/spec/unit/data_bag_item_spec.rb +1 -6
  230. data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
  231. data/spec/unit/dsl/registry_helper_spec.rb +1 -1
  232. data/spec/unit/lwrp_spec.rb +1 -1
  233. data/spec/unit/mixin/params_validate_spec.rb +4 -3
  234. data/spec/unit/node/attribute_spec.rb +1 -1
  235. data/spec/unit/node_spec.rb +78 -0
  236. data/spec/unit/org_group_spec.rb +45 -0
  237. data/spec/unit/property_spec.rb +23 -22
  238. data/spec/unit/provider/cron_spec.rb +1 -1
  239. data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
  240. data/spec/unit/provider/group/groupmod_spec.rb +2 -2
  241. data/spec/unit/provider/group/pw_spec.rb +2 -2
  242. data/spec/unit/provider/group_spec.rb +1 -1
  243. data/spec/unit/provider/package/apt_spec.rb +84 -18
  244. data/spec/unit/provider/package/deb_spec.rb +3 -3
  245. data/spec/unit/provider/package/rubygems_spec.rb +21 -33
  246. data/spec/unit/provider/service/arch_service_spec.rb +1 -0
  247. data/spec/unit/provider/service/debian_service_spec.rb +1 -0
  248. data/spec/unit/provider/service/macosx_spec.rb +2 -2
  249. data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
  250. data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
  251. data/spec/unit/provider/service/windows_spec.rb +2 -2
  252. data/spec/unit/provider/subversion_spec.rb +2 -2
  253. data/spec/unit/provider/systemd_unit_spec.rb +79 -60
  254. data/spec/unit/provider/zypper_repository_spec.rb +2 -2
  255. data/spec/unit/provider_spec.rb +0 -8
  256. data/spec/unit/resource/powershell_script_spec.rb +2 -2
  257. data/spec/unit/resource/windows_task_spec.rb +1 -1
  258. data/spec/unit/user_spec.rb +1 -1
  259. data/spec/unit/user_v1_spec.rb +6 -4
  260. data/tasks/rspec.rb +16 -8
  261. metadata +19 -382
  262. data/bin/knife +0 -24
  263. data/lib/chef/application/knife.rb +0 -234
  264. data/lib/chef/application/windows_service.rb +0 -338
  265. data/lib/chef/application/windows_service_manager.rb +0 -205
  266. data/lib/chef/chef_fs/knife.rb +0 -160
  267. data/lib/chef/chef_fs/parallelizer.rb +0 -102
  268. data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
  269. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
  270. data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
  271. data/lib/chef/knife.rb +0 -665
  272. data/lib/chef/knife/acl_add.rb +0 -57
  273. data/lib/chef/knife/acl_base.rb +0 -183
  274. data/lib/chef/knife/acl_bulk_add.rb +0 -78
  275. data/lib/chef/knife/acl_bulk_remove.rb +0 -83
  276. data/lib/chef/knife/acl_remove.rb +0 -62
  277. data/lib/chef/knife/acl_show.rb +0 -56
  278. data/lib/chef/knife/bootstrap.rb +0 -1192
  279. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
  280. data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
  281. data/lib/chef/knife/bootstrap/templates/README.md +0 -11
  282. data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
  283. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
  284. data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
  285. data/lib/chef/knife/client_bulk_delete.rb +0 -104
  286. data/lib/chef/knife/client_create.rb +0 -101
  287. data/lib/chef/knife/client_delete.rb +0 -62
  288. data/lib/chef/knife/client_edit.rb +0 -52
  289. data/lib/chef/knife/client_key_create.rb +0 -73
  290. data/lib/chef/knife/client_key_delete.rb +0 -80
  291. data/lib/chef/knife/client_key_edit.rb +0 -83
  292. data/lib/chef/knife/client_key_list.rb +0 -73
  293. data/lib/chef/knife/client_key_show.rb +0 -80
  294. data/lib/chef/knife/client_list.rb +0 -41
  295. data/lib/chef/knife/client_reregister.rb +0 -58
  296. data/lib/chef/knife/client_show.rb +0 -48
  297. data/lib/chef/knife/config_get.rb +0 -39
  298. data/lib/chef/knife/config_get_profile.rb +0 -37
  299. data/lib/chef/knife/config_list.rb +0 -139
  300. data/lib/chef/knife/config_list_profiles.rb +0 -37
  301. data/lib/chef/knife/config_show.rb +0 -127
  302. data/lib/chef/knife/config_use.rb +0 -61
  303. data/lib/chef/knife/config_use_profile.rb +0 -47
  304. data/lib/chef/knife/configure.rb +0 -150
  305. data/lib/chef/knife/configure_client.rb +0 -48
  306. data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
  307. data/lib/chef/knife/cookbook_delete.rb +0 -151
  308. data/lib/chef/knife/cookbook_download.rb +0 -142
  309. data/lib/chef/knife/cookbook_list.rb +0 -47
  310. data/lib/chef/knife/cookbook_metadata.rb +0 -106
  311. data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
  312. data/lib/chef/knife/cookbook_show.rb +0 -98
  313. data/lib/chef/knife/cookbook_upload.rb +0 -292
  314. data/lib/chef/knife/core/bootstrap_context.rb +0 -264
  315. data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
  316. data/lib/chef/knife/core/formatting_options.rb +0 -49
  317. data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
  318. data/lib/chef/knife/core/generic_presenter.rb +0 -232
  319. data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
  320. data/lib/chef/knife/core/node_editor.rb +0 -130
  321. data/lib/chef/knife/core/node_presenter.rb +0 -133
  322. data/lib/chef/knife/core/object_loader.rb +0 -115
  323. data/lib/chef/knife/core/status_presenter.rb +0 -147
  324. data/lib/chef/knife/core/subcommand_loader.rb +0 -203
  325. data/lib/chef/knife/core/text_formatter.rb +0 -85
  326. data/lib/chef/knife/core/ui.rb +0 -338
  327. data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -406
  328. data/lib/chef/knife/data_bag_create.rb +0 -81
  329. data/lib/chef/knife/data_bag_delete.rb +0 -49
  330. data/lib/chef/knife/data_bag_edit.rb +0 -74
  331. data/lib/chef/knife/data_bag_from_file.rb +0 -113
  332. data/lib/chef/knife/data_bag_list.rb +0 -42
  333. data/lib/chef/knife/data_bag_secret_options.rb +0 -122
  334. data/lib/chef/knife/data_bag_show.rb +0 -69
  335. data/lib/chef/knife/delete.rb +0 -125
  336. data/lib/chef/knife/deps.rb +0 -156
  337. data/lib/chef/knife/diff.rb +0 -83
  338. data/lib/chef/knife/download.rb +0 -84
  339. data/lib/chef/knife/edit.rb +0 -88
  340. data/lib/chef/knife/environment_compare.rb +0 -128
  341. data/lib/chef/knife/environment_create.rb +0 -52
  342. data/lib/chef/knife/environment_delete.rb +0 -44
  343. data/lib/chef/knife/environment_edit.rb +0 -44
  344. data/lib/chef/knife/environment_from_file.rb +0 -84
  345. data/lib/chef/knife/environment_list.rb +0 -41
  346. data/lib/chef/knife/environment_show.rb +0 -47
  347. data/lib/chef/knife/exec.rb +0 -99
  348. data/lib/chef/knife/group_add.rb +0 -55
  349. data/lib/chef/knife/group_create.rb +0 -49
  350. data/lib/chef/knife/group_destroy.rb +0 -53
  351. data/lib/chef/knife/group_list.rb +0 -43
  352. data/lib/chef/knife/group_remove.rb +0 -56
  353. data/lib/chef/knife/group_show.rb +0 -49
  354. data/lib/chef/knife/key_create.rb +0 -112
  355. data/lib/chef/knife/key_create_base.rb +0 -50
  356. data/lib/chef/knife/key_delete.rb +0 -55
  357. data/lib/chef/knife/key_edit.rb +0 -118
  358. data/lib/chef/knife/key_edit_base.rb +0 -55
  359. data/lib/chef/knife/key_list.rb +0 -90
  360. data/lib/chef/knife/key_list_base.rb +0 -45
  361. data/lib/chef/knife/key_show.rb +0 -53
  362. data/lib/chef/knife/list.rb +0 -177
  363. data/lib/chef/knife/node_bulk_delete.rb +0 -75
  364. data/lib/chef/knife/node_create.rb +0 -47
  365. data/lib/chef/knife/node_delete.rb +0 -46
  366. data/lib/chef/knife/node_edit.rb +0 -70
  367. data/lib/chef/knife/node_environment_set.rb +0 -53
  368. data/lib/chef/knife/node_from_file.rb +0 -51
  369. data/lib/chef/knife/node_list.rb +0 -44
  370. data/lib/chef/knife/node_policy_set.rb +0 -79
  371. data/lib/chef/knife/node_run_list_add.rb +0 -104
  372. data/lib/chef/knife/node_run_list_remove.rb +0 -67
  373. data/lib/chef/knife/node_run_list_set.rb +0 -66
  374. data/lib/chef/knife/node_show.rb +0 -63
  375. data/lib/chef/knife/null.rb +0 -12
  376. data/lib/chef/knife/raw.rb +0 -123
  377. data/lib/chef/knife/recipe_list.rb +0 -32
  378. data/lib/chef/knife/rehash.rb +0 -50
  379. data/lib/chef/knife/role_bulk_delete.rb +0 -66
  380. data/lib/chef/knife/role_create.rb +0 -53
  381. data/lib/chef/knife/role_delete.rb +0 -46
  382. data/lib/chef/knife/role_edit.rb +0 -45
  383. data/lib/chef/knife/role_env_run_list_add.rb +0 -87
  384. data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
  385. data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
  386. data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
  387. data/lib/chef/knife/role_env_run_list_set.rb +0 -70
  388. data/lib/chef/knife/role_from_file.rb +0 -51
  389. data/lib/chef/knife/role_list.rb +0 -42
  390. data/lib/chef/knife/role_run_list_add.rb +0 -87
  391. data/lib/chef/knife/role_run_list_clear.rb +0 -55
  392. data/lib/chef/knife/role_run_list_remove.rb +0 -56
  393. data/lib/chef/knife/role_run_list_replace.rb +0 -60
  394. data/lib/chef/knife/role_run_list_set.rb +0 -69
  395. data/lib/chef/knife/role_show.rb +0 -48
  396. data/lib/chef/knife/search.rb +0 -194
  397. data/lib/chef/knife/serve.rb +0 -65
  398. data/lib/chef/knife/show.rb +0 -72
  399. data/lib/chef/knife/ssh.rb +0 -645
  400. data/lib/chef/knife/ssl_check.rb +0 -284
  401. data/lib/chef/knife/ssl_fetch.rb +0 -161
  402. data/lib/chef/knife/status.rb +0 -95
  403. data/lib/chef/knife/supermarket_download.rb +0 -121
  404. data/lib/chef/knife/supermarket_install.rb +0 -192
  405. data/lib/chef/knife/supermarket_list.rb +0 -76
  406. data/lib/chef/knife/supermarket_search.rb +0 -53
  407. data/lib/chef/knife/supermarket_share.rb +0 -166
  408. data/lib/chef/knife/supermarket_show.rb +0 -66
  409. data/lib/chef/knife/supermarket_unshare.rb +0 -61
  410. data/lib/chef/knife/tag_create.rb +0 -52
  411. data/lib/chef/knife/tag_delete.rb +0 -60
  412. data/lib/chef/knife/tag_list.rb +0 -47
  413. data/lib/chef/knife/upload.rb +0 -86
  414. data/lib/chef/knife/user_create.rb +0 -107
  415. data/lib/chef/knife/user_delete.rb +0 -44
  416. data/lib/chef/knife/user_dissociate.rb +0 -42
  417. data/lib/chef/knife/user_edit.rb +0 -52
  418. data/lib/chef/knife/user_invite_add.rb +0 -43
  419. data/lib/chef/knife/user_invite_list.rb +0 -34
  420. data/lib/chef/knife/user_invite_rescind.rb +0 -63
  421. data/lib/chef/knife/user_key_create.rb +0 -73
  422. data/lib/chef/knife/user_key_delete.rb +0 -80
  423. data/lib/chef/knife/user_key_edit.rb +0 -83
  424. data/lib/chef/knife/user_key_list.rb +0 -73
  425. data/lib/chef/knife/user_key_show.rb +0 -80
  426. data/lib/chef/knife/user_list.rb +0 -42
  427. data/lib/chef/knife/user_reregister.rb +0 -59
  428. data/lib/chef/knife/user_show.rb +0 -48
  429. data/lib/chef/knife/xargs.rb +0 -282
  430. data/lib/chef/knife/yaml_convert.rb +0 -91
  431. data/lib/chef/resource/user/dscl_user.rb +0 -35
  432. data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
  433. data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
  434. data/spec/data/knife_subcommand/test_explicit_category.rb +0 -7
  435. data/spec/data/knife_subcommand/test_name_mapping.rb +0 -4
  436. data/spec/data/knife_subcommand/test_yourself.rb +0 -21
  437. data/spec/functional/knife/configure_spec.rb +0 -33
  438. data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
  439. data/spec/functional/knife/exec_spec.rb +0 -55
  440. data/spec/functional/knife/rehash_spec.rb +0 -39
  441. data/spec/functional/knife/smoke_test.rb +0 -42
  442. data/spec/functional/knife/ssh_spec.rb +0 -352
  443. data/spec/functional/resource/user/dscl_spec.rb +0 -188
  444. data/spec/functional/resource/windows_service_spec.rb +0 -105
  445. data/spec/functional/win32/service_manager_spec.rb +0 -220
  446. data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
  447. data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
  448. data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
  449. data/spec/integration/knife/chefignore_spec.rb +0 -301
  450. data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
  451. data/spec/integration/knife/client_create_spec.rb +0 -70
  452. data/spec/integration/knife/client_delete_spec.rb +0 -64
  453. data/spec/integration/knife/client_key_create_spec.rb +0 -66
  454. data/spec/integration/knife/client_key_delete_spec.rb +0 -43
  455. data/spec/integration/knife/client_key_list_spec.rb +0 -61
  456. data/spec/integration/knife/client_key_show_spec.rb +0 -45
  457. data/spec/integration/knife/client_list_spec.rb +0 -49
  458. data/spec/integration/knife/client_show_spec.rb +0 -37
  459. data/spec/integration/knife/common_options_spec.rb +0 -174
  460. data/spec/integration/knife/config_list_spec.rb +0 -220
  461. data/spec/integration/knife/config_show_spec.rb +0 -192
  462. data/spec/integration/knife/config_use_spec.rb +0 -198
  463. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
  464. data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
  465. data/spec/integration/knife/cookbook_download_spec.rb +0 -72
  466. data/spec/integration/knife/cookbook_list_spec.rb +0 -55
  467. data/spec/integration/knife/cookbook_show_spec.rb +0 -149
  468. data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
  469. data/spec/integration/knife/data_bag_create_spec.rb +0 -125
  470. data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
  471. data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
  472. data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
  473. data/spec/integration/knife/data_bag_list_spec.rb +0 -44
  474. data/spec/integration/knife/data_bag_show_spec.rb +0 -95
  475. data/spec/integration/knife/delete_spec.rb +0 -1018
  476. data/spec/integration/knife/deps_spec.rb +0 -703
  477. data/spec/integration/knife/diff_spec.rb +0 -605
  478. data/spec/integration/knife/download_spec.rb +0 -1336
  479. data/spec/integration/knife/environment_compare_spec.rb +0 -75
  480. data/spec/integration/knife/environment_create_spec.rb +0 -41
  481. data/spec/integration/knife/environment_delete_spec.rb +0 -37
  482. data/spec/integration/knife/environment_from_file_spec.rb +0 -116
  483. data/spec/integration/knife/environment_list_spec.rb +0 -42
  484. data/spec/integration/knife/environment_show_spec.rb +0 -77
  485. data/spec/integration/knife/list_spec.rb +0 -1060
  486. data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
  487. data/spec/integration/knife/node_create_spec.rb +0 -47
  488. data/spec/integration/knife/node_delete_spec.rb +0 -48
  489. data/spec/integration/knife/node_environment_set_spec.rb +0 -46
  490. data/spec/integration/knife/node_from_file_spec.rb +0 -59
  491. data/spec/integration/knife/node_list_spec.rb +0 -45
  492. data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
  493. data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
  494. data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
  495. data/spec/integration/knife/node_show_spec.rb +0 -36
  496. data/spec/integration/knife/raw_spec.rb +0 -297
  497. data/spec/integration/knife/redirection_spec.rb +0 -64
  498. data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
  499. data/spec/integration/knife/role_create_spec.rb +0 -41
  500. data/spec/integration/knife/role_delete_spec.rb +0 -48
  501. data/spec/integration/knife/role_from_file_spec.rb +0 -96
  502. data/spec/integration/knife/role_list_spec.rb +0 -45
  503. data/spec/integration/knife/role_show_spec.rb +0 -51
  504. data/spec/integration/knife/search_node_spec.rb +0 -40
  505. data/spec/integration/knife/serve_spec.rb +0 -92
  506. data/spec/integration/knife/show_spec.rb +0 -197
  507. data/spec/integration/knife/upload_spec.rb +0 -1617
  508. data/spec/support/shared/functional/knife.rb +0 -37
  509. data/spec/support/shared/functional/win32_service.rb +0 -57
  510. data/spec/support/shared/integration/knife_support.rb +0 -192
  511. data/spec/support/shared/unit/knife_shared.rb +0 -39
  512. data/spec/unit/application/knife_spec.rb +0 -241
  513. data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
  514. data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
  515. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
  516. data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
  517. data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
  518. data/spec/unit/knife/bootstrap_spec.rb +0 -2220
  519. data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
  520. data/spec/unit/knife/client_create_spec.rb +0 -169
  521. data/spec/unit/knife/client_delete_spec.rb +0 -99
  522. data/spec/unit/knife/client_edit_spec.rb +0 -53
  523. data/spec/unit/knife/client_list_spec.rb +0 -34
  524. data/spec/unit/knife/client_reregister_spec.rb +0 -62
  525. data/spec/unit/knife/client_show_spec.rb +0 -52
  526. data/spec/unit/knife/configure_client_spec.rb +0 -81
  527. data/spec/unit/knife/configure_spec.rb +0 -190
  528. data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
  529. data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
  530. data/spec/unit/knife/cookbook_download_spec.rb +0 -255
  531. data/spec/unit/knife/cookbook_list_spec.rb +0 -88
  532. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
  533. data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
  534. data/spec/unit/knife/cookbook_show_spec.rb +0 -253
  535. data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
  536. data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
  537. data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
  538. data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
  539. data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
  540. data/spec/unit/knife/core/node_editor_spec.rb +0 -211
  541. data/spec/unit/knife/core/object_loader_spec.rb +0 -81
  542. data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
  543. data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
  544. data/spec/unit/knife/core/ui_spec.rb +0 -656
  545. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
  546. data/spec/unit/knife/data_bag_create_spec.rb +0 -175
  547. data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
  548. data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
  549. data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
  550. data/spec/unit/knife/data_bag_show_spec.rb +0 -139
  551. data/spec/unit/knife/environment_compare_spec.rb +0 -112
  552. data/spec/unit/knife/environment_create_spec.rb +0 -91
  553. data/spec/unit/knife/environment_delete_spec.rb +0 -71
  554. data/spec/unit/knife/environment_edit_spec.rb +0 -79
  555. data/spec/unit/knife/environment_from_file_spec.rb +0 -90
  556. data/spec/unit/knife/environment_list_spec.rb +0 -54
  557. data/spec/unit/knife/environment_show_spec.rb +0 -52
  558. data/spec/unit/knife/key_create_spec.rb +0 -223
  559. data/spec/unit/knife/key_delete_spec.rb +0 -133
  560. data/spec/unit/knife/key_edit_spec.rb +0 -264
  561. data/spec/unit/knife/key_helper.rb +0 -74
  562. data/spec/unit/knife/key_list_spec.rb +0 -216
  563. data/spec/unit/knife/key_show_spec.rb +0 -126
  564. data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
  565. data/spec/unit/knife/node_delete_spec.rb +0 -77
  566. data/spec/unit/knife/node_edit_spec.rb +0 -116
  567. data/spec/unit/knife/node_environment_set_spec.rb +0 -61
  568. data/spec/unit/knife/node_from_file_spec.rb +0 -59
  569. data/spec/unit/knife/node_list_spec.rb +0 -62
  570. data/spec/unit/knife/node_policy_set_spec.rb +0 -122
  571. data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
  572. data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
  573. data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
  574. data/spec/unit/knife/node_show_spec.rb +0 -65
  575. data/spec/unit/knife/raw_spec.rb +0 -43
  576. data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
  577. data/spec/unit/knife/role_create_spec.rb +0 -80
  578. data/spec/unit/knife/role_delete_spec.rb +0 -67
  579. data/spec/unit/knife/role_edit_spec.rb +0 -77
  580. data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
  581. data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
  582. data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
  583. data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
  584. data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
  585. data/spec/unit/knife/role_from_file_spec.rb +0 -69
  586. data/spec/unit/knife/role_list_spec.rb +0 -54
  587. data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
  588. data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
  589. data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
  590. data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
  591. data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
  592. data/spec/unit/knife/role_show_spec.rb +0 -59
  593. data/spec/unit/knife/ssh_spec.rb +0 -403
  594. data/spec/unit/knife/ssl_check_spec.rb +0 -256
  595. data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
  596. data/spec/unit/knife/status_spec.rb +0 -112
  597. data/spec/unit/knife/supermarket_download_spec.rb +0 -152
  598. data/spec/unit/knife/supermarket_install_spec.rb +0 -202
  599. data/spec/unit/knife/supermarket_list_spec.rb +0 -70
  600. data/spec/unit/knife/supermarket_search_spec.rb +0 -85
  601. data/spec/unit/knife/supermarket_share_spec.rb +0 -208
  602. data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
  603. data/spec/unit/knife/tag_create_spec.rb +0 -23
  604. data/spec/unit/knife/tag_delete_spec.rb +0 -25
  605. data/spec/unit/knife/tag_list_spec.rb +0 -23
  606. data/spec/unit/knife/user_create_spec.rb +0 -184
  607. data/spec/unit/knife/user_delete_spec.rb +0 -46
  608. data/spec/unit/knife/user_edit_spec.rb +0 -48
  609. data/spec/unit/knife/user_list_spec.rb +0 -36
  610. data/spec/unit/knife/user_reregister_spec.rb +0 -56
  611. data/spec/unit/knife/user_show_spec.rb +0 -46
  612. data/spec/unit/knife_spec.rb +0 -634
  613. data/spec/unit/provider/user/dscl_spec.rb +0 -699
  614. data/spec/unit/windows_service_spec.rb +0 -118
@@ -14,6 +14,10 @@ class Chef
14
14
  end
15
15
  true
16
16
  end
17
+
18
+ def validate_config!
19
+ true
20
+ end
17
21
  end
18
22
  end
19
23
  end
@@ -1,4 +1,5 @@
1
1
  require_relative "../../json_compat"
2
+ require_relative "../../log"
2
3
 
3
4
  class Chef
4
5
  module Compliance
@@ -9,10 +10,16 @@ class Chef
9
10
  end
10
11
 
11
12
  def send_report(report)
13
+ Chef::Log.info "Writing compliance report to #{@path}"
12
14
  FileUtils.mkdir_p(File.dirname(@path), mode: 0700)
13
-
14
15
  File.write(@path, Chef::JSONCompat.to_json(report))
15
16
  end
17
+
18
+ def validate_config!
19
+ if @path.nil? || @path.class != String || @path.empty?
20
+ raise "CMPL009: json_file reporter: node['audit']['json_file']['location'] must contain a file path"
21
+ end
22
+ end
16
23
  end
17
24
  end
18
25
  end
@@ -1,21 +1,22 @@
1
1
  autoload :Inspec, "inspec"
2
2
 
3
3
  require_relative "default_attributes"
4
- require_relative "reporter/automate"
5
- require_relative "reporter/chef_server_automate"
6
- require_relative "reporter/compliance_enforcer"
7
- require_relative "reporter/json_file"
8
4
 
9
5
  class Chef
10
6
  module Compliance
11
7
  class Runner < EventDispatch::Base
12
8
  extend Forwardable
13
9
 
10
+ SUPPORTED_REPORTERS = %w{chef-automate chef-server-automate json-file audit-enforcer cli}.freeze
11
+ SUPPORTED_FETCHERS = %w{chef-automate chef-server}.freeze
12
+
14
13
  attr_accessor :run_id
15
14
  attr_reader :node
16
15
  def_delegators :node, :logger
17
16
 
18
17
  def enabled?
18
+ return false if @node.nil?
19
+
19
20
  # Did we parse the libraries file from the audit cookbook? This class dates back to when Chef Automate was
20
21
  # renamed from Chef Visibility in 2017, so should capture all modern versions of the audit cookbook.
21
22
  audit_cookbook_present = defined?(::Reporter::ChefAutomate)
@@ -44,18 +45,30 @@ class Chef
44
45
  self.run_id = run_status.run_id
45
46
  end
46
47
 
48
+ def converge_start(run_context)
49
+ # With all attributes - including cookbook - loaded, we now have enough data to validate
50
+ # configuration. Because the converge is best coupled with the associated compliance run, these validations
51
+ # will raise (and abort the converge) if the compliance phase configuration is incorrect/will
52
+ # prevent compliance phase from completing and submitting its report to all configured reporters.
53
+ # can abort the converge if the compliance phase configuration (node attributes and client config)
54
+ load_and_validate!
55
+ end
56
+
47
57
  def run_completed(_node, _run_status)
48
58
  return unless enabled?
49
59
 
50
- logger.info("#{self.class}##{__method__}: enabling Compliance Phase")
60
+ logger.debug("#{self.class}##{__method__}: enabling Compliance Phase")
51
61
 
52
62
  report
53
63
  end
54
64
 
55
65
  def run_failed(_exception, _run_status)
56
- return unless enabled?
66
+ # If the run has failed because our own validation of compliance
67
+ # phase configuration has failed, we don't want to submit a report
68
+ # because we're still not configured correctly.
69
+ return unless enabled? && @validation_passed
57
70
 
58
- logger.info("#{self.class}##{__method__}: enabling Compliance Phase")
71
+ logger.debug("#{self.class}##{__method__}: enabling Compliance Phase")
59
72
 
60
73
  report
61
74
  end
@@ -81,7 +94,11 @@ class Chef
81
94
  end
82
95
  end
83
96
 
84
- def report(report = generate_report)
97
+ def report(report = nil)
98
+ logger.info "Starting Chef Infra Compliance Phase"
99
+ report ||= generate_report
100
+ # This is invoked at report-time instead of with the normal validations at node loaded,
101
+ # because we want to ensure that it is visible in the output - and not lost in back-scroll.
85
102
  warn_for_deprecated_config_values!
86
103
 
87
104
  if report.empty?
@@ -89,9 +106,11 @@ class Chef
89
106
  return
90
107
  end
91
108
 
92
- Array(node["audit"]["reporter"]).each do |reporter|
93
- send_report(reporter, report)
109
+ Array(node["audit"]["reporter"]).each do |reporter_type|
110
+ logger.info "Reporting to #{reporter_type}"
111
+ @reporters[reporter_type].send_report(report)
94
112
  end
113
+ logger.info "Chef Infra Compliance Phase Complete"
95
114
  end
96
115
 
97
116
  def inspec_opts
@@ -116,10 +135,8 @@ class Chef
116
135
 
117
136
  def inspec_profiles
118
137
  profiles = node["audit"]["profiles"]
119
-
120
- # TODO: Custom exception class here?
121
138
  unless profiles.respond_to?(:map) && profiles.all? { |_, p| p.respond_to?(:transform_keys) && p.respond_to?(:update) }
122
- raise "#{Inspec::Dist::PRODUCT_NAME} profiles specified in an unrecognized format, expected a hash of hashes."
139
+ raise "CMPL010: #{Inspec::Dist::PRODUCT_NAME} profiles specified in an unrecognized format, expected a hash of hashes."
123
140
  end
124
141
 
125
142
  profiles.map do |name, profile|
@@ -135,8 +152,6 @@ class Chef
135
152
  require_relative "fetcher/chef_server"
136
153
  when nil
137
154
  # intentionally blank
138
- else
139
- raise "Invalid value specified for Compliance Phase's fetcher: '#{node["audit"]["fetcher"]}'. Valid values are 'chef-automate', 'chef-server', or nil."
140
155
  end
141
156
  end
142
157
 
@@ -209,17 +224,10 @@ class Chef
209
224
  }
210
225
  end
211
226
 
212
- def send_report(reporter_type, report)
213
- logger.info "Reporting to #{reporter_type}"
214
-
215
- reporter = reporter(reporter_type)
216
-
217
- reporter.send_report(report) if reporter
218
- end
219
-
220
227
  def reporter(reporter_type)
221
228
  case reporter_type
222
229
  when "chef-automate"
230
+ require_relative "reporter/automate"
223
231
  opts = {
224
232
  control_results_limit: node["audit"]["control_results_limit"],
225
233
  entity_uuid: node["chef_guid"],
@@ -230,6 +238,7 @@ class Chef
230
238
  }
231
239
  Chef::Compliance::Reporter::Automate.new(opts)
232
240
  when "chef-server-automate"
241
+ require_relative "reporter/chef_server_automate"
233
242
  opts = {
234
243
  control_results_limit: node["audit"]["control_results_limit"],
235
244
  entity_uuid: node["chef_guid"],
@@ -241,13 +250,15 @@ class Chef
241
250
  }
242
251
  Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
243
252
  when "json-file"
244
- path = node["audit"]["json_file"]["location"]
245
- logger.info "Writing compliance report to #{path}"
253
+ require_relative "reporter/json_file"
254
+ path = node.dig("audit", "json_file", "location")
246
255
  Chef::Compliance::Reporter::JsonFile.new(file: path)
247
256
  when "audit-enforcer"
257
+ require_relative "reporter/compliance_enforcer"
248
258
  Chef::Compliance::Reporter::ComplianceEnforcer.new
249
- else
250
- raise "'#{reporter_type}' is not a supported reporter for Compliance Phase."
259
+ when "cli"
260
+ require_relative "reporter/cli"
261
+ Chef::Compliance::Reporter::Cli.new
251
262
  end
252
263
  end
253
264
 
@@ -264,6 +275,33 @@ class Chef
264
275
  url.path = File.join(url.path, "organizations/#{org}/data-collector")
265
276
  url
266
277
  end
278
+
279
+ # Load the resources required for this runner, and validate configuration
280
+ # is correct to proceed. Requires node state to be loaded.
281
+ # Will raise exception if fetcher is not valid, if a reporter is not valid,
282
+ # or the configuration required by a reporter is not provided.
283
+ def load_and_validate!
284
+ return unless enabled?
285
+
286
+ @reporters = {}
287
+ # Note that the docs don't say you can use an array, but our implementation
288
+ # supports it.
289
+ Array(node["audit"]["reporter"]).each do |type|
290
+ unless SUPPORTED_REPORTERS.include? type
291
+ raise "CMPL003: '#{type}' found in node['audit']['reporter'] is not a supported reporter for Compliance Phase. Supported reporters are: #{SUPPORTED_REPORTERS.join(", ")}. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#reporters"
292
+ end
293
+
294
+ @reporters[type] = reporter(type)
295
+ @reporters[type].validate_config!
296
+ end
297
+
298
+ unless (fetcher = node["audit"]["fetcher"]).nil?
299
+ unless SUPPORTED_FETCHERS.include? fetcher
300
+ raise "CMPL002: Unrecognized Compliance Phase fetcher (node['audit']['fetcher'] = #{fetcher}). Supported fetchers are: #{SUPPORTED_FETCHERS.join(", ")}, or nil. For more information, see the documentation at https://docs.chef.io/chef_compliance_phase/chef_compliance_runners/#fetchers"
301
+ end
302
+ end
303
+ @validation_passed = true
304
+ end
267
305
  end
268
306
  end
269
307
  end
@@ -143,11 +143,9 @@ class Chef
143
143
  end
144
144
 
145
145
  def files_remaining_by_cookbook
146
- @files_remaining_by_cookbook ||= begin
147
- files_by_cookbook.inject({}) do |memo, (cookbook, files)|
148
- memo[cookbook] = files.size
149
- memo
150
- end
146
+ @files_remaining_by_cookbook ||= files_by_cookbook.inject({}) do |memo, (cookbook, files)|
147
+ memo[cookbook] = files.size
148
+ memo
151
149
  end
152
150
  end
153
151
 
@@ -195,10 +195,8 @@ class Chef
195
195
 
196
196
  def all_files_in_repo_paths
197
197
  @all_files_in_repo_paths ||=
198
- begin
199
- repo_paths.inject([]) do |all_children, repo_path|
200
- all_children + Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(repo_path), "*")]
201
- end
198
+ repo_paths.inject([]) do |all_children, repo_path|
199
+ all_children + Dir[File.join(Chef::Util::PathHelper.escape_glob_dir(repo_path), "*")]
202
200
  end
203
201
  end
204
202
 
@@ -1,7 +1,6 @@
1
1
 
2
2
  autoload :Set, "set"
3
3
  require_relative "exceptions"
4
- require_relative "knife/cookbook_metadata"
5
4
  require_relative "digester"
6
5
  require_relative "cookbook_manifest"
7
6
  require_relative "cookbook_version"
@@ -44,8 +44,17 @@ class Chef
44
44
  end
45
45
  end
46
46
 
47
- # Define all Hash's instance methods as delegating to @raw_data
48
- def_delegators(:@raw_data, *(Hash.instance_methods - Object.instance_methods))
47
+ # delegate missing methods to the @raw_data Hash
48
+ def method_missing(method_name, *arguments, &block)
49
+ @raw_data.send(method_name, *arguments, &block)
50
+ rescue
51
+ # throw more sensible errors back at the user
52
+ super
53
+ end
54
+
55
+ def respond_to_missing?(method_name, include_private = false)
56
+ @raw_data.respond_to?(method_name, include_private) || super
57
+ end
49
58
 
50
59
  attr_reader :raw_data
51
60
 
@@ -17,5 +17,9 @@
17
17
 
18
18
  class Chef
19
19
  class DelayedEvaluator < Proc
20
+ def dup
21
+ # super returns a "Proc" (which seems buggy) so re-wrap it
22
+ self.class.new(&super) # rubocop:disable Layout/SpaceAroundKeyword
23
+ end
20
24
  end
21
25
  end
@@ -249,6 +249,10 @@ class Chef
249
249
  target 32
250
250
  end
251
251
 
252
+ class UnifiedMode < Base
253
+ target 33
254
+ end
255
+
252
256
  class Generic < Base
253
257
  def url
254
258
  "https://docs.chef.io/chef_deprecations_client/"
@@ -32,8 +32,8 @@ class Chef
32
32
  # actually a Chef Vault item. This is controlled via
33
33
  # +node['chef-vault']['databag_fallback']+.
34
34
  # @example
35
- # item = chef_vault_item('secrets', 'bacon')
36
- # log 'Yeah buddy!' if item['_default']['type']
35
+ # item = chef_vault_item('secrets', 'bacon')
36
+ # log 'Yeah buddy!' if item['_default']['type']
37
37
  # @param [String] bag Name of the data bag to load from.
38
38
  # @param [String] id Identifier of the data bag item to load.
39
39
  def chef_vault_item(bag, id)
@@ -51,8 +51,8 @@ class Chef
51
51
  # the items, so this method strips out the keys for users so that they
52
52
  # don't have to do it in their recipes.
53
53
  # @example
54
- # ids = chef_vault('secrets')
55
- # log 'Yeah buddy!' if ids[0] == 'bacon'
54
+ # ids = chef_vault('secrets')
55
+ # log 'Yeah buddy!' if ids[0] == 'bacon'
56
56
  # @param [String] bag Name of the data bag to load from.
57
57
  # @return [Array]
58
58
  def chef_vault(bag)
@@ -68,8 +68,8 @@ class Chef
68
68
  # This allows for easy access to current environment secrets inside
69
69
  # of an item.
70
70
  # @example
71
- # item = chef_vault_item_for_environment('secrets', 'bacon')
72
- # log 'Yeah buddy!' if item['type'] == 'applewood_smoked'
71
+ # item = chef_vault_item_for_environment('secrets', 'bacon')
72
+ # log 'Yeah buddy!' if item['type'] == 'applewood_smoked'
73
73
  # @param [String] bag Name of the data bag to load from.
74
74
  # @param [String] id Identifier of the data bag item to load.
75
75
  # @return [Hash]
@@ -45,8 +45,7 @@ class Chef
45
45
 
46
46
  # Vista + Server 2008 and newer may have reboots pending from CBS
47
47
  registry_key_exists?('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending')
48
- elsif platform?("ubuntu")
49
- # This should work for Debian as well if update-notifier-common happens to be installed. We need an API for that.
48
+ elsif platform_family?("debian")
50
49
  File.exist?("/var/run/reboot-required")
51
50
  else
52
51
  false
@@ -64,36 +64,34 @@ class Chef
64
64
  def recipe_snippet
65
65
  return nil if dynamic_resource?
66
66
 
67
- @snippet ||= begin
68
- if (file = parse_source) && (line = parse_line(file))
69
- return nil unless ::File.exist?(file)
67
+ @snippet ||= if (file = parse_source) && (line = parse_line(file))
68
+ return nil unless ::File.exist?(file)
70
69
 
71
- lines = IO.readlines(file)
70
+ lines = IO.readlines(file)
72
71
 
73
- relevant_lines = ["# In #{file}\n\n"]
72
+ relevant_lines = ["# In #{file}\n\n"]
74
73
 
75
- current_line = line - 1
76
- current_line = 0 if current_line < 0
77
- nesting = 0
74
+ current_line = line - 1
75
+ current_line = 0 if current_line < 0
76
+ nesting = 0
78
77
 
79
- loop do
78
+ loop do
80
79
 
81
- # low rent parser. try to gracefully handle nested blocks in resources
82
- nesting += 1 if /\s+do\s*/.match?(lines[current_line])
83
- nesting -= 1 if /end\s*$/.match?(lines[current_line])
80
+ # low rent parser. try to gracefully handle nested blocks in resources
81
+ nesting += 1 if /\s+do\s*/.match?(lines[current_line])
82
+ nesting -= 1 if /end\s*$/.match?(lines[current_line])
84
83
 
85
- relevant_lines << format_line(current_line, lines[current_line])
84
+ relevant_lines << format_line(current_line, lines[current_line])
86
85
 
87
- break if lines[current_line + 1].nil?
88
- break if current_line >= (line + 50)
89
- break if nesting <= 0
86
+ break if lines[current_line + 1].nil?
87
+ break if current_line >= (line + 50)
88
+ break if nesting <= 0
90
89
 
91
- current_line += 1
92
- end
93
- relevant_lines << format_line(current_line + 1, lines[current_line + 1]) if lines[current_line + 1]
94
- relevant_lines.join("")
95
- end
96
- end
90
+ current_line += 1
91
+ end
92
+ relevant_lines << format_line(current_line + 1, lines[current_line + 1]) if lines[current_line + 1]
93
+ relevant_lines.join("")
94
+ end
97
95
  end
98
96
 
99
97
  def dynamic_resource?
data/lib/chef/group.rb ADDED
@@ -0,0 +1,75 @@
1
+ #
2
+ # Copyright:: Copyright (c) Chef Software Inc.
3
+ # License:: Apache License, Version 2.0
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # http://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+ #
17
+
18
+ require_relative "org"
19
+
20
+ class Chef
21
+ class Group
22
+
23
+ def group(groupname)
24
+ @group ||= {}
25
+ @group[groupname] ||= chef_rest.get_rest "organizations/#{name}/groups/#{groupname}"
26
+ end
27
+
28
+ def user_member_of_group?(username, groupname)
29
+ group = group(groupname)
30
+ group["actors"].include? username
31
+ end
32
+
33
+ def add_user_to_group(groupname, username)
34
+ group = group(groupname)
35
+ body_hash = {
36
+ groupname: "#{groupname}",
37
+ actors: {
38
+ "users" => group["actors"].concat([username]),
39
+ "groups" => group["groups"],
40
+ },
41
+ }
42
+ chef_rest.put_rest "organizations/#{name}/groups/#{groupname}", body_hash
43
+ end
44
+
45
+ def remove_user_from_group(groupname, username)
46
+ group = group(groupname)
47
+ group["actors"].delete(username)
48
+ body_hash = {
49
+ groupname: "#{groupname}",
50
+ actors: {
51
+ "users" => group["actors"],
52
+ "groups" => group["groups"],
53
+ },
54
+ }
55
+ chef_rest.put_rest "organizations/#{name}/groups/#{groupname}", body_hash
56
+ end
57
+
58
+ def actor_delete_would_leave_admins_empty?
59
+ admins = group("admins")
60
+ if admins["groups"].empty?
61
+ # exclude 'pivotal' but don't mutate the group since we're caching it
62
+ if admins["actors"].include? "pivotal"
63
+ admins["actors"].length <= 2
64
+ else
65
+ admins["actors"].length <= 1
66
+ end
67
+ else
68
+ # We don't check recursively. If the admins group contains a group,
69
+ # and the user is the only member of that group,
70
+ # we'll still turn up a 'safe to delete'.
71
+ false
72
+ end
73
+ end
74
+ end
75
+ end