chef 16.13.16-universal-mingw32 → 17.3.48-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (730) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +11 -22
  3. data/README.md +1 -1
  4. data/Rakefile +2 -2
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +12 -24
  7. data/lib/chef/action_collection.rb +6 -26
  8. data/lib/chef/application.rb +1 -1
  9. data/lib/chef/application/base.rb +16 -1
  10. data/lib/chef/applications.rb +0 -1
  11. data/lib/chef/chef_fs/command_line.rb +5 -2
  12. data/lib/chef/chef_fs/file_pattern.rb +2 -2
  13. data/lib/chef/chef_fs/file_system.rb +9 -10
  14. data/lib/chef/client.rb +9 -3
  15. data/lib/chef/compliance/default_attributes.rb +5 -4
  16. data/lib/chef/compliance/fetcher/automate.rb +0 -7
  17. data/lib/chef/compliance/reporter/automate.rb +17 -7
  18. data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
  19. data/lib/chef/compliance/reporter/cli.rb +77 -0
  20. data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
  21. data/lib/chef/compliance/reporter/json_file.rb +8 -1
  22. data/lib/chef/compliance/runner.rb +65 -27
  23. data/lib/chef/cookbook/cookbook_version_loader.rb +3 -3
  24. data/lib/chef/cookbook/gem_installer.rb +5 -1
  25. data/lib/chef/cookbook/synchronizer.rb +3 -5
  26. data/lib/chef/cookbook_loader.rb +2 -4
  27. data/lib/chef/cookbook_uploader.rb +0 -1
  28. data/lib/chef/cookbook_version.rb +26 -4
  29. data/lib/chef/data_bag_item.rb +11 -2
  30. data/lib/chef/data_collector.rb +0 -1
  31. data/lib/chef/data_collector/run_end_message.rb +1 -1
  32. data/lib/chef/delayed_evaluator.rb +4 -0
  33. data/lib/chef/deprecated.rb +18 -4
  34. data/lib/chef/dsl.rb +1 -0
  35. data/lib/chef/dsl/chef_vault.rb +6 -6
  36. data/lib/chef/dsl/declare_resource.rb +5 -10
  37. data/lib/chef/dsl/reboot_pending.rb +1 -2
  38. data/lib/chef/{knife/group_list.rb → dsl/render_helpers.rb} +18 -17
  39. data/lib/chef/dsl/secret.rb +64 -0
  40. data/lib/chef/dsl/toml.rb +116 -0
  41. data/lib/chef/dsl/universal.rb +5 -0
  42. data/lib/chef/event_dispatch/base.rb +2 -1
  43. data/lib/chef/exceptions.rb +25 -0
  44. data/lib/chef/formatters/doc.rb +2 -1
  45. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
  46. data/lib/chef/group.rb +75 -0
  47. data/lib/chef/handler.rb +46 -8
  48. data/lib/chef/handler/slow_report.rb +66 -0
  49. data/lib/chef/json_compat.rb +1 -1
  50. data/lib/chef/mixin/get_source_from_package.rb +1 -1
  51. data/lib/chef/node.rb +21 -20
  52. data/lib/chef/node/attribute.rb +6 -4
  53. data/lib/chef/node/immutable_collections.rb +13 -0
  54. data/lib/chef/node/mixin/deep_merge_cache.rb +11 -7
  55. data/lib/chef/org.rb +3 -2
  56. data/lib/chef/policy_builder/policyfile.rb +88 -45
  57. data/lib/chef/property.rb +18 -0
  58. data/lib/chef/provider.rb +1 -1
  59. data/lib/chef/provider/cron.rb +1 -1
  60. data/lib/chef/provider/directory.rb +6 -6
  61. data/lib/chef/provider/execute.rb +2 -1
  62. data/lib/chef/provider/file.rb +3 -3
  63. data/lib/chef/provider/git.rb +5 -7
  64. data/lib/chef/provider/group/groupadd.rb +3 -3
  65. data/lib/chef/provider/group/groupmod.rb +3 -3
  66. data/lib/chef/provider/group/pw.rb +3 -3
  67. data/lib/chef/provider/ifconfig.rb +2 -2
  68. data/lib/chef/provider/link.rb +3 -3
  69. data/lib/chef/provider/lwrp_base.rb +1 -1
  70. data/lib/chef/provider/mount.rb +5 -5
  71. data/lib/chef/provider/mount/aix.rb +3 -3
  72. data/lib/chef/provider/mount/mount.rb +5 -5
  73. data/lib/chef/provider/mount/windows.rb +1 -1
  74. data/lib/chef/provider/package.rb +17 -21
  75. data/lib/chef/provider/package/apt.rb +27 -1
  76. data/lib/chef/provider/package/deb.rb +3 -3
  77. data/lib/chef/provider/package/dnf/dnf_helper.py +12 -11
  78. data/lib/chef/provider/package/dnf/python_helper.rb +9 -8
  79. data/lib/chef/provider/package/habitat.rb +168 -0
  80. data/lib/chef/provider/package/portage.rb +2 -2
  81. data/lib/chef/provider/package/powershell.rb +5 -0
  82. data/lib/chef/provider/package/rubygems.rb +11 -17
  83. data/lib/chef/provider/package/windows.rb +2 -4
  84. data/lib/chef/provider/package/yum.rb +1 -4
  85. data/lib/chef/provider/package/yum/python_helper.rb +15 -10
  86. data/lib/chef/provider/package/yum/yum_helper.py +47 -63
  87. data/lib/chef/provider/registry_key.rb +1 -1
  88. data/lib/chef/provider/route.rb +2 -2
  89. data/lib/chef/provider/service.rb +6 -6
  90. data/lib/chef/provider/service/aixinit.rb +1 -1
  91. data/lib/chef/provider/service/debian.rb +1 -1
  92. data/lib/chef/provider/service/freebsd.rb +15 -21
  93. data/lib/chef/provider/service/macosx.rb +4 -4
  94. data/lib/chef/provider/service/systemd.rb +43 -14
  95. data/lib/chef/provider/service/upstart.rb +2 -13
  96. data/lib/chef/provider/service/windows.rb +12 -12
  97. data/lib/chef/provider/subversion.rb +10 -12
  98. data/lib/chef/provider/support/zypper_repo.erb +4 -2
  99. data/lib/chef/provider/systemd_unit.rb +36 -10
  100. data/lib/chef/provider/template/content.rb +3 -7
  101. data/lib/chef/provider/user.rb +2 -2
  102. data/lib/chef/provider/user/dscl.rb +1 -1
  103. data/lib/chef/provider/user/mac.rb +17 -20
  104. data/lib/chef/provider/user/pw.rb +1 -1
  105. data/lib/chef/provider/user/windows.rb +1 -1
  106. data/lib/chef/provider/windows_script.rb +1 -1
  107. data/lib/chef/provider/zypper_repository.rb +28 -32
  108. data/lib/chef/providers.rb +1 -1
  109. data/lib/chef/resource.rb +6 -7
  110. data/lib/chef/resource/alternatives.rb +6 -6
  111. data/lib/chef/resource/apt_package.rb +1 -1
  112. data/lib/chef/resource/apt_preference.rb +2 -2
  113. data/lib/chef/resource/apt_repository.rb +6 -6
  114. data/lib/chef/resource/apt_update.rb +5 -4
  115. data/lib/chef/resource/archive_file.rb +2 -3
  116. data/lib/chef/resource/breakpoint.rb +1 -1
  117. data/lib/chef/resource/build_essential.rb +2 -6
  118. data/lib/chef/resource/chef_client_config.rb +10 -5
  119. data/lib/chef/resource/chef_client_cron.rb +5 -5
  120. data/lib/chef/resource/chef_client_launchd.rb +6 -6
  121. data/lib/chef/resource/chef_client_scheduled_task.rb +16 -16
  122. data/lib/chef/resource/chef_client_systemd_timer.rb +5 -5
  123. data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
  124. data/lib/chef/resource/chef_handler.rb +3 -7
  125. data/lib/chef/resource/chef_sleep.rb +1 -1
  126. data/lib/chef/resource/chef_vault_secret.rb +5 -10
  127. data/lib/chef/resource/chocolatey_config.rb +2 -6
  128. data/lib/chef/resource/chocolatey_feature.rb +2 -6
  129. data/lib/chef/resource/chocolatey_source.rb +4 -10
  130. data/lib/chef/resource/cron/_cron_shared.rb +2 -2
  131. data/lib/chef/resource/cron/cron_d.rb +4 -6
  132. data/lib/chef/resource/cron_access.rb +2 -4
  133. data/lib/chef/resource/dmg_package.rb +6 -10
  134. data/lib/chef/resource/dpkg_package.rb +1 -1
  135. data/lib/chef/resource/dsc_resource.rb +1 -1
  136. data/lib/chef/resource/execute.rb +11 -6
  137. data/lib/chef/resource/file.rb +1 -1
  138. data/lib/chef/resource/gem_package.rb +2 -1
  139. data/lib/chef/resource/group.rb +6 -6
  140. data/lib/chef/{knife/recipe_list.rb → resource/habitat/_habitat_shared.rb} +13 -17
  141. data/lib/chef/resource/habitat/habitat_package.rb +129 -0
  142. data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
  143. data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
  144. data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
  145. data/lib/chef/resource/habitat_config.rb +107 -0
  146. data/lib/chef/resource/habitat_install.rb +247 -0
  147. data/lib/chef/resource/habitat_service.rb +451 -0
  148. data/lib/chef/resource/habitat_user_toml.rb +92 -0
  149. data/lib/chef/resource/homebrew_cask.rb +17 -10
  150. data/lib/chef/resource/homebrew_package.rb +1 -1
  151. data/lib/chef/resource/homebrew_tap.rb +4 -7
  152. data/lib/chef/resource/homebrew_update.rb +2 -2
  153. data/lib/chef/resource/hostname.rb +68 -22
  154. data/lib/chef/resource/http_request.rb +1 -1
  155. data/lib/chef/resource/inspec_waiver_file_entry.rb +156 -0
  156. data/lib/chef/resource/kernel_module.rb +6 -17
  157. data/lib/chef/resource/locale.rb +2 -3
  158. data/lib/chef/resource/lwrp_base.rb +20 -1
  159. data/lib/chef/resource/macos_userdefaults.rb +10 -14
  160. data/lib/chef/resource/mdadm.rb +53 -7
  161. data/lib/chef/resource/mount.rb +2 -1
  162. data/lib/chef/resource/ohai_hint.rb +2 -6
  163. data/lib/chef/resource/openbsd_package.rb +17 -0
  164. data/lib/chef/resource/openssl_dhparam.rb +1 -2
  165. data/lib/chef/resource/openssl_ec_private_key.rb +3 -5
  166. data/lib/chef/resource/openssl_ec_public_key.rb +1 -3
  167. data/lib/chef/resource/openssl_rsa_private_key.rb +2 -4
  168. data/lib/chef/resource/openssl_rsa_public_key.rb +1 -3
  169. data/lib/chef/resource/openssl_x509_certificate.rb +3 -6
  170. data/lib/chef/resource/openssl_x509_crl.rb +1 -3
  171. data/lib/chef/resource/openssl_x509_request.rb +1 -3
  172. data/lib/chef/resource/osx_profile.rb +3 -3
  173. data/lib/chef/resource/plist.rb +8 -8
  174. data/lib/chef/resource/powershell_package_source.rb +2 -4
  175. data/lib/chef/resource/powershell_script.rb +1 -1
  176. data/lib/chef/resource/reboot.rb +38 -9
  177. data/lib/chef/resource/remote_directory.rb +2 -2
  178. data/lib/chef/resource/remote_file.rb +3 -3
  179. data/lib/chef/resource/rhsm_errata.rb +16 -3
  180. data/lib/chef/resource/rhsm_errata_level.rb +11 -6
  181. data/lib/chef/resource/rhsm_register.rb +12 -6
  182. data/lib/chef/resource/rhsm_repo.rb +17 -6
  183. data/lib/chef/resource/rhsm_subscription.rb +2 -6
  184. data/lib/chef/resource/scm/git.rb +1 -1
  185. data/lib/chef/resource/ssh_known_hosts_entry.rb +4 -7
  186. data/lib/chef/resource/sudo.rb +8 -12
  187. data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
  188. data/lib/chef/resource/support/client.erb +8 -1
  189. data/lib/chef/resource/support/sup.toml.erb +179 -0
  190. data/lib/chef/resource/swap_file.rb +2 -6
  191. data/lib/chef/resource/sysctl.rb +2 -6
  192. data/lib/chef/resource/systemd_unit.rb +2 -2
  193. data/lib/chef/resource/template.rb +1 -1
  194. data/lib/chef/resource/timezone.rb +1 -3
  195. data/lib/chef/resource/user/mac_user.rb +1 -1
  196. data/lib/chef/resource/user_ulimit.rb +2 -2
  197. data/lib/chef/resource/windows_ad_join.rb +2 -6
  198. data/lib/chef/resource/windows_audit_policy.rb +2 -2
  199. data/lib/chef/resource/windows_auto_run.rb +2 -5
  200. data/lib/chef/resource/windows_certificate.rb +207 -73
  201. data/lib/chef/resource/windows_defender.rb +163 -0
  202. data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
  203. data/lib/chef/resource/windows_dfs_folder.rb +2 -6
  204. data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
  205. data/lib/chef/resource/windows_dfs_server.rb +1 -3
  206. data/lib/chef/resource/windows_dns_record.rb +2 -6
  207. data/lib/chef/resource/windows_dns_zone.rb +2 -6
  208. data/lib/chef/resource/windows_env.rb +6 -5
  209. data/lib/chef/resource/windows_feature.rb +3 -9
  210. data/lib/chef/resource/windows_feature_dism.rb +3 -9
  211. data/lib/chef/resource/windows_feature_powershell.rb +3 -3
  212. data/lib/chef/resource/windows_firewall_profile.rb +4 -4
  213. data/lib/chef/resource/windows_firewall_rule.rb +20 -9
  214. data/lib/chef/resource/windows_font.rb +3 -5
  215. data/lib/chef/resource/windows_pagefile.rb +104 -69
  216. data/lib/chef/resource/windows_path.rb +4 -4
  217. data/lib/chef/resource/windows_printer.rb +80 -61
  218. data/lib/chef/resource/windows_printer_port.rb +49 -66
  219. data/lib/chef/resource/windows_security_policy.rb +56 -40
  220. data/lib/chef/resource/windows_share.rb +14 -21
  221. data/lib/chef/resource/windows_shortcut.rb +4 -6
  222. data/lib/chef/resource/windows_task.rb +19 -7
  223. data/lib/chef/resource/windows_uac.rb +3 -5
  224. data/lib/chef/resource/windows_update_settings.rb +259 -0
  225. data/lib/chef/resource/windows_user_privilege.rb +4 -4
  226. data/lib/chef/resource/windows_workgroup.rb +3 -4
  227. data/lib/chef/resource/yum_package.rb +10 -10
  228. data/lib/chef/resource/zypper_package.rb +4 -4
  229. data/lib/chef/resource/zypper_repository.rb +28 -8
  230. data/lib/chef/resource_builder.rb +8 -2
  231. data/lib/chef/resource_reporter.rb +0 -1
  232. data/lib/chef/resources.rb +13 -2
  233. data/lib/chef/run_lock.rb +1 -1
  234. data/lib/chef/runner.rb +1 -1
  235. data/lib/chef/secret_fetcher.rb +54 -0
  236. data/lib/chef/secret_fetcher/aws_secrets_manager.rb +53 -0
  237. data/lib/chef/secret_fetcher/azure_key_vault.rb +56 -0
  238. data/lib/chef/secret_fetcher/base.rb +72 -0
  239. data/lib/chef/secret_fetcher/example.rb +46 -0
  240. data/lib/chef/shell/ext.rb +3 -3
  241. data/lib/chef/user.rb +0 -1
  242. data/lib/chef/user_v1.rb +3 -4
  243. data/lib/chef/util/dsc/configuration_generator.rb +1 -0
  244. data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
  245. data/lib/chef/version.rb +1 -1
  246. data/lib/chef/win32/api.rb +9 -2
  247. data/lib/chef/win32/registry.rb +4 -2
  248. data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
  249. data/spec/data/lwrp/resources/bar.rb +2 -0
  250. data/spec/data/lwrp/resources/buck_passer.rb +1 -0
  251. data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
  252. data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
  253. data/spec/data/lwrp/resources/foo.rb +2 -0
  254. data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
  255. data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
  256. data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
  257. data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
  258. data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
  259. data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
  260. data/spec/data/lwrp_override/resources/foo.rb +1 -0
  261. data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
  262. data/spec/data/rubygems.org/sexp_processor-info +49 -0
  263. data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
  264. data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
  265. data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
  266. data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
  267. data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
  268. data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
  269. data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
  270. data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
  271. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  272. data/spec/functional/mixin/from_file_spec.rb +1 -1
  273. data/spec/functional/resource/aixinit_service_spec.rb +7 -7
  274. data/spec/functional/resource/apt_package_spec.rb +1 -1
  275. data/spec/functional/resource/chocolatey_package_spec.rb +13 -0
  276. data/spec/functional/resource/dnf_package_spec.rb +857 -534
  277. data/spec/functional/resource/group_spec.rb +1 -1
  278. data/spec/functional/resource/link_spec.rb +1 -1
  279. data/spec/functional/resource/registry_spec.rb +8 -8
  280. data/spec/functional/resource/remote_file_spec.rb +1 -1
  281. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  282. data/spec/functional/resource/windows_certificate_spec.rb +92 -35
  283. data/spec/functional/resource/windows_env_spec.rb +2 -2
  284. data/spec/functional/resource/windows_hostname_spec.rb +91 -0
  285. data/spec/functional/resource/windows_pagefile_spec.rb +98 -0
  286. data/spec/functional/resource/yum_package_spec.rb +495 -428
  287. data/spec/functional/version_spec.rb +1 -1
  288. data/spec/functional/win32/registry_spec.rb +1 -1
  289. data/spec/integration/client/client_spec.rb +5 -22
  290. data/spec/integration/client/exit_code_spec.rb +1 -1
  291. data/spec/integration/client/ipv6_spec.rb +1 -1
  292. data/spec/integration/compliance/compliance_spec.rb +1 -1
  293. data/spec/integration/ohai/ohai_spec.rb +7 -6
  294. data/spec/integration/recipes/accumulator_spec.rb +13 -1
  295. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
  296. data/spec/integration/recipes/lwrp_spec.rb +3 -1
  297. data/spec/integration/recipes/notifies_spec.rb +15 -1
  298. data/spec/integration/recipes/notifying_block_spec.rb +2 -1
  299. data/spec/integration/recipes/recipe_dsl_spec.rb +10 -10
  300. data/spec/integration/recipes/resource_action_spec.rb +4 -4
  301. data/spec/integration/recipes/unified_mode_spec.rb +71 -1
  302. data/spec/integration/recipes/use_partial_spec.rb +4 -1
  303. data/spec/spec_helper.rb +13 -13
  304. data/spec/support/chef_helpers.rb +1 -17
  305. data/spec/support/lib/chef/resource/with_state.rb +0 -1
  306. data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
  307. data/spec/support/lib/chef/resource/zen_master.rb +0 -1
  308. data/spec/support/matchers/leak.rb +7 -9
  309. data/spec/support/platform_helpers.rb +1 -8
  310. data/spec/support/shared/functional/execute_resource.rb +1 -1
  311. data/spec/support/shared/integration/integration_helper.rb +0 -1
  312. data/spec/support/shared/unit/provider/file.rb +3 -9
  313. data/spec/support/shared/unit/script_resource.rb +2 -2
  314. data/spec/unit/application/solo_spec.rb +2 -2
  315. data/spec/unit/chef_fs/diff_spec.rb +1 -1
  316. data/spec/unit/chef_fs/file_system/repository/directory_spec.rb +1 -1
  317. data/spec/unit/chef_fs/file_system_spec.rb +1 -1
  318. data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
  319. data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
  320. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
  321. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
  322. data/spec/unit/compliance/runner_spec.rb +31 -5
  323. data/spec/unit/cookbook_version_spec.rb +52 -0
  324. data/spec/unit/data_bag_item_spec.rb +1 -6
  325. data/spec/unit/data_collector_spec.rb +47 -1
  326. data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
  327. data/spec/unit/dsl/registry_helper_spec.rb +1 -1
  328. data/spec/unit/dsl/render_helpers_spec.rb +102 -0
  329. data/spec/unit/dsl/secret_spec.rb +65 -0
  330. data/spec/unit/handler_spec.rb +8 -2
  331. data/spec/unit/lwrp_spec.rb +1 -1
  332. data/spec/unit/mixin/params_validate_spec.rb +4 -3
  333. data/spec/unit/node/attribute_spec.rb +1 -1
  334. data/spec/unit/node_spec.rb +78 -0
  335. data/spec/unit/org_group_spec.rb +45 -0
  336. data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
  337. data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
  338. data/spec/unit/property_spec.rb +23 -22
  339. data/spec/unit/provider/apt_update_spec.rb +3 -1
  340. data/spec/unit/provider/cron_spec.rb +1 -1
  341. data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
  342. data/spec/unit/provider/group/groupmod_spec.rb +2 -2
  343. data/spec/unit/provider/group/pw_spec.rb +2 -2
  344. data/spec/unit/provider/group_spec.rb +1 -1
  345. data/spec/unit/provider/link_spec.rb +1 -1
  346. data/spec/unit/provider/mount/aix_spec.rb +1 -1
  347. data/spec/unit/provider/package/apt_spec.rb +84 -18
  348. data/spec/unit/provider/package/deb_spec.rb +3 -3
  349. data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -0
  350. data/spec/unit/provider/package/powershell_spec.rb +74 -12
  351. data/spec/unit/provider/package/rubygems_spec.rb +21 -33
  352. data/spec/unit/provider/package/yum/python_helper_spec.rb +1 -0
  353. data/spec/unit/provider/service/arch_service_spec.rb +1 -0
  354. data/spec/unit/provider/service/debian_service_spec.rb +1 -0
  355. data/spec/unit/provider/service/macosx_spec.rb +2 -2
  356. data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
  357. data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
  358. data/spec/unit/provider/service/windows_spec.rb +2 -2
  359. data/spec/unit/provider/subversion_spec.rb +2 -2
  360. data/spec/unit/provider/systemd_unit_spec.rb +79 -60
  361. data/spec/unit/provider/zypper_repository_spec.rb +5 -12
  362. data/spec/unit/provider_spec.rb +0 -8
  363. data/spec/unit/resource/inspec_waiver_file_entry_spec.rb +80 -0
  364. data/spec/unit/resource/powershell_script_spec.rb +2 -2
  365. data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
  366. data/spec/unit/resource/windows_defender_spec.rb +71 -0
  367. data/spec/unit/resource/windows_firewall_rule_spec.rb +12 -7
  368. data/spec/unit/resource/windows_pagefile_spec.rb +4 -9
  369. data/spec/unit/resource/windows_task_spec.rb +1 -1
  370. data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
  371. data/spec/unit/resource/zypper_repository_spec.rb +1 -1
  372. data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +63 -0
  373. data/spec/unit/secret_fetcher_spec.rb +82 -0
  374. data/spec/unit/user_spec.rb +1 -1
  375. data/spec/unit/user_v1_spec.rb +6 -4
  376. data/tasks/rspec.rb +9 -6
  377. metadata +59 -519
  378. data/bin/knife +0 -24
  379. data/lib/chef/application/knife.rb +0 -234
  380. data/lib/chef/application/windows_service.rb +0 -338
  381. data/lib/chef/application/windows_service_manager.rb +0 -205
  382. data/lib/chef/chef_fs/knife.rb +0 -160
  383. data/lib/chef/chef_fs/parallelizer.rb +0 -102
  384. data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
  385. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
  386. data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
  387. data/lib/chef/knife.rb +0 -665
  388. data/lib/chef/knife/acl_add.rb +0 -57
  389. data/lib/chef/knife/acl_base.rb +0 -183
  390. data/lib/chef/knife/acl_bulk_add.rb +0 -78
  391. data/lib/chef/knife/acl_bulk_remove.rb +0 -83
  392. data/lib/chef/knife/acl_remove.rb +0 -62
  393. data/lib/chef/knife/acl_show.rb +0 -56
  394. data/lib/chef/knife/bootstrap.rb +0 -1192
  395. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
  396. data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
  397. data/lib/chef/knife/bootstrap/templates/README.md +0 -11
  398. data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
  399. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
  400. data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
  401. data/lib/chef/knife/client_bulk_delete.rb +0 -104
  402. data/lib/chef/knife/client_create.rb +0 -101
  403. data/lib/chef/knife/client_delete.rb +0 -62
  404. data/lib/chef/knife/client_edit.rb +0 -52
  405. data/lib/chef/knife/client_key_create.rb +0 -73
  406. data/lib/chef/knife/client_key_delete.rb +0 -80
  407. data/lib/chef/knife/client_key_edit.rb +0 -83
  408. data/lib/chef/knife/client_key_list.rb +0 -73
  409. data/lib/chef/knife/client_key_show.rb +0 -80
  410. data/lib/chef/knife/client_list.rb +0 -41
  411. data/lib/chef/knife/client_reregister.rb +0 -58
  412. data/lib/chef/knife/client_show.rb +0 -48
  413. data/lib/chef/knife/config_get.rb +0 -39
  414. data/lib/chef/knife/config_get_profile.rb +0 -37
  415. data/lib/chef/knife/config_list.rb +0 -139
  416. data/lib/chef/knife/config_list_profiles.rb +0 -37
  417. data/lib/chef/knife/config_show.rb +0 -127
  418. data/lib/chef/knife/config_use.rb +0 -61
  419. data/lib/chef/knife/config_use_profile.rb +0 -47
  420. data/lib/chef/knife/configure.rb +0 -150
  421. data/lib/chef/knife/configure_client.rb +0 -48
  422. data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
  423. data/lib/chef/knife/cookbook_delete.rb +0 -151
  424. data/lib/chef/knife/cookbook_download.rb +0 -142
  425. data/lib/chef/knife/cookbook_list.rb +0 -47
  426. data/lib/chef/knife/cookbook_metadata.rb +0 -106
  427. data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
  428. data/lib/chef/knife/cookbook_show.rb +0 -98
  429. data/lib/chef/knife/cookbook_upload.rb +0 -292
  430. data/lib/chef/knife/core/bootstrap_context.rb +0 -264
  431. data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
  432. data/lib/chef/knife/core/formatting_options.rb +0 -49
  433. data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
  434. data/lib/chef/knife/core/generic_presenter.rb +0 -232
  435. data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
  436. data/lib/chef/knife/core/node_editor.rb +0 -130
  437. data/lib/chef/knife/core/node_presenter.rb +0 -133
  438. data/lib/chef/knife/core/object_loader.rb +0 -115
  439. data/lib/chef/knife/core/status_presenter.rb +0 -147
  440. data/lib/chef/knife/core/subcommand_loader.rb +0 -203
  441. data/lib/chef/knife/core/text_formatter.rb +0 -85
  442. data/lib/chef/knife/core/ui.rb +0 -338
  443. data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -406
  444. data/lib/chef/knife/data_bag_create.rb +0 -81
  445. data/lib/chef/knife/data_bag_delete.rb +0 -49
  446. data/lib/chef/knife/data_bag_edit.rb +0 -74
  447. data/lib/chef/knife/data_bag_from_file.rb +0 -113
  448. data/lib/chef/knife/data_bag_list.rb +0 -42
  449. data/lib/chef/knife/data_bag_secret_options.rb +0 -122
  450. data/lib/chef/knife/data_bag_show.rb +0 -69
  451. data/lib/chef/knife/delete.rb +0 -125
  452. data/lib/chef/knife/deps.rb +0 -156
  453. data/lib/chef/knife/diff.rb +0 -83
  454. data/lib/chef/knife/download.rb +0 -84
  455. data/lib/chef/knife/edit.rb +0 -88
  456. data/lib/chef/knife/environment_compare.rb +0 -128
  457. data/lib/chef/knife/environment_create.rb +0 -52
  458. data/lib/chef/knife/environment_delete.rb +0 -44
  459. data/lib/chef/knife/environment_edit.rb +0 -44
  460. data/lib/chef/knife/environment_from_file.rb +0 -84
  461. data/lib/chef/knife/environment_list.rb +0 -41
  462. data/lib/chef/knife/environment_show.rb +0 -47
  463. data/lib/chef/knife/exec.rb +0 -99
  464. data/lib/chef/knife/group_add.rb +0 -55
  465. data/lib/chef/knife/group_create.rb +0 -49
  466. data/lib/chef/knife/group_destroy.rb +0 -53
  467. data/lib/chef/knife/group_remove.rb +0 -56
  468. data/lib/chef/knife/group_show.rb +0 -49
  469. data/lib/chef/knife/key_create.rb +0 -112
  470. data/lib/chef/knife/key_create_base.rb +0 -50
  471. data/lib/chef/knife/key_delete.rb +0 -55
  472. data/lib/chef/knife/key_edit.rb +0 -118
  473. data/lib/chef/knife/key_edit_base.rb +0 -55
  474. data/lib/chef/knife/key_list.rb +0 -90
  475. data/lib/chef/knife/key_list_base.rb +0 -45
  476. data/lib/chef/knife/key_show.rb +0 -53
  477. data/lib/chef/knife/list.rb +0 -177
  478. data/lib/chef/knife/node_bulk_delete.rb +0 -75
  479. data/lib/chef/knife/node_create.rb +0 -47
  480. data/lib/chef/knife/node_delete.rb +0 -46
  481. data/lib/chef/knife/node_edit.rb +0 -70
  482. data/lib/chef/knife/node_environment_set.rb +0 -53
  483. data/lib/chef/knife/node_from_file.rb +0 -51
  484. data/lib/chef/knife/node_list.rb +0 -44
  485. data/lib/chef/knife/node_policy_set.rb +0 -79
  486. data/lib/chef/knife/node_run_list_add.rb +0 -104
  487. data/lib/chef/knife/node_run_list_remove.rb +0 -67
  488. data/lib/chef/knife/node_run_list_set.rb +0 -66
  489. data/lib/chef/knife/node_show.rb +0 -63
  490. data/lib/chef/knife/null.rb +0 -12
  491. data/lib/chef/knife/raw.rb +0 -123
  492. data/lib/chef/knife/rehash.rb +0 -50
  493. data/lib/chef/knife/role_bulk_delete.rb +0 -66
  494. data/lib/chef/knife/role_create.rb +0 -53
  495. data/lib/chef/knife/role_delete.rb +0 -46
  496. data/lib/chef/knife/role_edit.rb +0 -45
  497. data/lib/chef/knife/role_env_run_list_add.rb +0 -87
  498. data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
  499. data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
  500. data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
  501. data/lib/chef/knife/role_env_run_list_set.rb +0 -70
  502. data/lib/chef/knife/role_from_file.rb +0 -51
  503. data/lib/chef/knife/role_list.rb +0 -42
  504. data/lib/chef/knife/role_run_list_add.rb +0 -87
  505. data/lib/chef/knife/role_run_list_clear.rb +0 -55
  506. data/lib/chef/knife/role_run_list_remove.rb +0 -56
  507. data/lib/chef/knife/role_run_list_replace.rb +0 -60
  508. data/lib/chef/knife/role_run_list_set.rb +0 -69
  509. data/lib/chef/knife/role_show.rb +0 -48
  510. data/lib/chef/knife/search.rb +0 -194
  511. data/lib/chef/knife/serve.rb +0 -65
  512. data/lib/chef/knife/show.rb +0 -72
  513. data/lib/chef/knife/ssh.rb +0 -645
  514. data/lib/chef/knife/ssl_check.rb +0 -284
  515. data/lib/chef/knife/ssl_fetch.rb +0 -161
  516. data/lib/chef/knife/status.rb +0 -95
  517. data/lib/chef/knife/supermarket_download.rb +0 -121
  518. data/lib/chef/knife/supermarket_install.rb +0 -192
  519. data/lib/chef/knife/supermarket_list.rb +0 -76
  520. data/lib/chef/knife/supermarket_search.rb +0 -53
  521. data/lib/chef/knife/supermarket_share.rb +0 -166
  522. data/lib/chef/knife/supermarket_show.rb +0 -66
  523. data/lib/chef/knife/supermarket_unshare.rb +0 -61
  524. data/lib/chef/knife/tag_create.rb +0 -52
  525. data/lib/chef/knife/tag_delete.rb +0 -60
  526. data/lib/chef/knife/tag_list.rb +0 -47
  527. data/lib/chef/knife/upload.rb +0 -86
  528. data/lib/chef/knife/user_create.rb +0 -107
  529. data/lib/chef/knife/user_delete.rb +0 -44
  530. data/lib/chef/knife/user_dissociate.rb +0 -42
  531. data/lib/chef/knife/user_edit.rb +0 -52
  532. data/lib/chef/knife/user_invite_add.rb +0 -43
  533. data/lib/chef/knife/user_invite_list.rb +0 -34
  534. data/lib/chef/knife/user_invite_rescind.rb +0 -63
  535. data/lib/chef/knife/user_key_create.rb +0 -73
  536. data/lib/chef/knife/user_key_delete.rb +0 -80
  537. data/lib/chef/knife/user_key_edit.rb +0 -83
  538. data/lib/chef/knife/user_key_list.rb +0 -73
  539. data/lib/chef/knife/user_key_show.rb +0 -80
  540. data/lib/chef/knife/user_list.rb +0 -42
  541. data/lib/chef/knife/user_reregister.rb +0 -59
  542. data/lib/chef/knife/user_show.rb +0 -48
  543. data/lib/chef/knife/xargs.rb +0 -282
  544. data/lib/chef/knife/yaml_convert.rb +0 -91
  545. data/lib/chef/provider/package/yum/simplejson/LICENSE.txt +0 -79
  546. data/lib/chef/provider/package/yum/simplejson/__init__.py +0 -318
  547. data/lib/chef/provider/package/yum/simplejson/__init__.pyc +0 -0
  548. data/lib/chef/provider/package/yum/simplejson/decoder.py +0 -354
  549. data/lib/chef/provider/package/yum/simplejson/decoder.pyc +0 -0
  550. data/lib/chef/provider/package/yum/simplejson/encoder.py +0 -440
  551. data/lib/chef/provider/package/yum/simplejson/encoder.pyc +0 -0
  552. data/lib/chef/provider/package/yum/simplejson/scanner.py +0 -65
  553. data/lib/chef/provider/package/yum/simplejson/scanner.pyc +0 -0
  554. data/lib/chef/provider/package/yum/simplejson/tool.py +0 -37
  555. data/lib/chef/resource/user/dscl_user.rb +0 -35
  556. data/spec/functional/knife/configure_spec.rb +0 -33
  557. data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
  558. data/spec/functional/knife/exec_spec.rb +0 -55
  559. data/spec/functional/knife/rehash_spec.rb +0 -39
  560. data/spec/functional/knife/smoke_test.rb +0 -42
  561. data/spec/functional/knife/ssh_spec.rb +0 -352
  562. data/spec/functional/resource/user/dscl_spec.rb +0 -188
  563. data/spec/functional/resource/windows_service_spec.rb +0 -105
  564. data/spec/functional/win32/service_manager_spec.rb +0 -220
  565. data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
  566. data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
  567. data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
  568. data/spec/integration/knife/chefignore_spec.rb +0 -301
  569. data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
  570. data/spec/integration/knife/client_create_spec.rb +0 -70
  571. data/spec/integration/knife/client_delete_spec.rb +0 -64
  572. data/spec/integration/knife/client_key_create_spec.rb +0 -66
  573. data/spec/integration/knife/client_key_delete_spec.rb +0 -43
  574. data/spec/integration/knife/client_key_list_spec.rb +0 -61
  575. data/spec/integration/knife/client_key_show_spec.rb +0 -45
  576. data/spec/integration/knife/client_list_spec.rb +0 -49
  577. data/spec/integration/knife/client_show_spec.rb +0 -37
  578. data/spec/integration/knife/common_options_spec.rb +0 -174
  579. data/spec/integration/knife/config_list_spec.rb +0 -220
  580. data/spec/integration/knife/config_show_spec.rb +0 -192
  581. data/spec/integration/knife/config_use_spec.rb +0 -198
  582. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
  583. data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
  584. data/spec/integration/knife/cookbook_download_spec.rb +0 -72
  585. data/spec/integration/knife/cookbook_list_spec.rb +0 -55
  586. data/spec/integration/knife/cookbook_show_spec.rb +0 -149
  587. data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
  588. data/spec/integration/knife/data_bag_create_spec.rb +0 -125
  589. data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
  590. data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
  591. data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
  592. data/spec/integration/knife/data_bag_list_spec.rb +0 -44
  593. data/spec/integration/knife/data_bag_show_spec.rb +0 -95
  594. data/spec/integration/knife/delete_spec.rb +0 -1018
  595. data/spec/integration/knife/deps_spec.rb +0 -703
  596. data/spec/integration/knife/diff_spec.rb +0 -605
  597. data/spec/integration/knife/download_spec.rb +0 -1336
  598. data/spec/integration/knife/environment_compare_spec.rb +0 -75
  599. data/spec/integration/knife/environment_create_spec.rb +0 -41
  600. data/spec/integration/knife/environment_delete_spec.rb +0 -37
  601. data/spec/integration/knife/environment_from_file_spec.rb +0 -116
  602. data/spec/integration/knife/environment_list_spec.rb +0 -42
  603. data/spec/integration/knife/environment_show_spec.rb +0 -77
  604. data/spec/integration/knife/list_spec.rb +0 -1060
  605. data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
  606. data/spec/integration/knife/node_create_spec.rb +0 -47
  607. data/spec/integration/knife/node_delete_spec.rb +0 -48
  608. data/spec/integration/knife/node_environment_set_spec.rb +0 -46
  609. data/spec/integration/knife/node_from_file_spec.rb +0 -59
  610. data/spec/integration/knife/node_list_spec.rb +0 -45
  611. data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
  612. data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
  613. data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
  614. data/spec/integration/knife/node_show_spec.rb +0 -36
  615. data/spec/integration/knife/raw_spec.rb +0 -297
  616. data/spec/integration/knife/redirection_spec.rb +0 -64
  617. data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
  618. data/spec/integration/knife/role_create_spec.rb +0 -41
  619. data/spec/integration/knife/role_delete_spec.rb +0 -48
  620. data/spec/integration/knife/role_from_file_spec.rb +0 -96
  621. data/spec/integration/knife/role_list_spec.rb +0 -45
  622. data/spec/integration/knife/role_show_spec.rb +0 -51
  623. data/spec/integration/knife/search_node_spec.rb +0 -40
  624. data/spec/integration/knife/serve_spec.rb +0 -92
  625. data/spec/integration/knife/show_spec.rb +0 -197
  626. data/spec/integration/knife/upload_spec.rb +0 -1617
  627. data/spec/support/shared/functional/win32_service.rb +0 -57
  628. data/spec/unit/application/knife_spec.rb +0 -241
  629. data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
  630. data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
  631. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
  632. data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
  633. data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
  634. data/spec/unit/knife/bootstrap_spec.rb +0 -2220
  635. data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
  636. data/spec/unit/knife/client_create_spec.rb +0 -169
  637. data/spec/unit/knife/client_delete_spec.rb +0 -99
  638. data/spec/unit/knife/client_edit_spec.rb +0 -53
  639. data/spec/unit/knife/client_list_spec.rb +0 -34
  640. data/spec/unit/knife/client_reregister_spec.rb +0 -62
  641. data/spec/unit/knife/client_show_spec.rb +0 -52
  642. data/spec/unit/knife/configure_client_spec.rb +0 -81
  643. data/spec/unit/knife/configure_spec.rb +0 -190
  644. data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
  645. data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
  646. data/spec/unit/knife/cookbook_download_spec.rb +0 -255
  647. data/spec/unit/knife/cookbook_list_spec.rb +0 -88
  648. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
  649. data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
  650. data/spec/unit/knife/cookbook_show_spec.rb +0 -253
  651. data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
  652. data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
  653. data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
  654. data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
  655. data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
  656. data/spec/unit/knife/core/node_editor_spec.rb +0 -211
  657. data/spec/unit/knife/core/object_loader_spec.rb +0 -81
  658. data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
  659. data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
  660. data/spec/unit/knife/core/ui_spec.rb +0 -656
  661. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
  662. data/spec/unit/knife/data_bag_create_spec.rb +0 -175
  663. data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
  664. data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
  665. data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
  666. data/spec/unit/knife/data_bag_show_spec.rb +0 -139
  667. data/spec/unit/knife/environment_compare_spec.rb +0 -112
  668. data/spec/unit/knife/environment_create_spec.rb +0 -91
  669. data/spec/unit/knife/environment_delete_spec.rb +0 -71
  670. data/spec/unit/knife/environment_edit_spec.rb +0 -79
  671. data/spec/unit/knife/environment_from_file_spec.rb +0 -90
  672. data/spec/unit/knife/environment_list_spec.rb +0 -54
  673. data/spec/unit/knife/environment_show_spec.rb +0 -52
  674. data/spec/unit/knife/key_create_spec.rb +0 -223
  675. data/spec/unit/knife/key_delete_spec.rb +0 -133
  676. data/spec/unit/knife/key_edit_spec.rb +0 -264
  677. data/spec/unit/knife/key_helper.rb +0 -74
  678. data/spec/unit/knife/key_list_spec.rb +0 -216
  679. data/spec/unit/knife/key_show_spec.rb +0 -126
  680. data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
  681. data/spec/unit/knife/node_delete_spec.rb +0 -77
  682. data/spec/unit/knife/node_edit_spec.rb +0 -116
  683. data/spec/unit/knife/node_environment_set_spec.rb +0 -61
  684. data/spec/unit/knife/node_from_file_spec.rb +0 -59
  685. data/spec/unit/knife/node_list_spec.rb +0 -62
  686. data/spec/unit/knife/node_policy_set_spec.rb +0 -122
  687. data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
  688. data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
  689. data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
  690. data/spec/unit/knife/node_show_spec.rb +0 -65
  691. data/spec/unit/knife/raw_spec.rb +0 -43
  692. data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
  693. data/spec/unit/knife/role_create_spec.rb +0 -80
  694. data/spec/unit/knife/role_delete_spec.rb +0 -67
  695. data/spec/unit/knife/role_edit_spec.rb +0 -77
  696. data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
  697. data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
  698. data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
  699. data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
  700. data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
  701. data/spec/unit/knife/role_from_file_spec.rb +0 -69
  702. data/spec/unit/knife/role_list_spec.rb +0 -54
  703. data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
  704. data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
  705. data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
  706. data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
  707. data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
  708. data/spec/unit/knife/role_show_spec.rb +0 -59
  709. data/spec/unit/knife/ssh_spec.rb +0 -403
  710. data/spec/unit/knife/ssl_check_spec.rb +0 -256
  711. data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
  712. data/spec/unit/knife/status_spec.rb +0 -112
  713. data/spec/unit/knife/supermarket_download_spec.rb +0 -152
  714. data/spec/unit/knife/supermarket_install_spec.rb +0 -202
  715. data/spec/unit/knife/supermarket_list_spec.rb +0 -70
  716. data/spec/unit/knife/supermarket_search_spec.rb +0 -85
  717. data/spec/unit/knife/supermarket_share_spec.rb +0 -208
  718. data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
  719. data/spec/unit/knife/tag_create_spec.rb +0 -23
  720. data/spec/unit/knife/tag_delete_spec.rb +0 -25
  721. data/spec/unit/knife/tag_list_spec.rb +0 -23
  722. data/spec/unit/knife/user_create_spec.rb +0 -184
  723. data/spec/unit/knife/user_delete_spec.rb +0 -46
  724. data/spec/unit/knife/user_edit_spec.rb +0 -48
  725. data/spec/unit/knife/user_list_spec.rb +0 -36
  726. data/spec/unit/knife/user_reregister_spec.rb +0 -56
  727. data/spec/unit/knife/user_show_spec.rb +0 -46
  728. data/spec/unit/knife_spec.rb +0 -634
  729. data/spec/unit/provider/user/dscl_spec.rb +0 -699
  730. data/spec/unit/windows_service_spec.rb +0 -118
@@ -0,0 +1,19 @@
1
+ <?xml version="1.0" encoding="utf-8"?>
2
+ <configuration>
3
+ <appSettings>
4
+ <add key="debug" value="false" />
5
+ <% if @auth_token %>
6
+ <add key="ENV_HAB_AUTH_TOKEN" value="<%= @auth_token %>" />
7
+ <% end %>
8
+ <% if @gateway_auth_token %>
9
+ <add key="ENV_HAB_SUP_GATEWAY_AUTH_TOKEN" value="<%= @gateway_auth_token %>" />
10
+ <% end %>
11
+ <% if @bldr_url %>
12
+ <add key="ENV_HAB_BLDR_URL" value="<%= @bldr_url %>" />
13
+ <% end %>
14
+ <%if @exec_start_options %>
15
+ <add key="launcherArgs" value="--no-color <%= @exec_start_options %>" />
16
+ <% end %>
17
+ <add key="launcherPath" value="C:\Hab\pkgs\<%= `hab pkg list core/hab-launcher`.split().last %>\bin\hab-launch.exe"/>
18
+ </appSettings>
19
+ </configuration>
@@ -18,10 +18,17 @@
18
18
  @pid_file
19
19
  @policy_group
20
20
  @policy_name
21
- @ssl_verify_mode).each do |prop| -%>
21
+ @ssl_verify_mode
22
+ @policy_persist_run_list).each do |prop| -%>
22
23
  <% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
23
24
  <%=prop.delete_prefix("@") %> <%= instance_variable_get(prop).inspect %>
24
25
  <% end -%>
26
+ <%# ohai_disabled_plugins and ohai_optional_plugins properties don't match the config value perfectly-%>
27
+ <% %w(@ohai_disabled_plugins
28
+ @ohai_optional_plugins).each do |prop| -%>
29
+ <% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
30
+ <%=prop.gsub("@ohai_", "ohai.") %> <%= instance_variable_get(prop).inspect %>
31
+ <% end -%>
25
32
  <%# log_location is special due to STDOUT/STDERR from String -> IO Object -%>
26
33
  <% unless @log_location.nil? %>
27
34
  <% if @log_location.is_a?(String) && %w(STDOUT STDERR).include?(@log_location) -%>
@@ -0,0 +1,179 @@
1
+ # sup.toml
2
+ # Used for passing configuration options to the Chef Habitat supervisor
3
+ # This file is controlled by the 'habitat' cookbook and should not be modified by hand -- local modifications may be overwritten.
4
+
5
+ ### The listen address for the Gossip Gateway
6
+ <% if @listen_gossip %>
7
+ listen_gossip = "<%= @listen_gossip %>"
8
+ <% end %>
9
+
10
+ ### Start the supervisor in local mode
11
+ # local_gossip_mode =
12
+
13
+ ### The listen address for the HTTP Gateway
14
+ <% if @listen_http %>
15
+ listen_http = "<%= @listen_http %>"
16
+ <% end %>
17
+ ### Disable the HTTP Gateway completely
18
+ # http_disable =
19
+
20
+ ### The listen address for the Control Gateway
21
+ <% if @listen_ctl %>
22
+ listen_ctl = "<%= @listen_ctl %>"
23
+ <% end %>
24
+ ### The organization the Supervisor and its services are part of
25
+ <% if @organization %>
26
+ organization = "<%= @organization %>"
27
+ <% end %>
28
+ ### The listen address of one or more initial peers (IP[:PORT])
29
+ <% if @peer %>
30
+ peer = <%= @peer %>
31
+ <% end %>
32
+ ### Make this Supervisor a permanent peer
33
+ <% if @permanent_peer %>
34
+ permanent_peer = <%= @permanent_peer %>
35
+ <% end %>
36
+ ### Watch this file for connecting to the ring
37
+ # peer_watch_file =
38
+
39
+ ### Cache for creating and searching for encryption keys
40
+ # cache_key_path =
41
+
42
+ ### The name of the ring used by the Supervisor when running with wire encryption
43
+ <% if @ring %>
44
+ ring = "<%= @ring %>"
45
+ <% end %>
46
+ ### Use the package config from this path rather than the package itself
47
+ # config_from =
48
+
49
+ ### Enable automatic updates for the Supervisor itself
50
+ <% if @auto_update %>
51
+ auto_update = <%= @auto_update %>
52
+ <% end %>
53
+ ### The period of time in seconds between Supervisor update checks
54
+ # auto_update_period =
55
+
56
+ ### The period of time in seconds between service update checks
57
+ # service_update_period =
58
+
59
+ ### The private key for HTTP Gateway TLS encryption
60
+ ###
61
+ ### Read the private key from KEY_FILE. This should be an RSA private key or PKCS8-encoded private key in PEM format.
62
+ # key_file =
63
+
64
+ ### The server certificates for HTTP Gateway TLS encryption
65
+ ###
66
+ ### Read server certificates from CERT_FILE. This should contain PEM-format certificates in the right order. The first certificate should certify KEY_FILE. The last should be a root CA.
67
+ # cert_file =
68
+
69
+ ### The CA certificate for HTTP Gateway TLS encryption
70
+ ###
71
+ ### Read the CA certificate from CA_CERT_FILE. This should contain PEM-format certificate that can be used to validate client requests
72
+ # ca_cert_file =
73
+
74
+ ### Load a Habitat package as part of the Supervisor startup
75
+ ###
76
+ ### The package can be specified by a package identifier (ex: core/redis) or filepath to a Habitat artifact (ex: /home/core-redis-3.0.7-21120102031201-x86_64-linux.hart).
77
+ # pkg_ident_or_artifact =
78
+
79
+ ### Verbose output showing file and line/column numbers
80
+ # verbose =
81
+
82
+ ### Turn ANSI color off
83
+ # no_color =
84
+
85
+ ### Use structured JSON logging for the Supervisor
86
+ ###
87
+ ### This option also sets NO_COLOR.
88
+ # json_logging =
89
+
90
+ ### The IPv4 address to use as the `sys.ip` template variable
91
+ ###
92
+ ### If this argument is not set, the supervisor tries to dynamically determine an IP address. If that fails, the supervisor defaults to using `127.0.0.1`.
93
+ # sys_ip_address =
94
+
95
+ ### The name of the application for event stream purposes
96
+ ###
97
+ ### This will be attached to all events generated by this Supervisor.
98
+ <% if @event_stream_application %>
99
+ event_stream_application = "<%= @event_stream_application %>"
100
+ <% end %>
101
+ ### The name of the environment for event stream purposes
102
+ ###
103
+ ### This will be attached to all events generated by this Supervisor.
104
+ <% if @event_stream_environment %>
105
+ event_stream_environment = "<%= @event_stream_environment %>"
106
+ <% end %>
107
+ ### Event stream connection timeout before exiting the Supervisor
108
+ ###
109
+ ### Set to '0' to immediately start the Supervisor and continue running regardless of the initial connection status.
110
+ # event_stream_connect_timeout =
111
+
112
+ ### The event stream connection url used to send events to Chef Automate
113
+ ###
114
+ ### This enables the event stream and requires EVENT_STREAM_APPLICATION, EVENT_STREAM_ENVIRONMENT, and EVENT_STREAM_TOKEN also be set.
115
+ <% if @event_stream_url %>
116
+ event_stream_url = "<%= @event_stream_url %>"
117
+ <% end %>
118
+ ### The name of the site where this Supervisor is running for event stream purposes
119
+ <% if @event_stream_site %>
120
+ event_stream_site = "<%= @event_stream_site %>"
121
+ <% end %>
122
+ ### The authentication token for connecting the event stream to Chef Automate
123
+ <% if @event_stream_token %>
124
+ event_stream_token = "<%= @event_stream_token %>"
125
+ <% end %>
126
+ ### An arbitrary key-value pair to add to each event generated by this Supervisor
127
+ # event_meta = []
128
+
129
+ ### The path to Chef Automate's event stream certificate used to establish a TLS connection
130
+ ###
131
+ ### The certificate should be in PEM format.
132
+ <% if @event_stream_server_certificate %>
133
+ event_stream_server_certificate = "<%= @event_stream_server_certificate %>"
134
+ <% end %>
135
+ ### Automatically cleanup old packages
136
+ ###
137
+ ### The Supervisor will automatically cleanup old packages only keeping the KEEP_LATEST_PACKAGES latest packages. If this argument is not specified, no automatic package cleanup is performed.
138
+ <% if @keep_latest_packages %>
139
+ keep_latest_packages = "<%= @keep_latest_packages %>"
140
+ <% end %>
141
+ ### Receive updates from the specified release channel
142
+ # channel =
143
+
144
+ ### Specify an alternate Builder endpoint. If not specified, the value will be taken from the HAB_BLDR_URL environment variable if defined. (default: https://bldr.habitat.sh)
145
+ <% if @bldr_url %>
146
+ bldr_url = "<%= @bldr_url %>"
147
+ <% end %>
148
+ ### The service group with shared config and topology
149
+ # group =
150
+
151
+ ### Service topology
152
+ # topology =
153
+
154
+ ### The update strategy
155
+ # strategy =
156
+
157
+ ### The condition dictating when this service should update
158
+ ###
159
+ ### latest: Runs the latest package that can be found in the configured channel and local packages.
160
+ ###
161
+ ### track-channel: Always run what is at the head of a given channel. This enables service rollback where demoting a package from a channel will cause the package to rollback to an older version of the package. A ramification of enabling this condition is packages newer than the package at the head of the channel will be automatically uninstalled during a service rollback.
162
+ <% if @update_condition %>
163
+ update_condition = "<%= @update_condition %>"
164
+ <% end %>
165
+ ### One or more service groups to bind to a configuration
166
+ # bind = []
167
+
168
+ ### Governs how the presence or absence of binds affects service startup
169
+ ###
170
+ ### strict: blocks startup until all binds are present.
171
+ # binding_mode =
172
+
173
+ ### The interval in seconds on which to run health checks
174
+ # health_check_interval =
175
+
176
+ ### The delay in seconds after sending the shutdown signal to wait before killing the service process
177
+ ###
178
+ ### The default value can be set in the packages plan file.
179
+ # shutdown_timeout =
@@ -63,9 +63,7 @@ class Chef
63
63
  property :swappiness, Integer,
64
64
  description: "The swappiness value to set on the system."
65
65
 
66
- action :create do
67
- description "Create a swapfile."
68
-
66
+ action :create, description: "Create a swapfile." do
69
67
  if swap_enabled?
70
68
  Chef::Log.debug("#{new_resource} already created - nothing to do")
71
69
  else
@@ -85,9 +83,7 @@ class Chef
85
83
  end
86
84
  end
87
85
 
88
- action :remove do
89
- description "Remove a swapfile and disable swap."
90
-
86
+ action :remove, description: "Remove a swapfile and disable swap." do
91
87
  swapoff if swap_enabled?
92
88
  remove_swapfile if ::File.exist?(new_resource.path)
93
89
  end
@@ -131,9 +131,7 @@ class Chef
131
131
 
132
132
  end
133
133
 
134
- action :apply do
135
- description "Apply a sysctl value."
136
-
134
+ action :apply, description: "Apply a sysctl value." do
137
135
  converge_if_changed do
138
136
  # set it temporarily
139
137
  set_sysctl_param(new_resource.key, new_resource.value)
@@ -152,9 +150,7 @@ class Chef
152
150
  end
153
151
  end
154
152
 
155
- action :remove do
156
- description "Remove a sysctl value."
157
-
153
+ action :remove, description: "Remove a sysctl value." do
158
154
  # only converge the resource if the file actually exists to delete
159
155
  if ::File.exist?("#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf")
160
156
  converge_by "removing sysctl config at #{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf" do
@@ -34,7 +34,7 @@ class Chef
34
34
 
35
35
  ```ruby
36
36
  systemd_unit 'etcd.service' do
37
- content({Unit: {
37
+ content(Unit: {
38
38
  Description: 'Etcd',
39
39
  Documentation: ['https://coreos.com/etcd', 'man:etcd(1)'],
40
40
  After: 'network.target',
@@ -46,7 +46,7 @@ class Chef
46
46
  },
47
47
  Install: {
48
48
  WantedBy: 'multi-user.target',
49
- }})
49
+ })
50
50
  action [:create, :enable]
51
51
  end
52
52
  ```
@@ -61,7 +61,7 @@ class Chef
61
61
 
62
62
  property :variables, Hash,
63
63
  description: "The variables property of the template resource can be used to reference a partial template file by using a Hash.",
64
- default: lazy { {} }
64
+ default: {}
65
65
 
66
66
  property :cookbook, String,
67
67
  description: "The cookbook in which a file is located (if it is not located in the current cookbook). The default value is the current cookbook.",
@@ -119,9 +119,7 @@ class Chef
119
119
  end
120
120
  end
121
121
 
122
- action :set do
123
- description "Set the timezone."
124
-
122
+ action :set, description: "Set the system timezone." do
125
123
  # we have to check windows first since the value isn't case sensitive here
126
124
  if windows?
127
125
  unless current_windows_tz.casecmp?(new_resource.timezone)
@@ -61,7 +61,7 @@ class Chef
61
61
  unified_mode true
62
62
 
63
63
  provides :mac_user
64
- provides :user, platform: "mac_os_x", platform_version: ">= 10.14"
64
+ provides :user, platform: "mac_os_x"
65
65
 
66
66
  introduced "15.3"
67
67
 
@@ -78,7 +78,7 @@ class Chef
78
78
  coerce: proc { |m| m.end_with?(".conf") ? m : m + ".conf" },
79
79
  default: lazy { |r| r.username == "*" ? "00_all_limits.conf" : "#{r.username}_limits.conf" }
80
80
 
81
- action :create do
81
+ action :create, description: "Create a ulimit configuration file." do
82
82
  template "/etc/security/limits.d/#{new_resource.filename}" do
83
83
  source ::File.expand_path("support/ulimit.erb", __dir__)
84
84
  local true
@@ -106,7 +106,7 @@ class Chef
106
106
  end
107
107
  end
108
108
 
109
- action :delete do
109
+ action :delete, description: "Delete an existing ulimit configuration file." do
110
110
  file "/etc/security/limits.d/#{new_resource.filename}" do
111
111
  action :delete
112
112
  end
@@ -97,9 +97,7 @@ class Chef
97
97
  property :sensitive, [TrueClass, FalseClass],
98
98
  default: true, desired_state: false
99
99
 
100
- action :join do
101
- description "Join the Active Directory domain."
102
-
100
+ action :join, description: "Join the Active Directory domain." do
103
101
  unless on_desired_domain?
104
102
  cmd = "$pswd = ConvertTo-SecureString \'#{new_resource.domain_password}\' -AsPlainText -Force;"
105
103
  cmd << "$credential = New-Object System.Management.Automation.PSCredential (\"#{sanitize_usename}\",$pswd);"
@@ -129,9 +127,7 @@ class Chef
129
127
  end
130
128
  end
131
129
 
132
- action :leave do
133
- description "Leave the Active Directory domain."
134
-
130
+ action :leave, description: "Leave an Active Directory domain and re-join a workgroup." do
135
131
  if joined_to_domain?
136
132
  cmd = ""
137
133
  cmd << "$pswd = ConvertTo-SecureString \'#{new_resource.domain_password}\' -AsPlainText -Force;"
@@ -106,7 +106,7 @@ class Chef
106
106
 
107
107
  ```ruby
108
108
  windows_audit_policy "Set Audit Policy for 'Credential Validation' actions to 'Success'" do
109
- subcategory 'Credential Validation'
109
+ subcategory 'Credential Validation'
110
110
  success true
111
111
  failure false
112
112
  action :set
@@ -152,7 +152,7 @@ class Chef
152
152
  property :audit_base_directories, [true, false],
153
153
  description: "Setting this audit policy option to true will force the system to assign a System Access Control List to named objects to enable auditing of container objects such as directories."
154
154
 
155
- action :set do
155
+ action :set, description: "Configure an audit policy." do
156
156
  unless new_resource.subcategory.nil?
157
157
  new_resource.subcategory.each do |subcategory|
158
158
  next if subcategory_configured?(subcategory, new_resource.success, new_resource.failure)
@@ -57,8 +57,7 @@ class Chef
57
57
 
58
58
  alias_method :program, :path
59
59
 
60
- action :create do
61
- description "Create an item to be run at login."
60
+ action :create, description: "Create an item to be run at login." do
62
61
 
63
62
  data = "\"#{new_resource.path}\""
64
63
  data << " #{new_resource.args}" if new_resource.args
@@ -73,9 +72,7 @@ class Chef
73
72
  end
74
73
  end
75
74
 
76
- action :remove do
77
- description "Remove an item that was previously setup to run at login"
78
-
75
+ action :remove, description: "Remove an item that was previously configured to run at login." do
79
76
  registry_key registry_path do
80
77
  values [{
81
78
  name: new_resource.program_name,
@@ -19,6 +19,7 @@
19
19
 
20
20
  require_relative "../util/path_helper"
21
21
  require_relative "../resource"
22
+ require_relative "../exceptions"
22
23
  module Win32
23
24
  autoload :Certstore, "win32-certstore" if Chef::Platform.windows?
24
25
  end
@@ -62,11 +63,11 @@ class Chef
62
63
  DOC
63
64
 
64
65
  property :source, String,
65
- description: "The source file (for create and acl_add), thumbprint (for delete and acl_add) or subject (for delete) if it differs from the resource block's name.",
66
+ description: "The source file (for `create` and `acl_add`), thumbprint (for `delete`, `export`, and `acl_add`), or subject (for `delete` or `export`) if it differs from the resource block's name.",
66
67
  name_property: true
67
68
 
68
69
  property :pfx_password, String,
69
- description: "The password to access the source if it is a pfx file."
70
+ description: "The password to access the object with if it is a PFX file."
70
71
 
71
72
  property :private_key_acl, Array,
72
73
  description: "An array of 'domain\\account' entries to be granted read-only access to the certificate's private key. Not idempotent."
@@ -79,8 +80,7 @@ class Chef
79
80
  description: "Use the `CurrentUser` store instead of the default `LocalMachine` store. Note: Prior to #{ChefUtils::Dist::Infra::CLIENT}. 16.10 this property was ignored.",
80
81
  default: false
81
82
 
82
- property :cert_path, String,
83
- description: "The path to the certificate."
83
+ deprecated_property_alias :cert_path, :output_path, "The cert_path property was renamed output_path in the 17.0 release of #{ChefUtils::Dist::Infra::CLIENT}. Please update your cookbooks to use the new property name."
84
84
 
85
85
  # lazy used to set default value of sensitive to true if password is set
86
86
  property :sensitive, [TrueClass, FalseClass],
@@ -92,19 +92,20 @@ class Chef
92
92
  default: false,
93
93
  introduced: "16.8"
94
94
 
95
- action :create do
96
- description "Creates or updates a certificate."
95
+ property :output_path, String,
96
+ description: "A path on the node where a certificate object (PFX, PEM, CER, KEY, etc) can be exported to.",
97
+ introduced: "17.0"
97
98
 
98
- # Extension of the certificate
99
- ext = ::File.extname(new_resource.source)
99
+ action :create, description: "Creates or updates a certificate." do
100
+ ext = get_file_extension(new_resource.source)
100
101
 
101
102
  # PFX certificates contains private keys and we import them with some other approach
102
- import_certificates(fetch_cert_object(ext), (ext == ".pfx"))
103
+ # import_certificates(fetch_cert_object(ext), (ext == ".pfx"))
104
+ import_certificates(fetch_cert_object_from_file(ext), (ext == ".pfx"))
103
105
  end
104
106
 
105
107
  # acl_add is a modify-if-exists operation : not idempotent
106
- action :acl_add do
107
- description "Adds read-only entries to a certificate's private key ACL."
108
+ action :acl_add, description: "Adds read-only entries to a certificate's private key ACL." do
108
109
 
109
110
  if ::File.exist?(new_resource.source)
110
111
  hash = "$cert.GetCertHashString()"
@@ -127,9 +128,9 @@ class Chef
127
128
  end
128
129
  end
129
130
 
130
- action :delete do
131
- description "Deletes a certificate."
131
+ action :delete, description: "Deletes a certificate." do
132
132
  cert_obj = fetch_cert
133
+
133
134
  if cert_obj
134
135
  converge_by("Deleting certificate #{new_resource.source} from Store #{new_resource.store_name}") do
135
136
  delete_cert
@@ -139,20 +140,27 @@ class Chef
139
140
  end
140
141
  end
141
142
 
142
- action :fetch do
143
- description "Fetches a certificate."
143
+ action :fetch, description: "Fetches a certificate." do
144
+ unless new_resource.output_path
145
+ raise Chef::Exceptions::ResourceNotFound, "You must include an output_path parameter when calling the fetch action"
146
+ end
147
+
148
+ if ::File.extname(new_resource.output_path) == ".pfx"
149
+ powershell_exec!(pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_resource.output_path, password: new_resource.pfx_password ))
150
+ else
151
+ cert_obj = fetch_cert
152
+ end
144
153
 
145
- cert_obj = fetch_cert
146
154
  if cert_obj
147
- show_or_store_cert(cert_obj)
155
+ converge_by("Fetching certificate #{new_resource.source} from Store \\#{ps_cert_location}\\#{new_resource.store_name}") do
156
+ export_cert(cert_obj, output_path: new_resource.output_path, store_name: new_resource.store_name , store_location: ps_cert_location, pfx_password: new_resource.pfx_password)
157
+ end
148
158
  else
149
159
  Chef::Log.debug("Certificate not found")
150
160
  end
151
161
  end
152
162
 
153
- action :verify do
154
- description ""
155
-
163
+ action :verify, description: "Verifies a certificate and logs the result." do
156
164
  out = verify_cert
157
165
  if !!out == out
158
166
  out = out ? "Certificate is valid" : "Certificate not valid"
@@ -161,6 +169,7 @@ class Chef
161
169
  end
162
170
 
163
171
  action_class do
172
+ @local_pfx_path = ""
164
173
 
165
174
  CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x00020000
166
175
  CERT_SYSTEM_STORE_CURRENT_USER = 0x00010000
@@ -170,10 +179,10 @@ class Chef
170
179
  store.add(cert_obj)
171
180
  end
172
181
 
173
- def add_pfx_cert
182
+ def add_pfx_cert(path)
174
183
  exportable = new_resource.exportable ? 1 : 0
175
184
  store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
176
- store.add_pfx(new_resource.source, new_resource.pfx_password, exportable)
185
+ store.add_pfx(path, new_resource.pfx_password, exportable)
177
186
  end
178
187
 
179
188
  def delete_cert
@@ -183,12 +192,66 @@ class Chef
183
192
 
184
193
  def fetch_cert
185
194
  store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
186
- store.get(resolve_thumbprint(new_resource.source))
195
+ if new_resource.output_path && ::File.extname(new_resource.output_path) == ".key"
196
+ fetch_key
197
+
198
+ else
199
+ store.get(resolve_thumbprint(new_resource.source), store_name: new_resource.store_name, store_location: native_cert_location)
200
+ end
201
+ end
202
+
203
+ def fetch_key
204
+ require "openssl" unless defined?(OpenSSL)
205
+ file_name = ::File.basename(new_resource.output_path, ::File.extname(new_resource.output_path))
206
+ directory = ::File.dirname(new_resource.output_path)
207
+ pfx_file = file_name + ".pfx"
208
+ new_pfx_output_path = ::File.join(Chef::FileCache.create_cache_path("pfx_files"), pfx_file)
209
+ powershell_exec(pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_pfx_output_path, password: new_resource.pfx_password ))
210
+ pkcs12 = OpenSSL::PKCS12.new(::File.binread(new_pfx_output_path), new_resource.pfx_password)
211
+ f = ::File.open(new_resource.output_path, "w")
212
+ f.write(pkcs12.key.to_s)
213
+ f.flush
214
+ f.close
215
+ end
216
+
217
+ def get_file_extension(file_name)
218
+ if is_file?(file_name)
219
+ ::File.extname(file_name)
220
+ elsif is_url?(file_name)
221
+ require "open-uri" unless defined?(OpenURI)
222
+ uri = URI.parse(file_name)
223
+ output_file = ::File.basename(uri.path)
224
+ ::File.extname(output_file)
225
+ end
226
+ end
227
+
228
+ def get_file_name(path_name)
229
+ if is_file?(path_name)
230
+ ::File.extname(path_name)
231
+ elsif is_url?(path_name)
232
+ require "open-uri" unless defined?(OpenURI)
233
+ uri = URI.parse(path_name)
234
+ ::File.basename(uri.path)
235
+ end
236
+ end
237
+
238
+ def is_url?(source)
239
+ require "uri" unless defined?(URI)
240
+ uri = URI.parse(source)
241
+ uri.is_a?(URI::HTTP) || uri.is_a?(URI::HTTPS)
242
+ end
243
+
244
+ def is_file?(source)
245
+ ::File.file?(source)
246
+ end
247
+
248
+ def is_file?(source)
249
+ ::File.file?(source)
187
250
  end
188
251
 
189
252
  # Thumbprints should be exactly 40 Hex characters
190
253
  def valid_thumbprint?(string)
191
- string.scan(/\H/).empty? && string.length == 40
254
+ string.match?(/[0-9A-Fa-f]/) && string.length == 40
192
255
  end
193
256
 
194
257
  def get_thumbprint(store_name, location, source)
@@ -213,53 +276,27 @@ class Chef
213
276
 
214
277
  def verify_cert(thumbprint = new_resource.source)
215
278
  store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
216
- store.valid?(resolve_thumbprint(thumbprint))
217
- end
218
-
219
- def show_or_store_cert(cert_obj)
220
- if new_resource.cert_path
221
- export_cert(cert_obj, new_resource.cert_path)
222
- if ::File.size(new_resource.cert_path) > 0
223
- Chef::Log.info("Certificate export in #{new_resource.cert_path}")
224
- else
225
- ::File.delete(new_resource.cert_path)
226
- end
279
+ if new_resource.pfx_password.nil?
280
+ store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name )
227
281
  else
228
- Chef::Log.info(cert_obj.display)
282
+ store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name)
229
283
  end
230
284
  end
231
285
 
232
- def export_cert(cert_obj, cert_path)
233
- out_file = ::File.new(cert_path, "w+")
234
- case ::File.extname(cert_path)
235
- when ".pem"
236
- out_file.puts(cert_obj.to_pem)
237
- when ".der"
238
- out_file.puts(cert_obj.to_der)
239
- when ".cer"
240
- cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
241
- out_file.puts(cert_out)
242
- when ".crt"
243
- cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CRT").stdout
244
- out_file.puts(cert_out)
245
- when ".pfx"
246
- cert_out = shell_out("openssl pkcs12 -export -nokeys -in #{cert_obj.to_pem} -outform PFX").stdout
247
- out_file.puts(cert_out)
248
- when ".p7b"
249
- cert_out = shell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
250
- out_file.puts(cert_out)
251
- else
252
- Chef::Log.info("Supported certificate format .pem, .der, .cer, .crt, .pfx and .p7b")
253
- end
254
- out_file.close
255
- end
256
-
257
286
  # this array structure is solving 2 problems. The first is that we need to have support for both the CurrentUser AND LocalMachine stores
258
287
  # Secondly, we need to pass the proper constant name for each store to win32-certstore but also pass the short name to powershell scripts used here
259
288
  def ps_cert_location
260
289
  new_resource.user_store ? "CurrentUser" : "LocalMachine"
261
290
  end
262
291
 
292
+ def pfx_ps_cmd(thumbprint, store_location: "LocalMachine", store_name: "My", output_path:, password: )
293
+ <<-CMD
294
+ $my_pwd = ConvertTo-SecureString -String "#{password}" -Force -AsPlainText
295
+ $cert = Get-ChildItem -path cert:\\#{store_location}\\#{store_name} -Recurse | Where { $_.Thumbprint -eq "#{thumbprint.upcase}" }
296
+ Export-PfxCertificate -Cert $cert -FilePath "#{output_path}" -Password $my_pwd
297
+ CMD
298
+ end
299
+
263
300
  def native_cert_location
264
301
  new_resource.user_store ? CERT_SYSTEM_STORE_CURRENT_USER : CERT_SYSTEM_STORE_LOCAL_MACHINE
265
302
  end
@@ -338,8 +375,50 @@ class Chef
338
375
  #
339
376
  # @raise [OpenSSL::PKCS12::PKCS12Error] When incorrect password is provided for PFX certificate
340
377
  #
341
- def fetch_cert_object(ext)
342
- contents = ::File.binread(new_resource.source)
378
+
379
+ def fetch_cert_object_from_file(ext)
380
+ if is_file?(new_resource.source)
381
+ begin
382
+ ::File.exist?(new_resource.source)
383
+ contents = ::File.binread(new_resource.source)
384
+ rescue => exception
385
+ message = "Unable to load the certificate object from the specified local path : #{new_resource.source}\n"
386
+ message << exception.message
387
+ raise Chef::Exceptions::FileNotFound, message
388
+ end
389
+ elsif is_url?(new_resource.source)
390
+ require "uri" unless defined?(URI)
391
+ uri = URI(new_resource.source)
392
+ state = uri.is_a?(URI::HTTP) && !uri.host.nil? ? true : false
393
+ if state
394
+ begin
395
+ output_file_name = get_file_name(new_resource.source)
396
+ unless Dir.exist?(Chef::Config[:file_cache_path])
397
+ Dir.mkdir(Chef::Config[:file_cache_path])
398
+ end
399
+ local_path = ::File.join(Chef::Config[:file_cache_path], output_file_name)
400
+ @local_pfx_path = local_path
401
+ ::File.open(local_path, "wb") do |file|
402
+ file.write URI.open(new_resource.source).read
403
+ end
404
+ rescue => exception
405
+ message = "Not Able to Download Certificate Object at the URL specified : #{new_resource.source}\n"
406
+ message << exception.message
407
+ raise Chef::Exceptions::FileNotFound, message
408
+ end
409
+
410
+ contents = ::File.binread(local_path)
411
+
412
+ else
413
+ message = "Not Able to Download Certificate Object at the URL specified : #{new_resource.source}\n"
414
+ message << exception.message
415
+ raise Chef::Exceptions::InvalidRemoteFileURI, message
416
+ end
417
+ else
418
+ message = "You passed an invalid file or url to import. Please check the spelling and try again."
419
+ message << exception.message
420
+ raise Chef::Exceptions::ArgumentError, message
421
+ end
343
422
 
344
423
  case ext
345
424
  when ".pfx"
@@ -356,24 +435,79 @@ class Chef
356
435
  end
357
436
  end
358
437
 
438
+ def export_cert(cert_obj, output_path:, store_name:, store_location:, pfx_password:)
439
+ # Delete the cert if it exists. This is non-destructive in that it only removes the file and not the entire path.
440
+ # We want to ensure we're not randomly loading an old stinky cert.
441
+ if ::File.exists?(output_path)
442
+ ::File.delete(output_path)
443
+ end
444
+
445
+ unless ::File.directory?(::File.dirname(output_path))
446
+ FileUtils.mkdir_p(::File.dirname(output_path))
447
+ end
448
+
449
+ out_file = ::File.new(output_path, "w+")
450
+
451
+ case ::File.extname(output_path)
452
+ when ".pem"
453
+ out_file.puts(cert_obj)
454
+ when ".der"
455
+ out_file.puts(cert_obj.to_der)
456
+ when ".cer"
457
+ cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
458
+ out_file.puts(cert_out)
459
+ when ".crt"
460
+ cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj} -outform CRT").stdout
461
+ out_file.puts(cert_out)
462
+ when ".pfx"
463
+ pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: store_location, store_name: store_name, output_path: output_path, password: pfx_password )
464
+ when ".p7b"
465
+ cert_out = shell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
466
+ out_file.puts(cert_out)
467
+ when ".key"
468
+ out_file.puts(cert_obj)
469
+ else
470
+ Chef::Log.info("Supported certificate format .pem, .der, .cer, .crt, and .p7b")
471
+ end
472
+
473
+ out_file.close
474
+ end
475
+
359
476
  # Imports the certificate object into cert store
360
477
  #
361
478
  # @param cert_objs [OpenSSL::X509::Certificate] Object containing certificate's attributes
362
479
  #
363
480
  # @param is_pfx [Boolean] true if we want to import a PFX certificate
364
481
  #
365
- def import_certificates(cert_objs, is_pfx)
482
+ def import_certificates(cert_objs, is_pfx, store_name: new_resource.store_name, store_location: native_cert_location)
366
483
  [cert_objs].flatten.each do |cert_obj|
367
- thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s # Fetch its thumbprint
368
- # Need to check if return value is Boolean:true
369
- # If not then the given certificate should be added in certstore
370
- if verify_cert(thumbprint) == true
371
- Chef::Log.debug("Certificate is already present")
372
- else
373
- converge_by("Adding certificate #{new_resource.source} into #{ps_cert_location} Store #{new_resource.store_name}") do
374
- if is_pfx
375
- add_pfx_cert
484
+ # thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s
485
+ # pkcs = OpenSSL::PKCS12.new(cert_obj, new_resource.pfx_password)
486
+ # cert = OpenSSL::X509::Certificate.new(pkcs.certificate.to_pem)
487
+ thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s
488
+ if is_pfx
489
+ if verify_cert(thumbprint) == true
490
+ Chef::Log.debug("Certificate is already present")
491
+ else
492
+ if is_file?(new_resource.source)
493
+ converge_by("Creating a PFX #{new_resource.source} for Store #{new_resource.store_name}") do
494
+ add_pfx_cert(new_resource.source)
495
+ end
496
+ elsif is_url?(new_resource.source)
497
+ converge_by("Creating a PFX #{@local_pfx_path} for Store #{new_resource.store_name}") do
498
+ add_pfx_cert(@local_pfx_path)
499
+ end
376
500
  else
501
+ message = "You passed an invalid file or url to import. Please check the spelling and try again."
502
+ message << exception.message
503
+ raise Chef::Exceptions::ArgumentError, message
504
+ end
505
+ end
506
+ else
507
+ if verify_cert(thumbprint) == true
508
+ Chef::Log.debug("Certificate is already present")
509
+ else
510
+ converge_by("Creating a certificate #{new_resource.source} for Store #{new_resource.store_name}") do
377
511
  add_cert(cert_obj)
378
512
  end
379
513
  end