chef 16.17.51-universal-mingw32 → 17.0.242-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (647) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +9 -13
  3. data/README.md +1 -1
  4. data/Rakefile +2 -2
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +6 -8
  7. data/lib/chef/action_collection.rb +1 -1
  8. data/lib/chef/application/base.rb +1 -1
  9. data/lib/chef/application.rb +1 -1
  10. data/lib/chef/applications.rb +0 -1
  11. data/lib/chef/chef_fs/command_line.rb +5 -2
  12. data/lib/chef/chef_fs/file_system.rb +9 -10
  13. data/lib/chef/client.rb +2 -2
  14. data/lib/chef/compliance/default_attributes.rb +4 -3
  15. data/lib/chef/compliance/fetcher/automate.rb +0 -7
  16. data/lib/chef/compliance/reporter/automate.rb +17 -7
  17. data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
  18. data/lib/chef/compliance/reporter/cli.rb +77 -0
  19. data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
  20. data/lib/chef/compliance/reporter/json_file.rb +8 -1
  21. data/lib/chef/compliance/runner.rb +65 -27
  22. data/lib/chef/cookbook/gem_installer.rb +1 -5
  23. data/lib/chef/cookbook/synchronizer.rb +3 -5
  24. data/lib/chef/cookbook_loader.rb +2 -4
  25. data/lib/chef/cookbook_uploader.rb +0 -1
  26. data/lib/chef/cookbook_version.rb +4 -26
  27. data/lib/chef/data_bag_item.rb +11 -2
  28. data/lib/chef/data_collector/run_end_message.rb +2 -2
  29. data/lib/chef/delayed_evaluator.rb +4 -0
  30. data/lib/chef/deprecated.rb +6 -12
  31. data/lib/chef/dsl/chef_vault.rb +6 -6
  32. data/lib/chef/dsl/reboot_pending.rb +1 -2
  33. data/lib/chef/exceptions.rb +0 -3
  34. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
  35. data/lib/chef/formatters/error_mapper.rb +2 -2
  36. data/lib/chef/group.rb +75 -0
  37. data/lib/chef/http.rb +5 -5
  38. data/lib/chef/mixin/get_source_from_package.rb +1 -1
  39. data/lib/chef/node/attribute.rb +6 -4
  40. data/lib/chef/node/immutable_collections.rb +13 -0
  41. data/lib/chef/node/mixin/deep_merge_cache.rb +11 -7
  42. data/lib/chef/node.rb +19 -20
  43. data/lib/chef/org.rb +3 -2
  44. data/lib/chef/policy_builder/policyfile.rb +0 -5
  45. data/lib/chef/property.rb +18 -0
  46. data/lib/chef/provider/cron.rb +1 -1
  47. data/lib/chef/provider/execute.rb +2 -1
  48. data/lib/chef/provider/file.rb +1 -1
  49. data/lib/chef/provider/git.rb +5 -7
  50. data/lib/chef/provider/group/dscl.rb +1 -1
  51. data/lib/chef/provider/group/groupadd.rb +3 -3
  52. data/lib/chef/provider/group/groupmod.rb +3 -3
  53. data/lib/chef/provider/group/pw.rb +3 -3
  54. data/lib/chef/provider/ifconfig.rb +2 -2
  55. data/lib/chef/provider/link.rb +2 -2
  56. data/lib/chef/provider/mount/aix.rb +3 -3
  57. data/lib/chef/provider/mount/mount.rb +5 -5
  58. data/lib/chef/provider/mount/windows.rb +1 -1
  59. data/lib/chef/provider/mount.rb +5 -5
  60. data/lib/chef/provider/package/apt.rb +27 -1
  61. data/lib/chef/provider/package/deb.rb +3 -3
  62. data/lib/chef/provider/package/dnf/dnf_helper.py +1 -1
  63. data/lib/chef/provider/package/portage.rb +2 -2
  64. data/lib/chef/provider/package/powershell.rb +0 -5
  65. data/lib/chef/provider/package/rubygems.rb +9 -15
  66. data/lib/chef/provider/package/windows.rb +2 -4
  67. data/lib/chef/provider/package/yum/yum_helper.py +1 -1
  68. data/lib/chef/provider/package.rb +17 -21
  69. data/lib/chef/provider/route.rb +2 -2
  70. data/lib/chef/provider/service/aixinit.rb +1 -1
  71. data/lib/chef/provider/service/debian.rb +1 -1
  72. data/lib/chef/provider/service/freebsd.rb +15 -21
  73. data/lib/chef/provider/service/macosx.rb +4 -4
  74. data/lib/chef/provider/service/systemd.rb +43 -14
  75. data/lib/chef/provider/service/upstart.rb +2 -13
  76. data/lib/chef/provider/service/windows.rb +12 -12
  77. data/lib/chef/provider/service.rb +6 -6
  78. data/lib/chef/provider/subversion.rb +10 -12
  79. data/lib/chef/provider/systemd_unit.rb +36 -10
  80. data/lib/chef/provider/template/content.rb +3 -7
  81. data/lib/chef/provider/user/dscl.rb +1 -1
  82. data/lib/chef/provider/user/mac.rb +17 -20
  83. data/lib/chef/provider/user/pw.rb +1 -1
  84. data/lib/chef/provider/user/windows.rb +1 -1
  85. data/lib/chef/provider/user.rb +2 -2
  86. data/lib/chef/provider/zypper_repository.rb +2 -2
  87. data/lib/chef/provider.rb +1 -1
  88. data/lib/chef/providers.rb +0 -1
  89. data/lib/chef/resource/alternatives.rb +6 -6
  90. data/lib/chef/resource/apt_package.rb +1 -1
  91. data/lib/chef/resource/apt_preference.rb +2 -2
  92. data/lib/chef/resource/apt_repository.rb +6 -6
  93. data/lib/chef/resource/apt_update.rb +3 -2
  94. data/lib/chef/resource/archive_file.rb +8 -9
  95. data/lib/chef/resource/breakpoint.rb +1 -1
  96. data/lib/chef/resource/build_essential.rb +2 -6
  97. data/lib/chef/resource/chef_client_config.rb +2 -2
  98. data/lib/chef/resource/chef_client_cron.rb +4 -4
  99. data/lib/chef/resource/chef_client_launchd.rb +3 -3
  100. data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
  101. data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
  102. data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
  103. data/lib/chef/resource/chef_handler.rb +3 -7
  104. data/lib/chef/resource/chef_sleep.rb +1 -1
  105. data/lib/chef/resource/chef_vault_secret.rb +3 -8
  106. data/lib/chef/resource/chocolatey_config.rb +2 -6
  107. data/lib/chef/resource/chocolatey_feature.rb +2 -6
  108. data/lib/chef/resource/chocolatey_source.rb +4 -10
  109. data/lib/chef/resource/cron/_cron_shared.rb +2 -2
  110. data/lib/chef/resource/cron_access.rb +2 -4
  111. data/lib/chef/resource/dmg_package.rb +6 -10
  112. data/lib/chef/resource/dpkg_package.rb +1 -1
  113. data/lib/chef/resource/execute.rb +6 -1
  114. data/lib/chef/resource/file.rb +1 -1
  115. data/lib/chef/resource/group.rb +2 -2
  116. data/lib/chef/resource/homebrew_cask.rb +5 -15
  117. data/lib/chef/resource/homebrew_tap.rb +2 -6
  118. data/lib/chef/resource/hostname.rb +21 -17
  119. data/lib/chef/resource/http_request.rb +1 -1
  120. data/lib/chef/resource/kernel_module.rb +6 -17
  121. data/lib/chef/resource/locale.rb +2 -3
  122. data/lib/chef/resource/lwrp_base.rb +4 -0
  123. data/lib/chef/resource/macos_userdefaults.rb +10 -14
  124. data/lib/chef/resource/mdadm.rb +53 -7
  125. data/lib/chef/resource/mount.rb +3 -2
  126. data/lib/chef/resource/openssl_ec_private_key.rb +2 -2
  127. data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
  128. data/lib/chef/resource/openssl_x509_certificate.rb +2 -2
  129. data/lib/chef/resource/plist.rb +7 -7
  130. data/lib/chef/resource/powershell_script.rb +1 -1
  131. data/lib/chef/resource/remote_file.rb +1 -1
  132. data/lib/chef/resource/rhsm_errata.rb +16 -1
  133. data/lib/chef/resource/rhsm_errata_level.rb +10 -1
  134. data/lib/chef/resource/rhsm_register.rb +12 -6
  135. data/lib/chef/resource/rhsm_repo.rb +2 -6
  136. data/lib/chef/resource/rhsm_subscription.rb +7 -11
  137. data/lib/chef/resource/scm/git.rb +1 -1
  138. data/lib/chef/resource/sudo.rb +6 -6
  139. data/lib/chef/resource/support/client.erb +0 -6
  140. data/lib/chef/resource/sysctl.rb +2 -6
  141. data/lib/chef/resource/systemd_unit.rb +3 -3
  142. data/lib/chef/resource/template.rb +1 -1
  143. data/lib/chef/resource/timezone.rb +1 -3
  144. data/lib/chef/resource/user/mac_user.rb +1 -1
  145. data/lib/chef/resource/user_ulimit.rb +2 -3
  146. data/lib/chef/resource/windows_ad_join.rb +2 -6
  147. data/lib/chef/resource/windows_audit_policy.rb +1 -1
  148. data/lib/chef/resource/windows_auto_run.rb +2 -5
  149. data/lib/chef/resource/windows_certificate.rb +207 -73
  150. data/lib/chef/resource/windows_dfs_folder.rb +2 -6
  151. data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
  152. data/lib/chef/resource/windows_dfs_server.rb +1 -3
  153. data/lib/chef/resource/windows_dns_record.rb +2 -6
  154. data/lib/chef/resource/windows_dns_zone.rb +2 -6
  155. data/lib/chef/resource/windows_env.rb +5 -4
  156. data/lib/chef/resource/windows_feature.rb +3 -9
  157. data/lib/chef/resource/windows_feature_dism.rb +2 -6
  158. data/lib/chef/resource/windows_feature_powershell.rb +3 -3
  159. data/lib/chef/resource/windows_firewall_profile.rb +4 -4
  160. data/lib/chef/resource/windows_firewall_rule.rb +2 -5
  161. data/lib/chef/resource/windows_font.rb +2 -4
  162. data/lib/chef/resource/windows_pagefile.rb +2 -6
  163. data/lib/chef/resource/windows_path.rb +2 -2
  164. data/lib/chef/resource/windows_printer.rb +4 -4
  165. data/lib/chef/resource/windows_printer_port.rb +6 -6
  166. data/lib/chef/resource/windows_security_policy.rb +9 -12
  167. data/lib/chef/resource/windows_share.rb +14 -21
  168. data/lib/chef/resource/windows_shortcut.rb +4 -6
  169. data/lib/chef/resource/windows_task.rb +17 -5
  170. data/lib/chef/resource/windows_uac.rb +2 -4
  171. data/lib/chef/resource/windows_user_privilege.rb +5 -5
  172. data/lib/chef/resource/windows_workgroup.rb +1 -2
  173. data/lib/chef/resource.rb +1 -1
  174. data/lib/chef/resource_reporter.rb +1 -1
  175. data/lib/chef/resources.rb +0 -1
  176. data/lib/chef/shell/ext.rb +3 -3
  177. data/lib/chef/user.rb +0 -1
  178. data/lib/chef/user_v1.rb +3 -4
  179. data/lib/chef/util/dsc/configuration_generator.rb +1 -0
  180. data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
  181. data/lib/chef/version.rb +1 -1
  182. data/lib/chef/win32/api.rb +2 -9
  183. data/lib/chef/win32/registry.rb +4 -2
  184. data/lib/chef/win32/version.rb +1 -2
  185. data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
  186. data/spec/data/lwrp/resources/bar.rb +2 -0
  187. data/spec/data/lwrp/resources/buck_passer.rb +1 -0
  188. data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
  189. data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
  190. data/spec/data/lwrp/resources/foo.rb +2 -0
  191. data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
  192. data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
  193. data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
  194. data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
  195. data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
  196. data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
  197. data/spec/data/lwrp_override/resources/foo.rb +1 -0
  198. data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
  199. data/spec/data/rubygems.org/sexp_processor-info +49 -0
  200. data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
  201. data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
  202. data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
  203. data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
  204. data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
  205. data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
  206. data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
  207. data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
  208. data/spec/functional/dsl/registry_helper_spec.rb +1 -1
  209. data/spec/functional/resource/aixinit_service_spec.rb +7 -7
  210. data/spec/functional/resource/apt_package_spec.rb +1 -1
  211. data/spec/functional/resource/chocolatey_package_spec.rb +13 -0
  212. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  213. data/spec/functional/resource/group_spec.rb +1 -5
  214. data/spec/functional/resource/link_spec.rb +0 -8
  215. data/spec/functional/resource/registry_spec.rb +8 -8
  216. data/spec/functional/resource/user/mac_user_spec.rb +2 -2
  217. data/spec/functional/resource/windows_certificate_spec.rb +92 -35
  218. data/spec/functional/version_spec.rb +1 -1
  219. data/spec/functional/win32/registry_spec.rb +1 -1
  220. data/spec/integration/client/client_spec.rb +5 -2
  221. data/spec/integration/client/exit_code_spec.rb +1 -1
  222. data/spec/integration/client/ipv6_spec.rb +1 -1
  223. data/spec/integration/compliance/compliance_spec.rb +1 -1
  224. data/spec/integration/ohai/ohai_spec.rb +7 -6
  225. data/spec/integration/recipes/accumulator_spec.rb +13 -1
  226. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
  227. data/spec/integration/recipes/lwrp_spec.rb +3 -1
  228. data/spec/integration/recipes/notifies_spec.rb +15 -1
  229. data/spec/integration/recipes/notifying_block_spec.rb +2 -1
  230. data/spec/integration/recipes/recipe_dsl_spec.rb +9 -9
  231. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  232. data/spec/integration/recipes/use_partial_spec.rb +4 -1
  233. data/spec/spec_helper.rb +10 -13
  234. data/spec/support/chef_helpers.rb +0 -16
  235. data/spec/support/lib/chef/resource/with_state.rb +0 -1
  236. data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
  237. data/spec/support/lib/chef/resource/zen_master.rb +0 -1
  238. data/spec/support/matchers/leak.rb +7 -9
  239. data/spec/support/platform_helpers.rb +1 -8
  240. data/spec/support/shared/integration/integration_helper.rb +0 -1
  241. data/spec/support/shared/unit/script_resource.rb +2 -2
  242. data/spec/unit/application/solo_spec.rb +2 -2
  243. data/spec/unit/chef_fs/diff_spec.rb +1 -1
  244. data/spec/unit/chef_fs/file_system_spec.rb +1 -1
  245. data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
  246. data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
  247. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
  248. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
  249. data/spec/unit/compliance/runner_spec.rb +30 -4
  250. data/spec/unit/cookbook_version_spec.rb +0 -52
  251. data/spec/unit/data_bag_item_spec.rb +1 -6
  252. data/spec/unit/data_collector_spec.rb +2 -71
  253. data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
  254. data/spec/unit/dsl/registry_helper_spec.rb +1 -1
  255. data/spec/unit/lwrp_spec.rb +1 -1
  256. data/spec/unit/mixin/params_validate_spec.rb +4 -3
  257. data/spec/unit/node/attribute_spec.rb +1 -1
  258. data/spec/unit/node_spec.rb +78 -0
  259. data/spec/unit/org_group_spec.rb +45 -0
  260. data/spec/unit/policy_builder/policyfile_spec.rb +1 -11
  261. data/spec/unit/property_spec.rb +23 -22
  262. data/spec/unit/provider/cron_spec.rb +1 -1
  263. data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
  264. data/spec/unit/provider/group/groupmod_spec.rb +2 -2
  265. data/spec/unit/provider/group/pw_spec.rb +2 -2
  266. data/spec/unit/provider/group_spec.rb +1 -1
  267. data/spec/unit/provider/package/apt_spec.rb +84 -18
  268. data/spec/unit/provider/package/deb_spec.rb +3 -3
  269. data/spec/unit/provider/package/powershell_spec.rb +12 -74
  270. data/spec/unit/provider/package/rubygems_spec.rb +18 -30
  271. data/spec/unit/provider/service/arch_service_spec.rb +1 -0
  272. data/spec/unit/provider/service/debian_service_spec.rb +1 -0
  273. data/spec/unit/provider/service/macosx_spec.rb +2 -2
  274. data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
  275. data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
  276. data/spec/unit/provider/service/windows_spec.rb +2 -2
  277. data/spec/unit/provider/subversion_spec.rb +2 -2
  278. data/spec/unit/provider/systemd_unit_spec.rb +79 -60
  279. data/spec/unit/provider/zypper_repository_spec.rb +2 -2
  280. data/spec/unit/provider_spec.rb +0 -8
  281. data/spec/unit/resource/archive_file_spec.rb +1 -13
  282. data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +0 -14
  283. data/spec/unit/resource/homebrew_cask_spec.rb +11 -29
  284. data/spec/unit/resource/mount_spec.rb +0 -10
  285. data/spec/unit/resource/powershell_script_spec.rb +2 -2
  286. data/spec/unit/resource/rhsm_subscription_spec.rb +3 -50
  287. data/spec/unit/resource/systemd_unit_spec.rb +1 -1
  288. data/spec/unit/resource/user_ulimit_spec.rb +1 -14
  289. data/spec/unit/resource/windows_task_spec.rb +1 -1
  290. data/spec/unit/resource_spec.rb +0 -5
  291. data/spec/unit/user_spec.rb +1 -1
  292. data/spec/unit/user_v1_spec.rb +6 -4
  293. data/tasks/rspec.rb +15 -7
  294. metadata +19 -382
  295. data/bin/knife +0 -24
  296. data/lib/chef/application/knife.rb +0 -234
  297. data/lib/chef/application/windows_service.rb +0 -338
  298. data/lib/chef/application/windows_service_manager.rb +0 -205
  299. data/lib/chef/chef_fs/knife.rb +0 -160
  300. data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
  301. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
  302. data/lib/chef/chef_fs/parallelizer.rb +0 -102
  303. data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
  304. data/lib/chef/knife/acl_add.rb +0 -57
  305. data/lib/chef/knife/acl_base.rb +0 -183
  306. data/lib/chef/knife/acl_bulk_add.rb +0 -78
  307. data/lib/chef/knife/acl_bulk_remove.rb +0 -83
  308. data/lib/chef/knife/acl_remove.rb +0 -62
  309. data/lib/chef/knife/acl_show.rb +0 -56
  310. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
  311. data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
  312. data/lib/chef/knife/bootstrap/templates/README.md +0 -11
  313. data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
  314. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
  315. data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
  316. data/lib/chef/knife/bootstrap.rb +0 -1192
  317. data/lib/chef/knife/client_bulk_delete.rb +0 -104
  318. data/lib/chef/knife/client_create.rb +0 -101
  319. data/lib/chef/knife/client_delete.rb +0 -62
  320. data/lib/chef/knife/client_edit.rb +0 -52
  321. data/lib/chef/knife/client_key_create.rb +0 -73
  322. data/lib/chef/knife/client_key_delete.rb +0 -80
  323. data/lib/chef/knife/client_key_edit.rb +0 -83
  324. data/lib/chef/knife/client_key_list.rb +0 -73
  325. data/lib/chef/knife/client_key_show.rb +0 -80
  326. data/lib/chef/knife/client_list.rb +0 -41
  327. data/lib/chef/knife/client_reregister.rb +0 -58
  328. data/lib/chef/knife/client_show.rb +0 -48
  329. data/lib/chef/knife/config_get.rb +0 -39
  330. data/lib/chef/knife/config_get_profile.rb +0 -37
  331. data/lib/chef/knife/config_list.rb +0 -139
  332. data/lib/chef/knife/config_list_profiles.rb +0 -37
  333. data/lib/chef/knife/config_show.rb +0 -127
  334. data/lib/chef/knife/config_use.rb +0 -61
  335. data/lib/chef/knife/config_use_profile.rb +0 -47
  336. data/lib/chef/knife/configure.rb +0 -150
  337. data/lib/chef/knife/configure_client.rb +0 -48
  338. data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
  339. data/lib/chef/knife/cookbook_delete.rb +0 -151
  340. data/lib/chef/knife/cookbook_download.rb +0 -142
  341. data/lib/chef/knife/cookbook_list.rb +0 -47
  342. data/lib/chef/knife/cookbook_metadata.rb +0 -106
  343. data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
  344. data/lib/chef/knife/cookbook_show.rb +0 -98
  345. data/lib/chef/knife/cookbook_upload.rb +0 -292
  346. data/lib/chef/knife/core/bootstrap_context.rb +0 -264
  347. data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
  348. data/lib/chef/knife/core/formatting_options.rb +0 -49
  349. data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
  350. data/lib/chef/knife/core/generic_presenter.rb +0 -232
  351. data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
  352. data/lib/chef/knife/core/node_editor.rb +0 -130
  353. data/lib/chef/knife/core/node_presenter.rb +0 -133
  354. data/lib/chef/knife/core/object_loader.rb +0 -115
  355. data/lib/chef/knife/core/status_presenter.rb +0 -147
  356. data/lib/chef/knife/core/subcommand_loader.rb +0 -203
  357. data/lib/chef/knife/core/text_formatter.rb +0 -85
  358. data/lib/chef/knife/core/ui.rb +0 -338
  359. data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -405
  360. data/lib/chef/knife/data_bag_create.rb +0 -81
  361. data/lib/chef/knife/data_bag_delete.rb +0 -49
  362. data/lib/chef/knife/data_bag_edit.rb +0 -74
  363. data/lib/chef/knife/data_bag_from_file.rb +0 -113
  364. data/lib/chef/knife/data_bag_list.rb +0 -42
  365. data/lib/chef/knife/data_bag_secret_options.rb +0 -122
  366. data/lib/chef/knife/data_bag_show.rb +0 -69
  367. data/lib/chef/knife/delete.rb +0 -125
  368. data/lib/chef/knife/deps.rb +0 -156
  369. data/lib/chef/knife/diff.rb +0 -83
  370. data/lib/chef/knife/download.rb +0 -84
  371. data/lib/chef/knife/edit.rb +0 -88
  372. data/lib/chef/knife/environment_compare.rb +0 -128
  373. data/lib/chef/knife/environment_create.rb +0 -52
  374. data/lib/chef/knife/environment_delete.rb +0 -44
  375. data/lib/chef/knife/environment_edit.rb +0 -44
  376. data/lib/chef/knife/environment_from_file.rb +0 -84
  377. data/lib/chef/knife/environment_list.rb +0 -41
  378. data/lib/chef/knife/environment_show.rb +0 -47
  379. data/lib/chef/knife/exec.rb +0 -99
  380. data/lib/chef/knife/group_add.rb +0 -55
  381. data/lib/chef/knife/group_create.rb +0 -49
  382. data/lib/chef/knife/group_destroy.rb +0 -53
  383. data/lib/chef/knife/group_list.rb +0 -43
  384. data/lib/chef/knife/group_remove.rb +0 -56
  385. data/lib/chef/knife/group_show.rb +0 -49
  386. data/lib/chef/knife/key_create.rb +0 -112
  387. data/lib/chef/knife/key_create_base.rb +0 -50
  388. data/lib/chef/knife/key_delete.rb +0 -55
  389. data/lib/chef/knife/key_edit.rb +0 -118
  390. data/lib/chef/knife/key_edit_base.rb +0 -55
  391. data/lib/chef/knife/key_list.rb +0 -90
  392. data/lib/chef/knife/key_list_base.rb +0 -45
  393. data/lib/chef/knife/key_show.rb +0 -53
  394. data/lib/chef/knife/list.rb +0 -177
  395. data/lib/chef/knife/node_bulk_delete.rb +0 -75
  396. data/lib/chef/knife/node_create.rb +0 -47
  397. data/lib/chef/knife/node_delete.rb +0 -46
  398. data/lib/chef/knife/node_edit.rb +0 -70
  399. data/lib/chef/knife/node_environment_set.rb +0 -53
  400. data/lib/chef/knife/node_from_file.rb +0 -51
  401. data/lib/chef/knife/node_list.rb +0 -44
  402. data/lib/chef/knife/node_policy_set.rb +0 -79
  403. data/lib/chef/knife/node_run_list_add.rb +0 -104
  404. data/lib/chef/knife/node_run_list_remove.rb +0 -67
  405. data/lib/chef/knife/node_run_list_set.rb +0 -66
  406. data/lib/chef/knife/node_show.rb +0 -63
  407. data/lib/chef/knife/null.rb +0 -12
  408. data/lib/chef/knife/raw.rb +0 -123
  409. data/lib/chef/knife/recipe_list.rb +0 -32
  410. data/lib/chef/knife/rehash.rb +0 -50
  411. data/lib/chef/knife/role_bulk_delete.rb +0 -66
  412. data/lib/chef/knife/role_create.rb +0 -53
  413. data/lib/chef/knife/role_delete.rb +0 -46
  414. data/lib/chef/knife/role_edit.rb +0 -45
  415. data/lib/chef/knife/role_env_run_list_add.rb +0 -87
  416. data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
  417. data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
  418. data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
  419. data/lib/chef/knife/role_env_run_list_set.rb +0 -70
  420. data/lib/chef/knife/role_from_file.rb +0 -51
  421. data/lib/chef/knife/role_list.rb +0 -42
  422. data/lib/chef/knife/role_run_list_add.rb +0 -87
  423. data/lib/chef/knife/role_run_list_clear.rb +0 -55
  424. data/lib/chef/knife/role_run_list_remove.rb +0 -56
  425. data/lib/chef/knife/role_run_list_replace.rb +0 -60
  426. data/lib/chef/knife/role_run_list_set.rb +0 -69
  427. data/lib/chef/knife/role_show.rb +0 -48
  428. data/lib/chef/knife/search.rb +0 -194
  429. data/lib/chef/knife/serve.rb +0 -65
  430. data/lib/chef/knife/show.rb +0 -72
  431. data/lib/chef/knife/ssh.rb +0 -645
  432. data/lib/chef/knife/ssl_check.rb +0 -284
  433. data/lib/chef/knife/ssl_fetch.rb +0 -161
  434. data/lib/chef/knife/status.rb +0 -95
  435. data/lib/chef/knife/supermarket_download.rb +0 -121
  436. data/lib/chef/knife/supermarket_install.rb +0 -192
  437. data/lib/chef/knife/supermarket_list.rb +0 -76
  438. data/lib/chef/knife/supermarket_search.rb +0 -53
  439. data/lib/chef/knife/supermarket_share.rb +0 -166
  440. data/lib/chef/knife/supermarket_show.rb +0 -66
  441. data/lib/chef/knife/supermarket_unshare.rb +0 -61
  442. data/lib/chef/knife/tag_create.rb +0 -52
  443. data/lib/chef/knife/tag_delete.rb +0 -60
  444. data/lib/chef/knife/tag_list.rb +0 -47
  445. data/lib/chef/knife/upload.rb +0 -86
  446. data/lib/chef/knife/user_create.rb +0 -107
  447. data/lib/chef/knife/user_delete.rb +0 -44
  448. data/lib/chef/knife/user_dissociate.rb +0 -42
  449. data/lib/chef/knife/user_edit.rb +0 -52
  450. data/lib/chef/knife/user_invite_add.rb +0 -43
  451. data/lib/chef/knife/user_invite_list.rb +0 -34
  452. data/lib/chef/knife/user_invite_rescind.rb +0 -63
  453. data/lib/chef/knife/user_key_create.rb +0 -73
  454. data/lib/chef/knife/user_key_delete.rb +0 -80
  455. data/lib/chef/knife/user_key_edit.rb +0 -83
  456. data/lib/chef/knife/user_key_list.rb +0 -73
  457. data/lib/chef/knife/user_key_show.rb +0 -80
  458. data/lib/chef/knife/user_list.rb +0 -42
  459. data/lib/chef/knife/user_reregister.rb +0 -59
  460. data/lib/chef/knife/user_show.rb +0 -48
  461. data/lib/chef/knife/xargs.rb +0 -282
  462. data/lib/chef/knife/yaml_convert.rb +0 -91
  463. data/lib/chef/knife.rb +0 -665
  464. data/lib/chef/resource/user/dscl_user.rb +0 -35
  465. data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
  466. data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
  467. data/spec/data/knife_subcommand/test_explicit_category.rb +0 -7
  468. data/spec/data/knife_subcommand/test_name_mapping.rb +0 -4
  469. data/spec/data/knife_subcommand/test_yourself.rb +0 -21
  470. data/spec/functional/knife/configure_spec.rb +0 -33
  471. data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
  472. data/spec/functional/knife/exec_spec.rb +0 -55
  473. data/spec/functional/knife/rehash_spec.rb +0 -39
  474. data/spec/functional/knife/smoke_test.rb +0 -42
  475. data/spec/functional/knife/ssh_spec.rb +0 -352
  476. data/spec/functional/resource/user/dscl_spec.rb +0 -188
  477. data/spec/functional/resource/windows_service_spec.rb +0 -105
  478. data/spec/functional/win32/service_manager_spec.rb +0 -220
  479. data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
  480. data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
  481. data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
  482. data/spec/integration/knife/chefignore_spec.rb +0 -301
  483. data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
  484. data/spec/integration/knife/client_create_spec.rb +0 -70
  485. data/spec/integration/knife/client_delete_spec.rb +0 -64
  486. data/spec/integration/knife/client_key_create_spec.rb +0 -66
  487. data/spec/integration/knife/client_key_delete_spec.rb +0 -43
  488. data/spec/integration/knife/client_key_list_spec.rb +0 -61
  489. data/spec/integration/knife/client_key_show_spec.rb +0 -45
  490. data/spec/integration/knife/client_list_spec.rb +0 -49
  491. data/spec/integration/knife/client_show_spec.rb +0 -37
  492. data/spec/integration/knife/common_options_spec.rb +0 -174
  493. data/spec/integration/knife/config_list_spec.rb +0 -220
  494. data/spec/integration/knife/config_show_spec.rb +0 -192
  495. data/spec/integration/knife/config_use_spec.rb +0 -198
  496. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
  497. data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
  498. data/spec/integration/knife/cookbook_download_spec.rb +0 -72
  499. data/spec/integration/knife/cookbook_list_spec.rb +0 -55
  500. data/spec/integration/knife/cookbook_show_spec.rb +0 -149
  501. data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
  502. data/spec/integration/knife/data_bag_create_spec.rb +0 -125
  503. data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
  504. data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
  505. data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
  506. data/spec/integration/knife/data_bag_list_spec.rb +0 -44
  507. data/spec/integration/knife/data_bag_show_spec.rb +0 -95
  508. data/spec/integration/knife/delete_spec.rb +0 -1018
  509. data/spec/integration/knife/deps_spec.rb +0 -703
  510. data/spec/integration/knife/diff_spec.rb +0 -605
  511. data/spec/integration/knife/download_spec.rb +0 -1336
  512. data/spec/integration/knife/environment_compare_spec.rb +0 -75
  513. data/spec/integration/knife/environment_create_spec.rb +0 -41
  514. data/spec/integration/knife/environment_delete_spec.rb +0 -37
  515. data/spec/integration/knife/environment_from_file_spec.rb +0 -116
  516. data/spec/integration/knife/environment_list_spec.rb +0 -42
  517. data/spec/integration/knife/environment_show_spec.rb +0 -77
  518. data/spec/integration/knife/list_spec.rb +0 -1060
  519. data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
  520. data/spec/integration/knife/node_create_spec.rb +0 -47
  521. data/spec/integration/knife/node_delete_spec.rb +0 -48
  522. data/spec/integration/knife/node_environment_set_spec.rb +0 -46
  523. data/spec/integration/knife/node_from_file_spec.rb +0 -59
  524. data/spec/integration/knife/node_list_spec.rb +0 -45
  525. data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
  526. data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
  527. data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
  528. data/spec/integration/knife/node_show_spec.rb +0 -36
  529. data/spec/integration/knife/raw_spec.rb +0 -297
  530. data/spec/integration/knife/redirection_spec.rb +0 -64
  531. data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
  532. data/spec/integration/knife/role_create_spec.rb +0 -41
  533. data/spec/integration/knife/role_delete_spec.rb +0 -48
  534. data/spec/integration/knife/role_from_file_spec.rb +0 -96
  535. data/spec/integration/knife/role_list_spec.rb +0 -45
  536. data/spec/integration/knife/role_show_spec.rb +0 -51
  537. data/spec/integration/knife/search_node_spec.rb +0 -40
  538. data/spec/integration/knife/serve_spec.rb +0 -92
  539. data/spec/integration/knife/show_spec.rb +0 -197
  540. data/spec/integration/knife/upload_spec.rb +0 -1616
  541. data/spec/support/shared/functional/knife.rb +0 -37
  542. data/spec/support/shared/functional/win32_service.rb +0 -57
  543. data/spec/support/shared/integration/knife_support.rb +0 -192
  544. data/spec/support/shared/unit/knife_shared.rb +0 -39
  545. data/spec/unit/application/knife_spec.rb +0 -241
  546. data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
  547. data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
  548. data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
  549. data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
  550. data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
  551. data/spec/unit/knife/bootstrap_spec.rb +0 -2220
  552. data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
  553. data/spec/unit/knife/client_create_spec.rb +0 -169
  554. data/spec/unit/knife/client_delete_spec.rb +0 -99
  555. data/spec/unit/knife/client_edit_spec.rb +0 -53
  556. data/spec/unit/knife/client_list_spec.rb +0 -34
  557. data/spec/unit/knife/client_reregister_spec.rb +0 -62
  558. data/spec/unit/knife/client_show_spec.rb +0 -52
  559. data/spec/unit/knife/configure_client_spec.rb +0 -81
  560. data/spec/unit/knife/configure_spec.rb +0 -190
  561. data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
  562. data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
  563. data/spec/unit/knife/cookbook_download_spec.rb +0 -255
  564. data/spec/unit/knife/cookbook_list_spec.rb +0 -88
  565. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
  566. data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
  567. data/spec/unit/knife/cookbook_show_spec.rb +0 -253
  568. data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
  569. data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
  570. data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
  571. data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
  572. data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
  573. data/spec/unit/knife/core/node_editor_spec.rb +0 -211
  574. data/spec/unit/knife/core/object_loader_spec.rb +0 -81
  575. data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
  576. data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
  577. data/spec/unit/knife/core/ui_spec.rb +0 -656
  578. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
  579. data/spec/unit/knife/data_bag_create_spec.rb +0 -175
  580. data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
  581. data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
  582. data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
  583. data/spec/unit/knife/data_bag_show_spec.rb +0 -139
  584. data/spec/unit/knife/environment_compare_spec.rb +0 -112
  585. data/spec/unit/knife/environment_create_spec.rb +0 -91
  586. data/spec/unit/knife/environment_delete_spec.rb +0 -71
  587. data/spec/unit/knife/environment_edit_spec.rb +0 -79
  588. data/spec/unit/knife/environment_from_file_spec.rb +0 -90
  589. data/spec/unit/knife/environment_list_spec.rb +0 -54
  590. data/spec/unit/knife/environment_show_spec.rb +0 -52
  591. data/spec/unit/knife/key_create_spec.rb +0 -223
  592. data/spec/unit/knife/key_delete_spec.rb +0 -133
  593. data/spec/unit/knife/key_edit_spec.rb +0 -264
  594. data/spec/unit/knife/key_helper.rb +0 -74
  595. data/spec/unit/knife/key_list_spec.rb +0 -216
  596. data/spec/unit/knife/key_show_spec.rb +0 -126
  597. data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
  598. data/spec/unit/knife/node_delete_spec.rb +0 -77
  599. data/spec/unit/knife/node_edit_spec.rb +0 -116
  600. data/spec/unit/knife/node_environment_set_spec.rb +0 -61
  601. data/spec/unit/knife/node_from_file_spec.rb +0 -59
  602. data/spec/unit/knife/node_list_spec.rb +0 -62
  603. data/spec/unit/knife/node_policy_set_spec.rb +0 -122
  604. data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
  605. data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
  606. data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
  607. data/spec/unit/knife/node_show_spec.rb +0 -65
  608. data/spec/unit/knife/raw_spec.rb +0 -43
  609. data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
  610. data/spec/unit/knife/role_create_spec.rb +0 -80
  611. data/spec/unit/knife/role_delete_spec.rb +0 -67
  612. data/spec/unit/knife/role_edit_spec.rb +0 -77
  613. data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
  614. data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
  615. data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
  616. data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
  617. data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
  618. data/spec/unit/knife/role_from_file_spec.rb +0 -69
  619. data/spec/unit/knife/role_list_spec.rb +0 -54
  620. data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
  621. data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
  622. data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
  623. data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
  624. data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
  625. data/spec/unit/knife/role_show_spec.rb +0 -59
  626. data/spec/unit/knife/ssh_spec.rb +0 -403
  627. data/spec/unit/knife/ssl_check_spec.rb +0 -256
  628. data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
  629. data/spec/unit/knife/status_spec.rb +0 -112
  630. data/spec/unit/knife/supermarket_download_spec.rb +0 -152
  631. data/spec/unit/knife/supermarket_install_spec.rb +0 -202
  632. data/spec/unit/knife/supermarket_list_spec.rb +0 -70
  633. data/spec/unit/knife/supermarket_search_spec.rb +0 -85
  634. data/spec/unit/knife/supermarket_share_spec.rb +0 -208
  635. data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
  636. data/spec/unit/knife/tag_create_spec.rb +0 -23
  637. data/spec/unit/knife/tag_delete_spec.rb +0 -25
  638. data/spec/unit/knife/tag_list_spec.rb +0 -23
  639. data/spec/unit/knife/user_create_spec.rb +0 -184
  640. data/spec/unit/knife/user_delete_spec.rb +0 -46
  641. data/spec/unit/knife/user_edit_spec.rb +0 -48
  642. data/spec/unit/knife/user_list_spec.rb +0 -36
  643. data/spec/unit/knife/user_reregister_spec.rb +0 -56
  644. data/spec/unit/knife/user_show_spec.rb +0 -46
  645. data/spec/unit/knife_spec.rb +0 -634
  646. data/spec/unit/provider/user/dscl_spec.rb +0 -699
  647. data/spec/unit/windows_service_spec.rb +0 -118
@@ -1,284 +0,0 @@
1
- #
2
- # Author:: Daniel DeLeo (<dan@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "../knife"
20
- require "chef-utils/dist" unless defined?(ChefUtils::Dist)
21
-
22
- class Chef
23
- class Knife
24
- class SslCheck < Chef::Knife
25
-
26
- deps do
27
- require_relative "../config"
28
- require "pp" unless defined?(PP)
29
- require "socket" unless defined?(Socket)
30
- require "uri" unless defined?(URI)
31
- require_relative "../http/ssl_policies"
32
- require "openssl" unless defined?(OpenSSL)
33
- require_relative "../mixin/proxified_socket"
34
- include Chef::Mixin::ProxifiedSocket
35
- end
36
-
37
- banner "knife ssl check [URL] (options)"
38
-
39
- def initialize(*args)
40
- @host = nil
41
- @verify_peer_socket = nil
42
- @ssl_policy = HTTP::DefaultSSLPolicy
43
- super
44
- end
45
-
46
- def uri
47
- @uri ||= begin
48
- Chef::Log.trace("Checking SSL cert on #{given_uri}")
49
- URI.parse(given_uri)
50
- end
51
- end
52
-
53
- def given_uri
54
- (name_args[0] || Chef::Config.chef_server_url)
55
- end
56
-
57
- def host
58
- uri.host
59
- end
60
-
61
- def port
62
- uri.port
63
- end
64
-
65
- def validate_uri
66
- unless host && port
67
- invalid_uri!
68
- end
69
- rescue URI::Error
70
- invalid_uri!
71
- end
72
-
73
- def invalid_uri!
74
- ui.error("Given URI: `#{given_uri}' is invalid")
75
- show_usage
76
- exit 1
77
- end
78
-
79
- def verify_peer_socket
80
- @verify_peer_socket ||= begin
81
- tcp_connection = proxified_socket(host, port)
82
- ssl_client = OpenSSL::SSL::SSLSocket.new(tcp_connection, verify_peer_ssl_context)
83
- ssl_client.hostname = host
84
- ssl_client
85
- end
86
- end
87
-
88
- def verify_peer_ssl_context
89
- @verify_peer_ssl_context ||= begin
90
- verify_peer_context = OpenSSL::SSL::SSLContext.new
91
- @ssl_policy.apply_to(verify_peer_context)
92
- verify_peer_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
93
- verify_peer_context
94
- end
95
- end
96
-
97
- def noverify_socket
98
- @noverify_socket ||= begin
99
- tcp_connection = proxified_socket(host, port)
100
- OpenSSL::SSL::SSLSocket.new(tcp_connection, noverify_peer_ssl_context)
101
- end
102
- end
103
-
104
- def noverify_peer_ssl_context
105
- @noverify_peer_ssl_context ||= begin
106
- noverify_peer_context = OpenSSL::SSL::SSLContext.new
107
- @ssl_policy.apply_to(noverify_peer_context)
108
- noverify_peer_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
109
- noverify_peer_context
110
- end
111
- end
112
-
113
- def verify_X509
114
- cert_debug_msg = ""
115
- trusted_certificates.each do |cert_name|
116
- message = check_X509_certificate(cert_name)
117
- unless message.nil?
118
- cert_debug_msg << File.expand_path(cert_name) + ": " + message + "\n"
119
- end
120
- end
121
-
122
- unless cert_debug_msg.empty?
123
- debug_invalid_X509(cert_debug_msg)
124
- end
125
-
126
- true # Maybe the bad certs won't hurt...
127
- end
128
-
129
- def verify_cert
130
- ui.msg("Connecting to host #{host}:#{port}")
131
- verify_peer_socket.connect
132
- true
133
- rescue OpenSSL::SSL::SSLError => e
134
- ui.error "The SSL certificate of #{host} could not be verified"
135
- Chef::Log.trace e.message
136
- debug_invalid_cert
137
- false
138
- end
139
-
140
- def verify_cert_host
141
- verify_peer_socket.post_connection_check(host)
142
- true
143
- rescue OpenSSL::SSL::SSLError => e
144
- ui.error "The SSL cert is signed by a trusted authority but is not valid for the given hostname"
145
- Chef::Log.trace(e)
146
- debug_invalid_host
147
- false
148
- end
149
-
150
- def debug_invalid_X509(cert_debug_msg)
151
- ui.msg("\n#{ui.color("Configuration Info:", :bold)}\n\n")
152
- debug_ssl_settings
153
- debug_chef_ssl_config
154
-
155
- ui.warn(<<~BAD_CERTS)
156
- There are invalid certificates in your trusted_certs_dir.
157
- OpenSSL will not use the following certificates when verifying SSL connections:
158
-
159
- #{cert_debug_msg}
160
-
161
- #{ui.color("TO FIX THESE WARNINGS:", :bold)}
162
-
163
- We are working on documentation for resolving common issues uncovered here.
164
-
165
- * If the certificate is generated by the server, you may try redownloading the
166
- server's certificate. By default, the certificate is stored in the following
167
- location on the host where your chef-server runs:
168
-
169
- /var/opt/opscode/nginx/ca/SERVER_HOSTNAME.crt
170
-
171
- Copy that file to your trusted_certs_dir (currently: #{configuration.trusted_certs_dir})
172
- using SSH/SCP or some other secure method, then re-run this command to confirm
173
- that the server's certificate is now trusted.
174
-
175
- BAD_CERTS
176
- # @TODO: ^ needs URL once documentation is posted.
177
- end
178
-
179
- def debug_invalid_cert
180
- noverify_socket.connect
181
- issuer_info = noverify_socket.peer_cert.issuer
182
- ui.msg("Certificate issuer data: #{issuer_info}")
183
-
184
- ui.msg("\n#{ui.color("Configuration Info:", :bold)}\n\n")
185
- debug_ssl_settings
186
- debug_chef_ssl_config
187
-
188
- ui.err(<<~ADVICE)
189
-
190
- #{ui.color("TO FIX THIS ERROR:", :bold)}
191
-
192
- If the server you are connecting to uses a self-signed certificate, you must
193
- configure #{ChefUtils::Dist::Infra::PRODUCT} to trust that server's certificate.
194
-
195
- By default, the certificate is stored in the following location on the host
196
- where your chef-server runs:
197
-
198
- /var/opt/opscode/nginx/ca/SERVER_HOSTNAME.crt
199
-
200
- Copy that file to your trusted_certs_dir (currently: #{configuration.trusted_certs_dir})
201
- using SSH/SCP or some other secure method, then re-run this command to confirm
202
- that the server's certificate is now trusted.
203
-
204
- ADVICE
205
- end
206
-
207
- def debug_invalid_host
208
- noverify_socket.connect
209
- subject = noverify_socket.peer_cert.subject
210
- cn_field_tuple = subject.to_a.find { |field| field[0] == "CN" }
211
- cn = cn_field_tuple[1]
212
-
213
- ui.error("You are attempting to connect to: '#{host}'")
214
- ui.error("The server's certificate belongs to '#{cn}'")
215
- ui.err(<<~ADVICE)
216
-
217
- #{ui.color("TO FIX THIS ERROR:", :bold)}
218
-
219
- The solution for this issue depends on your networking configuration. If you
220
- are able to connect to this server using the hostname #{cn}
221
- instead of #{host}, then you can resolve this issue by updating chef_server_url
222
- in your configuration file.
223
-
224
- If you are not able to connect to the server using the hostname #{cn}
225
- you will have to update the certificate on the server to use the correct hostname.
226
- ADVICE
227
- end
228
-
229
- def debug_ssl_settings
230
- ui.err "OpenSSL Configuration:"
231
- ui.err "* Version: #{OpenSSL::OPENSSL_VERSION}"
232
- ui.err "* Certificate file: #{OpenSSL::X509::DEFAULT_CERT_FILE}"
233
- ui.err "* Certificate directory: #{OpenSSL::X509::DEFAULT_CERT_DIR}"
234
- end
235
-
236
- def debug_chef_ssl_config
237
- ui.err "#{ChefUtils::Dist::Infra::PRODUCT} SSL Configuration:"
238
- ui.err "* ssl_ca_path: #{configuration.ssl_ca_path.inspect}"
239
- ui.err "* ssl_ca_file: #{configuration.ssl_ca_file.inspect}"
240
- ui.err "* trusted_certs_dir: #{configuration.trusted_certs_dir.inspect}"
241
- end
242
-
243
- def configuration
244
- Chef::Config
245
- end
246
-
247
- def run
248
- validate_uri
249
-
250
- if verify_X509 && verify_cert && verify_cert_host
251
- ui.msg "Successfully verified certificates from `#{host}'"
252
- else
253
- exit 1
254
- end
255
- end
256
-
257
- private
258
-
259
- def trusted_certificates
260
- if configuration.trusted_certs_dir && Dir.exist?(configuration.trusted_certs_dir)
261
- glob_dir = ChefConfig::PathHelper.escape_glob_dir(configuration.trusted_certs_dir)
262
- Dir.glob(File.join(glob_dir, "*.{crt,pem}"))
263
- else
264
- []
265
- end
266
- end
267
-
268
- def check_X509_certificate(cert_file)
269
- store = OpenSSL::X509::Store.new
270
- cert = OpenSSL::X509::Certificate.new(IO.read(File.expand_path(cert_file)))
271
- begin
272
- store.add_cert(cert)
273
- # test if the store can verify the cert we just added
274
- unless store.verify(cert) # true if verified, false if not
275
- return store.error_string
276
- end
277
- rescue OpenSSL::X509::StoreError => e
278
- return e.message
279
- end
280
- nil
281
- end
282
- end
283
- end
284
- end
@@ -1,161 +0,0 @@
1
- #
2
- # Author:: Daniel DeLeo (<dan@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "../knife"
20
-
21
- class Chef
22
- class Knife
23
- class SslFetch < Chef::Knife
24
-
25
- deps do
26
- require_relative "../config"
27
- require "pp" unless defined?(PP)
28
- require "socket" unless defined?(Socket)
29
- require "uri" unless defined?(URI)
30
- require "openssl" unless defined?(OpenSSL)
31
- require_relative "../mixin/proxified_socket"
32
- include Chef::Mixin::ProxifiedSocket
33
- end
34
-
35
- banner "knife ssl fetch [URL] (options)"
36
-
37
- def initialize(*args)
38
- super
39
- @uri = nil
40
- end
41
-
42
- def uri
43
- @uri ||= begin
44
- Chef::Log.trace("Checking SSL cert on #{given_uri}")
45
- URI.parse(given_uri)
46
- end
47
- end
48
-
49
- def given_uri
50
- (name_args[0] || Chef::Config.chef_server_url)
51
- end
52
-
53
- def host
54
- uri.host
55
- end
56
-
57
- def port
58
- uri.port
59
- end
60
-
61
- def validate_uri
62
- unless host && port
63
- invalid_uri!
64
- end
65
- rescue URI::Error
66
- invalid_uri!
67
- end
68
-
69
- def invalid_uri!
70
- ui.error("Given URI: `#{given_uri}' is invalid")
71
- show_usage
72
- exit 1
73
- end
74
-
75
- def remote_cert_chain
76
- tcp_connection = proxified_socket(host, port)
77
- shady_ssl_connection = OpenSSL::SSL::SSLSocket.new(tcp_connection, noverify_peer_ssl_context)
78
- shady_ssl_connection.connect
79
- shady_ssl_connection.peer_cert_chain
80
- end
81
-
82
- def noverify_peer_ssl_context
83
- @noverify_peer_ssl_context ||= begin
84
- noverify_peer_context = OpenSSL::SSL::SSLContext.new
85
- noverify_peer_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
86
- noverify_peer_context
87
- end
88
- end
89
-
90
- def cn_of(certificate)
91
- subject = certificate.subject
92
- if cn_field_tuple = subject.to_a.find { |field| field[0] == "CN" }
93
- cn_field_tuple[1]
94
- else
95
- nil
96
- end
97
- end
98
-
99
- # Convert the CN of a certificate into something that will work well as a
100
- # filename. To do so, all `*` characters are converted to the string
101
- # "wildcard" and then all characters other than alphanumeric and hyphen
102
- # characters are converted to underscores.
103
- # NOTE: There is some confusion about what the CN will contain when
104
- # using internationalized domain names. RFC 6125 mandates that the ascii
105
- # representation be used, but it is not clear whether this is followed in
106
- # practice.
107
- # https://tools.ietf.org/html/rfc6125#section-6.4.2
108
- def normalize_cn(cn)
109
- cn.gsub("*", "wildcard").gsub(/[^[:alnum:]\-]/, "_")
110
- end
111
-
112
- def configuration
113
- Chef::Config
114
- end
115
-
116
- def trusted_certs_dir
117
- configuration.trusted_certs_dir
118
- end
119
-
120
- def write_cert(cert)
121
- FileUtils.mkdir_p(trusted_certs_dir)
122
- cn = cn_of(cert)
123
- filename = cn.nil? ? "#{host}_#{Time.new.to_i}" : normalize_cn(cn)
124
- full_path = File.join(trusted_certs_dir, "#{filename}.crt")
125
- ui.msg("Adding certificate for #{filename} in #{full_path}")
126
- File.open(full_path, File::CREAT | File::TRUNC | File::RDWR, 0644) do |f|
127
- f.print(cert.to_s)
128
- end
129
- end
130
-
131
- def run
132
- validate_uri
133
- ui.warn(<<~TRUST_TRUST)
134
- Certificates from #{host} will be fetched and placed in your trusted_cert
135
- directory (#{trusted_certs_dir}).
136
-
137
- Knife has no means to verify these are the correct certificates. You should
138
- verify the authenticity of these certificates after downloading.
139
-
140
- TRUST_TRUST
141
- remote_cert_chain.each do |cert|
142
- write_cert(cert)
143
- end
144
- rescue OpenSSL::SSL::SSLError => e
145
- # 'unknown protocol' usually means you tried to connect to a non-ssl
146
- # service. We handle that specially here, any other error we let bubble
147
- # up (probably a bug of some sort).
148
- raise unless e.message.include?("unknown protocol")
149
-
150
- ui.error("The service at the given URI (#{uri}) does not accept SSL connections")
151
-
152
- if uri.scheme == "http"
153
- https_uri = uri.to_s.sub(/^http/, "https")
154
- ui.error("Perhaps you meant to connect to '#{https_uri}'?")
155
- end
156
- exit 1
157
- end
158
-
159
- end
160
- end
161
- end
@@ -1,95 +0,0 @@
1
- #
2
- # Author:: Ian Meyer (<ianmmeyer@gmail.com>)
3
- # Copyright:: Copyright 2010-2020, Ian Meyer
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "../knife"
20
- require_relative "core/status_presenter"
21
- require_relative "core/formatting_options"
22
- require "chef-utils/dist" unless defined?(ChefUtils::Dist)
23
-
24
- class Chef
25
- class Knife
26
- class Status < Knife
27
- include Knife::Core::FormattingOptions
28
-
29
- deps do
30
- require_relative "../search/query"
31
- end
32
-
33
- banner "knife status QUERY (options)"
34
-
35
- option :run_list,
36
- short: "-r",
37
- long: "--run-list",
38
- description: "Show the run list"
39
-
40
- option :sort_reverse,
41
- short: "-s",
42
- long: "--sort-reverse",
43
- description: "Sort the status list by last run time descending"
44
-
45
- option :hide_by_mins,
46
- long: "--hide-by-mins MINS",
47
- description: "Hide nodes that have run #{ChefUtils::Dist::Infra::CLIENT} in the last MINS minutes"
48
-
49
- def append_to_query(term)
50
- @query << " AND " unless @query.empty?
51
- @query << term
52
- end
53
-
54
- def run
55
- ui.use_presenter Knife::Core::StatusPresenter
56
-
57
- if config[:long_output]
58
- opts = {}
59
- else
60
- opts = { filter_result:
61
- { name: ["name"], ipaddress: ["ipaddress"], ohai_time: ["ohai_time"],
62
- cloud: ["cloud"], run_list: ["run_list"], platform: ["platform"],
63
- platform_version: ["platform_version"], chef_environment: ["chef_environment"] } }
64
- end
65
-
66
- @query ||= ""
67
- append_to_query(@name_args[0]) if @name_args[0]
68
- append_to_query("chef_environment:#{config[:environment]}") if config[:environment]
69
-
70
- if config[:hide_by_mins]
71
- hide_by_mins = config[:hide_by_mins].to_i
72
- time = Time.now.to_i
73
- # AND NOT is not valid lucene syntax, so don't use append_to_query
74
- @query << " " unless @query.empty?
75
- @query << "NOT ohai_time:[#{(time - hide_by_mins * 60)} TO #{time}]"
76
- end
77
-
78
- @query = @query.empty? ? "*:*" : @query
79
-
80
- all_nodes = []
81
- q = Chef::Search::Query.new
82
- Chef::Log.info("Sending query: #{@query}")
83
- q.search(:node, @query, opts) do |node|
84
- all_nodes << node
85
- end
86
-
87
- all_nodes.sort_by! { |n| n["ohai_time"] || 0 }
88
- all_nodes.reverse! if config[:sort_reverse] || config[:sort_status_reverse]
89
-
90
- output(all_nodes)
91
- end
92
-
93
- end
94
- end
95
- end
@@ -1,121 +0,0 @@
1
- #
2
- # Author:: Christopher Webber (<cwebber@chef.io>)
3
- # Copyright:: Copyright (c) Chef Software Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- require_relative "../knife"
20
-
21
- class Chef
22
- class Knife
23
- class SupermarketDownload < Knife
24
-
25
- banner "knife supermarket download COOKBOOK [VERSION] (options)"
26
- category "supermarket"
27
-
28
- deps do
29
- require "fileutils" unless defined?(FileUtils)
30
- end
31
-
32
- option :file,
33
- short: "-f FILE",
34
- long: "--file FILE",
35
- description: "The filename to write to."
36
-
37
- option :force,
38
- long: "--force",
39
- description: "Force download deprecated version."
40
-
41
- option :supermarket_site,
42
- short: "-m SUPERMARKET_SITE",
43
- long: "--supermarket-site SUPERMARKET_SITE",
44
- description: "The URL of the Supermarket site.",
45
- default: "https://supermarket.chef.io"
46
-
47
- def run
48
- if current_cookbook_deprecated?
49
- message = "DEPRECATION: This cookbook has been deprecated. "
50
- replacement = replacement_cookbook
51
- if !replacement.to_s.strip.empty?
52
- message << "It has been replaced by #{replacement}."
53
- else
54
- message << "No replacement has been defined."
55
- end
56
- ui.warn message
57
-
58
- unless config[:force]
59
- ui.warn "Use --force to force download deprecated cookbook."
60
- return
61
- end
62
- end
63
-
64
- download_cookbook
65
- end
66
-
67
- def version
68
- @version = desired_cookbook_data["version"]
69
- end
70
-
71
- private
72
-
73
- def cookbooks_api_url
74
- "#{config[:supermarket_site]}/api/v1/cookbooks"
75
- end
76
-
77
- def current_cookbook_data
78
- @current_cookbook_data ||= begin
79
- noauth_rest.get "#{cookbooks_api_url}/#{@name_args[0]}"
80
- end
81
- end
82
-
83
- def current_cookbook_deprecated?
84
- current_cookbook_data["deprecated"] == true
85
- end
86
-
87
- def desired_cookbook_data
88
- @desired_cookbook_data ||= begin
89
- uri = if @name_args.length == 1
90
- current_cookbook_data["latest_version"]
91
- else
92
- specific_cookbook_version_url
93
- end
94
-
95
- noauth_rest.get uri
96
- end
97
- end
98
-
99
- def download_cookbook
100
- ui.info "Downloading #{@name_args[0]} from Supermarket at version #{version} to #{download_location}"
101
- tf = noauth_rest.streaming_request(desired_cookbook_data["file"])
102
-
103
- ::FileUtils.cp tf.path, download_location
104
- ui.info "Cookbook saved: #{download_location}"
105
- end
106
-
107
- def download_location
108
- config[:file] ||= File.join Dir.pwd, "#{@name_args[0]}-#{version}.tar.gz"
109
- config[:file]
110
- end
111
-
112
- def replacement_cookbook
113
- File.basename(current_cookbook_data["replacement"] || "")
114
- end
115
-
116
- def specific_cookbook_version_url
117
- "#{cookbooks_api_url}/#{@name_args[0]}/versions/#{@name_args[1].tr(".", "_")}"
118
- end
119
- end
120
- end
121
- end