chef 16.18.0-universal-mingw32 → 17.0.242-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +9 -13
- data/README.md +1 -1
- data/Rakefile +2 -2
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +6 -8
- data/lib/chef/action_collection.rb +1 -1
- data/lib/chef/application/base.rb +1 -1
- data/lib/chef/application.rb +1 -1
- data/lib/chef/applications.rb +0 -1
- data/lib/chef/chef_fs/command_line.rb +5 -2
- data/lib/chef/chef_fs/file_system.rb +9 -10
- data/lib/chef/client.rb +5 -5
- data/lib/chef/compliance/default_attributes.rb +4 -3
- data/lib/chef/compliance/fetcher/automate.rb +0 -7
- data/lib/chef/compliance/reporter/automate.rb +17 -7
- data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
- data/lib/chef/compliance/reporter/cli.rb +77 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
- data/lib/chef/compliance/reporter/json_file.rb +8 -1
- data/lib/chef/compliance/runner.rb +65 -27
- data/lib/chef/cookbook/gem_installer.rb +1 -5
- data/lib/chef/cookbook/synchronizer.rb +3 -5
- data/lib/chef/cookbook_loader.rb +2 -4
- data/lib/chef/cookbook_uploader.rb +0 -1
- data/lib/chef/cookbook_version.rb +4 -26
- data/lib/chef/data_bag_item.rb +11 -2
- data/lib/chef/data_collector/run_end_message.rb +2 -2
- data/lib/chef/delayed_evaluator.rb +4 -0
- data/lib/chef/deprecated.rb +6 -12
- data/lib/chef/dsl/chef_vault.rb +6 -6
- data/lib/chef/dsl/reboot_pending.rb +1 -2
- data/lib/chef/exceptions.rb +0 -3
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/group.rb +75 -0
- data/lib/chef/http.rb +5 -5
- data/lib/chef/mixin/get_source_from_package.rb +1 -1
- data/lib/chef/node/attribute.rb +9 -24
- data/lib/chef/node/immutable_collections.rb +13 -0
- data/lib/chef/node/mixin/deep_merge_cache.rb +14 -10
- data/lib/chef/node.rb +19 -20
- data/lib/chef/org.rb +3 -2
- data/lib/chef/policy_builder/policyfile.rb +0 -5
- data/lib/chef/property.rb +18 -0
- data/lib/chef/provider/cron.rb +1 -1
- data/lib/chef/provider/execute.rb +2 -1
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/git.rb +5 -7
- data/lib/chef/provider/group/dscl.rb +1 -1
- data/lib/chef/provider/group/groupadd.rb +3 -3
- data/lib/chef/provider/group/groupmod.rb +3 -3
- data/lib/chef/provider/group/pw.rb +3 -3
- data/lib/chef/provider/ifconfig.rb +2 -2
- data/lib/chef/provider/link.rb +2 -2
- data/lib/chef/provider/mount/aix.rb +3 -3
- data/lib/chef/provider/mount/mount.rb +5 -5
- data/lib/chef/provider/mount/windows.rb +1 -1
- data/lib/chef/provider/mount.rb +5 -5
- data/lib/chef/provider/package/apt.rb +27 -1
- data/lib/chef/provider/package/deb.rb +3 -3
- data/lib/chef/provider/package/dnf/dnf_helper.py +1 -1
- data/lib/chef/provider/package/portage.rb +2 -2
- data/lib/chef/provider/package/powershell.rb +0 -5
- data/lib/chef/provider/package/rubygems.rb +9 -15
- data/lib/chef/provider/package/windows.rb +2 -4
- data/lib/chef/provider/package/yum/yum_helper.py +1 -1
- data/lib/chef/provider/package.rb +17 -21
- data/lib/chef/provider/route.rb +2 -2
- data/lib/chef/provider/service/aixinit.rb +1 -1
- data/lib/chef/provider/service/debian.rb +1 -1
- data/lib/chef/provider/service/freebsd.rb +15 -21
- data/lib/chef/provider/service/macosx.rb +4 -4
- data/lib/chef/provider/service/systemd.rb +43 -14
- data/lib/chef/provider/service/upstart.rb +2 -13
- data/lib/chef/provider/service/windows.rb +12 -12
- data/lib/chef/provider/service.rb +6 -6
- data/lib/chef/provider/subversion.rb +10 -12
- data/lib/chef/provider/systemd_unit.rb +36 -10
- data/lib/chef/provider/template/content.rb +3 -7
- data/lib/chef/provider/user/dscl.rb +1 -1
- data/lib/chef/provider/user/mac.rb +17 -20
- data/lib/chef/provider/user/pw.rb +1 -1
- data/lib/chef/provider/user/windows.rb +1 -1
- data/lib/chef/provider/user.rb +2 -2
- data/lib/chef/provider/zypper_repository.rb +2 -2
- data/lib/chef/provider.rb +1 -1
- data/lib/chef/providers.rb +0 -1
- data/lib/chef/resource/alternatives.rb +6 -6
- data/lib/chef/resource/apt_package.rb +1 -1
- data/lib/chef/resource/apt_preference.rb +2 -2
- data/lib/chef/resource/apt_repository.rb +6 -6
- data/lib/chef/resource/apt_update.rb +3 -2
- data/lib/chef/resource/archive_file.rb +8 -9
- data/lib/chef/resource/breakpoint.rb +1 -1
- data/lib/chef/resource/build_essential.rb +2 -6
- data/lib/chef/resource/chef_client_config.rb +2 -2
- data/lib/chef/resource/chef_client_cron.rb +4 -4
- data/lib/chef/resource/chef_client_launchd.rb +3 -3
- data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
- data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
- data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
- data/lib/chef/resource/chef_handler.rb +3 -7
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/chef_vault_secret.rb +3 -8
- data/lib/chef/resource/chocolatey_config.rb +2 -6
- data/lib/chef/resource/chocolatey_feature.rb +2 -6
- data/lib/chef/resource/chocolatey_source.rb +4 -10
- data/lib/chef/resource/cron/_cron_shared.rb +2 -2
- data/lib/chef/resource/cron_access.rb +2 -4
- data/lib/chef/resource/dmg_package.rb +6 -10
- data/lib/chef/resource/dpkg_package.rb +1 -1
- data/lib/chef/resource/execute.rb +6 -1
- data/lib/chef/resource/file.rb +1 -1
- data/lib/chef/resource/group.rb +2 -2
- data/lib/chef/resource/homebrew_cask.rb +5 -15
- data/lib/chef/resource/homebrew_tap.rb +2 -6
- data/lib/chef/resource/hostname.rb +21 -17
- data/lib/chef/resource/http_request.rb +1 -1
- data/lib/chef/resource/kernel_module.rb +6 -17
- data/lib/chef/resource/locale.rb +2 -3
- data/lib/chef/resource/lwrp_base.rb +4 -0
- data/lib/chef/resource/macos_userdefaults.rb +10 -14
- data/lib/chef/resource/mdadm.rb +53 -7
- data/lib/chef/resource/mount.rb +3 -2
- data/lib/chef/resource/openssl_ec_private_key.rb +2 -2
- data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
- data/lib/chef/resource/openssl_x509_certificate.rb +2 -2
- data/lib/chef/resource/plist.rb +7 -7
- data/lib/chef/resource/powershell_script.rb +1 -1
- data/lib/chef/resource/remote_file.rb +1 -1
- data/lib/chef/resource/rhsm_errata.rb +16 -1
- data/lib/chef/resource/rhsm_errata_level.rb +10 -1
- data/lib/chef/resource/rhsm_register.rb +12 -6
- data/lib/chef/resource/rhsm_repo.rb +2 -6
- data/lib/chef/resource/rhsm_subscription.rb +7 -11
- data/lib/chef/resource/scm/git.rb +1 -1
- data/lib/chef/resource/sudo.rb +6 -6
- data/lib/chef/resource/support/client.erb +2 -6
- data/lib/chef/resource/sysctl.rb +2 -6
- data/lib/chef/resource/systemd_unit.rb +3 -3
- data/lib/chef/resource/template.rb +1 -1
- data/lib/chef/resource/timezone.rb +1 -3
- data/lib/chef/resource/user/mac_user.rb +1 -1
- data/lib/chef/resource/user_ulimit.rb +2 -3
- data/lib/chef/resource/windows_ad_join.rb +2 -6
- data/lib/chef/resource/windows_audit_policy.rb +1 -1
- data/lib/chef/resource/windows_auto_run.rb +2 -5
- data/lib/chef/resource/windows_certificate.rb +207 -73
- data/lib/chef/resource/windows_dfs_folder.rb +2 -6
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
- data/lib/chef/resource/windows_dfs_server.rb +1 -3
- data/lib/chef/resource/windows_dns_record.rb +2 -6
- data/lib/chef/resource/windows_dns_zone.rb +2 -6
- data/lib/chef/resource/windows_env.rb +5 -4
- data/lib/chef/resource/windows_feature.rb +3 -9
- data/lib/chef/resource/windows_feature_dism.rb +2 -6
- data/lib/chef/resource/windows_feature_powershell.rb +3 -3
- data/lib/chef/resource/windows_firewall_profile.rb +4 -4
- data/lib/chef/resource/windows_firewall_rule.rb +2 -5
- data/lib/chef/resource/windows_font.rb +2 -4
- data/lib/chef/resource/windows_pagefile.rb +2 -6
- data/lib/chef/resource/windows_path.rb +2 -2
- data/lib/chef/resource/windows_printer.rb +4 -4
- data/lib/chef/resource/windows_printer_port.rb +6 -6
- data/lib/chef/resource/windows_security_policy.rb +9 -12
- data/lib/chef/resource/windows_share.rb +14 -21
- data/lib/chef/resource/windows_shortcut.rb +4 -6
- data/lib/chef/resource/windows_task.rb +17 -5
- data/lib/chef/resource/windows_uac.rb +2 -4
- data/lib/chef/resource/windows_user_privilege.rb +5 -5
- data/lib/chef/resource/windows_workgroup.rb +1 -2
- data/lib/chef/resource.rb +1 -1
- data/lib/chef/resource_reporter.rb +1 -1
- data/lib/chef/resources.rb +0 -1
- data/lib/chef/shell/ext.rb +3 -3
- data/lib/chef/user.rb +0 -1
- data/lib/chef/user_v1.rb +3 -4
- data/lib/chef/util/dsc/configuration_generator.rb +1 -0
- data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api.rb +2 -9
- data/lib/chef/win32/registry.rb +4 -2
- data/lib/chef/win32/version.rb +1 -2
- data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
- data/spec/data/lwrp/resources/bar.rb +2 -0
- data/spec/data/lwrp/resources/buck_passer.rb +1 -0
- data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
- data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
- data/spec/data/lwrp/resources/foo.rb +2 -0
- data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
- data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
- data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
- data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
- data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
- data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
- data/spec/data/lwrp_override/resources/foo.rb +1 -0
- data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
- data/spec/data/rubygems.org/sexp_processor-info +49 -0
- data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
- data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
- data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
- data/spec/functional/dsl/registry_helper_spec.rb +1 -1
- data/spec/functional/resource/aixinit_service_spec.rb +7 -7
- data/spec/functional/resource/apt_package_spec.rb +1 -1
- data/spec/functional/resource/chocolatey_package_spec.rb +9 -0
- data/spec/functional/resource/dnf_package_spec.rb +4 -1
- data/spec/functional/resource/group_spec.rb +1 -5
- data/spec/functional/resource/link_spec.rb +0 -8
- data/spec/functional/resource/registry_spec.rb +8 -8
- data/spec/functional/resource/user/mac_user_spec.rb +2 -2
- data/spec/functional/resource/windows_certificate_spec.rb +92 -35
- data/spec/functional/version_spec.rb +1 -1
- data/spec/functional/win32/registry_spec.rb +1 -1
- data/spec/integration/client/client_spec.rb +5 -2
- data/spec/integration/client/exit_code_spec.rb +1 -1
- data/spec/integration/client/ipv6_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +1 -1
- data/spec/integration/ohai/ohai_spec.rb +7 -6
- data/spec/integration/recipes/accumulator_spec.rb +13 -1
- data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
- data/spec/integration/recipes/lwrp_spec.rb +3 -1
- data/spec/integration/recipes/notifies_spec.rb +15 -1
- data/spec/integration/recipes/notifying_block_spec.rb +2 -1
- data/spec/integration/recipes/recipe_dsl_spec.rb +9 -9
- data/spec/integration/recipes/unified_mode_spec.rb +1 -1
- data/spec/integration/recipes/use_partial_spec.rb +4 -1
- data/spec/spec_helper.rb +10 -13
- data/spec/support/chef_helpers.rb +0 -16
- data/spec/support/lib/chef/resource/with_state.rb +0 -1
- data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
- data/spec/support/lib/chef/resource/zen_master.rb +0 -1
- data/spec/support/matchers/leak.rb +7 -9
- data/spec/support/platform_helpers.rb +1 -8
- data/spec/support/shared/integration/integration_helper.rb +0 -1
- data/spec/support/shared/unit/script_resource.rb +2 -2
- data/spec/unit/application/solo_spec.rb +2 -2
- data/spec/unit/chef_fs/diff_spec.rb +1 -1
- data/spec/unit/chef_fs/file_system_spec.rb +1 -1
- data/spec/unit/client_spec.rb +4 -4
- data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
- data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
- data/spec/unit/compliance/runner_spec.rb +30 -4
- data/spec/unit/cookbook_version_spec.rb +0 -52
- data/spec/unit/data_bag_item_spec.rb +1 -6
- data/spec/unit/data_collector_spec.rb +2 -71
- data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
- data/spec/unit/dsl/registry_helper_spec.rb +1 -1
- data/spec/unit/lwrp_spec.rb +1 -1
- data/spec/unit/mixin/params_validate_spec.rb +4 -3
- data/spec/unit/mixin/powershell_out_spec.rb +2 -2
- data/spec/unit/node/attribute_spec.rb +1 -1
- data/spec/unit/node_spec.rb +78 -0
- data/spec/unit/org_group_spec.rb +45 -0
- data/spec/unit/policy_builder/policyfile_spec.rb +1 -11
- data/spec/unit/property_spec.rb +23 -22
- data/spec/unit/provider/cron_spec.rb +1 -1
- data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
- data/spec/unit/provider/group/groupmod_spec.rb +2 -2
- data/spec/unit/provider/group/pw_spec.rb +2 -2
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/package/apt_spec.rb +84 -18
- data/spec/unit/provider/package/deb_spec.rb +3 -3
- data/spec/unit/provider/package/powershell_spec.rb +12 -74
- data/spec/unit/provider/package/rubygems_spec.rb +18 -30
- data/spec/unit/provider/service/arch_service_spec.rb +1 -0
- data/spec/unit/provider/service/debian_service_spec.rb +1 -0
- data/spec/unit/provider/service/macosx_spec.rb +2 -2
- data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
- data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
- data/spec/unit/provider/service/windows_spec.rb +2 -2
- data/spec/unit/provider/subversion_spec.rb +2 -2
- data/spec/unit/provider/systemd_unit_spec.rb +79 -60
- data/spec/unit/provider/zypper_repository_spec.rb +2 -2
- data/spec/unit/provider_spec.rb +0 -8
- data/spec/unit/resource/archive_file_spec.rb +1 -13
- data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +0 -14
- data/spec/unit/resource/homebrew_cask_spec.rb +11 -29
- data/spec/unit/resource/mount_spec.rb +0 -10
- data/spec/unit/resource/powershell_script_spec.rb +2 -2
- data/spec/unit/resource/rhsm_subscription_spec.rb +3 -50
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/user_ulimit_spec.rb +1 -14
- data/spec/unit/resource/windows_task_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +2 -7
- data/spec/unit/user_spec.rb +1 -1
- data/spec/unit/user_v1_spec.rb +6 -4
- data/tasks/rspec.rb +15 -7
- metadata +19 -382
- data/bin/knife +0 -24
- data/lib/chef/application/knife.rb +0 -234
- data/lib/chef/application/windows_service.rb +0 -338
- data/lib/chef/application/windows_service_manager.rb +0 -205
- data/lib/chef/chef_fs/knife.rb +0 -160
- data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
- data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
- data/lib/chef/chef_fs/parallelizer.rb +0 -102
- data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
- data/lib/chef/knife/acl_add.rb +0 -57
- data/lib/chef/knife/acl_base.rb +0 -183
- data/lib/chef/knife/acl_bulk_add.rb +0 -78
- data/lib/chef/knife/acl_bulk_remove.rb +0 -83
- data/lib/chef/knife/acl_remove.rb +0 -62
- data/lib/chef/knife/acl_show.rb +0 -56
- data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
- data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
- data/lib/chef/knife/bootstrap/templates/README.md +0 -11
- data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
- data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
- data/lib/chef/knife/bootstrap.rb +0 -1192
- data/lib/chef/knife/client_bulk_delete.rb +0 -104
- data/lib/chef/knife/client_create.rb +0 -101
- data/lib/chef/knife/client_delete.rb +0 -62
- data/lib/chef/knife/client_edit.rb +0 -52
- data/lib/chef/knife/client_key_create.rb +0 -73
- data/lib/chef/knife/client_key_delete.rb +0 -80
- data/lib/chef/knife/client_key_edit.rb +0 -83
- data/lib/chef/knife/client_key_list.rb +0 -73
- data/lib/chef/knife/client_key_show.rb +0 -80
- data/lib/chef/knife/client_list.rb +0 -41
- data/lib/chef/knife/client_reregister.rb +0 -58
- data/lib/chef/knife/client_show.rb +0 -48
- data/lib/chef/knife/config_get.rb +0 -39
- data/lib/chef/knife/config_get_profile.rb +0 -37
- data/lib/chef/knife/config_list.rb +0 -139
- data/lib/chef/knife/config_list_profiles.rb +0 -37
- data/lib/chef/knife/config_show.rb +0 -127
- data/lib/chef/knife/config_use.rb +0 -61
- data/lib/chef/knife/config_use_profile.rb +0 -47
- data/lib/chef/knife/configure.rb +0 -150
- data/lib/chef/knife/configure_client.rb +0 -48
- data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
- data/lib/chef/knife/cookbook_delete.rb +0 -151
- data/lib/chef/knife/cookbook_download.rb +0 -142
- data/lib/chef/knife/cookbook_list.rb +0 -47
- data/lib/chef/knife/cookbook_metadata.rb +0 -106
- data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
- data/lib/chef/knife/cookbook_show.rb +0 -98
- data/lib/chef/knife/cookbook_upload.rb +0 -292
- data/lib/chef/knife/core/bootstrap_context.rb +0 -264
- data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
- data/lib/chef/knife/core/formatting_options.rb +0 -49
- data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
- data/lib/chef/knife/core/generic_presenter.rb +0 -232
- data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
- data/lib/chef/knife/core/node_editor.rb +0 -130
- data/lib/chef/knife/core/node_presenter.rb +0 -133
- data/lib/chef/knife/core/object_loader.rb +0 -115
- data/lib/chef/knife/core/status_presenter.rb +0 -147
- data/lib/chef/knife/core/subcommand_loader.rb +0 -203
- data/lib/chef/knife/core/text_formatter.rb +0 -85
- data/lib/chef/knife/core/ui.rb +0 -338
- data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -405
- data/lib/chef/knife/data_bag_create.rb +0 -81
- data/lib/chef/knife/data_bag_delete.rb +0 -49
- data/lib/chef/knife/data_bag_edit.rb +0 -74
- data/lib/chef/knife/data_bag_from_file.rb +0 -113
- data/lib/chef/knife/data_bag_list.rb +0 -42
- data/lib/chef/knife/data_bag_secret_options.rb +0 -122
- data/lib/chef/knife/data_bag_show.rb +0 -69
- data/lib/chef/knife/delete.rb +0 -125
- data/lib/chef/knife/deps.rb +0 -156
- data/lib/chef/knife/diff.rb +0 -83
- data/lib/chef/knife/download.rb +0 -84
- data/lib/chef/knife/edit.rb +0 -88
- data/lib/chef/knife/environment_compare.rb +0 -128
- data/lib/chef/knife/environment_create.rb +0 -52
- data/lib/chef/knife/environment_delete.rb +0 -44
- data/lib/chef/knife/environment_edit.rb +0 -44
- data/lib/chef/knife/environment_from_file.rb +0 -84
- data/lib/chef/knife/environment_list.rb +0 -41
- data/lib/chef/knife/environment_show.rb +0 -47
- data/lib/chef/knife/exec.rb +0 -99
- data/lib/chef/knife/group_add.rb +0 -55
- data/lib/chef/knife/group_create.rb +0 -49
- data/lib/chef/knife/group_destroy.rb +0 -53
- data/lib/chef/knife/group_list.rb +0 -43
- data/lib/chef/knife/group_remove.rb +0 -56
- data/lib/chef/knife/group_show.rb +0 -49
- data/lib/chef/knife/key_create.rb +0 -112
- data/lib/chef/knife/key_create_base.rb +0 -50
- data/lib/chef/knife/key_delete.rb +0 -55
- data/lib/chef/knife/key_edit.rb +0 -118
- data/lib/chef/knife/key_edit_base.rb +0 -55
- data/lib/chef/knife/key_list.rb +0 -90
- data/lib/chef/knife/key_list_base.rb +0 -45
- data/lib/chef/knife/key_show.rb +0 -53
- data/lib/chef/knife/list.rb +0 -177
- data/lib/chef/knife/node_bulk_delete.rb +0 -75
- data/lib/chef/knife/node_create.rb +0 -47
- data/lib/chef/knife/node_delete.rb +0 -46
- data/lib/chef/knife/node_edit.rb +0 -70
- data/lib/chef/knife/node_environment_set.rb +0 -53
- data/lib/chef/knife/node_from_file.rb +0 -51
- data/lib/chef/knife/node_list.rb +0 -44
- data/lib/chef/knife/node_policy_set.rb +0 -79
- data/lib/chef/knife/node_run_list_add.rb +0 -104
- data/lib/chef/knife/node_run_list_remove.rb +0 -67
- data/lib/chef/knife/node_run_list_set.rb +0 -66
- data/lib/chef/knife/node_show.rb +0 -63
- data/lib/chef/knife/null.rb +0 -12
- data/lib/chef/knife/raw.rb +0 -123
- data/lib/chef/knife/recipe_list.rb +0 -32
- data/lib/chef/knife/rehash.rb +0 -50
- data/lib/chef/knife/role_bulk_delete.rb +0 -66
- data/lib/chef/knife/role_create.rb +0 -53
- data/lib/chef/knife/role_delete.rb +0 -46
- data/lib/chef/knife/role_edit.rb +0 -45
- data/lib/chef/knife/role_env_run_list_add.rb +0 -87
- data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
- data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
- data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
- data/lib/chef/knife/role_env_run_list_set.rb +0 -70
- data/lib/chef/knife/role_from_file.rb +0 -51
- data/lib/chef/knife/role_list.rb +0 -42
- data/lib/chef/knife/role_run_list_add.rb +0 -87
- data/lib/chef/knife/role_run_list_clear.rb +0 -55
- data/lib/chef/knife/role_run_list_remove.rb +0 -56
- data/lib/chef/knife/role_run_list_replace.rb +0 -60
- data/lib/chef/knife/role_run_list_set.rb +0 -69
- data/lib/chef/knife/role_show.rb +0 -48
- data/lib/chef/knife/search.rb +0 -194
- data/lib/chef/knife/serve.rb +0 -65
- data/lib/chef/knife/show.rb +0 -72
- data/lib/chef/knife/ssh.rb +0 -645
- data/lib/chef/knife/ssl_check.rb +0 -284
- data/lib/chef/knife/ssl_fetch.rb +0 -161
- data/lib/chef/knife/status.rb +0 -95
- data/lib/chef/knife/supermarket_download.rb +0 -121
- data/lib/chef/knife/supermarket_install.rb +0 -192
- data/lib/chef/knife/supermarket_list.rb +0 -76
- data/lib/chef/knife/supermarket_search.rb +0 -53
- data/lib/chef/knife/supermarket_share.rb +0 -166
- data/lib/chef/knife/supermarket_show.rb +0 -66
- data/lib/chef/knife/supermarket_unshare.rb +0 -61
- data/lib/chef/knife/tag_create.rb +0 -52
- data/lib/chef/knife/tag_delete.rb +0 -60
- data/lib/chef/knife/tag_list.rb +0 -47
- data/lib/chef/knife/upload.rb +0 -86
- data/lib/chef/knife/user_create.rb +0 -107
- data/lib/chef/knife/user_delete.rb +0 -44
- data/lib/chef/knife/user_dissociate.rb +0 -42
- data/lib/chef/knife/user_edit.rb +0 -52
- data/lib/chef/knife/user_invite_add.rb +0 -43
- data/lib/chef/knife/user_invite_list.rb +0 -34
- data/lib/chef/knife/user_invite_rescind.rb +0 -63
- data/lib/chef/knife/user_key_create.rb +0 -73
- data/lib/chef/knife/user_key_delete.rb +0 -80
- data/lib/chef/knife/user_key_edit.rb +0 -83
- data/lib/chef/knife/user_key_list.rb +0 -73
- data/lib/chef/knife/user_key_show.rb +0 -80
- data/lib/chef/knife/user_list.rb +0 -42
- data/lib/chef/knife/user_reregister.rb +0 -59
- data/lib/chef/knife/user_show.rb +0 -48
- data/lib/chef/knife/xargs.rb +0 -282
- data/lib/chef/knife/yaml_convert.rb +0 -91
- data/lib/chef/knife.rb +0 -665
- data/lib/chef/resource/user/dscl_user.rb +0 -35
- data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
- data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
- data/spec/data/knife_subcommand/test_explicit_category.rb +0 -7
- data/spec/data/knife_subcommand/test_name_mapping.rb +0 -4
- data/spec/data/knife_subcommand/test_yourself.rb +0 -21
- data/spec/functional/knife/configure_spec.rb +0 -33
- data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
- data/spec/functional/knife/exec_spec.rb +0 -55
- data/spec/functional/knife/rehash_spec.rb +0 -39
- data/spec/functional/knife/smoke_test.rb +0 -42
- data/spec/functional/knife/ssh_spec.rb +0 -352
- data/spec/functional/resource/user/dscl_spec.rb +0 -188
- data/spec/functional/resource/windows_service_spec.rb +0 -105
- data/spec/functional/win32/service_manager_spec.rb +0 -220
- data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
- data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
- data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
- data/spec/integration/knife/chefignore_spec.rb +0 -301
- data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
- data/spec/integration/knife/client_create_spec.rb +0 -70
- data/spec/integration/knife/client_delete_spec.rb +0 -64
- data/spec/integration/knife/client_key_create_spec.rb +0 -66
- data/spec/integration/knife/client_key_delete_spec.rb +0 -43
- data/spec/integration/knife/client_key_list_spec.rb +0 -61
- data/spec/integration/knife/client_key_show_spec.rb +0 -45
- data/spec/integration/knife/client_list_spec.rb +0 -49
- data/spec/integration/knife/client_show_spec.rb +0 -37
- data/spec/integration/knife/common_options_spec.rb +0 -174
- data/spec/integration/knife/config_list_spec.rb +0 -220
- data/spec/integration/knife/config_show_spec.rb +0 -192
- data/spec/integration/knife/config_use_spec.rb +0 -198
- data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
- data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
- data/spec/integration/knife/cookbook_download_spec.rb +0 -72
- data/spec/integration/knife/cookbook_list_spec.rb +0 -55
- data/spec/integration/knife/cookbook_show_spec.rb +0 -149
- data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
- data/spec/integration/knife/data_bag_create_spec.rb +0 -125
- data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
- data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
- data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
- data/spec/integration/knife/data_bag_list_spec.rb +0 -44
- data/spec/integration/knife/data_bag_show_spec.rb +0 -95
- data/spec/integration/knife/delete_spec.rb +0 -1018
- data/spec/integration/knife/deps_spec.rb +0 -703
- data/spec/integration/knife/diff_spec.rb +0 -605
- data/spec/integration/knife/download_spec.rb +0 -1336
- data/spec/integration/knife/environment_compare_spec.rb +0 -75
- data/spec/integration/knife/environment_create_spec.rb +0 -41
- data/spec/integration/knife/environment_delete_spec.rb +0 -37
- data/spec/integration/knife/environment_from_file_spec.rb +0 -116
- data/spec/integration/knife/environment_list_spec.rb +0 -42
- data/spec/integration/knife/environment_show_spec.rb +0 -77
- data/spec/integration/knife/list_spec.rb +0 -1060
- data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
- data/spec/integration/knife/node_create_spec.rb +0 -47
- data/spec/integration/knife/node_delete_spec.rb +0 -48
- data/spec/integration/knife/node_environment_set_spec.rb +0 -46
- data/spec/integration/knife/node_from_file_spec.rb +0 -59
- data/spec/integration/knife/node_list_spec.rb +0 -45
- data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
- data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
- data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
- data/spec/integration/knife/node_show_spec.rb +0 -36
- data/spec/integration/knife/raw_spec.rb +0 -297
- data/spec/integration/knife/redirection_spec.rb +0 -64
- data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
- data/spec/integration/knife/role_create_spec.rb +0 -41
- data/spec/integration/knife/role_delete_spec.rb +0 -48
- data/spec/integration/knife/role_from_file_spec.rb +0 -96
- data/spec/integration/knife/role_list_spec.rb +0 -45
- data/spec/integration/knife/role_show_spec.rb +0 -51
- data/spec/integration/knife/search_node_spec.rb +0 -40
- data/spec/integration/knife/serve_spec.rb +0 -92
- data/spec/integration/knife/show_spec.rb +0 -197
- data/spec/integration/knife/upload_spec.rb +0 -1616
- data/spec/support/shared/functional/knife.rb +0 -37
- data/spec/support/shared/functional/win32_service.rb +0 -57
- data/spec/support/shared/integration/knife_support.rb +0 -192
- data/spec/support/shared/unit/knife_shared.rb +0 -39
- data/spec/unit/application/knife_spec.rb +0 -241
- data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
- data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
- data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
- data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
- data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
- data/spec/unit/knife/bootstrap_spec.rb +0 -2220
- data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
- data/spec/unit/knife/client_create_spec.rb +0 -169
- data/spec/unit/knife/client_delete_spec.rb +0 -99
- data/spec/unit/knife/client_edit_spec.rb +0 -53
- data/spec/unit/knife/client_list_spec.rb +0 -34
- data/spec/unit/knife/client_reregister_spec.rb +0 -62
- data/spec/unit/knife/client_show_spec.rb +0 -52
- data/spec/unit/knife/configure_client_spec.rb +0 -81
- data/spec/unit/knife/configure_spec.rb +0 -190
- data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
- data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
- data/spec/unit/knife/cookbook_download_spec.rb +0 -255
- data/spec/unit/knife/cookbook_list_spec.rb +0 -88
- data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
- data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
- data/spec/unit/knife/cookbook_show_spec.rb +0 -253
- data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
- data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
- data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
- data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
- data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
- data/spec/unit/knife/core/node_editor_spec.rb +0 -211
- data/spec/unit/knife/core/object_loader_spec.rb +0 -81
- data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
- data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
- data/spec/unit/knife/core/ui_spec.rb +0 -656
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
- data/spec/unit/knife/data_bag_create_spec.rb +0 -175
- data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
- data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
- data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
- data/spec/unit/knife/data_bag_show_spec.rb +0 -139
- data/spec/unit/knife/environment_compare_spec.rb +0 -112
- data/spec/unit/knife/environment_create_spec.rb +0 -91
- data/spec/unit/knife/environment_delete_spec.rb +0 -71
- data/spec/unit/knife/environment_edit_spec.rb +0 -79
- data/spec/unit/knife/environment_from_file_spec.rb +0 -90
- data/spec/unit/knife/environment_list_spec.rb +0 -54
- data/spec/unit/knife/environment_show_spec.rb +0 -52
- data/spec/unit/knife/key_create_spec.rb +0 -223
- data/spec/unit/knife/key_delete_spec.rb +0 -133
- data/spec/unit/knife/key_edit_spec.rb +0 -264
- data/spec/unit/knife/key_helper.rb +0 -74
- data/spec/unit/knife/key_list_spec.rb +0 -216
- data/spec/unit/knife/key_show_spec.rb +0 -126
- data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
- data/spec/unit/knife/node_delete_spec.rb +0 -77
- data/spec/unit/knife/node_edit_spec.rb +0 -116
- data/spec/unit/knife/node_environment_set_spec.rb +0 -61
- data/spec/unit/knife/node_from_file_spec.rb +0 -59
- data/spec/unit/knife/node_list_spec.rb +0 -62
- data/spec/unit/knife/node_policy_set_spec.rb +0 -122
- data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
- data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
- data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
- data/spec/unit/knife/node_show_spec.rb +0 -65
- data/spec/unit/knife/raw_spec.rb +0 -43
- data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
- data/spec/unit/knife/role_create_spec.rb +0 -80
- data/spec/unit/knife/role_delete_spec.rb +0 -67
- data/spec/unit/knife/role_edit_spec.rb +0 -77
- data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
- data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
- data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
- data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
- data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
- data/spec/unit/knife/role_from_file_spec.rb +0 -69
- data/spec/unit/knife/role_list_spec.rb +0 -54
- data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
- data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
- data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
- data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
- data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
- data/spec/unit/knife/role_show_spec.rb +0 -59
- data/spec/unit/knife/ssh_spec.rb +0 -403
- data/spec/unit/knife/ssl_check_spec.rb +0 -256
- data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
- data/spec/unit/knife/status_spec.rb +0 -112
- data/spec/unit/knife/supermarket_download_spec.rb +0 -152
- data/spec/unit/knife/supermarket_install_spec.rb +0 -202
- data/spec/unit/knife/supermarket_list_spec.rb +0 -70
- data/spec/unit/knife/supermarket_search_spec.rb +0 -85
- data/spec/unit/knife/supermarket_share_spec.rb +0 -208
- data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
- data/spec/unit/knife/tag_create_spec.rb +0 -23
- data/spec/unit/knife/tag_delete_spec.rb +0 -25
- data/spec/unit/knife/tag_list_spec.rb +0 -23
- data/spec/unit/knife/user_create_spec.rb +0 -184
- data/spec/unit/knife/user_delete_spec.rb +0 -46
- data/spec/unit/knife/user_edit_spec.rb +0 -48
- data/spec/unit/knife/user_list_spec.rb +0 -36
- data/spec/unit/knife/user_reregister_spec.rb +0 -56
- data/spec/unit/knife/user_show_spec.rb +0 -46
- data/spec/unit/knife_spec.rb +0 -634
- data/spec/unit/provider/user/dscl_spec.rb +0 -699
- data/spec/unit/windows_service_spec.rb +0 -118
@@ -1,83 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Jeremiah Snapp (jeremiah@chef.io)
|
3
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
4
|
-
# License:: Apache License, Version 2.0
|
5
|
-
#
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
-
# you may not use this file except in compliance with the License.
|
8
|
-
# You may obtain a copy of the License at
|
9
|
-
#
|
10
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
-
#
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
-
# See the License for the specific language governing permissions and
|
16
|
-
# limitations under the License.
|
17
|
-
#
|
18
|
-
|
19
|
-
require_relative "../knife"
|
20
|
-
|
21
|
-
class Chef
|
22
|
-
class Knife
|
23
|
-
class AclBulkRemove < Chef::Knife
|
24
|
-
category "acl"
|
25
|
-
banner "knife acl bulk remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE REGEX PERMS"
|
26
|
-
|
27
|
-
deps do
|
28
|
-
require_relative "acl_base"
|
29
|
-
include Chef::Knife::AclBase
|
30
|
-
end
|
31
|
-
|
32
|
-
def run
|
33
|
-
member_type, member_name, object_type, regex, perms = name_args
|
34
|
-
object_name_matcher = /#{regex}/
|
35
|
-
|
36
|
-
if name_args.length != 5
|
37
|
-
show_usage
|
38
|
-
ui.fatal "You must specify the member type [client|group|user], member name, object type, object name REGEX and perms"
|
39
|
-
exit 1
|
40
|
-
end
|
41
|
-
|
42
|
-
if member_name == "pivotal" && %w{client user}.include?(member_type)
|
43
|
-
ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
|
44
|
-
exit 1
|
45
|
-
end
|
46
|
-
if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
|
47
|
-
ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
|
48
|
-
ui.fatal " Removal could prevent future attempts to modify permissions."
|
49
|
-
exit 1
|
50
|
-
end
|
51
|
-
validate_perm_type!(perms)
|
52
|
-
validate_member_type!(member_type)
|
53
|
-
validate_member_name!(member_name)
|
54
|
-
validate_object_type!(object_type)
|
55
|
-
validate_member_exists!(member_type, member_name)
|
56
|
-
|
57
|
-
if %w{containers groups}.include?(object_type)
|
58
|
-
ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
|
59
|
-
exit 1
|
60
|
-
end
|
61
|
-
|
62
|
-
objects_to_modify = []
|
63
|
-
all_objects = rest.get_rest(object_type)
|
64
|
-
objects_to_modify = all_objects.keys.select { |object_name| object_name =~ object_name_matcher }
|
65
|
-
|
66
|
-
if objects_to_modify.empty?
|
67
|
-
ui.info "No #{object_type} match the expression /#{regex}/"
|
68
|
-
exit 0
|
69
|
-
end
|
70
|
-
|
71
|
-
ui.msg("The ACL of the following #{object_type} will be modified:")
|
72
|
-
ui.msg("")
|
73
|
-
ui.msg(ui.list(objects_to_modify.sort, :columns_down))
|
74
|
-
ui.msg("")
|
75
|
-
ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")
|
76
|
-
|
77
|
-
objects_to_modify.each do |object_name|
|
78
|
-
remove_from_acl!(member_type, member_name, object_type, object_name, perms)
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
@@ -1,62 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Steven Danna (steve@chef.io)
|
3
|
-
# Author:: Jeremiah Snapp (jeremiah@chef.io)
|
4
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
5
|
-
# License:: Apache License, Version 2.0
|
6
|
-
#
|
7
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
8
|
-
# you may not use this file except in compliance with the License.
|
9
|
-
# You may obtain a copy of the License at
|
10
|
-
#
|
11
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
12
|
-
#
|
13
|
-
# Unless required by applicable law or agreed to in writing, software
|
14
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
15
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
16
|
-
# See the License for the specific language governing permissions and
|
17
|
-
# limitations under the License.
|
18
|
-
#
|
19
|
-
|
20
|
-
require_relative "../knife"
|
21
|
-
|
22
|
-
class Chef
|
23
|
-
class Knife
|
24
|
-
class AclRemove < Chef::Knife
|
25
|
-
category "acl"
|
26
|
-
banner "knife acl remove MEMBER_TYPE MEMBER_NAME OBJECT_TYPE OBJECT_NAME PERMS"
|
27
|
-
|
28
|
-
deps do
|
29
|
-
require_relative "acl_base"
|
30
|
-
include Chef::Knife::AclBase
|
31
|
-
end
|
32
|
-
|
33
|
-
def run
|
34
|
-
member_type, member_name, object_type, object_name, perms = name_args
|
35
|
-
|
36
|
-
if name_args.length != 5
|
37
|
-
show_usage
|
38
|
-
ui.fatal "You must specify the member type [client|group|user], member name, object type, object name and perms"
|
39
|
-
exit 1
|
40
|
-
end
|
41
|
-
|
42
|
-
if member_name == "pivotal" && %w{client user}.include?(member_type)
|
43
|
-
ui.fatal "ERROR: 'pivotal' is a system user so knife-acl will not remove it from an ACL."
|
44
|
-
exit 1
|
45
|
-
end
|
46
|
-
if member_name == "admins" && member_type == "group" && perms.to_s.split(",").include?("grant")
|
47
|
-
ui.fatal "ERROR: knife-acl will not remove the 'admins' group from the 'grant' ACE."
|
48
|
-
ui.fatal " Removal could prevent future attempts to modify permissions."
|
49
|
-
exit 1
|
50
|
-
end
|
51
|
-
validate_perm_type!(perms)
|
52
|
-
validate_member_type!(member_type)
|
53
|
-
validate_member_name!(member_name)
|
54
|
-
validate_object_name!(object_name)
|
55
|
-
validate_object_type!(object_type)
|
56
|
-
validate_member_exists!(member_type, member_name)
|
57
|
-
|
58
|
-
remove_from_acl!(member_type, member_name, object_type, object_name, perms)
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
data/lib/chef/knife/acl_show.rb
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Steven Danna (steve@chef.io)
|
3
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
4
|
-
# License:: Apache License, Version 2.0
|
5
|
-
#
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
-
# you may not use this file except in compliance with the License.
|
8
|
-
# You may obtain a copy of the License at
|
9
|
-
#
|
10
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
-
#
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
-
# See the License for the specific language governing permissions and
|
16
|
-
# limitations under the License.
|
17
|
-
#
|
18
|
-
|
19
|
-
require_relative "../knife"
|
20
|
-
|
21
|
-
class Chef
|
22
|
-
class Knife
|
23
|
-
class AclShow < Chef::Knife
|
24
|
-
category "acl"
|
25
|
-
banner "knife acl show OBJECT_TYPE OBJECT_NAME"
|
26
|
-
|
27
|
-
deps do
|
28
|
-
require_relative "acl_base"
|
29
|
-
include Chef::Knife::AclBase
|
30
|
-
end
|
31
|
-
|
32
|
-
def run
|
33
|
-
object_type, object_name = name_args
|
34
|
-
|
35
|
-
if name_args.length != 2
|
36
|
-
show_usage
|
37
|
-
ui.fatal "You must specify an object type and object name"
|
38
|
-
exit 1
|
39
|
-
end
|
40
|
-
|
41
|
-
validate_object_type!(object_type)
|
42
|
-
validate_object_name!(object_name)
|
43
|
-
acl = get_acl(object_type, object_name)
|
44
|
-
PERM_TYPES.each do |perm|
|
45
|
-
# Filter out the actors field if we have
|
46
|
-
# users and clients. Note that if one is present,
|
47
|
-
# both will be - but we're checking both for completeness.
|
48
|
-
if acl[perm].key?("users") && acl[perm].key?("clients")
|
49
|
-
acl[perm].delete "actors"
|
50
|
-
end
|
51
|
-
end
|
52
|
-
ui.output acl
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
@@ -1,162 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Lamont Granquist (<lamont@chef.io>)
|
3
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
4
|
-
# License:: Apache License, Version 2.0
|
5
|
-
#
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
-
# you may not use this file except in compliance with the License.
|
8
|
-
# You may obtain a copy of the License at
|
9
|
-
#
|
10
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
-
#
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
-
# See the License for the specific language governing permissions and
|
16
|
-
# limitations under the License.
|
17
|
-
#
|
18
|
-
class Chef
|
19
|
-
class Knife
|
20
|
-
class Bootstrap < Knife
|
21
|
-
class ChefVaultHandler
|
22
|
-
|
23
|
-
# @return [Hash] knife merged config, typically @config
|
24
|
-
attr_accessor :config
|
25
|
-
|
26
|
-
# @return [Chef::Knife::UI] ui object for output
|
27
|
-
attr_accessor :ui
|
28
|
-
|
29
|
-
# @return [Chef::ApiClient] vault client
|
30
|
-
attr_reader :client
|
31
|
-
|
32
|
-
# @param config [Hash] knife merged config, typically @config
|
33
|
-
# @param ui [Chef::Knife::UI] ui object for output
|
34
|
-
def initialize(config: {}, knife_config: nil, ui: nil)
|
35
|
-
@config = config
|
36
|
-
unless knife_config.nil?
|
37
|
-
@config = knife_config
|
38
|
-
Chef.deprecated(:knife_bootstrap_apis, "The knife_config option to the Bootstrap::ClientBuilder object is deprecated and has been renamed to just 'config'")
|
39
|
-
end
|
40
|
-
@ui = ui
|
41
|
-
end
|
42
|
-
|
43
|
-
# Updates the chef vault items for the newly created client.
|
44
|
-
#
|
45
|
-
# @param client [Chef::ApiClient] vault client
|
46
|
-
def run(client)
|
47
|
-
return unless doing_chef_vault?
|
48
|
-
|
49
|
-
sanity_check
|
50
|
-
|
51
|
-
@client = client
|
52
|
-
|
53
|
-
update_bootstrap_vault_json!
|
54
|
-
end
|
55
|
-
|
56
|
-
# Iterate through all the vault items to update. Items may be either a String
|
57
|
-
# or an Array of Strings:
|
58
|
-
#
|
59
|
-
# {
|
60
|
-
# "vault1": "item",
|
61
|
-
# "vault2": [ "item1", "item2", "item2" ]
|
62
|
-
# }
|
63
|
-
#
|
64
|
-
def update_bootstrap_vault_json!
|
65
|
-
vault_json.each do |vault, items|
|
66
|
-
[ items ].flatten.each do |item|
|
67
|
-
update_vault(vault, item)
|
68
|
-
end
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
|
-
# @return [Boolean] if we've got chef vault options to act on or not
|
73
|
-
def doing_chef_vault?
|
74
|
-
!!(bootstrap_vault_json || bootstrap_vault_file || bootstrap_vault_item)
|
75
|
-
end
|
76
|
-
|
77
|
-
private
|
78
|
-
|
79
|
-
# warn if the user has given mutual conflicting options
|
80
|
-
def sanity_check
|
81
|
-
if bootstrap_vault_item && (bootstrap_vault_json || bootstrap_vault_file)
|
82
|
-
ui.warn "--vault-item given with --vault-list or --vault-file, ignoring the latter"
|
83
|
-
end
|
84
|
-
|
85
|
-
if bootstrap_vault_json && bootstrap_vault_file
|
86
|
-
ui.warn "--vault-list given with --vault-file, ignoring the latter"
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
# @return [String] string with serialized JSON representing the chef vault items
|
91
|
-
def bootstrap_vault_json
|
92
|
-
config[:bootstrap_vault_json]
|
93
|
-
end
|
94
|
-
|
95
|
-
# @return [String] JSON text in a file representing the chef vault items
|
96
|
-
def bootstrap_vault_file
|
97
|
-
config[:bootstrap_vault_file]
|
98
|
-
end
|
99
|
-
|
100
|
-
# @return [Hash] Ruby object representing the chef vault items to create
|
101
|
-
def bootstrap_vault_item
|
102
|
-
config[:bootstrap_vault_item]
|
103
|
-
end
|
104
|
-
|
105
|
-
# Helper to return a ruby object representing all the data bags and items
|
106
|
-
# to update via chef-vault.
|
107
|
-
#
|
108
|
-
# @return [Hash] deserialized ruby hash with all the vault items
|
109
|
-
def vault_json
|
110
|
-
@vault_json ||=
|
111
|
-
begin
|
112
|
-
if bootstrap_vault_item
|
113
|
-
bootstrap_vault_item
|
114
|
-
else
|
115
|
-
json = bootstrap_vault_json || File.read(bootstrap_vault_file)
|
116
|
-
Chef::JSONCompat.from_json(json)
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
120
|
-
|
121
|
-
# Update an individual vault item and save it
|
122
|
-
#
|
123
|
-
# @param vault [String] name of the chef-vault encrypted data bag
|
124
|
-
# @param item [String] name of the chef-vault encrypted item
|
125
|
-
def update_vault(vault, item)
|
126
|
-
require_chef_vault!
|
127
|
-
bootstrap_vault_item = load_chef_bootstrap_vault_item(vault, item)
|
128
|
-
bootstrap_vault_item.clients(client)
|
129
|
-
bootstrap_vault_item.save
|
130
|
-
end
|
131
|
-
|
132
|
-
# Hook to stub out ChefVault
|
133
|
-
#
|
134
|
-
# @param vault [String] name of the chef-vault encrypted data bag
|
135
|
-
# @param item [String] name of the chef-vault encrypted item
|
136
|
-
# @return [ChefVault::Item] ChefVault::Item object
|
137
|
-
def load_chef_bootstrap_vault_item(vault, item)
|
138
|
-
ChefVault::Item.load(vault, item)
|
139
|
-
end
|
140
|
-
|
141
|
-
public :load_chef_bootstrap_vault_item # for stubbing
|
142
|
-
|
143
|
-
# Helper to very lazily require the chef-vault gem
|
144
|
-
def require_chef_vault!
|
145
|
-
@require_chef_vault ||=
|
146
|
-
begin
|
147
|
-
error_message = "Knife bootstrap requires version 2.6.0 or higher of the chef-vault gem to configure vault items"
|
148
|
-
require "chef-vault"
|
149
|
-
if Gem::Version.new(ChefVault::VERSION) < Gem::Version.new("2.6.0")
|
150
|
-
raise error_message
|
151
|
-
end
|
152
|
-
|
153
|
-
true
|
154
|
-
rescue LoadError
|
155
|
-
raise error_message
|
156
|
-
end
|
157
|
-
end
|
158
|
-
|
159
|
-
end
|
160
|
-
end
|
161
|
-
end
|
162
|
-
end
|
@@ -1,212 +0,0 @@
|
|
1
|
-
#
|
2
|
-
# Author:: Lamont Granquist (<lamont@chef.io>)
|
3
|
-
# Copyright:: Copyright (c) Chef Software Inc.
|
4
|
-
# License:: Apache License, Version 2.0
|
5
|
-
#
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
-
# you may not use this file except in compliance with the License.
|
8
|
-
# You may obtain a copy of the License at
|
9
|
-
#
|
10
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
-
#
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
-
# See the License for the specific language governing permissions and
|
16
|
-
# limitations under the License.
|
17
|
-
#
|
18
|
-
|
19
|
-
require_relative "../../node"
|
20
|
-
require_relative "../../server_api"
|
21
|
-
require_relative "../../api_client/registration"
|
22
|
-
require_relative "../../api_client"
|
23
|
-
require "tmpdir" unless defined?(Dir.mktmpdir)
|
24
|
-
|
25
|
-
class Chef
|
26
|
-
class Knife
|
27
|
-
class Bootstrap < Knife
|
28
|
-
class ClientBuilder
|
29
|
-
|
30
|
-
# @return [Hash] knife merged config, typically @config
|
31
|
-
attr_accessor :config
|
32
|
-
# @return [Hash] chef config object
|
33
|
-
attr_accessor :chef_config
|
34
|
-
# @return [Chef::Knife::UI] ui object for output
|
35
|
-
attr_accessor :ui
|
36
|
-
# @return [Chef::ApiClient] client saved on run
|
37
|
-
attr_reader :client
|
38
|
-
|
39
|
-
# @param config [Hash] Hash of knife config settings
|
40
|
-
# @param chef_config [Hash] Hash of chef config settings
|
41
|
-
# @param ui [Chef::Knife::UI] UI object for output
|
42
|
-
def initialize(config: {}, knife_config: nil, chef_config: {}, ui: nil)
|
43
|
-
@config = config
|
44
|
-
unless knife_config.nil?
|
45
|
-
@config = knife_config
|
46
|
-
Chef.deprecated(:knife_bootstrap_apis, "The knife_config option to the Bootstrap::ClientBuilder object is deprecated and has been renamed to just 'config'")
|
47
|
-
end
|
48
|
-
@chef_config = chef_config
|
49
|
-
@ui = ui
|
50
|
-
end
|
51
|
-
|
52
|
-
# Main entry. Prompt the user to clean up any old client or node objects. Then create
|
53
|
-
# the new client, then create the new node.
|
54
|
-
def run
|
55
|
-
sanity_check
|
56
|
-
|
57
|
-
ui.info("Creating new client for #{node_name}")
|
58
|
-
|
59
|
-
@client = create_client!
|
60
|
-
|
61
|
-
ui.info("Creating new node for #{node_name}")
|
62
|
-
|
63
|
-
create_node!
|
64
|
-
end
|
65
|
-
|
66
|
-
# Tempfile to use to write newly created client credentials to.
|
67
|
-
#
|
68
|
-
# This method is public so that the knife bootstrapper can read then and pass the value into
|
69
|
-
# the handler for chef vault which needs the client cert we create here.
|
70
|
-
#
|
71
|
-
# We hang onto the tmpdir as an ivar as well so that it will not get GC'd and removed
|
72
|
-
#
|
73
|
-
# @return [String] path to the generated client.pem
|
74
|
-
def client_path
|
75
|
-
@client_path ||=
|
76
|
-
begin
|
77
|
-
@tmpdir = Dir.mktmpdir
|
78
|
-
File.join(@tmpdir, "#{node_name}.pem")
|
79
|
-
end
|
80
|
-
end
|
81
|
-
|
82
|
-
private
|
83
|
-
|
84
|
-
# @return [String] node name from the config
|
85
|
-
def node_name
|
86
|
-
config[:chef_node_name]
|
87
|
-
end
|
88
|
-
|
89
|
-
# @return [String] environment from the config
|
90
|
-
def environment
|
91
|
-
config[:environment]
|
92
|
-
end
|
93
|
-
|
94
|
-
# @return [String] run_list from the config
|
95
|
-
def run_list
|
96
|
-
config[:run_list]
|
97
|
-
end
|
98
|
-
|
99
|
-
# @return [String] policy_name from the config
|
100
|
-
def policy_name
|
101
|
-
config[:policy_name]
|
102
|
-
end
|
103
|
-
|
104
|
-
# @return [String] policy_group from the config
|
105
|
-
def policy_group
|
106
|
-
config[:policy_group]
|
107
|
-
end
|
108
|
-
|
109
|
-
# @return [Hash,Array] Object representation of json first-boot attributes from the config
|
110
|
-
def first_boot_attributes
|
111
|
-
config[:first_boot_attributes]
|
112
|
-
end
|
113
|
-
|
114
|
-
# @return [String] chef server url from the Chef::Config
|
115
|
-
def chef_server_url
|
116
|
-
chef_config[:chef_server_url]
|
117
|
-
end
|
118
|
-
|
119
|
-
# Accesses the run_list and coerces it into an Array, changing nils into
|
120
|
-
# the empty Array, and splitting strings representations of run_lists into
|
121
|
-
# Arrays.
|
122
|
-
#
|
123
|
-
# @return [Array] run_list coerced into an array
|
124
|
-
def normalized_run_list
|
125
|
-
case run_list
|
126
|
-
when nil
|
127
|
-
[]
|
128
|
-
when String
|
129
|
-
run_list.split(/\s*,\s*/)
|
130
|
-
when Array
|
131
|
-
run_list
|
132
|
-
end
|
133
|
-
end
|
134
|
-
|
135
|
-
# Create the client object and save it to the Chef API
|
136
|
-
def create_client!
|
137
|
-
Chef::ApiClient::Registration.new(node_name, client_path, http_api: rest).run
|
138
|
-
end
|
139
|
-
|
140
|
-
# Create the node object (via the lazy accessor) and save it to the Chef API
|
141
|
-
def create_node!
|
142
|
-
node.save
|
143
|
-
end
|
144
|
-
|
145
|
-
# Create a new Chef::Node. Supports creating the node with its name, run_list, attributes
|
146
|
-
# and environment. This injects a rest object into the Chef::Node which uses the client key
|
147
|
-
# for authentication so that the client creates the node and therefore we get the acls setup
|
148
|
-
# correctly.
|
149
|
-
#
|
150
|
-
# @return [Chef::Node] new chef node to create
|
151
|
-
def node
|
152
|
-
@node ||=
|
153
|
-
begin
|
154
|
-
node = Chef::Node.new(chef_server_rest: client_rest)
|
155
|
-
node.name(node_name)
|
156
|
-
node.run_list(normalized_run_list)
|
157
|
-
node.normal_attrs = first_boot_attributes if first_boot_attributes
|
158
|
-
node.environment(environment) if environment
|
159
|
-
node.policy_name = policy_name if policy_name
|
160
|
-
node.policy_group = policy_group if policy_group
|
161
|
-
(config[:tags] || []).each do |tag|
|
162
|
-
node.tags << tag
|
163
|
-
end
|
164
|
-
node
|
165
|
-
end
|
166
|
-
end
|
167
|
-
|
168
|
-
# Check for the existence of a node and/or client already on the server. If the node
|
169
|
-
# already exists, we must delete it in order to proceed so that we can create a new node
|
170
|
-
# object with the permissions of the new client. There is a use case for creating a new
|
171
|
-
# client and wiring it up to a precreated node object, but we do currently support that.
|
172
|
-
#
|
173
|
-
# We prompt the user about what to do and will fail hard if we do not get confirmation to
|
174
|
-
# delete any prior node/client objects.
|
175
|
-
def sanity_check
|
176
|
-
if resource_exists?("nodes/#{node_name}")
|
177
|
-
ui.confirm("Node #{node_name} exists, overwrite it")
|
178
|
-
rest.delete("nodes/#{node_name}")
|
179
|
-
end
|
180
|
-
if resource_exists?("clients/#{node_name}")
|
181
|
-
ui.confirm("Client #{node_name} exists, overwrite it")
|
182
|
-
rest.delete("clients/#{node_name}")
|
183
|
-
end
|
184
|
-
end
|
185
|
-
|
186
|
-
# Check if an relative path exists on the chef server
|
187
|
-
#
|
188
|
-
# @param relative_path [String] URI path relative to the chef organization
|
189
|
-
# @return [Boolean] if the relative path exists or returns a 404
|
190
|
-
def resource_exists?(relative_path)
|
191
|
-
rest.get(relative_path)
|
192
|
-
true
|
193
|
-
rescue Net::HTTPClientException => e
|
194
|
-
raise unless e.response.code == "404"
|
195
|
-
|
196
|
-
false
|
197
|
-
end
|
198
|
-
|
199
|
-
# @return [Chef::ServerAPI] REST client using the client credentials
|
200
|
-
def client_rest
|
201
|
-
@client_rest ||= Chef::ServerAPI.new(chef_server_url, client_name: node_name, signing_key_filename: client_path)
|
202
|
-
end
|
203
|
-
|
204
|
-
# @return [Chef::ServerAPI] REST client using the cli user's knife credentials
|
205
|
-
# this uses the users's credentials
|
206
|
-
def rest
|
207
|
-
@rest ||= Chef::ServerAPI.new(chef_server_url)
|
208
|
-
end
|
209
|
-
end
|
210
|
-
end
|
211
|
-
end
|
212
|
-
end
|
@@ -1,11 +0,0 @@
|
|
1
|
-
This directory contains bootstrap templates which can be used with the -d flag
|
2
|
-
to 'knife bootstrap' to install Chef in different ways. To simplify installation,
|
3
|
-
and reduce the matrix of common installation patterns to support, we have
|
4
|
-
standardized on the [Omnibus](https://github.com/chef/omnibus) built installation
|
5
|
-
packages.
|
6
|
-
|
7
|
-
The 'chef-full' template downloads a script which is used to determine the correct
|
8
|
-
Omnibus package for this system from the [Omnitruck](https://docs.chef.io/api_omnitruck/) API.
|
9
|
-
|
10
|
-
You can still utilize custom bootstrap templates on your system if your installation
|
11
|
-
needs are unique. Additional information can be found on the [docs site](https://docs.chef.io/knife_bootstrap/#custom-templates).
|