chef 16.18.0-universal-mingw32 → 17.0.242-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +9 -13
- data/README.md +1 -1
- data/Rakefile +2 -2
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +6 -8
- data/lib/chef/action_collection.rb +1 -1
- data/lib/chef/application/base.rb +1 -1
- data/lib/chef/application.rb +1 -1
- data/lib/chef/applications.rb +0 -1
- data/lib/chef/chef_fs/command_line.rb +5 -2
- data/lib/chef/chef_fs/file_system.rb +9 -10
- data/lib/chef/client.rb +5 -5
- data/lib/chef/compliance/default_attributes.rb +4 -3
- data/lib/chef/compliance/fetcher/automate.rb +0 -7
- data/lib/chef/compliance/reporter/automate.rb +17 -7
- data/lib/chef/compliance/reporter/chef_server_automate.rb +11 -6
- data/lib/chef/compliance/reporter/cli.rb +77 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +4 -0
- data/lib/chef/compliance/reporter/json_file.rb +8 -1
- data/lib/chef/compliance/runner.rb +65 -27
- data/lib/chef/cookbook/gem_installer.rb +1 -5
- data/lib/chef/cookbook/synchronizer.rb +3 -5
- data/lib/chef/cookbook_loader.rb +2 -4
- data/lib/chef/cookbook_uploader.rb +0 -1
- data/lib/chef/cookbook_version.rb +4 -26
- data/lib/chef/data_bag_item.rb +11 -2
- data/lib/chef/data_collector/run_end_message.rb +2 -2
- data/lib/chef/delayed_evaluator.rb +4 -0
- data/lib/chef/deprecated.rb +6 -12
- data/lib/chef/dsl/chef_vault.rb +6 -6
- data/lib/chef/dsl/reboot_pending.rb +1 -2
- data/lib/chef/exceptions.rb +0 -3
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +20 -22
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/group.rb +75 -0
- data/lib/chef/http.rb +5 -5
- data/lib/chef/mixin/get_source_from_package.rb +1 -1
- data/lib/chef/node/attribute.rb +9 -24
- data/lib/chef/node/immutable_collections.rb +13 -0
- data/lib/chef/node/mixin/deep_merge_cache.rb +14 -10
- data/lib/chef/node.rb +19 -20
- data/lib/chef/org.rb +3 -2
- data/lib/chef/policy_builder/policyfile.rb +0 -5
- data/lib/chef/property.rb +18 -0
- data/lib/chef/provider/cron.rb +1 -1
- data/lib/chef/provider/execute.rb +2 -1
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/git.rb +5 -7
- data/lib/chef/provider/group/dscl.rb +1 -1
- data/lib/chef/provider/group/groupadd.rb +3 -3
- data/lib/chef/provider/group/groupmod.rb +3 -3
- data/lib/chef/provider/group/pw.rb +3 -3
- data/lib/chef/provider/ifconfig.rb +2 -2
- data/lib/chef/provider/link.rb +2 -2
- data/lib/chef/provider/mount/aix.rb +3 -3
- data/lib/chef/provider/mount/mount.rb +5 -5
- data/lib/chef/provider/mount/windows.rb +1 -1
- data/lib/chef/provider/mount.rb +5 -5
- data/lib/chef/provider/package/apt.rb +27 -1
- data/lib/chef/provider/package/deb.rb +3 -3
- data/lib/chef/provider/package/dnf/dnf_helper.py +1 -1
- data/lib/chef/provider/package/portage.rb +2 -2
- data/lib/chef/provider/package/powershell.rb +0 -5
- data/lib/chef/provider/package/rubygems.rb +9 -15
- data/lib/chef/provider/package/windows.rb +2 -4
- data/lib/chef/provider/package/yum/yum_helper.py +1 -1
- data/lib/chef/provider/package.rb +17 -21
- data/lib/chef/provider/route.rb +2 -2
- data/lib/chef/provider/service/aixinit.rb +1 -1
- data/lib/chef/provider/service/debian.rb +1 -1
- data/lib/chef/provider/service/freebsd.rb +15 -21
- data/lib/chef/provider/service/macosx.rb +4 -4
- data/lib/chef/provider/service/systemd.rb +43 -14
- data/lib/chef/provider/service/upstart.rb +2 -13
- data/lib/chef/provider/service/windows.rb +12 -12
- data/lib/chef/provider/service.rb +6 -6
- data/lib/chef/provider/subversion.rb +10 -12
- data/lib/chef/provider/systemd_unit.rb +36 -10
- data/lib/chef/provider/template/content.rb +3 -7
- data/lib/chef/provider/user/dscl.rb +1 -1
- data/lib/chef/provider/user/mac.rb +17 -20
- data/lib/chef/provider/user/pw.rb +1 -1
- data/lib/chef/provider/user/windows.rb +1 -1
- data/lib/chef/provider/user.rb +2 -2
- data/lib/chef/provider/zypper_repository.rb +2 -2
- data/lib/chef/provider.rb +1 -1
- data/lib/chef/providers.rb +0 -1
- data/lib/chef/resource/alternatives.rb +6 -6
- data/lib/chef/resource/apt_package.rb +1 -1
- data/lib/chef/resource/apt_preference.rb +2 -2
- data/lib/chef/resource/apt_repository.rb +6 -6
- data/lib/chef/resource/apt_update.rb +3 -2
- data/lib/chef/resource/archive_file.rb +8 -9
- data/lib/chef/resource/breakpoint.rb +1 -1
- data/lib/chef/resource/build_essential.rb +2 -6
- data/lib/chef/resource/chef_client_config.rb +2 -2
- data/lib/chef/resource/chef_client_cron.rb +4 -4
- data/lib/chef/resource/chef_client_launchd.rb +3 -3
- data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
- data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
- data/lib/chef/resource/chef_client_trusted_certificate.rb +0 -1
- data/lib/chef/resource/chef_handler.rb +3 -7
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/chef_vault_secret.rb +3 -8
- data/lib/chef/resource/chocolatey_config.rb +2 -6
- data/lib/chef/resource/chocolatey_feature.rb +2 -6
- data/lib/chef/resource/chocolatey_source.rb +4 -10
- data/lib/chef/resource/cron/_cron_shared.rb +2 -2
- data/lib/chef/resource/cron_access.rb +2 -4
- data/lib/chef/resource/dmg_package.rb +6 -10
- data/lib/chef/resource/dpkg_package.rb +1 -1
- data/lib/chef/resource/execute.rb +6 -1
- data/lib/chef/resource/file.rb +1 -1
- data/lib/chef/resource/group.rb +2 -2
- data/lib/chef/resource/homebrew_cask.rb +5 -15
- data/lib/chef/resource/homebrew_tap.rb +2 -6
- data/lib/chef/resource/hostname.rb +21 -17
- data/lib/chef/resource/http_request.rb +1 -1
- data/lib/chef/resource/kernel_module.rb +6 -17
- data/lib/chef/resource/locale.rb +2 -3
- data/lib/chef/resource/lwrp_base.rb +4 -0
- data/lib/chef/resource/macos_userdefaults.rb +10 -14
- data/lib/chef/resource/mdadm.rb +53 -7
- data/lib/chef/resource/mount.rb +3 -2
- data/lib/chef/resource/openssl_ec_private_key.rb +2 -2
- data/lib/chef/resource/openssl_rsa_private_key.rb +1 -1
- data/lib/chef/resource/openssl_x509_certificate.rb +2 -2
- data/lib/chef/resource/plist.rb +7 -7
- data/lib/chef/resource/powershell_script.rb +1 -1
- data/lib/chef/resource/remote_file.rb +1 -1
- data/lib/chef/resource/rhsm_errata.rb +16 -1
- data/lib/chef/resource/rhsm_errata_level.rb +10 -1
- data/lib/chef/resource/rhsm_register.rb +12 -6
- data/lib/chef/resource/rhsm_repo.rb +2 -6
- data/lib/chef/resource/rhsm_subscription.rb +7 -11
- data/lib/chef/resource/scm/git.rb +1 -1
- data/lib/chef/resource/sudo.rb +6 -6
- data/lib/chef/resource/support/client.erb +2 -6
- data/lib/chef/resource/sysctl.rb +2 -6
- data/lib/chef/resource/systemd_unit.rb +3 -3
- data/lib/chef/resource/template.rb +1 -1
- data/lib/chef/resource/timezone.rb +1 -3
- data/lib/chef/resource/user/mac_user.rb +1 -1
- data/lib/chef/resource/user_ulimit.rb +2 -3
- data/lib/chef/resource/windows_ad_join.rb +2 -6
- data/lib/chef/resource/windows_audit_policy.rb +1 -1
- data/lib/chef/resource/windows_auto_run.rb +2 -5
- data/lib/chef/resource/windows_certificate.rb +207 -73
- data/lib/chef/resource/windows_dfs_folder.rb +2 -6
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -6
- data/lib/chef/resource/windows_dfs_server.rb +1 -3
- data/lib/chef/resource/windows_dns_record.rb +2 -6
- data/lib/chef/resource/windows_dns_zone.rb +2 -6
- data/lib/chef/resource/windows_env.rb +5 -4
- data/lib/chef/resource/windows_feature.rb +3 -9
- data/lib/chef/resource/windows_feature_dism.rb +2 -6
- data/lib/chef/resource/windows_feature_powershell.rb +3 -3
- data/lib/chef/resource/windows_firewall_profile.rb +4 -4
- data/lib/chef/resource/windows_firewall_rule.rb +2 -5
- data/lib/chef/resource/windows_font.rb +2 -4
- data/lib/chef/resource/windows_pagefile.rb +2 -6
- data/lib/chef/resource/windows_path.rb +2 -2
- data/lib/chef/resource/windows_printer.rb +4 -4
- data/lib/chef/resource/windows_printer_port.rb +6 -6
- data/lib/chef/resource/windows_security_policy.rb +9 -12
- data/lib/chef/resource/windows_share.rb +14 -21
- data/lib/chef/resource/windows_shortcut.rb +4 -6
- data/lib/chef/resource/windows_task.rb +17 -5
- data/lib/chef/resource/windows_uac.rb +2 -4
- data/lib/chef/resource/windows_user_privilege.rb +5 -5
- data/lib/chef/resource/windows_workgroup.rb +1 -2
- data/lib/chef/resource.rb +1 -1
- data/lib/chef/resource_reporter.rb +1 -1
- data/lib/chef/resources.rb +0 -1
- data/lib/chef/shell/ext.rb +3 -3
- data/lib/chef/user.rb +0 -1
- data/lib/chef/user_v1.rb +3 -4
- data/lib/chef/util/dsc/configuration_generator.rb +1 -0
- data/lib/chef/util/dsc/local_configuration_manager.rb +1 -1
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api.rb +2 -9
- data/lib/chef/win32/registry.rb +4 -2
- data/lib/chef/win32/version.rb +1 -2
- data/spec/data/cookbooks/openldap/libraries/openldap.rb +1 -1
- data/spec/data/lwrp/resources/bar.rb +2 -0
- data/spec/data/lwrp/resources/buck_passer.rb +1 -0
- data/spec/data/lwrp/resources/buck_passer_2.rb +1 -0
- data/spec/data/lwrp/resources/embedded_resource_accesses_providers_scope.rb +1 -0
- data/spec/data/lwrp/resources/foo.rb +2 -0
- data/spec/data/lwrp/resources/inline_compiler.rb +1 -0
- data/spec/data/lwrp/resources/monkey_name_printer.rb +1 -0
- data/spec/data/lwrp/resources/paint_drying_watcher.rb +1 -0
- data/spec/data/lwrp/resources/thumb_twiddler.rb +1 -0
- data/spec/data/lwrp/resources_with_default_attributes/nodeattr.rb +2 -0
- data/spec/data/lwrp_const_scoping/resources/conflict.rb +1 -0
- data/spec/data/lwrp_override/resources/foo.rb +1 -0
- data/spec/data/rubygems.org/nonexistent_gem-info +1 -0
- data/spec/data/rubygems.org/sexp_processor-info +49 -0
- data/spec/data/run_context/cookbooks/circular-dep1/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/circular-dep2/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/dependency1/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/dependency2/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/no-default-attr/resources/resource.rb +1 -0
- data/spec/data/run_context/cookbooks/test/resources/resource.rb +2 -0
- data/spec/data/run_context/cookbooks/test-with-circular-deps/resources/resource.rb +2 -0
- data/spec/data/run_context/cookbooks/test-with-deps/resources/resource.rb +1 -0
- data/spec/functional/dsl/registry_helper_spec.rb +1 -1
- data/spec/functional/resource/aixinit_service_spec.rb +7 -7
- data/spec/functional/resource/apt_package_spec.rb +1 -1
- data/spec/functional/resource/chocolatey_package_spec.rb +9 -0
- data/spec/functional/resource/dnf_package_spec.rb +4 -1
- data/spec/functional/resource/group_spec.rb +1 -5
- data/spec/functional/resource/link_spec.rb +0 -8
- data/spec/functional/resource/registry_spec.rb +8 -8
- data/spec/functional/resource/user/mac_user_spec.rb +2 -2
- data/spec/functional/resource/windows_certificate_spec.rb +92 -35
- data/spec/functional/version_spec.rb +1 -1
- data/spec/functional/win32/registry_spec.rb +1 -1
- data/spec/integration/client/client_spec.rb +5 -2
- data/spec/integration/client/exit_code_spec.rb +1 -1
- data/spec/integration/client/ipv6_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +1 -1
- data/spec/integration/ohai/ohai_spec.rb +7 -6
- data/spec/integration/recipes/accumulator_spec.rb +13 -1
- data/spec/integration/recipes/lwrp_inline_resources_spec.rb +5 -1
- data/spec/integration/recipes/lwrp_spec.rb +3 -1
- data/spec/integration/recipes/notifies_spec.rb +15 -1
- data/spec/integration/recipes/notifying_block_spec.rb +2 -1
- data/spec/integration/recipes/recipe_dsl_spec.rb +9 -9
- data/spec/integration/recipes/unified_mode_spec.rb +1 -1
- data/spec/integration/recipes/use_partial_spec.rb +4 -1
- data/spec/spec_helper.rb +10 -13
- data/spec/support/chef_helpers.rb +0 -16
- data/spec/support/lib/chef/resource/with_state.rb +0 -1
- data/spec/support/lib/chef/resource/zen_follower.rb +0 -1
- data/spec/support/lib/chef/resource/zen_master.rb +0 -1
- data/spec/support/matchers/leak.rb +7 -9
- data/spec/support/platform_helpers.rb +1 -8
- data/spec/support/shared/integration/integration_helper.rb +0 -1
- data/spec/support/shared/unit/script_resource.rb +2 -2
- data/spec/unit/application/solo_spec.rb +2 -2
- data/spec/unit/chef_fs/diff_spec.rb +1 -1
- data/spec/unit/chef_fs/file_system_spec.rb +1 -1
- data/spec/unit/client_spec.rb +4 -4
- data/spec/unit/compliance/fetcher/automate_spec.rb +0 -16
- data/spec/unit/compliance/reporter/automate_spec.rb +26 -2
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +20 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +1 -0
- data/spec/unit/compliance/runner_spec.rb +30 -4
- data/spec/unit/cookbook_version_spec.rb +0 -52
- data/spec/unit/data_bag_item_spec.rb +1 -6
- data/spec/unit/data_collector_spec.rb +2 -71
- data/spec/unit/dsl/reboot_pending_spec.rb +2 -2
- data/spec/unit/dsl/registry_helper_spec.rb +1 -1
- data/spec/unit/lwrp_spec.rb +1 -1
- data/spec/unit/mixin/params_validate_spec.rb +4 -3
- data/spec/unit/mixin/powershell_out_spec.rb +2 -2
- data/spec/unit/node/attribute_spec.rb +1 -1
- data/spec/unit/node_spec.rb +78 -0
- data/spec/unit/org_group_spec.rb +45 -0
- data/spec/unit/policy_builder/policyfile_spec.rb +1 -11
- data/spec/unit/property_spec.rb +23 -22
- data/spec/unit/provider/cron_spec.rb +1 -1
- data/spec/unit/provider/group/gpasswd_spec.rb +2 -2
- data/spec/unit/provider/group/groupmod_spec.rb +2 -2
- data/spec/unit/provider/group/pw_spec.rb +2 -2
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/package/apt_spec.rb +84 -18
- data/spec/unit/provider/package/deb_spec.rb +3 -3
- data/spec/unit/provider/package/powershell_spec.rb +12 -74
- data/spec/unit/provider/package/rubygems_spec.rb +18 -30
- data/spec/unit/provider/service/arch_service_spec.rb +1 -0
- data/spec/unit/provider/service/debian_service_spec.rb +1 -0
- data/spec/unit/provider/service/macosx_spec.rb +2 -2
- data/spec/unit/provider/service/systemd_service_spec.rb +138 -23
- data/spec/unit/provider/service/upstart_service_spec.rb +0 -29
- data/spec/unit/provider/service/windows_spec.rb +2 -2
- data/spec/unit/provider/subversion_spec.rb +2 -2
- data/spec/unit/provider/systemd_unit_spec.rb +79 -60
- data/spec/unit/provider/zypper_repository_spec.rb +2 -2
- data/spec/unit/provider_spec.rb +0 -8
- data/spec/unit/resource/archive_file_spec.rb +1 -13
- data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +0 -14
- data/spec/unit/resource/homebrew_cask_spec.rb +11 -29
- data/spec/unit/resource/mount_spec.rb +0 -10
- data/spec/unit/resource/powershell_script_spec.rb +2 -2
- data/spec/unit/resource/rhsm_subscription_spec.rb +3 -50
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/user_ulimit_spec.rb +1 -14
- data/spec/unit/resource/windows_task_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +2 -7
- data/spec/unit/user_spec.rb +1 -1
- data/spec/unit/user_v1_spec.rb +6 -4
- data/tasks/rspec.rb +15 -7
- metadata +19 -382
- data/bin/knife +0 -24
- data/lib/chef/application/knife.rb +0 -234
- data/lib/chef/application/windows_service.rb +0 -338
- data/lib/chef/application/windows_service_manager.rb +0 -205
- data/lib/chef/chef_fs/knife.rb +0 -160
- data/lib/chef/chef_fs/parallelizer/flatten_enumerable.rb +0 -35
- data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +0 -278
- data/lib/chef/chef_fs/parallelizer.rb +0 -102
- data/lib/chef/cookbook_site_streaming_uploader.rb +0 -244
- data/lib/chef/knife/acl_add.rb +0 -57
- data/lib/chef/knife/acl_base.rb +0 -183
- data/lib/chef/knife/acl_bulk_add.rb +0 -78
- data/lib/chef/knife/acl_bulk_remove.rb +0 -83
- data/lib/chef/knife/acl_remove.rb +0 -62
- data/lib/chef/knife/acl_show.rb +0 -56
- data/lib/chef/knife/bootstrap/chef_vault_handler.rb +0 -162
- data/lib/chef/knife/bootstrap/client_builder.rb +0 -212
- data/lib/chef/knife/bootstrap/templates/README.md +0 -11
- data/lib/chef/knife/bootstrap/templates/chef-full.erb +0 -242
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +0 -278
- data/lib/chef/knife/bootstrap/train_connector.rb +0 -336
- data/lib/chef/knife/bootstrap.rb +0 -1192
- data/lib/chef/knife/client_bulk_delete.rb +0 -104
- data/lib/chef/knife/client_create.rb +0 -101
- data/lib/chef/knife/client_delete.rb +0 -62
- data/lib/chef/knife/client_edit.rb +0 -52
- data/lib/chef/knife/client_key_create.rb +0 -73
- data/lib/chef/knife/client_key_delete.rb +0 -80
- data/lib/chef/knife/client_key_edit.rb +0 -83
- data/lib/chef/knife/client_key_list.rb +0 -73
- data/lib/chef/knife/client_key_show.rb +0 -80
- data/lib/chef/knife/client_list.rb +0 -41
- data/lib/chef/knife/client_reregister.rb +0 -58
- data/lib/chef/knife/client_show.rb +0 -48
- data/lib/chef/knife/config_get.rb +0 -39
- data/lib/chef/knife/config_get_profile.rb +0 -37
- data/lib/chef/knife/config_list.rb +0 -139
- data/lib/chef/knife/config_list_profiles.rb +0 -37
- data/lib/chef/knife/config_show.rb +0 -127
- data/lib/chef/knife/config_use.rb +0 -61
- data/lib/chef/knife/config_use_profile.rb +0 -47
- data/lib/chef/knife/configure.rb +0 -150
- data/lib/chef/knife/configure_client.rb +0 -48
- data/lib/chef/knife/cookbook_bulk_delete.rb +0 -71
- data/lib/chef/knife/cookbook_delete.rb +0 -151
- data/lib/chef/knife/cookbook_download.rb +0 -142
- data/lib/chef/knife/cookbook_list.rb +0 -47
- data/lib/chef/knife/cookbook_metadata.rb +0 -106
- data/lib/chef/knife/cookbook_metadata_from_file.rb +0 -49
- data/lib/chef/knife/cookbook_show.rb +0 -98
- data/lib/chef/knife/cookbook_upload.rb +0 -292
- data/lib/chef/knife/core/bootstrap_context.rb +0 -264
- data/lib/chef/knife/core/cookbook_scm_repo.rb +0 -159
- data/lib/chef/knife/core/formatting_options.rb +0 -49
- data/lib/chef/knife/core/gem_glob_loader.rb +0 -138
- data/lib/chef/knife/core/generic_presenter.rb +0 -232
- data/lib/chef/knife/core/hashed_command_loader.rb +0 -100
- data/lib/chef/knife/core/node_editor.rb +0 -130
- data/lib/chef/knife/core/node_presenter.rb +0 -133
- data/lib/chef/knife/core/object_loader.rb +0 -115
- data/lib/chef/knife/core/status_presenter.rb +0 -147
- data/lib/chef/knife/core/subcommand_loader.rb +0 -203
- data/lib/chef/knife/core/text_formatter.rb +0 -85
- data/lib/chef/knife/core/ui.rb +0 -338
- data/lib/chef/knife/core/windows_bootstrap_context.rb +0 -405
- data/lib/chef/knife/data_bag_create.rb +0 -81
- data/lib/chef/knife/data_bag_delete.rb +0 -49
- data/lib/chef/knife/data_bag_edit.rb +0 -74
- data/lib/chef/knife/data_bag_from_file.rb +0 -113
- data/lib/chef/knife/data_bag_list.rb +0 -42
- data/lib/chef/knife/data_bag_secret_options.rb +0 -122
- data/lib/chef/knife/data_bag_show.rb +0 -69
- data/lib/chef/knife/delete.rb +0 -125
- data/lib/chef/knife/deps.rb +0 -156
- data/lib/chef/knife/diff.rb +0 -83
- data/lib/chef/knife/download.rb +0 -84
- data/lib/chef/knife/edit.rb +0 -88
- data/lib/chef/knife/environment_compare.rb +0 -128
- data/lib/chef/knife/environment_create.rb +0 -52
- data/lib/chef/knife/environment_delete.rb +0 -44
- data/lib/chef/knife/environment_edit.rb +0 -44
- data/lib/chef/knife/environment_from_file.rb +0 -84
- data/lib/chef/knife/environment_list.rb +0 -41
- data/lib/chef/knife/environment_show.rb +0 -47
- data/lib/chef/knife/exec.rb +0 -99
- data/lib/chef/knife/group_add.rb +0 -55
- data/lib/chef/knife/group_create.rb +0 -49
- data/lib/chef/knife/group_destroy.rb +0 -53
- data/lib/chef/knife/group_list.rb +0 -43
- data/lib/chef/knife/group_remove.rb +0 -56
- data/lib/chef/knife/group_show.rb +0 -49
- data/lib/chef/knife/key_create.rb +0 -112
- data/lib/chef/knife/key_create_base.rb +0 -50
- data/lib/chef/knife/key_delete.rb +0 -55
- data/lib/chef/knife/key_edit.rb +0 -118
- data/lib/chef/knife/key_edit_base.rb +0 -55
- data/lib/chef/knife/key_list.rb +0 -90
- data/lib/chef/knife/key_list_base.rb +0 -45
- data/lib/chef/knife/key_show.rb +0 -53
- data/lib/chef/knife/list.rb +0 -177
- data/lib/chef/knife/node_bulk_delete.rb +0 -75
- data/lib/chef/knife/node_create.rb +0 -47
- data/lib/chef/knife/node_delete.rb +0 -46
- data/lib/chef/knife/node_edit.rb +0 -70
- data/lib/chef/knife/node_environment_set.rb +0 -53
- data/lib/chef/knife/node_from_file.rb +0 -51
- data/lib/chef/knife/node_list.rb +0 -44
- data/lib/chef/knife/node_policy_set.rb +0 -79
- data/lib/chef/knife/node_run_list_add.rb +0 -104
- data/lib/chef/knife/node_run_list_remove.rb +0 -67
- data/lib/chef/knife/node_run_list_set.rb +0 -66
- data/lib/chef/knife/node_show.rb +0 -63
- data/lib/chef/knife/null.rb +0 -12
- data/lib/chef/knife/raw.rb +0 -123
- data/lib/chef/knife/recipe_list.rb +0 -32
- data/lib/chef/knife/rehash.rb +0 -50
- data/lib/chef/knife/role_bulk_delete.rb +0 -66
- data/lib/chef/knife/role_create.rb +0 -53
- data/lib/chef/knife/role_delete.rb +0 -46
- data/lib/chef/knife/role_edit.rb +0 -45
- data/lib/chef/knife/role_env_run_list_add.rb +0 -87
- data/lib/chef/knife/role_env_run_list_clear.rb +0 -55
- data/lib/chef/knife/role_env_run_list_remove.rb +0 -57
- data/lib/chef/knife/role_env_run_list_replace.rb +0 -60
- data/lib/chef/knife/role_env_run_list_set.rb +0 -70
- data/lib/chef/knife/role_from_file.rb +0 -51
- data/lib/chef/knife/role_list.rb +0 -42
- data/lib/chef/knife/role_run_list_add.rb +0 -87
- data/lib/chef/knife/role_run_list_clear.rb +0 -55
- data/lib/chef/knife/role_run_list_remove.rb +0 -56
- data/lib/chef/knife/role_run_list_replace.rb +0 -60
- data/lib/chef/knife/role_run_list_set.rb +0 -69
- data/lib/chef/knife/role_show.rb +0 -48
- data/lib/chef/knife/search.rb +0 -194
- data/lib/chef/knife/serve.rb +0 -65
- data/lib/chef/knife/show.rb +0 -72
- data/lib/chef/knife/ssh.rb +0 -645
- data/lib/chef/knife/ssl_check.rb +0 -284
- data/lib/chef/knife/ssl_fetch.rb +0 -161
- data/lib/chef/knife/status.rb +0 -95
- data/lib/chef/knife/supermarket_download.rb +0 -121
- data/lib/chef/knife/supermarket_install.rb +0 -192
- data/lib/chef/knife/supermarket_list.rb +0 -76
- data/lib/chef/knife/supermarket_search.rb +0 -53
- data/lib/chef/knife/supermarket_share.rb +0 -166
- data/lib/chef/knife/supermarket_show.rb +0 -66
- data/lib/chef/knife/supermarket_unshare.rb +0 -61
- data/lib/chef/knife/tag_create.rb +0 -52
- data/lib/chef/knife/tag_delete.rb +0 -60
- data/lib/chef/knife/tag_list.rb +0 -47
- data/lib/chef/knife/upload.rb +0 -86
- data/lib/chef/knife/user_create.rb +0 -107
- data/lib/chef/knife/user_delete.rb +0 -44
- data/lib/chef/knife/user_dissociate.rb +0 -42
- data/lib/chef/knife/user_edit.rb +0 -52
- data/lib/chef/knife/user_invite_add.rb +0 -43
- data/lib/chef/knife/user_invite_list.rb +0 -34
- data/lib/chef/knife/user_invite_rescind.rb +0 -63
- data/lib/chef/knife/user_key_create.rb +0 -73
- data/lib/chef/knife/user_key_delete.rb +0 -80
- data/lib/chef/knife/user_key_edit.rb +0 -83
- data/lib/chef/knife/user_key_list.rb +0 -73
- data/lib/chef/knife/user_key_show.rb +0 -80
- data/lib/chef/knife/user_list.rb +0 -42
- data/lib/chef/knife/user_reregister.rb +0 -59
- data/lib/chef/knife/user_show.rb +0 -48
- data/lib/chef/knife/xargs.rb +0 -282
- data/lib/chef/knife/yaml_convert.rb +0 -91
- data/lib/chef/knife.rb +0 -665
- data/lib/chef/resource/user/dscl_user.rb +0 -35
- data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
- data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
- data/spec/data/knife_subcommand/test_explicit_category.rb +0 -7
- data/spec/data/knife_subcommand/test_name_mapping.rb +0 -4
- data/spec/data/knife_subcommand/test_yourself.rb +0 -21
- data/spec/functional/knife/configure_spec.rb +0 -33
- data/spec/functional/knife/cookbook_delete_spec.rb +0 -156
- data/spec/functional/knife/exec_spec.rb +0 -55
- data/spec/functional/knife/rehash_spec.rb +0 -39
- data/spec/functional/knife/smoke_test.rb +0 -42
- data/spec/functional/knife/ssh_spec.rb +0 -352
- data/spec/functional/resource/user/dscl_spec.rb +0 -188
- data/spec/functional/resource/windows_service_spec.rb +0 -105
- data/spec/functional/win32/service_manager_spec.rb +0 -220
- data/spec/integration/knife/chef_fs_data_store_spec.rb +0 -557
- data/spec/integration/knife/chef_repo_path_spec.rb +0 -962
- data/spec/integration/knife/chef_repository_file_system_spec.rb +0 -200
- data/spec/integration/knife/chefignore_spec.rb +0 -301
- data/spec/integration/knife/client_bulk_delete_spec.rb +0 -131
- data/spec/integration/knife/client_create_spec.rb +0 -70
- data/spec/integration/knife/client_delete_spec.rb +0 -64
- data/spec/integration/knife/client_key_create_spec.rb +0 -66
- data/spec/integration/knife/client_key_delete_spec.rb +0 -43
- data/spec/integration/knife/client_key_list_spec.rb +0 -61
- data/spec/integration/knife/client_key_show_spec.rb +0 -45
- data/spec/integration/knife/client_list_spec.rb +0 -49
- data/spec/integration/knife/client_show_spec.rb +0 -37
- data/spec/integration/knife/common_options_spec.rb +0 -174
- data/spec/integration/knife/config_list_spec.rb +0 -220
- data/spec/integration/knife/config_show_spec.rb +0 -192
- data/spec/integration/knife/config_use_spec.rb +0 -198
- data/spec/integration/knife/cookbook_api_ipv6_spec.rb +0 -113
- data/spec/integration/knife/cookbook_bulk_delete_spec.rb +0 -65
- data/spec/integration/knife/cookbook_download_spec.rb +0 -72
- data/spec/integration/knife/cookbook_list_spec.rb +0 -55
- data/spec/integration/knife/cookbook_show_spec.rb +0 -149
- data/spec/integration/knife/cookbook_upload_spec.rb +0 -128
- data/spec/integration/knife/data_bag_create_spec.rb +0 -125
- data/spec/integration/knife/data_bag_delete_spec.rb +0 -59
- data/spec/integration/knife/data_bag_edit_spec.rb +0 -105
- data/spec/integration/knife/data_bag_from_file_spec.rb +0 -116
- data/spec/integration/knife/data_bag_list_spec.rb +0 -44
- data/spec/integration/knife/data_bag_show_spec.rb +0 -95
- data/spec/integration/knife/delete_spec.rb +0 -1018
- data/spec/integration/knife/deps_spec.rb +0 -703
- data/spec/integration/knife/diff_spec.rb +0 -605
- data/spec/integration/knife/download_spec.rb +0 -1336
- data/spec/integration/knife/environment_compare_spec.rb +0 -75
- data/spec/integration/knife/environment_create_spec.rb +0 -41
- data/spec/integration/knife/environment_delete_spec.rb +0 -37
- data/spec/integration/knife/environment_from_file_spec.rb +0 -116
- data/spec/integration/knife/environment_list_spec.rb +0 -42
- data/spec/integration/knife/environment_show_spec.rb +0 -77
- data/spec/integration/knife/list_spec.rb +0 -1060
- data/spec/integration/knife/node_bulk_delete_spec.rb +0 -52
- data/spec/integration/knife/node_create_spec.rb +0 -47
- data/spec/integration/knife/node_delete_spec.rb +0 -48
- data/spec/integration/knife/node_environment_set_spec.rb +0 -46
- data/spec/integration/knife/node_from_file_spec.rb +0 -59
- data/spec/integration/knife/node_list_spec.rb +0 -45
- data/spec/integration/knife/node_run_list_add_spec.rb +0 -54
- data/spec/integration/knife/node_run_list_remove_spec.rb +0 -36
- data/spec/integration/knife/node_run_list_set_spec.rb +0 -41
- data/spec/integration/knife/node_show_spec.rb +0 -36
- data/spec/integration/knife/raw_spec.rb +0 -297
- data/spec/integration/knife/redirection_spec.rb +0 -64
- data/spec/integration/knife/role_bulk_delete_spec.rb +0 -52
- data/spec/integration/knife/role_create_spec.rb +0 -41
- data/spec/integration/knife/role_delete_spec.rb +0 -48
- data/spec/integration/knife/role_from_file_spec.rb +0 -96
- data/spec/integration/knife/role_list_spec.rb +0 -45
- data/spec/integration/knife/role_show_spec.rb +0 -51
- data/spec/integration/knife/search_node_spec.rb +0 -40
- data/spec/integration/knife/serve_spec.rb +0 -92
- data/spec/integration/knife/show_spec.rb +0 -197
- data/spec/integration/knife/upload_spec.rb +0 -1616
- data/spec/support/shared/functional/knife.rb +0 -37
- data/spec/support/shared/functional/win32_service.rb +0 -57
- data/spec/support/shared/integration/knife_support.rb +0 -192
- data/spec/support/shared/unit/knife_shared.rb +0 -39
- data/spec/unit/application/knife_spec.rb +0 -241
- data/spec/unit/chef_fs/parallelizer_spec.rb +0 -479
- data/spec/unit/cookbook_site_streaming_uploader_spec.rb +0 -198
- data/spec/unit/knife/bootstrap/chef_vault_handler_spec.rb +0 -152
- data/spec/unit/knife/bootstrap/client_builder_spec.rb +0 -207
- data/spec/unit/knife/bootstrap/train_connector_spec.rb +0 -244
- data/spec/unit/knife/bootstrap_spec.rb +0 -2220
- data/spec/unit/knife/client_bulk_delete_spec.rb +0 -166
- data/spec/unit/knife/client_create_spec.rb +0 -169
- data/spec/unit/knife/client_delete_spec.rb +0 -99
- data/spec/unit/knife/client_edit_spec.rb +0 -53
- data/spec/unit/knife/client_list_spec.rb +0 -34
- data/spec/unit/knife/client_reregister_spec.rb +0 -62
- data/spec/unit/knife/client_show_spec.rb +0 -52
- data/spec/unit/knife/configure_client_spec.rb +0 -81
- data/spec/unit/knife/configure_spec.rb +0 -190
- data/spec/unit/knife/cookbook_bulk_delete_spec.rb +0 -87
- data/spec/unit/knife/cookbook_delete_spec.rb +0 -239
- data/spec/unit/knife/cookbook_download_spec.rb +0 -255
- data/spec/unit/knife/cookbook_list_spec.rb +0 -88
- data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +0 -72
- data/spec/unit/knife/cookbook_metadata_spec.rb +0 -182
- data/spec/unit/knife/cookbook_show_spec.rb +0 -253
- data/spec/unit/knife/cookbook_upload_spec.rb +0 -364
- data/spec/unit/knife/core/bootstrap_context_spec.rb +0 -287
- data/spec/unit/knife/core/cookbook_scm_repo_spec.rb +0 -187
- data/spec/unit/knife/core/gem_glob_loader_spec.rb +0 -209
- data/spec/unit/knife/core/hashed_command_loader_spec.rb +0 -112
- data/spec/unit/knife/core/node_editor_spec.rb +0 -211
- data/spec/unit/knife/core/object_loader_spec.rb +0 -81
- data/spec/unit/knife/core/status_presenter_spec.rb +0 -54
- data/spec/unit/knife/core/subcommand_loader_spec.rb +0 -64
- data/spec/unit/knife/core/ui_spec.rb +0 -656
- data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +0 -238
- data/spec/unit/knife/data_bag_create_spec.rb +0 -175
- data/spec/unit/knife/data_bag_edit_spec.rb +0 -126
- data/spec/unit/knife/data_bag_from_file_spec.rb +0 -174
- data/spec/unit/knife/data_bag_secret_options_spec.rb +0 -173
- data/spec/unit/knife/data_bag_show_spec.rb +0 -139
- data/spec/unit/knife/environment_compare_spec.rb +0 -112
- data/spec/unit/knife/environment_create_spec.rb +0 -91
- data/spec/unit/knife/environment_delete_spec.rb +0 -71
- data/spec/unit/knife/environment_edit_spec.rb +0 -79
- data/spec/unit/knife/environment_from_file_spec.rb +0 -90
- data/spec/unit/knife/environment_list_spec.rb +0 -54
- data/spec/unit/knife/environment_show_spec.rb +0 -52
- data/spec/unit/knife/key_create_spec.rb +0 -223
- data/spec/unit/knife/key_delete_spec.rb +0 -133
- data/spec/unit/knife/key_edit_spec.rb +0 -264
- data/spec/unit/knife/key_helper.rb +0 -74
- data/spec/unit/knife/key_list_spec.rb +0 -216
- data/spec/unit/knife/key_show_spec.rb +0 -126
- data/spec/unit/knife/node_bulk_delete_spec.rb +0 -94
- data/spec/unit/knife/node_delete_spec.rb +0 -77
- data/spec/unit/knife/node_edit_spec.rb +0 -116
- data/spec/unit/knife/node_environment_set_spec.rb +0 -61
- data/spec/unit/knife/node_from_file_spec.rb +0 -59
- data/spec/unit/knife/node_list_spec.rb +0 -62
- data/spec/unit/knife/node_policy_set_spec.rb +0 -122
- data/spec/unit/knife/node_run_list_add_spec.rb +0 -145
- data/spec/unit/knife/node_run_list_remove_spec.rb +0 -106
- data/spec/unit/knife/node_run_list_set_spec.rb +0 -115
- data/spec/unit/knife/node_show_spec.rb +0 -65
- data/spec/unit/knife/raw_spec.rb +0 -43
- data/spec/unit/knife/role_bulk_delete_spec.rb +0 -80
- data/spec/unit/knife/role_create_spec.rb +0 -80
- data/spec/unit/knife/role_delete_spec.rb +0 -67
- data/spec/unit/knife/role_edit_spec.rb +0 -77
- data/spec/unit/knife/role_env_run_list_add_spec.rb +0 -217
- data/spec/unit/knife/role_env_run_list_clear_spec.rb +0 -94
- data/spec/unit/knife/role_env_run_list_remove_spec.rb +0 -102
- data/spec/unit/knife/role_env_run_list_replace_spec.rb +0 -105
- data/spec/unit/knife/role_env_run_list_set_spec.rb +0 -99
- data/spec/unit/knife/role_from_file_spec.rb +0 -69
- data/spec/unit/knife/role_list_spec.rb +0 -54
- data/spec/unit/knife/role_run_list_add_spec.rb +0 -179
- data/spec/unit/knife/role_run_list_clear_spec.rb +0 -84
- data/spec/unit/knife/role_run_list_remove_spec.rb +0 -92
- data/spec/unit/knife/role_run_list_replace_spec.rb +0 -98
- data/spec/unit/knife/role_run_list_set_spec.rb +0 -89
- data/spec/unit/knife/role_show_spec.rb +0 -59
- data/spec/unit/knife/ssh_spec.rb +0 -403
- data/spec/unit/knife/ssl_check_spec.rb +0 -256
- data/spec/unit/knife/ssl_fetch_spec.rb +0 -222
- data/spec/unit/knife/status_spec.rb +0 -112
- data/spec/unit/knife/supermarket_download_spec.rb +0 -152
- data/spec/unit/knife/supermarket_install_spec.rb +0 -202
- data/spec/unit/knife/supermarket_list_spec.rb +0 -70
- data/spec/unit/knife/supermarket_search_spec.rb +0 -85
- data/spec/unit/knife/supermarket_share_spec.rb +0 -208
- data/spec/unit/knife/supermarket_unshare_spec.rb +0 -78
- data/spec/unit/knife/tag_create_spec.rb +0 -23
- data/spec/unit/knife/tag_delete_spec.rb +0 -25
- data/spec/unit/knife/tag_list_spec.rb +0 -23
- data/spec/unit/knife/user_create_spec.rb +0 -184
- data/spec/unit/knife/user_delete_spec.rb +0 -46
- data/spec/unit/knife/user_edit_spec.rb +0 -48
- data/spec/unit/knife/user_list_spec.rb +0 -36
- data/spec/unit/knife/user_reregister_spec.rb +0 -56
- data/spec/unit/knife/user_show_spec.rb +0 -46
- data/spec/unit/knife_spec.rb +0 -634
- data/spec/unit/provider/user/dscl_spec.rb +0 -699
- data/spec/unit/windows_service_spec.rb +0 -118
@@ -19,6 +19,7 @@
|
|
19
19
|
|
20
20
|
require_relative "../util/path_helper"
|
21
21
|
require_relative "../resource"
|
22
|
+
require_relative "../exceptions"
|
22
23
|
module Win32
|
23
24
|
autoload :Certstore, "win32-certstore" if Chef::Platform.windows?
|
24
25
|
end
|
@@ -62,11 +63,11 @@ class Chef
|
|
62
63
|
DOC
|
63
64
|
|
64
65
|
property :source, String,
|
65
|
-
description: "The source file (for create and acl_add), thumbprint (for delete and acl_add) or subject (for delete) if it differs from the resource block's name.",
|
66
|
+
description: "The source file (for `create` and `acl_add`), thumbprint (for `delete`, `export`, and `acl_add`), or subject (for `delete` or `export`) if it differs from the resource block's name.",
|
66
67
|
name_property: true
|
67
68
|
|
68
69
|
property :pfx_password, String,
|
69
|
-
description: "The password to access the
|
70
|
+
description: "The password to access the object with if it is a PFX file."
|
70
71
|
|
71
72
|
property :private_key_acl, Array,
|
72
73
|
description: "An array of 'domain\\account' entries to be granted read-only access to the certificate's private key. Not idempotent."
|
@@ -79,8 +80,7 @@ class Chef
|
|
79
80
|
description: "Use the `CurrentUser` store instead of the default `LocalMachine` store. Note: Prior to #{ChefUtils::Dist::Infra::CLIENT}. 16.10 this property was ignored.",
|
80
81
|
default: false
|
81
82
|
|
82
|
-
|
83
|
-
description: "The path to the certificate."
|
83
|
+
deprecated_property_alias :cert_path, :output_path, "The cert_path property was renamed output_path in the 17.0 release of #{ChefUtils::Dist::Infra::CLIENT}. Please update your cookbooks to use the new property name."
|
84
84
|
|
85
85
|
# lazy used to set default value of sensitive to true if password is set
|
86
86
|
property :sensitive, [TrueClass, FalseClass],
|
@@ -92,19 +92,20 @@ class Chef
|
|
92
92
|
default: false,
|
93
93
|
introduced: "16.8"
|
94
94
|
|
95
|
-
|
96
|
-
description "
|
95
|
+
property :output_path, String,
|
96
|
+
description: "A path on the node where a certificate object (PFX, PEM, CER, KEY, etc) can be exported to.",
|
97
|
+
introduced: "17.0"
|
97
98
|
|
98
|
-
|
99
|
-
ext =
|
99
|
+
action :create, description: "Creates or updates a certificate." do
|
100
|
+
ext = get_file_extension(new_resource.source)
|
100
101
|
|
101
102
|
# PFX certificates contains private keys and we import them with some other approach
|
102
|
-
import_certificates(fetch_cert_object(ext), (ext == ".pfx"))
|
103
|
+
# import_certificates(fetch_cert_object(ext), (ext == ".pfx"))
|
104
|
+
import_certificates(fetch_cert_object_from_file(ext), (ext == ".pfx"))
|
103
105
|
end
|
104
106
|
|
105
107
|
# acl_add is a modify-if-exists operation : not idempotent
|
106
|
-
action :acl_add do
|
107
|
-
description "Adds read-only entries to a certificate's private key ACL."
|
108
|
+
action :acl_add, description: "Adds read-only entries to a certificate's private key ACL." do
|
108
109
|
|
109
110
|
if ::File.exist?(new_resource.source)
|
110
111
|
hash = "$cert.GetCertHashString()"
|
@@ -127,9 +128,9 @@ class Chef
|
|
127
128
|
end
|
128
129
|
end
|
129
130
|
|
130
|
-
action :delete do
|
131
|
-
description "Deletes a certificate."
|
131
|
+
action :delete, description: "Deletes a certificate." do
|
132
132
|
cert_obj = fetch_cert
|
133
|
+
|
133
134
|
if cert_obj
|
134
135
|
converge_by("Deleting certificate #{new_resource.source} from Store #{new_resource.store_name}") do
|
135
136
|
delete_cert
|
@@ -139,20 +140,27 @@ class Chef
|
|
139
140
|
end
|
140
141
|
end
|
141
142
|
|
142
|
-
action :fetch do
|
143
|
-
|
143
|
+
action :fetch, description: "Fetches a certificate." do
|
144
|
+
unless new_resource.output_path
|
145
|
+
raise Chef::Exceptions::ResourceNotFound, "You must include an output_path parameter when calling the fetch action"
|
146
|
+
end
|
147
|
+
|
148
|
+
if ::File.extname(new_resource.output_path) == ".pfx"
|
149
|
+
powershell_exec!(pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_resource.output_path, password: new_resource.pfx_password ))
|
150
|
+
else
|
151
|
+
cert_obj = fetch_cert
|
152
|
+
end
|
144
153
|
|
145
|
-
cert_obj = fetch_cert
|
146
154
|
if cert_obj
|
147
|
-
|
155
|
+
converge_by("Fetching certificate #{new_resource.source} from Store \\#{ps_cert_location}\\#{new_resource.store_name}") do
|
156
|
+
export_cert(cert_obj, output_path: new_resource.output_path, store_name: new_resource.store_name , store_location: ps_cert_location, pfx_password: new_resource.pfx_password)
|
157
|
+
end
|
148
158
|
else
|
149
159
|
Chef::Log.debug("Certificate not found")
|
150
160
|
end
|
151
161
|
end
|
152
162
|
|
153
|
-
action :verify do
|
154
|
-
description ""
|
155
|
-
|
163
|
+
action :verify, description: "Verifies a certificate and logs the result" do
|
156
164
|
out = verify_cert
|
157
165
|
if !!out == out
|
158
166
|
out = out ? "Certificate is valid" : "Certificate not valid"
|
@@ -161,6 +169,7 @@ class Chef
|
|
161
169
|
end
|
162
170
|
|
163
171
|
action_class do
|
172
|
+
@local_pfx_path = ""
|
164
173
|
|
165
174
|
CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x00020000
|
166
175
|
CERT_SYSTEM_STORE_CURRENT_USER = 0x00010000
|
@@ -170,10 +179,10 @@ class Chef
|
|
170
179
|
store.add(cert_obj)
|
171
180
|
end
|
172
181
|
|
173
|
-
def add_pfx_cert
|
182
|
+
def add_pfx_cert(path)
|
174
183
|
exportable = new_resource.exportable ? 1 : 0
|
175
184
|
store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
|
176
|
-
store.add_pfx(
|
185
|
+
store.add_pfx(path, new_resource.pfx_password, exportable)
|
177
186
|
end
|
178
187
|
|
179
188
|
def delete_cert
|
@@ -183,12 +192,66 @@ class Chef
|
|
183
192
|
|
184
193
|
def fetch_cert
|
185
194
|
store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
|
186
|
-
|
195
|
+
if new_resource.output_path && ::File.extname(new_resource.output_path) == ".key"
|
196
|
+
fetch_key
|
197
|
+
|
198
|
+
else
|
199
|
+
store.get(resolve_thumbprint(new_resource.source), store_name: new_resource.store_name, store_location: native_cert_location)
|
200
|
+
end
|
201
|
+
end
|
202
|
+
|
203
|
+
def fetch_key
|
204
|
+
require "openssl" unless defined?(OpenSSL)
|
205
|
+
file_name = ::File.basename(new_resource.output_path, ::File.extname(new_resource.output_path))
|
206
|
+
directory = ::File.dirname(new_resource.output_path)
|
207
|
+
pfx_file = file_name + ".pfx"
|
208
|
+
new_pfx_output_path = ::File.join(Chef::FileCache.create_cache_path("pfx_files"), pfx_file)
|
209
|
+
powershell_exec(pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: ps_cert_location, store_name: new_resource.store_name, output_path: new_pfx_output_path, password: new_resource.pfx_password ))
|
210
|
+
pkcs12 = OpenSSL::PKCS12.new(::File.binread(new_pfx_output_path), new_resource.pfx_password)
|
211
|
+
f = ::File.open(new_resource.output_path, "w")
|
212
|
+
f.write(pkcs12.key.to_s)
|
213
|
+
f.flush
|
214
|
+
f.close
|
215
|
+
end
|
216
|
+
|
217
|
+
def get_file_extension(file_name)
|
218
|
+
if is_file?(file_name)
|
219
|
+
::File.extname(file_name)
|
220
|
+
elsif is_url?(file_name)
|
221
|
+
require "open-uri" unless defined?(OpenURI)
|
222
|
+
uri = URI.parse(file_name)
|
223
|
+
output_file = ::File.basename(uri.path)
|
224
|
+
::File.extname(output_file)
|
225
|
+
end
|
226
|
+
end
|
227
|
+
|
228
|
+
def get_file_name(path_name)
|
229
|
+
if is_file?(path_name)
|
230
|
+
::File.extname(path_name)
|
231
|
+
elsif is_url?(path_name)
|
232
|
+
require "open-uri" unless defined?(OpenURI)
|
233
|
+
uri = URI.parse(path_name)
|
234
|
+
::File.basename(uri.path)
|
235
|
+
end
|
236
|
+
end
|
237
|
+
|
238
|
+
def is_url?(source)
|
239
|
+
require "uri" unless defined?(URI)
|
240
|
+
uri = URI.parse(source)
|
241
|
+
uri.is_a?(URI::HTTP) || uri.is_a?(URI::HTTPS)
|
242
|
+
end
|
243
|
+
|
244
|
+
def is_file?(source)
|
245
|
+
::File.file?(source)
|
246
|
+
end
|
247
|
+
|
248
|
+
def is_file?(source)
|
249
|
+
::File.file?(source)
|
187
250
|
end
|
188
251
|
|
189
252
|
# Thumbprints should be exactly 40 Hex characters
|
190
253
|
def valid_thumbprint?(string)
|
191
|
-
string.
|
254
|
+
string.match?(/[0-9A-Fa-f]/) && string.length == 40
|
192
255
|
end
|
193
256
|
|
194
257
|
def get_thumbprint(store_name, location, source)
|
@@ -213,53 +276,27 @@ class Chef
|
|
213
276
|
|
214
277
|
def verify_cert(thumbprint = new_resource.source)
|
215
278
|
store = ::Win32::Certstore.open(new_resource.store_name, store_location: native_cert_location)
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
def show_or_store_cert(cert_obj)
|
220
|
-
if new_resource.cert_path
|
221
|
-
export_cert(cert_obj, new_resource.cert_path)
|
222
|
-
if ::File.size(new_resource.cert_path) > 0
|
223
|
-
Chef::Log.info("Certificate export in #{new_resource.cert_path}")
|
224
|
-
else
|
225
|
-
::File.delete(new_resource.cert_path)
|
226
|
-
end
|
279
|
+
if new_resource.pfx_password.nil?
|
280
|
+
store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name )
|
227
281
|
else
|
228
|
-
|
282
|
+
store.valid?(resolve_thumbprint(thumbprint), store_location: native_cert_location, store_name: new_resource.store_name)
|
229
283
|
end
|
230
284
|
end
|
231
285
|
|
232
|
-
def export_cert(cert_obj, cert_path)
|
233
|
-
out_file = ::File.new(cert_path, "w+")
|
234
|
-
case ::File.extname(cert_path)
|
235
|
-
when ".pem"
|
236
|
-
out_file.puts(cert_obj.to_pem)
|
237
|
-
when ".der"
|
238
|
-
out_file.puts(cert_obj.to_der)
|
239
|
-
when ".cer"
|
240
|
-
cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
|
241
|
-
out_file.puts(cert_out)
|
242
|
-
when ".crt"
|
243
|
-
cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CRT").stdout
|
244
|
-
out_file.puts(cert_out)
|
245
|
-
when ".pfx"
|
246
|
-
cert_out = shell_out("openssl pkcs12 -export -nokeys -in #{cert_obj.to_pem} -outform PFX").stdout
|
247
|
-
out_file.puts(cert_out)
|
248
|
-
when ".p7b"
|
249
|
-
cert_out = shell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
|
250
|
-
out_file.puts(cert_out)
|
251
|
-
else
|
252
|
-
Chef::Log.info("Supported certificate format .pem, .der, .cer, .crt, .pfx and .p7b")
|
253
|
-
end
|
254
|
-
out_file.close
|
255
|
-
end
|
256
|
-
|
257
286
|
# this array structure is solving 2 problems. The first is that we need to have support for both the CurrentUser AND LocalMachine stores
|
258
287
|
# Secondly, we need to pass the proper constant name for each store to win32-certstore but also pass the short name to powershell scripts used here
|
259
288
|
def ps_cert_location
|
260
289
|
new_resource.user_store ? "CurrentUser" : "LocalMachine"
|
261
290
|
end
|
262
291
|
|
292
|
+
def pfx_ps_cmd(thumbprint, store_location: "LocalMachine", store_name: "My", output_path:, password: )
|
293
|
+
<<-CMD
|
294
|
+
$my_pwd = ConvertTo-SecureString -String "#{password}" -Force -AsPlainText
|
295
|
+
$cert = Get-ChildItem -path cert:\\#{store_location}\\#{store_name} -Recurse | Where { $_.Thumbprint -eq "#{thumbprint.upcase}" }
|
296
|
+
Export-PfxCertificate -Cert $cert -FilePath "#{output_path}" -Password $my_pwd
|
297
|
+
CMD
|
298
|
+
end
|
299
|
+
|
263
300
|
def native_cert_location
|
264
301
|
new_resource.user_store ? CERT_SYSTEM_STORE_CURRENT_USER : CERT_SYSTEM_STORE_LOCAL_MACHINE
|
265
302
|
end
|
@@ -338,8 +375,50 @@ class Chef
|
|
338
375
|
#
|
339
376
|
# @raise [OpenSSL::PKCS12::PKCS12Error] When incorrect password is provided for PFX certificate
|
340
377
|
#
|
341
|
-
|
342
|
-
|
378
|
+
|
379
|
+
def fetch_cert_object_from_file(ext)
|
380
|
+
if is_file?(new_resource.source)
|
381
|
+
begin
|
382
|
+
::File.exist?(new_resource.source)
|
383
|
+
contents = ::File.binread(new_resource.source)
|
384
|
+
rescue => exception
|
385
|
+
message = "Unable to load the certificate object from the specified local path : #{new_resource.source}\n"
|
386
|
+
message << exception.message
|
387
|
+
raise Chef::Exceptions::FileNotFound, message
|
388
|
+
end
|
389
|
+
elsif is_url?(new_resource.source)
|
390
|
+
require "uri" unless defined?(URI)
|
391
|
+
uri = URI(new_resource.source)
|
392
|
+
state = uri.is_a?(URI::HTTP) && !uri.host.nil? ? true : false
|
393
|
+
if state
|
394
|
+
begin
|
395
|
+
output_file_name = get_file_name(new_resource.source)
|
396
|
+
unless Dir.exist?(Chef::Config[:file_cache_path])
|
397
|
+
Dir.mkdir(Chef::Config[:file_cache_path])
|
398
|
+
end
|
399
|
+
local_path = ::File.join(Chef::Config[:file_cache_path], output_file_name)
|
400
|
+
@local_pfx_path = local_path
|
401
|
+
::File.open(local_path, "wb") do |file|
|
402
|
+
file.write URI.open(new_resource.source).read
|
403
|
+
end
|
404
|
+
rescue => exception
|
405
|
+
message = "Not Able to Download Certificate Object at the URL specified : #{new_resource.source}\n"
|
406
|
+
message << exception.message
|
407
|
+
raise Chef::Exceptions::FileNotFound, message
|
408
|
+
end
|
409
|
+
|
410
|
+
contents = ::File.binread(local_path)
|
411
|
+
|
412
|
+
else
|
413
|
+
message = "Not Able to Download Certificate Object at the URL specified : #{new_resource.source}\n"
|
414
|
+
message << exception.message
|
415
|
+
raise Chef::Exceptions::InvalidRemoteFileURI, message
|
416
|
+
end
|
417
|
+
else
|
418
|
+
message = "You passed an invalid file or url to import. Please check the spelling and try again."
|
419
|
+
message << exception.message
|
420
|
+
raise Chef::Exceptions::ArgumentError, message
|
421
|
+
end
|
343
422
|
|
344
423
|
case ext
|
345
424
|
when ".pfx"
|
@@ -356,24 +435,79 @@ class Chef
|
|
356
435
|
end
|
357
436
|
end
|
358
437
|
|
438
|
+
def export_cert(cert_obj, output_path:, store_name:, store_location:, pfx_password:)
|
439
|
+
# Delete the cert if it exists. This is non-destructive in that it only removes the file and not the entire path.
|
440
|
+
# We want to ensure we're not randomly loading an old stinky cert.
|
441
|
+
if ::File.exists?(output_path)
|
442
|
+
::File.delete(output_path)
|
443
|
+
end
|
444
|
+
|
445
|
+
unless ::File.directory?(::File.dirname(output_path))
|
446
|
+
FileUtils.mkdir_p(::File.dirname(output_path))
|
447
|
+
end
|
448
|
+
|
449
|
+
out_file = ::File.new(output_path, "w+")
|
450
|
+
|
451
|
+
case ::File.extname(output_path)
|
452
|
+
when ".pem"
|
453
|
+
out_file.puts(cert_obj)
|
454
|
+
when ".der"
|
455
|
+
out_file.puts(cert_obj.to_der)
|
456
|
+
when ".cer"
|
457
|
+
cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
|
458
|
+
out_file.puts(cert_out)
|
459
|
+
when ".crt"
|
460
|
+
cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj} -outform CRT").stdout
|
461
|
+
out_file.puts(cert_out)
|
462
|
+
when ".pfx"
|
463
|
+
pfx_ps_cmd(resolve_thumbprint(new_resource.source), store_location: store_location, store_name: store_name, output_path: output_path, password: pfx_password )
|
464
|
+
when ".p7b"
|
465
|
+
cert_out = shell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
|
466
|
+
out_file.puts(cert_out)
|
467
|
+
when ".key"
|
468
|
+
out_file.puts(cert_obj)
|
469
|
+
else
|
470
|
+
Chef::Log.info("Supported certificate format .pem, .der, .cer, .crt, and .p7b")
|
471
|
+
end
|
472
|
+
|
473
|
+
out_file.close
|
474
|
+
end
|
475
|
+
|
359
476
|
# Imports the certificate object into cert store
|
360
477
|
#
|
361
478
|
# @param cert_objs [OpenSSL::X509::Certificate] Object containing certificate's attributes
|
362
479
|
#
|
363
480
|
# @param is_pfx [Boolean] true if we want to import a PFX certificate
|
364
481
|
#
|
365
|
-
def import_certificates(cert_objs, is_pfx)
|
482
|
+
def import_certificates(cert_objs, is_pfx, store_name: new_resource.store_name, store_location: native_cert_location)
|
366
483
|
[cert_objs].flatten.each do |cert_obj|
|
367
|
-
thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s
|
368
|
-
#
|
369
|
-
#
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
484
|
+
# thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s
|
485
|
+
# pkcs = OpenSSL::PKCS12.new(cert_obj, new_resource.pfx_password)
|
486
|
+
# cert = OpenSSL::X509::Certificate.new(pkcs.certificate.to_pem)
|
487
|
+
thumbprint = OpenSSL::Digest.new("SHA1", cert_obj.to_der).to_s
|
488
|
+
if is_pfx
|
489
|
+
if verify_cert(thumbprint) == true
|
490
|
+
Chef::Log.debug("Certificate is already present")
|
491
|
+
else
|
492
|
+
if is_file?(new_resource.source)
|
493
|
+
converge_by("Creating a PFX #{new_resource.source} for Store #{new_resource.store_name}") do
|
494
|
+
add_pfx_cert(new_resource.source)
|
495
|
+
end
|
496
|
+
elsif is_url?(new_resource.source)
|
497
|
+
converge_by("Creating a PFX #{@local_pfx_path} for Store #{new_resource.store_name}") do
|
498
|
+
add_pfx_cert(@local_pfx_path)
|
499
|
+
end
|
376
500
|
else
|
501
|
+
message = "You passed an invalid file or url to import. Please check the spelling and try again."
|
502
|
+
message << exception.message
|
503
|
+
raise Chef::Exceptions::ArgumentError, message
|
504
|
+
end
|
505
|
+
end
|
506
|
+
else
|
507
|
+
if verify_cert(thumbprint) == true
|
508
|
+
Chef::Log.debug("Certificate is already present")
|
509
|
+
else
|
510
|
+
converge_by("Creating a certificate #{new_resource.source} for Store #{new_resource.store_name}") do
|
377
511
|
add_cert(cert_obj)
|
378
512
|
end
|
379
513
|
end
|
@@ -42,9 +42,7 @@ class Chef
|
|
42
42
|
property :description, String,
|
43
43
|
description: "Description for the share."
|
44
44
|
|
45
|
-
action :create do
|
46
|
-
description "Creates the folder in dfs namespace."
|
47
|
-
|
45
|
+
action :create, description: "Creates the folder in dfs namespace" do
|
48
46
|
raise "target_path is required for install" unless property_is_set?(:target_path)
|
49
47
|
raise "description is required for install" unless property_is_set?(:description)
|
50
48
|
|
@@ -62,9 +60,7 @@ class Chef
|
|
62
60
|
end
|
63
61
|
end
|
64
62
|
|
65
|
-
action :delete do
|
66
|
-
description "Deletes the folder in the dfs namespace."
|
67
|
-
|
63
|
+
action :delete, description: "Deletes the folder in the dfs namespace" do
|
68
64
|
powershell_script "Delete DFS Namespace" do
|
69
65
|
code <<-EOH
|
70
66
|
Remove-DfsnFolder -Path '\\\\#{ENV["COMPUTERNAME"]}\\#{new_resource.namespace_name}\\#{new_resource.folder_path}' -Force
|
@@ -52,9 +52,7 @@ class Chef
|
|
52
52
|
description: "The root from which to create the DFS tree. Defaults to C:\\DFSRoots.",
|
53
53
|
default: 'C:\\DFSRoots'
|
54
54
|
|
55
|
-
action :create do
|
56
|
-
description "Creates the dfs namespace on the server."
|
57
|
-
|
55
|
+
action :create, description: "Creates the dfs namespace on the server" do
|
58
56
|
directory file_path do
|
59
57
|
action :create
|
60
58
|
recursive true
|
@@ -84,9 +82,7 @@ class Chef
|
|
84
82
|
end
|
85
83
|
end
|
86
84
|
|
87
|
-
action :delete do
|
88
|
-
description "Deletes a DFS Namespace including the directory on disk."
|
89
|
-
|
85
|
+
action :delete, description: "Deletes a DFS Namespace including the directory on disk" do
|
90
86
|
powershell_script "Delete DFS Namespace" do
|
91
87
|
code <<-EOH
|
92
88
|
Remove-DfsnRoot -Path '\\\\#{ENV["COMPUTERNAME"]}\\#{new_resource.namespace_name}' -Force
|
@@ -65,9 +65,7 @@ class Chef
|
|
65
65
|
sync_interval_secs results["SyncIntervalSec"]
|
66
66
|
end
|
67
67
|
|
68
|
-
action :configure do
|
69
|
-
description "Configure DFS settings."
|
70
|
-
|
68
|
+
action :configure, description: "Configure DFS settings" do
|
71
69
|
converge_if_changed do
|
72
70
|
dfs_cmd = "Set-DfsnServerConfiguration -ComputerName '#{ENV["COMPUTERNAME"]}' -UseFqdn $#{new_resource.use_fqdn} -LdapTimeoutSec #{new_resource.ldap_timeout_secs} -SyncIntervalSec #{new_resource.sync_interval_secs}"
|
73
71
|
dfs_cmd << " -EnableSiteCostedReferrals $#{new_resource.enable_site_costed_referrals}" if new_resource.enable_site_costed_referrals != current_resource.enable_site_costed_referrals
|
@@ -49,9 +49,7 @@ class Chef
|
|
49
49
|
default: "localhost",
|
50
50
|
introduced: "16.3"
|
51
51
|
|
52
|
-
action :create do
|
53
|
-
description "Creates and updates the DNS entry."
|
54
|
-
|
52
|
+
action :create, description: "Creates and updates the DNS entry" do
|
55
53
|
windows_feature "RSAT-DNS-Server" do
|
56
54
|
not_if new_resource.dns_server.casecmp?("localhost")
|
57
55
|
end
|
@@ -61,9 +59,7 @@ class Chef
|
|
61
59
|
run_dsc_resource "Present"
|
62
60
|
end
|
63
61
|
|
64
|
-
action :delete do
|
65
|
-
description "Deletes a DNS entry."
|
66
|
-
|
62
|
+
action :delete, description: "Deletes a DNS entry" do
|
67
63
|
windows_feature "RSAT-DNS-Server" do
|
68
64
|
not_if new_resource.dns_server.casecmp?("localhost")
|
69
65
|
end
|
@@ -40,17 +40,13 @@ class Chef
|
|
40
40
|
description: "The type of DNS server, Domain or Standalone.",
|
41
41
|
default: "Domain", equal_to: %w{Domain Standalone}
|
42
42
|
|
43
|
-
action :create do
|
44
|
-
description "Creates and updates a DNS Zone."
|
45
|
-
|
43
|
+
action :create, description: "Creates and updates a DNS Zone" do
|
46
44
|
powershell_package "xDnsServer"
|
47
45
|
|
48
46
|
run_dsc_resource "Present"
|
49
47
|
end
|
50
48
|
|
51
|
-
action :delete do
|
52
|
-
description "Deletes a DNS Zone."
|
53
|
-
|
49
|
+
action :delete, description: "Deletes a DNS Zone" do
|
54
50
|
powershell_package "xDnsServer"
|
55
51
|
|
56
52
|
run_dsc_resource "Absent"
|
@@ -19,6 +19,7 @@
|
|
19
19
|
|
20
20
|
require_relative "../resource"
|
21
21
|
require_relative "../mixin/windows_env_helper"
|
22
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
22
23
|
|
23
24
|
class Chef
|
24
25
|
class Resource
|
@@ -28,7 +29,7 @@ class Chef
|
|
28
29
|
provides :windows_env
|
29
30
|
provides :env # backwards compat with the pre-Chef 14 resource name
|
30
31
|
|
31
|
-
description "Use the **windows_env** resource to manage environment keys in Microsoft Windows. After an environment key is set, Microsoft Windows must be restarted before the environment key will be available to the Task Scheduler."
|
32
|
+
description "Use the **windows_env** resource to manage environment keys in Microsoft Windows. After an environment key is set, Microsoft Windows must be restarted before the environment key will be available to the Task Scheduler.\n\nThis resource was previously called the **env** resource; its name was updated in #{ChefUtils::Dist::Infra::PRODUCT} 14.0 to reflect the fact that only Windows is supported. Existing cookbooks using `env` will continue to function, but should be updated to use the new name. Note: On UNIX-based systems, the best way to manipulate environment keys is with the `ENV` variable in Ruby; however, this approach does not have the same permanent effect as using the windows_env resource."
|
32
33
|
examples <<~DOC
|
33
34
|
**Set an environment variable**:
|
34
35
|
|
@@ -192,7 +193,7 @@ class Chef
|
|
192
193
|
end
|
193
194
|
end
|
194
195
|
|
195
|
-
action :create do
|
196
|
+
action :create, description: "Create an environment variable. If an environment variable already exists (but does not match), update that environment variable to match." do
|
196
197
|
if key_exists?
|
197
198
|
if requires_modify_or_create?
|
198
199
|
modify_env
|
@@ -206,7 +207,7 @@ class Chef
|
|
206
207
|
end
|
207
208
|
end
|
208
209
|
|
209
|
-
action :delete do
|
210
|
+
action :delete, description: "Delete an environment variable." do
|
210
211
|
if ( ENV[new_resource.key_name] || key_exists? ) && !delete_element
|
211
212
|
delete_env
|
212
213
|
logger.info("#{new_resource} deleted")
|
@@ -214,7 +215,7 @@ class Chef
|
|
214
215
|
end
|
215
216
|
end
|
216
217
|
|
217
|
-
action :modify do
|
218
|
+
action :modify, description: "Modify an existing environment variable. This prepends the new value to the existing value, using the delimiter specified by the `delim` property." do
|
218
219
|
if key_exists?
|
219
220
|
if requires_modify_or_create?
|
220
221
|
modify_env
|
@@ -108,21 +108,15 @@ class Chef
|
|
108
108
|
default: 600,
|
109
109
|
desired_state: false
|
110
110
|
|
111
|
-
action :install do
|
112
|
-
description "Install a Windows role/feature"
|
113
|
-
|
111
|
+
action :install, description: "Install a Windows role / feature" do
|
114
112
|
run_default_subresource :install
|
115
113
|
end
|
116
114
|
|
117
|
-
action :remove do
|
118
|
-
description "Remove a Windows role/feature"
|
119
|
-
|
115
|
+
action :remove, description: "Remove a Windows role / feature" do
|
120
116
|
run_default_subresource :remove
|
121
117
|
end
|
122
118
|
|
123
|
-
action :delete do
|
124
|
-
description "Remove a Windows role/feature from the image"
|
125
|
-
|
119
|
+
action :delete, description: "Remove a Windows role/feature from the image" do
|
126
120
|
run_default_subresource :delete
|
127
121
|
end
|
128
122
|
|
@@ -91,9 +91,7 @@ class Chef
|
|
91
91
|
end
|
92
92
|
end
|
93
93
|
|
94
|
-
action :remove do
|
95
|
-
description "Remove a Windows role/feature using DISM"
|
96
|
-
|
94
|
+
action :remove, description: "Remove a Windows role / feature using DISM" do
|
97
95
|
reload_cached_dism_data unless node["dism_features_cache"]
|
98
96
|
|
99
97
|
logger.trace("Windows features needing removal: #{features_to_remove.empty? ? "none" : features_to_remove.join(",")}")
|
@@ -108,9 +106,7 @@ class Chef
|
|
108
106
|
end
|
109
107
|
end
|
110
108
|
|
111
|
-
action :delete do
|
112
|
-
description "Remove a Windows role/feature from the image using DISM"
|
113
|
-
|
109
|
+
action :delete, description: "Remove a Windows role / feature from the image using DISM" do
|
114
110
|
reload_cached_dism_data unless node["dism_features_cache"]
|
115
111
|
|
116
112
|
fail_if_unavailable # fail if the features don't exist
|
@@ -87,7 +87,7 @@ class Chef
|
|
87
87
|
x.map(&:downcase)
|
88
88
|
end
|
89
89
|
|
90
|
-
action :install do
|
90
|
+
action :install, description: "Install a Windows role / feature using PowerShell" do
|
91
91
|
reload_cached_powershell_data unless node["powershell_features_cache"]
|
92
92
|
fail_if_unavailable # fail if the features don't exist
|
93
93
|
fail_if_removed # fail if the features are in removed state
|
@@ -108,7 +108,7 @@ class Chef
|
|
108
108
|
end
|
109
109
|
end
|
110
110
|
|
111
|
-
action :remove do
|
111
|
+
action :remove, description: "Remove a Windows role / feature using PowerShell" do
|
112
112
|
reload_cached_powershell_data unless node["powershell_features_cache"]
|
113
113
|
|
114
114
|
Chef::Log.debug("Windows features needing removal: #{features_to_remove.empty? ? "none" : features_to_remove.join(",")}")
|
@@ -123,7 +123,7 @@ class Chef
|
|
123
123
|
end
|
124
124
|
end
|
125
125
|
|
126
|
-
action :delete do
|
126
|
+
action :delete, description: "Delete a Windows role / feature from the image using PowerShell" do
|
127
127
|
reload_cached_powershell_data unless node["powershell_features_cache"]
|
128
128
|
|
129
129
|
fail_if_unavailable # fail if the features don't exist
|
@@ -81,8 +81,8 @@ class Chef
|
|
81
81
|
property :allow_unicast_response, [true, false, String], equal_to: [true, false, "NotConfigured"], description: "Allow unicast responses to multicast and broadcast messages"
|
82
82
|
property :display_notification, [true, false, String], equal_to: [true, false, "NotConfigured"], description: "Display a notification when firewall blocks certain activity"
|
83
83
|
|
84
|
-
load_current_value do |
|
85
|
-
ps_get_net_fw_profile = load_firewall_state(
|
84
|
+
load_current_value do |new_resource|
|
85
|
+
ps_get_net_fw_profile = load_firewall_state(new_resource.profile)
|
86
86
|
output = powershell_exec(ps_get_net_fw_profile)
|
87
87
|
if output.result.empty?
|
88
88
|
current_value_does_not_exist!
|
@@ -121,7 +121,7 @@ class Chef
|
|
121
121
|
end
|
122
122
|
end
|
123
123
|
|
124
|
-
action :enable do
|
124
|
+
action :enable, description: "Enable and optionally configure a Windows Firewall profile" do
|
125
125
|
converge_if_changed :default_inbound_action, :default_outbound_action, :allow_inbound_rules, :allow_local_firewall_rules,
|
126
126
|
:allow_local_ipsec_rules, :allow_user_apps, :allow_user_ports, :allow_unicast_response, :display_notification do
|
127
127
|
fw_cmd = firewall_command(new_resource.profile)
|
@@ -135,7 +135,7 @@ class Chef
|
|
135
135
|
end
|
136
136
|
end
|
137
137
|
|
138
|
-
action :disable do
|
138
|
+
action :disable, description: "Disable a Windows Firewall profile" do
|
139
139
|
if firewall_enabled?(new_resource.profile)
|
140
140
|
converge_by "Disable the #{new_resource.profile} Firewall Profile" do
|
141
141
|
cmd = "Set-NetFirewallProfile -Profile #{new_resource.profile} -Enabled \"False\""
|