chef 16.2.44-universal-mingw32 → 16.4.35-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (383) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/Rakefile +3 -16
  4. data/chef-universal-mingw32.gemspec +2 -3
  5. data/chef.gemspec +4 -3
  6. data/lib/chef/action_collection.rb +4 -0
  7. data/lib/chef/api_client/registration.rb +2 -2
  8. data/lib/chef/application.rb +13 -1
  9. data/lib/chef/application/apply.rb +6 -5
  10. data/lib/chef/application/windows_service.rb +27 -27
  11. data/lib/chef/{whitelist.rb → attribute_allowlist.rb} +11 -11
  12. data/lib/chef/{blacklist.rb → attribute_blocklist.rb} +9 -9
  13. data/lib/chef/chef_class.rb +0 -1
  14. data/lib/chef/chef_fs/chef_fs_data_store.rb +54 -54
  15. data/lib/chef/chef_fs/data_handler/organization_data_handler.rb +1 -2
  16. data/lib/chef/chef_fs/file_system/chef_server/acl_entry.rb +10 -10
  17. data/lib/chef/chef_fs/file_system/chef_server/cookbook_file.rb +2 -2
  18. data/lib/chef/chef_fs/file_system/chef_server/cookbooks_dir.rb +1 -5
  19. data/lib/chef/chef_fs/file_system/chef_server/organization_invites_entry.rb +8 -8
  20. data/lib/chef/chef_fs/file_system/chef_server/organization_members_entry.rb +8 -8
  21. data/lib/chef/chef_fs/file_system/repository/base_file.rb +1 -0
  22. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_dir.rb +2 -2
  23. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  24. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_root_dir.rb +18 -18
  25. data/lib/chef/chef_fs/file_system/repository/directory.rb +1 -1
  26. data/lib/chef/chef_fs/file_system/repository/file_system_entry.rb +1 -1
  27. data/lib/chef/chef_fs/parallelizer/parallel_enumerable.rb +1 -1
  28. data/lib/chef/client.rb +14 -14
  29. data/lib/chef/cookbook/remote_file_vendor.rb +1 -3
  30. data/lib/chef/cookbook/syntax_check.rb +1 -2
  31. data/lib/chef/cookbook_loader.rb +15 -29
  32. data/lib/chef/data_bag.rb +1 -2
  33. data/lib/chef/data_collector/run_end_message.rb +11 -1
  34. data/lib/chef/deprecated.rb +8 -0
  35. data/lib/chef/digester.rb +3 -2
  36. data/lib/chef/dsl/platform_introspection.rb +9 -7
  37. data/lib/chef/encrypted_data_bag_item/decryptor.rb +1 -1
  38. data/lib/chef/environment.rb +3 -4
  39. data/lib/chef/exceptions.rb +4 -1
  40. data/lib/chef/file_access_control/windows.rb +2 -2
  41. data/lib/chef/file_content_management/deploy/mv_unix.rb +1 -1
  42. data/lib/chef/file_content_management/tempfile.rb +9 -9
  43. data/lib/chef/handler.rb +2 -0
  44. data/lib/chef/http.rb +12 -12
  45. data/lib/chef/http/authenticator.rb +3 -1
  46. data/lib/chef/json_compat.rb +1 -1
  47. data/lib/chef/knife.rb +4 -4
  48. data/lib/chef/knife/bootstrap.rb +18 -15
  49. data/lib/chef/knife/bootstrap/train_connector.rb +1 -0
  50. data/lib/chef/knife/config_get.rb +1 -0
  51. data/lib/chef/knife/config_list_profiles.rb +4 -1
  52. data/lib/chef/knife/config_use_profile.rb +15 -5
  53. data/lib/chef/knife/configure.rb +1 -1
  54. data/lib/chef/knife/cookbook_download.rb +1 -1
  55. data/lib/chef/knife/cookbook_metadata.rb +1 -1
  56. data/lib/chef/knife/cookbook_upload.rb +29 -37
  57. data/lib/chef/knife/core/bootstrap_context.rb +1 -1
  58. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  59. data/lib/chef/knife/core/generic_presenter.rb +1 -1
  60. data/lib/chef/knife/core/hashed_command_loader.rb +3 -2
  61. data/lib/chef/knife/core/subcommand_loader.rb +20 -1
  62. data/lib/chef/knife/core/ui.rb +8 -2
  63. data/lib/chef/knife/core/windows_bootstrap_context.rb +33 -26
  64. data/lib/chef/knife/delete.rb +15 -15
  65. data/lib/chef/knife/exec.rb +2 -2
  66. data/lib/chef/knife/rehash.rb +3 -21
  67. data/lib/chef/knife/ssh.rb +11 -7
  68. data/lib/chef/knife/xargs.rb +19 -19
  69. data/lib/chef/knife/yaml_convert.rb +1 -1
  70. data/lib/chef/log.rb +7 -2
  71. data/lib/chef/mixin/checksum.rb +0 -1
  72. data/{spec/functional/resource/base.rb → lib/chef/mixin/chef_utils_wiring.rb} +24 -12
  73. data/lib/chef/mixin/deep_merge.rb +35 -6
  74. data/{spec/unit/log_spec.rb → lib/chef/mixin/default_paths.rb} +13 -5
  75. data/lib/chef/mixin/openssl_helper.rb +30 -6
  76. data/lib/chef/mixin/path_sanity.rb +5 -4
  77. data/lib/chef/mixin/shell_out.rb +4 -188
  78. data/lib/chef/mixin/template.rb +1 -0
  79. data/lib/chef/mixin/which.rb +6 -3
  80. data/lib/chef/mixins.rb +1 -0
  81. data/lib/chef/monkey_patches/webrick-utils.rb +10 -10
  82. data/lib/chef/node.rb +36 -12
  83. data/lib/chef/node/attribute.rb +2 -4
  84. data/lib/chef/node_map.rb +21 -18
  85. data/lib/chef/platform/service_helpers.rb +31 -28
  86. data/lib/chef/property.rb +1 -1
  87. data/lib/chef/provider/cron/unix.rb +0 -2
  88. data/lib/chef/provider/git.rb +17 -9
  89. data/lib/chef/provider/group.rb +0 -2
  90. data/lib/chef/provider/group/suse.rb +5 -5
  91. data/lib/chef/provider/ifconfig.rb +1 -4
  92. data/lib/chef/provider/mount.rb +0 -2
  93. data/lib/chef/provider/mount/solaris.rb +0 -1
  94. data/lib/chef/provider/package.rb +0 -2
  95. data/lib/chef/provider/package/rubygems.rb +1 -1
  96. data/lib/chef/provider/package/snap.rb +3 -4
  97. data/lib/chef/provider/package/windows.rb +9 -4
  98. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +9 -9
  99. data/lib/chef/provider/package/zypper.rb +0 -1
  100. data/lib/chef/provider/powershell_script.rb +21 -5
  101. data/lib/chef/provider/route.rb +1 -1
  102. data/lib/chef/provider/service.rb +2 -2
  103. data/lib/chef/provider/service/arch.rb +1 -1
  104. data/lib/chef/provider/service/debian.rb +1 -1
  105. data/lib/chef/provider/service/gentoo.rb +2 -2
  106. data/lib/chef/provider/service/macosx.rb +2 -2
  107. data/lib/chef/provider/service/openbsd.rb +1 -4
  108. data/lib/chef/provider/service/redhat.rb +2 -2
  109. data/lib/chef/provider/service/upstart.rb +1 -1
  110. data/lib/chef/provider/service/windows.rb +10 -10
  111. data/lib/chef/provider/systemd_unit.rb +0 -2
  112. data/lib/chef/provider/template/content.rb +1 -0
  113. data/lib/chef/provider/user/dscl.rb +2 -2
  114. data/lib/chef/provider/user/mac.rb +9 -9
  115. data/lib/chef/provider/windows_task.rb +0 -3
  116. data/lib/chef/provider/yum_repository.rb +1 -1
  117. data/lib/chef/provider/zypper_repository.rb +1 -2
  118. data/lib/chef/providers.rb +0 -1
  119. data/lib/chef/recipe.rb +1 -1
  120. data/lib/chef/resource.rb +9 -11
  121. data/lib/chef/resource/alternatives.rb +1 -1
  122. data/lib/chef/resource/apt_repository.rb +1 -10
  123. data/lib/chef/resource/build_essential.rb +2 -2
  124. data/lib/chef/resource/chef_client_scheduled_task.rb +1 -1
  125. data/lib/chef/resource/chef_client_systemd_timer.rb +2 -2
  126. data/lib/chef/resource/chef_gem.rb +57 -21
  127. data/lib/chef/resource/chef_vault_secret.rb +13 -13
  128. data/lib/chef/resource/chocolatey_feature.rb +1 -2
  129. data/lib/chef/resource/cron/cron_d.rb +1 -1
  130. data/lib/chef/resource/cron_access.rb +2 -2
  131. data/lib/chef/resource/dmg_package.rb +2 -2
  132. data/lib/chef/resource/execute.rb +4 -5
  133. data/lib/chef/resource/gem_package.rb +35 -2
  134. data/lib/chef/resource/homebrew_update.rb +2 -2
  135. data/lib/chef/resource/hostname.rb +18 -18
  136. data/lib/chef/resource/launchd.rb +1 -1
  137. data/lib/chef/resource/lwrp_base.rb +1 -0
  138. data/lib/chef/resource/macos_userdefaults.rb +176 -61
  139. data/lib/chef/resource/openssl_dhparam.rb +2 -0
  140. data/lib/chef/resource/openssl_ec_private_key.rb +2 -0
  141. data/lib/chef/resource/openssl_ec_public_key.rb +2 -0
  142. data/lib/chef/resource/openssl_rsa_private_key.rb +2 -0
  143. data/lib/chef/resource/openssl_rsa_public_key.rb +2 -0
  144. data/lib/chef/resource/openssl_x509_certificate.rb +35 -35
  145. data/lib/chef/resource/openssl_x509_crl.rb +3 -2
  146. data/lib/chef/resource/openssl_x509_request.rb +23 -20
  147. data/lib/chef/resource/osx_profile.rb +227 -5
  148. data/lib/chef/resource/powershell_package_source.rb +1 -1
  149. data/lib/chef/resource/powershell_script.rb +24 -30
  150. data/lib/chef/resource/service.rb +2 -2
  151. data/lib/chef/resource/ssh_known_hosts_entry.rb +16 -1
  152. data/lib/chef/resource/sudo.rb +31 -4
  153. data/lib/chef/resource/swap_file.rb +17 -0
  154. data/lib/chef/resource/sysctl.rb +5 -5
  155. data/lib/chef/resource/timezone.rb +15 -0
  156. data/lib/chef/resource/user_ulimit.rb +1 -1
  157. data/lib/chef/resource/windows_ad_join.rb +2 -0
  158. data/lib/chef/resource/windows_audit_policy.rb +3 -0
  159. data/lib/chef/resource/windows_auto_run.rb +2 -0
  160. data/lib/chef/resource/windows_certificate.rb +2 -0
  161. data/lib/chef/resource/windows_dfs_folder.rb +2 -0
  162. data/lib/chef/resource/windows_dfs_namespace.rb +2 -0
  163. data/lib/chef/resource/windows_dfs_server.rb +2 -0
  164. data/lib/chef/resource/windows_dns_record.rb +25 -5
  165. data/lib/chef/resource/windows_dns_zone.rb +12 -7
  166. data/lib/chef/resource/windows_feature.rb +2 -0
  167. data/lib/chef/resource/windows_feature_dism.rb +10 -0
  168. data/lib/chef/resource/windows_feature_powershell.rb +14 -2
  169. data/lib/chef/resource/windows_firewall_profile.rb +199 -0
  170. data/lib/chef/resource/windows_firewall_rule.rb +5 -3
  171. data/lib/chef/resource/windows_font.rb +3 -1
  172. data/lib/chef/resource/windows_pagefile.rb +4 -0
  173. data/lib/chef/resource/windows_printer.rb +17 -18
  174. data/lib/chef/resource/windows_printer_port.rb +14 -13
  175. data/lib/chef/resource/windows_security_policy.rb +52 -21
  176. data/lib/chef/resource/windows_share.rb +5 -3
  177. data/lib/chef/resource/windows_shortcut.rb +2 -0
  178. data/lib/chef/resource/windows_uac.rb +2 -0
  179. data/lib/chef/resource/windows_user_privilege.rb +27 -2
  180. data/lib/chef/resource/windows_workgroup.rb +2 -3
  181. data/lib/chef/resource_collection/stepable_iterator.rb +1 -2
  182. data/lib/chef/resource_inspector.rb +7 -1
  183. data/lib/chef/resources.rb +1 -0
  184. data/lib/chef/role.rb +3 -4
  185. data/lib/chef/run_context/cookbook_compiler.rb +20 -20
  186. data/lib/chef/run_status.rb +2 -6
  187. data/lib/chef/server_api_versions.rb +4 -0
  188. data/lib/chef/shell.rb +1 -1
  189. data/lib/chef/shell/shell_session.rb +2 -0
  190. data/lib/chef/util/backup.rb +1 -1
  191. data/lib/chef/util/diff.rb +11 -12
  192. data/lib/chef/util/powershell/cmdlet.rb +1 -1
  193. data/lib/chef/version.rb +2 -2
  194. data/lib/chef/win32/file.rb +2 -2
  195. data/lib/chef/win32/file/version_info.rb +5 -5
  196. data/lib/chef/win32/registry.rb +1 -2
  197. data/spec/data/ssl/chef-rspec.cert +15 -15
  198. data/spec/functional/knife/configure_spec.rb +1 -1
  199. data/spec/functional/knife/ssh_spec.rb +5 -16
  200. data/spec/functional/resource/aix_service_spec.rb +9 -2
  201. data/spec/functional/resource/aixinit_service_spec.rb +8 -9
  202. data/spec/functional/resource/apt_package_spec.rb +0 -1
  203. data/spec/functional/resource/bash_spec.rb +3 -2
  204. data/spec/functional/resource/bff_spec.rb +3 -3
  205. data/spec/functional/resource/chocolatey_package_spec.rb +4 -0
  206. data/spec/functional/resource/cookbook_file_spec.rb +1 -1
  207. data/spec/functional/resource/cron_spec.rb +10 -2
  208. data/spec/functional/resource/dnf_package_spec.rb +4 -1
  209. data/spec/functional/resource/dsc_resource_spec.rb +1 -1
  210. data/spec/functional/resource/dsc_script_spec.rb +0 -1
  211. data/spec/functional/resource/execute_spec.rb +1 -1
  212. data/spec/functional/resource/git_spec.rb +23 -1
  213. data/spec/functional/resource/group_spec.rb +21 -9
  214. data/spec/functional/resource/ifconfig_spec.rb +9 -1
  215. data/spec/functional/resource/insserv_spec.rb +7 -7
  216. data/spec/functional/resource/link_spec.rb +22 -25
  217. data/spec/functional/resource/mount_spec.rb +9 -1
  218. data/spec/functional/resource/msu_package_spec.rb +9 -3
  219. data/spec/functional/resource/powershell_script_spec.rb +8 -8
  220. data/spec/functional/resource/remote_file_spec.rb +7 -13
  221. data/spec/functional/resource/rpm_spec.rb +3 -3
  222. data/spec/functional/resource/timezone_spec.rb +2 -0
  223. data/spec/functional/resource/windows_certificate_spec.rb +3 -3
  224. data/spec/functional/resource/windows_font_spec.rb +49 -0
  225. data/spec/functional/resource/windows_package_spec.rb +0 -1
  226. data/spec/functional/resource/windows_path_spec.rb +4 -0
  227. data/spec/functional/resource/windows_security_policy_spec.rb +0 -4
  228. data/spec/functional/resource/windows_service_spec.rb +4 -0
  229. data/spec/functional/resource/windows_task_spec.rb +4 -3
  230. data/spec/functional/resource/windows_user_privilege_spec.rb +1 -2
  231. data/spec/functional/resource/yum_package_spec.rb +4 -1
  232. data/spec/functional/resource/zypper_package_spec.rb +4 -1
  233. data/spec/functional/run_lock_spec.rb +26 -25
  234. data/spec/functional/shell_spec.rb +5 -6
  235. data/spec/functional/util/powershell/cmdlet_spec.rb +1 -1
  236. data/spec/functional/version_spec.rb +1 -1
  237. data/spec/functional/win32/crypto_spec.rb +1 -1
  238. data/spec/functional/win32/registry_spec.rb +8 -8
  239. data/spec/functional/win32/service_manager_spec.rb +1 -1
  240. data/spec/integration/knife/common_options_spec.rb +12 -12
  241. data/spec/integration/knife/config_get_profile_spec.rb +69 -68
  242. data/spec/integration/knife/config_get_spec.rb +126 -125
  243. data/spec/integration/knife/config_list_profiles_spec.rb +181 -152
  244. data/spec/integration/knife/config_use_profile_spec.rb +115 -61
  245. data/spec/integration/knife/cookbook_upload_spec.rb +28 -1
  246. data/spec/integration/knife/data_bag_from_file_spec.rb +1 -1
  247. data/spec/integration/knife/diff_spec.rb +3 -1
  248. data/spec/integration/knife/download_spec.rb +3 -1
  249. data/spec/integration/knife/environment_from_file_spec.rb +1 -1
  250. data/spec/integration/knife/node_from_file_spec.rb +1 -1
  251. data/spec/integration/knife/role_from_file_spec.rb +1 -1
  252. data/spec/integration/knife/serve_spec.rb +5 -5
  253. data/spec/integration/knife/upload_spec.rb +3 -1
  254. data/spec/integration/recipes/accumulator_spec.rb +1 -1
  255. data/spec/integration/recipes/lwrp_inline_resources_spec.rb +2 -2
  256. data/spec/integration/recipes/lwrp_spec.rb +1 -1
  257. data/spec/integration/recipes/notifies_spec.rb +1 -1
  258. data/spec/integration/recipes/notifying_block_spec.rb +1 -1
  259. data/spec/integration/recipes/recipe_dsl_spec.rb +5 -1
  260. data/spec/integration/recipes/resource_converge_if_changed_spec.rb +2 -0
  261. data/spec/integration/recipes/resource_load_spec.rb +4 -2
  262. data/spec/integration/recipes/unified_mode_spec.rb +1 -1
  263. data/spec/integration/recipes/use_partial_spec.rb +1 -1
  264. data/spec/scripts/ssl-serve.rb +1 -1
  265. data/spec/spec_helper.rb +16 -10
  266. data/spec/support/chef_helpers.rb +1 -20
  267. data/spec/support/platform_helpers.rb +9 -11
  268. data/spec/support/platforms/win32/spec_service.rb +1 -1
  269. data/spec/support/shared/functional/directory_resource.rb +1 -1
  270. data/spec/support/shared/functional/execute_resource.rb +1 -1
  271. data/spec/support/shared/functional/file_resource.rb +20 -21
  272. data/spec/support/shared/functional/securable_resource.rb +1 -2
  273. data/spec/support/shared/functional/securable_resource_with_reporting.rb +0 -1
  274. data/spec/support/shared/functional/win32_service.rb +1 -1
  275. data/spec/support/shared/functional/windows_script.rb +5 -5
  276. data/spec/support/shared/integration/integration_helper.rb +22 -52
  277. data/spec/support/shared/integration/knife_support.rb +2 -9
  278. data/spec/support/shared/unit/application_dot_d.rb +0 -1
  279. data/spec/support/shared/unit/provider/file.rb +12 -8
  280. data/spec/support/shared/unit/script_resource.rb +6 -20
  281. data/spec/support/shared/unit/windows_script_resource.rb +15 -28
  282. data/spec/unit/application/solo_spec.rb +4 -2
  283. data/spec/unit/application_spec.rb +4 -2
  284. data/spec/unit/chef_fs/config_spec.rb +2 -2
  285. data/spec/unit/chef_fs/diff_spec.rb +8 -8
  286. data/spec/unit/chef_fs/file_system/operation_failed_error_spec.rb +2 -4
  287. data/spec/unit/chef_fs/{parallelizer.rb → parallelizer_spec.rb} +1 -1
  288. data/spec/unit/client_spec.rb +4 -1
  289. data/spec/unit/cookbook/gem_installer_spec.rb +2 -1
  290. data/spec/unit/cookbook/synchronizer_spec.rb +26 -24
  291. data/spec/unit/data_bag_spec.rb +6 -3
  292. data/spec/unit/data_collector_spec.rb +23 -1
  293. data/spec/unit/decorator_spec.rb +23 -23
  294. data/spec/unit/dsl/platform_introspection_spec.rb +1 -0
  295. data/spec/unit/environment_spec.rb +12 -8
  296. data/spec/unit/event_dispatch/dispatcher_spec.rb +3 -0
  297. data/spec/unit/guard_interpreter_spec.rb +1 -1
  298. data/spec/unit/http/api_versions_spec.rb +20 -2
  299. data/spec/unit/json_compat_spec.rb +1 -1
  300. data/spec/unit/knife/bootstrap_spec.rb +17 -20
  301. data/spec/unit/knife/cookbook_download_spec.rb +6 -6
  302. data/spec/unit/knife/cookbook_metadata_from_file_spec.rb +1 -1
  303. data/spec/unit/knife/cookbook_show_spec.rb +6 -7
  304. data/spec/unit/knife/cookbook_upload_spec.rb +7 -10
  305. data/spec/unit/knife/core/hashed_command_loader_spec.rb +3 -3
  306. data/spec/unit/knife/core/windows_bootstrap_context_spec.rb +21 -12
  307. data/spec/unit/knife/data_bag_edit_spec.rb +1 -1
  308. data/spec/unit/knife/supermarket_share_spec.rb +1 -1
  309. data/spec/unit/log/syslog_spec.rb +6 -10
  310. data/spec/unit/log/winevt_spec.rb +21 -13
  311. data/spec/unit/lwrp_spec.rb +9 -6
  312. data/spec/unit/mixin/{path_sanity_spec.rb → default_paths_spec.rb} +14 -14
  313. data/spec/unit/mixin/powershell_exec_spec.rb +1 -1
  314. data/spec/unit/mixin/powershell_out_spec.rb +2 -4
  315. data/spec/unit/mixin/powershell_type_coercions_spec.rb +1 -1
  316. data/spec/unit/mixin/securable_spec.rb +0 -1
  317. data/spec/unit/mixin/shell_out_spec.rb +25 -26
  318. data/spec/unit/mixin/subclass_directive_spec.rb +2 -2
  319. data/spec/unit/mixin/template_spec.rb +30 -30
  320. data/spec/unit/mixin/unformatter_spec.rb +2 -2
  321. data/spec/unit/mixin/uris_spec.rb +1 -1
  322. data/spec/unit/mixin/which.rb +8 -0
  323. data/spec/unit/mixin/windows_architecture_helper_spec.rb +4 -4
  324. data/spec/unit/node/immutable_collections_spec.rb +6 -2
  325. data/spec/unit/node_spec.rb +103 -16
  326. data/spec/unit/property_spec.rb +5 -5
  327. data/spec/unit/provider/batch_spec.rb +1 -1
  328. data/spec/unit/provider/cron/unix_spec.rb +1 -1
  329. data/spec/unit/provider/dsc_resource_spec.rb +22 -38
  330. data/spec/unit/provider/dsc_script_spec.rb +10 -10
  331. data/spec/unit/provider/execute_spec.rb +1 -8
  332. data/spec/unit/provider/git_spec.rb +3 -3
  333. data/spec/unit/provider/ifconfig_spec.rb +0 -1
  334. data/spec/unit/provider/mdadm_spec.rb +1 -3
  335. data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -1
  336. data/spec/unit/provider/package/openbsd_spec.rb +1 -1
  337. data/spec/unit/provider/package/pacman_spec.rb +17 -20
  338. data/spec/unit/provider/package/rubygems_spec.rb +5 -10
  339. data/spec/unit/provider/package/smartos_spec.rb +1 -1
  340. data/spec/unit/provider/package/windows/registry_uninstall_entry_spec.rb +3 -3
  341. data/spec/unit/provider/package/windows_spec.rb +30 -53
  342. data/spec/unit/provider/powershell_script_spec.rb +11 -4
  343. data/spec/unit/provider/remote_directory_spec.rb +9 -9
  344. data/spec/unit/provider/service/arch_service_spec.rb +3 -2
  345. data/spec/unit/provider/service/debian_service_spec.rb +1 -1
  346. data/spec/unit/provider/service/gentoo_service_spec.rb +7 -7
  347. data/spec/unit/provider/service/macosx_spec.rb +3 -3
  348. data/spec/unit/provider/service/redhat_spec.rb +3 -3
  349. data/spec/unit/provider/service/upstart_service_spec.rb +3 -3
  350. data/spec/unit/provider/service/windows_spec.rb +2 -6
  351. data/spec/unit/provider/systemd_unit_spec.rb +28 -24
  352. data/spec/unit/provider/user/dscl_spec.rb +2 -2
  353. data/spec/unit/provider/windows_env_spec.rb +5 -4
  354. data/spec/unit/provider_resolver_spec.rb +6 -6
  355. data/spec/unit/provider_spec.rb +1 -0
  356. data/spec/unit/resource/batch_spec.rb +6 -6
  357. data/spec/unit/resource/chef_client_cron_spec.rb +23 -7
  358. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +7 -4
  359. data/spec/unit/resource/execute_spec.rb +123 -118
  360. data/spec/unit/resource/file/verification_spec.rb +2 -1
  361. data/spec/unit/resource/macos_user_defaults_spec.rb +103 -2
  362. data/spec/unit/resource/osx_profile_spec.rb +233 -0
  363. data/spec/unit/resource/powershell_script_spec.rb +11 -29
  364. data/spec/unit/resource/script_spec.rb +6 -1
  365. data/spec/unit/resource/windows_feature_powershell_spec.rb +30 -4
  366. data/spec/unit/resource/windows_firewall_profile_spec.rb +77 -0
  367. data/spec/unit/resource/windows_package_spec.rb +1 -0
  368. data/spec/unit/resource_reporter_spec.rb +1 -1
  369. data/spec/unit/resource_spec.rb +25 -8
  370. data/spec/unit/role_spec.rb +30 -28
  371. data/spec/unit/run_context/cookbook_compiler_spec.rb +1 -1
  372. data/spec/unit/run_lock_spec.rb +1 -1
  373. data/spec/unit/scan_access_control_spec.rb +1 -1
  374. data/spec/unit/server_api_spec.rb +43 -16
  375. data/spec/unit/util/backup_spec.rb +1 -1
  376. data/spec/unit/util/diff_spec.rb +1 -15
  377. data/spec/unit/util/powershell/ps_credential_spec.rb +2 -2
  378. data/spec/unit/util/selinux_spec.rb +2 -1
  379. data/spec/unit/win32/security_spec.rb +4 -3
  380. data/tasks/rspec.rb +1 -1
  381. metadata +53 -40
  382. data/lib/chef/provider/osx_profile.rb +0 -255
  383. data/spec/unit/provider/osx_profile_spec.rb +0 -255
@@ -21,7 +21,9 @@ require_relative "../resource"
21
21
  class Chef
22
22
  class Resource
23
23
  class WindowsSecurityPolicy < Chef::Resource
24
- resource_name :windows_security_policy
24
+ unified_mode true
25
+
26
+ provides :windows_security_policy
25
27
 
26
28
  # The valid policy_names options found here
27
29
  # https://github.com/ChrisAWalker/cSecurityOptions under 'AccountSettings'
@@ -80,13 +82,55 @@ class Chef
80
82
  property :secvalue, String, required: true,
81
83
  description: "Policy value to be set for policy name."
82
84
 
85
+ load_current_value do |desired|
86
+ powershell_code = <<-CODE
87
+ C:\\Windows\\System32\\secedit /export /cfg $env:TEMP\\secopts_export.inf | Out-Null
88
+ # cspell:disable-next-line
89
+ $security_options_data = (Get-Content $env:TEMP\\secopts_export.inf | Select-String -Pattern "^[CEFLMNPR].* =.*$" | Out-String)
90
+ Remove-Item $env:TEMP\\secopts_export.inf -force
91
+ $security_options_hash = ($security_options_data -Replace '"'| ConvertFrom-StringData)
92
+ ([PSCustomObject]@{
93
+ RequireLogonToChangePassword = $security_options_hash.RequireLogonToChangePassword
94
+ PasswordComplexity = $security_options_hash.PasswordComplexity
95
+ LSAAnonymousNameLookup = $security_options_hash.LSAAnonymousNameLookup
96
+ EnableAdminAccount = $security_options_hash.EnableAdminAccount
97
+ PasswordHistorySize = $security_options_hash.PasswordHistorySize
98
+ MinimumPasswordLength = $security_options_hash.MinimumPasswordLength
99
+ ResetLockoutCount = $security_options_hash.ResetLockoutCount
100
+ MaximumPasswordAge = $security_options_hash.MaximumPasswordAge
101
+ ClearTextPassword = $security_options_hash.ClearTextPassword
102
+ NewAdministratorName = $security_options_hash.NewAdministratorName
103
+ LockoutDuration = $security_options_hash.LockoutDuration
104
+ EnableGuestAccount = $security_options_hash.EnableGuestAccount
105
+ ForceLogoffWhenHourExpire = $security_options_hash.ForceLogoffWhenHourExpire
106
+ MinimumPasswordAge = $security_options_hash.MinimumPasswordAge
107
+ NewGuestName = $security_options_hash.NewGuestName
108
+ LockoutBadCount = $security_options_hash.LockoutBadCount
109
+ }) | ConvertTo-Json
110
+ CODE
111
+ output = powershell_out(powershell_code)
112
+ current_value_does_not_exist! if output.stdout.empty?
113
+ state = Chef::JSONCompat.from_json(output.stdout)
114
+
115
+ if desired.secoption == "ResetLockoutCount" || desired.secoption == "LockoutDuration"
116
+ if state["LockoutBadCount"] == "0"
117
+ raise Chef::Exceptions::ValidationFailed.new "#{desired.secoption} cannot be set unless the \"LockoutBadCount\" security policy has been set to a non-zero value"
118
+ else
119
+ secvalue state[desired.secoption.to_s]
120
+ end
121
+ else
122
+ secvalue state[desired.secoption.to_s]
123
+ end
124
+ end
125
+
83
126
  action :set do
84
- security_option = new_resource.secoption
85
- security_value = new_resource.secvalue
86
- powershell_script "#{security_option} set to #{security_value}" do
87
- convert_boolean_return true
88
- code <<-EOH
127
+ converge_if_changed :secvalue do
128
+ security_option = new_resource.secoption
129
+ security_value = new_resource.secvalue
130
+
131
+ cmd = <<-EOH
89
132
  $security_option = "#{security_option}"
133
+ C:\\Windows\\System32\\secedit /export /cfg $env:TEMP\\#{security_option}_Export.inf
90
134
  if ( ($security_option -match "NewGuestName") -Or ($security_option -match "NewAdministratorName") )
91
135
  {
92
136
  $#{security_option}_Remediation = (Get-Content $env:TEMP\\#{security_option}_Export.inf) | Foreach-Object { $_ -replace '#{security_option}\\s*=\\s*\\"\\w*\\"', '#{security_option} = "#{security_value}"' } | Set-Content $env:TEMP\\#{security_option}_Export.inf
@@ -99,21 +143,8 @@ class Chef
99
143
  }
100
144
  Remove-Item $env:TEMP\\#{security_option}_Export.inf -force
101
145
  EOH
102
- not_if <<-EOH
103
- $#{security_option}_Export = C:\\Windows\\System32\\secedit /export /cfg $env:TEMP\\#{security_option}_Export.inf
104
- $ExportAudit = (Get-Content $env:TEMP\\#{security_option}_Export.inf | Select-String -Pattern #{security_option})
105
- $check_digit = $ExportAudit -match '#{security_option} = #{security_value}'
106
- $check_string = $ExportAudit -match '#{security_option} = "#{security_value}"'
107
- if ( $check_string -Or $check_digit )
108
- {
109
- Remove-Item $env:TEMP\\#{security_option}_Export.inf -force
110
- $true
111
- }
112
- else
113
- {
114
- $false
115
- }
116
- EOH
146
+
147
+ powershell_out!(cmd)
117
148
  end
118
149
  end
119
150
  end
@@ -26,6 +26,8 @@ require_relative "../util/path_helper"
26
26
  class Chef
27
27
  class Resource
28
28
  class WindowsShare < Chef::Resource
29
+ unified_mode true
30
+
29
31
  provides :windows_share
30
32
 
31
33
  description "Use the **windows_share** resource to create, modify and remove Windows shares."
@@ -59,7 +61,7 @@ class Chef
59
61
  # Specifies the path of the location of the folder to share. The path must be fully qualified. Relative paths or paths that contain wildcard characters are not permitted.
60
62
  property :path, String,
61
63
  description: "The path of the folder to share. Required when creating. If the share already exists on a different path then it is deleted and re-created.",
62
- coerce: proc { |p| p.gsub(%r{/}, "\\") || p }
64
+ coerce: proc { |p| p.tr("/", "\\") || p }
63
65
 
64
66
  # Specifies an optional description of the SMB share. A description of the share is displayed by running the Get-SmbShare cmdlet. The description may not contain more than 256 characters.
65
67
  property :description, String,
@@ -117,8 +119,6 @@ class Chef
117
119
  # Specifies which files and folders in the SMB share are visible to users. AccessBased: SMB does not the display the files and folders for a share to a user unless that user has rights to access the files and folders. By default, access-based enumeration is disabled for new SMB shares. Unrestricted: SMB displays files and folders to a user even when the user does not have permission to access the items.
118
120
  # property :folder_enumeration_mode, String, equal_to: %(AccessBased Unrestricted)
119
121
 
120
- include Chef::Mixin::PowershellOut
121
-
122
122
  load_current_value do |desired|
123
123
  # this command selects individual objects because EncryptData & CachingMode have underlying
124
124
  # types that get converted to their Integer values by ConvertTo-Json & we need to make sure
@@ -233,6 +233,8 @@ class Chef
233
233
  end
234
234
 
235
235
  action_class do
236
+ private
237
+
236
238
  def different_path?
237
239
  return false if current_resource.nil? # going from nil to something isn't different for our concerns
238
240
  return false if current_resource.path == Chef::Util::PathHelper.cleanpath(new_resource.path)
@@ -21,6 +21,8 @@ require_relative "../resource"
21
21
  class Chef
22
22
  class Resource
23
23
  class WindowsShortcut < Chef::Resource
24
+ unified_mode true
25
+
24
26
  provides(:windows_shortcut) { true }
25
27
 
26
28
  description "Use the **windows_shortcut** resource to create shortcut files on Windows."
@@ -20,6 +20,8 @@ require_relative "../resource"
20
20
  class Chef
21
21
  class Resource
22
22
  class WindowsUac < Chef::Resource
23
+ unified_mode true
24
+
23
25
  provides :windows_uac
24
26
 
25
27
  description 'The *windows_uac* resource configures UAC on Windows hosts by setting registry keys at `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System`'
@@ -21,6 +21,8 @@ require_relative "../resource"
21
21
  class Chef
22
22
  class Resource
23
23
  class WindowsUserPrivilege < Chef::Resource
24
+ unified_mode true
25
+
24
26
  privilege_opts = %w{SeTrustedCredManAccessPrivilege
25
27
  SeNetworkLogonRight
26
28
  SeTcbPrivilege
@@ -112,6 +114,15 @@ class Chef
112
114
  action :remove
113
115
  end
114
116
  ```
117
+
118
+ **Clear all users from the SeDenyNetworkLogonRight Privilege**:
119
+
120
+ ```ruby
121
+ windows_user_privilege 'Allow any user the Network Logon right' do
122
+ privilege 'SeDenyNetworkLogonRight'
123
+ action :clear
124
+ end
125
+ ```
115
126
  DOC
116
127
 
117
128
  property :principal, String,
@@ -132,8 +143,8 @@ class Chef
132
143
  }
133
144
 
134
145
  load_current_value do |new_resource|
135
- unless new_resource.principal.nil?
136
- privilege Chef::ReservedNames::Win32::Security.get_account_right(new_resource.principal) unless new_resource.action.include?(:set)
146
+ if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove))
147
+ privilege Chef::ReservedNames::Win32::Security.get_account_right(new_resource.principal)
137
148
  end
138
149
  end
139
150
 
@@ -180,6 +191,20 @@ class Chef
180
191
  end
181
192
  end
182
193
 
194
+ action :clear do
195
+ new_resource.privilege.each do |privilege|
196
+ accounts = Chef::ReservedNames::Win32::Security.get_account_with_user_rights(privilege)
197
+
198
+ # comparing the existing accounts for privilege with users
199
+ # Removing only accounts which is not matching with users in new_resource
200
+ accounts.each do |account|
201
+ converge_by("removing user '#{account}' from privilege #{privilege}") do
202
+ Chef::ReservedNames::Win32::Security.remove_account_right(account, privilege)
203
+ end
204
+ end
205
+ end
206
+ end
207
+
183
208
  action :remove do
184
209
  curr_res_privilege = current_resource.privilege
185
210
  missing_res_privileges = (new_resource.privilege - curr_res_privilege)
@@ -16,7 +16,6 @@
16
16
  #
17
17
 
18
18
  require_relative "../resource"
19
- require_relative "../mixin/powershell_out"
20
19
  require_relative "../dist"
21
20
 
22
21
  class Chef
@@ -24,8 +23,6 @@ class Chef
24
23
  class WindowsWorkgroup < Chef::Resource
25
24
  provides :windows_workgroup
26
25
 
27
- include Chef::Mixin::PowershellOut
28
-
29
26
  description "Use the **windows_workgroup** resource to join or change the workgroup of a Windows host."
30
27
  introduced "14.5"
31
28
  examples <<~DOC
@@ -57,6 +54,7 @@ class Chef
57
54
 
58
55
  property :password, String,
59
56
  description: "The password for the local administrator user. Required if using the `user` property.",
57
+ sensitive: true,
60
58
  desired_state: false
61
59
 
62
60
  property :reboot, Symbol,
@@ -83,6 +81,7 @@ class Chef
83
81
  end
84
82
 
85
83
  # define this again so we can default it to true. Otherwise failures print the password
84
+ # FIXME: this should now be unnecessary with the password property itself marked sensitive?
86
85
  property :sensitive, [TrueClass, FalseClass],
87
86
  default: true, desired_state: false
88
87
 
@@ -20,8 +20,7 @@ class Chef
20
20
  class StepableIterator
21
21
 
22
22
  def self.for_collection(new_collection)
23
- instance = new(new_collection)
24
- instance
23
+ new(new_collection)
25
24
  end
26
25
 
27
26
  attr_accessor :collection
@@ -59,11 +59,17 @@ module ResourceInspector
59
59
  required: opts[:required] || false,
60
60
  default: opts[:default_description] || get_default(opts[:default]),
61
61
  name_property: opts[:name_property] || false,
62
- equal_to: Array(opts[:equal_to]).sort.map(&:inspect) }
62
+ equal_to: sort_equal_to(opts[:equal_to]) }
63
63
  end
64
64
  data
65
65
  end
66
66
 
67
+ def self.sort_equal_to(equal_to)
68
+ Array(equal_to).sort.map(&:inspect)
69
+ rescue ArgumentError
70
+ Array(equal_to).map(&:inspect)
71
+ end
72
+
67
73
  def self.extract_cookbook(path, complete)
68
74
  path = File.expand_path(path)
69
75
  dir, name = File.split(path)
@@ -153,6 +153,7 @@ require_relative "resource/windows_dns_zone"
153
153
  require_relative "resource/windows_feature"
154
154
  require_relative "resource/windows_feature_dism"
155
155
  require_relative "resource/windows_feature_powershell"
156
+ require_relative "resource/windows_firewall_profile"
156
157
  require_relative "resource/windows_firewall_rule"
157
158
  require_relative "resource/windows_font"
158
159
  require_relative "resource/windows_pagefile"
@@ -133,7 +133,7 @@ class Chef
133
133
  def to_h
134
134
  env_run_lists_without_default = @env_run_lists.dup
135
135
  env_run_lists_without_default.delete("_default")
136
- result = {
136
+ {
137
137
  "name" => @name,
138
138
  "description" => @description,
139
139
  "json_class" => self.class.name,
@@ -149,7 +149,6 @@ class Chef
149
149
  accumulator
150
150
  end,
151
151
  }
152
- result
153
152
  end
154
153
 
155
154
  alias_method :to_hash, :to_h
@@ -257,11 +256,11 @@ class Chef
257
256
 
258
257
  js_path, rb_path = js_files.first, rb_files.first
259
258
 
260
- if js_path && File.exists?(js_path)
259
+ if js_path && File.exist?(js_path)
261
260
  # from_json returns object.class => json_class in the JSON.
262
261
  hsh = Chef::JSONCompat.parse(IO.read(js_path))
263
262
  return from_hash(hsh)
264
- elsif rb_path && File.exists?(rb_path)
263
+ elsif rb_path && File.exist?(rb_path)
265
264
  role = Chef::Role.new
266
265
  role.name(name)
267
266
  role.from_file(rb_path)
@@ -169,17 +169,17 @@ class Chef
169
169
  def compile_recipes
170
170
  @events.recipe_load_start(run_list_expansion.recipes.size)
171
171
  run_list_expansion.recipes.each do |recipe|
172
- begin
173
- path = resolve_recipe(recipe)
174
- @run_context.load_recipe(recipe)
175
- @events.recipe_file_loaded(path, recipe)
176
- rescue Chef::Exceptions::RecipeNotFound => e
177
- @events.recipe_not_found(e)
178
- raise
179
- rescue Exception => e
180
- @events.recipe_file_load_failed(path, e, recipe)
181
- raise
182
- end
172
+
173
+ path = resolve_recipe(recipe)
174
+ @run_context.load_recipe(recipe)
175
+ @events.recipe_file_loaded(path, recipe)
176
+ rescue Chef::Exceptions::RecipeNotFound => e
177
+ @events.recipe_not_found(e)
178
+ raise
179
+ rescue Exception => e
180
+ @events.recipe_file_load_failed(path, e, recipe)
181
+ raise
182
+
183
183
  end
184
184
  @events.recipe_load_complete
185
185
  end
@@ -231,14 +231,14 @@ class Chef
231
231
 
232
232
  def load_libraries_from_cookbook(cookbook_name, globs = "**/*.rb")
233
233
  each_file_in_cookbook_by_segment(cookbook_name, :libraries, globs) do |filename|
234
- begin
235
- logger.trace("Loading cookbook #{cookbook_name}'s library file: #{filename}")
236
- Kernel.require(filename)
237
- @events.library_file_loaded(filename)
238
- rescue Exception => e
239
- @events.library_file_load_failed(filename, e)
240
- raise
241
- end
234
+
235
+ logger.trace("Loading cookbook #{cookbook_name}'s library file: #{filename}")
236
+ Kernel.require(filename)
237
+ @events.library_file_loaded(filename)
238
+ rescue Exception => e
239
+ @events.library_file_load_failed(filename, e)
240
+ raise
241
+
242
242
  end
243
243
  end
244
244
 
@@ -325,7 +325,7 @@ class Chef
325
325
 
326
326
  def count_files_by_segment(segment, root_alias = nil)
327
327
  cookbook_collection.inject(0) do |count, cookbook_by_name|
328
- count + cookbook_by_name[1].segment_filenames(segment).size + (root_alias ? cookbook_by_name[1].files_for(:root_files).select { |record| record[:name] == root_alias }.size : 0)
328
+ count + cookbook_by_name[1].segment_filenames(segment).size + (root_alias ? cookbook_by_name[1].files_for(:root_files).count { |record| record[:name] == root_alias } : 0)
329
329
  end
330
330
  end
331
331
 
@@ -25,17 +25,13 @@ class Chef::RunStatus
25
25
 
26
26
  attr_reader :events
27
27
 
28
- attr_reader :run_context
29
-
30
- attr_writer :run_context
28
+ attr_accessor :run_context
31
29
 
32
30
  attr_reader :start_time
33
31
 
34
32
  attr_reader :end_time
35
33
 
36
- attr_reader :exception
37
-
38
- attr_writer :exception
34
+ attr_accessor :exception
39
35
 
40
36
  attr_accessor :run_id
41
37
 
@@ -51,6 +51,10 @@ class Chef
51
51
  @unversioned
52
52
  end
53
53
 
54
+ def negotiated?
55
+ !@versions.nil? || unversioned?
56
+ end
57
+
54
58
  def reset!
55
59
  @versions = nil
56
60
  @unversioned = false
@@ -339,7 +339,7 @@ module Shell
339
339
  config[:config_file] = config_file_for_shell_mode(environment)
340
340
  config_msg = config[:config_file] || "none (standalone session)"
341
341
  puts "loading configuration: #{config_msg}"
342
- Chef::Config.from_file(config[:config_file]) if !config[:config_file].nil? && File.exists?(config[:config_file]) && File.readable?(config[:config_file])
342
+ Chef::Config.from_file(config[:config_file]) if !config[:config_file].nil? && File.exist?(config[:config_file]) && File.readable?(config[:config_file])
343
343
  Chef::Config.merge!(config)
344
344
  end
345
345
 
@@ -41,6 +41,7 @@ module Shell
41
41
 
42
42
  attr_accessor :node, :compile, :recipe, :json_configuration
43
43
  attr_reader :node_attributes, :client
44
+
44
45
  def initialize
45
46
  @node_built = false
46
47
  formatter = Chef::Formatters.new(Chef::Config.formatter, STDOUT, STDERR)
@@ -75,6 +76,7 @@ module Shell
75
76
  end
76
77
 
77
78
  attr_writer :run_context
79
+
78
80
  def run_context
79
81
  @run_context ||= rebuild_context
80
82
  end
@@ -87,7 +87,7 @@ class Chef
87
87
  end
88
88
 
89
89
  def sorted_backup_files
90
- unsorted_backup_files.sort { |a, b| b <=> a }
90
+ unsorted_backup_files.sort.reverse # faster than sort { |a, b| b <=> a }
91
91
  end
92
92
  end
93
93
  end
@@ -48,7 +48,6 @@ class Chef
48
48
  class Diff
49
49
  # @todo: to_a, to_s, to_json, inspect defs, accessors for @diff and @error
50
50
  # @todo: move coercion to UTF-8 into to_json
51
- # @todo: replace shellout to diff -u with diff-lcs gem
52
51
 
53
52
  def for_output
54
53
  # formatted output to a terminal uses arrays of strings and returns error strings
@@ -64,7 +63,7 @@ class Chef
64
63
 
65
64
  def use_tempfile_if_missing(file)
66
65
  tempfile = nil
67
- unless File.exists?(file)
66
+ unless File.exist?(file)
68
67
  Chef::Log.trace("File #{file} does not exist to diff against, using empty tempfile")
69
68
  tempfile = Tempfile.new("chef-diff")
70
69
  file = tempfile.path
@@ -107,16 +106,16 @@ class Chef
107
106
  # join them. otherwise, print out the old one.
108
107
  old_hunk = hunk = nil
109
108
  diff_data.each do |piece|
110
- begin
111
- hunk = ::Diff::LCS::Hunk.new(old_data, new_data, piece, 3, file_length_difference)
112
- file_length_difference = hunk.file_length_difference
113
- next unless old_hunk
114
- next if hunk.merge(old_hunk)
115
-
116
- diff_str << old_hunk.diff(:unified) << "\n"
117
- ensure
118
- old_hunk = hunk
119
- end
109
+
110
+ hunk = ::Diff::LCS::Hunk.new(old_data, new_data, piece, 3, file_length_difference)
111
+ file_length_difference = hunk.file_length_difference
112
+ next unless old_hunk
113
+ next if hunk.merge(old_hunk)
114
+
115
+ diff_str << old_hunk.diff(:unified) << "\n"
116
+ ensure
117
+ old_hunk = hunk
118
+
120
119
  end
121
120
  diff_str << old_hunk.diff(:unified) << "\n"
122
121
  diff_str