chef 16.2.44 → 16.4.35

data/spec/unit/util/powershell/ps_credential_spec.rb

@@ -20,8 +20,8 @@ require "chef"
 require "chef/util/powershell/ps_credential"
 
 describe Chef::Util::Powershell::PSCredential do
-  let (:username) { "foo" }
-  let (:password) { "ThIsIsThEpAsSwOrD" }
+  let(:username) { "foo" }
+  let(:password) { "ThIsIsThEpAsSwOrD" }
 
   context "when username and password are provided" do
     let(:ps_credential) { Chef::Util::Powershell::PSCredential.new(username, password) }

data/spec/unit/util/selinux_spec.rb

@@ -30,6 +30,7 @@ describe Chef::Util::Selinux do
   end
 
   before do
+    allow(ChefUtils).to receive(:windows?).and_return(false)
     TestClass.reset_state
     @test_instance = TestClass.new
   end
@@ -113,7 +114,7 @@ describe Chef::Util::Selinux do
   end
 
   describe "when restorecon binary exists on the system" do
-    let (:path) { "/path/to/awesome directory" }
+    let(:path) { "/path/to/awesome directory" }
 
     before do
       @restorecon_enabled_path = File.join("/sbin", "restorecon")

data/spec/unit/win32/security_spec.rb

@@ -81,9 +81,10 @@ describe "Chef::Win32::Security", :windows_only do
 
     context "when the user has admin privileges" do
       it "returns true" do
-        allow(Chef::ReservedNames::Win32::Security).to receive(:open_current_process_token)
-        token = Chef::ReservedNames::Win32::Security.open_current_process_token
+        token = double(:process_token)
         allow(token).to receive_message_chain(:handle, :handle)
+
+        allow(Chef::ReservedNames::Win32::Security).to receive(:open_current_process_token).and_return(token)
         allow(Chef::ReservedNames::Win32::Security).to receive(:get_token_information_elevation_type)
         allow(Chef::ReservedNames::Win32::Security).to receive(:GetTokenInformation).and_return(true)
         allow_any_instance_of(FFI::Buffer).to receive(:read_ulong).and_return(1)
@@ -128,7 +129,7 @@ describe "Chef::Win32::Security", :windows_only do
     context "when FFI::LastError.error result is not ERROR_INSUFFICIENT_BUFFER and not NO_ERROR" do
       it "raises Chef::ReservedNames::Win32::Error.raise! exception" do
         expect(FFI::LastError).to receive(:error).and_return(123).at_least(:once)
-        expect { security_class.lookup_account_name "system" }.to raise_error
+        expect { security_class.lookup_account_name "system" }.to raise_error(Chef::Exceptions::Win32APIError)
       end
     end
   end

data/tasks/rspec.rb

@@ -30,7 +30,7 @@ begin
     %w{chef-utils chef-config}.each do |gem|
       Dir.chdir(gem) do
         Bundler.with_unbundled_env do
-          sh("bundle install")
+          sh("bundle install --jobs=3 --retry=3")
           sh("bundle exec rake spec")
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chef
 version: !ruby/object:Gem::Version
-  version: 16.2.44
+  version: 16.4.35
 platform: ruby
 authors:
 - Adam Jacob
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-17 00:00:00.000000000 Z
+date: 2020-08-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-config
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.2.44
+        version: 16.4.35
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.2.44
+        version: 16.4.35
 - !ruby/object:Gem::Dependency
   name: chef-utils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.2.44
+        version: 16.4.35
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 16.2.44
+        version: 16.4.35
 - !ruby/object:Gem::Dependency
   name: train-core
   requirement: !ruby/object:Gem::Requirement
@@ -158,7 +158,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.3
+        version: 3.1.1
     - - "<"
       - !ruby/object:Gem::Version
         version: '4.0'
@@ -168,7 +168,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.3
+        version: 3.1.1
     - - "<"
       - !ruby/object:Gem::Version
         version: '4.0'
@@ -342,6 +342,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
+- !ruby/object:Gem::Dependency
+  name: tty-prompt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.21'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.21'
 - !ruby/object:Gem::Dependency
   name: tty-screen
   requirement: !ruby/object:Gem::Requirement
@@ -388,36 +402,42 @@ dependencies:
   name: diff-lcs
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.2'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.2.4
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.2'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.2.4
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: ffi-libarchive
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.3
 - !ruby/object:Gem::Dependency
   name: chef-zero
   requirement: !ruby/object:Gem::Requirement
@@ -576,7 +596,8 @@ files:
 - lib/chef/application/windows_service.rb
 - lib/chef/application/windows_service_manager.rb
 - lib/chef/applications.rb
-- lib/chef/blacklist.rb
+- lib/chef/attribute_allowlist.rb
+- lib/chef/attribute_blocklist.rb
 - lib/chef/chef_class.rb
 - lib/chef/chef_fs.rb
 - lib/chef/chef_fs/chef_fs_data_store.rb
@@ -968,9 +989,11 @@ files:
 - lib/chef/mash.rb
 - lib/chef/mixin/api_version_request_handling.rb
 - lib/chef/mixin/checksum.rb
+- lib/chef/mixin/chef_utils_wiring.rb
 - lib/chef/mixin/convert_to_class_name.rb
 - lib/chef/mixin/create_path.rb
 - lib/chef/mixin/deep_merge.rb
+- lib/chef/mixin/default_paths.rb
 - lib/chef/mixin/deprecation.rb
 - lib/chef/mixin/descendants_tracker.rb
 - lib/chef/mixin/enforce_ownership_and_permissions.rb
@@ -1077,7 +1100,6 @@ files:
 - lib/chef/provider/mount/solaris.rb
 - lib/chef/provider/mount/windows.rb
 - lib/chef/provider/noop.rb
-- lib/chef/provider/osx_profile.rb
 - lib/chef/provider/package.rb
 - lib/chef/provider/package/apt.rb
 - lib/chef/provider/package/bff.rb
@@ -1336,6 +1358,7 @@ files:
 - lib/chef/resource/windows_feature.rb
 - lib/chef/resource/windows_feature_dism.rb
 - lib/chef/resource/windows_feature_powershell.rb
+- lib/chef/resource/windows_firewall_profile.rb
 - lib/chef/resource/windows_firewall_rule.rb
 - lib/chef/resource/windows_font.rb
 - lib/chef/resource/windows_package.rb
@@ -1417,7 +1440,6 @@ files:
 - lib/chef/version_constraint.rb
 - lib/chef/version_constraint/platform.rb
 - lib/chef/version_string.rb
-- lib/chef/whitelist.rb
 - lib/chef/win32/api.rb
 - lib/chef/win32/api/command_line_helper.rb
 - lib/chef/win32/api/crypto.rb
@@ -1896,7 +1918,6 @@ files:
 - spec/functional/resource/aix_service_spec.rb
 - spec/functional/resource/aixinit_service_spec.rb
 - spec/functional/resource/apt_package_spec.rb
-- spec/functional/resource/base.rb
 - spec/functional/resource/bash_spec.rb
 - spec/functional/resource/batch_spec.rb
 - spec/functional/resource/bff_spec.rb
@@ -1933,6 +1954,7 @@ files:
 - spec/functional/resource/user/windows_spec.rb
 - spec/functional/resource/windows_certificate_spec.rb
 - spec/functional/resource/windows_env_spec.rb
+- spec/functional/resource/windows_font_spec.rb
 - spec/functional/resource/windows_package_spec.rb
 - spec/functional/resource/windows_path_spec.rb
 - spec/functional/resource/windows_security_policy_spec.rb
@@ -2119,7 +2141,7 @@ files:
 - spec/unit/chef_fs/file_system/repository/base_file_spec.rb
 - spec/unit/chef_fs/file_system/repository/directory_spec.rb
 - spec/unit/chef_fs/file_system_spec.rb
-- spec/unit/chef_fs/parallelizer.rb
+- spec/unit/chef_fs/parallelizer_spec.rb
 - spec/unit/chef_fs/path_util_spec.rb
 - spec/unit/chef_spec.rb
 - spec/unit/client_spec.rb
@@ -2296,19 +2318,18 @@ files:
 - spec/unit/knife_spec.rb
 - spec/unit/log/syslog_spec.rb
 - spec/unit/log/winevt_spec.rb
-- spec/unit/log_spec.rb
 - spec/unit/lwrp_spec.rb
 - spec/unit/mixin/api_version_request_handling_spec.rb
 - spec/unit/mixin/checksum_spec.rb
 - spec/unit/mixin/convert_to_class_name_spec.rb
 - spec/unit/mixin/deep_merge_spec.rb
+- spec/unit/mixin/default_paths_spec.rb
 - spec/unit/mixin/deprecation_spec.rb
 - spec/unit/mixin/enforce_ownership_and_permissions_spec.rb
 - spec/unit/mixin/homebrew_user_spec.rb
 - spec/unit/mixin/lazy_module_include.rb
 - spec/unit/mixin/openssl_helper_spec.rb
 - spec/unit/mixin/params_validate_spec.rb
-- spec/unit/mixin/path_sanity_spec.rb
 - spec/unit/mixin/powershell_exec_spec.rb
 - spec/unit/mixin/powershell_out_spec.rb
 - spec/unit/mixin/powershell_type_coercions_spec.rb
@@ -2380,7 +2401,6 @@ files:
 - spec/unit/provider/mount/solaris_spec.rb
 - spec/unit/provider/mount/windows_spec.rb
 - spec/unit/provider/mount_spec.rb
-- spec/unit/provider/osx_profile_spec.rb
 - spec/unit/provider/package/apt_spec.rb
 - spec/unit/provider/package/bff_spec.rb
 - spec/unit/provider/package/cab_spec.rb
@@ -2600,6 +2620,7 @@ files:
 - spec/unit/resource/windows_feature_dism_spec.rb
 - spec/unit/resource/windows_feature_powershell_spec.rb
 - spec/unit/resource/windows_feature_spec.rb
+- spec/unit/resource/windows_firewall_profile_spec.rb
 - spec/unit/resource/windows_firewall_rule_spec.rb
 - spec/unit/resource/windows_font_spec.rb
 - spec/unit/resource/windows_package_spec.rb

data/lib/chef/provider/osx_profile.rb

@@ -1,255 +0,0 @@
-#
-# Author:: Nate Walck (<nate.walck@gmail.com>)
-# Copyright:: Copyright 2015-2016, Facebook, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-require_relative "../log"
-require_relative "../provider"
-require_relative "../resource"
-require_relative "../resource/file"
-require "uuidtools"
-require "plist"
-
-class Chef
-  class Provider
-    class OsxProfile < Chef::Provider
-      provides :osx_profile
-      provides :osx_config_profile
-
-      def load_current_resource
-        @current_resource = Chef::Resource::OsxProfile.new(new_resource.name)
-        current_resource.profile_name(new_resource.profile_name)
-
-        all_profiles = get_installed_profiles
-        # FIXME: stop mutating the desired state
-        new_resource.profile(
-          new_resource.profile ||
-          new_resource.profile_name
-        )
-
-        @new_profile_hash = get_profile_hash(new_resource.profile)
-        if @new_profile_hash
-          @new_profile_hash["PayloadUUID"] =
-            config_uuid(@new_profile_hash)
-        end
-
-        if @new_profile_hash
-          @new_profile_identifier = @new_profile_hash["PayloadIdentifier"]
-        else
-          @new_profile_identifier = new_resource.identifier ||
-            new_resource.profile_name
-        end
-
-        current_profile = nil
-        if all_profiles && all_profiles.key?("_computerlevel")
-          current_profile = all_profiles["_computerlevel"].find do |item|
-            item["ProfileIdentifier"] == @new_profile_identifier
-          end
-        end
-        current_resource.profile(current_profile)
-      end
-
-      def define_resource_requirements
-        requirements.assert(:remove) do |a|
-          if @new_profile_identifier
-            a.assertion do
-              !@new_profile_identifier.nil? &&
-                !@new_profile_identifier.end_with?(".mobileconfig") &&
-                /^\w+(?:(\.| )\w+)+$/.match(@new_profile_identifier)
-            end
-            a.failure_message RuntimeError, "when removing using the identifier property, it must match the profile identifier"
-          else
-            new_profile_name = new_resource.profile_name
-            a.assertion do
-              !new_profile_name.end_with?(".mobileconfig") &&
-                /^\w+(?:(\.| )\w+)+$/.match(new_profile_name)
-            end
-            a.failure_message RuntimeError, "When removing by resource name, it must match the profile identifier "
-          end
-        end
-
-        requirements.assert(:install) do |a|
-          if @new_profile_hash.is_a?(Hash)
-            a.assertion do
-              @new_profile_hash.include?("PayloadIdentifier")
-            end
-            a.failure_message RuntimeError, "The specified profile does not seem to be valid"
-          end
-          if @new_profile_hash.is_a?(String)
-            a.assertion do
-              @new_profile_hash.end_with?(".mobileconfig")
-            end
-            a.failure_message RuntimeError, "#{new_profile_hash}' is not a valid profile"
-          end
-        end
-      end
-
-      action :install do
-        unless profile_installed?
-          converge_by("install profile #{@new_profile_identifier}") do
-            profile_path = write_profile_to_disk
-            install_profile(profile_path)
-            get_installed_profiles(true)
-          end
-        end
-      end
-
-      action :remove do
-        # Clean up profile after removing it
-        if profile_installed?
-          converge_by("remove profile #{@new_profile_identifier}") do
-            remove_profile
-            get_installed_profiles(true)
-          end
-        end
-      end
-
-      def load_profile_hash(new_profile)
-        # file must exist in cookbook
-        if new_profile.end_with?(".mobileconfig")
-          unless cookbook_file_available?(new_profile)
-            error_string = "#{self}: '#{new_profile}' not found in cookbook"
-            raise Chef::Exceptions::FileNotFound, error_string
-          end
-          cookbook_profile = cache_cookbook_profile(new_profile)
-          read_plist(cookbook_profile)
-        else
-          nil
-        end
-      end
-
-      def cookbook_file_available?(cookbook_file)
-        run_context.has_cookbook_file_in_cookbook?(
-          new_resource.cookbook_name, cookbook_file
-        )
-      end
-
-      def get_cache_dir
-        cache_dir = Chef::FileCache.create_cache_path(
-          "profiles/#{new_resource.cookbook_name}"
-        )
-      end
-
-      def cache_cookbook_profile(cookbook_file)
-        Chef::FileCache.create_cache_path(
-          ::File.join(
-            "profiles",
-            new_resource.cookbook_name,
-            ::File.dirname(cookbook_file)
-          )
-        )
-        # FIXME: should use a real cookbook file, or document what this craziness is
-        remote_file = Chef::Resource::CookbookFile.new(
-          ::File.join(
-            get_cache_dir,
-            "#{cookbook_file}.remote"
-          ),
-          run_context
-        )
-        remote_file.cookbook_name = new_resource.cookbook_name
-        remote_file.source(cookbook_file)
-        remote_file.backup(false)
-        remote_file.run_action(:create)
-        remote_file.path
-      end
-
-      def get_profile_hash(new_profile)
-        if new_profile.is_a?(Hash)
-          new_profile
-        elsif new_profile.is_a?(String)
-          load_profile_hash(new_profile)
-        end
-      end
-
-      def config_uuid(profile)
-        # Make a UUID of the profile contents and return as string
-        UUIDTools::UUID.sha1_create(
-          UUIDTools::UUID_DNS_NAMESPACE,
-          profile.to_s
-        ).to_s
-      end
-
-      def write_profile_to_disk
-        # FIXME: use a real chef file resource and stop hacking up tempfiles directly
-        new_resource.path(Chef::FileCache.create_cache_path("profiles"))
-        tempfile = Chef::FileContentManagement::Tempfile.new(new_resource).tempfile
-        tempfile.write(@new_profile_hash.to_plist)
-        tempfile.close
-        tempfile.path
-      end
-
-      def install_profile(profile_path)
-        cmd = [ "/usr/bin/profiles", "-I", "-F", profile_path ]
-        logger.trace("cmd: #{cmd.join(" ")}")
-        shellout_results = shell_out(*cmd)
-        shellout_results.exitstatus
-      end
-
-      def remove_profile
-        cmd = [ "/usr/bin/profiles", "-R", "-p", @new_profile_identifier ]
-        logger.trace("cmd: #{cmd.join(" ")}")
-        shellout_results = shell_out(*cmd)
-        shellout_results.exitstatus
-      end
-
-      def get_installed_profiles(update = nil)
-        if update
-          node.run_state[:config_profiles] = query_installed_profiles
-        else
-          node.run_state[:config_profiles] ||= query_installed_profiles
-        end
-      end
-
-      def query_installed_profiles
-        # Dump all profile metadata to a tempfile
-        tempfile = generate_tempfile
-        write_installed_profiles(tempfile)
-        installed_profiles = read_plist(tempfile)
-        logger.trace("Saved profiles to run_state")
-        # Clean up the temp file as we do not need it anymore
-        ::File.unlink(tempfile)
-        installed_profiles
-      end
-
-      def generate_tempfile
-        tempfile = ::Dir::Tmpname.create("allprofiles.plist") {}
-      end
-
-      def write_installed_profiles(tempfile)
-        shell_out!( "/usr/bin/profiles", "-P", "-o", tempfile )
-      end
-
-      def read_plist(xml_file)
-        ::Plist.parse_xml(xml_file)
-      end
-
-      def profile_installed?
-        # Profile Identifier and UUID must match a currently installed profile
-        if current_resource.profile.nil? || current_resource.profile.empty?
-          false
-        else
-          if new_resource.action.include?(:remove)
-            true
-          else
-            current_resource.profile["ProfileUUID"] ==
-              @new_profile_hash["PayloadUUID"]
-          end
-        end
-      end
-
-    end
-  end
-end