chef 16.2.44 → 16.4.35

data/lib/chef/cookbook/remote_file_vendor.rb

@@ -72,10 +72,8 @@ class Chef
           Chef::Log.trace("Current checksum: #{current_checksum}; manifest checksum: #{found_manifest_record["checksum"]})")
         end
 
-        full_path_cache_filename = Chef::FileCache.load(cache_filename, false)
-
         # return the filename, not the contents (second argument= false)
-        full_path_cache_filename
+        Chef::FileCache.load(cache_filename, false)
       end
 
       def validate_cached_copy(cache_filename)

data/lib/chef/cookbook/syntax_check.rb

@@ -120,8 +120,7 @@ class Chef
         path  = Chef::Util::PathHelper.escape_glob_dir(cookbook_path)
         files = Dir[File.join(path, "**", "*.rb")]
         files = remove_ignored_files(files)
-        files = remove_uninteresting_ruby_files(files)
-        files
+        remove_uninteresting_ruby_files(files)
       end
 
       def untested_ruby_files

data/lib/chef/cookbook_loader.rb

@@ -44,14 +44,11 @@ class Chef
     # @return [Array<String>] the array of repo paths containing cookbook dirs
     attr_reader :repo_paths
 
-    attr_accessor :tmp_working_dir_path
-
     # XXX: this is highly questionable combined with the Hash-style each method
     include Enumerable
 
     # @param repo_paths [Array<String>] the array of repo paths containing cookbook dirs
     def initialize(*repo_paths)
-      @tmp_working_dir_path = nil
       @repo_paths = repo_paths.flatten.compact.map { |p| File.expand_path(p) }
       raise ArgumentError, "You must specify at least one cookbook repo path" if @repo_paths.empty?
     end
@@ -140,27 +137,23 @@ class Chef
 
     # This method creates tmp directory and copies all cookbooks into it and creates cookbook loader object which points to tmp directory
     def self.copy_to_tmp_dir_from_array(cookbooks)
-      tmp_cookbook_file = Tempfile.new("tmp_working_dir_path")
-      tmp_cookbook_file.close
-      @tmp_working_dir_path = tmp_cookbook_file.path
-      File.unlink(@tmp_working_dir_path)
-      FileUtils.mkdir_p(@tmp_working_dir_path)
-      cookbooks.each do |cookbook|
-        checksums_to_on_disk_paths = cookbook.checksums
-        cookbook.each_file do |manifest_record|
-          path_in_cookbook = manifest_record[:path]
-          on_disk_path = checksums_to_on_disk_paths[manifest_record[:checksum]]
-          dest = File.join(@tmp_working_dir_path, cookbook.name.to_s, path_in_cookbook)
-          FileUtils.mkdir_p(File.dirname(dest))
-          FileUtils.cp_r(on_disk_path, dest)
+      Dir.mktmpdir do |tmp_dir|
+        cookbooks.each do |cookbook|
+          checksums_to_on_disk_paths = cookbook.checksums
+          cookbook.each_file do |manifest_record|
+            path_in_cookbook = manifest_record[:path]
+            on_disk_path = checksums_to_on_disk_paths[manifest_record[:checksum]]
+            dest = File.join(tmp_dir, cookbook.name.to_s, path_in_cookbook)
+            FileUtils.mkdir_p(File.dirname(dest))
+            FileUtils.cp_r(on_disk_path, dest)
+          end
         end
+        tmp_cookbook_loader ||= begin
+          Chef::Cookbook::FileVendor.fetch_from_disk(tmp_dir)
+          CookbookLoader.new(tmp_dir)
+        end
+        yield tmp_cookbook_loader
       end
-      tmp_cookbook_loader ||= begin
-        Chef::Cookbook::FileVendor.fetch_from_disk(@tmp_working_dir_path)
-        CookbookLoader.new(@tmp_working_dir_path)
-      end
-      tmp_cookbook_loader.tmp_working_dir_path = @tmp_working_dir_path
-      tmp_cookbook_loader
     end
 
     # generates metadata.json adds it in the manifest
@@ -181,13 +174,6 @@ class Chef
       end
     end
 
-    # removes the tmp_dir_path
-    def unlink!
-      raise "Invalid directory path." if @tmp_working_dir_path.nil?
-
-      FileUtils.rm_rf(@tmp_working_dir_path)
-    end
-
     alias :cookbooks :values
 
     private

data/lib/chef/data_bag.rb

@@ -59,12 +59,11 @@ class Chef
     end
 
     def to_h
-      result = {
+      {
         "name" => @name,
         "json_class" => self.class.name,
         "chef_type" => "data_bag",
       }
-      result
     end
 
     alias_method :to_hash, :to_h

data/lib/chef/data_collector/run_end_message.rb

@@ -133,7 +133,17 @@ class Chef
           end
 
           hash["conditional"] = action_record.conditional.to_text if action_record.status == :skipped
-          hash["error_message"] = action_record.exception.message unless action_record.exception.nil?
+
+          unless action_record.exception.nil?
+            hash["error_message"] = action_record.exception.message
+
+            hash["error"] = {
+              "class" => action_record.exception.class,
+              "message" => action_record.exception.message,
+              "backtrace" => action_record.exception.backtrace,
+              "description" => action_record.error_description,
+            }
+          end
 
           hash
         end

data/lib/chef/deprecated.rb

@@ -241,6 +241,14 @@ class Chef
       target 30
     end
 
+    class ResourceNameWithoutProvides < Base
+      target 31
+    end
+
+    class AttributeBlacklistConfiguration < Base
+      target 32
+    end
+
     class Generic < Base
       def url
         "https://docs.chef.io/chef_deprecations_client/"

data/lib/chef/digester.rb

@@ -19,6 +19,7 @@
 #
 
 require "openssl" unless defined?(OpenSSL)
+require "digest" unless defined?(Digest)
 require "singleton" unless defined?(Singleton)
 
 class Chef
@@ -50,11 +51,11 @@ class Chef
     end
 
     def generate_md5_checksum_for_file(file)
-      checksum_file(file, OpenSSL::Digest.new("MD5"))
+      checksum_file(file, ::Digest::MD5.new)
     end
 
     def generate_md5_checksum(io)
-      checksum_io(io, OpenSSL::Digest.new("MD5"))
+      checksum_io(io, ::Digest::MD5.new)
     end
 
     private

data/lib/chef/dsl/platform_introspection.rb

@@ -17,6 +17,7 @@
 #
 
 require "chef-utils" unless defined?(ChefUtils::CANARY)
+require_relative "../mixin/chef_utils_wiring" unless defined?(Chef::Mixin::ChefUtilsWiring)
 
 class Chef
   module DSL
@@ -25,6 +26,7 @@ class Chef
     # #value_for_platform.
     module PlatformIntrospection
       include ChefUtils
+      include Chef::Mixin::ChefUtilsWiring
 
       # Implementation class for determining platform dependent values
       class PlatformDependentValue
@@ -77,14 +79,14 @@ class Chef
           key_matches = []
           keys = @values[platform].keys
           keys.each do |k|
-            begin
-              if Chef::VersionConstraint::Platform.new(k).include?(node_version)
-                key_matches << k
-              end
-            rescue Chef::Exceptions::InvalidVersionConstraint => e
-              Chef::Log.trace "Caught InvalidVersionConstraint. This means that a key in value_for_platform cannot be interpreted as a Chef::VersionConstraint::Platform."
-              Chef::Log.trace(e)
+
+            if Chef::VersionConstraint::Platform.new(k).include?(node_version)
+              key_matches << k
             end
+          rescue Chef::Exceptions::InvalidVersionConstraint => e
+            Chef::Log.trace "Caught InvalidVersionConstraint. This means that a key in value_for_platform cannot be interpreted as a Chef::VersionConstraint::Platform."
+            Chef::Log.trace(e)
+
           end
           return @values[platform][version] if key_matches.include?(version)
 

data/lib/chef/encrypted_data_bag_item/decryptor.rb

@@ -16,7 +16,7 @@
 # limitations under the License.
 #
 
-require "yaml"
+require "yaml" unless defined?(YAML)
 require_relative "../json_compat"
 require "openssl" unless defined?(OpenSSL)
 require "base64"

data/lib/chef/environment.rb

@@ -119,7 +119,7 @@ class Chef
     end
 
     def to_h
-      result = {
+      {
         "name" => @name,
         "description" => @description,
         "cookbook_versions" => @cookbook_versions,
@@ -128,7 +128,6 @@ class Chef
         "default_attributes" => @default_attributes,
         "override_attributes" => @override_attributes,
       }
-      result
     end
 
     alias_method :to_hash, :to_h
@@ -255,11 +254,11 @@ class Chef
       js_file = File.join(Chef::Config[:environment_path], "#{name}.json")
       rb_file = File.join(Chef::Config[:environment_path], "#{name}.rb")
 
-      if File.exists?(js_file)
+      if File.exist?(js_file)
         # from_json returns object.class => json_class in the JSON.
         hash = Chef::JSONCompat.parse(IO.read(js_file))
         from_hash(hash)
-      elsif File.exists?(rb_file)
+      elsif File.exist?(rb_file)
         environment = Chef::Environment.new
         environment.name(name)
         environment.from_file(rb_file)

data/lib/chef/exceptions.rb

@@ -198,6 +198,7 @@ class Chef
     class MetadataNotFound < StandardError
       attr_reader :install_path
       attr_reader :cookbook_name
+
       def initialize(install_path, cookbook_name)
         @install_path = install_path
         @cookbook_name = cookbook_name
@@ -422,7 +423,7 @@ class Chef
 
     class ChecksumMismatch < RuntimeError
       def initialize(res_cksum, cont_cksum)
-        super "Checksum on resource (#{res_cksum}) does not match checksum on content (#{cont_cksum})"
+        super "Checksum on resource (#{res_cksum}...) does not match checksum on content (#{cont_cksum}...)"
       end
     end
 
@@ -448,6 +449,7 @@ class Chef
     # to correctly populate the backtrace with the wrapped backtraces.
     class RunFailedWrappingError < RuntimeError
       attr_reader :wrapped_errors
+
       def initialize(*errors)
         errors = errors.select { |e| !e.nil? }
         output = "Found #{errors.size} errors, they are stored in the backtrace"
@@ -488,6 +490,7 @@ class Chef
 
     class MultipleDscResourcesFound < RuntimeError
       attr_reader :resources_found
+
       def initialize(resources_found)
         @resources_found = resources_found
         matches_info = @resources_found.each do |r|

data/lib/chef/file_access_control/windows.rb

@@ -96,7 +96,7 @@ class Chef
             self_ace.mask = securable_object.predict_rights_mask(target_ace.mask)
             new_target_acl << self_ace
           end
-          # As there is no inheritence needed in case of WRITE permissions.
+          # As there is no inheritance needed in case of WRITE permissions.
           if target_ace.mask != Chef::ReservedNames::Win32::API::Security::WRITE && target_ace.flags & (CONTAINER_INHERIT_ACE | OBJECT_INHERIT_ACE) != 0
             children_ace = target_ace.dup
             children_ace.flags |= INHERIT_ONLY_ACE
@@ -242,7 +242,7 @@ class Chef
         flags = 0
 
         #
-        # Configure child inheritence only if the resource is some
+        # Configure child inheritance only if the resource is some
         # type of a directory.
         #
         if resource.is_a? Chef::Resource::Directory

data/lib/chef/file_content_management/deploy/mv_unix.rb

@@ -51,7 +51,7 @@ class Chef
           # in the case where i'm running chef-solo on my homedir as myself and some root-shell
           # work has caused dotfiles of mine to change to root-owned, i'm fine with this not being
           # exceptional, and i think most use cases will consider this to not be exceptional, and
-          # the right thing is to fix the ownership of the file to the user running the commmand
+          # the right thing is to fix the ownership of the file to the user running the command
           # (which requires write perms to the directory, or mv will throw an exception)
           begin
             ::File.chown(uid, nil, src)

data/lib/chef/file_content_management/tempfile.rb

@@ -39,15 +39,15 @@ class Chef
         errors = [ ]
 
         tempfile_dirnames.each do |tempfile_dirname|
-          begin
-            # preserving the file extension of the target filename should be considered a public API
-            tf = ::Tempfile.open([tempfile_basename, tempfile_extension], tempfile_dirname)
-            break
-          rescue SystemCallError => e
-            message = "Creating temp file under '#{tempfile_dirname}' failed with: '#{e.message}'"
-            Chef::Log.trace(message)
-            errors << message
-          end
+
+          # preserving the file extension of the target filename should be considered a public API
+          tf = ::Tempfile.open([tempfile_basename, tempfile_extension], tempfile_dirname)
+          break
+        rescue SystemCallError => e
+          message = "Creating temp file under '#{tempfile_dirname}' failed with: '#{e.message}'"
+          Chef::Log.trace(message)
+          errors << message
+
         end
 
         raise Chef::Exceptions::FileContentStagingError, errors if tf.nil?

data/lib/chef/handler.rb

@@ -240,6 +240,8 @@ class Chef
     # This ensures that all handlers get a chance to run even if one fails.
     # This method should not be overridden by subclasses unless you know what
     # you're doing.
+    #
+    # @api private
     def run_report_safely(run_status)
       run_report_unsafe(run_status)
     rescue Exception => e

data/lib/chef/http.rb

@@ -22,7 +22,8 @@
 #
 
 require "tempfile" unless defined?(Tempfile)
-require "net/https"
+require "openssl" unless defined?(OpenSSL)
+require "net/http" unless defined?(Net::HTTP)
 require "uri" unless defined?(URI)
 require_relative "http/basic_client"
 require_relative "monkey_patches/net_http"
@@ -52,13 +53,12 @@ class Chef
 
       def handle_chunk(next_chunk)
         # stream handlers handle responses so must be applied in reverse order
-        # (same as #apply_stream_complete_middleware or #apply_response_midddleware)
+        # (same as #apply_stream_complete_middleware or #apply_response_middleware)
         @stream_handlers.reverse.inject(next_chunk) do |chunk, handler|
           Chef::Log.trace("Chef::HTTP::StreamHandler calling #{handler.class}#handle_chunk")
           handler.handle_chunk(chunk)
         end
       end
-
     end
 
     def self.middlewares
@@ -155,7 +155,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -194,7 +194,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -250,7 +250,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -429,7 +429,7 @@ class Chef
           response, request, return_value = yield
           # handle HTTP 50X Error
           if response.is_a?(Net::HTTPServerError) && !Chef::Config.local_mode
-            if http_retry_count - http_attempts + 1 > 0
+            if http_retry_count - http_attempts >= 0
               sleep_time = 1 + (2**http_attempts) + rand(2**http_attempts)
               Chef::Log.error("Server returned error #{response.code} for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
               sleep(sleep_time)
@@ -439,7 +439,7 @@ class Chef
           return [response, request, return_value]
         end
       rescue SocketError, Errno::ETIMEDOUT, Errno::ECONNRESET => e
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
@@ -447,21 +447,21 @@ class Chef
         e.message.replace "Error connecting to #{url} - #{e.message}"
         raise e
       rescue Errno::ECONNREFUSED
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Connection refused connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
         end
         raise Errno::ECONNREFUSED, "Connection refused connecting to #{url}, giving up"
       rescue Timeout::Error
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Timeout connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
         end
         raise Timeout::Error, "Timeout connecting to #{url}, giving up"
       rescue OpenSSL::SSL::SSLError => e
-        if (http_retry_count - http_attempts + 1 > 0) && !e.message.include?("certificate verify failed")
+        if (http_retry_count - http_attempts >= 0) && !e.message.include?("certificate verify failed")
           Chef::Log.error("SSL Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
@@ -471,7 +471,7 @@ class Chef
     end
 
     def version_retries
-      @version_retries ||= options[:version_class].possible_requests
+      @version_retries ||= options[:version_class]&.possible_requests || 1
     end
 
     # @api private

data/lib/chef/http/authenticator.rb

@@ -24,7 +24,7 @@ class Chef
   class HTTP
     class Authenticator
 
-      DEFAULT_SERVER_API_VERSION = "1".freeze
+      DEFAULT_SERVER_API_VERSION = "2".freeze
 
       attr_reader :signing_key_filename
       attr_reader :raw_key
@@ -68,6 +68,8 @@ class Chef
           version_class.best_request_version
         elsif api_version
           api_version
+        elsif Chef::ServerAPIVersions.instance.negotiated?
+          Chef::ServerAPIVersions.instance.max_server_version.to_s
         else
           DEFAULT_SERVER_API_VERSION
         end