chef 16.2.73-universal-mingw32 → 16.3.38-universal-mingw32

data/lib/chef/provider/git.rb

@@ -154,6 +154,11 @@ class Chef
         sha_hash?(result) ? result : nil
       end
 
+      def already_on_target_branch?
+        current_branch = git("rev-parse", "--abbrev-ref", "HEAD", cwd: cwd, returns: [0, 128]).stdout.strip
+        current_branch == (new_resource.checkout_branch || new_resource.revision)
+      end
+
       def add_remotes
         if new_resource.additional_remotes.length > 0
           new_resource.additional_remotes.each_pair do |remote_name, remote_url|
@@ -193,6 +198,9 @@ class Chef
             # detached head
             git("checkout", target_revision, cwd: cwd)
             logger.info "#{new_resource} checked out reference: #{target_revision}"
+          elsif already_on_target_branch?
+            # we are already on the proper branch
+            git("reset", "--hard", target_revision, cwd: cwd)
           else
             # need a branch with a tracking branch
             git("branch", "-f", new_resource.revision, target_revision, cwd: cwd)
@@ -222,13 +230,13 @@ class Chef
           logger.trace "Fetching updates from #{new_resource.remote} and resetting to revision #{target_revision}"
           git("fetch", "--prune", new_resource.remote, cwd: cwd)
           git("fetch", new_resource.remote, "--tags", cwd: cwd)
-          if new_resource.checkout_branch
+          if sha_hash?(new_resource.revision) || is_tag? || already_on_target_branch?
+            # detached head or if we are already on the proper branch
+            git("reset", "--hard", target_revision, cwd: cwd)
+          elsif new_resource.checkout_branch
             # check out to a local branch
             git("branch", "-f", new_resource.checkout_branch, target_revision, cwd: cwd)
             git("checkout", new_resource.checkout_branch, cwd: cwd)
-          elsif sha_hash?(new_resource.revision) || is_tag?
-            # detached head
-            git("reset", "--hard", target_revision, cwd: cwd)
           else
             # need a branch with a tracking branch
             git("branch", "-f", new_resource.revision, target_revision, cwd: cwd)

data/lib/chef/provider/mount/solaris.rb

@@ -1,4 +1,3 @@
-# Encoding: utf-8
 # Author:: Hugo Fichter
 # Author:: Lamont Granquist (<lamont@chef.io>)
 # Author:: Joshua Timberman (<joshua@chef.io>)

data/lib/chef/provider/package/snap.rb

@@ -137,7 +137,7 @@ class Chef
 
           # while it is expected to allow clients to connect using https over
           # a tcp socket, at this point only a unix socket is supported. the
-          # socket is /run/snapd.socket note - unix socket is not defined on
+          # socket is /run/snapd.socket note - UNIXSocket is not defined on
           # windows systems
           if defined?(::UNIXSocket)
             UNIXSocket.open("/run/snapd.socket") do |socket|
@@ -304,7 +304,7 @@ class Chef
             SNAP_OPTION
           end
 
-          multipart_form_data = <<~SNAP_S
+          <<~SNAP_S
             Host:
             Content-Type: multipart/form-data; boundary=#{snap_name}
             Content-Length: #{content_length}
@@ -320,7 +320,6 @@ class Chef
             <#{content_length} bytes of snap file data>
             --#{snap_name}
           SNAP_S
-          multipart_form_data
         end
 
         # Constructs json to post for snap changes

data/lib/chef/provider/package/windows.rb

@@ -242,22 +242,27 @@ class Chef
         end
 
         def download_source_file
+          source_resource.run_action(:create)
+          logger.trace("#{new_resource} fetched source file to #{default_download_cache_path}")
+        end
+
+        def source_resource
           # It seems correct that this is a build_resource rather than declare_resource/DSL use since updating should not trigger a notification
           # unless the downloaded file is actually installed.  The case where the remote_file downloads the package but the package is already
           # installed on the target should not trigger a notification since the running state did not change.
-          build_resource(:remote_file, default_download_cache_path) do
+          @source_resource ||= build_resource(:remote_file, default_download_cache_path) do
             source(new_resource.source)
             cookbook_name = new_resource.cookbook_name
             checksum(new_resource.checksum)
             backup(false)
 
+            # since the source_resource can mutate here, we save off the @source_resource so we can inspect the actual state later
             if new_resource.remote_file_attributes
               new_resource.remote_file_attributes.each do |(k, v)|
                 send(k.to_sym, v)
               end
             end
-          end.run_action(:create)
-          logger.trace("#{new_resource} fetched source file to #{default_download_cache_path}")
+          end
         end
 
         def default_download_cache_path
@@ -271,7 +276,7 @@ class Chef
           if new_resource.source.nil?
             nil
           elsif uri_scheme?(new_resource.source)
-            default_download_cache_path
+            source_resource.path
           else
             new_source = Chef::Util::PathHelper.cleanpath(new_resource.source)
             ::File.exist?(new_source) ? new_source : nil

data/lib/chef/provider/package/zypper.rb

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 #
 # Authors:: Adam Jacob (<adam@chef.io>)
 #           Ionuț Arțăriși (<iartarisi@suse.cz>)

data/lib/chef/provider/service.rb

@@ -23,8 +23,8 @@ require "chef-utils" unless defined?(ChefUtils::CANARY)
 class Chef
   class Provider
     class Service < Chef::Provider
-      include ChefUtils::DSL::Service
-      extend ChefUtils::DSL::Service
+      include Chef::Platform::ServiceHelpers
+      extend Chef::Platform::ServiceHelpers
 
       def supports
         @supports ||= new_resource.supports.dup

data/lib/chef/provider/yum_repository.rb

@@ -37,7 +37,7 @@ class Chef
           if template_available?(new_resource.source)
             source new_resource.source
           else
-            source ::File.expand_path("../support/yum_repo.erb", __FILE__)
+            source ::File.expand_path("support/yum_repo.erb", __dir__)
             local true
           end
           sensitive new_resource.sensitive

data/lib/chef/provider/zypper_repository.rb

@@ -41,7 +41,7 @@ class Chef
           if template_available?(new_resource.source)
             source new_resource.source
           else
-            source ::File.expand_path("../support/zypper_repo.erb", __FILE__)
+            source ::File.expand_path("support/zypper_repo.erb", __dir__)
             local true
           end
           sensitive new_resource.sensitive

data/lib/chef/resource.rb

@@ -638,6 +638,7 @@ class Chef
     # Do NOT use this. It may be removed. It is for internal purposes only.
     # @api private
     attr_reader :resource_initializing
+
     def resource_initializing=(value)
       if value
         @resource_initializing = true
@@ -888,6 +889,7 @@ class Chef
     #   have.
     #
     attr_writer :allowed_actions
+
     def allowed_actions(value = NOT_PASSED)
       if value != NOT_PASSED
         self.allowed_actions = value

data/lib/chef/resource/build_essential.rb

@@ -146,8 +146,8 @@ class Chef
         def install_xcode_cli_tools(label)
           # This script was graciously borrowed and modified from Tim Sutton's
           # osx-vm-templates at https://github.com/timsutton/osx-vm-templates/blob/b001475df54a9808d3d56d06e71b8fa3001fff42/scripts/xcode-cli-tools.sh
-          execute "install Xcode Command Line tools" do
-            command <<-EOH
+          bash "install Xcode Command Line Tools" do
+            code <<-EOH
               # create the placeholder file that's checked by CLI updates' .dist code
               # in Apple's SUS catalog
               touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress

data/lib/chef/resource/chef_client_scheduled_task.rb

@@ -172,7 +172,7 @@ class Chef
           # Fetch path of cmd.exe through environment variable comspec
           cmd_path = ENV["COMSPEC"]
 
-          "#{cmd_path} /c \'#{client_cmd}\'"
+          "#{cmd_path} /c \"#{client_cmd}\""
         end
 
         # Build command line to pass to cmd.exe

data/lib/chef/resource/chocolatey_feature.rb

@@ -89,8 +89,7 @@ class Chef
         # @param [String] action the name of the action to perform
         # @return [String] the choco feature command string
         def choco_cmd(action)
-          cmd = "#{ENV["ALLUSERSPROFILE"]}\\chocolatey\\bin\\choco feature #{action} --name #{new_resource.feature_name}"
-          cmd
+          "#{ENV["ALLUSERSPROFILE"]}\\chocolatey\\bin\\choco feature #{action} --name #{new_resource.feature_name}"
         end
       end
     end

data/lib/chef/resource/cron/cron_d.rb

@@ -158,7 +158,7 @@ class Chef
 
           # @todo this is Chef 12 era cleanup. Someday we should remove it all
           template "/etc/cron.d/#{sanitized_name}" do
-            source ::File.expand_path("../../support/cron.d.erb", __FILE__)
+            source ::File.expand_path("../support/cron.d.erb", __dir__)
             local true
             mode new_resource.mode
             variables(

data/lib/chef/resource/cron_access.rb

@@ -70,7 +70,7 @@ class Chef
 
         with_run_context :root do
           edit_resource(:template, allow_path) do |new_resource|
-            source ::File.expand_path("../support/cron_access.erb", __FILE__)
+            source ::File.expand_path("support/cron_access.erb", __dir__)
             local true
             mode "0600"
             variables["users"] ||= []
@@ -87,7 +87,7 @@ class Chef
 
         with_run_context :root do
           edit_resource(:template, deny_path) do |new_resource|
-            source ::File.expand_path("../support/cron_access.erb", __FILE__)
+            source ::File.expand_path("support/cron_access.erb", __dir__)
             local true
             mode "0600"
             variables["users"] ||= []

data/lib/chef/resource/execute.rb

@@ -630,11 +630,11 @@ class Chef
         end
 
         # if domain is provided in both username and domain
-        if specified_user && ((specified_user.include? '\\') || (specified_user.include? "@")) && specified_domain
+        if specified_user.is_a?(String) && ((specified_user.include? '\\') || (specified_user.include? "@")) && specified_domain
           raise ArgumentError, "The domain is provided twice. Username: `#{specified_user}`, Domain: `#{specified_domain}`. Please specify domain only once."
         end
 
-        if ! specified_user.nil? && specified_domain.nil?
+        if specified_user.is_a?(String) && specified_domain.nil?
           # Splitting username of format: Domain\Username
           domain_and_user = user.split('\\')
 

data/lib/chef/resource/lwrp_base.rb

@@ -103,6 +103,7 @@ class Chef
         protected
 
         attr_writer :loaded_lwrps
+
         def loaded_lwrps
           @loaded_lwrps ||= {}
         end

data/lib/chef/resource/macos_userdefaults.rb

@@ -16,6 +16,8 @@
 #
 
 require_relative "../resource"
+require_relative "../dist"
+require "plist"
 
 class Chef
   class Resource
@@ -28,99 +30,210 @@ class Chef
 
       description "Use the **macos_userdefaults** resource to manage the macOS user defaults system. The properties of this resource are passed to the defaults command, and the parameters follow the convention of that command. See the defaults(1) man page for details on how the tool works."
       introduced "14.0"
+      examples <<~DOC
+        **Specify a global domain value**
+
+        ```ruby
+        macos_userdefaults 'Full keyboard access to all controls' do
+          key 'AppleKeyboardUIMode'
+          value 2
+        end
+        ```
+
+        **Setting a value on a specific domain**
+
+        ```ruby
+        macos_userdefaults 'Enable macOS firewall' do
+          domain '/Library/Preferences/com.apple.alf'
+          key 'globalstate'
+          value 1
+        end
+        ```
+
+        **Specifying the type of a key to skip automatic type detection**
+
+        ```ruby
+        macos_userdefaults 'Finder expanded save dialogs' do
+          key 'NSNavPanelExpandedStateForSaveMode'
+          value 'TRUE'
+          type 'bool'
+        end
+        ```
+      DOC
 
       property :domain, String,
         description: "The domain that the user defaults belong to.",
-        required: true
+        default: "NSGlobalDomain",
+        default_description: "NSGlobalDomain: the global domain.",
+        desired_state: false
 
       property :global, [TrueClass, FalseClass],
         description: "Determines whether or not the domain is global.",
-        default: false
+        deprecated: true,
+        default: false,
+        desired_state: false
 
       property :key, String,
-        description: "The preference key."
+        description: "The preference key.",
+        required: true
+
+      property :host, [String, Symbol],
+        description: "Set either :current or a hostname to set the user default at the host level.",
+        desired_state: false,
+        introduced: "16.3"
 
       property :value, [Integer, Float, String, TrueClass, FalseClass, Hash, Array],
-        description: "The value of the key.",
-        required: true
+        description: "The value of the key. Note: With the `type` property set to `bool`, `String` forms of Boolean true/false values that Apple accepts in the defaults command will be coerced: 0/1, 'TRUE'/'FALSE,' 'true'/false', 'YES'/'NO', or 'yes'/'no'.",
+        required: [:write],
+        coerce: proc { |v| v.is_a?(Hash) ? v.transform_keys(&:to_s) : v } # make sure keys are all strings for comparison
 
       property :type, String,
         description: "The value type of the preference key.",
-        default: ""
+        equal_to: %w{bool string int float array dict},
+        desired_state: false
 
       property :user, String,
-        description: "The system user that the default will be applied to."
+        description: "The system user that the default will be applied to.",
+        desired_state: false
 
       property :sudo, [TrueClass, FalseClass],
-        description: "Set to true if the setting you wish to modify requires privileged access.",
+        description: "Set to true if the setting you wish to modify requires privileged access. This requires passwordless sudo for the '/usr/bin/defaults' command to be setup for the user running #{Chef::Dist::PRODUCT}.",
         default: false,
         desired_state: false
 
-      # @todo this should get refactored away: https://github.com/chef/chef/issues/7622
-      property :is_set, [TrueClass, FalseClass],
-        default: false,
-        desired_state: false,
-        skip_docs: true
+      load_current_value do |desired|
+        Chef::Log.debug "#load_current_value: shelling out \"#{defaults_export_cmd(desired).join(" ")}\" to determine state"
+        state = shell_out(defaults_export_cmd(desired), user: desired.user)
 
-      # coerce various ways of representing a boolean into either 0 (false) or 1 (true)
-      # which is what the defaults CLI expects. Why? Well defaults itself accepts a few
-      # different formats, but when you do a read command it all comes back as 1 or 0.
-      def coerce_booleans(val)
-        return 1 if [true, "TRUE", "1", "true", "YES", "yes"].include?(val)
-        return 0 if [false, "FALSE", "0", "false", "NO", "no"].include?(val)
+        if state.error? || state.stdout.empty?
+          Chef::Log.debug "#load_current_value: #{defaults_export_cmd(desired).join(" ")} returned stdout: #{state.stdout} and stderr: #{state.stderr}"
+          current_value_does_not_exist!
+        end
+
+        plist_data = ::Plist.parse_xml(state.stdout)
+
+        # handle the situation where the key doesn't exist in the domain
+        if plist_data.key?(desired.key)
+          key desired.key
+        else
+          current_value_does_not_exist!
+        end
 
-        val
+        value plist_data[desired.key]
       end
 
-      load_current_value do |desired|
-        value = coerce_booleans(desired.value)
-        cmd = "defaults read '#{desired.domain}' "
-        cmd << "'#{desired.key}' " if desired.key
-        cmd << " | grep -qx '#{value}'"
-
-        vc = if desired.user.nil?
-               shell_out(cmd)
-             else
-               shell_out(cmd, user: desired.user)
-             end
-
-        is_set !vc.error?
+      #
+      # The defaults command to export a domain
+      #
+      # @return [Array] defaults command
+      #
+      def defaults_export_cmd(resource)
+        state_cmd = ["/usr/bin/defaults"]
+
+        if resource.host == "current"
+          state_cmd.concat(["-currentHost"])
+        elsif resource.host # they specified a non-nil value, which is a hostname
+          state_cmd.concat(["-host", resource.host])
+        end
+
+        state_cmd.concat(["export", resource.domain, "-"])
+        state_cmd
       end
 
       action :write do
-        description "Write the setting to the specified domain"
-
-        unless current_resource.is_set
-          cmd = ["defaults write"]
-          cmd.unshift("sudo") if new_resource.sudo
-
-          cmd << if new_resource.global
-                   "NSGlobalDomain"
-                 else
-                   "'#{new_resource.domain}'"
-                 end
-
-          cmd << "'#{new_resource.key}'" if new_resource.key
-          value = new_resource.value
-          type = new_resource.type.empty? ? value_type(value) : new_resource.type
-          # creates a string of Key1 Value1 Key2 Value2...
-          value = value.map { |k, v| "\"#{k}\" \"#{v}\"" }.join(" ") if type == "dict"
-          if type == "array"
-            value = value.join("' '")
-            value = "'#{value}'"
-          end
-          cmd << "-#{type}" if type
-          cmd << value
+        description "Write the value to the specified domain/key."
 
-          # FIXME: this should use cmd directly as an array argument, but then the quoting
-          # of individual args above needs to be removed as well.
-          execute cmd.join(" ") do
-            user new_resource.user unless new_resource.user.nil?
-          end
+        converge_if_changed do
+          cmd = defaults_modify_cmd
+          Chef::Log.debug("Updating defaults value by shelling out: #{cmd.join(" ")}")
+
+          shell_out!(cmd, user: new_resource.user)
+        end
+      end
+
+      action :delete do
+        description "Delete a key from a domain."
+
+        # if it's not there there's nothing to remove
+        return unless current_resource
+
+        converge_by("delete domain:#{new_resource.domain} key:#{new_resource.key}") do
+
+          cmd = defaults_modify_cmd
+          Chef::Log.debug("Removing defaults key by shelling out: #{cmd.join(" ")}")
+
+          shell_out!(cmd, user: new_resource.user)
         end
       end
 
       action_class do
+        #
+        # The command used to write or delete delete values from domains
+        #
+        # @return [Array] Array representation of defaults command to run
+        #
+        def defaults_modify_cmd
+          cmd = ["/usr/bin/defaults"]
+
+          if new_resource.host == :current
+            cmd.concat(["-currentHost"])
+          elsif new_resource.host # they specified a non-nil value, which is a hostname
+            cmd.concat(["-host", new_resource.host])
+          end
+
+          cmd.concat([action.to_s, new_resource.domain, new_resource.key])
+          cmd.concat(processed_value) if action == :write
+          cmd.prepend("sudo") if new_resource.sudo
+          cmd
+        end
+
+        #
+        # convert the provided value into the format defaults expects
+        #
+        # @return [array] array of values starting with the type if applicable
+        #
+        def processed_value
+          type = new_resource.type || value_type(new_resource.value)
+
+          # when dict this creates an array of values ["Key1", "Value1", "Key2", "Value2" ...]
+          cmd_values = ["-#{type}"]
+
+          case type
+          when "dict"
+            cmd_values.concat(new_resource.value.flatten)
+          when "array"
+            cmd_values.concat(new_resource.value)
+          when "bool"
+            cmd_values.concat(bool_to_defaults_bool(new_resource.value))
+          else
+            cmd_values.concat([new_resource.value])
+          end
+
+          cmd_values
+        end
+
+        #
+        # defaults booleans on the CLI must be 'TRUE' or 'FALSE' so convert various inputs to that
+        #
+        # @param [String, Integer, Boolean] input <description>
+        #
+        # @return [String] TRUE or FALSE
+        #
+        def bool_to_defaults_bool(input)
+          return ["TRUE"] if [true, "TRUE", "1", "true", "YES", "yes"].include?(input)
+          return ["FALSE"] if [false, "FALSE", "0", "false", "NO", "no"].include?(input)
+
+          # make sure it's very clear bad input was given
+          raise ArgumentError, "#{input} cannot be converted to a boolean value for use with Apple's defaults command. Acceptable values are: 'TRUE', 'YES', 'true, 'yes', '0', true, 'FALSE', 'false', 'NO', 'no', '1', or false."
+        end
+
+        #
+        # convert ruby type to defaults type
+        #
+        # @param [Integer, Float, String, TrueClass, FalseClass, Hash, Array] value The value being set
+        #
+        # @return [string, nil] the type value used by defaults or nil if not applicable
+        #
         def value_type(value)
           case value
           when true, false
@@ -133,6 +246,8 @@ class Chef
             "dict"
           when Array
             "array"
+          when String
+            "string"
           end
         end
       end