chef 16.2.73-universal-mingw32 → 16.4.41-universal-mingw32

data/lib/chef/resource/powershell_package_source.rb

@@ -34,7 +34,7 @@ class Chef
 
       property :url, String,
         description: "The url to the package source.",
-        required: true
+        required: [:register]
 
       property :trusted, [TrueClass, FalseClass],
         description: "Whether or not to trust packages from this source.",

data/lib/chef/resource/powershell_script.rb

@@ -25,19 +25,31 @@ class Chef
       provides :powershell_script, os: "windows"
 
       property :flags, String,
-        description: "A string that is passed to the Windows PowerShell command",
-        default: lazy { default_flags },
-        coerce: proc { |input|
-          if input == default_flags
-            # Means there was no input provided,
-            # and should use defaults in this case
-            input
-          else
-            # The last occurrence of a flag would override its
-            # previous one at the time of command execution.
-            [default_flags, input].join(" ")
+        description: "A string that is passed to the Windows PowerShell command"
+
+      property :convert_boolean_return, [true, false],
+        default: false,
+        description: <<~DESC
+          Return `0` if the last line of a command is evaluated to be true or to return `1` if the last line is evaluated to be false.
+
+          When the `guard_interpreter` common attribute is set to `:powershell_script`, a string command will be evaluated as if this value were set to `true`. This is because the behavior of this attribute is similar to the value of the `"$?"` expression common in UNIX interpreters. For example, this:
+
+          ```ruby
+          powershell_script 'make_safe_backup' do
+            guard_interpreter :powershell_script
+            code 'cp ~/data/nodes.json ~/data/nodes.bak'
+            not_if 'test-path ~/data/nodes.bak'
+          end
+          ```
+
+          is similar to:
+          ```ruby
+          bash 'make_safe_backup' do
+            code 'cp ~/data/nodes.json ~/data/nodes.bak'
+            not_if 'test -e ~/data/nodes.bak'
           end
-        }
+          ```
+        DESC
 
       description "Use the **powershell_script** resource to execute a script using the Windows PowerShell"\
                   " interpreter, much like how the script and script-based resources—bash, csh, perl, python,"\
@@ -52,15 +64,6 @@ class Chef
         super
         @interpreter = "powershell.exe"
         @default_guard_interpreter = resource_name
-        @convert_boolean_return = false
-      end
-
-      def convert_boolean_return(arg = nil)
-        set_or_return(
-          :convert_boolean_return,
-          arg,
-          kind_of: [ FalseClass, TrueClass ]
-        )
       end
 
       # Allow callers evaluating guards to request default
@@ -73,15 +76,6 @@ class Chef
       def self.get_default_attributes(opts)
         { convert_boolean_return: true }
       end
-
-      # Options that will be passed to Windows PowerShell command
-      #
-      # @returns [String]
-      def default_flags
-        # Set InputFormat to None as PowerShell will hang if STDIN is redirected
-        # http://connect.microsoft.com/PowerShell/feedback/details/572313/powershell-exe-can-hang-if-stdin-is-redirected
-        "-NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None"
-      end
     end
   end
 end

data/lib/chef/resource/service.rb

@@ -25,8 +25,8 @@ require_relative "../dist"
 class Chef
   class Resource
     class Service < Chef::Resource
-      include ChefUtils::DSL::Service
-      extend ChefUtils::DSL::Service
+      include Chef::Platform::ServiceHelpers
+      extend Chef::Platform::ServiceHelpers
       unified_mode true
 
       provides :service, target_mode: true

data/lib/chef/resource/ssh_known_hosts_entry.rb

@@ -106,7 +106,7 @@ class Chef
 
         r = with_run_context :root do
           find_resource(:template, "update ssh known hosts file #{new_resource.file_location}") do
-            source ::File.expand_path("../support/ssh_known_hosts.erb", __FILE__)
+            source ::File.expand_path("support/ssh_known_hosts.erb", __dir__)
             local true
             path new_resource.file_location
             owner new_resource.owner

data/lib/chef/resource/sudo.rb

@@ -199,7 +199,7 @@ class Chef
           end
         else
           template file_path do
-            source ::File.expand_path("../support/sudoer.erb", __FILE__)
+            source ::File.expand_path("support/sudoer.erb", __dir__)
             local true
             mode "0440"
             variables sudoer:            (new_resource.groups + new_resource.users).join(","),
@@ -255,7 +255,7 @@ class Chef
         end
 
         def visudo_content(path)
-          if ::File.exists?(path)
+          if ::File.exist?(path)
             "cat #{new_resource.config_prefix}/sudoers | #{new_resource.visudo_binary} -cf - && #{new_resource.visudo_binary} -cf %{path}"
           else
             "cat #{new_resource.config_prefix}/sudoers %{path} | #{new_resource.visudo_binary} -cf -"

data/lib/chef/resource/sysctl.rb

@@ -128,11 +128,11 @@ class Chef
       end
 
       load_current_value do
-        begin
-          value get_sysctl_value(key)
-        rescue
-          current_value_does_not_exist!
-        end
+
+        value get_sysctl_value(key)
+      rescue
+        current_value_does_not_exist!
+
       end
 
       action :apply do

data/lib/chef/resource/timezone.rb

@@ -26,7 +26,7 @@ class Chef
 
       provides :timezone
 
-      description "Use the **timezone** resource to change the system timezone on Windows, Linux, and macOS hosts. Timezones are specified in tz database format, with a complete list of available TZ values for Linux and macOS here: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones and for Windows here: https://ss64.com/nt/timezones.html."
+      description "Use the **timezone** resource to change the system timezone on Windows, Linux, and macOS hosts. Timezones are specified in tz database format, with a complete list of available TZ values for Linux and macOS here: <https://en.wikipedia.org/wiki/List_of_tz_database_time_zones>. On Windows systems run `tzutil /l` for a complete list of valid timezones."
       introduced "14.6"
       examples <<~DOC
       **Set the timezone to UTC**
@@ -35,11 +35,19 @@ class Chef
       timezone 'UTC'
       ```
 
-      **Set the timezone to UTC with a friendly resource name**
+      **Set the timezone to America/Los_Angeles with a friendly resource name on Linux/macOS**
 
       ```ruby
-      timezone 'Set the host's timezone to UTC' do
-        timezone 'UTC'
+      timezone 'Set the host's timezone to America/Los_Angeles' do
+        timezone 'America/Los_Angeles'
+      end
+      ```
+
+      **Set the timezone to PST with a friendly resource name on Windows**
+
+      ```ruby
+      timezone 'Set the host's timezone to PST' do
+        timezone 'Pacific Standard time'
       end
       ```
       DOC
@@ -48,90 +56,121 @@ class Chef
         description: "An optional property to set the timezone value if it differs from the resource block's name.",
         name_property: true
 
-      action :set do
-        description "Set the timezone."
-
-        # some linux systems may be missing the timezone data
-        if linux?
-          package "tzdata" do
-            package_name suse? ? "timezone" : "tzdata"
-          end
+      # detect the current TZ on darwin hosts
+      #
+      # @since 14.7
+      # @return [String] TZ database value
+      def current_macos_tz
+        tz_shellout = shell_out!(["systemsetup", "-gettimezone"])
+        if /You need administrator access/.match?(tz_shellout.stdout)
+          raise "The timezone resource requires administrative privileges to run on macOS hosts!"
+        else
+          /Time Zone: (.*)/.match(tz_shellout.stdout)[1]
         end
+      end
 
-        # Modern SUSE, Amazon, Fedora, RHEL, Ubuntu & Debian
-        if systemd?
-          cmd_set_tz = "/usr/bin/timedatectl --no-ask-password set-timezone #{new_resource.timezone}"
+      # detect the current timezone on windows hosts
+      #
+      # @since 14.7
+      # @return [String] timezone id
+      def current_windows_tz
+        tz_shellout = shell_out("tzutil /g")
+        raise "There was an error running the tzutil command" if tz_shellout.error?
 
-          cmd_check_if_set = "/usr/bin/timedatectl status"
-          cmd_check_if_set += " | /usr/bin/awk '/Time.*zone/{print}'"
-          cmd_check_if_set += " | grep -q #{new_resource.timezone}"
+        tz_shellout.stdout.strip
+      end
 
-          execute cmd_set_tz do
-            action :run
-            not_if cmd_check_if_set
-          end
+      # detect the current timezone on systemd hosts
+      #
+      # @since 16.5
+      # @return [String] timezone id
+      def current_systemd_tz
+        tz_shellout = shell_out(["/usr/bin/timedatectl", "status"])
+        raise "There was an error running the timedatectl command" if tz_shellout.error?
+
+        # https://rubular.com/r/eV68MX9XXbyG4k
+        /Time zone: (.*) \(.*/.match(tz_shellout.stdout)[1]
+      end
+
+      # detect the current timezone on non-systemd RHEL-ish hosts
+      #
+      # @since 16.5
+      # @return [String] timezone id
+      def current_rhel_tz
+        return nil unless ::File.exist?("/etc/sysconfig/clock")
+
+        # https://rubular.com/r/aoj01L3bKBM7wh
+        /ZONE="(.*)"/.match(::File.read("/etc/sysconfig/clock"))[1]
+      end
+
+      load_current_value do
+        if systemd?
+          timezone current_systemd_tz
         else
           case node["platform_family"]
           # Old version of RHEL < 7 and Amazon 201X
           when "rhel", "amazon"
-            file "/etc/sysconfig/clock" do
-              owner "root"
-              group "root"
-              mode "0644"
-              action :create
-              content %{ZONE="#{new_resource.timezone}"\nUTC="true"\n}
-            end
-
-            execute "tzdata-update" do
-              command "/usr/sbin/tzdata-update"
-              action :nothing
-              only_if { ::File.executable?("/usr/sbin/tzdata-update") }
-              subscribes :run, "file[/etc/sysconfig/clock]", :immediately
-            end
-
-            link "/etc/localtime" do
-              to "/usr/share/zoneinfo/#{new_resource.timezone}"
-              not_if { ::File.executable?("/usr/sbin/tzdata-update") }
-            end
+            timezone current_rhel_tz
           when "mac_os_x"
-            unless current_darwin_tz == new_resource.timezone
-              converge_by("set timezone to #{new_resource.timezone}") do
-                shell_out!("sudo systemsetup -settimezone #{new_resource.timezone}")
-              end
-            end
+            timezone current_macos_tz
           when "windows"
-            unless current_windows_tz.casecmp?(new_resource.timezone)
-              converge_by("setting timezone to \"#{new_resource.timezone}\"") do
-                shell_out!("tzutil /s \"#{new_resource.timezone}\"")
-              end
-            end
+            timezone current_windows_tz
           end
         end
       end
 
-      action_class do
-        # detect the current TZ on darwin hosts
-        #
-        # @since 14.7
-        # @return [String] TZ database value
-        def current_darwin_tz
-          tz_shellout = shell_out!("systemsetup -gettimezone")
-          if /You need administrator access/.match?(tz_shellout.stdout)
-            raise "The timezone resource requires administrative privileges to run on macOS hosts!"
-          else
-            /Time Zone: (.*)/.match(tz_shellout.stdout)[1]
-          end
-        end
-
-        # detect the current timezone on windows hosts
-        #
-        # @since 14.7
-        # @return [String] timezone id
-        def current_windows_tz
-          tz_shellout = shell_out("tzutil /g")
-          raise "There was an error running the tzutil command" if tz_shellout.exitstatus == 1
+      action :set do
+        description "Set the timezone."
 
-          tz_shellout.stdout.strip
+        # we have to check windows first since the value isn't case sensitive here
+        if windows?
+          unless current_windows_tz.casecmp?(new_resource.timezone)
+            converge_by("setting timezone to '#{new_resource.timezone}'") do
+              shell_out!(["tzutil", "/s", new_resource.timezone])
+            end
+          end
+        else # linux / macos
+          converge_if_changed(:timezone) do
+            # Modern SUSE, Amazon, Fedora, RHEL, Ubuntu & Debian
+            if systemd?
+              # make sure we have the tzdata files
+              package suse? ? "timezone" : "tzdata"
+
+              shell_out!(["/usr/bin/timedatectl", "--no-ask-password", "set-timezone", new_resource.timezone])
+            else
+              case node["platform_family"]
+              # Old version of RHEL < 7 and Amazon 201X
+              when "rhel", "amazon"
+                # make sure we have the tzdata files
+                package "tzdata"
+
+                file "/etc/sysconfig/clock" do
+                  owner "root"
+                  group "root"
+                  mode "0644"
+                  action :create
+                  content <<~CONTENT
+                    ZONE="#{new_resource.timezone}"
+                    UTC="true"
+                  CONTENT
+                end
+
+                execute "tzdata-update" do
+                  command "/usr/sbin/tzdata-update"
+                  action :nothing
+                  only_if { ::File.executable?("/usr/sbin/tzdata-update") }
+                  subscribes :run, "file[/etc/sysconfig/clock]", :immediately
+                end
+
+                link "/etc/localtime" do
+                  to "/usr/share/zoneinfo/#{new_resource.timezone}"
+                  not_if { ::File.executable?("/usr/sbin/tzdata-update") }
+                end
+              when "mac_os_x"
+                shell_out!(["sudo", "systemsetup", "-settimezone", new_resource.timezone])
+              end
+            end
+          end
         end
       end
     end

data/lib/chef/resource/user_ulimit.rb

@@ -80,7 +80,7 @@ class Chef
 
       action :create do
         template "/etc/security/limits.d/#{new_resource.filename}" do
-          source ::File.expand_path("../support/ulimit.erb", __FILE__)
+          source ::File.expand_path("support/ulimit.erb", __dir__)
           local true
           mode "0644"
           variables(

data/lib/chef/resource/windows_ad_join.rb

@@ -23,6 +23,8 @@ class Chef
     class WindowsAdJoin < Chef::Resource
       provides :windows_ad_join
 
+      unified_mode true
+
       description "Use the **windows_ad_join** resource to join a Windows Active Directory domain."
       introduced "14.0"
       examples <<~DOC

data/lib/chef/resource/windows_audit_policy.rb

@@ -82,6 +82,9 @@ class Chef
                                  "User / Device Claims",
                                  "User Account Management",
                                 ].freeze
+
+      unified_mode true
+
       provides :windows_audit_policy
 
       description "Use the **windows_audit_policy** resource to configure system level and per-user Windows advanced audit policy settings."

data/lib/chef/resource/windows_auto_run.rb

@@ -21,6 +21,8 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsAutorun < Chef::Resource
+      unified_mode true
+
       provides(:windows_auto_run) { true }
 
       description "Use the **windows_auto_run** resource to set applications to run at login."

data/lib/chef/resource/windows_certificate.rb

@@ -26,6 +26,8 @@ require_relative "../dist"
 class Chef
   class Resource
     class WindowsCertificate < Chef::Resource
+      unified_mode true
+
       provides :windows_certificate
 
       description "Use the **windows_certificate** resource to install a certificate into the Windows certificate store from a file. The resource grants read-only access to the private key for designated accounts. Due to current limitations in WinRM, installing certificates remotely may not work if the operation requires a user profile. Operations on the local machine store should still work."

data/lib/chef/resource/windows_dfs_folder.rb

@@ -21,6 +21,8 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDfsFolder < Chef::Resource
+      unified_mode true
+
       provides :windows_dfs_folder
 
       description "Use the **windows_dfs_folder** resource to creates a folder within DFS as many levels deep as required."

data/lib/chef/resource/windows_dfs_namespace.rb

@@ -21,6 +21,8 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDfsNamespace < Chef::Resource
+      unified_mode true
+
       provides :windows_dfs_namespace
 
       description "Use the **windows_dfs_namespace** resource to creates a share and DFS namespace on a Windows server."

data/lib/chef/resource/windows_dfs_server.rb

@@ -21,6 +21,8 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDfsServer < Chef::Resource
+      unified_mode true
+
       provides :windows_dfs_server
 
       description "Use the **windows_dfs_server** resource to set system-wide DFS settings."

data/lib/chef/resource/windows_dns_record.rb

@@ -21,6 +21,8 @@ require_relative "../resource"
 class Chef
   class Resource
     class WindowsDnsRecord < Chef::Resource
+      unified_mode true
+
       provides :windows_dns_record
 
       description "The windows_dns_record resource creates a DNS record for the given domain."
@@ -42,23 +44,40 @@ class Chef
         description: "The type of record to create, can be either ARecord, CNAME or PTR.",
         default: "ARecord", equal_to: %w{ARecord CNAME PTR}
 
+      property :dns_server, String,
+        description: "The name of the DNS server on which to create the record.",
+        default: "localhost",
+        introduced: "16.3"
+
       action :create do
         description "Creates and updates the DNS entry."
 
-        powershell_package "xDnsServer" do
+        windows_feature "RSAT-DNS-Server" do
+          not_if new_resource.dns_server.casecmp?("localhost")
         end
-        do_it "Present"
+
+        powershell_package "xDnsServer"
+
+        run_dsc_resource "Present"
       end
 
       action :delete do
         description "Deletes a DNS entry."
-        powershell_package "xDnsServer" do
+
+        windows_feature "RSAT-DNS-Server" do
+          not_if new_resource.dns_server.casecmp?("localhost")
         end
-        do_it "Absent"
+
+        powershell_package "xDnsServer"
+
+        run_dsc_resource "Absent"
       end
 
       action_class do
-        def do_it(ensure_prop)
+        private
+
+        # @api private
+        def run_dsc_resource(ensure_prop)
           dsc_resource "xDnsRecord #{new_resource.record_name}.#{new_resource.zone} #{ensure_prop}" do
             module_name "xDnsServer"
             resource :xDnsRecord
@@ -67,6 +86,7 @@ class Chef
             property :Zone, new_resource.zone
             property :Type, new_resource.record_type
             property :Target, new_resource.target
+            property :DnsServer, new_resource.dns_server
           end
         end
       end