chef 16.2.73-universal-mingw32 → 16.4.41-universal-mingw32

data/lib/chef/encrypted_data_bag_item/decryptor.rb

@@ -16,7 +16,7 @@
 # limitations under the License.
 #
 
-require "yaml"
+require "yaml" unless defined?(YAML)
 require_relative "../json_compat"
 require "openssl" unless defined?(OpenSSL)
 require "base64"

data/lib/chef/environment.rb

@@ -119,7 +119,7 @@ class Chef
     end
 
     def to_h
-      result = {
+      {
         "name" => @name,
         "description" => @description,
         "cookbook_versions" => @cookbook_versions,
@@ -128,7 +128,6 @@ class Chef
         "default_attributes" => @default_attributes,
         "override_attributes" => @override_attributes,
       }
-      result
     end
 
     alias_method :to_hash, :to_h
@@ -255,11 +254,11 @@ class Chef
       js_file = File.join(Chef::Config[:environment_path], "#{name}.json")
       rb_file = File.join(Chef::Config[:environment_path], "#{name}.rb")
 
-      if File.exists?(js_file)
+      if File.exist?(js_file)
         # from_json returns object.class => json_class in the JSON.
         hash = Chef::JSONCompat.parse(IO.read(js_file))
         from_hash(hash)
-      elsif File.exists?(rb_file)
+      elsif File.exist?(rb_file)
         environment = Chef::Environment.new
         environment.name(name)
         environment.from_file(rb_file)

data/lib/chef/exceptions.rb

@@ -198,6 +198,7 @@ class Chef
     class MetadataNotFound < StandardError
       attr_reader :install_path
       attr_reader :cookbook_name
+
       def initialize(install_path, cookbook_name)
         @install_path = install_path
         @cookbook_name = cookbook_name
@@ -422,7 +423,7 @@ class Chef
 
     class ChecksumMismatch < RuntimeError
       def initialize(res_cksum, cont_cksum)
-        super "Checksum on resource (#{res_cksum}) does not match checksum on content (#{cont_cksum})"
+        super "Checksum on resource (#{res_cksum}...) does not match checksum on content (#{cont_cksum}...)"
       end
     end
 
@@ -448,6 +449,7 @@ class Chef
     # to correctly populate the backtrace with the wrapped backtraces.
     class RunFailedWrappingError < RuntimeError
       attr_reader :wrapped_errors
+
       def initialize(*errors)
         errors = errors.select { |e| !e.nil? }
         output = "Found #{errors.size} errors, they are stored in the backtrace"
@@ -488,6 +490,7 @@ class Chef
 
     class MultipleDscResourcesFound < RuntimeError
       attr_reader :resources_found
+
       def initialize(resources_found)
         @resources_found = resources_found
         matches_info = @resources_found.each do |r|

data/lib/chef/file_content_management/tempfile.rb

@@ -39,15 +39,15 @@ class Chef
         errors = [ ]
 
         tempfile_dirnames.each do |tempfile_dirname|
-          begin
-            # preserving the file extension of the target filename should be considered a public API
-            tf = ::Tempfile.open([tempfile_basename, tempfile_extension], tempfile_dirname)
-            break
-          rescue SystemCallError => e
-            message = "Creating temp file under '#{tempfile_dirname}' failed with: '#{e.message}'"
-            Chef::Log.trace(message)
-            errors << message
-          end
+
+          # preserving the file extension of the target filename should be considered a public API
+          tf = ::Tempfile.open([tempfile_basename, tempfile_extension], tempfile_dirname)
+          break
+        rescue SystemCallError => e
+          message = "Creating temp file under '#{tempfile_dirname}' failed with: '#{e.message}'"
+          Chef::Log.trace(message)
+          errors << message
+
         end
 
         raise Chef::Exceptions::FileContentStagingError, errors if tf.nil?

data/lib/chef/handler.rb

@@ -240,6 +240,8 @@ class Chef
     # This ensures that all handlers get a chance to run even if one fails.
     # This method should not be overridden by subclasses unless you know what
     # you're doing.
+    #
+    # @api private
     def run_report_safely(run_status)
       run_report_unsafe(run_status)
     rescue Exception => e

data/lib/chef/http.rb

@@ -22,7 +22,8 @@
 #
 
 require "tempfile" unless defined?(Tempfile)
-require "net/https"
+require "openssl" unless defined?(OpenSSL)
+require "net/http" unless defined?(Net::HTTP)
 require "uri" unless defined?(URI)
 require_relative "http/basic_client"
 require_relative "monkey_patches/net_http"
@@ -58,7 +59,6 @@ class Chef
           handler.handle_chunk(chunk)
         end
       end
-
     end
 
     def self.middlewares
@@ -155,7 +155,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -194,7 +194,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -250,7 +250,7 @@ class Chef
     rescue Net::HTTPClientException => e
       http_attempts += 1
       response = e.response
-      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts > 0
+      if response.is_a?(Net::HTTPNotAcceptable) && version_retries - http_attempts >= 0
         Chef::Log.trace("Negotiating protocol version with #{url}, retry #{http_attempts}/#{version_retries}")
         retry
       else
@@ -429,7 +429,7 @@ class Chef
           response, request, return_value = yield
           # handle HTTP 50X Error
           if response.is_a?(Net::HTTPServerError) && !Chef::Config.local_mode
-            if http_retry_count - http_attempts + 1 > 0
+            if http_retry_count - http_attempts >= 0
               sleep_time = 1 + (2**http_attempts) + rand(2**http_attempts)
               Chef::Log.error("Server returned error #{response.code} for #{url}, retrying #{http_attempts}/#{http_retry_count} in #{sleep_time}s")
               sleep(sleep_time)
@@ -439,7 +439,7 @@ class Chef
           return [response, request, return_value]
         end
       rescue SocketError, Errno::ETIMEDOUT, Errno::ECONNRESET => e
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
@@ -447,21 +447,21 @@ class Chef
         e.message.replace "Error connecting to #{url} - #{e.message}"
         raise e
       rescue Errno::ECONNREFUSED
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Connection refused connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
         end
         raise Errno::ECONNREFUSED, "Connection refused connecting to #{url}, giving up"
       rescue Timeout::Error
-        if http_retry_count - http_attempts + 1 > 0
+        if http_retry_count - http_attempts >= 0
           Chef::Log.error("Timeout connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
         end
         raise Timeout::Error, "Timeout connecting to #{url}, giving up"
       rescue OpenSSL::SSL::SSLError => e
-        if (http_retry_count - http_attempts + 1 > 0) && !e.message.include?("certificate verify failed")
+        if (http_retry_count - http_attempts >= 0) && !e.message.include?("certificate verify failed")
           Chef::Log.error("SSL Error connecting to #{url}, retry #{http_attempts}/#{http_retry_count}")
           sleep(http_retry_delay)
           retry
@@ -471,7 +471,7 @@ class Chef
     end
 
     def version_retries
-      @version_retries ||= options[:version_class].possible_requests
+      @version_retries ||= options[:version_class]&.possible_requests || 1
     end
 
     # @api private

data/lib/chef/http/authenticator.rb

@@ -24,7 +24,7 @@ class Chef
   class HTTP
     class Authenticator
 
-      DEFAULT_SERVER_API_VERSION = "1".freeze
+      DEFAULT_SERVER_API_VERSION = "2".freeze
 
       attr_reader :signing_key_filename
       attr_reader :raw_key
@@ -68,6 +68,8 @@ class Chef
           version_class.best_request_version
         elsif api_version
           api_version
+        elsif Chef::ServerAPIVersions.instance.negotiated?
+          Chef::ServerAPIVersions.instance.max_server_version.to_s
         else
           DEFAULT_SERVER_API_VERSION
         end

data/lib/chef/json_compat.rb

@@ -20,7 +20,7 @@
 require "ffi_yajl" unless defined?(FFI_Yajl)
 require_relative "exceptions"
 # We're requiring this to prevent breaking consumers using Hash.to_json
-require "json"
+require "json" unless defined?(JSON)
 
 class Chef
   class JSONCompat

data/lib/chef/knife.rb

@@ -20,10 +20,10 @@
 require "forwardable" unless defined?(Forwardable)
 require_relative "version"
 require "mixlib/cli" unless defined?(Mixlib::CLI)
-require "chef-utils/dsl/path_sanity" unless defined?(ChefUtils::DSL::PathSanity)
+require "chef-utils/dsl/default_paths" unless defined?(ChefUtils::DSL::DefaultPaths)
 require_relative "workstation_config_loader"
 require_relative "mixin/convert_to_class_name"
-require_relative "mixin/path_sanity"
+require_relative "mixin/default_paths"
 require_relative "knife/core/subcommand_loader"
 require_relative "knife/core/ui"
 require_relative "local_mode"
@@ -40,7 +40,7 @@ class Chef
     Chef::HTTP::HTTPRequest.user_agent = "#{Chef::Dist::PRODUCT} Knife#{Chef::HTTP::HTTPRequest::UA_COMMON}"
 
     include Mixlib::CLI
-    include ChefUtils::DSL::PathSanity
+    include ChefUtils::DSL::DefaultPaths
     extend Chef::Mixin::ConvertToClassName
     extend Forwardable
 
@@ -484,7 +484,7 @@ class Chef
       unless respond_to?(:run)
         ui.error "You need to add a #run method to your knife command before you can use it"
       end
-      ENV["PATH"] = sanitized_path if Chef::Config[:enforce_path_sanity]
+      ENV["PATH"] = default_paths if Chef::Config[:enforce_default_paths] || Chef::Config[:enforce_path_sanity]
       maybe_setup_fips
       Chef::LocalMode.with_server_connectivity do
         run

data/lib/chef/knife/bootstrap.rb

@@ -480,7 +480,7 @@ class Chef
         template = bootstrap_template
 
         # Use the template directly if it's a path to an actual file
-        if File.exists?(template)
+        if File.exist?(template)
           Chef::Log.trace("Using the specified bootstrap template: #{File.dirname(template)}")
           return template
         end
@@ -495,7 +495,7 @@ class Chef
 
         template_file = Array(bootstrap_files).find do |bootstrap_template|
           Chef::Log.trace("Looking for bootstrap template in #{File.dirname(bootstrap_template)}")
-          File.exists?(bootstrap_template)
+          File.exist?(bootstrap_template)
         end
 
         unless template_file
@@ -538,7 +538,7 @@ class Chef
       end
 
       def run
-        check_license
+        check_license if ChefConfig::Dist::ENFORCE_LICENSE
 
         plugin_setup!
         validate_name_args!
@@ -630,9 +630,7 @@ class Chef
             raise
           else
             ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
-            password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:") do |q|
-              q.echo = false
-            end
+            password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:", echo: false)
           end
 
           opts.merge! force_ssh_password_opts(password)
@@ -646,9 +644,7 @@ class Chef
             raise
           else
             ui.warn("Failed to authenticate #{opts[:user]} to #{server_name} - trying password auth")
-            password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:") do |q|
-              q.echo = false
-            end
+            password = ui.ask("Enter password for #{opts[:user]}@#{server_name}:", echo: false)
           end
 
           opts.merge! force_winrm_password_opts(password)
@@ -681,9 +677,7 @@ class Chef
           retry
         elsif config[:use_sudo_password] && (e.reason == :sudo_password_required || e.reason == :bad_sudo_password) && limit < 3
           ui.warn("Failed to authenticate #{conn_options[:user]} to #{server_name} - #{e.message} \n sudo: #{limit} incorrect password attempt")
-          sudo_password = ui.ask("Enter sudo password for #{conn_options[:user]}@#{server_name}:") do |q|
-            q.echo = false
-          end
+          sudo_password = ui.ask("Enter sudo password for #{conn_options[:user]}@#{server_name}:", echo: false)
           limit += 1
           conn_options[:sudo_password] = sudo_password
 

data/lib/chef/knife/bootstrap/train_connector.rb

@@ -322,6 +322,7 @@ class Chef
 
       class RemoteExecutionFailed < StandardError
         attr_reader :exit_status, :command, :hostname, :stdout, :stderr
+
         def initialize(hostname, command, result)
           @hostname = hostname
           @exit_status = result.exit_status

data/lib/chef/knife/config_get.rb

@@ -62,6 +62,7 @@ class Chef
           config_data.delete(:color)
           # Only keep these if true, false is much less important because it's the default.
           config_data.delete(:local_mode) unless config_data[:local_mode]
+          config_data.delete(:enforce_default_paths) unless config_data[:enforce_default_paths]
           config_data.delete(:enforce_path_sanity) unless config_data[:enforce_path_sanity]
         end
 

data/lib/chef/knife/config_list_profiles.rb

@@ -32,6 +32,10 @@ class Chef
         description: "Ignore the current config.rb/knife.rb configuration.",
         default: false
 
+      def configure_chef
+        apply_computed_config
+      end
+
       def run
         credentials_data = self.class.config_loader.parse_credentials_file
         if credentials_data.nil? || credentials_data.empty?
@@ -72,7 +76,6 @@ class Chef
         # Try to reset the config.
         unless config[:ignore_knife_rb]
           Chef::Config.reset
-          Chef::WorkstationConfigLoader.new(config[:config_file], Chef::Log, profile: config[:profile]).load
           apply_computed_config
         end
 

data/lib/chef/knife/configure.rb

@@ -27,6 +27,8 @@ class Chef
 
       deps do
         require_relative "../util/path_helper"
+        require_relative "client_create"
+        require_relative "user_create"
         require "ohai" unless defined?(Ohai::System)
         Chef::Knife::ClientCreate.load_deps
         Chef::Knife::UserCreate.load_deps
@@ -92,7 +94,7 @@ class Chef
           user_create = Chef::Knife::UserCreate.new
           user_create.name_args = [ new_client_name ]
           user_create.config[:user_password] = config[:user_password] ||
-            ui.ask("Please enter a password for the new user: ") { |q| q.echo = false }
+            ui.ask("Please enter a password for the new user: ", echo: false)
           user_create.config[:admin] = true
           user_create.config[:file] = new_client_key
           user_create.config[:yes] = true

data/lib/chef/knife/cookbook_download.rb

@@ -73,7 +73,7 @@ class Chef
         manifest = cookbook.cookbook_manifest
 
         basedir = File.join(config[:download_directory], "#{@cookbook_name}-#{cookbook.version}")
-        if File.exists?(basedir)
+        if File.exist?(basedir)
           if config[:force]
             Chef::Log.trace("Deleting #{basedir}")
             FileUtils.rm_rf(basedir)

data/lib/chef/knife/cookbook_metadata.rb

@@ -62,7 +62,7 @@ class Chef
       def generate_metadata(cookbook)
         Array(config[:cookbook_path]).reverse_each do |path|
           file = File.expand_path(File.join(path, cookbook, "metadata.rb"))
-          if File.exists?(file)
+          if File.exist?(file)
             generate_metadata_from_file(cookbook, file)
           else
             validate_metadata_json(path, cookbook)

data/lib/chef/knife/cookbook_upload.rb

@@ -34,10 +34,10 @@ class Chef
       banner "knife cookbook upload [COOKBOOKS...] (options)"
 
       option :cookbook_path,
-        short: "-o PATH:PATH",
-        long: "--cookbook-path PATH:PATH",
-        description: "A colon-separated path to look for cookbooks in.",
-        proc: lambda { |o| o.split(":") }
+        short: "-o 'PATH:PATH'",
+        long: "--cookbook-path 'PATH:PATH'",
+        description: "A delimited path to search for cookbooks. On Unix the delimiter is ':', on Windows it is ';'.",
+        proc: lambda { |o| o.split(File::PATH_SEPARATOR) }
 
       option :freeze,
         long: "--freeze",
@@ -107,8 +107,7 @@ class Chef
           cookbook_path = config[:cookbook_path].respond_to?(:join) ? config[:cookbook_path].join(", ") : config[:cookbook_path]
           ui.warn("Could not find any cookbooks in your cookbook path: '#{File.expand_path(cookbook_path)}'. Use --cookbook-path to specify the desired path.")
         else
-          begin
-            tmp_cl = Chef::CookbookLoader.copy_to_tmp_dir_from_array(cookbooks)
+          Chef::CookbookLoader.copy_to_tmp_dir_from_array(cookbooks) do |tmp_cl|
             tmp_cl.load_cookbooks
             tmp_cl.compile_metadata
             tmp_cl.freeze_versions if config[:freeze]
@@ -127,28 +126,26 @@ class Chef
                   ui.error("Uploading of some of the cookbooks must be failed. Remove cookbook whose version is frozen from your cookbooks repo OR use --force option.")
                   upload_failures += 1
                 rescue SystemExit => e
-                  tmp_cl.unlink!
                   raise exit e.status
                 end
                 ui.info("Uploaded all cookbooks.") if upload_failures == 0
               end
             else
               tmp_cl.each do |cookbook_name, cookbook|
-                begin
-                  upload([cookbook], justify_width)
-                  upload_ok += 1
-                rescue Exceptions::CookbookNotFoundInRepo => e
-                  upload_failures += 1
-                  ui.error("Could not find cookbook #{cookbook_name} in your cookbook path, skipping it")
-                  Log.debug(e)
-                  upload_failures += 1
-                rescue Exceptions::CookbookFrozen
-                  ui.warn("Not updating version constraints for #{cookbook_name} in the environment as the cookbook is frozen.")
-                  upload_failures += 1
-                rescue SystemExit => e
-                  tmp_cl.unlink!
-                  raise exit e.status
-                end
+
+                upload([cookbook], justify_width)
+                upload_ok += 1
+              rescue Exceptions::CookbookNotFoundInRepo => e
+                upload_failures += 1
+                ui.error("Could not find cookbook #{cookbook_name} in your cookbook path, skipping it")
+                Log.debug(e)
+                upload_failures += 1
+              rescue Exceptions::CookbookFrozen
+                ui.warn("Not updating version constraints for #{cookbook_name} in the environment as the cookbook is frozen.")
+                upload_failures += 1
+              rescue SystemExit => e
+                raise exit e.status
+
               end
 
               if upload_failures == 0
@@ -164,8 +161,6 @@ class Chef
             unless version_constraints_to_update.empty?
               update_version_constraints(version_constraints_to_update) if config[:environment]
             end
-          ensure
-            tmp_cl.unlink!
           end
         end
       end
@@ -177,17 +172,17 @@ class Chef
           else
             upload_set = {}
             @name_args.each do |cookbook_name|
-              begin
-                unless upload_set.key?(cookbook_name)
-                  upload_set[cookbook_name] = cookbook_repo[cookbook_name]
-                  if config[:depends]
-                    upload_set[cookbook_name].metadata.dependencies.each_key { |dep| @name_args << dep }
-                  end
+
+              unless upload_set.key?(cookbook_name)
+                upload_set[cookbook_name] = cookbook_repo[cookbook_name]
+                if config[:depends]
+                  upload_set[cookbook_name].metadata.dependencies.each_key { |dep| @name_args << dep }
                 end
-              rescue Exceptions::CookbookNotFoundInRepo => e
-                ui.error(e.message)
-                Log.debug(e)
               end
+            rescue Exceptions::CookbookNotFoundInRepo => e
+              ui.error(e.message)
+              Log.debug(e)
+
             end
             upload_set
           end