chef 16.3.45-universal-mingw32 → 16.5.77-universal-mingw32

data/lib/chef/resource.rb

@@ -19,8 +19,6 @@
 #
 
 require_relative "exceptions"
-require_relative "dsl/data_query"
-require_relative "dsl/registry_helper"
 require_relative "dsl/reboot_pending"
 require_relative "dsl/resources"
 require_relative "dsl/declare_resource"
@@ -38,7 +36,7 @@ require_relative "resource/resource_notification"
 require_relative "provider_resolver"
 require_relative "resource_resolver"
 require_relative "provider"
-require "set" unless defined?(Set)
+autoload :Set, "set"
 
 require_relative "mixin/deprecation"
 require_relative "mixin/properties"
@@ -53,8 +51,6 @@ class Chef
     #
 
     include Chef::DSL::DeclareResource
-    include Chef::DSL::DataQuery
-    include Chef::DSL::RegistryHelper
     include Chef::DSL::RebootPending
     extend Chef::Mixin::Provides
 
@@ -663,17 +659,17 @@ class Chef
 
       all_props = {}
       self.class.state_properties.map do |p|
-        begin
-          all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self))
-        rescue Chef::Exceptions::ValidationFailed
-          # This space left intentionally blank, the property was probably required or had an invalid default.
-        end
+
+        all_props[p.name.to_s] = p.sensitive? ? '"*sensitive value suppressed*"' : value_to_text(p.get(self))
+      rescue Chef::Exceptions::ValidationFailed
+        # This space left intentionally blank, the property was probably required or had an invalid default.
+
       end
 
       ivars = instance_variables.map(&:to_sym) - HIDDEN_IVARS
       ivars.each do |ivar|
         iv = ivar.to_s.sub(/^@/, "")
-        if all_props.keys.include?(iv)
+        if all_props.key?(iv)
           text << "  #{iv} #{all_props[iv]}\n"
         elsif (value = instance_variable_get(ivar)) && !(value.respond_to?(:empty?) && value.empty?)
           text << "  #{iv} #{value_to_text(value)}\n"
@@ -1484,7 +1480,7 @@ class Chef
     def self.use(partial)
       dirname = ::File.dirname(partial)
       basename = ::File.basename(partial, ".rb")
-      basename = basename[1..-1] if basename.start_with?("_")
+      basename = basename[1..] if basename.start_with?("_")
       class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.absolute_path)))
     end
 

data/lib/chef/resource/apt_repository.rb

@@ -19,7 +19,9 @@
 require_relative "../resource"
 require_relative "../http/simple"
 require "tmpdir" unless defined?(Dir.mktmpdir)
-require "addressable" unless defined?(Addressable)
+module Addressable
+  autoload :URI, "addressable/uri"
+end
 
 class Chef
   class Resource
@@ -168,7 +170,7 @@ class Chef
         # is the provided ID a key ID from a keyserver. Looks at length and HEX only values
         # @param [String] id the key value passed by the user that *may* be an ID
         def is_key_id?(id)
-          id = id[2..-1] if id.start_with?("0x")
+          id = id[2..] if id.start_with?("0x")
           id =~ /^\h+$/ && [8, 16, 40].include?(id.length)
         end
 
@@ -192,16 +194,7 @@ class Chef
         #
         # @return [Boolean] is the key valid or not
         def key_is_valid?(key)
-          valid = true
-
-          so = shell_out("apt-key", "list")
-          so.stdout.split(/\n/).map do |t|
-            if t =~ %r{^\/#{key}.*\[expired: .*\]$}
-              logger.debug "Found expired key: #{t}"
-              valid = false
-              break
-            end
-          end
+          valid = shell_out("apt-key", "list").stdout.each_line.none?(%r{^\/#{key}.*\[expired: .*\]$})
 
           logger.debug "key #{key} #{valid ? "is valid" : "is not valid"}"
           valid

data/lib/chef/resource/bff_package.rb

@@ -17,6 +17,7 @@
 #
 
 require_relative "package"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 
 class Chef
   class Resource
@@ -27,6 +28,27 @@ class Chef
 
       description "Use the **bff_package** resource to manage packages for the AIX platform using the installp utility. When a package is installed from a local file, it must be added to the node using the **remote_file** or **cookbook_file** resources."
       introduced "12.0"
+      examples <<~DOC
+      The **bff_package** resource is the default package provider on the AIX platform. The base **package** resource may be used, and then when the platform is AIX, #{ChefUtils::Dist::Infra::PRODUCT} will identify the correct package provider. The following examples show how to install part of the IBM XL C/C++ compiler.
+
+      **Installing using the base package resource**
+
+      ```ruby
+      package 'xlccmp.13.1.0' do
+        source '/var/tmp/IBM_XL_C_13.1.0/usr/sys/inst.images/xlccmp.13.1.0'
+        action :install
+      end
+      ```
+
+      **Installing using the bff_package resource**
+
+      ```ruby
+      bff_package 'xlccmp.13.1.0' do
+        source '/var/tmp/IBM_XL_C_13.1.0/usr/sys/inst.images/xlccmp.13.1.0'
+        action :install
+      end
+      ```
+      DOC
 
       property :package_name, String,
         description: "An optional property to set the package name if it differs from the resource block's name.",

data/lib/chef/resource/breakpoint.rb

@@ -17,7 +17,7 @@
 #
 
 require_relative "../resource"
-require_relative "../dist"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 
 class Chef
   class Resource
@@ -26,8 +26,63 @@ class Chef
 
       provides :breakpoint, target_mode: true
 
-      description "Use the **breakpoint** resource to add breakpoints to recipes. Run the #{Chef::Dist::SHELL} in #{Chef::Dist::PRODUCT} mode, and then use those breakpoints to debug recipes. Breakpoints are ignored by the #{Chef::Dist::CLIENT} during an actual #{Chef::Dist::CLIENT} run. That said, breakpoints are typically used to debug recipes only when running them in a non-production environment, after which they are removed from those recipes before the parent cookbook is uploaded to the Chef server."
+      description "Use the **breakpoint** resource to add breakpoints to recipes. Run the #{ChefUtils::Dist::Infra::SHELL} in #{ChefUtils::Dist::Infra::PRODUCT} mode, and then use those breakpoints to debug recipes. Breakpoints are ignored by the #{ChefUtils::Dist::Infra::CLIENT} during an actual #{ChefUtils::Dist::Infra::CLIENT} run. That said, breakpoints are typically used to debug recipes only when running them in a non-production environment, after which they are removed from those recipes before the parent cookbook is uploaded to the Chef server."
       introduced "12.0"
+      examples <<~DOC
+      **A recipe without a breakpoint**
+
+      ```ruby
+      yum_key node['yum']['elrepo']['key'] do
+        url  node['yum']['elrepo']['key_url']
+        action :add
+      end
+
+      yum_repository 'elrepo' do
+        description 'ELRepo.org Community Enterprise Linux Extras Repository'
+        key node['yum']['elrepo']['key']
+        mirrorlist node['yum']['elrepo']['url']
+        includepkgs node['yum']['elrepo']['includepkgs']
+        exclude node['yum']['elrepo']['exclude']
+        action :create
+      end
+      ```
+
+      **The same recipe with breakpoints**
+
+      ```ruby
+      breakpoint "before yum_key node['yum']['repo_name']['key']" do
+        action :break
+      end
+
+      yum_key node['yum']['repo_name']['key'] do
+        url  node['yum']['repo_name']['key_url']
+        action :add
+      end
+
+      breakpoint "after yum_key node['yum']['repo_name']['key']" do
+        action :break
+      end
+
+      breakpoint "before yum_repository 'repo_name'" do
+        action :break
+      end
+
+      yum_repository 'repo_name' do
+        description 'description'
+        key node['yum']['repo_name']['key']
+        mirrorlist node['yum']['repo_name']['url']
+        includepkgs node['yum']['repo_name']['includepkgs']
+        exclude node['yum']['repo_name']['exclude']
+        action :create
+      end
+
+      breakpoint "after yum_repository 'repo_name'" do
+        action :break
+      end
+      ```
+
+      where the name of each breakpoint is an arbitrary string. In the previous examples, the names are used to indicate if the breakpoint is before or after a resource, and then also to specify which resource.
+      DOC
 
       default_action :break
 

data/lib/chef/resource/build_essential.rb

@@ -15,7 +15,7 @@
 #
 
 require_relative "../resource"
-require "plist"
+autoload :Plist, "plist"
 
 class Chef
   class Resource

data/lib/chef/resource/cab_package.rb

@@ -29,6 +29,35 @@ class Chef
 
       description "Use the **cab_package** resource to install or remove Microsoft Windows cabinet (.cab) packages."
       introduced "12.15"
+      examples <<~'DOC'
+      **Using local path in source**
+
+      ```ruby
+      cab_package 'Install .NET 3.5 sp1 via KB958488' do
+        source 'C:\Users\xyz\AppData\Local\Temp\Windows6.1-KB958488-x64.cab'
+        action :install
+      end
+
+      cab_package 'Remove .NET 3.5 sp1 via KB958488' do
+        source 'C:\Users\xyz\AppData\Local\Temp\Windows6.1-KB958488-x64.cab'
+        action :remove
+      end
+      ```
+
+      **Using URL in source**
+
+      ```ruby
+      cab_package 'Install .NET 3.5 sp1 via KB958488' do
+        source 'https://s3.amazonaws.com/my_bucket/Windows6.1-KB958488-x64.cab'
+        action :install
+      end
+
+      cab_package 'Remove .NET 3.5 sp1 via KB958488' do
+        source 'https://s3.amazonaws.com/my_bucket/Temp\Windows6.1-KB958488-x64.cab'
+        action :remove
+      end
+      ```
+      DOC
 
       allowed_actions :install, :remove
 

data/lib/chef/resource/chef_client_cron.rb

@@ -15,9 +15,9 @@
 #
 
 require_relative "../resource"
-require_relative "../dist"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
 require_relative "helpers/cron_validations"
-require "digest/md5"
+require "digest/md5" unless defined?(Digest::MD5)
 
 class Chef
   class Resource
@@ -26,25 +26,25 @@ class Chef
 
       provides :chef_client_cron
 
-      description "Use the **chef_client_cron** resource to setup the #{Chef::Dist::PRODUCT} to run as a cron job. This resource will also create the specified log directory if it doesn't already exist."
+      description "Use the **chef_client_cron** resource to setup the #{ChefUtils::Dist::Infra::PRODUCT} to run as a cron job. This resource will also create the specified log directory if it doesn't already exist."
       introduced "16.0"
       examples <<~DOC
-      **Setup #{Chef::Dist::PRODUCT} to run using the default 30 minute cadence**:
+      **Setup #{ChefUtils::Dist::Infra::PRODUCT} to run using the default 30 minute cadence**:
 
       ```ruby
-      chef_client_cron "Run #{Chef::Dist::PRODUCT} as a cron job"
+      chef_client_cron "Run #{ChefUtils::Dist::Infra::PRODUCT} as a cron job"
       ```
 
-      **Run #{Chef::Dist::PRODUCT} twice a day**:
+      **Run #{ChefUtils::Dist::Infra::PRODUCT} twice a day**:
 
       ```ruby
-      chef_client_cron "Run #{Chef::Dist::PRODUCT} every 12 hours" do
+      chef_client_cron "Run #{ChefUtils::Dist::Infra::PRODUCT} every 12 hours" do
         minute 0
         hour "0,12"
       end
       ```
 
-      **Run #{Chef::Dist::PRODUCT} with extra options passed to the client**:
+      **Run #{ChefUtils::Dist::Infra::PRODUCT} with extra options passed to the client**:
 
       ```ruby
       chef_client_cron "Run an override recipe" do
@@ -56,42 +56,42 @@ class Chef
       extend Chef::ResourceHelpers::CronValidations
 
       property :job_name, String,
-        default: Chef::Dist::CLIENT,
+        default: ChefUtils::Dist::Infra::CLIENT,
         description: "The name of the cron job to create."
 
       property :comment, String,
         description: "A comment to place in the cron.d file."
 
       property :user, String,
-        description: "The name of the user that #{Chef::Dist::PRODUCT} runs as.",
+        description: "The name of the user that #{ChefUtils::Dist::Infra::PRODUCT} runs as.",
         default: "root"
 
       property :minute, [Integer, String],
-        description: "The minute at which #{Chef::Dist::PRODUCT} is to run (0 - 59) or a cron pattern such as '0,30'.",
+        description: "The minute at which #{ChefUtils::Dist::Infra::PRODUCT} is to run (0 - 59) or a cron pattern such as '0,30'.",
         default: "0,30", callbacks: {
           "should be a valid minute spec" => method(:validate_minute),
         }
 
       property :hour, [Integer, String],
-        description: "The hour at which #{Chef::Dist::PRODUCT} is to run (0 - 23) or a cron pattern such as '0,12'.",
+        description: "The hour at which #{ChefUtils::Dist::Infra::PRODUCT} is to run (0 - 23) or a cron pattern such as '0,12'.",
         default: "*", callbacks: {
           "should be a valid hour spec" => method(:validate_hour),
         }
 
       property :day, [Integer, String],
-        description: "The day of month at which #{Chef::Dist::PRODUCT} is to run (1 - 31) or a cron pattern such as '1,7,14,21,28'.",
+        description: "The day of month at which #{ChefUtils::Dist::Infra::PRODUCT} is to run (1 - 31) or a cron pattern such as '1,7,14,21,28'.",
         default: "*", callbacks: {
           "should be a valid day spec" => method(:validate_day),
         }
 
       property :month, [Integer, String],
-        description: "The month in the year on which #{Chef::Dist::PRODUCT} is to run (1 - 12, jan-dec, or *).",
+        description: "The month in the year on which #{ChefUtils::Dist::Infra::PRODUCT} is to run (1 - 12, jan-dec, or *).",
         default: "*", callbacks: {
           "should be a valid month spec" => method(:validate_month),
         }
 
       property :weekday, [Integer, String],
-        description: "The day of the week on which #{Chef::Dist::PRODUCT} is to run (0-7, mon-sun, or *), where Sunday is both 0 and 7.",
+        description: "The day of the week on which #{ChefUtils::Dist::Infra::PRODUCT} is to run (0-7, mon-sun, or *), where Sunday is both 0 and 7.",
         default: "*", callbacks: {
           "should be a valid weekday spec" => method(:validate_dow),
         }
@@ -100,7 +100,7 @@ class Chef
         default: 300,
         coerce: proc { |x| Integer(x) },
         callbacks: { "should be a positive number" => proc { |v| v > 0 } },
-        description: "A random number of seconds between 0 and X to add to interval so that all #{Chef::Dist::CLIENT} commands don't execute at the same time."
+        description: "A random number of seconds between 0 and X to add to interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time."
 
       property :mailto, String,
         description: "The e-mail address to e-mail any cron task failures to."
@@ -110,12 +110,12 @@ class Chef
         default: false
 
       property :config_directory, String,
-        default: Chef::Dist::CONF_DIR,
+        default: ChefConfig::Config.etc_chef_dir,
         description: "The path of the config directory."
 
       property :log_directory, String,
-        default: lazy { platform?("mac_os_x") ? "/Library/Logs/#{Chef::Dist::DIR_SUFFIX.capitalize}" : "/var/log/#{Chef::Dist::DIR_SUFFIX}" },
-        default_description: "/Library/Logs/#{Chef::Dist::DIR_SUFFIX.capitalize} on macOS and /var/log/#{Chef::Dist::DIR_SUFFIX} otherwise",
+        default: lazy { platform?("mac_os_x") ? "/Library/Logs/#{ChefUtils::Dist::Infra::DIR_SUFFIX.capitalize}" : "/var/log/#{ChefUtils::Dist::Infra::DIR_SUFFIX}" },
+        default_description: "/Library/Logs/#{ChefUtils::Dist::Infra::DIR_SUFFIX.capitalize} on macOS and /var/log/#{ChefUtils::Dist::Infra::DIR_SUFFIX} otherwise",
         description: "The path of the directory to create the log file in."
 
       property :log_file_name, String,
@@ -127,17 +127,23 @@ class Chef
         description: "Append to the log file instead of overwriting the log file on each run."
 
       property :chef_binary_path, String,
-        default: "/opt/#{Chef::Dist::DIR_SUFFIX}/bin/#{Chef::Dist::CLIENT}",
-        description: "The path to the #{Chef::Dist::CLIENT} binary."
+        default: "/opt/#{ChefUtils::Dist::Infra::DIR_SUFFIX}/bin/#{ChefUtils::Dist::Infra::CLIENT}",
+        description: "The path to the #{ChefUtils::Dist::Infra::CLIENT} binary."
 
       property :daemon_options, Array,
         default: lazy { [] },
-        description: "An array of options to pass to the #{Chef::Dist::CLIENT} command."
+        description: "An array of options to pass to the #{ChefUtils::Dist::Infra::CLIENT} command."
 
       property :environment, Hash,
         default: lazy { {} },
         description: "A Hash containing additional arbitrary environment variables under which the cron job will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`."
 
+      property :nice, [Integer, String],
+        description: "The process priority to run the #{ChefUtils::Dist::Infra::CLIENT} process at. A value of -20 is the highest priority and 19 is the lowest priority.",
+        introduced: "16.5",
+        coerce: proc { |x| Integer(x) },
+        callbacks: { "should be an Integer between -20 and 19" => proc { |v| v >= -20 && v <= 19 } }
+
       action :add do
         # TODO: Replace this with a :create_if_missing action on directory when that exists
         unless ::Dir.exist?(new_resource.log_directory)
@@ -158,7 +164,7 @@ class Chef
           mailto      new_resource.mailto if new_resource.mailto
           user        new_resource.user
           comment     new_resource.comment if new_resource.comment
-          command     cron_command
+          command     client_command
         end
       end
 
@@ -187,15 +193,16 @@ class Chef
         #
         # @return [String]
         #
-        def cron_command
+        def client_command
           cmd = ""
           cmd << "/bin/sleep #{splay_sleep_time(new_resource.splay)}; "
+          cmd << "#{which("nice")} -n #{new_resource.nice} " if new_resource.nice
           cmd << "#{new_resource.chef_binary_path} "
           cmd << "#{new_resource.daemon_options.join(" ")} " unless new_resource.daemon_options.empty?
           cmd << "-c #{::File.join(new_resource.config_directory, "client.rb")} "
           cmd << "--chef-license accept " if new_resource.accept_chef_license
           cmd << log_command
-          cmd << " || echo \"#{Chef::Dist::PRODUCT} execution failed\"" if new_resource.mailto
+          cmd << " || echo \"#{ChefUtils::Dist::Infra::PRODUCT} execution failed\"" if new_resource.mailto
           cmd
         end
 

data/lib/chef/resource/chef_client_launchd.rb

@@ -0,0 +1,194 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require_relative "../resource"
+require "chef-utils/dist" unless defined?(ChefUtils::Dist)
+class Chef
+  class Resource
+    class ChefClientLaunchd < Chef::Resource
+      unified_mode true
+
+      provides :chef_client_launchd
+
+      description "Use the **chef_client_launchd** resource to configure the #{ChefUtils::Dist::Infra::PRODUCT} to run on a schedule."
+      introduced "16.5"
+      examples <<~DOC
+        **Set the #{ChefUtils::Dist::Infra::PRODUCT} to run on a schedule**:
+
+        ```ruby
+        chef_client_launchd 'Setup the #{ChefUtils::Dist::Infra::PRODUCT} to run every 30 minutes' do
+          interval 30
+          action :enable
+        end
+        ```
+
+        **Disable the #{ChefUtils::Dist::Infra::PRODUCT} running on a schedule**:
+
+        ```ruby
+        chef_client_launchd 'Prevent the #{ChefUtils::Dist::Infra::PRODUCT} from running on a schedule' do
+          action :disable
+        end
+        ```
+      DOC
+
+      property :user, String,
+        description: "The name of the user that #{ChefUtils::Dist::Infra::PRODUCT} runs as.",
+        default: "root"
+
+      property :working_directory, String,
+        description: "The working directory to run the #{ChefUtils::Dist::Infra::PRODUCT} from.",
+        default: "/var/root"
+
+      property :interval, [Integer, String],
+        description: "Time in minutes between #{ChefUtils::Dist::Infra::PRODUCT} executions.",
+        coerce: proc { |x| Integer(x) },
+        callbacks: { "should be a positive number" => proc { |v| v > 0 } },
+        default: 30
+
+      property :splay, [Integer, String],
+        default: 300,
+        coerce: proc { |x| Integer(x) },
+        callbacks: { "should be a positive number" => proc { |v| v > 0 } },
+        description: "A random number of seconds between 0 and X to add to interval so that all #{ChefUtils::Dist::Infra::CLIENT} commands don't execute at the same time."
+
+      property :accept_chef_license, [true, false],
+        description: "Accept the Chef Online Master License and Services Agreement. See <https://www.chef.io/online-master-agreement/>",
+        default: false
+
+      property :config_directory, String,
+        description: "The path of the config directory.",
+        default: ChefConfig::Config.etc_chef_dir
+
+      property :log_directory, String,
+        description: "The path of the directory to create the log file in.",
+        default: "/Library/Logs/Chef"
+
+      property :log_file_name, String,
+        description: "The name of the log file to use.",
+        default: "client.log"
+
+      property :chef_binary_path, String,
+        description: "The path to the #{ChefUtils::Dist::Infra::CLIENT} binary.",
+        default: "/opt/#{ChefUtils::Dist::Infra::DIR_SUFFIX}/bin/#{ChefUtils::Dist::Infra::CLIENT}"
+
+      property :daemon_options, Array,
+        description: "An array of options to pass to the #{ChefUtils::Dist::Infra::CLIENT} command.",
+        default: lazy { [] }
+
+      property :environment, Hash,
+        description: "A Hash containing additional arbitrary environment variables under which the launchd daemon will be run in the form of `({'ENV_VARIABLE' => 'VALUE'})`.",
+        default: lazy { {} }
+
+      property :nice, [Integer, String],
+        description: "The process priority to run the #{ChefUtils::Dist::Infra::CLIENT} process at. A value of -20 is the highest priority and 19 is the lowest priority.",
+        coerce: proc { |x| Integer(x) },
+        callbacks: { "should be an Integer between -20 and 19" => proc { |v| v >= -20 && v <= 19 } }
+
+      property :low_priority_io, [true, false],
+        description: "Run the #{ChefUtils::Dist::Infra::CLIENT} process with low priority disk IO",
+        default: true
+
+      action :enable do
+        unless ::Dir.exist?(new_resource.log_directory)
+          directory new_resource.log_directory do
+            owner new_resource.user
+            mode "0750"
+            recursive true
+          end
+        end
+
+        launchd "com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}" do
+          username new_resource.user
+          working_directory new_resource.working_directory
+          start_interval new_resource.interval * 60
+          program_arguments ["/bin/bash", "-c", client_command]
+          environment_variables new_resource.environment unless new_resource.environment.empty?
+          nice new_resource.nice
+          low_priority_io true
+          notifies :sleep, "chef_sleep[Sleep before client restart]", :immediately
+          action :create # create only creates the file. No service restart triggering
+        end
+
+        # Launchd doesn't have the concept of a reload aka restart. Instead to update a daemon config you have
+        # to unload it and then reload the new plist. That's usually fine, but not if chef-client is trying
+        # to restart itself. If the chef-client process uses launchd or macosx_service resources to restart itself
+        # we'll end up with a stopped service that will never get started back up. Instead we use this daemon
+        # that triggers when the chef-client plist file is updated, and handles the restart outside the run.
+        launchd "com.#{ChefUtils::Dist::Infra::SHORT}.restarter" do
+          username "root"
+          watch_paths ["/Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
+          standard_out_path ::File.join(new_resource.log_directory, new_resource.log_file_name)
+          standard_error_path ::File.join(new_resource.log_directory, new_resource.log_file_name)
+          program_arguments ["/bin/bash",
+                             "-c",
+                             "echo; echo #{ChefUtils::Dist::Infra::PRODUCT} launchd daemon config has been updated. Manually unloading and reloading the daemon; echo Now unloading the daemon; launchctl unload /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist; sleep 2; echo Now loading the daemon; launchctl load /Library/LaunchDaemons/com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}.plist"]
+          action :enable # enable creates the plist & triggers service restarts on change
+        end
+
+        # We want to make sure that after we update the chef-client launchd config that we don't move on to another recipe
+        # before the restarter daemon can do its thing. This sleep avoids killing the client while it's doing something like
+        # installing a package, which could be problematic. It also makes it a bit more clear in the log that the killed process
+        # was intentional.
+        chef_sleep "Sleep before client restart" do
+          seconds 10
+          action :nothing
+        end
+      end
+
+      action :disable do
+        service ChefUtils::Dist::Infra::PRODUCT do
+          service_name "com.#{ChefUtils::Dist::Infra::SHORT}.#{ChefUtils::Dist::Infra::CLIENT}"
+          action :disable
+        end
+
+        service "com.#{ChefUtils::Dist::Infra::SHORT}.restarter" do
+          action :disable
+        end
+      end
+
+      action_class do
+        #
+        # Generate a uniformly distributed unique number to sleep from 0 to the splay time
+        #
+        # @param [Integer] splay The number of seconds to splay
+        #
+        # @return [Integer]
+        #
+        def splay_sleep_time(splay)
+          seed = node["shard_seed"] || Digest::MD5.hexdigest(node.name).to_s.hex
+          random = Random.new(seed.to_i)
+          random.rand(splay)
+        end
+
+        #
+        # random sleep time + chef-client + daemon option properties + license acceptance
+        #
+        # @return [String]
+        #
+        def client_command
+          cmd = ""
+          cmd << "/bin/sleep #{splay_sleep_time(new_resource.splay)};"
+          cmd << " #{new_resource.chef_binary_path}"
+          cmd << " #{new_resource.daemon_options.join(" ")}" unless new_resource.daemon_options.empty?
+          cmd << " -c #{::File.join(new_resource.config_directory, "client.rb")}"
+          cmd << " -L #{::File.join(new_resource.log_directory, new_resource.log_file_name)}"
+          cmd << " --chef-license accept" if new_resource.accept_chef_license
+          cmd
+        end
+      end
+    end
+  end
+end