chef 16.4.41-universal-mingw32 → 16.5.64-universal-mingw32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (271) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/Rakefile +2 -2
  4. data/bin/knife +1 -1
  5. data/chef.gemspec +2 -1
  6. data/distro/templates/powershell/chef/chef.psm1.erb +18 -18
  7. data/ext/win32-eventlog/Rakefile +2 -2
  8. data/ext/win32-eventlog/chef-log.man.erb +4 -4
  9. data/lib/chef/application.rb +18 -16
  10. data/lib/chef/application/apply.rb +12 -7
  11. data/lib/chef/application/base.rb +26 -23
  12. data/lib/chef/application/client.rb +10 -4
  13. data/lib/chef/application/exit_code.rb +13 -4
  14. data/lib/chef/application/knife.rb +22 -11
  15. data/lib/chef/application/solo.rb +2 -1
  16. data/lib/chef/application/windows_service.rb +14 -14
  17. data/lib/chef/application/windows_service_manager.rb +6 -6
  18. data/lib/chef/chef_fs/knife.rb +2 -2
  19. data/lib/chef/chef_fs/parallelizer.rb +0 -1
  20. data/lib/chef/client.rb +10 -11
  21. data/lib/chef/cookbook/cookbook_version_loader.rb +1 -1
  22. data/lib/chef/cookbook/synchronizer.rb +2 -2
  23. data/lib/chef/cookbook_site_streaming_uploader.rb +13 -11
  24. data/lib/chef/cookbook_uploader.rb +1 -1
  25. data/lib/chef/data_collector.rb +6 -5
  26. data/lib/chef/data_collector/config_validation.rb +22 -13
  27. data/lib/chef/data_collector/run_end_message.rb +2 -2
  28. data/lib/chef/data_collector/run_start_message.rb +1 -1
  29. data/lib/chef/deprecated.rb +1 -1
  30. data/lib/chef/deprecation/warnings.rb +2 -2
  31. data/lib/chef/digester.rb +2 -2
  32. data/lib/chef/dsl/chef_vault.rb +1 -1
  33. data/lib/chef/dsl/data_query.rb +2 -2
  34. data/lib/chef/dsl/platform_introspection.rb +1 -1
  35. data/lib/chef/encrypted_data_bag_item.rb +3 -4
  36. data/lib/chef/encrypted_data_bag_item/decryptor.rb +3 -3
  37. data/lib/chef/encrypted_data_bag_item/encryptor.rb +3 -3
  38. data/lib/chef/environment.rb +2 -2
  39. data/lib/chef/event_loggers/windows_eventlog.rb +2 -2
  40. data/lib/chef/exceptions.rb +4 -4
  41. data/lib/chef/file_access_control/windows.rb +5 -1
  42. data/lib/chef/formatters/doc.rb +7 -6
  43. data/lib/chef/formatters/error_inspectors/api_error_formatting.rb +6 -5
  44. data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +3 -3
  45. data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +9 -9
  46. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +2 -2
  47. data/lib/chef/formatters/error_inspectors/run_list_expansion_error_inspector.rb +3 -3
  48. data/lib/chef/formatters/minimal.rb +5 -4
  49. data/lib/chef/http.rb +6 -4
  50. data/lib/chef/http/auth_credentials.rb +5 -1
  51. data/lib/chef/http/authenticator.rb +1 -1
  52. data/lib/chef/http/basic_client.rb +4 -2
  53. data/lib/chef/http/decompressor.rb +1 -1
  54. data/lib/chef/http/http_request.rb +7 -5
  55. data/lib/chef/http/socketless_chef_zero_client.rb +5 -2
  56. data/lib/chef/http/ssl_policies.rb +1 -1
  57. data/lib/chef/json_compat.rb +1 -1
  58. data/lib/chef/knife.rb +4 -4
  59. data/lib/chef/knife/bootstrap.rb +16 -14
  60. data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
  61. data/lib/chef/knife/bootstrap/templates/chef-full.erb +3 -3
  62. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +7 -7
  63. data/lib/chef/knife/client_create.rb +3 -3
  64. data/lib/chef/knife/config_get.rb +8 -97
  65. data/lib/chef/knife/config_get_profile.rb +9 -9
  66. data/lib/chef/knife/config_list.rb +139 -0
  67. data/lib/chef/knife/config_list_profiles.rb +8 -98
  68. data/lib/chef/knife/config_show.rb +127 -0
  69. data/lib/chef/knife/config_use.rb +61 -0
  70. data/lib/chef/knife/config_use_profile.rb +9 -24
  71. data/lib/chef/knife/configure.rb +2 -2
  72. data/lib/chef/knife/core/bootstrap_context.rb +2 -2
  73. data/lib/chef/knife/core/object_loader.rb +1 -1
  74. data/lib/chef/knife/core/windows_bootstrap_context.rb +11 -11
  75. data/lib/chef/knife/exec.rb +2 -2
  76. data/lib/chef/knife/node_show.rb +2 -2
  77. data/lib/chef/knife/serve.rb +3 -3
  78. data/lib/chef/knife/ssh.rb +16 -1
  79. data/lib/chef/knife/ssl_check.rb +3 -3
  80. data/lib/chef/knife/status.rb +2 -2
  81. data/lib/chef/knife/user_create.rb +2 -2
  82. data/lib/chef/knife/yaml_convert.rb +1 -1
  83. data/lib/chef/local_mode.rb +2 -2
  84. data/lib/chef/log/syslog.rb +2 -2
  85. data/lib/chef/log/winevt.rb +2 -2
  86. data/lib/chef/mixin/deep_merge.rb +0 -12
  87. data/lib/chef/mixin/openssl_helper.rb +1 -4
  88. data/lib/chef/mixin/template.rb +2 -2
  89. data/lib/chef/mixin/uris.rb +2 -2
  90. data/lib/chef/mixin/versioned_api.rb +1 -2
  91. data/lib/chef/monkey_patches/net_http.rb +4 -4
  92. data/lib/chef/node_map.rb +2 -2
  93. data/lib/chef/policy_builder/policyfile.rb +2 -2
  94. data/lib/chef/provider.rb +0 -4
  95. data/lib/chef/provider/file.rb +2 -2
  96. data/lib/chef/provider/ifconfig.rb +1 -1
  97. data/lib/chef/provider/launchd.rb +2 -2
  98. data/lib/chef/provider/mount/linux.rb +63 -0
  99. data/lib/chef/provider/package/rubygems.rb +21 -18
  100. data/lib/chef/provider/package/snap.rb +0 -1
  101. data/lib/chef/provider/package/windows.rb +2 -2
  102. data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +3 -1
  103. data/lib/chef/provider/package/zypper.rb +1 -1
  104. data/lib/chef/provider/remote_file/content.rb +3 -0
  105. data/lib/chef/provider/remote_file/ftp.rb +6 -4
  106. data/lib/chef/provider/remote_file/sftp.rb +6 -4
  107. data/lib/chef/provider/route.rb +2 -6
  108. data/lib/chef/provider/service/macosx.rb +2 -2
  109. data/lib/chef/provider/template_finder.rb +2 -10
  110. data/lib/chef/provider/user/dscl.rb +3 -3
  111. data/lib/chef/provider/user/mac.rb +1 -1
  112. data/lib/chef/provider/windows_task.rb +1 -2
  113. data/lib/chef/provider/zypper_repository.rb +2 -2
  114. data/lib/chef/provider_resolver.rb +1 -1
  115. data/lib/chef/providers.rb +1 -0
  116. data/lib/chef/recipe.rb +2 -2
  117. data/lib/chef/resource.rb +1 -1
  118. data/lib/chef/resource/apt_repository.rb +1 -1
  119. data/lib/chef/resource/bff_package.rb +22 -0
  120. data/lib/chef/resource/breakpoint.rb +57 -2
  121. data/lib/chef/resource/build_essential.rb +1 -1
  122. data/lib/chef/resource/cab_package.rb +29 -0
  123. data/lib/chef/resource/chef_client_cron.rb +32 -25
  124. data/lib/chef/resource/chef_client_launchd.rb +194 -0
  125. data/lib/chef/resource/chef_client_scheduled_task.rb +21 -18
  126. data/lib/chef/resource/chef_client_systemd_timer.rb +24 -17
  127. data/lib/chef/resource/chef_client_trusted_certificate.rb +101 -0
  128. data/lib/chef/resource/chef_gem.rb +10 -10
  129. data/lib/chef/resource/chef_handler.rb +148 -4
  130. data/lib/chef/resource/chef_sleep.rb +2 -2
  131. data/lib/chef/resource/chef_vault_secret.rb +1 -1
  132. data/lib/chef/resource/cookbook_file.rb +2 -2
  133. data/lib/chef/resource/cron/cron_d.rb +0 -1
  134. data/lib/chef/resource/dnf_package.rb +2 -2
  135. data/lib/chef/resource/dsc_resource.rb +0 -1
  136. data/lib/chef/resource/dsc_script.rb +2 -2
  137. data/lib/chef/resource/execute.rb +6 -6
  138. data/lib/chef/resource/file.rb +4 -4
  139. data/lib/chef/resource/gem_package.rb +5 -5
  140. data/lib/chef/resource/homebrew_package.rb +3 -3
  141. data/lib/chef/resource/homebrew_update.rb +5 -5
  142. data/lib/chef/resource/hostname.rb +2 -2
  143. data/lib/chef/resource/launchd.rb +2 -1
  144. data/lib/chef/resource/locale.rb +2 -2
  145. data/lib/chef/resource/macos_userdefaults.rb +3 -3
  146. data/lib/chef/resource/notify_group.rb +0 -1
  147. data/lib/chef/resource/ohai.rb +46 -3
  148. data/lib/chef/resource/ohai_hint.rb +33 -0
  149. data/lib/chef/resource/openssl_dhparam.rb +27 -5
  150. data/lib/chef/resource/openssl_ec_private_key.rb +6 -3
  151. data/lib/chef/resource/openssl_ec_public_key.rb +2 -2
  152. data/lib/chef/resource/openssl_rsa_private_key.rb +6 -3
  153. data/lib/chef/resource/openssl_x509_certificate.rb +14 -14
  154. data/lib/chef/resource/openssl_x509_crl.rb +19 -10
  155. data/lib/chef/resource/openssl_x509_request.rb +14 -16
  156. data/lib/chef/resource/osx_profile.rb +77 -13
  157. data/lib/chef/resource/plist.rb +1 -1
  158. data/lib/chef/resource/powershell_package_source.rb +5 -5
  159. data/lib/chef/resource/reboot.rb +2 -2
  160. data/lib/chef/resource/remote_file.rb +3 -3
  161. data/lib/chef/resource/rhsm_register.rb +22 -10
  162. data/lib/chef/resource/ruby_block.rb +2 -2
  163. data/lib/chef/resource/scm/subversion.rb +2 -2
  164. data/lib/chef/resource/service.rb +3 -3
  165. data/lib/chef/resource/ssh_known_hosts_entry.rb +2 -2
  166. data/lib/chef/resource/support/cron.d.erb +1 -1
  167. data/lib/chef/resource/support/cron_access.erb +1 -1
  168. data/lib/chef/resource/support/sudoer.erb +1 -1
  169. data/lib/chef/resource/support/ulimit.erb +1 -1
  170. data/lib/chef/resource/sysctl.rb +1 -5
  171. data/lib/chef/resource/systemd_unit.rb +2 -2
  172. data/lib/chef/resource/template.rb +2 -2
  173. data/lib/chef/resource/windows_ad_join.rb +10 -3
  174. data/lib/chef/resource/windows_certificate.rb +6 -4
  175. data/lib/chef/resource/windows_firewall_profile.rb +22 -20
  176. data/lib/chef/resource/windows_package.rb +28 -5
  177. data/lib/chef/resource/windows_printer.rb +5 -3
  178. data/lib/chef/resource/windows_printer_port.rb +6 -4
  179. data/lib/chef/resource/windows_user_privilege.rb +53 -54
  180. data/lib/chef/resource/windows_workgroup.rb +3 -3
  181. data/lib/chef/resource/yum_package.rb +2 -2
  182. data/lib/chef/resources.rb +3 -1
  183. data/lib/chef/run_context.rb +2 -2
  184. data/lib/chef/run_context/cookbook_compiler.rb +1 -1
  185. data/lib/chef/run_lock.rb +2 -2
  186. data/lib/chef/search/query.rb +4 -5
  187. data/lib/chef/shell.rb +31 -26
  188. data/lib/chef/shell/ext.rb +11 -11
  189. data/lib/chef/shell/shell_session.rb +2 -2
  190. data/lib/chef/train_transport.rb +5 -104
  191. data/lib/chef/util/diff.rb +3 -3
  192. data/lib/chef/util/powershell/cmdlet.rb +3 -1
  193. data/lib/chef/util/powershell/ps_credential.rb +18 -14
  194. data/lib/chef/util/threaded_job_queue.rb +0 -2
  195. data/lib/chef/version.rb +1 -1
  196. data/lib/chef/win32/crypto.rb +1 -1
  197. data/lib/chef/win32/registry.rb +1 -2
  198. data/spec/data/shef-config.rb +1 -1
  199. data/spec/functional/event_loggers/windows_eventlog_spec.rb +6 -5
  200. data/spec/functional/resource/aix_service_spec.rb +2 -2
  201. data/spec/functional/resource/aixinit_service_spec.rb +1 -1
  202. data/spec/functional/resource/insserv_spec.rb +1 -1
  203. data/spec/functional/resource/user/dscl_spec.rb +1 -1
  204. data/spec/functional/resource/user/mac_user_spec.rb +1 -1
  205. data/spec/functional/resource/windows_task_spec.rb +13 -13
  206. data/spec/functional/version_spec.rb +3 -3
  207. data/spec/integration/client/client_spec.rb +4 -4
  208. data/spec/integration/client/exit_code_spec.rb +3 -2
  209. data/spec/integration/client/ipv6_spec.rb +1 -1
  210. data/spec/integration/knife/{config_list_profiles_spec.rb → config_list_spec.rb} +30 -29
  211. data/spec/integration/knife/{config_get_spec.rb → config_show_spec.rb} +3 -3
  212. data/spec/integration/knife/{config_use_profile_spec.rb → config_use_spec.rb} +53 -10
  213. data/spec/integration/knife/cookbook_api_ipv6_spec.rb +1 -1
  214. data/spec/integration/ohai/ohai_spec.rb +61 -0
  215. data/spec/integration/recipes/remote_directory.rb +1 -1
  216. data/spec/integration/solo/solo_spec.rb +5 -5
  217. data/spec/spec_helper.rb +6 -3
  218. data/spec/stress/win32/file_spec.rb +1 -1
  219. data/spec/support/chef_helpers.rb +2 -2
  220. data/spec/support/matchers/leak.rb +2 -2
  221. data/spec/support/platform_helpers.rb +16 -34
  222. data/spec/support/shared/functional/securable_resource.rb +108 -27
  223. data/spec/support/shared/functional/win32_service.rb +1 -1
  224. data/spec/support/shared/unit/application_dot_d.rb +5 -3
  225. data/spec/tiny_server.rb +0 -1
  226. data/spec/unit/application/client_spec.rb +2 -2
  227. data/spec/unit/application/exit_code_spec.rb +10 -0
  228. data/spec/unit/application_spec.rb +4 -6
  229. data/spec/unit/chef_fs/parallelizer_spec.rb +5 -1
  230. data/spec/unit/chef_fs/path_util_spec.rb +1 -1
  231. data/spec/unit/cookbook/synchronizer_spec.rb +2 -2
  232. data/spec/unit/cookbook_spec.rb +2 -2
  233. data/spec/unit/data_collector/config_validation_spec.rb +208 -0
  234. data/spec/unit/data_collector_spec.rb +0 -113
  235. data/spec/unit/dsl/declare_resource_spec.rb +1 -1
  236. data/spec/unit/file_access_control_spec.rb +1 -1
  237. data/spec/unit/knife/bootstrap_spec.rb +6 -6
  238. data/spec/unit/knife/core/ui_spec.rb +1 -0
  239. data/spec/unit/knife/ssh_spec.rb +2 -2
  240. data/spec/unit/lwrp_spec.rb +3 -3
  241. data/spec/unit/mixin/deep_merge_spec.rb +15 -0
  242. data/spec/unit/mixin/openssl_helper_spec.rb +1 -1
  243. data/spec/unit/mixin/powershell_exec_spec.rb +1 -1
  244. data/spec/unit/mixin/securable_spec.rb +2 -2
  245. data/spec/unit/node/immutable_collections_spec.rb +2 -2
  246. data/spec/unit/provider/mount/linux_spec.rb +97 -0
  247. data/spec/unit/provider/package/chocolatey_spec.rb +1 -1
  248. data/spec/unit/provider/package/powershell_spec.rb +1 -1
  249. data/spec/unit/provider/package/rubygems_spec.rb +4 -1
  250. data/spec/unit/provider/route_spec.rb +0 -2
  251. data/spec/unit/recipe_spec.rb +1 -1
  252. data/spec/unit/resource/chef_client_cron_spec.rb +35 -14
  253. data/spec/unit/resource/chef_client_launchd_spec.rb +127 -0
  254. data/spec/unit/resource/chef_client_systemd_timer_spec.rb +36 -1
  255. data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +54 -0
  256. data/spec/unit/resource/launchd_spec.rb +8 -0
  257. data/spec/unit/resource/osx_profile_spec.rb +67 -1
  258. data/spec/unit/resource/rhsm_register_spec.rb +56 -18
  259. data/spec/unit/resource/windows_uac_spec.rb +1 -1
  260. data/spec/unit/resource/windows_user_privilege_spec.rb +55 -0
  261. data/spec/unit/run_lock_spec.rb +5 -1
  262. data/spec/unit/runner_spec.rb +1 -2
  263. data/spec/unit/shell/shell_ext_spec.rb +46 -3
  264. data/spec/unit/shell/shell_session_spec.rb +35 -64
  265. data/spec/unit/shell_spec.rb +16 -19
  266. data/spec/unit/train_transport_spec.rb +14 -13
  267. data/spec/unit/util/selinux_spec.rb +2 -0
  268. data/tasks/rspec.rb +0 -2
  269. metadata +41 -17
  270. data/lib/chef/dist.rb +0 -68
  271. data/spec/integration/knife/config_get_profile_spec.rb +0 -114
@@ -18,7 +18,7 @@
18
18
  # limitations under the License.
19
19
 
20
20
  require_relative "../resource"
21
- require_relative "../dist"
21
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
22
22
 
23
23
  class Chef
24
24
  class Resource
@@ -130,7 +130,7 @@ class Chef
130
130
 
131
131
  # all this does is send an immediate run_action(:create) to the template resource
132
132
  action :flush do
133
- description "Immediately flush the entries to the config file. Without this the actual writing of the file is delayed in the #{Chef::Dist::PRODUCT} run so all entries can be accumulated before writing the file out."
133
+ description "Immediately flush the entries to the config file. Without this the actual writing of the file is delayed in the #{ChefUtils::Dist::Infra::PRODUCT} run so all entries can be accumulated before writing the file out."
134
134
 
135
135
  with_run_context :root do
136
136
  # if you haven't ever called ssh_known_hosts_entry before you're definitely doing it wrong so we blow up hard.
@@ -1,4 +1,4 @@
1
- # Generated by <%= Chef::Dist::PRODUCT %>. Changes will be overwritten.
1
+ # Generated by <%= ChefUtils::Dist::Infra::PRODUCT %>. Changes will be overwritten.
2
2
  <% if @mailto -%>
3
3
  MAILTO=<%= @mailto %>
4
4
  <% end -%>
@@ -1,4 +1,4 @@
1
- # Generated by <%= Chef::Dist::PRODUCT %>. Changes will be overwritten.
1
+ # Generated by <%= ChefUtils::Dist::Infra::PRODUCT %>. Changes will be overwritten.
2
2
  <% @users.sort.uniq.each do |user| -%>
3
3
  <%= user %>
4
4
  <% end -%>
@@ -1,4 +1,4 @@
1
- # This file is managed by <%= Chef::Dist::PRODUCT %>. Changes will be overwritten.
1
+ # This file is managed by <%= ChefUtils::Dist::Infra::PRODUCT %>. Changes will be overwritten.
2
2
 
3
3
  <% @command_aliases.each do |a| -%>
4
4
  Cmnd_Alias <%= a[:name].upcase %> = <%= a[:command_list].join(', ') %>
@@ -1,4 +1,4 @@
1
- # Generated by <%= Chef::Dist::PRODUCT %>. Changes will be overwritten.
1
+ # Generated by <%= ChefUtils::Dist::Infra::PRODUCT %>. Changes will be overwritten.
2
2
 
3
3
  # Limits settings for <%= @ulimit_user %>
4
4
 
@@ -25,11 +25,7 @@ class Chef
25
25
  provides(:sysctl) { true }
26
26
  provides(:sysctl_param) { true }
27
27
 
28
- description "Use the **sysctl** resource to set or remove kernel parameters using the sysctl"\
29
- " command line tool and configuration files in the system's sysctl.d directory. "\
30
- "Configuration files managed by this resource are named 99-chef-KEYNAME.conf. If"\
31
- " an existing value was already set for the value it will be backed up to the node"\
32
- " and restored if the :remove action is used later."
28
+ description "Use the **sysctl** resource to set or remove kernel parameters using the `sysctl` command line tool and configuration files in the system's `sysctl.d` directory. Configuration files managed by this resource are named `99-chef-KEYNAME.conf`."
33
29
  examples <<~DOC
34
30
  **Set vm.swappiness**:
35
31
 
@@ -17,7 +17,7 @@
17
17
  #
18
18
 
19
19
  require_relative "../resource"
20
- require_relative "../dist"
20
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
21
21
  require "iniparse"
22
22
 
23
23
  class Chef
@@ -52,7 +52,7 @@ class Chef
52
52
  description: "The user account that the systemd unit process is run under. The path to the unit for that user would be something like '/etc/systemd/user/sshd.service'. If no user account is specified, the systemd unit will run under a 'system' account, with the path to the unit being something like '/etc/systemd/system/sshd.service'."
53
53
 
54
54
  property :content, [String, Hash],
55
- description: "A string or hash that contains a systemd [unit file](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) definition that describes the properties of systemd-managed entities, such as services, sockets, devices, and so on. In #{Chef::Dist::PRODUCT} 14.4 or later, repeatable options can be implemented with an array."
55
+ description: "A string or hash that contains a systemd [unit file](https://www.freedesktop.org/software/systemd/man/systemd.unit.html) definition that describes the properties of systemd-managed entities, such as services, sockets, devices, and so on. In #{ChefUtils::Dist::Infra::PRODUCT} 14.4 or later, repeatable options can be implemented with an array."
56
56
 
57
57
  property :triggers_reload, [TrueClass, FalseClass],
58
58
  description: "Specifies whether to trigger a daemon reload when creating or deleting a unit.",
@@ -20,7 +20,7 @@
20
20
 
21
21
  require_relative "file"
22
22
  require_relative "../mixin/securable"
23
- require_relative "../dist"
23
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
24
24
 
25
25
  class Chef
26
26
  class Resource
@@ -69,7 +69,7 @@ class Chef
69
69
 
70
70
  property :local, [ TrueClass, FalseClass ],
71
71
  default: false, desired_state: false,
72
- description: "Load a template from a local path. By default, the #{Chef::Dist::CLIENT} loads templates from a cookbook's /templates directory. When this property is set to true, use the source property to specify the path to a template on the local node."
72
+ description: "Load a template from a local path. By default, the #{ChefUtils::Dist::Infra::CLIENT} loads templates from a cookbook's /templates directory. When this property is set to true, use the source property to specify the path to a template on the local node."
73
73
 
74
74
  # Declares a helper method to be defined in the template context when
75
75
  # rendering.
@@ -16,7 +16,7 @@
16
16
  #
17
17
 
18
18
  require_relative "../resource"
19
- require_relative "../dist"
19
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
20
20
 
21
21
  class Chef
22
22
  class Resource
@@ -76,10 +76,15 @@ class Chef
76
76
 
77
77
  property :reboot, Symbol,
78
78
  equal_to: %i{immediate delayed never request_reboot reboot_now},
79
- validation_message: "The reboot property accepts :immediate (reboot as soon as the resource completes), :delayed (reboot once the #{Chef::Dist::PRODUCT} run completes), and :never (Don't reboot)",
80
- description: "Controls the system reboot behavior post domain joining. Reboot immediately, after the #{Chef::Dist::PRODUCT} run completes, or never. Note that a reboot is necessary for changes to take effect.",
79
+ validation_message: "The reboot property accepts :immediate (reboot as soon as the resource completes), :delayed (reboot once the #{ChefUtils::Dist::Infra::PRODUCT} run completes), and :never (Don't reboot)",
80
+ description: "Controls the system reboot behavior post domain joining. Reboot immediately, after the #{ChefUtils::Dist::Infra::PRODUCT} run completes, or never. Note that a reboot is necessary for changes to take effect.",
81
81
  default: :immediate
82
82
 
83
+ property :reboot_delay, Integer,
84
+ description: "The amount of time (in minutes) to delay a reboot request.",
85
+ default: 0,
86
+ introduced: "16.5"
87
+
83
88
  property :new_hostname, String,
84
89
  description: "Specifies a new hostname for the computer in the new domain.",
85
90
  introduced: "14.5"
@@ -116,6 +121,7 @@ class Chef
116
121
  unless new_resource.reboot == :never
117
122
  reboot "Reboot to join domain #{new_resource.domain_name}" do
118
123
  action clarify_reboot(new_resource.reboot)
124
+ delay_mins new_resource.reboot_delay
119
125
  reason "Reboot to join domain #{new_resource.domain_name}"
120
126
  end
121
127
  end
@@ -149,6 +155,7 @@ class Chef
149
155
  unless new_resource.reboot == :never
150
156
  reboot "Reboot to leave domain #{new_resource.domain_name}" do
151
157
  action clarify_reboot(new_resource.reboot)
158
+ delay_mins new_resource.reboot_delay
152
159
  reason "Reboot to leave domain #{new_resource.domain_name}"
153
160
  end
154
161
  end
@@ -19,9 +19,11 @@
19
19
 
20
20
  require_relative "../util/path_helper"
21
21
  require_relative "../resource"
22
- require "win32-certstore" if Chef::Platform.windows?
23
- require "openssl" unless defined?(OpenSSL)
24
- require_relative "../dist"
22
+ module Win32
23
+ autoload :Certstore, "win32-certstore" if Chef::Platform.windows?
24
+ end
25
+ autoload :OpenSSL, "openssl"
26
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
25
27
 
26
28
  class Chef
27
29
  class Resource
@@ -82,7 +84,7 @@ class Chef
82
84
 
83
85
  # lazy used to set default value of sensitive to true if password is set
84
86
  property :sensitive, [TrueClass, FalseClass],
85
- description: "Ensure that sensitive resource data is not logged by the #{Chef::Dist::CLIENT}.",
87
+ description: "Ensure that sensitive resource data is not logged by the #{ChefUtils::Dist::Infra::CLIENT}.",
86
88
  default: lazy { pfx_password ? true : false }, skip_docs: true
87
89
 
88
90
  action :create do
@@ -19,8 +19,6 @@
19
19
  class Chef
20
20
  class Resource
21
21
  class WindowsFirewallProfile < Chef::Resource
22
- unified_mode true
23
-
24
22
  provides :windows_firewall_profile
25
23
  description "Use the **windows_firewall_profile** resource to enable, disable, and configure the Windows firewall."
26
24
  introduced "16.3"
@@ -161,24 +159,6 @@ class Chef
161
159
  cmd
162
160
  end
163
161
 
164
- def load_firewall_state(profile_name)
165
- <<-EOH
166
- Remove-TypeData System.Array # workaround for PS bug here: https://bit.ly/2SRMQ8M
167
- $#{profile_name} = Get-NetFirewallProfile -Profile #{profile_name}
168
- ([PSCustomObject]@{
169
- default_inbound_action = $#{profile_name}.DefaultInboundAction.ToString()
170
- default_outbound_action = $#{profile_name}.DefaultOutboundAction.ToString()
171
- allow_inbound_rules = $#{profile_name}.AllowInboundRules.ToString()
172
- allow_local_firewall_rules = $#{profile_name}.AllowLocalFirewallRules.ToString()
173
- allow_local_ipsec_rules = $#{profile_name}.AllowLocalIPsecRules.ToString()
174
- allow_user_apps = $#{profile_name}.AllowUserApps.ToString()
175
- allow_user_ports = $#{profile_name}.AllowUserPorts.ToString()
176
- allow_unicast_response = $#{profile_name}.AllowUnicastResponseToMulticast.ToString()
177
- display_notification = $#{profile_name}.NotifyOnListen.ToString()
178
- }) | ConvertTo-Json
179
- EOH
180
- end
181
-
182
162
  def firewall_enabled?(profile_name)
183
163
  cmd = <<~CODE
184
164
  $#{profile_name} = Get-NetFirewallProfile -Profile #{profile_name}
@@ -194,6 +174,28 @@ class Chef
194
174
  end
195
175
  end
196
176
  end
177
+
178
+ private
179
+
180
+ # build the command to load the current resource
181
+ # @return [String] current firewall state
182
+ def load_firewall_state(profile_name)
183
+ <<-EOH
184
+ Remove-TypeData System.Array # workaround for PS bug here: https://bit.ly/2SRMQ8M
185
+ $#{profile_name} = Get-NetFirewallProfile -Profile #{profile_name}
186
+ ([PSCustomObject]@{
187
+ default_inbound_action = $#{profile_name}.DefaultInboundAction.ToString()
188
+ default_outbound_action = $#{profile_name}.DefaultOutboundAction.ToString()
189
+ allow_inbound_rules = $#{profile_name}.AllowInboundRules.ToString()
190
+ allow_local_firewall_rules = $#{profile_name}.AllowLocalFirewallRules.ToString()
191
+ allow_local_ipsec_rules = $#{profile_name}.AllowLocalIPsecRules.ToString()
192
+ allow_user_apps = $#{profile_name}.AllowUserApps.ToString()
193
+ allow_user_ports = $#{profile_name}.AllowUserPorts.ToString()
194
+ allow_unicast_response = $#{profile_name}.AllowUnicastResponseToMulticast.ToString()
195
+ display_notification = $#{profile_name}.NotifyOnListen.ToString()
196
+ }) | ConvertTo-Json
197
+ EOH
198
+ end
197
199
  end
198
200
  end
199
201
  end
@@ -20,7 +20,7 @@ require_relative "../mixin/uris"
20
20
  require_relative "package"
21
21
  require_relative "../provider/package/windows"
22
22
  require_relative "../win32/error" if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
23
- require_relative "../dist"
23
+ require "chef-utils/dist" unless defined?(ChefUtils::Dist)
24
24
 
25
25
  class Chef
26
26
  class Resource
@@ -30,7 +30,30 @@ class Chef
30
30
  provides(:windows_package) { true }
31
31
  provides :package, os: "windows"
32
32
 
33
- description "Use the **windows_package** resource to manage packages on the Microsoft Windows platform. The windows_package resource supports these installer formats:\n\n Microsoft Installer Package (MSI)\n Nullsoft Scriptable Install System (NSIS)\n Inno Setup (inno)\n Wise\n InstallShield\n Custom installers such as installing a non-.msi file that embeds an .msi-based installer\n"
33
+ description <<~DESC
34
+ Use the **windows_package** resource to manage packages on the Microsoft Windows platform.
35
+ The **windows_package** resource supports these installer formats:
36
+ * Microsoft Installer Package (MSI)
37
+ * Nullsoft Scriptable Install System (NSIS)
38
+ * Inno Setup (inno)
39
+ * Wise
40
+ * InstallShield
41
+ * Custom installers such as installing a non-.msi file that embeds an .msi-based installer
42
+
43
+ To enable idempotence of the `:install` action or to enable the `:remove` action with no source property specified,
44
+ `package_name` MUST be an exact match of the name used by the package installer. The names of installed packages
45
+ Windows knows about can be found in **Add/Remove programs**, in the output of `ohai packages`, or in the
46
+ `DisplayName` property in one of the following in the Windows registry:
47
+
48
+ * `HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall`
49
+ * `HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall`
50
+ * `HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall`
51
+
52
+ Note: If there are multiple versions of a package installed with the same display name, all of those packages will
53
+ be removed unless a version is provided in the **version** property or unless it can be discovered in the installer
54
+ file specified by the **source** property.
55
+ DESC
56
+
34
57
  introduced "11.12"
35
58
  examples <<~DOC
36
59
  **Install a package**:
@@ -135,15 +158,15 @@ class Chef
135
158
  end
136
159
  end),
137
160
  default_description: "The resource block's name", # this property is basically a name_property but not really so we need to spell it out
138
- description: "The path to a package in the local file system. The location of the package may be at a URL."
161
+ description: "The path to a package in the local file system or the URL of a remote file that will be downloaded."
139
162
 
140
163
  property :checksum, String,
141
164
  desired_state: false, coerce: (proc { |c| c.downcase }),
142
- description: "The SHA-256 checksum of the file. Use to prevent a file from being re-downloaded. When the local file matches the checksum, #{Chef::Dist::PRODUCT} does not download it. Use when a URL is specified by the `source` property."
165
+ description: "The SHA-256 checksum of the file. Use to prevent a file from being re-downloaded. When the local file matches the checksum, #{ChefUtils::Dist::Infra::PRODUCT} does not download it. Use when a URL is specified by the `source` property."
143
166
 
144
167
  property :remote_file_attributes, Hash,
145
168
  desired_state: false,
146
- description: "If the source package to install is at a remote location this property allows you to define a hash of properties and their value which will be used by the underlying remote_file resource, which fetches the source."
169
+ description: "If the source package to install is at a remote location, this property allows you to define a hash of properties which will be used by the underlying **remote_file** resource used to fetch the source."
147
170
  end
148
171
  end
149
172
  end
@@ -24,7 +24,7 @@ class Chef
24
24
  class WindowsPrinter < Chef::Resource
25
25
  unified_mode true
26
26
 
27
- require "resolv"
27
+ autoload :Resolv, "resolv"
28
28
 
29
29
  provides(:windows_printer) { true }
30
30
 
@@ -78,8 +78,10 @@ class Chef
78
78
 
79
79
  property :ipv4_address, String,
80
80
  description: "The IPv4 address of the printer, such as `10.4.64.23`",
81
- validation_message: "The ipv4_address property must be in the IPv4 format of `WWW.XXX.YYY.ZZZ`",
82
- regex: Resolv::IPv4::Regex
81
+ callbacks: {
82
+ "The ipv4_address property must be in the IPv4 format of `WWW.XXX.YYY.ZZZ`" =>
83
+ proc { |v| v.match(Resolv::IPv4::Regex) },
84
+ }
83
85
 
84
86
  PRINTERS_REG_KEY = 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\\'.freeze unless defined?(PRINTERS_REG_KEY)
85
87
 
@@ -24,7 +24,7 @@ class Chef
24
24
  class WindowsPrinterPort < Chef::Resource
25
25
  unified_mode true
26
26
 
27
- require "resolv"
27
+ autoload :Resolv, "resolv"
28
28
 
29
29
  provides(:windows_printer_port) { true }
30
30
 
@@ -61,9 +61,11 @@ class Chef
61
61
 
62
62
  property :ipv4_address, String,
63
63
  name_property: true,
64
- regex: Resolv::IPv4::Regex,
65
- validation_message: "The ipv4_address property must be in the format of WWW.XXX.YYY.ZZZ!",
66
- description: "An optional property for the IPv4 address of the printer if it differs from the resource block's name."
64
+ description: "An optional property for the IPv4 address of the printer if it differs from the resource block's name.",
65
+ callbacks: {
66
+ "The ipv4_address property must be in the format of WWW.XXX.YYY.ZZZ!" =>
67
+ proc { |v| v.match(Resolv::IPv4::Regex) },
68
+ }
67
69
 
68
70
  property :port_name, String,
69
71
  description: "The port name."
@@ -23,52 +23,6 @@ class Chef
23
23
  class WindowsUserPrivilege < Chef::Resource
24
24
  unified_mode true
25
25
 
26
- privilege_opts = %w{SeTrustedCredManAccessPrivilege
27
- SeNetworkLogonRight
28
- SeTcbPrivilege
29
- SeMachineAccountPrivilege
30
- SeIncreaseQuotaPrivilege
31
- SeInteractiveLogonRight
32
- SeRemoteInteractiveLogonRight
33
- SeBackupPrivilege
34
- SeChangeNotifyPrivilege
35
- SeSystemtimePrivilege
36
- SeTimeZonePrivilege
37
- SeCreatePagefilePrivilege
38
- SeCreateTokenPrivilege
39
- SeCreateGlobalPrivilege
40
- SeCreatePermanentPrivilege
41
- SeCreateSymbolicLinkPrivilege
42
- SeDebugPrivilege
43
- SeDenyNetworkLogonRight
44
- SeDenyBatchLogonRight
45
- SeDenyServiceLogonRight
46
- SeDenyInteractiveLogonRight
47
- SeDenyRemoteInteractiveLogonRight
48
- SeEnableDelegationPrivilege
49
- SeRemoteShutdownPrivilege
50
- SeAuditPrivilege
51
- SeImpersonatePrivilege
52
- SeIncreaseWorkingSetPrivilege
53
- SeIncreaseBasePriorityPrivilege
54
- SeLoadDriverPrivilege
55
- SeLockMemoryPrivilege
56
- SeBatchLogonRight
57
- SeServiceLogonRight
58
- SeSecurityPrivilege
59
- SeRelabelPrivilege
60
- SeSystemEnvironmentPrivilege
61
- SeManageVolumePrivilege
62
- SeProfileSingleProcessPrivilege
63
- SeSystemProfilePrivilege
64
- SeUndockPrivilege
65
- SeAssignPrimaryTokenPrivilege
66
- SeRestorePrivilege
67
- SeShutdownPrivilege
68
- SeSyncAgentPrivilege
69
- SeTakeOwnershipPrivilege
70
- }
71
-
72
26
  provides :windows_user_privilege
73
27
  description "The windows_user_privilege resource allows to add and set principal (User/Group) to the specified privilege.\n Ref: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment"
74
28
 
@@ -125,22 +79,67 @@ class Chef
125
79
  ```
126
80
  DOC
127
81
 
82
+ PRIVILEGE_OPTS = %w{ SeAssignPrimaryTokenPrivilege
83
+ SeAuditPrivilege
84
+ SeBackupPrivilege
85
+ SeBatchLogonRight
86
+ SeChangeNotifyPrivilege
87
+ SeCreateGlobalPrivilege
88
+ SeCreatePagefilePrivilege
89
+ SeCreatePermanentPrivilege
90
+ SeCreateSymbolicLinkPrivilege
91
+ SeCreateTokenPrivilege
92
+ SeDebugPrivilege
93
+ SeDenyBatchLogonRight
94
+ SeDenyInteractiveLogonRight
95
+ SeDenyNetworkLogonRight
96
+ SeDenyRemoteInteractiveLogonRight
97
+ SeDenyServiceLogonRight
98
+ SeEnableDelegationPrivilege
99
+ SeImpersonatePrivilege
100
+ SeIncreaseBasePriorityPrivilege
101
+ SeIncreaseQuotaPrivilege
102
+ SeIncreaseWorkingSetPrivilege
103
+ SeInteractiveLogonRight
104
+ SeLoadDriverPrivilege
105
+ SeLockMemoryPrivilege
106
+ SeMachineAccountPrivilege
107
+ SeManageVolumePrivilege
108
+ SeNetworkLogonRight
109
+ SeProfileSingleProcessPrivilege
110
+ SeRelabelPrivilege
111
+ SeRemoteInteractiveLogonRight
112
+ SeRemoteShutdownPrivilege
113
+ SeRestorePrivilege
114
+ SeSecurityPrivilege
115
+ SeServiceLogonRight
116
+ SeShutdownPrivilege
117
+ SeSyncAgentPrivilege
118
+ SeSystemEnvironmentPrivilege
119
+ SeSystemProfilePrivilege
120
+ SeSystemtimePrivilege
121
+ SeTakeOwnershipPrivilege
122
+ SeTcbPrivilege
123
+ SeTimeZonePrivilege
124
+ SeTrustedCredManAccessPrivilege
125
+ SeUndockPrivilege
126
+ }.freeze
127
+
128
128
  property :principal, String,
129
129
  description: "An optional property to add the user to the given privilege. Use only with add and remove action.",
130
130
  name_property: true
131
131
 
132
- property :users, Array,
133
- description: "An optional property to set the privilege for given users. Use only with set action."
132
+ property :users, [Array, String],
133
+ description: "An optional property to set the privilege for given users. Use only with set action.",
134
+ coerce: proc { |v| Array(v) }
134
135
 
135
136
  property :privilege, [Array, String],
136
- description: "Privilege to set for users.",
137
+ description: "One or more privileges to set for users.",
137
138
  required: true,
138
- coerce: proc { |v| v.is_a?(String) ? Array[v] : v },
139
+ coerce: proc { |v| Array(v) },
139
140
  callbacks: {
140
- "Option privilege must include any of the: #{privilege_opts}" => lambda { |v|
141
- (privilege_opts & v).size == v.size
142
- },
143
- }
141
+ "Privilege property restricted to the following values: #{PRIVILEGE_OPTS}" => lambda { |n| (n - PRIVILEGE_OPTS).empty? },
142
+ }
144
143
 
145
144
  load_current_value do |new_resource|
146
145
  if new_resource.principal && (new_resource.action.include?(:add) || new_resource.action.include?(:remove))