chef 16.4.41 → 16.8.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +6 -14
- data/README.md +1 -1
- data/Rakefile +22 -15
- data/bin/knife +1 -1
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +4 -2
- data/lib/chef/application.rb +19 -17
- data/lib/chef/application/apply.rb +12 -7
- data/lib/chef/application/base.rb +27 -24
- data/lib/chef/application/client.rb +16 -5
- data/lib/chef/application/exit_code.rb +13 -4
- data/lib/chef/application/knife.rb +22 -11
- data/lib/chef/application/solo.rb +2 -1
- data/lib/chef/application/windows_service.rb +14 -14
- data/lib/chef/application/windows_service_manager.rb +6 -6
- data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
- data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
- data/lib/chef/chef_fs/file_pattern.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
- data/lib/chef/chef_fs/knife.rb +2 -2
- data/lib/chef/chef_fs/parallelizer.rb +0 -1
- data/lib/chef/client.rb +16 -43
- data/lib/chef/compliance/default_attributes.rb +89 -0
- data/lib/chef/compliance/fetcher/automate.rb +69 -0
- data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
- data/lib/chef/compliance/reporter/automate.rb +202 -0
- data/lib/chef/compliance/reporter/chef_server_automate.rb +92 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
- data/lib/chef/compliance/reporter/json_file.rb +19 -0
- data/lib/chef/compliance/runner.rb +250 -0
- data/lib/chef/cookbook/cookbook_version_loader.rb +1 -1
- data/lib/chef/cookbook/gem_installer.rb +1 -1
- data/lib/chef/cookbook/synchronizer.rb +2 -2
- data/lib/chef/cookbook_manifest.rb +2 -1
- data/lib/chef/cookbook_site_streaming_uploader.rb +13 -11
- data/lib/chef/cookbook_uploader.rb +1 -1
- data/lib/chef/cookbook_version.rb +2 -5
- data/lib/chef/data_collector.rb +7 -6
- data/lib/chef/data_collector/config_validation.rb +22 -13
- data/lib/chef/data_collector/run_end_message.rb +2 -2
- data/lib/chef/data_collector/run_start_message.rb +1 -1
- data/lib/chef/deprecated.rb +1 -1
- data/lib/chef/deprecation/warnings.rb +2 -2
- data/lib/chef/digester.rb +2 -2
- data/lib/chef/dsl/chef_vault.rb +1 -1
- data/lib/chef/dsl/data_query.rb +2 -2
- data/lib/chef/dsl/platform_introspection.rb +1 -1
- data/lib/chef/encrypted_data_bag_item.rb +3 -4
- data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
- data/lib/chef/encrypted_data_bag_item/decryptor.rb +3 -3
- data/lib/chef/encrypted_data_bag_item/encryptor.rb +3 -3
- data/lib/chef/environment.rb +3 -3
- data/lib/chef/event_loggers/windows_eventlog.rb +2 -2
- data/lib/chef/exceptions.rb +9 -5
- data/lib/chef/file_access_control/windows.rb +6 -5
- data/lib/chef/file_content_management/tempfile.rb +1 -1
- data/lib/chef/formatters/doc.rb +7 -6
- data/lib/chef/formatters/error_inspectors/api_error_formatting.rb +6 -5
- data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +2 -2
- data/lib/chef/formatters/error_inspectors/node_load_error_inspector.rb +3 -3
- data/lib/chef/formatters/error_inspectors/registration_error_inspector.rb +9 -9
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +6 -6
- data/lib/chef/formatters/error_inspectors/run_list_expansion_error_inspector.rb +3 -3
- data/lib/chef/formatters/indentable_output_stream.rb +2 -2
- data/lib/chef/formatters/minimal.rb +5 -4
- data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
- data/lib/chef/http.rb +6 -14
- data/lib/chef/http/auth_credentials.rb +5 -1
- data/lib/chef/http/authenticator.rb +1 -1
- data/lib/chef/http/basic_client.rb +4 -2
- data/lib/chef/http/decompressor.rb +1 -1
- data/lib/chef/http/http_request.rb +7 -5
- data/lib/chef/http/socketless_chef_zero_client.rb +5 -2
- data/lib/chef/http/ssl_policies.rb +7 -1
- data/lib/chef/json_compat.rb +3 -8
- data/lib/chef/key.rb +1 -1
- data/lib/chef/knife.rb +4 -4
- data/lib/chef/knife/bootstrap.rb +18 -15
- data/lib/chef/knife/bootstrap/chef_vault_handler.rb +1 -1
- data/lib/chef/knife/bootstrap/templates/chef-full.erb +3 -3
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +9 -9
- data/lib/chef/knife/bootstrap/train_connector.rb +1 -1
- data/lib/chef/knife/client_create.rb +3 -3
- data/lib/chef/knife/config_get.rb +8 -97
- data/lib/chef/knife/config_get_profile.rb +9 -9
- data/lib/chef/knife/config_list.rb +139 -0
- data/lib/chef/knife/config_list_profiles.rb +8 -98
- data/lib/chef/knife/config_show.rb +127 -0
- data/lib/chef/knife/config_use.rb +61 -0
- data/lib/chef/knife/config_use_profile.rb +9 -24
- data/lib/chef/knife/configure.rb +2 -2
- data/lib/chef/knife/core/bootstrap_context.rb +2 -2
- data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
- data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
- data/lib/chef/knife/core/object_loader.rb +1 -1
- data/lib/chef/knife/core/ui.rb +5 -2
- data/lib/chef/knife/core/windows_bootstrap_context.rb +18 -15
- data/lib/chef/knife/exec.rb +2 -2
- data/lib/chef/knife/node_policy_set.rb +2 -2
- data/lib/chef/knife/node_run_list_add.rb +1 -1
- data/lib/chef/knife/node_run_list_remove.rb +1 -1
- data/lib/chef/knife/node_run_list_set.rb +1 -1
- data/lib/chef/knife/node_show.rb +2 -2
- data/lib/chef/knife/role_env_run_list_add.rb +1 -1
- data/lib/chef/knife/role_env_run_list_set.rb +1 -1
- data/lib/chef/knife/role_run_list_add.rb +1 -1
- data/lib/chef/knife/role_run_list_set.rb +1 -1
- data/lib/chef/knife/search.rb +0 -1
- data/lib/chef/knife/serve.rb +3 -3
- data/lib/chef/knife/ssh.rb +19 -4
- data/lib/chef/knife/ssl_check.rb +3 -3
- data/lib/chef/knife/status.rb +2 -2
- data/lib/chef/knife/tag_create.rb +1 -1
- data/lib/chef/knife/tag_delete.rb +1 -1
- data/lib/chef/knife/user_create.rb +2 -2
- data/lib/chef/knife/yaml_convert.rb +1 -1
- data/lib/chef/local_mode.rb +2 -2
- data/lib/chef/log/syslog.rb +2 -2
- data/lib/chef/log/winevt.rb +2 -2
- data/lib/chef/mixin/convert_to_class_name.rb +0 -56
- data/lib/chef/mixin/deep_merge.rb +0 -12
- data/lib/chef/mixin/openssl_helper.rb +2 -5
- data/lib/chef/mixin/powershell_exec.rb +24 -10
- data/lib/chef/mixin/powershell_out.rb +12 -5
- data/lib/chef/mixin/properties.rb +2 -0
- data/lib/chef/mixin/template.rb +3 -3
- data/lib/chef/mixin/unformatter.rb +1 -1
- data/lib/chef/mixin/uris.rb +4 -2
- data/lib/chef/mixin/versioned_api.rb +1 -2
- data/lib/chef/node/attribute_collections.rb +2 -6
- data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
- data/lib/chef/node_map.rb +4 -4
- data/lib/chef/platform/query_helpers.rb +4 -4
- data/lib/chef/policy_builder/dynamic.rb +2 -0
- data/lib/chef/policy_builder/policyfile.rb +2 -2
- data/lib/chef/powershell.rb +10 -4
- data/lib/chef/property.rb +1 -1
- data/lib/chef/provider.rb +1 -5
- data/lib/chef/provider/cron.rb +2 -13
- data/lib/chef/provider/dsc_resource.rb +12 -24
- data/lib/chef/provider/dsc_script.rb +16 -20
- data/lib/chef/provider/file.rb +2 -2
- data/lib/chef/provider/git.rb +5 -5
- data/lib/chef/provider/group.rb +14 -6
- data/lib/chef/provider/group/windows.rb +12 -1
- data/lib/chef/provider/ifconfig.rb +9 -9
- data/lib/chef/provider/ifconfig/debian.rb +38 -22
- data/lib/chef/provider/ifconfig/redhat.rb +54 -18
- data/lib/chef/provider/launchd.rb +3 -13
- data/lib/chef/provider/link.rb +0 -9
- data/lib/chef/provider/mount.rb +18 -1
- data/lib/chef/provider/mount/linux.rb +67 -0
- data/lib/chef/provider/mount/mount.rb +41 -43
- data/lib/chef/provider/package.rb +3 -0
- data/lib/chef/provider/package/apt.rb +1 -1
- data/lib/chef/provider/package/chocolatey.rb +6 -6
- data/lib/chef/provider/package/dpkg.rb +3 -12
- data/lib/chef/provider/package/freebsd/base.rb +3 -2
- data/lib/chef/provider/package/freebsd/pkgng.rb +1 -1
- data/lib/chef/provider/package/homebrew.rb +1 -1
- data/lib/chef/provider/package/ips.rb +1 -1
- data/lib/chef/provider/package/powershell.rb +2 -3
- data/lib/chef/provider/package/rubygems.rb +22 -19
- data/lib/chef/provider/package/snap.rb +1 -4
- data/lib/chef/provider/package/solaris.rb +0 -2
- data/lib/chef/provider/package/windows.rb +2 -2
- data/lib/chef/provider/package/windows/registry_uninstall_entry.rb +3 -1
- data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
- data/lib/chef/provider/package/zypper.rb +99 -72
- data/lib/chef/provider/powershell_script.rb +12 -1
- data/lib/chef/provider/registry_key.rb +4 -3
- data/lib/chef/provider/remote_file/content.rb +3 -0
- data/lib/chef/provider/remote_file/ftp.rb +6 -4
- data/lib/chef/provider/remote_file/sftp.rb +6 -4
- data/lib/chef/provider/route.rb +4 -8
- data/lib/chef/provider/service/debian.rb +2 -1
- data/lib/chef/provider/service/macosx.rb +2 -2
- data/lib/chef/provider/service/redhat.rb +1 -1
- data/lib/chef/provider/template_finder.rb +2 -10
- data/lib/chef/provider/user.rb +17 -9
- data/lib/chef/provider/user/aix.rb +1 -1
- data/lib/chef/provider/user/dscl.rb +5 -5
- data/lib/chef/provider/user/mac.rb +15 -7
- data/lib/chef/provider/user/solaris.rb +1 -1
- data/lib/chef/provider/user/windows.rb +10 -3
- data/lib/chef/provider/zypper_repository.rb +2 -2
- data/lib/chef/provider_resolver.rb +1 -1
- data/lib/chef/providers.rb +1 -3
- data/lib/chef/pwsh.rb +71 -0
- data/lib/chef/recipe.rb +2 -2
- data/lib/chef/resource.rb +2 -2
- data/lib/chef/resource/apt_repository.rb +6 -5
- data/lib/chef/resource/bash.rb +119 -1
- data/lib/chef/resource/batch.rb +1 -1
- data/lib/chef/resource/bff_package.rb +22 -0
- data/lib/chef/resource/breakpoint.rb +59 -2
- data/lib/chef/resource/build_essential.rb +5 -8
- data/lib/chef/resource/cab_package.rb +29 -0
- data/lib/chef/resource/chef_client_config.rb +313 -0
- data/lib/chef/resource/chef_client_cron.rb +35 -28
- data/lib/chef/resource/chef_client_launchd.rb +194 -0
- data/lib/chef/resource/chef_client_scheduled_task.rb +24 -21
- data/lib/chef/resource/chef_client_systemd_timer.rb +27 -20
- data/lib/chef/resource/chef_client_trusted_certificate.rb +101 -0
- data/lib/chef/resource/chef_gem.rb +10 -10
- data/lib/chef/resource/chef_handler.rb +149 -4
- data/lib/chef/resource/chef_sleep.rb +3 -3
- data/lib/chef/resource/chef_vault_secret.rb +1 -1
- data/lib/chef/resource/cookbook_file.rb +2 -2
- data/lib/chef/resource/cron/_cron_shared.rb +1 -0
- data/lib/chef/resource/cron/cron_d.rb +2 -3
- data/lib/chef/resource/csh.rb +2 -2
- data/lib/chef/resource/dnf_package.rb +2 -2
- data/lib/chef/resource/dsc_resource.rb +0 -1
- data/lib/chef/resource/dsc_script.rb +9 -2
- data/lib/chef/resource/execute.rb +10 -8
- data/lib/chef/resource/file.rb +4 -4
- data/lib/chef/resource/gem_package.rb +5 -5
- data/lib/chef/resource/homebrew_package.rb +3 -3
- data/lib/chef/resource/homebrew_update.rb +9 -6
- data/lib/chef/resource/hostname.rb +7 -7
- data/lib/chef/resource/ifconfig.rb +52 -5
- data/lib/chef/resource/kernel_module.rb +1 -1
- data/lib/chef/resource/ksh.rb +3 -3
- data/lib/chef/resource/launchd.rb +17 -16
- data/lib/chef/resource/locale.rb +2 -2
- data/lib/chef/resource/lwrp_base.rb +3 -5
- data/lib/chef/resource/macos_userdefaults.rb +3 -3
- data/lib/chef/resource/mount.rb +8 -2
- data/lib/chef/resource/notify_group.rb +0 -1
- data/lib/chef/resource/ohai.rb +46 -3
- data/lib/chef/resource/ohai_hint.rb +33 -0
- data/lib/chef/resource/openssl_dhparam.rb +27 -5
- data/lib/chef/resource/openssl_ec_private_key.rb +6 -3
- data/lib/chef/resource/openssl_ec_public_key.rb +2 -2
- data/lib/chef/resource/openssl_rsa_private_key.rb +6 -3
- data/lib/chef/resource/openssl_x509_certificate.rb +14 -14
- data/lib/chef/resource/openssl_x509_crl.rb +19 -10
- data/lib/chef/resource/openssl_x509_request.rb +14 -16
- data/lib/chef/resource/osx_profile.rb +77 -13
- data/lib/chef/resource/perl.rb +2 -2
- data/lib/chef/resource/plist.rb +3 -7
- data/lib/chef/resource/powershell_package_source.rb +24 -23
- data/lib/chef/resource/powershell_script.rb +14 -11
- data/lib/chef/resource/python.rb +2 -2
- data/lib/chef/resource/reboot.rb +2 -2
- data/lib/chef/resource/registry_key.rb +93 -2
- data/lib/chef/resource/remote_file.rb +3 -3
- data/lib/chef/resource/rhsm_register.rb +22 -10
- data/lib/chef/resource/route.rb +1 -1
- data/lib/chef/resource/ruby.rb +2 -2
- data/lib/chef/resource/ruby_block.rb +2 -2
- data/lib/chef/resource/scm/_scm.rb +2 -1
- data/lib/chef/resource/scm/git.rb +82 -1
- data/lib/chef/resource/scm/subversion.rb +14 -2
- data/lib/chef/resource/script.rb +2 -2
- data/lib/chef/resource/service.rb +3 -3
- data/lib/chef/resource/solaris_package.rb +0 -2
- data/lib/chef/resource/ssh_known_hosts_entry.rb +2 -2
- data/lib/chef/resource/sudo.rb +1 -1
- data/lib/chef/resource/support/client.erb +64 -0
- data/lib/chef/resource/support/cron.d.erb +1 -1
- data/lib/chef/resource/support/cron_access.erb +1 -1
- data/lib/chef/resource/support/sudoer.erb +1 -1
- data/lib/chef/resource/support/ulimit.erb +1 -1
- data/lib/chef/resource/sysctl.rb +1 -5
- data/lib/chef/resource/systemd_unit.rb +44 -3
- data/lib/chef/resource/template.rb +4 -4
- data/lib/chef/resource/windows_ad_join.rb +19 -12
- data/lib/chef/resource/windows_audit_policy.rb +26 -24
- data/lib/chef/resource/windows_certificate.rb +19 -11
- data/lib/chef/resource/windows_dfs_server.rb +7 -4
- data/lib/chef/resource/windows_env.rb +173 -0
- data/lib/chef/resource/windows_feature.rb +2 -0
- data/lib/chef/resource/windows_firewall_profile.rb +28 -31
- data/lib/chef/resource/windows_firewall_rule.rb +9 -11
- data/lib/chef/resource/windows_font.rb +1 -1
- data/lib/chef/resource/windows_package.rb +29 -5
- data/lib/chef/resource/windows_path.rb +38 -0
- data/lib/chef/resource/windows_printer.rb +5 -3
- data/lib/chef/resource/windows_printer_port.rb +6 -4
- data/lib/chef/resource/windows_security_policy.rb +5 -5
- data/lib/chef/resource/windows_service.rb +108 -0
- data/lib/chef/resource/windows_share.rb +18 -18
- data/lib/chef/resource/windows_task.rb +629 -28
- data/lib/chef/resource/windows_user_privilege.rb +53 -54
- data/lib/chef/resource/windows_workgroup.rb +9 -7
- data/lib/chef/resource/yum_package.rb +2 -2
- data/lib/chef/resource/yum_repository.rb +1 -1
- data/lib/chef/resource_collection/resource_set.rb +2 -6
- data/lib/chef/resource_inspector.rb +77 -75
- data/lib/chef/resource_reporter.rb +0 -2
- data/lib/chef/resources.rb +4 -1
- data/lib/chef/run_context.rb +2 -2
- data/lib/chef/run_context/cookbook_compiler.rb +1 -1
- data/lib/chef/run_lock.rb +3 -3
- data/lib/chef/search/query.rb +6 -5
- data/lib/chef/server_api.rb +0 -4
- data/lib/chef/shell.rb +31 -26
- data/lib/chef/shell/ext.rb +12 -12
- data/lib/chef/shell/shell_session.rb +2 -2
- data/lib/chef/train_transport.rb +5 -104
- data/lib/chef/util/backup.rb +1 -1
- data/lib/chef/util/diff.rb +3 -3
- data/lib/chef/util/dsc/configuration_generator.rb +52 -11
- data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
- data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
- data/lib/chef/util/dsc/resource_store.rb +5 -11
- data/lib/chef/util/powershell/ps_credential.rb +18 -14
- data/lib/chef/util/threaded_job_queue.rb +0 -2
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api/file.rb +4 -0
- data/lib/chef/win32/crypto.rb +1 -1
- data/lib/chef/win32/file.rb +1 -1
- data/lib/chef/win32/registry.rb +1 -2
- data/lib/chef/win32/security/sid.rb +1 -1
- data/lib/chef/win32/unicode.rb +1 -1
- data/spec/data/shef-config.rb +1 -1
- data/spec/functional/event_loggers/windows_eventlog_spec.rb +6 -5
- data/spec/functional/mixin/powershell_out_spec.rb +11 -3
- data/spec/functional/resource/aix_service_spec.rb +2 -2
- data/spec/functional/resource/aixinit_service_spec.rb +1 -1
- data/spec/functional/resource/apt_package_spec.rb +4 -6
- data/spec/functional/resource/chocolatey_package_spec.rb +3 -3
- data/spec/functional/resource/cron_spec.rb +3 -3
- data/spec/functional/resource/dsc_script_spec.rb +6 -9
- data/spec/functional/resource/insserv_spec.rb +1 -1
- data/spec/functional/resource/mount_spec.rb +10 -2
- data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
- data/spec/functional/resource/powershell_script_spec.rb +57 -14
- data/spec/functional/resource/user/dscl_spec.rb +1 -1
- data/spec/functional/resource/user/mac_user_spec.rb +1 -1
- data/spec/functional/resource/windows_certificate_spec.rb +10 -6
- data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
- data/spec/functional/resource/windows_package_spec.rb +36 -10
- data/spec/functional/resource/windows_share_spec.rb +103 -0
- data/spec/functional/resource/windows_task_spec.rb +15 -16
- data/spec/functional/resource/zypper_package_spec.rb +11 -0
- data/spec/functional/version_spec.rb +3 -3
- data/spec/integration/client/client_spec.rb +6 -5
- data/spec/integration/client/exit_code_spec.rb +3 -2
- data/spec/integration/client/ipv6_spec.rb +1 -1
- data/spec/integration/compliance/compliance_spec.rb +81 -0
- data/spec/integration/knife/client_key_create_spec.rb +1 -1
- data/spec/integration/knife/{config_list_profiles_spec.rb → config_list_spec.rb} +30 -29
- data/spec/integration/knife/{config_get_spec.rb → config_show_spec.rb} +3 -3
- data/spec/integration/knife/{config_use_profile_spec.rb → config_use_spec.rb} +53 -10
- data/spec/integration/knife/cookbook_api_ipv6_spec.rb +1 -1
- data/spec/integration/knife/node_create_spec.rb +1 -1
- data/spec/integration/knife/node_environment_set_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
- data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
- data/spec/integration/knife/node_show_spec.rb +1 -1
- data/spec/integration/ohai/ohai_spec.rb +61 -0
- data/spec/integration/recipes/notifies_spec.rb +1 -1
- data/spec/integration/recipes/provider_choice.rb +2 -2
- data/spec/integration/recipes/recipe_dsl_spec.rb +1 -0
- data/spec/integration/recipes/remote_directory.rb +1 -1
- data/spec/integration/solo/solo_spec.rb +5 -5
- data/spec/spec_helper.rb +9 -7
- data/spec/stress/win32/file_spec.rb +1 -1
- data/spec/support/chef_helpers.rb +2 -2
- data/spec/support/lib/chef/resource/cat.rb +1 -1
- data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
- data/spec/support/matchers/leak.rb +2 -2
- data/spec/support/mock/platform.rb +24 -16
- data/spec/support/platform_helpers.rb +27 -38
- data/spec/support/shared/functional/securable_resource.rb +108 -27
- data/spec/support/shared/functional/win32_service.rb +1 -1
- data/spec/support/shared/unit/application_dot_d.rb +5 -3
- data/spec/support/shared/unit/knife_shared.rb +1 -1
- data/spec/support/shared/unit/script_resource.rb +4 -4
- data/spec/support/shared/unit/windows_script_resource.rb +1 -1
- data/spec/tiny_server.rb +0 -1
- data/spec/unit/application/client_spec.rb +2 -2
- data/spec/unit/application/exit_code_spec.rb +10 -0
- data/spec/unit/application_spec.rb +4 -6
- data/spec/unit/chef_fs/config_spec.rb +1 -1
- data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
- data/spec/unit/chef_fs/parallelizer_spec.rb +5 -1
- data/spec/unit/chef_fs/path_util_spec.rb +1 -1
- data/spec/unit/client_spec.rb +17 -0
- data/spec/unit/compliance/fetcher/automate_spec.rb +134 -0
- data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
- data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
- data/spec/unit/compliance/runner_spec.rb +113 -0
- data/spec/unit/cookbook/synchronizer_spec.rb +2 -2
- data/spec/unit/cookbook_spec.rb +2 -2
- data/spec/unit/data_collector/config_validation_spec.rb +208 -0
- data/spec/unit/data_collector_spec.rb +0 -117
- data/spec/unit/dsl/declare_resource_spec.rb +1 -1
- data/spec/unit/file_access_control_spec.rb +1 -1
- data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
- data/spec/unit/http/ssl_policies_spec.rb +11 -0
- data/spec/unit/knife/bootstrap_spec.rb +6 -6
- data/spec/unit/knife/client_create_spec.rb +2 -2
- data/spec/unit/knife/configure_client_spec.rb +5 -5
- data/spec/unit/knife/configure_spec.rb +3 -3
- data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
- data/spec/unit/knife/cookbook_download_spec.rb +2 -2
- data/spec/unit/knife/cookbook_list_spec.rb +2 -2
- data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
- data/spec/unit/knife/core/node_editor_spec.rb +1 -1
- data/spec/unit/knife/core/ui_spec.rb +1 -0
- data/spec/unit/knife/environment_compare_spec.rb +3 -3
- data/spec/unit/knife/ssh_spec.rb +2 -2
- data/spec/unit/knife/supermarket_download_spec.rb +8 -8
- data/spec/unit/knife/supermarket_list_spec.rb +3 -3
- data/spec/unit/knife/supermarket_search_spec.rb +1 -1
- data/spec/unit/knife/tag_create_spec.rb +1 -1
- data/spec/unit/knife/tag_delete_spec.rb +1 -1
- data/spec/unit/knife/user_create_spec.rb +1 -1
- data/spec/unit/lwrp_spec.rb +3 -3
- data/spec/unit/mixin/deep_merge_spec.rb +15 -0
- data/spec/unit/mixin/openssl_helper_spec.rb +1 -1
- data/spec/unit/mixin/powershell_exec_spec.rb +40 -3
- data/spec/unit/mixin/powershell_out_spec.rb +14 -0
- data/spec/unit/mixin/securable_spec.rb +2 -2
- data/spec/unit/mixin/which.rb +1 -1
- data/spec/unit/node/immutable_collections_spec.rb +2 -2
- data/spec/unit/platform/query_helpers_spec.rb +11 -12
- data/spec/unit/provider/dsc_resource_spec.rb +10 -27
- data/spec/unit/provider/dsc_script_spec.rb +1 -1
- data/spec/unit/provider/group/windows_spec.rb +6 -0
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/mount/linux_spec.rb +107 -0
- data/spec/unit/provider/mount/mount_spec.rb +21 -10
- data/spec/unit/provider/mount/solaris_spec.rb +1 -1
- data/spec/unit/provider/mount/windows_spec.rb +1 -0
- data/spec/unit/provider/mount_spec.rb +31 -0
- data/spec/unit/provider/package/chocolatey_spec.rb +2 -3
- data/spec/unit/provider/package/powershell_spec.rb +88 -96
- data/spec/unit/provider/package/rubygems_spec.rb +4 -1
- data/spec/unit/provider/package/zypper_spec.rb +0 -25
- data/spec/unit/provider/package_spec.rb +2 -2
- data/spec/unit/provider/powershell_script_spec.rb +11 -0
- data/spec/unit/provider/route_spec.rb +0 -2
- data/spec/unit/provider/subversion_spec.rb +0 -3
- data/spec/unit/provider/systemd_unit_spec.rb +1 -1
- data/spec/unit/provider/user_spec.rb +7 -1
- data/spec/unit/provider/windows_env_spec.rb +18 -34
- data/spec/unit/provider/windows_path_spec.rb +6 -11
- data/spec/unit/provider/windows_task_spec.rb +7 -6
- data/spec/unit/recipe_spec.rb +1 -1
- data/spec/unit/resource/breakpoint_spec.rb +1 -1
- data/spec/unit/resource/build_essential_spec.rb +0 -12
- data/spec/unit/resource/chef_client_config_spec.rb +137 -0
- data/spec/unit/resource/chef_client_cron_spec.rb +35 -14
- data/spec/unit/resource/chef_client_launchd_spec.rb +127 -0
- data/spec/unit/resource/chef_client_systemd_timer_spec.rb +36 -1
- data/spec/unit/resource/chef_client_trusted_certificate_spec.rb +54 -0
- data/spec/unit/resource/ifconfig_spec.rb +2 -10
- data/spec/unit/resource/launchd_spec.rb +8 -0
- data/spec/unit/resource/mount_spec.rb +18 -5
- data/spec/unit/resource/osx_profile_spec.rb +67 -1
- data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
- data/spec/unit/resource/powershell_script_spec.rb +4 -74
- data/spec/unit/resource/rhsm_register_spec.rb +56 -18
- data/spec/unit/resource/service_spec.rb +2 -2
- data/spec/unit/resource/solaris_package_spec.rb +8 -10
- data/spec/unit/resource/windows_certificate_spec.rb +12 -0
- data/spec/unit/resource/windows_uac_spec.rb +1 -1
- data/spec/unit/resource/windows_user_privilege_spec.rb +55 -0
- data/spec/unit/resource_inspector_spec.rb +3 -3
- data/spec/unit/run_lock_spec.rb +5 -1
- data/spec/unit/runner_spec.rb +1 -2
- data/spec/unit/shell/shell_ext_spec.rb +46 -3
- data/spec/unit/shell/shell_session_spec.rb +35 -64
- data/spec/unit/shell_spec.rb +18 -21
- data/spec/unit/train_transport_spec.rb +14 -13
- data/spec/unit/util/dsc/configuration_generator_spec.rb +79 -0
- data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
- data/spec/unit/util/selinux_spec.rb +2 -0
- data/tasks/rspec.rb +1 -3
- metadata +80 -33
- data/lib/chef/dist.rb +0 -68
- data/lib/chef/monkey_patches/net_http.rb +0 -22
- data/lib/chef/provider/windows_env.rb +0 -210
- data/lib/chef/provider/windows_path.rb +0 -61
- data/lib/chef/provider/windows_task.rb +0 -632
- data/lib/chef/util/powershell/cmdlet.rb +0 -173
- data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
- data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
- data/spec/integration/knife/config_get_profile_spec.rb +0 -114
- data/spec/support/mock/constant.rb +0 -52
- data/spec/unit/monkey_patches/uri_spec.rb +0 -34
- data/spec/unit/provider_resolver_spec.rb +0 -885
- data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
- data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
- data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
@@ -0,0 +1,92 @@
|
|
1
|
+
require_relative "automate"
|
2
|
+
|
3
|
+
class Chef
|
4
|
+
module Compliance
|
5
|
+
module Reporter
|
6
|
+
#
|
7
|
+
# Used to send inspec reports to Chef Automate server via Chef Server
|
8
|
+
#
|
9
|
+
class ChefServerAutomate < Chef::Compliance::Reporter::Automate
|
10
|
+
def initialize(opts)
|
11
|
+
@entity_uuid = opts[:entity_uuid]
|
12
|
+
@run_id = opts[:run_id]
|
13
|
+
@node_name = opts[:node_info][:node]
|
14
|
+
@insecure = opts[:insecure]
|
15
|
+
@environment = opts[:node_info][:environment]
|
16
|
+
@roles = opts[:node_info][:roles]
|
17
|
+
@recipes = opts[:node_info][:recipes]
|
18
|
+
@url = opts[:url]
|
19
|
+
@chef_tags = opts[:node_info][:chef_tags]
|
20
|
+
@policy_group = opts[:node_info][:policy_group]
|
21
|
+
@policy_name = opts[:node_info][:policy_name]
|
22
|
+
@source_fqdn = opts[:node_info][:source_fqdn]
|
23
|
+
@organization_name = opts[:node_info][:organization_name]
|
24
|
+
@ipaddress = opts[:node_info][:ipaddress]
|
25
|
+
@fqdn = opts[:node_info][:fqdn]
|
26
|
+
@control_results_limit = opts[:control_results_limit]
|
27
|
+
@timestamp = opts.fetch(:timestamp) { Time.now }
|
28
|
+
end
|
29
|
+
|
30
|
+
def send_report(report)
|
31
|
+
unless @entity_uuid && @run_id
|
32
|
+
Chef::Log.error "entity_uuid(#{@entity_uuid}) or run_id(#{@run_id}) can't be nil, not sending report to #{ChefUtils::Dist::Automate::PRODUCT}"
|
33
|
+
return false
|
34
|
+
end
|
35
|
+
|
36
|
+
automate_report = truncate_controls_results(enriched_report(report), @control_results_limit)
|
37
|
+
|
38
|
+
report_size = Chef::JSONCompat.to_json(automate_report, validate_utf8: false).bytesize
|
39
|
+
# this is set to slightly less than the oc_erchef limit
|
40
|
+
if report_size > 900 * 1024
|
41
|
+
Chef::Log.warn "Generated report size is #{(report_size / (1024 * 1024.0)).round(2)} MB. #{ChefUtils::Dist::Server::PRODUCT} < 13.0 defaults to a limit of ~1MB, 13.0+ defaults to a limit of ~2MB."
|
42
|
+
end
|
43
|
+
|
44
|
+
Chef::Log.info "Report to #{ChefUtils::Dist::Automate::PRODUCT} via #{ChefUtils::Dist::Server::PRODUCT}: #{@url}"
|
45
|
+
with_http_rescue do
|
46
|
+
http_client.post(@url, automate_report)
|
47
|
+
return true
|
48
|
+
end
|
49
|
+
false
|
50
|
+
end
|
51
|
+
|
52
|
+
def http_client
|
53
|
+
config = if @insecure
|
54
|
+
Chef::Config.merge(ssl_verify_mode: :verify_none)
|
55
|
+
else
|
56
|
+
Chef::Config
|
57
|
+
end
|
58
|
+
|
59
|
+
Chef::ServerAPI.new(@url, config)
|
60
|
+
end
|
61
|
+
|
62
|
+
def with_http_rescue
|
63
|
+
response = yield
|
64
|
+
if response.respond_to?(:code)
|
65
|
+
# handle non 200 error codes, they are not raised as Net::HTTPClientException
|
66
|
+
handle_http_error_code(response.code) if response.code.to_i >= 300
|
67
|
+
end
|
68
|
+
response
|
69
|
+
rescue Net::HTTPClientException => e
|
70
|
+
Chef::Log.error e
|
71
|
+
handle_http_error_code(e.response.code)
|
72
|
+
end
|
73
|
+
|
74
|
+
def handle_http_error_code(code)
|
75
|
+
case code
|
76
|
+
when /401|403/
|
77
|
+
Chef::Log.error "Auth issue: see audit cookbook TROUBLESHOOTING.md"
|
78
|
+
when /404/
|
79
|
+
Chef::Log.error "Object does not exist on remote server."
|
80
|
+
when /413/
|
81
|
+
Chef::Log.error "You most likely hit the erchef request size in #{ChefUtils::Dist::Server::PRODUCT} that defaults to ~2MB. To increase this limit see audit cookbook TROUBLESHOOTING.md OR https://docs.chef.io/config_rb_server.html"
|
82
|
+
when /429/
|
83
|
+
Chef::Log.error "This error typically means the data sent was larger than #{ChefUtils::Dist::Automate::PRODUCT}'s limit (4 MB). Run InSpec locally to identify any controls producing large diffs."
|
84
|
+
end
|
85
|
+
msg = "Received HTTP error #{code}"
|
86
|
+
Chef::Log.error msg
|
87
|
+
raise msg
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
class Chef
|
2
|
+
module Compliance
|
3
|
+
module Reporter
|
4
|
+
class AuditEnforcer
|
5
|
+
class ControlFailure < StandardError; end
|
6
|
+
|
7
|
+
def send_report(report)
|
8
|
+
report.fetch(:profiles, []).each do |profile|
|
9
|
+
profile.fetch(:controls, []).each do |control|
|
10
|
+
control.fetch(:results, []).each do |result|
|
11
|
+
raise ControlFailure, "Audit #{control[:id]} has failed. Aborting #{ChefUtils::Dist::Infra::CLIENT} run." if result[:status] == "failed"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
true
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require_relative "../../json_compat"
|
2
|
+
|
3
|
+
class Chef
|
4
|
+
module Compliance
|
5
|
+
module Reporter
|
6
|
+
class JsonFile
|
7
|
+
def initialize(opts)
|
8
|
+
@path = opts.fetch(:file)
|
9
|
+
end
|
10
|
+
|
11
|
+
def send_report(report)
|
12
|
+
FileUtils.mkdir_p(File.dirname(@path), mode: 0700)
|
13
|
+
|
14
|
+
File.write(@path, Chef::JSONCompat.to_json(report))
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,250 @@
|
|
1
|
+
autoload :Inspec, "inspec"
|
2
|
+
|
3
|
+
require_relative "default_attributes"
|
4
|
+
require_relative "reporter/automate"
|
5
|
+
require_relative "reporter/chef_server_automate"
|
6
|
+
require_relative "reporter/compliance_enforcer"
|
7
|
+
require_relative "reporter/json_file"
|
8
|
+
|
9
|
+
class Chef
|
10
|
+
module Compliance
|
11
|
+
class Runner < EventDispatch::Base
|
12
|
+
extend Forwardable
|
13
|
+
|
14
|
+
attr_accessor :run_id, :recipes
|
15
|
+
attr_reader :node
|
16
|
+
def_delegators :node, :logger
|
17
|
+
|
18
|
+
def enabled?
|
19
|
+
audit_cookbook_present = recipes.include?("audit::default")
|
20
|
+
|
21
|
+
logger.info("#{self.class}##{__method__}: #{Inspec::Dist::PRODUCT_NAME} profiles? #{inspec_profiles.any?}")
|
22
|
+
logger.info("#{self.class}##{__method__}: audit cookbook? #{audit_cookbook_present}")
|
23
|
+
|
24
|
+
inspec_profiles.any? && !audit_cookbook_present
|
25
|
+
end
|
26
|
+
|
27
|
+
def node=(node)
|
28
|
+
@node = node
|
29
|
+
node.default["audit"] = Chef::Compliance::DEFAULT_ATTRIBUTES.merge(node.default["audit"])
|
30
|
+
end
|
31
|
+
|
32
|
+
def node_load_completed(node, _expanded_run_list, _config)
|
33
|
+
self.node = node
|
34
|
+
end
|
35
|
+
|
36
|
+
def run_started(run_status)
|
37
|
+
self.run_id = run_status.run_id
|
38
|
+
end
|
39
|
+
|
40
|
+
def run_list_expanded(run_list_expansion)
|
41
|
+
self.recipes = run_list_expansion.recipes
|
42
|
+
end
|
43
|
+
|
44
|
+
def run_completed(_node, _run_status)
|
45
|
+
return unless enabled?
|
46
|
+
|
47
|
+
logger.info("#{self.class}##{__method__}: enabling Compliance Phase")
|
48
|
+
|
49
|
+
report
|
50
|
+
end
|
51
|
+
|
52
|
+
def run_failed(_exception, _run_status)
|
53
|
+
return unless enabled?
|
54
|
+
|
55
|
+
logger.info("#{self.class}##{__method__}: enabling Compliance Phase")
|
56
|
+
|
57
|
+
report
|
58
|
+
end
|
59
|
+
|
60
|
+
### Below code adapted from audit cookbook's files/default/handler/audit_report.rb
|
61
|
+
|
62
|
+
DEPRECATED_CONFIG_VALUES = %w{
|
63
|
+
attributes_save
|
64
|
+
chef_node_attribute_enabled
|
65
|
+
fail_if_not_present
|
66
|
+
inspec_gem_source
|
67
|
+
inspec_version
|
68
|
+
interval
|
69
|
+
owner
|
70
|
+
raise_if_unreachable
|
71
|
+
}.freeze
|
72
|
+
|
73
|
+
def warn_for_deprecated_config_values!
|
74
|
+
deprecated_config_values = (node["audit"].keys & DEPRECATED_CONFIG_VALUES)
|
75
|
+
|
76
|
+
if deprecated_config_values.any?
|
77
|
+
values = deprecated_config_values.sort.map { |v| "'#{v}'" }.join(", ")
|
78
|
+
logger.warn "audit cookbook config values #{values} are not supported in #{ChefUtils::Dist::Infra::PRODUCT}'s Compliance Phase."
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
def report(report = generate_report)
|
83
|
+
warn_for_deprecated_config_values!
|
84
|
+
|
85
|
+
if report.empty?
|
86
|
+
logger.error "Compliance report was not generated properly, skipped reporting"
|
87
|
+
return
|
88
|
+
end
|
89
|
+
|
90
|
+
Array(node["audit"]["reporter"]).each do |reporter|
|
91
|
+
send_report(reporter, report)
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
def inspec_opts
|
96
|
+
{
|
97
|
+
backend_cache: node["audit"]["inspec_backend_cache"],
|
98
|
+
inputs: node["audit"]["attributes"],
|
99
|
+
logger: logger,
|
100
|
+
output: node["audit"]["quiet"] ? ::File::NULL : STDOUT,
|
101
|
+
report: true,
|
102
|
+
reporter: ["json-automate"],
|
103
|
+
reporter_backtrace_inclusion: node["audit"]["result_include_backtrace"],
|
104
|
+
reporter_message_truncation: node["audit"]["result_message_limit"],
|
105
|
+
waiver_file: Array(node["audit"]["waiver_file"]),
|
106
|
+
}
|
107
|
+
end
|
108
|
+
|
109
|
+
def inspec_profiles
|
110
|
+
profiles = node["audit"]["profiles"]
|
111
|
+
|
112
|
+
# TODO: Custom exception class here?
|
113
|
+
unless profiles.respond_to?(:map) && profiles.all? { |_, p| p.respond_to?(:transform_keys) && p.respond_to?(:update) }
|
114
|
+
raise "#{Inspec::Dist::PRODUCT_NAME} profiles specified in an unrecognized format, expected a hash of hashes."
|
115
|
+
end
|
116
|
+
|
117
|
+
profiles.map do |name, profile|
|
118
|
+
profile.transform_keys(&:to_sym).update(name: name)
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
def load_fetchers!
|
123
|
+
case node["audit"]["fetcher"]
|
124
|
+
when "chef-automate"
|
125
|
+
require_relative "fetcher/automate"
|
126
|
+
when "chef-server"
|
127
|
+
require_relative "fetcher/chef_server"
|
128
|
+
when nil
|
129
|
+
# intentionally blank
|
130
|
+
else
|
131
|
+
raise "Invalid value specified for Compliance Phase's fetcher: '#{node["audit"]["fetcher"]}'. Valid values are 'chef-automate', 'chef-server', or nil."
|
132
|
+
end
|
133
|
+
end
|
134
|
+
|
135
|
+
def generate_report(opts: inspec_opts, profiles: inspec_profiles)
|
136
|
+
load_fetchers!
|
137
|
+
|
138
|
+
logger.debug "Options are set to: #{opts}"
|
139
|
+
runner = ::Inspec::Runner.new(opts)
|
140
|
+
|
141
|
+
if profiles.empty?
|
142
|
+
failed_report("No #{Inspec::Dist::PRODUCT_NAME} profiles are defined.")
|
143
|
+
return
|
144
|
+
end
|
145
|
+
|
146
|
+
profiles.each { |target| runner.add_target(target) }
|
147
|
+
|
148
|
+
logger.info "Running profiles from: #{profiles.inspect}"
|
149
|
+
runner.run
|
150
|
+
runner.report.tap do |r|
|
151
|
+
logger.debug "Compliance Report #{r}"
|
152
|
+
end
|
153
|
+
rescue Inspec::FetcherFailure => e
|
154
|
+
failed_report("Cannot fetch all profiles: #{profiles}. Please make sure you're authenticated and the server is reachable. #{e.message}")
|
155
|
+
rescue => e
|
156
|
+
failed_report(e.message)
|
157
|
+
end
|
158
|
+
|
159
|
+
# In case InSpec raises a runtime exception without providing a valid report,
|
160
|
+
# we make one up and add two new fields to it: `status` and `status_message`
|
161
|
+
def failed_report(err)
|
162
|
+
logger.error "#{Inspec::Dist::PRODUCT_NAME} has raised a runtime exception. Generating a minimal failed report."
|
163
|
+
logger.error err
|
164
|
+
{
|
165
|
+
"platform": {
|
166
|
+
"name": "unknown",
|
167
|
+
"release": "unknown",
|
168
|
+
},
|
169
|
+
"profiles": [],
|
170
|
+
"statistics": {
|
171
|
+
"duration": 0.0000001,
|
172
|
+
},
|
173
|
+
"version": Inspec::VERSION,
|
174
|
+
"status": "failed",
|
175
|
+
"status_message": err,
|
176
|
+
}
|
177
|
+
end
|
178
|
+
|
179
|
+
# extracts relevant node data
|
180
|
+
def node_info
|
181
|
+
runlist_roles = node.run_list.select { |item| item.type == :role }.map(&:name)
|
182
|
+
runlist_recipes = node.run_list.select { |item| item.type == :recipe }.map(&:name)
|
183
|
+
{
|
184
|
+
node: node.name,
|
185
|
+
os: {
|
186
|
+
release: node["platform_version"],
|
187
|
+
family: node["platform"],
|
188
|
+
},
|
189
|
+
environment: node.environment,
|
190
|
+
roles: runlist_roles,
|
191
|
+
recipes: runlist_recipes,
|
192
|
+
policy_name: node.policy_name || "",
|
193
|
+
policy_group: node.policy_group || "",
|
194
|
+
chef_tags: node.tags,
|
195
|
+
organization_name: chef_server_uri.path.split("/").last || "",
|
196
|
+
source_fqdn: chef_server_uri.host || "",
|
197
|
+
ipaddress: node["ipaddress"],
|
198
|
+
fqdn: node["fqdn"],
|
199
|
+
}
|
200
|
+
end
|
201
|
+
|
202
|
+
def send_report(reporter, report)
|
203
|
+
logger.info "Reporting to #{reporter}"
|
204
|
+
|
205
|
+
insecure = node["audit"]["insecure"]
|
206
|
+
run_time_limit = node["audit"]["run_time_limit"]
|
207
|
+
control_results_limit = node["audit"]["control_results_limit"]
|
208
|
+
|
209
|
+
case reporter
|
210
|
+
when "chef-automate"
|
211
|
+
opts = {
|
212
|
+
entity_uuid: node["chef_guid"],
|
213
|
+
run_id: run_id,
|
214
|
+
node_info: node_info,
|
215
|
+
insecure: insecure,
|
216
|
+
run_time_limit: run_time_limit,
|
217
|
+
control_results_limit: control_results_limit,
|
218
|
+
}
|
219
|
+
Chef::Compliance::Reporter::Automate.new(opts).send_report(report)
|
220
|
+
when "chef-server-automate"
|
221
|
+
chef_url = node["audit"]["server"] || base_chef_server_url
|
222
|
+
chef_org = Chef::Config[:chef_server_url].split("/").last
|
223
|
+
if chef_url
|
224
|
+
url = construct_url(chef_url, File.join("organizations", chef_org, "data-collector"))
|
225
|
+
opts = {
|
226
|
+
entity_uuid: node["chef_guid"],
|
227
|
+
run_id: run_id,
|
228
|
+
node_info: node_info,
|
229
|
+
insecure: insecure,
|
230
|
+
url: url,
|
231
|
+
run_time_limit: run_time_limit,
|
232
|
+
control_results_limit: control_results_limit,
|
233
|
+
}
|
234
|
+
Chef::Compliance::Reporter::ChefServer.new(opts).send_report(report)
|
235
|
+
else
|
236
|
+
logger.warn "Unable to determine #{ChefUtils::Dist::Server::PRODUCT} url required by #{Inspec::Dist::PRODUCT_NAME} report collector '#{reporter}'. Skipping..."
|
237
|
+
end
|
238
|
+
when "json-file"
|
239
|
+
path = node["audit"]["json_file"]["location"]
|
240
|
+
logger.info "Writing compliance report to #{path}"
|
241
|
+
Chef::Compliance::Reporter::JsonFile.new(file: path).send_report(report)
|
242
|
+
when "audit-enforcer"
|
243
|
+
Chef::Compliance::Reporter::ComplianceEnforcer.new.send_report(report)
|
244
|
+
else
|
245
|
+
logger.warn "#{reporter} is not a supported #{Inspec::Dist::PRODUCT_NAME} report collector"
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
end
|
250
|
+
end
|
@@ -17,7 +17,7 @@ require_relative "../client"
|
|
17
17
|
require_relative "../util/threaded_job_queue"
|
18
18
|
require_relative "../server_api"
|
19
19
|
require "singleton" unless defined?(Singleton)
|
20
|
-
|
20
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
21
21
|
|
22
22
|
class Chef
|
23
23
|
|
@@ -65,7 +65,7 @@ class Chef
|
|
65
65
|
# manifest.
|
66
66
|
cache.find(File.join(%w{cookbooks ** {*,.*}})).each do |cache_filename|
|
67
67
|
unless @valid_cache_entries[cache_filename]
|
68
|
-
Chef::Log.info("Removing #{cache_filename} from the cache; it is no longer needed by #{
|
68
|
+
Chef::Log.info("Removing #{cache_filename} from the cache; it is no longer needed by #{ChefUtils::Dist::Infra::CLIENT}.")
|
69
69
|
cache.delete(cache_filename)
|
70
70
|
end
|
71
71
|
end
|
@@ -282,7 +282,7 @@ class Chef
|
|
282
282
|
|
283
283
|
name = File.join(segment, pathname.basename.to_s)
|
284
284
|
|
285
|
-
if
|
285
|
+
if %w{templates files}.include?(segment)
|
286
286
|
# Check if pathname looks like files/foo or templates/foo (unscoped)
|
287
287
|
if pathname.each_filename.to_a.length == 2
|
288
288
|
# Use root_default in case the same path exists at root_default and default
|
@@ -317,6 +317,7 @@ class Chef
|
|
317
317
|
end
|
318
318
|
|
319
319
|
end
|
320
|
+
|
320
321
|
class CookbookManifestVersions
|
321
322
|
|
322
323
|
extend Chef::Mixin::VersionedAPIFactory
|
@@ -18,11 +18,17 @@
|
|
18
18
|
# limitations under the License.
|
19
19
|
#
|
20
20
|
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
21
|
+
autoload :URI, "uri"
|
22
|
+
module Net
|
23
|
+
autoload :HTTP, "net/http"
|
24
|
+
end
|
25
|
+
autoload :OpenSSL, "openssl"
|
26
|
+
module Mixlib
|
27
|
+
module Authentication
|
28
|
+
autoload :SignedHeaderAuth, "mixlib/authentication/signedheaderauth"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
26
32
|
|
27
33
|
class Chef
|
28
34
|
# == Chef::CookbookSiteStreamingUploader
|
@@ -37,7 +43,7 @@ class Chef
|
|
37
43
|
class << self
|
38
44
|
|
39
45
|
def create_build_dir(cookbook)
|
40
|
-
tmp_cookbook_path = Tempfile.new("#{
|
46
|
+
tmp_cookbook_path = Tempfile.new("#{ChefUtils::Dist::Infra::SHORT}-#{cookbook.name}-build")
|
41
47
|
tmp_cookbook_path.close
|
42
48
|
tmp_cookbook_dir = tmp_cookbook_path.path
|
43
49
|
File.unlink(tmp_cookbook_dir)
|
@@ -225,11 +231,7 @@ class Chef
|
|
225
231
|
@part_no += 1
|
226
232
|
@part_offset = 0
|
227
233
|
next_part = read(how_much_next_part)
|
228
|
-
result = current_part +
|
229
|
-
next_part
|
230
|
-
else
|
231
|
-
""
|
232
|
-
end
|
234
|
+
result = current_part + (next_part || "")
|
233
235
|
else
|
234
236
|
@part_offset += how_much_current_part
|
235
237
|
result = current_part
|