chef 16.5.64 → 16.8.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +6 -14
- data/README.md +1 -1
- data/Rakefile +21 -14
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +3 -2
- data/lib/chef/application.rb +2 -2
- data/lib/chef/application/base.rb +1 -1
- data/lib/chef/application/client.rb +7 -2
- data/lib/chef/application/knife.rb +1 -1
- data/lib/chef/application/solo.rb +1 -1
- data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
- data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
- data/lib/chef/chef_fs/file_pattern.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
- data/lib/chef/client.rb +6 -32
- data/lib/chef/compliance/default_attributes.rb +89 -0
- data/lib/chef/compliance/fetcher/automate.rb +69 -0
- data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
- data/lib/chef/compliance/reporter/automate.rb +202 -0
- data/lib/chef/compliance/reporter/chef_server_automate.rb +94 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
- data/lib/chef/compliance/reporter/json_file.rb +19 -0
- data/lib/chef/compliance/runner.rb +261 -0
- data/lib/chef/cookbook/gem_installer.rb +1 -1
- data/lib/chef/cookbook_manifest.rb +2 -1
- data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
- data/lib/chef/cookbook_version.rb +2 -5
- data/lib/chef/data_collector.rb +1 -1
- data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
- data/lib/chef/environment.rb +1 -1
- data/lib/chef/event_loggers/windows_eventlog.rb +1 -1
- data/lib/chef/exceptions.rb +5 -1
- data/lib/chef/file_access_control/windows.rb +1 -4
- data/lib/chef/file_content_management/tempfile.rb +1 -1
- data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +2 -2
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +5 -5
- data/lib/chef/formatters/indentable_output_stream.rb +2 -2
- data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
- data/lib/chef/http.rb +2 -12
- data/lib/chef/http/basic_client.rb +1 -1
- data/lib/chef/http/http_request.rb +1 -1
- data/lib/chef/http/socketless_chef_zero_client.rb +1 -1
- data/lib/chef/http/ssl_policies.rb +6 -0
- data/lib/chef/json_compat.rb +2 -7
- data/lib/chef/key.rb +1 -1
- data/lib/chef/knife/bootstrap.rb +2 -1
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +2 -2
- data/lib/chef/knife/bootstrap/train_connector.rb +1 -1
- data/lib/chef/knife/config_show.rb +1 -1
- data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
- data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
- data/lib/chef/knife/core/ui.rb +5 -2
- data/lib/chef/knife/core/windows_bootstrap_context.rb +7 -4
- data/lib/chef/knife/node_policy_set.rb +2 -2
- data/lib/chef/knife/node_run_list_add.rb +1 -1
- data/lib/chef/knife/node_run_list_remove.rb +1 -1
- data/lib/chef/knife/node_run_list_set.rb +1 -1
- data/lib/chef/knife/role_env_run_list_add.rb +1 -1
- data/lib/chef/knife/role_env_run_list_set.rb +1 -1
- data/lib/chef/knife/role_run_list_add.rb +1 -1
- data/lib/chef/knife/role_run_list_set.rb +1 -1
- data/lib/chef/knife/search.rb +0 -1
- data/lib/chef/knife/ssh.rb +5 -3
- data/lib/chef/knife/tag_create.rb +1 -1
- data/lib/chef/knife/tag_delete.rb +1 -1
- data/lib/chef/local_mode.rb +1 -1
- data/lib/chef/mixin/convert_to_class_name.rb +0 -56
- data/lib/chef/mixin/openssl_helper.rb +1 -1
- data/lib/chef/mixin/powershell_exec.rb +24 -10
- data/lib/chef/mixin/powershell_out.rb +12 -5
- data/lib/chef/mixin/properties.rb +2 -0
- data/lib/chef/mixin/template.rb +1 -1
- data/lib/chef/mixin/unformatter.rb +1 -1
- data/lib/chef/mixin/uris.rb +3 -1
- data/lib/chef/node/attribute_collections.rb +2 -6
- data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
- data/lib/chef/node_map.rb +2 -2
- data/lib/chef/platform/query_helpers.rb +4 -4
- data/lib/chef/policy_builder/dynamic.rb +2 -0
- data/lib/chef/powershell.rb +10 -4
- data/lib/chef/property.rb +1 -1
- data/lib/chef/provider.rb +1 -1
- data/lib/chef/provider/cron.rb +2 -13
- data/lib/chef/provider/dsc_resource.rb +12 -24
- data/lib/chef/provider/dsc_script.rb +16 -20
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/git.rb +5 -5
- data/lib/chef/provider/group.rb +14 -6
- data/lib/chef/provider/group/windows.rb +12 -1
- data/lib/chef/provider/ifconfig.rb +8 -8
- data/lib/chef/provider/ifconfig/debian.rb +38 -22
- data/lib/chef/provider/ifconfig/redhat.rb +54 -18
- data/lib/chef/provider/launchd.rb +1 -11
- data/lib/chef/provider/link.rb +0 -9
- data/lib/chef/provider/mount.rb +18 -1
- data/lib/chef/provider/mount/linux.rb +4 -0
- data/lib/chef/provider/mount/mount.rb +41 -43
- data/lib/chef/provider/package.rb +3 -0
- data/lib/chef/provider/package/apt.rb +1 -1
- data/lib/chef/provider/package/chocolatey.rb +6 -6
- data/lib/chef/provider/package/dpkg.rb +3 -12
- data/lib/chef/provider/package/freebsd/base.rb +3 -2
- data/lib/chef/provider/package/freebsd/pkgng.rb +1 -1
- data/lib/chef/provider/package/homebrew.rb +1 -1
- data/lib/chef/provider/package/ips.rb +1 -1
- data/lib/chef/provider/package/powershell.rb +2 -3
- data/lib/chef/provider/package/rubygems.rb +1 -1
- data/lib/chef/provider/package/snap.rb +1 -3
- data/lib/chef/provider/package/solaris.rb +0 -2
- data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
- data/lib/chef/provider/package/zypper.rb +98 -71
- data/lib/chef/provider/powershell_script.rb +12 -1
- data/lib/chef/provider/registry_key.rb +4 -3
- data/lib/chef/provider/route.rb +2 -2
- data/lib/chef/provider/service/debian.rb +2 -1
- data/lib/chef/provider/service/redhat.rb +1 -1
- data/lib/chef/provider/user.rb +17 -9
- data/lib/chef/provider/user/aix.rb +1 -1
- data/lib/chef/provider/user/dscl.rb +2 -2
- data/lib/chef/provider/user/mac.rb +14 -6
- data/lib/chef/provider/user/solaris.rb +1 -1
- data/lib/chef/provider/user/windows.rb +10 -3
- data/lib/chef/providers.rb +0 -3
- data/lib/chef/pwsh.rb +71 -0
- data/lib/chef/resource.rb +1 -1
- data/lib/chef/resource/apt_repository.rb +6 -5
- data/lib/chef/resource/bash.rb +119 -1
- data/lib/chef/resource/batch.rb +1 -1
- data/lib/chef/resource/breakpoint.rb +3 -1
- data/lib/chef/resource/build_essential.rb +5 -8
- data/lib/chef/resource/chef_client_config.rb +313 -0
- data/lib/chef/resource/chef_client_cron.rb +5 -5
- data/lib/chef/resource/chef_client_scheduled_task.rb +4 -4
- data/lib/chef/resource/chef_client_systemd_timer.rb +5 -5
- data/lib/chef/resource/chef_handler.rb +1 -0
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/cron/_cron_shared.rb +1 -0
- data/lib/chef/resource/cron/cron_d.rb +2 -2
- data/lib/chef/resource/csh.rb +2 -2
- data/lib/chef/resource/dsc_script.rb +8 -1
- data/lib/chef/resource/execute.rb +6 -4
- data/lib/chef/resource/file.rb +2 -2
- data/lib/chef/resource/homebrew_update.rb +4 -1
- data/lib/chef/resource/hostname.rb +5 -5
- data/lib/chef/resource/ifconfig.rb +52 -5
- data/lib/chef/resource/kernel_module.rb +1 -1
- data/lib/chef/resource/ksh.rb +3 -3
- data/lib/chef/resource/launchd.rb +15 -15
- data/lib/chef/resource/lwrp_base.rb +3 -5
- data/lib/chef/resource/mount.rb +8 -2
- data/lib/chef/resource/perl.rb +2 -2
- data/lib/chef/resource/plist.rb +2 -6
- data/lib/chef/resource/powershell_package_source.rb +19 -18
- data/lib/chef/resource/powershell_script.rb +14 -11
- data/lib/chef/resource/python.rb +2 -2
- data/lib/chef/resource/registry_key.rb +93 -2
- data/lib/chef/resource/route.rb +1 -1
- data/lib/chef/resource/ruby.rb +2 -2
- data/lib/chef/resource/scm/_scm.rb +2 -1
- data/lib/chef/resource/scm/git.rb +82 -1
- data/lib/chef/resource/scm/subversion.rb +12 -0
- data/lib/chef/resource/script.rb +2 -2
- data/lib/chef/resource/solaris_package.rb +0 -2
- data/lib/chef/resource/sudo.rb +1 -1
- data/lib/chef/resource/support/client.erb +64 -0
- data/lib/chef/resource/systemd_unit.rb +42 -1
- data/lib/chef/resource/template.rb +2 -2
- data/lib/chef/resource/windows_ad_join.rb +9 -9
- data/lib/chef/resource/windows_audit_policy.rb +26 -24
- data/lib/chef/resource/windows_certificate.rb +13 -7
- data/lib/chef/resource/windows_dfs_server.rb +7 -4
- data/lib/chef/resource/windows_env.rb +173 -0
- data/lib/chef/resource/windows_feature.rb +2 -0
- data/lib/chef/resource/windows_firewall_profile.rb +7 -12
- data/lib/chef/resource/windows_firewall_rule.rb +9 -11
- data/lib/chef/resource/windows_font.rb +1 -1
- data/lib/chef/resource/windows_package.rb +1 -0
- data/lib/chef/resource/windows_path.rb +38 -0
- data/lib/chef/resource/windows_security_policy.rb +5 -5
- data/lib/chef/resource/windows_service.rb +108 -0
- data/lib/chef/resource/windows_share.rb +18 -18
- data/lib/chef/resource/windows_task.rb +629 -28
- data/lib/chef/resource/windows_workgroup.rb +6 -4
- data/lib/chef/resource/yum_repository.rb +1 -1
- data/lib/chef/resource_collection/resource_set.rb +2 -6
- data/lib/chef/resource_inspector.rb +77 -75
- data/lib/chef/resource_reporter.rb +0 -2
- data/lib/chef/resources.rb +1 -0
- data/lib/chef/run_lock.rb +2 -2
- data/lib/chef/search/query.rb +3 -1
- data/lib/chef/server_api.rb +0 -4
- data/lib/chef/shell/ext.rb +1 -1
- data/lib/chef/util/backup.rb +1 -1
- data/lib/chef/util/dsc/configuration_generator.rb +52 -11
- data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
- data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
- data/lib/chef/util/dsc/resource_store.rb +5 -11
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api/file.rb +4 -0
- data/lib/chef/win32/file.rb +1 -1
- data/lib/chef/win32/security/sid.rb +1 -1
- data/lib/chef/win32/unicode.rb +1 -1
- data/spec/functional/mixin/powershell_out_spec.rb +11 -3
- data/spec/functional/resource/apt_package_spec.rb +4 -6
- data/spec/functional/resource/chocolatey_package_spec.rb +3 -3
- data/spec/functional/resource/cron_spec.rb +3 -3
- data/spec/functional/resource/dsc_script_spec.rb +6 -9
- data/spec/functional/resource/mount_spec.rb +10 -2
- data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
- data/spec/functional/resource/powershell_script_spec.rb +57 -14
- data/spec/functional/resource/windows_certificate_spec.rb +10 -6
- data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
- data/spec/functional/resource/windows_package_spec.rb +36 -10
- data/spec/functional/resource/windows_share_spec.rb +103 -0
- data/spec/functional/resource/windows_task_spec.rb +2 -3
- data/spec/functional/resource/zypper_package_spec.rb +11 -0
- data/spec/integration/client/client_spec.rb +2 -1
- data/spec/integration/compliance/compliance_spec.rb +81 -0
- data/spec/integration/knife/client_key_create_spec.rb +1 -1
- data/spec/integration/knife/node_create_spec.rb +1 -1
- data/spec/integration/knife/node_environment_set_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
- data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
- data/spec/integration/knife/node_show_spec.rb +1 -1
- data/spec/integration/recipes/notifies_spec.rb +1 -1
- data/spec/integration/recipes/provider_choice.rb +2 -2
- data/spec/integration/recipes/recipe_dsl_spec.rb +1 -0
- data/spec/spec_helper.rb +3 -4
- data/spec/support/lib/chef/resource/cat.rb +1 -1
- data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
- data/spec/support/mock/platform.rb +24 -16
- data/spec/support/platform_helpers.rb +11 -4
- data/spec/support/shared/unit/knife_shared.rb +1 -1
- data/spec/support/shared/unit/script_resource.rb +4 -4
- data/spec/support/shared/unit/windows_script_resource.rb +1 -1
- data/spec/unit/chef_fs/config_spec.rb +1 -1
- data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
- data/spec/unit/client_spec.rb +17 -0
- data/spec/unit/compliance/fetcher/automate_spec.rb +134 -0
- data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
- data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
- data/spec/unit/compliance/runner_spec.rb +140 -0
- data/spec/unit/data_collector_spec.rb +0 -4
- data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
- data/spec/unit/http/ssl_policies_spec.rb +11 -0
- data/spec/unit/knife/client_create_spec.rb +2 -2
- data/spec/unit/knife/configure_client_spec.rb +5 -5
- data/spec/unit/knife/configure_spec.rb +3 -3
- data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
- data/spec/unit/knife/cookbook_download_spec.rb +2 -2
- data/spec/unit/knife/cookbook_list_spec.rb +2 -2
- data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
- data/spec/unit/knife/core/node_editor_spec.rb +1 -1
- data/spec/unit/knife/environment_compare_spec.rb +3 -3
- data/spec/unit/knife/supermarket_download_spec.rb +8 -8
- data/spec/unit/knife/supermarket_list_spec.rb +3 -3
- data/spec/unit/knife/supermarket_search_spec.rb +1 -1
- data/spec/unit/knife/tag_create_spec.rb +1 -1
- data/spec/unit/knife/tag_delete_spec.rb +1 -1
- data/spec/unit/knife/user_create_spec.rb +1 -1
- data/spec/unit/mixin/powershell_exec_spec.rb +41 -4
- data/spec/unit/mixin/powershell_out_spec.rb +14 -0
- data/spec/unit/mixin/which.rb +1 -1
- data/spec/unit/platform/query_helpers_spec.rb +11 -12
- data/spec/unit/provider/dsc_resource_spec.rb +10 -27
- data/spec/unit/provider/dsc_script_spec.rb +1 -1
- data/spec/unit/provider/group/windows_spec.rb +6 -0
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/mount/linux_spec.rb +10 -0
- data/spec/unit/provider/mount/mount_spec.rb +21 -10
- data/spec/unit/provider/mount/solaris_spec.rb +1 -1
- data/spec/unit/provider/mount/windows_spec.rb +1 -0
- data/spec/unit/provider/mount_spec.rb +31 -0
- data/spec/unit/provider/package/chocolatey_spec.rb +1 -2
- data/spec/unit/provider/package/powershell_spec.rb +87 -95
- data/spec/unit/provider/package/zypper_spec.rb +0 -25
- data/spec/unit/provider/package_spec.rb +2 -2
- data/spec/unit/provider/powershell_script_spec.rb +11 -0
- data/spec/unit/provider/subversion_spec.rb +0 -3
- data/spec/unit/provider/systemd_unit_spec.rb +1 -1
- data/spec/unit/provider/user_spec.rb +7 -1
- data/spec/unit/provider/windows_env_spec.rb +18 -34
- data/spec/unit/provider/windows_path_spec.rb +6 -11
- data/spec/unit/provider/windows_task_spec.rb +7 -6
- data/spec/unit/resource/breakpoint_spec.rb +1 -1
- data/spec/unit/resource/build_essential_spec.rb +0 -12
- data/spec/unit/resource/chef_client_config_spec.rb +137 -0
- data/spec/unit/resource/ifconfig_spec.rb +2 -10
- data/spec/unit/resource/mount_spec.rb +18 -5
- data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
- data/spec/unit/resource/powershell_script_spec.rb +4 -74
- data/spec/unit/resource/service_spec.rb +2 -2
- data/spec/unit/resource/solaris_package_spec.rb +8 -10
- data/spec/unit/resource/windows_certificate_spec.rb +12 -0
- data/spec/unit/resource_inspector_spec.rb +3 -3
- data/spec/unit/shell_spec.rb +2 -2
- data/spec/unit/util/dsc/configuration_generator_spec.rb +79 -0
- data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
- data/tasks/rspec.rb +1 -1
- metadata +47 -24
- data/lib/chef/monkey_patches/net_http.rb +0 -22
- data/lib/chef/provider/windows_env.rb +0 -210
- data/lib/chef/provider/windows_path.rb +0 -61
- data/lib/chef/provider/windows_task.rb +0 -631
- data/lib/chef/util/powershell/cmdlet.rb +0 -175
- data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
- data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
- data/spec/support/mock/constant.rb +0 -52
- data/spec/unit/monkey_patches/uri_spec.rb +0 -34
- data/spec/unit/provider_resolver_spec.rb +0 -885
- data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
- data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
- data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6124227fa2dd345401b335be52a9d261458f5d8fe7a75de8478f66e2c4f9a493
|
4
|
+
data.tar.gz: a0ce3f48fe7d680d1fe36f69684e20efbacf7ee4ce20ff7adeb7f251a002b25a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 208c095249a456996ea54930f11bad6d6402c3a47208c1bf62eaff0eed6e9bc54783cd2af48f92885ab1bd34dcdc5e58863bbd3bce9badb57ea1cecb571b113d
|
7
|
+
data.tar.gz: 053ae58aa1d72aa1bdede2fe27d6bfb5cd4d56e0123fe0d52e6fed5ac7478847741476e8fbb18da8f530a9639a057d9e0ad27f3845606572511de3c7c17639bb
|
data/Gemfile
CHANGED
@@ -27,24 +27,16 @@ gem "chef-telemetry", ">=1.0.8" # 1.0.8 removes the http dep
|
|
27
27
|
group(:omnibus_package) do
|
28
28
|
gem "appbundler"
|
29
29
|
gem "rb-readline"
|
30
|
-
gem "inspec-core", "~> 4.
|
31
|
-
gem "inspec-core-bin", "~> 4.18" # need to provide the binaries for inspec
|
30
|
+
gem "inspec-core-bin", "~> 4.24" # need to provide the binaries for inspec
|
32
31
|
gem "chef-vault"
|
33
|
-
gem "ed25519" # ed25519 ssh key support done here as it's a native gem we can't put in train
|
34
|
-
gem "bcrypt_pbkdf", ">= 1.1.0.rc1" # ed25519 ssh key support done here as it's a native gem we can't put in train
|
35
32
|
end
|
36
33
|
|
37
34
|
group(:omnibus_package, :pry) do
|
38
35
|
gem "pry"
|
39
36
|
gem "pry-byebug"
|
40
|
-
gem "pry-remote"
|
41
37
|
gem "pry-stack_explorer"
|
42
38
|
end
|
43
39
|
|
44
|
-
group(:docgen) do
|
45
|
-
gem "yard"
|
46
|
-
end
|
47
|
-
|
48
40
|
# Everything except AIX
|
49
41
|
group(:ruby_prof) do
|
50
42
|
# ruby-prof 1.3.0 does not compile on our centos6 builders/kitchen testers
|
@@ -58,10 +50,7 @@ end
|
|
58
50
|
|
59
51
|
group(:development, :test) do
|
60
52
|
gem "rake"
|
61
|
-
gem "rspec
|
62
|
-
gem "rspec-mocks", "~> 3.5"
|
63
|
-
gem "rspec-expectations", "~> 3.5"
|
64
|
-
gem "rspec_junit_formatter", "~> 0.2.0"
|
53
|
+
gem "rspec"
|
65
54
|
gem "webmock"
|
66
55
|
gem "fauxhai-ng" # for chef-utils gem
|
67
56
|
end
|
@@ -81,13 +70,16 @@ eval_gemfile("./Gemfile.local") if File.exist?("./Gemfile.local")
|
|
81
70
|
# For FFI to call into PowerShell we need the binaries and assemblies located
|
82
71
|
# in the Ruby bindir.
|
83
72
|
# The Powershell DLL source lives here: https://github.com/chef/chef-powershell-shim
|
73
|
+
# Every merge into that repo triggers a Habitat build and promotion. Running
|
74
|
+
# the rake :update_chef_exec_dll task in this (chef/chef) repo will pull down
|
75
|
+
# the built packages and copy the binaries to distro/ruby_bin_folder.
|
84
76
|
#
|
85
77
|
# We copy (and overwrite) these files every time "bundle <exec|install>" is
|
86
78
|
# executed, just in case they have changed.
|
87
79
|
if RUBY_PLATFORM.match?(/mswin|mingw|windows/)
|
88
80
|
instance_eval do
|
89
81
|
ruby_exe_dir = RbConfig::CONFIG["bindir"]
|
90
|
-
assemblies = Dir.glob(File.expand_path("distro/ruby_bin_folder", __dir__) + "
|
82
|
+
assemblies = Dir.glob(File.expand_path("distro/ruby_bin_folder/#{ENV["PROCESSOR_ARCHITECTURE"]}", __dir__) + "**/*")
|
91
83
|
FileUtils.cp_r assemblies, ruby_exe_dir, verbose: false unless ENV["_BUNDLER_WINDOWS_DLLS_COPIED"]
|
92
84
|
ENV["_BUNDLER_WINDOWS_DLLS_COPIED"] = "1"
|
93
85
|
end
|
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
[![Code Climate](https://codeclimate.com/github/chef/chef.svg)](https://codeclimate.com/github/chef/chef)
|
3
3
|
[![Build Status](https://badge.buildkite.com/c82093430ceec7d27af05febb9dcafe3aa331fff9d74c0ab9d.svg?branch=master)](https://buildkite.com/chef-oss/chef-chef-master-verify)
|
4
4
|
[![Gem Version](https://badge.fury.io/rb/chef.svg)](https://badge.fury.io/rb/chef)
|
5
|
-
[![](https://img.shields.io/badge/Release%20Policy-Cadence%20Release-brightgreen.svg)](https://github.com/chef/chef/blob/
|
5
|
+
[![](https://img.shields.io/badge/Release%20Policy-Cadence%20Release-brightgreen.svg)](https://github.com/chef/chef/blob/master/docs/dev/design_documents/client_release_cadence.md)
|
6
6
|
|
7
7
|
**Umbrella Project**: [Chef Infra](https://github.com/chef/chef-oss-practices/blob/master/projects/chef-infra.md)
|
8
8
|
|
data/Rakefile
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
#
|
2
2
|
# Author:: Adam Jacob (<adam@chef.io>)
|
3
3
|
# Author:: Daniel DeLeo (<dan@chef.io>)
|
4
|
-
# Copyright:: Copyright
|
4
|
+
# Copyright:: Copyright, Chef Software Inc.
|
5
5
|
# License:: Apache License, Version 2.0
|
6
6
|
#
|
7
7
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
@@ -23,7 +23,6 @@ $LOAD_PATH.unshift(File.expand_path("chef-config/lib", __dir__))
|
|
23
23
|
begin
|
24
24
|
require_relative "tasks/rspec"
|
25
25
|
require_relative "tasks/dependencies"
|
26
|
-
require_relative "tasks/announce"
|
27
26
|
require_relative "tasks/docs"
|
28
27
|
require_relative "tasks/spellcheck"
|
29
28
|
require_relative "chef-utils/lib/chef-utils/dist" unless defined?(ChefUtils::Dist)
|
@@ -48,6 +47,7 @@ namespace :pre_install do
|
|
48
47
|
|
49
48
|
desc "Renders the powershell extensions with distro flavoring"
|
50
49
|
task :render_powershell_extension do
|
50
|
+
require "erb"
|
51
51
|
template_file = ::File.join(::File.dirname(__FILE__), "distro", "templates", "powershell", "chef", "chef.psm1.erb")
|
52
52
|
psm1_path = ::File.join(::File.dirname(__FILE__), "distro", "powershell", "chef")
|
53
53
|
FileUtils.mkdir_p psm1_path
|
@@ -88,6 +88,25 @@ task :register_eventlog do
|
|
88
88
|
end
|
89
89
|
end
|
90
90
|
|
91
|
+
desc "Copies powershell_exec related binaries from the latest built Habitat Packages"
|
92
|
+
task :update_chef_exec_dll do
|
93
|
+
raise "This task must be run on Windows since we are installing a Windows targeted package!" unless Gem.win_platform?
|
94
|
+
|
95
|
+
require "mkmf"
|
96
|
+
raise "Unable to locate Habitat cli. Please install Habitat cli before invoking this task!" unless find_executable "hab"
|
97
|
+
|
98
|
+
sh("hab pkg install chef/chef-powershell-shim")
|
99
|
+
sh("hab pkg install chef/chef-powershell-shim-x86")
|
100
|
+
x64 = `hab pkg path chef/chef-powershell-shim`.chomp.gsub(/\\/, "/")
|
101
|
+
x86 = `hab pkg path chef/chef-powershell-shim-x86`.chomp.gsub(/\\/, "/")
|
102
|
+
FileUtils.rm_rf(Dir["distro/ruby_bin_folder/AMD64/*"])
|
103
|
+
FileUtils.rm_rf(Dir["distro/ruby_bin_folder/x86/*"])
|
104
|
+
puts "Copying #{x64}/bin/* to distro/ruby_bin_folder/AMD64"
|
105
|
+
FileUtils.cp_r(Dir["#{x64}/bin/*"], "distro/ruby_bin_folder/AMD64")
|
106
|
+
puts "Copying #{x86}/bin/* to distro/ruby_bin_folder/x86"
|
107
|
+
FileUtils.cp_r(Dir["#{x86}/bin/*"], "distro/ruby_bin_folder/x86")
|
108
|
+
end
|
109
|
+
|
91
110
|
begin
|
92
111
|
require "chefstyle"
|
93
112
|
require "rubocop/rake_task"
|
@@ -97,15 +116,3 @@ begin
|
|
97
116
|
rescue LoadError
|
98
117
|
puts "chefstyle/rubocop is not available. bundle install first to make sure all dependencies are installed."
|
99
118
|
end
|
100
|
-
|
101
|
-
begin
|
102
|
-
require "yard"
|
103
|
-
DOC_FILES = [ "spec/tiny_server.rb", "lib/**/*.rb" ].freeze
|
104
|
-
|
105
|
-
YARD::Rake::YardocTask.new(:docs) do |t|
|
106
|
-
t.files = DOC_FILES
|
107
|
-
t.options = ["--format", "html"]
|
108
|
-
end
|
109
|
-
rescue LoadError
|
110
|
-
puts "yard is not available. bundle install first to make sure all dependencies are installed."
|
111
|
-
end
|
@@ -9,7 +9,7 @@ gemspec.add_dependency "win32-event", "~> 0.6.1"
|
|
9
9
|
gemspec.add_dependency "win32-eventlog", "0.6.3"
|
10
10
|
gemspec.add_dependency "win32-mmap", "~> 0.4.1"
|
11
11
|
gemspec.add_dependency "win32-mutex", "~> 0.4.2"
|
12
|
-
gemspec.add_dependency "win32-process", "~> 0.
|
12
|
+
gemspec.add_dependency "win32-process", "~> 0.9"
|
13
13
|
gemspec.add_dependency "win32-service", ">= 2.1.5", "< 3.0"
|
14
14
|
gemspec.add_dependency "wmi-lite", "~> 1.0"
|
15
15
|
gemspec.add_dependency "win32-taskscheduler", "~> 2.0"
|
data/chef.gemspec
CHANGED
@@ -27,10 +27,11 @@ Gem::Specification.new do |s|
|
|
27
27
|
s.add_dependency "mixlib-shellout", ">= 3.1.1", "< 4.0"
|
28
28
|
s.add_dependency "mixlib-archive", ">= 0.4", "< 2.0"
|
29
29
|
s.add_dependency "ohai", "~> 16.0"
|
30
|
+
s.add_dependency "inspec-core", "~> 4.23"
|
30
31
|
|
31
32
|
s.add_dependency "ffi", ">= 1.9.25"
|
32
33
|
s.add_dependency "ffi-yajl", "~> 2.2"
|
33
|
-
s.add_dependency "net-ssh", ">=
|
34
|
+
s.add_dependency "net-ssh", ">= 5.1", "< 7"
|
34
35
|
s.add_dependency "net-ssh-multi", "~> 1.2", ">= 1.2.1"
|
35
36
|
s.add_dependency "net-sftp", ">= 2.1.2", "< 4.0"
|
36
37
|
s.add_dependency "ed25519", "~> 1.2" # ed25519 ssh key support
|
@@ -38,7 +39,7 @@ Gem::Specification.new do |s|
|
|
38
39
|
s.add_dependency "highline", ">= 1.6.9", "< 3"
|
39
40
|
s.add_dependency "tty-prompt", "~> 0.21" # knife ui.ask prompt
|
40
41
|
s.add_dependency "tty-screen", "~> 0.6" # knife list
|
41
|
-
s.add_dependency "tty-table", "~> 0.11
|
42
|
+
s.add_dependency "tty-table", "~> 0.11" # knife render table output.
|
42
43
|
s.add_dependency "pastel" # knife ui.color
|
43
44
|
s.add_dependency "erubis", "~> 2.7"
|
44
45
|
s.add_dependency "diff-lcs", ">= 1.2.4", "< 1.4.0" # 1.4 breaks output
|
data/lib/chef/application.rb
CHANGED
@@ -27,7 +27,7 @@ require "mixlib/cli" unless defined?(Mixlib::CLI)
|
|
27
27
|
require "tmpdir" unless defined?(Dir.mktmpdir)
|
28
28
|
require "rbconfig" unless defined?(RbConfig)
|
29
29
|
require_relative "application/exit_code"
|
30
|
-
require "chef-utils" unless defined?(ChefUtils)
|
30
|
+
require "chef-utils" unless defined?(ChefUtils::CANARY)
|
31
31
|
module LicenseAcceptance
|
32
32
|
autoload :Acceptor, "license_acceptance/acceptor"
|
33
33
|
end
|
@@ -172,7 +172,7 @@ class Chef
|
|
172
172
|
def configure_logging
|
173
173
|
configure_log_location
|
174
174
|
logger.init(MonoLogger.new(chef_config[:log_location][0]))
|
175
|
-
chef_config[:log_location][1
|
175
|
+
chef_config[:log_location][1..].each do |log_location|
|
176
176
|
logger.loggers << MonoLogger.new(log_location)
|
177
177
|
end
|
178
178
|
logger.level = resolve_log_level
|
@@ -366,7 +366,7 @@ class Chef::Application::Base < Chef::Application
|
|
366
366
|
Chef::Log.trace("Download recipes tarball from #{url} to #{path}")
|
367
367
|
if File.exist?(url)
|
368
368
|
FileUtils.cp(url, path)
|
369
|
-
elsif URI.
|
369
|
+
elsif URI::DEFAULT_PARSER.make_regexp.match?(url)
|
370
370
|
File.open(path, "wb") do |f|
|
371
371
|
open(url) do |r|
|
372
372
|
f.write(r.read)
|
@@ -21,12 +21,13 @@ require_relative "base"
|
|
21
21
|
require_relative "../handler/error_report"
|
22
22
|
require_relative "../workstation_config_loader"
|
23
23
|
autoload :URI, "uri"
|
24
|
-
require "chef-utils" unless defined?(ChefUtils)
|
24
|
+
require "chef-utils" unless defined?(ChefUtils::CANARY)
|
25
25
|
module Mixlib
|
26
26
|
module Authentication
|
27
27
|
autoload :Log, "mixlib/authentication"
|
28
28
|
end
|
29
29
|
end
|
30
|
+
autoload :Train, "train"
|
30
31
|
|
31
32
|
# DO NOT MAKE EDITS, see Chef::Application::Base
|
32
33
|
#
|
@@ -115,8 +116,12 @@ class Chef::Application::Client < Chef::Application::Base
|
|
115
116
|
Chef::Config.chef_zero.port = config[:chef_zero_port] if config[:chef_zero_port]
|
116
117
|
|
117
118
|
if config[:target] || Chef::Config.target
|
118
|
-
Chef::Config.target_mode.enabled = true
|
119
119
|
Chef::Config.target_mode.host = config[:target] || Chef::Config.target
|
120
|
+
if URI.parse(Chef::Config.target_mode.host).scheme
|
121
|
+
train_config = Train.unpack_target_from_uri(Chef::Config.target_mode.host)
|
122
|
+
Chef::Config.target_mode = train_config
|
123
|
+
end
|
124
|
+
Chef::Config.target_mode.enabled = true
|
120
125
|
Chef::Config.node_name = Chef::Config.target_mode.host unless Chef::Config.node_name
|
121
126
|
end
|
122
127
|
|
@@ -20,7 +20,7 @@ require_relative "../application"
|
|
20
20
|
require "mixlib/log"
|
21
21
|
require "ohai/config"
|
22
22
|
module Net
|
23
|
-
autoload :HTTP,
|
23
|
+
autoload :HTTP, "net/http"
|
24
24
|
end
|
25
25
|
require "chef-utils/dist" unless defined?(ChefUtils::Dist)
|
26
26
|
|
@@ -21,7 +21,7 @@ require_relative "../../chef"
|
|
21
21
|
require_relative "client"
|
22
22
|
require "fileutils" unless defined?(FileUtils)
|
23
23
|
require "pathname" unless defined?(Pathname)
|
24
|
-
require "chef-utils" unless defined?(ChefUtils)
|
24
|
+
require "chef-utils" unless defined?(ChefUtils::CANARY)
|
25
25
|
|
26
26
|
# DO NOT MAKE EDITS, see Chef::Application::Base
|
27
27
|
#
|
@@ -265,7 +265,7 @@ class Chef
|
|
265
265
|
@memory_store.get(path)
|
266
266
|
|
267
267
|
elsif path[0] == "file_store" && path[1] == "repo"
|
268
|
-
entry = Chef::ChefFS::FileSystem.resolve_path(chef_fs, path[2
|
268
|
+
entry = Chef::ChefFS::FileSystem.resolve_path(chef_fs, path[2..].join("/"))
|
269
269
|
begin
|
270
270
|
entry.read
|
271
271
|
rescue Chef::ChefFS::FileSystem::NotFoundError => e
|
data/lib/chef/client.rb
CHANGED
@@ -57,6 +57,8 @@ require "ohai" unless defined?(Ohai::System)
|
|
57
57
|
require "rbconfig" unless defined?(RbConfig)
|
58
58
|
require "forwardable" unless defined?(Forwardable)
|
59
59
|
|
60
|
+
require_relative "compliance/runner"
|
61
|
+
|
60
62
|
class Chef
|
61
63
|
# == Chef::Client
|
62
64
|
# The main object in a Chef run. Preps a Chef::Node and Chef::RunContext,
|
@@ -235,6 +237,7 @@ class Chef
|
|
235
237
|
|
236
238
|
events.register(Chef::DataCollector::Reporter.new(events))
|
237
239
|
events.register(Chef::ActionCollection.new(events))
|
240
|
+
events.register(Chef::Compliance::Runner.new)
|
238
241
|
|
239
242
|
run_status.run_id = request_id = Chef::RequestID.instance.request_id
|
240
243
|
|
@@ -243,19 +246,15 @@ class Chef
|
|
243
246
|
run_status.run_context = run_context
|
244
247
|
|
245
248
|
events.run_start(Chef::VERSION, run_status)
|
246
|
-
|
247
249
|
logger.info("*** #{ChefUtils::Dist::Infra::PRODUCT} #{Chef::VERSION} ***")
|
248
250
|
logger.info("Platform: #{RUBY_PLATFORM}")
|
249
251
|
logger.info "#{ChefUtils::Dist::Infra::CLIENT.capitalize} pid: #{Process.pid}"
|
250
252
|
logger.info "Targeting node: #{Chef::Config.target_mode.host}" if Chef::Config.target_mode?
|
251
253
|
logger.debug("#{ChefUtils::Dist::Infra::CLIENT.capitalize} request_id: #{request_id}")
|
254
|
+
logger.warn("`enforce_path_sanity` is deprecated, please use `enforce_default_paths` instead!") if Chef::Config[:enforce_path_sanity]
|
252
255
|
ENV["PATH"] = ChefUtils::DSL::DefaultPaths.default_paths if Chef::Config[:enforce_default_paths] || Chef::Config[:enforce_path_sanity]
|
253
256
|
|
254
|
-
|
255
|
-
get_ohai_data_remotely
|
256
|
-
else
|
257
|
-
run_ohai
|
258
|
-
end
|
257
|
+
run_ohai
|
259
258
|
|
260
259
|
unless Chef::Config[:solo_legacy_mode]
|
261
260
|
register
|
@@ -575,32 +574,6 @@ class Chef
|
|
575
574
|
end
|
576
575
|
end
|
577
576
|
|
578
|
-
#
|
579
|
-
# Populate the minimal ohai attributes defined in #run_ohai with data train collects.
|
580
|
-
#
|
581
|
-
# Eventually ohai may support colleciton of data.
|
582
|
-
#
|
583
|
-
def get_ohai_data_remotely
|
584
|
-
ohai.data[:fqdn] = if transport_connection.respond_to?(:hostname)
|
585
|
-
transport_connection.hostname
|
586
|
-
else
|
587
|
-
Chef::Config[:target_mode][:host]
|
588
|
-
end
|
589
|
-
if transport_connection.respond_to?(:os)
|
590
|
-
ohai.data[:platform] = transport_connection.os.name
|
591
|
-
ohai.data[:platform_version] = transport_connection.os.release
|
592
|
-
ohai.data[:os] = transport_connection.os.family_hierarchy[1]
|
593
|
-
ohai.data[:platform_family] = transport_connection.os.family
|
594
|
-
end
|
595
|
-
# train does not collect these specifically
|
596
|
-
# ohai.data[:machinename] = nil
|
597
|
-
# ohai.data[:hostname] = nil
|
598
|
-
# ohai.data[:os_version] = nil # kernel version
|
599
|
-
|
600
|
-
ohai.data[:ohai_time] = Time.now.to_f
|
601
|
-
events.ohai_completed(node)
|
602
|
-
end
|
603
|
-
|
604
577
|
#
|
605
578
|
# Run ohai plugins. Runs all ohai plugins unless minimal_ohai is specified.
|
606
579
|
#
|
@@ -613,6 +586,7 @@ class Chef
|
|
613
586
|
#
|
614
587
|
def run_ohai
|
615
588
|
filter = Chef::Config[:minimal_ohai] ? %w{fqdn machinename hostname platform platform_version ohai_time os os_version init_package} : nil
|
589
|
+
ohai.transport_connection = transport_connection if Chef::Config.target_mode?
|
616
590
|
ohai.all_plugins(filter)
|
617
591
|
events.ohai_completed(node)
|
618
592
|
end
|
@@ -0,0 +1,89 @@
|
|
1
|
+
# Author:: Stephan Renatus <srenatus@chef.io>
|
2
|
+
# Copyright:: (c) 2016-2019, Chef Software Inc. <legal@chef.io>
|
3
|
+
#
|
4
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
|
+
# you may not use this file except in compliance with the License.
|
6
|
+
# You may obtain a copy of the License at
|
7
|
+
#
|
8
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
9
|
+
#
|
10
|
+
# Unless required by applicable law or agreed to in writing, software
|
11
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
12
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
13
|
+
# See the License for the specific language governing permissions and
|
14
|
+
# limitations under the License.
|
15
|
+
|
16
|
+
require "chef/node/attribute_collections" # for VividMash
|
17
|
+
require "chef/util/path_helper"
|
18
|
+
|
19
|
+
class Chef
|
20
|
+
module Compliance
|
21
|
+
DEFAULT_ATTRIBUTES = Chef::Node::VividMash.new(
|
22
|
+
# If enabled, a cache is built for all backend calls. This should only be
|
23
|
+
# disabled if you are expecting unique results from the same backend call.
|
24
|
+
# Under the covers, this controls :command and :file caching on Chef InSpec's
|
25
|
+
# Train connection.
|
26
|
+
"inspec_backend_cache" => true,
|
27
|
+
|
28
|
+
# Controls what is done with the resulting report after the Chef InSpec run.
|
29
|
+
# Accepts a single string value or an array of multiple values.
|
30
|
+
# Accepted values: 'chef-server-automate', 'chef-automate', 'json-file', 'audit-enforcer'
|
31
|
+
"reporter" => "json-file",
|
32
|
+
|
33
|
+
# Controls if Chef InSpec profiles should be fetched from Chef Automate or Chef Infra Server
|
34
|
+
# in addition to the default fetch locations provided by Chef Inspec.
|
35
|
+
# Accepted values: nil, 'chef-server', 'chef-automate'
|
36
|
+
"fetcher" => nil,
|
37
|
+
|
38
|
+
# Allow for connections to HTTPS endpoints using self-signed ssl certificates.
|
39
|
+
"insecure" => nil,
|
40
|
+
|
41
|
+
# Controls verbosity of Chef InSpec runner.
|
42
|
+
"quiet" => true,
|
43
|
+
|
44
|
+
# Chef Inspec Compliance profiles to be used for scan of node.
|
45
|
+
# See README.md for details
|
46
|
+
"profiles" => {},
|
47
|
+
|
48
|
+
# Extra inputs passed to Chef InSpec to allow finer-grained control over behavior.
|
49
|
+
# These are mapped to Chef InSpec's inputs, but are named attributes here for legacy reasons.
|
50
|
+
# See Chef Inspec's documentation for more information: https://docs.chef.io/inspec/inputs/
|
51
|
+
"attributes" => {},
|
52
|
+
|
53
|
+
# A string path or an array of paths to Chef InSpec waiver files.
|
54
|
+
# See Chef Inspec's documentation for more information: https://docs.chef.io/inspec/waivers/
|
55
|
+
"waiver_file" => nil,
|
56
|
+
|
57
|
+
"json_file" => {
|
58
|
+
# The location on disk that Chef InSpec's json reports are saved to when using the
|
59
|
+
# 'json-file' reporter. Defaults to:
|
60
|
+
# <chef_cache_path>/compliance_reports/compliance-<timestamp>.json
|
61
|
+
"location" => Chef::Util::PathHelper.join(
|
62
|
+
Chef::Config[:cache_path],
|
63
|
+
"compliance_reports",
|
64
|
+
Time.now.utc.strftime("compliance-%Y%m%d%H%M%S.json")
|
65
|
+
),
|
66
|
+
},
|
67
|
+
|
68
|
+
# Control results that have a `run_time` below this limit will
|
69
|
+
# be stripped of the `start_time` and `run_time` fields to
|
70
|
+
# reduce the size of the reports being sent to Chef Automate.
|
71
|
+
"run_time_limit" => 1.0,
|
72
|
+
|
73
|
+
# A control result message that exceeds this character limit will be truncated.
|
74
|
+
# This helps keep reports to a reasonable size. On rare occasions, we've seen messages exceeding 9 MB in size,
|
75
|
+
# causing the report to not be ingested in the backend because of the 4 MB report size rpc limitation.
|
76
|
+
# Chef InSpec will append this text at the end of any truncated messages: `[Truncated to 10000 characters]`
|
77
|
+
"result_message_limit" => 10000,
|
78
|
+
|
79
|
+
# When a Chef InSpec resource throws an exception, results will contain a short error message and a
|
80
|
+
# detailed ruby stacktrace of the error. This attribute instructs Chef InSpec not to include the detailed stacktrace in order
|
81
|
+
# to keep the overall report to a manageable size.
|
82
|
+
"result_include_backtrace" => false,
|
83
|
+
|
84
|
+
# The array of results per control will be truncated at this limit to avoid large reports that cannot be
|
85
|
+
# processed by Chef Automate. A summary of removed results will be sent with each impacted control.
|
86
|
+
"control_results_limit" => 50
|
87
|
+
)
|
88
|
+
end
|
89
|
+
end
|