chef 16.5.64 → 16.8.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (317) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -14
  3. data/README.md +1 -1
  4. data/Rakefile +21 -14
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +3 -2
  7. data/lib/chef/application.rb +2 -2
  8. data/lib/chef/application/base.rb +1 -1
  9. data/lib/chef/application/client.rb +7 -2
  10. data/lib/chef/application/knife.rb +1 -1
  11. data/lib/chef/application/solo.rb +1 -1
  12. data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
  13. data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
  14. data/lib/chef/chef_fs/file_pattern.rb +1 -1
  15. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  16. data/lib/chef/client.rb +6 -32
  17. data/lib/chef/compliance/default_attributes.rb +89 -0
  18. data/lib/chef/compliance/fetcher/automate.rb +69 -0
  19. data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
  20. data/lib/chef/compliance/reporter/automate.rb +202 -0
  21. data/lib/chef/compliance/reporter/chef_server_automate.rb +94 -0
  22. data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
  23. data/lib/chef/compliance/reporter/json_file.rb +19 -0
  24. data/lib/chef/compliance/runner.rb +261 -0
  25. data/lib/chef/cookbook/gem_installer.rb +1 -1
  26. data/lib/chef/cookbook_manifest.rb +2 -1
  27. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  28. data/lib/chef/cookbook_version.rb +2 -5
  29. data/lib/chef/data_collector.rb +1 -1
  30. data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
  31. data/lib/chef/environment.rb +1 -1
  32. data/lib/chef/event_loggers/windows_eventlog.rb +1 -1
  33. data/lib/chef/exceptions.rb +5 -1
  34. data/lib/chef/file_access_control/windows.rb +1 -4
  35. data/lib/chef/file_content_management/tempfile.rb +1 -1
  36. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +2 -2
  37. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +5 -5
  38. data/lib/chef/formatters/indentable_output_stream.rb +2 -2
  39. data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
  40. data/lib/chef/http.rb +2 -12
  41. data/lib/chef/http/basic_client.rb +1 -1
  42. data/lib/chef/http/http_request.rb +1 -1
  43. data/lib/chef/http/socketless_chef_zero_client.rb +1 -1
  44. data/lib/chef/http/ssl_policies.rb +6 -0
  45. data/lib/chef/json_compat.rb +2 -7
  46. data/lib/chef/key.rb +1 -1
  47. data/lib/chef/knife/bootstrap.rb +2 -1
  48. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +2 -2
  49. data/lib/chef/knife/bootstrap/train_connector.rb +1 -1
  50. data/lib/chef/knife/config_show.rb +1 -1
  51. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  52. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  53. data/lib/chef/knife/core/ui.rb +5 -2
  54. data/lib/chef/knife/core/windows_bootstrap_context.rb +7 -4
  55. data/lib/chef/knife/node_policy_set.rb +2 -2
  56. data/lib/chef/knife/node_run_list_add.rb +1 -1
  57. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  58. data/lib/chef/knife/node_run_list_set.rb +1 -1
  59. data/lib/chef/knife/role_env_run_list_add.rb +1 -1
  60. data/lib/chef/knife/role_env_run_list_set.rb +1 -1
  61. data/lib/chef/knife/role_run_list_add.rb +1 -1
  62. data/lib/chef/knife/role_run_list_set.rb +1 -1
  63. data/lib/chef/knife/search.rb +0 -1
  64. data/lib/chef/knife/ssh.rb +5 -3
  65. data/lib/chef/knife/tag_create.rb +1 -1
  66. data/lib/chef/knife/tag_delete.rb +1 -1
  67. data/lib/chef/local_mode.rb +1 -1
  68. data/lib/chef/mixin/convert_to_class_name.rb +0 -56
  69. data/lib/chef/mixin/openssl_helper.rb +1 -1
  70. data/lib/chef/mixin/powershell_exec.rb +24 -10
  71. data/lib/chef/mixin/powershell_out.rb +12 -5
  72. data/lib/chef/mixin/properties.rb +2 -0
  73. data/lib/chef/mixin/template.rb +1 -1
  74. data/lib/chef/mixin/unformatter.rb +1 -1
  75. data/lib/chef/mixin/uris.rb +3 -1
  76. data/lib/chef/node/attribute_collections.rb +2 -6
  77. data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
  78. data/lib/chef/node_map.rb +2 -2
  79. data/lib/chef/platform/query_helpers.rb +4 -4
  80. data/lib/chef/policy_builder/dynamic.rb +2 -0
  81. data/lib/chef/powershell.rb +10 -4
  82. data/lib/chef/property.rb +1 -1
  83. data/lib/chef/provider.rb +1 -1
  84. data/lib/chef/provider/cron.rb +2 -13
  85. data/lib/chef/provider/dsc_resource.rb +12 -24
  86. data/lib/chef/provider/dsc_script.rb +16 -20
  87. data/lib/chef/provider/file.rb +1 -1
  88. data/lib/chef/provider/git.rb +5 -5
  89. data/lib/chef/provider/group.rb +14 -6
  90. data/lib/chef/provider/group/windows.rb +12 -1
  91. data/lib/chef/provider/ifconfig.rb +8 -8
  92. data/lib/chef/provider/ifconfig/debian.rb +38 -22
  93. data/lib/chef/provider/ifconfig/redhat.rb +54 -18
  94. data/lib/chef/provider/launchd.rb +1 -11
  95. data/lib/chef/provider/link.rb +0 -9
  96. data/lib/chef/provider/mount.rb +18 -1
  97. data/lib/chef/provider/mount/linux.rb +4 -0
  98. data/lib/chef/provider/mount/mount.rb +41 -43
  99. data/lib/chef/provider/package.rb +3 -0
  100. data/lib/chef/provider/package/apt.rb +1 -1
  101. data/lib/chef/provider/package/chocolatey.rb +6 -6
  102. data/lib/chef/provider/package/dpkg.rb +3 -12
  103. data/lib/chef/provider/package/freebsd/base.rb +3 -2
  104. data/lib/chef/provider/package/freebsd/pkgng.rb +1 -1
  105. data/lib/chef/provider/package/homebrew.rb +1 -1
  106. data/lib/chef/provider/package/ips.rb +1 -1
  107. data/lib/chef/provider/package/powershell.rb +2 -3
  108. data/lib/chef/provider/package/rubygems.rb +1 -1
  109. data/lib/chef/provider/package/snap.rb +1 -3
  110. data/lib/chef/provider/package/solaris.rb +0 -2
  111. data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
  112. data/lib/chef/provider/package/zypper.rb +98 -71
  113. data/lib/chef/provider/powershell_script.rb +12 -1
  114. data/lib/chef/provider/registry_key.rb +4 -3
  115. data/lib/chef/provider/route.rb +2 -2
  116. data/lib/chef/provider/service/debian.rb +2 -1
  117. data/lib/chef/provider/service/redhat.rb +1 -1
  118. data/lib/chef/provider/user.rb +17 -9
  119. data/lib/chef/provider/user/aix.rb +1 -1
  120. data/lib/chef/provider/user/dscl.rb +2 -2
  121. data/lib/chef/provider/user/mac.rb +14 -6
  122. data/lib/chef/provider/user/solaris.rb +1 -1
  123. data/lib/chef/provider/user/windows.rb +10 -3
  124. data/lib/chef/providers.rb +0 -3
  125. data/lib/chef/pwsh.rb +71 -0
  126. data/lib/chef/resource.rb +1 -1
  127. data/lib/chef/resource/apt_repository.rb +6 -5
  128. data/lib/chef/resource/bash.rb +119 -1
  129. data/lib/chef/resource/batch.rb +1 -1
  130. data/lib/chef/resource/breakpoint.rb +3 -1
  131. data/lib/chef/resource/build_essential.rb +5 -8
  132. data/lib/chef/resource/chef_client_config.rb +313 -0
  133. data/lib/chef/resource/chef_client_cron.rb +5 -5
  134. data/lib/chef/resource/chef_client_scheduled_task.rb +4 -4
  135. data/lib/chef/resource/chef_client_systemd_timer.rb +5 -5
  136. data/lib/chef/resource/chef_handler.rb +1 -0
  137. data/lib/chef/resource/chef_sleep.rb +1 -1
  138. data/lib/chef/resource/cron/_cron_shared.rb +1 -0
  139. data/lib/chef/resource/cron/cron_d.rb +2 -2
  140. data/lib/chef/resource/csh.rb +2 -2
  141. data/lib/chef/resource/dsc_script.rb +8 -1
  142. data/lib/chef/resource/execute.rb +6 -4
  143. data/lib/chef/resource/file.rb +2 -2
  144. data/lib/chef/resource/homebrew_update.rb +4 -1
  145. data/lib/chef/resource/hostname.rb +5 -5
  146. data/lib/chef/resource/ifconfig.rb +52 -5
  147. data/lib/chef/resource/kernel_module.rb +1 -1
  148. data/lib/chef/resource/ksh.rb +3 -3
  149. data/lib/chef/resource/launchd.rb +15 -15
  150. data/lib/chef/resource/lwrp_base.rb +3 -5
  151. data/lib/chef/resource/mount.rb +8 -2
  152. data/lib/chef/resource/perl.rb +2 -2
  153. data/lib/chef/resource/plist.rb +2 -6
  154. data/lib/chef/resource/powershell_package_source.rb +19 -18
  155. data/lib/chef/resource/powershell_script.rb +14 -11
  156. data/lib/chef/resource/python.rb +2 -2
  157. data/lib/chef/resource/registry_key.rb +93 -2
  158. data/lib/chef/resource/route.rb +1 -1
  159. data/lib/chef/resource/ruby.rb +2 -2
  160. data/lib/chef/resource/scm/_scm.rb +2 -1
  161. data/lib/chef/resource/scm/git.rb +82 -1
  162. data/lib/chef/resource/scm/subversion.rb +12 -0
  163. data/lib/chef/resource/script.rb +2 -2
  164. data/lib/chef/resource/solaris_package.rb +0 -2
  165. data/lib/chef/resource/sudo.rb +1 -1
  166. data/lib/chef/resource/support/client.erb +64 -0
  167. data/lib/chef/resource/systemd_unit.rb +42 -1
  168. data/lib/chef/resource/template.rb +2 -2
  169. data/lib/chef/resource/windows_ad_join.rb +9 -9
  170. data/lib/chef/resource/windows_audit_policy.rb +26 -24
  171. data/lib/chef/resource/windows_certificate.rb +13 -7
  172. data/lib/chef/resource/windows_dfs_server.rb +7 -4
  173. data/lib/chef/resource/windows_env.rb +173 -0
  174. data/lib/chef/resource/windows_feature.rb +2 -0
  175. data/lib/chef/resource/windows_firewall_profile.rb +7 -12
  176. data/lib/chef/resource/windows_firewall_rule.rb +9 -11
  177. data/lib/chef/resource/windows_font.rb +1 -1
  178. data/lib/chef/resource/windows_package.rb +1 -0
  179. data/lib/chef/resource/windows_path.rb +38 -0
  180. data/lib/chef/resource/windows_security_policy.rb +5 -5
  181. data/lib/chef/resource/windows_service.rb +108 -0
  182. data/lib/chef/resource/windows_share.rb +18 -18
  183. data/lib/chef/resource/windows_task.rb +629 -28
  184. data/lib/chef/resource/windows_workgroup.rb +6 -4
  185. data/lib/chef/resource/yum_repository.rb +1 -1
  186. data/lib/chef/resource_collection/resource_set.rb +2 -6
  187. data/lib/chef/resource_inspector.rb +77 -75
  188. data/lib/chef/resource_reporter.rb +0 -2
  189. data/lib/chef/resources.rb +1 -0
  190. data/lib/chef/run_lock.rb +2 -2
  191. data/lib/chef/search/query.rb +3 -1
  192. data/lib/chef/server_api.rb +0 -4
  193. data/lib/chef/shell/ext.rb +1 -1
  194. data/lib/chef/util/backup.rb +1 -1
  195. data/lib/chef/util/dsc/configuration_generator.rb +52 -11
  196. data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
  197. data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
  198. data/lib/chef/util/dsc/resource_store.rb +5 -11
  199. data/lib/chef/version.rb +1 -1
  200. data/lib/chef/win32/api/file.rb +4 -0
  201. data/lib/chef/win32/file.rb +1 -1
  202. data/lib/chef/win32/security/sid.rb +1 -1
  203. data/lib/chef/win32/unicode.rb +1 -1
  204. data/spec/functional/mixin/powershell_out_spec.rb +11 -3
  205. data/spec/functional/resource/apt_package_spec.rb +4 -6
  206. data/spec/functional/resource/chocolatey_package_spec.rb +3 -3
  207. data/spec/functional/resource/cron_spec.rb +3 -3
  208. data/spec/functional/resource/dsc_script_spec.rb +6 -9
  209. data/spec/functional/resource/mount_spec.rb +10 -2
  210. data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
  211. data/spec/functional/resource/powershell_script_spec.rb +57 -14
  212. data/spec/functional/resource/windows_certificate_spec.rb +10 -6
  213. data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
  214. data/spec/functional/resource/windows_package_spec.rb +36 -10
  215. data/spec/functional/resource/windows_share_spec.rb +103 -0
  216. data/spec/functional/resource/windows_task_spec.rb +2 -3
  217. data/spec/functional/resource/zypper_package_spec.rb +11 -0
  218. data/spec/integration/client/client_spec.rb +2 -1
  219. data/spec/integration/compliance/compliance_spec.rb +81 -0
  220. data/spec/integration/knife/client_key_create_spec.rb +1 -1
  221. data/spec/integration/knife/node_create_spec.rb +1 -1
  222. data/spec/integration/knife/node_environment_set_spec.rb +1 -1
  223. data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
  224. data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
  225. data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
  226. data/spec/integration/knife/node_show_spec.rb +1 -1
  227. data/spec/integration/recipes/notifies_spec.rb +1 -1
  228. data/spec/integration/recipes/provider_choice.rb +2 -2
  229. data/spec/integration/recipes/recipe_dsl_spec.rb +1 -0
  230. data/spec/spec_helper.rb +3 -4
  231. data/spec/support/lib/chef/resource/cat.rb +1 -1
  232. data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
  233. data/spec/support/mock/platform.rb +24 -16
  234. data/spec/support/platform_helpers.rb +11 -4
  235. data/spec/support/shared/unit/knife_shared.rb +1 -1
  236. data/spec/support/shared/unit/script_resource.rb +4 -4
  237. data/spec/support/shared/unit/windows_script_resource.rb +1 -1
  238. data/spec/unit/chef_fs/config_spec.rb +1 -1
  239. data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  240. data/spec/unit/client_spec.rb +17 -0
  241. data/spec/unit/compliance/fetcher/automate_spec.rb +134 -0
  242. data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
  243. data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
  244. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
  245. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
  246. data/spec/unit/compliance/runner_spec.rb +140 -0
  247. data/spec/unit/data_collector_spec.rb +0 -4
  248. data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
  249. data/spec/unit/http/ssl_policies_spec.rb +11 -0
  250. data/spec/unit/knife/client_create_spec.rb +2 -2
  251. data/spec/unit/knife/configure_client_spec.rb +5 -5
  252. data/spec/unit/knife/configure_spec.rb +3 -3
  253. data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
  254. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  255. data/spec/unit/knife/cookbook_list_spec.rb +2 -2
  256. data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
  257. data/spec/unit/knife/core/node_editor_spec.rb +1 -1
  258. data/spec/unit/knife/environment_compare_spec.rb +3 -3
  259. data/spec/unit/knife/supermarket_download_spec.rb +8 -8
  260. data/spec/unit/knife/supermarket_list_spec.rb +3 -3
  261. data/spec/unit/knife/supermarket_search_spec.rb +1 -1
  262. data/spec/unit/knife/tag_create_spec.rb +1 -1
  263. data/spec/unit/knife/tag_delete_spec.rb +1 -1
  264. data/spec/unit/knife/user_create_spec.rb +1 -1
  265. data/spec/unit/mixin/powershell_exec_spec.rb +41 -4
  266. data/spec/unit/mixin/powershell_out_spec.rb +14 -0
  267. data/spec/unit/mixin/which.rb +1 -1
  268. data/spec/unit/platform/query_helpers_spec.rb +11 -12
  269. data/spec/unit/provider/dsc_resource_spec.rb +10 -27
  270. data/spec/unit/provider/dsc_script_spec.rb +1 -1
  271. data/spec/unit/provider/group/windows_spec.rb +6 -0
  272. data/spec/unit/provider/group_spec.rb +1 -1
  273. data/spec/unit/provider/mount/linux_spec.rb +10 -0
  274. data/spec/unit/provider/mount/mount_spec.rb +21 -10
  275. data/spec/unit/provider/mount/solaris_spec.rb +1 -1
  276. data/spec/unit/provider/mount/windows_spec.rb +1 -0
  277. data/spec/unit/provider/mount_spec.rb +31 -0
  278. data/spec/unit/provider/package/chocolatey_spec.rb +1 -2
  279. data/spec/unit/provider/package/powershell_spec.rb +87 -95
  280. data/spec/unit/provider/package/zypper_spec.rb +0 -25
  281. data/spec/unit/provider/package_spec.rb +2 -2
  282. data/spec/unit/provider/powershell_script_spec.rb +11 -0
  283. data/spec/unit/provider/subversion_spec.rb +0 -3
  284. data/spec/unit/provider/systemd_unit_spec.rb +1 -1
  285. data/spec/unit/provider/user_spec.rb +7 -1
  286. data/spec/unit/provider/windows_env_spec.rb +18 -34
  287. data/spec/unit/provider/windows_path_spec.rb +6 -11
  288. data/spec/unit/provider/windows_task_spec.rb +7 -6
  289. data/spec/unit/resource/breakpoint_spec.rb +1 -1
  290. data/spec/unit/resource/build_essential_spec.rb +0 -12
  291. data/spec/unit/resource/chef_client_config_spec.rb +137 -0
  292. data/spec/unit/resource/ifconfig_spec.rb +2 -10
  293. data/spec/unit/resource/mount_spec.rb +18 -5
  294. data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
  295. data/spec/unit/resource/powershell_script_spec.rb +4 -74
  296. data/spec/unit/resource/service_spec.rb +2 -2
  297. data/spec/unit/resource/solaris_package_spec.rb +8 -10
  298. data/spec/unit/resource/windows_certificate_spec.rb +12 -0
  299. data/spec/unit/resource_inspector_spec.rb +3 -3
  300. data/spec/unit/shell_spec.rb +2 -2
  301. data/spec/unit/util/dsc/configuration_generator_spec.rb +79 -0
  302. data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
  303. data/tasks/rspec.rb +1 -1
  304. metadata +47 -24
  305. data/lib/chef/monkey_patches/net_http.rb +0 -22
  306. data/lib/chef/provider/windows_env.rb +0 -210
  307. data/lib/chef/provider/windows_path.rb +0 -61
  308. data/lib/chef/provider/windows_task.rb +0 -631
  309. data/lib/chef/util/powershell/cmdlet.rb +0 -175
  310. data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
  311. data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
  312. data/spec/support/mock/constant.rb +0 -52
  313. data/spec/unit/monkey_patches/uri_spec.rb +0 -34
  314. data/spec/unit/provider_resolver_spec.rb +0 -885
  315. data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
  316. data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
  317. data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
@@ -29,6 +29,18 @@ class Chef
29
29
  provides :subversion
30
30
 
31
31
  description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository."
32
+ examples <<~DOC
33
+ **Get the latest version of an application**
34
+
35
+ ```ruby
36
+ subversion 'CouchDB Edge' do
37
+ repository 'http://svn.apache.org/repos/asf/couchdb/trunk'
38
+ revision 'HEAD'
39
+ destination '/opt/my_sources/couch'
40
+ action :sync
41
+ end
42
+ ```
43
+ DOC
32
44
 
33
45
  allowed_actions :force_export
34
46
 
@@ -29,9 +29,9 @@ class Chef
29
29
  identity_attr :name
30
30
 
31
31
  description "Use the **script** resource to execute scripts using a specified interpreter, such as Bash, csh, Perl, Python, or Ruby."\
32
- " This resource may also use any of the actions and properties that are available to the execute resource. Commands"\
32
+ " This resource may also use any of the actions and properties that are available to the **execute** resource. Commands"\
33
33
  " that are executed with this resource are (by their nature) not idempotent, as they are typically unique to the"\
34
- " environment in which they are run. Use not_if and only_if to guard this resource for idempotence."
34
+ " environment in which they are run. Use `not_if` and `only_if` to guard this resource for idempotence."
35
35
 
36
36
  def initialize(name, run_context = nil)
37
37
  super
@@ -25,8 +25,6 @@ class Chef
25
25
  unified_mode true
26
26
 
27
27
  provides :solaris_package
28
- provides :package, os: "solaris2", platform_family: "nexentacore"
29
- provides :package, os: "solaris2", platform_family: "solaris2", platform_version: "<= 5.10"
30
28
 
31
29
  description "Use the **solaris_package** resource to manage packages on the Solaris platform."
32
30
 
@@ -30,7 +30,7 @@ class Chef
30
30
 
31
31
  description "Use the **sudo** resource to add or remove individual sudo entries using sudoers.d files."\
32
32
  " Sudo version 1.7.2 or newer is required to use the sudo resource, as it relies on the"\
33
- " '#includedir' directive introduced in version 1.7.2. This resource does not enforce"\
33
+ " `#includedir` directive introduced in version 1.7.2. This resource does not enforce"\
34
34
  " installation of the required sudo version. Chef-supported releases of Ubuntu, SuSE, Debian,"\
35
35
  " and RHEL (6+) all support this feature."
36
36
  introduced "14.0"
@@ -0,0 +1,64 @@
1
+ <% %w(@node_name
2
+ @chef_license
3
+ @chef_server_url
4
+ @event_loggers
5
+ @file_backup_path
6
+ @file_cache_path
7
+ @file_staging_uses_destdir
8
+ @formatters
9
+ @http_proxy
10
+ @https_proxy
11
+ @ftp_proxy
12
+ @log_level
13
+ @minimal_ohai
14
+ @named_run_list
15
+ @no_proxy
16
+ @ohai_disabled_plugins
17
+ @ohai_optional_plugins
18
+ @pid_file
19
+ @policy_group
20
+ @policy_name
21
+ @ssl_verify_mode).each do |prop| -%>
22
+ <% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
23
+ <%=prop.delete_prefix("@") %> <%= instance_variable_get(prop).inspect %>
24
+ <% end -%>
25
+ <%# log_location is special due to STDOUT/STDERR from String -> IO Object -%>
26
+ <% unless @log_location.nil? %>
27
+ <% if @log_location.is_a?(String) && %w(STDOUT STDERR).include?(@log_location) -%>
28
+ log_location <%= @log_location %>
29
+ <% else -%>
30
+ log_location <%= @log_location.inspect %>
31
+ <% end -%>
32
+ <% end -%>
33
+ <%# The code below is not DRY on purpose to improve readability -%>
34
+ <% unless @start_handlers.empty? -%>
35
+ # Do not crash if a start handler is missing / not installed yet
36
+ begin
37
+ <% @start_handlers.each do |handler| -%>
38
+ start_handlers << <%= @handler %>
39
+ <% end -%>
40
+ rescue NameError => e
41
+ Chef::Log.error e
42
+ end
43
+ <% end -%>
44
+ <% unless @report_handlers.empty? -%>
45
+ # Do not crash if a report handler is missing / not installed yet
46
+ begin
47
+ <% @report_handlers.each do |handler| -%>
48
+ report_handlers << <%= @handler %>
49
+ <% end -%>
50
+ rescue NameError => e
51
+ Chef::Log.error e
52
+ end
53
+ <% end -%>
54
+ <% unless @exception_handlers.empty? -%>
55
+ # Do not crash if an exception handler is missing / not installed yet
56
+ begin
57
+ <% @exception_handlers.each do |handler| -%>
58
+ exception_handlers << <%= @handler %>
59
+ <% end -%>
60
+ rescue NameError => e
61
+ Chef::Log.error e
62
+ end
63
+ <% end -%>
64
+ <%= @additional_config -%>
@@ -27,8 +27,49 @@ class Chef
27
27
 
28
28
  provides(:systemd_unit) { true }
29
29
 
30
- description "Use the **systemd_unit** resource to create, manage, and run systemd units."
30
+ description "Use the **systemd_unit** resource to create, manage, and run [systemd units](https://www.freedesktop.org/software/systemd/man/systemd.html#Concepts)."
31
31
  introduced "12.11"
32
+ examples <<~DOC
33
+ **Create systemd service unit file from a Hash**
34
+
35
+ ```ruby
36
+ systemd_unit 'etcd.service' do
37
+ content({Unit: {
38
+ Description: 'Etcd',
39
+ Documentation: ['https://coreos.com/etcd', 'man:etcd(1)'],
40
+ After: 'network.target',
41
+ },
42
+ Service: {
43
+ Type: 'notify',
44
+ ExecStart: '/usr/local/etcd',
45
+ Restart: 'always',
46
+ },
47
+ Install: {
48
+ WantedBy: 'multi-user.target',
49
+ }})
50
+ action [:create, :enable]
51
+ end
52
+ ```
53
+
54
+ **Create systemd service unit file from a String**
55
+
56
+ ```ruby
57
+ systemd_unit 'sysstat-collect.timer' do
58
+ content <<~EOU
59
+ [Unit]
60
+ Description=Run system activity accounting tool every 10 minutes
61
+
62
+ [Timer]
63
+ OnCalendar=*:00/10
64
+
65
+ [Install]
66
+ WantedBy=sysstat.service
67
+ EOU
68
+
69
+ action [:create, :enable]
70
+ end
71
+ ```
72
+ DOC
32
73
 
33
74
  default_action :nothing
34
75
  allowed_actions :create, :delete,
@@ -169,8 +169,8 @@ class Chef
169
169
  elsif module_name.nil?
170
170
  raise Exceptions::ValidationFailed,
171
171
  "#helpers requires either a module name or inline module code as a block.\n" +
172
- "e.g.: helpers do; helper_code; end;\n" +
173
- "OR: helpers(MyHelpersModule)"
172
+ "e.g.: helpers do; helper_code; end;\n" +
173
+ "OR: helpers(MyHelpersModule)"
174
174
  else
175
175
  raise Exceptions::ValidationFailed,
176
176
  "Argument to #helpers must be a module. You gave #{module_name.inspect} (#{module_name.class})"
@@ -109,12 +109,12 @@ class Chef
109
109
  cmd << " -Force"
110
110
 
111
111
  converge_by("join Active Directory domain #{new_resource.domain_name}") do
112
- ps_run = powershell_out(cmd)
112
+ ps_run = powershell_exec(cmd)
113
113
  if ps_run.error?
114
114
  if sensitive?
115
115
  raise "Failed to join the domain #{new_resource.domain_name}: *suppressed sensitive resource output*"
116
116
  else
117
- raise "Failed to join the domain #{new_resource.domain_name}: #{ps_run.stderr}"
117
+ raise "Failed to join the domain #{new_resource.domain_name}: #{ps_run.errors}"
118
118
  end
119
119
  end
120
120
 
@@ -143,12 +143,12 @@ class Chef
143
143
  cmd << " -Force"
144
144
 
145
145
  converge_by("leave Active Directory domain #{node_domain}") do
146
- ps_run = powershell_out(cmd)
146
+ ps_run = powershell_exec(cmd)
147
147
  if ps_run.error?
148
148
  if sensitive?
149
149
  raise "Failed to leave the domain #{node_domain}: *suppressed sensitive resource output*"
150
150
  else
151
- raise "Failed to leave the domain #{node_domain}: #{ps_run.stderr}"
151
+ raise "Failed to leave the domain #{node_domain}: #{ps_run.errors}"
152
152
  end
153
153
  end
154
154
 
@@ -170,10 +170,10 @@ class Chef
170
170
  # workgroup the node is a member of.
171
171
  #
172
172
  def node_domain
173
- node_domain = powershell_out!("(Get-WmiObject Win32_ComputerSystem).Domain")
174
- raise "Failed to check if the system is joined to the domain #{new_resource.domain_name}: #{node_domain.stderr}}" if node_domain.error?
173
+ node_domain = powershell_exec!("(Get-WmiObject Win32_ComputerSystem).Domain")
174
+ raise "Failed to check if the system is joined to the domain #{new_resource.domain_name}: #{node_domain.errors}}" if node_domain.error?
175
175
 
176
- node_domain.stdout.downcase.strip
176
+ node_domain.result.downcase.strip
177
177
  end
178
178
 
179
179
  #
@@ -182,10 +182,10 @@ class Chef
182
182
  # workgroup.
183
183
  #
184
184
  def node_workgroup
185
- node_workgroup = powershell_out!("(Get-WmiObject Win32_ComputerSystem).Workgroup")
185
+ node_workgroup = powershell_exec!("(Get-WmiObject Win32_ComputerSystem).Workgroup")
186
186
  raise "Failed to check if the system is currently a member of a workgroup" if node_workgroup.error?
187
187
 
188
- node_workgroup.stdout.downcase.strip
188
+ node_workgroup.result
189
189
  end
190
190
 
191
191
  #
@@ -152,30 +152,6 @@ class Chef
152
152
  property :audit_base_directories, [true, false],
153
153
  description: "Setting this audit policy option to true will force the system to assign a System Access Control List to named objects to enable auditing of container objects such as directories."
154
154
 
155
- def subcategory_configured?(sub_cat, success_value, failure_value)
156
- setting = if success_value && failure_value
157
- "Success and Failure$"
158
- elsif success_value && !failure_value
159
- "Success$"
160
- elsif !success_value && failure_value
161
- "(Failure$)&!(Success and Failure$)"
162
- else
163
- "No Auditing"
164
- end
165
- powershell_exec(<<-CODE).result
166
- $auditpol_config = auditpol /get /subcategory:"#{sub_cat}"
167
- if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
168
- CODE
169
- end
170
-
171
- def option_configured?(option_name, option_setting)
172
- setting = option_setting ? "Enabled$" : "Disabled$"
173
- powershell_exec(<<-CODE).result
174
- $auditpol_config = auditpol /get /option:#{option_name}
175
- if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
176
- CODE
177
- end
178
-
179
155
  action :set do
180
156
  unless new_resource.subcategory.nil?
181
157
  new_resource.subcategory.each do |subcategory|
@@ -225,6 +201,32 @@ class Chef
225
201
  end
226
202
  end
227
203
  end
204
+
205
+ action_class do
206
+ def subcategory_configured?(sub_cat, success_value, failure_value)
207
+ setting = if success_value && failure_value
208
+ "Success and Failure$"
209
+ elsif success_value && !failure_value
210
+ "Success$"
211
+ elsif !success_value && failure_value
212
+ "#{sub_cat}\\s+Failure$"
213
+ else
214
+ "No Auditing"
215
+ end
216
+ powershell_exec!(<<-CODE).result
217
+ $auditpol_config = auditpol /get /subcategory:"#{sub_cat}"
218
+ if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
219
+ CODE
220
+ end
221
+
222
+ def option_configured?(option_name, option_setting)
223
+ setting = option_setting ? "Enabled$" : "Disabled$"
224
+ powershell_exec!(<<-CODE).result
225
+ $auditpol_config = auditpol /get /option:#{option_name}
226
+ if ($auditpol_config | Select-String "#{setting}") { return $true } else { return $false }
227
+ CODE
228
+ end
229
+ end
228
230
  end
229
231
  end
230
232
  end
@@ -80,13 +80,18 @@ class Chef
80
80
  default: false
81
81
 
82
82
  property :cert_path, String,
83
- description: ""
83
+ description: "The path to the certificate."
84
84
 
85
85
  # lazy used to set default value of sensitive to true if password is set
86
86
  property :sensitive, [TrueClass, FalseClass],
87
87
  description: "Ensure that sensitive resource data is not logged by the #{ChefUtils::Dist::Infra::CLIENT}.",
88
88
  default: lazy { pfx_password ? true : false }, skip_docs: true
89
89
 
90
+ property :exportable, [TrueClass, FalseClass],
91
+ description: "Ensure that imported pfx certificate is exportable. Please provide 'true' if you want the certificate to be exportable.",
92
+ default: false,
93
+ introduced: "16.8"
94
+
90
95
  action :create do
91
96
  description "Creates or updates a certificate."
92
97
 
@@ -162,8 +167,9 @@ class Chef
162
167
  end
163
168
 
164
169
  def add_pfx_cert
170
+ exportable = new_resource.exportable ? 1 : 0
165
171
  store = ::Win32::Certstore.open(new_resource.store_name)
166
- store.add_pfx(new_resource.source, new_resource.pfx_password)
172
+ store.add_pfx(new_resource.source, new_resource.pfx_password, exportable)
167
173
  end
168
174
 
169
175
  def delete_cert
@@ -207,16 +213,16 @@ class Chef
207
213
  when ".der"
208
214
  out_file.puts(cert_obj.to_der)
209
215
  when ".cer"
210
- cert_out = powershell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
216
+ cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CER").stdout
211
217
  out_file.puts(cert_out)
212
218
  when ".crt"
213
- cert_out = powershell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CRT").stdout
219
+ cert_out = shell_out("openssl x509 -text -inform DER -in #{cert_obj.to_pem} -outform CRT").stdout
214
220
  out_file.puts(cert_out)
215
221
  when ".pfx"
216
- cert_out = powershell_out("openssl pkcs12 -export -nokeys -in #{cert_obj.to_pem} -outform PFX").stdout
222
+ cert_out = shell_out("openssl pkcs12 -export -nokeys -in #{cert_obj.to_pem} -outform PFX").stdout
217
223
  out_file.puts(cert_out)
218
224
  when ".p7b"
219
- cert_out = powershell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
225
+ cert_out = shell_out("openssl pkcs7 -export -nokeys -in #{cert_obj.to_pem} -outform P7B").stdout
220
226
  out_file.puts(cert_out)
221
227
  else
222
228
  Chef::Log.info("Supported certificate format .pem, .der, .cer, .crt, .pfx and .p7b")
@@ -327,7 +333,7 @@ class Chef
327
333
  # @return [Boolean] Whether the certificate file is binary encoded or not
328
334
  #
329
335
  def binary_cert?
330
- powershell_out!("file -b --mime-encoding #{new_resource.source}").stdout.strip == "binary"
336
+ shell_out!("file -b --mime-encoding #{new_resource.source}").stdout.strip == "binary"
331
337
  end
332
338
 
333
339
  # Imports the certificate object into cert store
@@ -49,14 +49,14 @@ class Chef
49
49
  default: 3600
50
50
 
51
51
  load_current_value do
52
- ps_results = powershell_out("Get-DfsnServerConfiguration -ComputerName '#{ENV["COMPUTERNAME"]}' | Select LdapTimeoutSec, PreferLogonDC, EnableSiteCostedReferrals, SyncIntervalSec, UseFqdn | ConvertTo-Json")
52
+ ps_results = powershell_exec("Get-DfsnServerConfiguration -ComputerName '#{ENV["COMPUTERNAME"]}' | Select LdapTimeoutSec, PreferLogonDC, EnableSiteCostedReferrals, SyncIntervalSec, UseFqdn")
53
53
 
54
54
  if ps_results.error?
55
55
  raise "The dfs_server resource failed to fetch the current state via the Get-DfsnServerConfiguration PowerShell cmdlet. Is the DFS Windows feature installed?"
56
56
  end
57
57
 
58
- Chef::Log.debug("The Get-DfsnServerConfiguration results were #{ps_results.stdout}")
59
- results = Chef::JSONCompat.from_json(ps_results.stdout)
58
+ Chef::Log.debug("The Get-DfsnServerConfiguration results were #{ps_results.result}")
59
+ results = ps_results.result
60
60
 
61
61
  use_fqdn results["UseFqdn"] || false
62
62
  ldap_timeout_secs results["LdapTimeoutSec"]
@@ -69,7 +69,10 @@ class Chef
69
69
  description "Configure DFS settings."
70
70
 
71
71
  converge_if_changed do
72
- powershell_out("Set-DfsnServerConfiguration -ComputerName '#{ENV["COMPUTERNAME"]}' EnableSiteCostedReferrals $#{new_resource.enable_site_costed_referrals} -UseFqdn $#{new_resource.use_fqdn} -LdapTimeoutSec #{new_resource.ldap_timeout_secs} -PreferLogonDC $#{new_resource.prefer_login_dc} -SyncIntervalSec #{new_resource.sync_interval_secs}")
72
+ dfs_cmd = "Set-DfsnServerConfiguration -ComputerName '#{ENV["COMPUTERNAME"]}' -UseFqdn $#{new_resource.use_fqdn} -LdapTimeoutSec #{new_resource.ldap_timeout_secs} -SyncIntervalSec #{new_resource.sync_interval_secs}"
73
+ dfs_cmd << " -EnableSiteCostedReferrals $#{new_resource.enable_site_costed_referrals}" if new_resource.enable_site_costed_referrals != current_resource.enable_site_costed_referrals
74
+ dfs_cmd << " -PreferLogonDC $#{new_resource.prefer_login_dc}" if new_resource.prefer_login_dc != current_resource.prefer_login_dc
75
+ powershell_exec!(dfs_cmd)
73
76
  end
74
77
  end
75
78
  end
@@ -18,10 +18,13 @@
18
18
  #
19
19
 
20
20
  require_relative "../resource"
21
+ require_relative "../mixin/windows_env_helper"
21
22
 
22
23
  class Chef
23
24
  class Resource
24
25
  class WindowsEnv < Chef::Resource
26
+ unified_mode true
27
+
25
28
  provides :windows_env
26
29
  provides :env # backwards compat with the pre-Chef 14 resource name
27
30
 
@@ -52,6 +55,176 @@ class Chef
52
55
  desired_state: false
53
56
 
54
57
  property :user, String, default: "<System>"
58
+
59
+ action_class do
60
+ include Chef::Mixin::WindowsEnvHelper
61
+
62
+ def whyrun_supported?
63
+ false
64
+ end
65
+
66
+ def load_current_resource
67
+ @current_resource = Chef::Resource::WindowsEnv.new(new_resource.name)
68
+ current_resource.key_name(new_resource.key_name)
69
+
70
+ if key_exists?
71
+ current_resource.value(env_value(new_resource.key_name))
72
+ else
73
+ logger.trace("#{new_resource} key does not exist")
74
+ end
75
+
76
+ current_resource
77
+ end
78
+
79
+ def key_exists?
80
+ @key_exists ||= !!env_value(new_resource.key_name)
81
+ end
82
+
83
+ def requires_modify_or_create?
84
+ if new_resource.delim
85
+ # e.g. check for existing value within PATH
86
+ new_values.inject(0) do |index, val|
87
+ next_index = current_values.find_index val
88
+ return true if next_index.nil? || next_index < index
89
+
90
+ next_index
91
+ end
92
+ false
93
+ else
94
+ new_resource.value != current_resource.value
95
+ end
96
+ end
97
+
98
+ alias_method :compare_value, :requires_modify_or_create?
99
+
100
+ # e.g. delete a PATH element
101
+ #
102
+ # ==== Returns
103
+ # <true>:: If we handled the element case and caller should not delete the key
104
+ # <false>:: Caller should delete the key, either no :delim was specific or value was empty
105
+ # after we removed the element.
106
+ def delete_element
107
+ return false unless new_resource.delim # no delim: delete the key
108
+
109
+ needs_delete = new_values.any? { |v| current_values.include?(v) }
110
+ if !needs_delete
111
+ logger.trace("#{new_resource} element '#{new_resource.value}' does not exist")
112
+ true # do not delete the key
113
+ else
114
+ new_value =
115
+ current_values.select do |item|
116
+ not new_values.include?(item)
117
+ end.join(new_resource.delim)
118
+
119
+ if new_value.empty?
120
+ false # nothing left here, delete the key
121
+ else
122
+ old_value = new_resource.value(new_value)
123
+ create_env
124
+ logger.trace("#{new_resource} deleted #{old_value} element")
125
+ new_resource.updated_by_last_action(true)
126
+ true # we removed the element and updated; do not delete the key
127
+ end
128
+ end
129
+ end
130
+
131
+ def create_env
132
+ obj = env_obj(@new_resource.key_name)
133
+ unless obj
134
+ obj = WIN32OLE.connect("winmgmts://").get("Win32_Environment").spawninstance_
135
+ obj.name = @new_resource.key_name
136
+ obj.username = new_resource.user
137
+ end
138
+ obj.variablevalue = @new_resource.value
139
+ obj.put_
140
+ value = @new_resource.value
141
+ value = expand_path(value) if @new_resource.key_name.casecmp("PATH") == 0
142
+ ENV[@new_resource.key_name] = value
143
+ broadcast_env_change
144
+ end
145
+
146
+ def delete_env
147
+ obj = env_obj(@new_resource.key_name)
148
+ if obj
149
+ obj.delete_
150
+ broadcast_env_change
151
+ end
152
+ if ENV[@new_resource.key_name]
153
+ ENV.delete(@new_resource.key_name)
154
+ end
155
+ end
156
+
157
+ def modify_env
158
+ if new_resource.delim
159
+ new_resource.value((new_values + current_values).uniq.join(new_resource.delim))
160
+ end
161
+ create_env
162
+ end
163
+
164
+ # Returns the current values to split by delimiter
165
+ def current_values
166
+ @current_values ||= current_resource.value.split(new_resource.delim)
167
+ end
168
+
169
+ # Returns the new values to split by delimiter
170
+ def new_values
171
+ @new_values ||= new_resource.value.split(new_resource.delim)
172
+ end
173
+
174
+ def env_value(key_name)
175
+ obj = env_obj(key_name)
176
+ obj.variablevalue if obj
177
+ end
178
+
179
+ def env_obj(key_name)
180
+ return @env_obj if @env_obj
181
+
182
+ wmi = WmiLite::Wmi.new
183
+ # Note that by design this query is case insensitive with regard to key_name
184
+ environment_variables = wmi.query("select * from Win32_Environment where name = '#{key_name}'")
185
+ if environment_variables && environment_variables.length > 0
186
+ environment_variables.each do |env|
187
+ @env_obj = env.wmi_ole_object
188
+ return @env_obj if @env_obj.username.split('\\').last.casecmp(new_resource.user) == 0
189
+ end
190
+ end
191
+ @env_obj = nil
192
+ end
193
+ end
194
+
195
+ action :create do
196
+ if key_exists?
197
+ if requires_modify_or_create?
198
+ modify_env
199
+ logger.info("#{new_resource} altered")
200
+ new_resource.updated_by_last_action(true)
201
+ end
202
+ else
203
+ create_env
204
+ logger.info("#{new_resource} created")
205
+ new_resource.updated_by_last_action(true)
206
+ end
207
+ end
208
+
209
+ action :delete do
210
+ if ( ENV[new_resource.key_name] || key_exists? ) && !delete_element
211
+ delete_env
212
+ logger.info("#{new_resource} deleted")
213
+ new_resource.updated_by_last_action(true)
214
+ end
215
+ end
216
+
217
+ action :modify do
218
+ if key_exists?
219
+ if requires_modify_or_create?
220
+ modify_env
221
+ logger.info("#{new_resource} modified")
222
+ new_resource.updated_by_last_action(true)
223
+ end
224
+ else
225
+ raise Chef::Exceptions::WindowsEnv, "Cannot modify #{new_resource} - key does not exist!"
226
+ end
227
+ end
55
228
  end
56
229
  end
57
230
  end