chef 16.5.64 → 16.8.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (317) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +6 -14
  3. data/README.md +1 -1
  4. data/Rakefile +21 -14
  5. data/chef-universal-mingw32.gemspec +1 -1
  6. data/chef.gemspec +3 -2
  7. data/lib/chef/application.rb +2 -2
  8. data/lib/chef/application/base.rb +1 -1
  9. data/lib/chef/application/client.rb +7 -2
  10. data/lib/chef/application/knife.rb +1 -1
  11. data/lib/chef/application/solo.rb +1 -1
  12. data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
  13. data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
  14. data/lib/chef/chef_fs/file_pattern.rb +1 -1
  15. data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
  16. data/lib/chef/client.rb +6 -32
  17. data/lib/chef/compliance/default_attributes.rb +89 -0
  18. data/lib/chef/compliance/fetcher/automate.rb +69 -0
  19. data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
  20. data/lib/chef/compliance/reporter/automate.rb +202 -0
  21. data/lib/chef/compliance/reporter/chef_server_automate.rb +94 -0
  22. data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
  23. data/lib/chef/compliance/reporter/json_file.rb +19 -0
  24. data/lib/chef/compliance/runner.rb +261 -0
  25. data/lib/chef/cookbook/gem_installer.rb +1 -1
  26. data/lib/chef/cookbook_manifest.rb +2 -1
  27. data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
  28. data/lib/chef/cookbook_version.rb +2 -5
  29. data/lib/chef/data_collector.rb +1 -1
  30. data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
  31. data/lib/chef/environment.rb +1 -1
  32. data/lib/chef/event_loggers/windows_eventlog.rb +1 -1
  33. data/lib/chef/exceptions.rb +5 -1
  34. data/lib/chef/file_access_control/windows.rb +1 -4
  35. data/lib/chef/file_content_management/tempfile.rb +1 -1
  36. data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +2 -2
  37. data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +5 -5
  38. data/lib/chef/formatters/indentable_output_stream.rb +2 -2
  39. data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
  40. data/lib/chef/http.rb +2 -12
  41. data/lib/chef/http/basic_client.rb +1 -1
  42. data/lib/chef/http/http_request.rb +1 -1
  43. data/lib/chef/http/socketless_chef_zero_client.rb +1 -1
  44. data/lib/chef/http/ssl_policies.rb +6 -0
  45. data/lib/chef/json_compat.rb +2 -7
  46. data/lib/chef/key.rb +1 -1
  47. data/lib/chef/knife/bootstrap.rb +2 -1
  48. data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +2 -2
  49. data/lib/chef/knife/bootstrap/train_connector.rb +1 -1
  50. data/lib/chef/knife/config_show.rb +1 -1
  51. data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
  52. data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
  53. data/lib/chef/knife/core/ui.rb +5 -2
  54. data/lib/chef/knife/core/windows_bootstrap_context.rb +7 -4
  55. data/lib/chef/knife/node_policy_set.rb +2 -2
  56. data/lib/chef/knife/node_run_list_add.rb +1 -1
  57. data/lib/chef/knife/node_run_list_remove.rb +1 -1
  58. data/lib/chef/knife/node_run_list_set.rb +1 -1
  59. data/lib/chef/knife/role_env_run_list_add.rb +1 -1
  60. data/lib/chef/knife/role_env_run_list_set.rb +1 -1
  61. data/lib/chef/knife/role_run_list_add.rb +1 -1
  62. data/lib/chef/knife/role_run_list_set.rb +1 -1
  63. data/lib/chef/knife/search.rb +0 -1
  64. data/lib/chef/knife/ssh.rb +5 -3
  65. data/lib/chef/knife/tag_create.rb +1 -1
  66. data/lib/chef/knife/tag_delete.rb +1 -1
  67. data/lib/chef/local_mode.rb +1 -1
  68. data/lib/chef/mixin/convert_to_class_name.rb +0 -56
  69. data/lib/chef/mixin/openssl_helper.rb +1 -1
  70. data/lib/chef/mixin/powershell_exec.rb +24 -10
  71. data/lib/chef/mixin/powershell_out.rb +12 -5
  72. data/lib/chef/mixin/properties.rb +2 -0
  73. data/lib/chef/mixin/template.rb +1 -1
  74. data/lib/chef/mixin/unformatter.rb +1 -1
  75. data/lib/chef/mixin/uris.rb +3 -1
  76. data/lib/chef/node/attribute_collections.rb +2 -6
  77. data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
  78. data/lib/chef/node_map.rb +2 -2
  79. data/lib/chef/platform/query_helpers.rb +4 -4
  80. data/lib/chef/policy_builder/dynamic.rb +2 -0
  81. data/lib/chef/powershell.rb +10 -4
  82. data/lib/chef/property.rb +1 -1
  83. data/lib/chef/provider.rb +1 -1
  84. data/lib/chef/provider/cron.rb +2 -13
  85. data/lib/chef/provider/dsc_resource.rb +12 -24
  86. data/lib/chef/provider/dsc_script.rb +16 -20
  87. data/lib/chef/provider/file.rb +1 -1
  88. data/lib/chef/provider/git.rb +5 -5
  89. data/lib/chef/provider/group.rb +14 -6
  90. data/lib/chef/provider/group/windows.rb +12 -1
  91. data/lib/chef/provider/ifconfig.rb +8 -8
  92. data/lib/chef/provider/ifconfig/debian.rb +38 -22
  93. data/lib/chef/provider/ifconfig/redhat.rb +54 -18
  94. data/lib/chef/provider/launchd.rb +1 -11
  95. data/lib/chef/provider/link.rb +0 -9
  96. data/lib/chef/provider/mount.rb +18 -1
  97. data/lib/chef/provider/mount/linux.rb +4 -0
  98. data/lib/chef/provider/mount/mount.rb +41 -43
  99. data/lib/chef/provider/package.rb +3 -0
  100. data/lib/chef/provider/package/apt.rb +1 -1
  101. data/lib/chef/provider/package/chocolatey.rb +6 -6
  102. data/lib/chef/provider/package/dpkg.rb +3 -12
  103. data/lib/chef/provider/package/freebsd/base.rb +3 -2
  104. data/lib/chef/provider/package/freebsd/pkgng.rb +1 -1
  105. data/lib/chef/provider/package/homebrew.rb +1 -1
  106. data/lib/chef/provider/package/ips.rb +1 -1
  107. data/lib/chef/provider/package/powershell.rb +2 -3
  108. data/lib/chef/provider/package/rubygems.rb +1 -1
  109. data/lib/chef/provider/package/snap.rb +1 -3
  110. data/lib/chef/provider/package/solaris.rb +0 -2
  111. data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
  112. data/lib/chef/provider/package/zypper.rb +98 -71
  113. data/lib/chef/provider/powershell_script.rb +12 -1
  114. data/lib/chef/provider/registry_key.rb +4 -3
  115. data/lib/chef/provider/route.rb +2 -2
  116. data/lib/chef/provider/service/debian.rb +2 -1
  117. data/lib/chef/provider/service/redhat.rb +1 -1
  118. data/lib/chef/provider/user.rb +17 -9
  119. data/lib/chef/provider/user/aix.rb +1 -1
  120. data/lib/chef/provider/user/dscl.rb +2 -2
  121. data/lib/chef/provider/user/mac.rb +14 -6
  122. data/lib/chef/provider/user/solaris.rb +1 -1
  123. data/lib/chef/provider/user/windows.rb +10 -3
  124. data/lib/chef/providers.rb +0 -3
  125. data/lib/chef/pwsh.rb +71 -0
  126. data/lib/chef/resource.rb +1 -1
  127. data/lib/chef/resource/apt_repository.rb +6 -5
  128. data/lib/chef/resource/bash.rb +119 -1
  129. data/lib/chef/resource/batch.rb +1 -1
  130. data/lib/chef/resource/breakpoint.rb +3 -1
  131. data/lib/chef/resource/build_essential.rb +5 -8
  132. data/lib/chef/resource/chef_client_config.rb +313 -0
  133. data/lib/chef/resource/chef_client_cron.rb +5 -5
  134. data/lib/chef/resource/chef_client_scheduled_task.rb +4 -4
  135. data/lib/chef/resource/chef_client_systemd_timer.rb +5 -5
  136. data/lib/chef/resource/chef_handler.rb +1 -0
  137. data/lib/chef/resource/chef_sleep.rb +1 -1
  138. data/lib/chef/resource/cron/_cron_shared.rb +1 -0
  139. data/lib/chef/resource/cron/cron_d.rb +2 -2
  140. data/lib/chef/resource/csh.rb +2 -2
  141. data/lib/chef/resource/dsc_script.rb +8 -1
  142. data/lib/chef/resource/execute.rb +6 -4
  143. data/lib/chef/resource/file.rb +2 -2
  144. data/lib/chef/resource/homebrew_update.rb +4 -1
  145. data/lib/chef/resource/hostname.rb +5 -5
  146. data/lib/chef/resource/ifconfig.rb +52 -5
  147. data/lib/chef/resource/kernel_module.rb +1 -1
  148. data/lib/chef/resource/ksh.rb +3 -3
  149. data/lib/chef/resource/launchd.rb +15 -15
  150. data/lib/chef/resource/lwrp_base.rb +3 -5
  151. data/lib/chef/resource/mount.rb +8 -2
  152. data/lib/chef/resource/perl.rb +2 -2
  153. data/lib/chef/resource/plist.rb +2 -6
  154. data/lib/chef/resource/powershell_package_source.rb +19 -18
  155. data/lib/chef/resource/powershell_script.rb +14 -11
  156. data/lib/chef/resource/python.rb +2 -2
  157. data/lib/chef/resource/registry_key.rb +93 -2
  158. data/lib/chef/resource/route.rb +1 -1
  159. data/lib/chef/resource/ruby.rb +2 -2
  160. data/lib/chef/resource/scm/_scm.rb +2 -1
  161. data/lib/chef/resource/scm/git.rb +82 -1
  162. data/lib/chef/resource/scm/subversion.rb +12 -0
  163. data/lib/chef/resource/script.rb +2 -2
  164. data/lib/chef/resource/solaris_package.rb +0 -2
  165. data/lib/chef/resource/sudo.rb +1 -1
  166. data/lib/chef/resource/support/client.erb +64 -0
  167. data/lib/chef/resource/systemd_unit.rb +42 -1
  168. data/lib/chef/resource/template.rb +2 -2
  169. data/lib/chef/resource/windows_ad_join.rb +9 -9
  170. data/lib/chef/resource/windows_audit_policy.rb +26 -24
  171. data/lib/chef/resource/windows_certificate.rb +13 -7
  172. data/lib/chef/resource/windows_dfs_server.rb +7 -4
  173. data/lib/chef/resource/windows_env.rb +173 -0
  174. data/lib/chef/resource/windows_feature.rb +2 -0
  175. data/lib/chef/resource/windows_firewall_profile.rb +7 -12
  176. data/lib/chef/resource/windows_firewall_rule.rb +9 -11
  177. data/lib/chef/resource/windows_font.rb +1 -1
  178. data/lib/chef/resource/windows_package.rb +1 -0
  179. data/lib/chef/resource/windows_path.rb +38 -0
  180. data/lib/chef/resource/windows_security_policy.rb +5 -5
  181. data/lib/chef/resource/windows_service.rb +108 -0
  182. data/lib/chef/resource/windows_share.rb +18 -18
  183. data/lib/chef/resource/windows_task.rb +629 -28
  184. data/lib/chef/resource/windows_workgroup.rb +6 -4
  185. data/lib/chef/resource/yum_repository.rb +1 -1
  186. data/lib/chef/resource_collection/resource_set.rb +2 -6
  187. data/lib/chef/resource_inspector.rb +77 -75
  188. data/lib/chef/resource_reporter.rb +0 -2
  189. data/lib/chef/resources.rb +1 -0
  190. data/lib/chef/run_lock.rb +2 -2
  191. data/lib/chef/search/query.rb +3 -1
  192. data/lib/chef/server_api.rb +0 -4
  193. data/lib/chef/shell/ext.rb +1 -1
  194. data/lib/chef/util/backup.rb +1 -1
  195. data/lib/chef/util/dsc/configuration_generator.rb +52 -11
  196. data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
  197. data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
  198. data/lib/chef/util/dsc/resource_store.rb +5 -11
  199. data/lib/chef/version.rb +1 -1
  200. data/lib/chef/win32/api/file.rb +4 -0
  201. data/lib/chef/win32/file.rb +1 -1
  202. data/lib/chef/win32/security/sid.rb +1 -1
  203. data/lib/chef/win32/unicode.rb +1 -1
  204. data/spec/functional/mixin/powershell_out_spec.rb +11 -3
  205. data/spec/functional/resource/apt_package_spec.rb +4 -6
  206. data/spec/functional/resource/chocolatey_package_spec.rb +3 -3
  207. data/spec/functional/resource/cron_spec.rb +3 -3
  208. data/spec/functional/resource/dsc_script_spec.rb +6 -9
  209. data/spec/functional/resource/mount_spec.rb +10 -2
  210. data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
  211. data/spec/functional/resource/powershell_script_spec.rb +57 -14
  212. data/spec/functional/resource/windows_certificate_spec.rb +10 -6
  213. data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
  214. data/spec/functional/resource/windows_package_spec.rb +36 -10
  215. data/spec/functional/resource/windows_share_spec.rb +103 -0
  216. data/spec/functional/resource/windows_task_spec.rb +2 -3
  217. data/spec/functional/resource/zypper_package_spec.rb +11 -0
  218. data/spec/integration/client/client_spec.rb +2 -1
  219. data/spec/integration/compliance/compliance_spec.rb +81 -0
  220. data/spec/integration/knife/client_key_create_spec.rb +1 -1
  221. data/spec/integration/knife/node_create_spec.rb +1 -1
  222. data/spec/integration/knife/node_environment_set_spec.rb +1 -1
  223. data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
  224. data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
  225. data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
  226. data/spec/integration/knife/node_show_spec.rb +1 -1
  227. data/spec/integration/recipes/notifies_spec.rb +1 -1
  228. data/spec/integration/recipes/provider_choice.rb +2 -2
  229. data/spec/integration/recipes/recipe_dsl_spec.rb +1 -0
  230. data/spec/spec_helper.rb +3 -4
  231. data/spec/support/lib/chef/resource/cat.rb +1 -1
  232. data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
  233. data/spec/support/mock/platform.rb +24 -16
  234. data/spec/support/platform_helpers.rb +11 -4
  235. data/spec/support/shared/unit/knife_shared.rb +1 -1
  236. data/spec/support/shared/unit/script_resource.rb +4 -4
  237. data/spec/support/shared/unit/windows_script_resource.rb +1 -1
  238. data/spec/unit/chef_fs/config_spec.rb +1 -1
  239. data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
  240. data/spec/unit/client_spec.rb +17 -0
  241. data/spec/unit/compliance/fetcher/automate_spec.rb +134 -0
  242. data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
  243. data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
  244. data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
  245. data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
  246. data/spec/unit/compliance/runner_spec.rb +140 -0
  247. data/spec/unit/data_collector_spec.rb +0 -4
  248. data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
  249. data/spec/unit/http/ssl_policies_spec.rb +11 -0
  250. data/spec/unit/knife/client_create_spec.rb +2 -2
  251. data/spec/unit/knife/configure_client_spec.rb +5 -5
  252. data/spec/unit/knife/configure_spec.rb +3 -3
  253. data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
  254. data/spec/unit/knife/cookbook_download_spec.rb +2 -2
  255. data/spec/unit/knife/cookbook_list_spec.rb +2 -2
  256. data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
  257. data/spec/unit/knife/core/node_editor_spec.rb +1 -1
  258. data/spec/unit/knife/environment_compare_spec.rb +3 -3
  259. data/spec/unit/knife/supermarket_download_spec.rb +8 -8
  260. data/spec/unit/knife/supermarket_list_spec.rb +3 -3
  261. data/spec/unit/knife/supermarket_search_spec.rb +1 -1
  262. data/spec/unit/knife/tag_create_spec.rb +1 -1
  263. data/spec/unit/knife/tag_delete_spec.rb +1 -1
  264. data/spec/unit/knife/user_create_spec.rb +1 -1
  265. data/spec/unit/mixin/powershell_exec_spec.rb +41 -4
  266. data/spec/unit/mixin/powershell_out_spec.rb +14 -0
  267. data/spec/unit/mixin/which.rb +1 -1
  268. data/spec/unit/platform/query_helpers_spec.rb +11 -12
  269. data/spec/unit/provider/dsc_resource_spec.rb +10 -27
  270. data/spec/unit/provider/dsc_script_spec.rb +1 -1
  271. data/spec/unit/provider/group/windows_spec.rb +6 -0
  272. data/spec/unit/provider/group_spec.rb +1 -1
  273. data/spec/unit/provider/mount/linux_spec.rb +10 -0
  274. data/spec/unit/provider/mount/mount_spec.rb +21 -10
  275. data/spec/unit/provider/mount/solaris_spec.rb +1 -1
  276. data/spec/unit/provider/mount/windows_spec.rb +1 -0
  277. data/spec/unit/provider/mount_spec.rb +31 -0
  278. data/spec/unit/provider/package/chocolatey_spec.rb +1 -2
  279. data/spec/unit/provider/package/powershell_spec.rb +87 -95
  280. data/spec/unit/provider/package/zypper_spec.rb +0 -25
  281. data/spec/unit/provider/package_spec.rb +2 -2
  282. data/spec/unit/provider/powershell_script_spec.rb +11 -0
  283. data/spec/unit/provider/subversion_spec.rb +0 -3
  284. data/spec/unit/provider/systemd_unit_spec.rb +1 -1
  285. data/spec/unit/provider/user_spec.rb +7 -1
  286. data/spec/unit/provider/windows_env_spec.rb +18 -34
  287. data/spec/unit/provider/windows_path_spec.rb +6 -11
  288. data/spec/unit/provider/windows_task_spec.rb +7 -6
  289. data/spec/unit/resource/breakpoint_spec.rb +1 -1
  290. data/spec/unit/resource/build_essential_spec.rb +0 -12
  291. data/spec/unit/resource/chef_client_config_spec.rb +137 -0
  292. data/spec/unit/resource/ifconfig_spec.rb +2 -10
  293. data/spec/unit/resource/mount_spec.rb +18 -5
  294. data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
  295. data/spec/unit/resource/powershell_script_spec.rb +4 -74
  296. data/spec/unit/resource/service_spec.rb +2 -2
  297. data/spec/unit/resource/solaris_package_spec.rb +8 -10
  298. data/spec/unit/resource/windows_certificate_spec.rb +12 -0
  299. data/spec/unit/resource_inspector_spec.rb +3 -3
  300. data/spec/unit/shell_spec.rb +2 -2
  301. data/spec/unit/util/dsc/configuration_generator_spec.rb +79 -0
  302. data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
  303. data/tasks/rspec.rb +1 -1
  304. metadata +47 -24
  305. data/lib/chef/monkey_patches/net_http.rb +0 -22
  306. data/lib/chef/provider/windows_env.rb +0 -210
  307. data/lib/chef/provider/windows_path.rb +0 -61
  308. data/lib/chef/provider/windows_task.rb +0 -631
  309. data/lib/chef/util/powershell/cmdlet.rb +0 -175
  310. data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
  311. data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
  312. data/spec/support/mock/constant.rb +0 -52
  313. data/spec/unit/monkey_patches/uri_spec.rb +0 -34
  314. data/spec/unit/provider_resolver_spec.rb +0 -885
  315. data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
  316. data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
  317. data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
@@ -225,13 +225,13 @@ class Chef
225
225
 
226
226
  if attribute == :platform_family
227
227
  # If any blocklist value matches, we don't match
228
- return false if blocklist.any? { |v| v[1..-1] == value || platform_family_query_helper?(node, v[1..-1]) }
228
+ return false if blocklist.any? { |v| v[1..] == value || platform_family_query_helper?(node, v[1..]) }
229
229
 
230
230
  # If the allowlist is empty, or anything matches, we match.
231
231
  allowlist.empty? || allowlist.any? { |v| v == :all || v == value || platform_family_query_helper?(node, v) }
232
232
  else
233
233
  # If any blocklist value matches, we don't match
234
- return false if blocklist.any? { |v| v[1..-1] == value }
234
+ return false if blocklist.any? { |v| v[1..] == value }
235
235
 
236
236
  # If the allowlist is empty, or anything matches, we match.
237
237
  allowlist.empty? || allowlist.any? { |v| v == :all || v == value }
@@ -58,10 +58,10 @@ class Chef
58
58
  end
59
59
 
60
60
  def dsc_refresh_mode_disabled?(node)
61
- require_relative "../util/powershell/cmdlet"
62
- cmdlet = Chef::Util::Powershell::Cmdlet.new(node, "Get-DscLocalConfigurationManager", :object)
63
- metadata = cmdlet.run!.return_value
64
- metadata["RefreshMode"] == "Disabled"
61
+ require_relative "../powershell"
62
+ exec = Chef::PowerShell.new("Get-DscLocalConfigurationManager")
63
+ exec.error!
64
+ exec.result["RefreshMode"] == "Disabled"
65
65
  end
66
66
 
67
67
  def supported_powershell_version?(node, version_string)
@@ -23,6 +23,8 @@ require_relative "../run_context"
23
23
  require_relative "../config"
24
24
  require_relative "../node"
25
25
  require_relative "../exceptions"
26
+ require_relative "expand_node_object"
27
+ require_relative "policyfile"
26
28
 
27
29
  class Chef
28
30
  module PolicyBuilder
@@ -24,6 +24,7 @@ class Chef
24
24
 
25
25
  attr_reader :result
26
26
  attr_reader :errors
27
+ attr_reader :verbose
27
28
 
28
29
  # Run a command under PowerShell via FFI
29
30
  # This implementation requires the managed dll and native wrapper to be in the library search
@@ -34,8 +35,12 @@ class Chef
34
35
  # @param script [String] script to run
35
36
  # @return [Object] output
36
37
  def initialize(script)
37
- raise "Chef::PowerShell can only be used on the Windows platform." unless RUBY_PLATFORM.match?(/mswin|mingw32|windows/)
38
-
38
+ # This Powershell DLL source lives here: https://github.com/chef/chef-powershell-shim
39
+ # Every merge into that repo triggers a Habitat build and promotion. Running
40
+ # the rake :update_chef_exec_dll task in this (chef/chef) repo will pull down
41
+ # the built packages and copy the binaries to distro/ruby_bin_folder. Bundle install
42
+ # ensures that the correct architecture binaries are installed into the path.
43
+ @dll ||= "Chef.PowerShell.Wrapper.dll"
39
44
  exec(script)
40
45
  end
41
46
 
@@ -59,15 +64,16 @@ class Chef
59
64
  raise Chef::PowerShell::CommandFailed, "Unexpected exit in PowerShell command: #{@errors}" if error?
60
65
  end
61
66
 
62
- private
67
+ protected
63
68
 
64
69
  def exec(script)
65
- FFI.ffi_lib "Chef.PowerShell.Wrapper.dll"
70
+ FFI.ffi_lib @dll
66
71
  FFI.attach_function :execute_powershell, :ExecuteScript, [:string], :pointer
67
72
  execution = FFI.execute_powershell(script).read_utf16string
68
73
  hashed_outcome = Chef::JSONCompat.parse(execution)
69
74
  @result = Chef::JSONCompat.parse(hashed_outcome["result"])
70
75
  @errors = hashed_outcome["errors"]
76
+ @verbose = hashed_outcome["verbose"]
71
77
  end
72
78
  end
73
79
  end
@@ -559,7 +559,7 @@ class Chef
559
559
  if modified_options.key?(:name_property) ||
560
560
  modified_options.key?(:name_attribute) ||
561
561
  modified_options.key?(:default)
562
- options = options.reject { |k, v| k == :name_attribute || k == :name_property || k == :default }
562
+ options = options.reject { |k, v| %i{name_attribute name_property default}.include?(k) }
563
563
  end
564
564
  self.class.new(**options.merge(modified_options))
565
565
  end
@@ -88,7 +88,7 @@ class Chef
88
88
  def self.use(partial)
89
89
  dirname = ::File.dirname(partial)
90
90
  basename = ::File.basename(partial, ".rb")
91
- basename = basename[1..-1] if basename.start_with?("_")
91
+ basename = basename[1..] if basename.start_with?("_")
92
92
  class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.absolute_path)))
93
93
  end
94
94
 
@@ -112,13 +112,7 @@ class Chef
112
112
  when ENV_PATTERN
113
113
  crontab << line unless cron_found
114
114
  next
115
- when SPECIAL_PATTERN
116
- if cron_found
117
- cron_found = false
118
- crontab << newcron
119
- next
120
- end
121
- when CRON_PATTERN
115
+ when SPECIAL_PATTERN, CRON_PATTERN
122
116
  if cron_found
123
117
  cron_found = false
124
118
  crontab << newcron
@@ -163,12 +157,7 @@ class Chef
163
157
  next
164
158
  when ENV_PATTERN
165
159
  next if cron_found
166
- when SPECIAL_PATTERN
167
- if cron_found
168
- cron_found = false
169
- next
170
- end
171
- when CRON_PATTERN
160
+ when SPECIAL_PATTERN, CRON_PATTERN
172
161
  if cron_found
173
162
  cron_found = false
174
163
  next
@@ -15,7 +15,8 @@
15
15
  # See the License for the specific language governing permissions and
16
16
  # limitations under the License.
17
17
  #
18
- require_relative "../util/powershell/cmdlet"
18
+ require "timeout" unless defined?(Timeout)
19
+ require_relative "../mixin/powershell_exec"
19
20
  require_relative "../util/dsc/local_configuration_manager"
20
21
  require_relative "../mixin/powershell_type_coercions"
21
22
  require_relative "../util/dsc/resource_store"
@@ -130,27 +131,27 @@ class Chef
130
131
  def test_resource
131
132
  result = invoke_resource(:test)
132
133
  add_dsc_verbose_log(result)
133
- return_dsc_resource_result(result, "InDesiredState")
134
+ result.result["InDesiredState"]
134
135
  end
135
136
 
136
137
  def set_resource
137
138
  result = invoke_resource(:set)
138
139
  add_dsc_verbose_log(result)
139
- create_reboot_resource if return_dsc_resource_result(result, "RebootRequired")
140
- result.return_value
140
+ create_reboot_resource if result.result["RebootRequired"]
141
+ result
141
142
  end
142
143
 
143
144
  def add_dsc_verbose_log(result)
144
145
  # We really want this information from the verbose stream,
145
146
  # however in some versions of WMF, Invoke-DscResource is not correctly
146
147
  # writing to that stream and instead just dumping to stdout
147
- verbose_output = result.stream(:verbose)
148
- verbose_output = result.stdout if verbose_output.empty?
148
+ verbose_output = result.verbose.join("\n")
149
+ verbose_output = result.result if verbose_output.empty?
149
150
 
150
151
  if @converge_description.nil? || @converge_description.empty?
151
152
  @converge_description = verbose_output
152
153
  else
153
- @converge_description << "\n"
154
+ @converge_description << "\n\n"
154
155
  @converge_description << verbose_output
155
156
  end
156
157
  end
@@ -159,26 +160,13 @@ class Chef
159
160
  @module_version.nil? ? module_name : "@{ModuleName='#{module_name}';ModuleVersion='#{@module_version}'}"
160
161
  end
161
162
 
162
- def invoke_resource(method, output_format = :object)
163
+ def invoke_resource(method)
163
164
  properties = translate_type(new_resource.properties)
164
165
  switches = "-Method #{method} -Name #{new_resource.resource}"\
165
166
  " -Property #{properties} -Module #{module_info_object} -Verbose"
166
- cmdlet = Chef::Util::Powershell::Cmdlet.new(
167
- node,
168
- "Invoke-DscResource #{switches}",
169
- output_format
170
- )
171
- cmdlet.run!({}, { timeout: new_resource.timeout })
172
- end
173
-
174
- def return_dsc_resource_result(result, property_name)
175
- if result.return_value.is_a?(Array)
176
- # WMF Feb 2015 Preview
177
- result.return_value[0][property_name]
178
- else
179
- # WMF April 2015 Preview
180
- result.return_value[property_name]
181
- end
167
+ Timeout.timeout(new_resource.timeout) {
168
+ powershell_exec!("Invoke-DscResource #{switches}")
169
+ }
182
170
  end
183
171
 
184
172
  def create_reboot_resource
@@ -16,7 +16,6 @@
16
16
  # limitations under the License.
17
17
  #
18
18
 
19
- require_relative "../util/powershell/cmdlet"
20
19
  require_relative "../util/dsc/configuration_generator"
21
20
  require_relative "../util/dsc/local_configuration_manager"
22
21
  require_relative "../util/path_helper"
@@ -32,11 +31,11 @@ class Chef
32
31
  @dsc_resource = dsc_resource
33
32
  @resource_converged = false
34
33
  @operations = {
35
- set: Proc.new do |config_manager, document, shellout_flags|
36
- config_manager.set_configuration(document, shellout_flags)
34
+ set: Proc.new do |config_manager, document|
35
+ config_manager.set_configuration(document)
37
36
  end,
38
- test: Proc.new do |config_manager, document, shellout_flags|
39
- config_manager.test_configuration(document, shellout_flags)
37
+ test: Proc.new do |config_manager, document|
38
+ config_manager.test_configuration(document)
40
39
  end }
41
40
  end
42
41
 
@@ -85,20 +84,23 @@ class Chef
85
84
 
86
85
  config_manager = Chef::Util::DSC::LocalConfigurationManager.new(@run_context.node, config_directory)
87
86
 
88
- shellout_flags = {
89
- cwd: @dsc_resource.cwd,
90
- environment: @dsc_resource.environment,
91
- timeout: @dsc_resource.timeout,
92
- }
87
+ cwd = @dsc_resource.cwd || Dir.pwd
88
+ original_env = ENV.to_hash
93
89
 
94
90
  begin
95
- configuration_document = generate_configuration_document(config_directory, configuration_flags)
96
- @operations[operation].call(config_manager, configuration_document, shellout_flags)
91
+ ENV.update(@dsc_resource.environment) if @dsc_resource.environment
92
+ Dir.chdir(cwd) do
93
+ Timeout.timeout(@dsc_resource.timeout) do
94
+ configuration_document = generate_configuration_document(config_directory, configuration_flags)
95
+ @operations[operation].call(config_manager, configuration_document)
96
+ end
97
+ end
97
98
  rescue Exception => e
98
99
  logger.error("DSC operation failed: #{e.message}")
99
100
  raise e
100
101
  ensure
101
102
  ::FileUtils.rm_rf(config_directory)
103
+ ENV.replace(original_env)
102
104
  end
103
105
  end
104
106
 
@@ -112,20 +114,14 @@ class Chef
112
114
  end
113
115
 
114
116
  def generate_configuration_document(config_directory, configuration_flags)
115
- shellout_flags = {
116
- cwd: @dsc_resource.cwd,
117
- environment: @dsc_resource.environment,
118
- timeout: @dsc_resource.timeout,
119
- }
120
-
121
117
  generator = Chef::Util::DSC::ConfigurationGenerator.new(@run_context.node, config_directory)
122
118
 
123
119
  if @dsc_resource.command
124
- generator.configuration_document_from_script_path(@dsc_resource.command, configuration_name, configuration_flags, shellout_flags)
120
+ generator.configuration_document_from_script_path(@dsc_resource.command, configuration_name, configuration_flags)
125
121
  else
126
122
  # If code is also not provided, we mimic what the other script resources do (execute nothing)
127
123
  logger.warn("Neither code or command were provided for dsc_resource[#{@dsc_resource.name}].") unless @dsc_resource.code
128
- generator.configuration_document_from_script_code(@dsc_resource.code || "", configuration_flags, @dsc_resource.imports, shellout_flags)
124
+ generator.configuration_document_from_script_code(@dsc_resource.code || "", configuration_flags, @dsc_resource.imports)
129
125
  end
130
126
  end
131
127
 
@@ -31,7 +31,7 @@ require_relative "../util/backup"
31
31
  require_relative "../util/diff"
32
32
  require_relative "../util/selinux"
33
33
  require_relative "../file_content_management/deploy"
34
- require "chef-utils" unless defined?(ChefUtils)
34
+ require "chef-utils" unless defined?(ChefUtils::CANARY)
35
35
 
36
36
  # The Tao of File Providers:
37
37
  # - the content provider must always return a tempfile that we can delete/mv
@@ -68,9 +68,9 @@ class Chef
68
68
  a.assertion { !(new_resource.revision =~ %r{^origin/}) }
69
69
  a.failure_message Chef::Exceptions::InvalidRemoteGitReference,
70
70
  "Deploying remote branches is not supported. " +
71
- "Specify the remote branch as a local branch for " +
72
- "the git repository you're deploying from " +
73
- "(ie: '#{new_resource.revision.gsub("origin/", "")}' rather than '#{new_resource.revision}')."
71
+ "Specify the remote branch as a local branch for " +
72
+ "the git repository you're deploying from " +
73
+ "(ie: '#{new_resource.revision.gsub("origin/", "")}' rather than '#{new_resource.revision}')."
74
74
  end
75
75
 
76
76
  requirements.assert(:all_actions) do |a|
@@ -80,8 +80,8 @@ class Chef
80
80
  a.assertion { !target_revision.nil? }
81
81
  a.failure_message Chef::Exceptions::UnresolvableGitReference,
82
82
  "Unable to parse SHA reference for '#{new_resource.revision}' in repository '#{new_resource.repository}'. " +
83
- "Verify your (case-sensitive) repository URL and revision.\n" +
84
- "`git ls-remote '#{new_resource.repository}' '#{rev_search_pattern}'` output: #{@resolved_reference}"
83
+ "Verify your (case-sensitive) repository URL and revision.\n" +
84
+ "`git ls-remote '#{new_resource.repository}' '#{rev_search_pattern}'` output: #{@resolved_reference}"
85
85
  end
86
86
  end
87
87
 
@@ -78,7 +78,7 @@ class Chef
78
78
  # <false>:: If a change is not required
79
79
  def compare_group
80
80
  @change_desc = [ ]
81
- if new_resource.gid.to_s != current_resource.gid.to_s
81
+ unless group_gid_match?
82
82
  @change_desc << "change gid #{current_resource.gid} to #{new_resource.gid}"
83
83
  end
84
84
 
@@ -103,13 +103,21 @@ class Chef
103
103
  unless members_to_be_removed.empty?
104
104
  @change_desc << "remove existing member(s): #{members_to_be_removed.join(", ")}"
105
105
  end
106
- elsif new_resource.members != current_resource.members
107
- @change_desc << "replace group members with new list of members"
106
+ elsif !group_members_match?
107
+ @change_desc << "replace group members with new list of members: #{new_resource.members.join(", ")}"
108
108
  end
109
109
 
110
110
  !@change_desc.empty?
111
111
  end
112
112
 
113
+ def group_gid_match?
114
+ new_resource.gid.to_s == current_resource.gid.to_s
115
+ end
116
+
117
+ def group_members_match?
118
+ [new_resource.members].flatten.sort == [current_resource.members].flatten.sort
119
+ end
120
+
113
121
  def has_current_group_member?(member)
114
122
  current_resource.members.include?(member)
115
123
  end
@@ -131,7 +139,7 @@ class Chef
131
139
  if compare_group
132
140
  converge_by(["alter group #{new_resource.group_name}"] + change_desc) do
133
141
  manage_group
134
- logger.info("#{new_resource} altered")
142
+ logger.info("#{new_resource} altered: #{change_desc.join(", ")}")
135
143
  end
136
144
  end
137
145
  end
@@ -151,7 +159,7 @@ class Chef
151
159
 
152
160
  converge_by(["manage group #{new_resource.group_name}"] + change_desc) do
153
161
  manage_group
154
- logger.info("#{new_resource} managed")
162
+ logger.info("#{new_resource} managed: #{change_desc.join(", ")}")
155
163
  end
156
164
  end
157
165
 
@@ -160,7 +168,7 @@ class Chef
160
168
 
161
169
  converge_by(["modify group #{new_resource.group_name}"] + change_desc) do
162
170
  manage_group
163
- logger.info("#{new_resource} modified")
171
+ logger.info("#{new_resource} modified: #{change_desc.join(", ")}")
164
172
  end
165
173
  end
166
174
 
@@ -33,6 +33,17 @@ class Chef
33
33
  @net_group = Chef::Util::Windows::NetGroup.new(new_resource.group_name)
34
34
  end
35
35
 
36
+ def group_members_match?
37
+ sorted_members_sids = new_resource.members.map { |x| lookup_account_name(x) }.sort
38
+ sorted_current_sids = current_resource.members.sort
39
+ Chef::Log.debug("#{new_resource.name}: current_members: #{sorted_current_sids} vs new_members #{sorted_members_sids}")
40
+ sorted_members_sids == sorted_current_sids
41
+ end
42
+
43
+ def group_gid_match?
44
+ true
45
+ end
46
+
36
47
  def load_current_resource
37
48
  @current_resource = Chef::Resource::Group.new(new_resource.name)
38
49
  current_resource.group_name(new_resource.group_name)
@@ -74,7 +85,7 @@ class Chef
74
85
  members_to_be_removed << member if has_current_group_member?(member)
75
86
  end
76
87
  @net_group.local_delete_members(members_to_be_removed) unless members_to_be_removed.empty?
77
- else
88
+ elsif !group_members_match?
78
89
  @net_group.local_set_members(new_resource.members)
79
90
  end
80
91
  @net_group.local_group_set_info(new_resource.comment) if new_resource.comment
@@ -126,18 +126,18 @@ class Chef
126
126
  elsif line.match(addr_regex)[3] == ""
127
127
  @int_name = line.match(addr_regex)[1]
128
128
  @interfaces[@int_name] = {}
129
- @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /mtu/ && @interfaces[@int_name]["mtu"].nil?
129
+ @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("mtu") && @interfaces[@int_name]["mtu"].nil?
130
130
  else
131
131
  @int_name = "#{line.match(addr_regex)[1]}:#{line.match(addr_regex)[3]}"
132
132
  @interfaces[@int_name] = {}
133
- @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /mtu/ && @interfaces[@int_name]["mtu"].nil?
133
+ @interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("mtu") && @interfaces[@int_name]["mtu"].nil?
134
134
  end
135
135
  else
136
- @interfaces[@int_name]["inet_addr"] = (line =~ /inet (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /inet/ && @interfaces[@int_name]["inet_addr"].nil?
137
- @interfaces[@int_name]["bcast"] = (line =~ /broadcast (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /broadcast/ && @interfaces[@int_name]["bcast"].nil?
138
- @interfaces[@int_name]["mask"] = (line =~ /netmask (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /netmask/ && @interfaces[@int_name]["mask"].nil?
139
- @interfaces[@int_name]["hwaddr"] = (line =~ /ether (\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /ether/ && @interfaces[@int_name]["hwaddr"].nil?
140
- @interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line =~ /Metric:/ && @interfaces[@int_name]["metric"].nil?
136
+ @interfaces[@int_name]["inet_addr"] = (line =~ /inet (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("inet") && @interfaces[@int_name]["inet_addr"].nil?
137
+ @interfaces[@int_name]["bcast"] = (line =~ /broadcast (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("broadcast") && @interfaces[@int_name]["bcast"].nil?
138
+ @interfaces[@int_name]["mask"] = (line =~ /netmask (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("netmask") && @interfaces[@int_name]["mask"].nil?
139
+ @interfaces[@int_name]["hwaddr"] = (line =~ /ether (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("ether") && @interfaces[@int_name]["hwaddr"].nil?
140
+ @interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("Metric:") && @interfaces[@int_name]["metric"].nil?
141
141
  end
142
142
 
143
143
  next unless @interfaces.key?(new_resource.device)
@@ -236,7 +236,7 @@ class Chef
236
236
  return unless can_generate_config?
237
237
 
238
238
  b = binding
239
- template = ::ERB.new(@config_template)
239
+ template = ::ERB.new(@config_template, nil, "-")
240
240
  config = resource_for_config(@config_path)
241
241
  config.content(template.result(b))
242
242
  config.run_action(:create)
@@ -23,8 +23,7 @@ class Chef
23
23
  class Provider
24
24
  class Ifconfig
25
25
  class Debian < Chef::Provider::Ifconfig
26
- provides :ifconfig, platform: %w{ubuntu}, platform_version: ">= 11.10"
27
- provides :ifconfig, platform: %w{debian}, platform_version: ">= 7.0"
26
+ provides :ifconfig, platform_family: %w{debian}
28
27
 
29
28
  INTERFACES_FILE = "/etc/network/interfaces".freeze
30
29
  INTERFACES_DOT_D_DIR = "/etc/network/interfaces.d".freeze
@@ -32,25 +31,43 @@ class Chef
32
31
  def initialize(new_resource, run_context)
33
32
  super(new_resource, run_context)
34
33
  @config_template = %{
35
- <% if new_resource.device %>
36
- <% if new_resource.onboot == "yes" %>auto <%= new_resource.device %><% end %>
34
+ <% if new_resource.device -%>
35
+ <% if new_resource.onboot == "yes" -%>
36
+ auto <%= new_resource.device %>
37
+ <% end -%>
37
38
  <% case new_resource.bootproto
38
- when "dhcp" %>
39
+ when "dhcp" -%>
39
40
  iface <%= new_resource.device %> <%= new_resource.family %> dhcp
40
- <% when "bootp" %>
41
+ <% when "bootp" -%>
41
42
  iface <%= new_resource.device %> <%= new_resource.family %> bootp
42
- <% else %>
43
+ <% else -%>
43
44
  iface <%= new_resource.device %> <%= new_resource.family %> static
44
- <% if new_resource.target %>address <%= new_resource.target %><% end %>
45
- <% if new_resource.mask %>netmask <%= new_resource.mask %><% end %>
46
- <% if new_resource.network %>network <%= new_resource.network %><% end %>
47
- <% if new_resource.bcast %>broadcast <%= new_resource.bcast %><% end %>
48
- <% if new_resource.metric %>metric <%= new_resource.metric %><% end %>
49
- <% if new_resource.hwaddr %>hwaddress <%= new_resource.hwaddr %><% end %>
50
- <% if new_resource.mtu %>mtu <%= new_resource.mtu %><% end %>
51
- <% if new_resource.gateway %>gateway <%= new_resource.gateway %><% end %>
52
- <% end %>
53
- <% end %>
45
+ <% if new_resource.target -%>
46
+ address <%= new_resource.target %>
47
+ <% end -%>
48
+ <% if new_resource.mask -%>
49
+ netmask <%= new_resource.mask %>
50
+ <% end -%>
51
+ <% if new_resource.network -%>
52
+ network <%= new_resource.network %>
53
+ <% end -%>
54
+ <% if new_resource.bcast -%>
55
+ broadcast <%= new_resource.bcast %>
56
+ <% end -%>
57
+ <% if new_resource.metric -%>
58
+ metric <%= new_resource.metric %>
59
+ <% end -%>
60
+ <% if new_resource.hwaddr -%>
61
+ hwaddress <%= new_resource.hwaddr %>
62
+ <% end -%>
63
+ <% if new_resource.mtu -%>
64
+ mtu <%= new_resource.mtu %>
65
+ <% end -%>
66
+ <% if new_resource.gateway -%>
67
+ gateway <%= new_resource.gateway %>
68
+ <% end -%>
69
+ <% end -%>
70
+ <% end -%>
54
71
  }
55
72
  @config_path = "#{INTERFACES_DOT_D_DIR}/ifcfg-#{new_resource.device}"
56
73
  end
@@ -63,13 +80,12 @@ iface <%= new_resource.device %> <%= new_resource.family %> static
63
80
  protected
64
81
 
65
82
  def enforce_interfaces_dot_d_sanity
66
- # on ubuntu 18.04 there's no interfaces file and it uses interfaces.d by default
83
+ # on ubuntu 18.04+ there's no interfaces file and it uses interfaces.d by default
67
84
  return if ::File.directory?(INTERFACES_DOT_D_DIR) && !::File.exist?(INTERFACES_FILE)
68
85
 
69
- # create /etc/network/interfaces.d via dir resource (to get reporting, etc)
70
- dir = Chef::Resource::Directory.new(INTERFACES_DOT_D_DIR, run_context)
71
- dir.run_action(:create)
72
- new_resource.updated_by_last_action(true) if dir.updated_by_last_action?
86
+ # create /etc/network/interfaces.d via dir if it's missing
87
+ directory INTERFACES_DOT_D_DIR
88
+
73
89
  # roll our own file_edit resource, this will not get reported until we have a file_edit resource
74
90
  interfaces_dot_d_for_regexp = INTERFACES_DOT_D_DIR.gsub(/\./, '\.') # escape dots for the regexp
75
91
  regexp = %r{^\s*source\s+#{interfaces_dot_d_for_regexp}/\*\s*$}