chef 16.5.64 → 16.8.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +6 -14
- data/README.md +1 -1
- data/Rakefile +21 -14
- data/chef-universal-mingw32.gemspec +1 -1
- data/chef.gemspec +3 -2
- data/lib/chef/application.rb +2 -2
- data/lib/chef/application/base.rb +1 -1
- data/lib/chef/application/client.rb +7 -2
- data/lib/chef/application/knife.rb +1 -1
- data/lib/chef/application/solo.rb +1 -1
- data/lib/chef/chef_fs/chef_fs_data_store.rb +1 -1
- data/lib/chef/chef_fs/data_handler/cookbook_data_handler.rb +1 -1
- data/lib/chef/chef_fs/file_pattern.rb +1 -1
- data/lib/chef/chef_fs/file_system/repository/chef_repository_file_system_cookbook_entry.rb +1 -1
- data/lib/chef/client.rb +6 -32
- data/lib/chef/compliance/default_attributes.rb +89 -0
- data/lib/chef/compliance/fetcher/automate.rb +69 -0
- data/lib/chef/compliance/fetcher/chef_server.rb +134 -0
- data/lib/chef/compliance/reporter/automate.rb +202 -0
- data/lib/chef/compliance/reporter/chef_server_automate.rb +94 -0
- data/lib/chef/compliance/reporter/compliance_enforcer.rb +20 -0
- data/lib/chef/compliance/reporter/json_file.rb +19 -0
- data/lib/chef/compliance/runner.rb +261 -0
- data/lib/chef/cookbook/gem_installer.rb +1 -1
- data/lib/chef/cookbook_manifest.rb +2 -1
- data/lib/chef/cookbook_site_streaming_uploader.rb +1 -1
- data/lib/chef/cookbook_version.rb +2 -5
- data/lib/chef/data_collector.rb +1 -1
- data/lib/chef/encrypted_data_bag_item/assertions.rb +1 -1
- data/lib/chef/environment.rb +1 -1
- data/lib/chef/event_loggers/windows_eventlog.rb +1 -1
- data/lib/chef/exceptions.rb +5 -1
- data/lib/chef/file_access_control/windows.rb +1 -4
- data/lib/chef/file_content_management/tempfile.rb +1 -1
- data/lib/chef/formatters/error_inspectors/compile_error_inspector.rb +2 -2
- data/lib/chef/formatters/error_inspectors/resource_failure_inspector.rb +5 -5
- data/lib/chef/formatters/indentable_output_stream.rb +2 -2
- data/lib/chef/guard_interpreter/resource_guard_interpreter.rb +28 -39
- data/lib/chef/http.rb +2 -12
- data/lib/chef/http/basic_client.rb +1 -1
- data/lib/chef/http/http_request.rb +1 -1
- data/lib/chef/http/socketless_chef_zero_client.rb +1 -1
- data/lib/chef/http/ssl_policies.rb +6 -0
- data/lib/chef/json_compat.rb +2 -7
- data/lib/chef/key.rb +1 -1
- data/lib/chef/knife/bootstrap.rb +2 -1
- data/lib/chef/knife/bootstrap/templates/windows-chef-client-msi.erb +2 -2
- data/lib/chef/knife/bootstrap/train_connector.rb +1 -1
- data/lib/chef/knife/config_show.rb +1 -1
- data/lib/chef/knife/core/cookbook_scm_repo.rb +1 -1
- data/lib/chef/knife/core/gem_glob_loader.rb +1 -1
- data/lib/chef/knife/core/ui.rb +5 -2
- data/lib/chef/knife/core/windows_bootstrap_context.rb +7 -4
- data/lib/chef/knife/node_policy_set.rb +2 -2
- data/lib/chef/knife/node_run_list_add.rb +1 -1
- data/lib/chef/knife/node_run_list_remove.rb +1 -1
- data/lib/chef/knife/node_run_list_set.rb +1 -1
- data/lib/chef/knife/role_env_run_list_add.rb +1 -1
- data/lib/chef/knife/role_env_run_list_set.rb +1 -1
- data/lib/chef/knife/role_run_list_add.rb +1 -1
- data/lib/chef/knife/role_run_list_set.rb +1 -1
- data/lib/chef/knife/search.rb +0 -1
- data/lib/chef/knife/ssh.rb +5 -3
- data/lib/chef/knife/tag_create.rb +1 -1
- data/lib/chef/knife/tag_delete.rb +1 -1
- data/lib/chef/local_mode.rb +1 -1
- data/lib/chef/mixin/convert_to_class_name.rb +0 -56
- data/lib/chef/mixin/openssl_helper.rb +1 -1
- data/lib/chef/mixin/powershell_exec.rb +24 -10
- data/lib/chef/mixin/powershell_out.rb +12 -5
- data/lib/chef/mixin/properties.rb +2 -0
- data/lib/chef/mixin/template.rb +1 -1
- data/lib/chef/mixin/unformatter.rb +1 -1
- data/lib/chef/mixin/uris.rb +3 -1
- data/lib/chef/node/attribute_collections.rb +2 -6
- data/lib/chef/node/mixin/immutablize_hash.rb +2 -0
- data/lib/chef/node_map.rb +2 -2
- data/lib/chef/platform/query_helpers.rb +4 -4
- data/lib/chef/policy_builder/dynamic.rb +2 -0
- data/lib/chef/powershell.rb +10 -4
- data/lib/chef/property.rb +1 -1
- data/lib/chef/provider.rb +1 -1
- data/lib/chef/provider/cron.rb +2 -13
- data/lib/chef/provider/dsc_resource.rb +12 -24
- data/lib/chef/provider/dsc_script.rb +16 -20
- data/lib/chef/provider/file.rb +1 -1
- data/lib/chef/provider/git.rb +5 -5
- data/lib/chef/provider/group.rb +14 -6
- data/lib/chef/provider/group/windows.rb +12 -1
- data/lib/chef/provider/ifconfig.rb +8 -8
- data/lib/chef/provider/ifconfig/debian.rb +38 -22
- data/lib/chef/provider/ifconfig/redhat.rb +54 -18
- data/lib/chef/provider/launchd.rb +1 -11
- data/lib/chef/provider/link.rb +0 -9
- data/lib/chef/provider/mount.rb +18 -1
- data/lib/chef/provider/mount/linux.rb +4 -0
- data/lib/chef/provider/mount/mount.rb +41 -43
- data/lib/chef/provider/package.rb +3 -0
- data/lib/chef/provider/package/apt.rb +1 -1
- data/lib/chef/provider/package/chocolatey.rb +6 -6
- data/lib/chef/provider/package/dpkg.rb +3 -12
- data/lib/chef/provider/package/freebsd/base.rb +3 -2
- data/lib/chef/provider/package/freebsd/pkgng.rb +1 -1
- data/lib/chef/provider/package/homebrew.rb +1 -1
- data/lib/chef/provider/package/ips.rb +1 -1
- data/lib/chef/provider/package/powershell.rb +2 -3
- data/lib/chef/provider/package/rubygems.rb +1 -1
- data/lib/chef/provider/package/snap.rb +1 -3
- data/lib/chef/provider/package/solaris.rb +0 -2
- data/lib/chef/provider/package/yum/rpm_utils.rb +1 -1
- data/lib/chef/provider/package/zypper.rb +98 -71
- data/lib/chef/provider/powershell_script.rb +12 -1
- data/lib/chef/provider/registry_key.rb +4 -3
- data/lib/chef/provider/route.rb +2 -2
- data/lib/chef/provider/service/debian.rb +2 -1
- data/lib/chef/provider/service/redhat.rb +1 -1
- data/lib/chef/provider/user.rb +17 -9
- data/lib/chef/provider/user/aix.rb +1 -1
- data/lib/chef/provider/user/dscl.rb +2 -2
- data/lib/chef/provider/user/mac.rb +14 -6
- data/lib/chef/provider/user/solaris.rb +1 -1
- data/lib/chef/provider/user/windows.rb +10 -3
- data/lib/chef/providers.rb +0 -3
- data/lib/chef/pwsh.rb +71 -0
- data/lib/chef/resource.rb +1 -1
- data/lib/chef/resource/apt_repository.rb +6 -5
- data/lib/chef/resource/bash.rb +119 -1
- data/lib/chef/resource/batch.rb +1 -1
- data/lib/chef/resource/breakpoint.rb +3 -1
- data/lib/chef/resource/build_essential.rb +5 -8
- data/lib/chef/resource/chef_client_config.rb +313 -0
- data/lib/chef/resource/chef_client_cron.rb +5 -5
- data/lib/chef/resource/chef_client_scheduled_task.rb +4 -4
- data/lib/chef/resource/chef_client_systemd_timer.rb +5 -5
- data/lib/chef/resource/chef_handler.rb +1 -0
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/cron/_cron_shared.rb +1 -0
- data/lib/chef/resource/cron/cron_d.rb +2 -2
- data/lib/chef/resource/csh.rb +2 -2
- data/lib/chef/resource/dsc_script.rb +8 -1
- data/lib/chef/resource/execute.rb +6 -4
- data/lib/chef/resource/file.rb +2 -2
- data/lib/chef/resource/homebrew_update.rb +4 -1
- data/lib/chef/resource/hostname.rb +5 -5
- data/lib/chef/resource/ifconfig.rb +52 -5
- data/lib/chef/resource/kernel_module.rb +1 -1
- data/lib/chef/resource/ksh.rb +3 -3
- data/lib/chef/resource/launchd.rb +15 -15
- data/lib/chef/resource/lwrp_base.rb +3 -5
- data/lib/chef/resource/mount.rb +8 -2
- data/lib/chef/resource/perl.rb +2 -2
- data/lib/chef/resource/plist.rb +2 -6
- data/lib/chef/resource/powershell_package_source.rb +19 -18
- data/lib/chef/resource/powershell_script.rb +14 -11
- data/lib/chef/resource/python.rb +2 -2
- data/lib/chef/resource/registry_key.rb +93 -2
- data/lib/chef/resource/route.rb +1 -1
- data/lib/chef/resource/ruby.rb +2 -2
- data/lib/chef/resource/scm/_scm.rb +2 -1
- data/lib/chef/resource/scm/git.rb +82 -1
- data/lib/chef/resource/scm/subversion.rb +12 -0
- data/lib/chef/resource/script.rb +2 -2
- data/lib/chef/resource/solaris_package.rb +0 -2
- data/lib/chef/resource/sudo.rb +1 -1
- data/lib/chef/resource/support/client.erb +64 -0
- data/lib/chef/resource/systemd_unit.rb +42 -1
- data/lib/chef/resource/template.rb +2 -2
- data/lib/chef/resource/windows_ad_join.rb +9 -9
- data/lib/chef/resource/windows_audit_policy.rb +26 -24
- data/lib/chef/resource/windows_certificate.rb +13 -7
- data/lib/chef/resource/windows_dfs_server.rb +7 -4
- data/lib/chef/resource/windows_env.rb +173 -0
- data/lib/chef/resource/windows_feature.rb +2 -0
- data/lib/chef/resource/windows_firewall_profile.rb +7 -12
- data/lib/chef/resource/windows_firewall_rule.rb +9 -11
- data/lib/chef/resource/windows_font.rb +1 -1
- data/lib/chef/resource/windows_package.rb +1 -0
- data/lib/chef/resource/windows_path.rb +38 -0
- data/lib/chef/resource/windows_security_policy.rb +5 -5
- data/lib/chef/resource/windows_service.rb +108 -0
- data/lib/chef/resource/windows_share.rb +18 -18
- data/lib/chef/resource/windows_task.rb +629 -28
- data/lib/chef/resource/windows_workgroup.rb +6 -4
- data/lib/chef/resource/yum_repository.rb +1 -1
- data/lib/chef/resource_collection/resource_set.rb +2 -6
- data/lib/chef/resource_inspector.rb +77 -75
- data/lib/chef/resource_reporter.rb +0 -2
- data/lib/chef/resources.rb +1 -0
- data/lib/chef/run_lock.rb +2 -2
- data/lib/chef/search/query.rb +3 -1
- data/lib/chef/server_api.rb +0 -4
- data/lib/chef/shell/ext.rb +1 -1
- data/lib/chef/util/backup.rb +1 -1
- data/lib/chef/util/dsc/configuration_generator.rb +52 -11
- data/lib/chef/util/dsc/lcm_output_parser.rb +4 -7
- data/lib/chef/util/dsc/local_configuration_manager.rb +18 -15
- data/lib/chef/util/dsc/resource_store.rb +5 -11
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api/file.rb +4 -0
- data/lib/chef/win32/file.rb +1 -1
- data/lib/chef/win32/security/sid.rb +1 -1
- data/lib/chef/win32/unicode.rb +1 -1
- data/spec/functional/mixin/powershell_out_spec.rb +11 -3
- data/spec/functional/resource/apt_package_spec.rb +4 -6
- data/spec/functional/resource/chocolatey_package_spec.rb +3 -3
- data/spec/functional/resource/cron_spec.rb +3 -3
- data/spec/functional/resource/dsc_script_spec.rb +6 -9
- data/spec/functional/resource/mount_spec.rb +10 -2
- data/spec/functional/resource/powershell_package_source_spec.rb +107 -0
- data/spec/functional/resource/powershell_script_spec.rb +57 -14
- data/spec/functional/resource/windows_certificate_spec.rb +10 -6
- data/spec/functional/resource/windows_firewall_rule_spec.rb +93 -0
- data/spec/functional/resource/windows_package_spec.rb +36 -10
- data/spec/functional/resource/windows_share_spec.rb +103 -0
- data/spec/functional/resource/windows_task_spec.rb +2 -3
- data/spec/functional/resource/zypper_package_spec.rb +11 -0
- data/spec/integration/client/client_spec.rb +2 -1
- data/spec/integration/compliance/compliance_spec.rb +81 -0
- data/spec/integration/knife/client_key_create_spec.rb +1 -1
- data/spec/integration/knife/node_create_spec.rb +1 -1
- data/spec/integration/knife/node_environment_set_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_add_spec.rb +4 -4
- data/spec/integration/knife/node_run_list_remove_spec.rb +1 -1
- data/spec/integration/knife/node_run_list_set_spec.rb +1 -1
- data/spec/integration/knife/node_show_spec.rb +1 -1
- data/spec/integration/recipes/notifies_spec.rb +1 -1
- data/spec/integration/recipes/provider_choice.rb +2 -2
- data/spec/integration/recipes/recipe_dsl_spec.rb +1 -0
- data/spec/spec_helper.rb +3 -4
- data/spec/support/lib/chef/resource/cat.rb +1 -1
- data/spec/support/lib/chef/resource/one_two_three_four.rb +1 -1
- data/spec/support/mock/platform.rb +24 -16
- data/spec/support/platform_helpers.rb +11 -4
- data/spec/support/shared/unit/knife_shared.rb +1 -1
- data/spec/support/shared/unit/script_resource.rb +4 -4
- data/spec/support/shared/unit/windows_script_resource.rb +1 -1
- data/spec/unit/chef_fs/config_spec.rb +1 -1
- data/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb +1 -1
- data/spec/unit/client_spec.rb +17 -0
- data/spec/unit/compliance/fetcher/automate_spec.rb +134 -0
- data/spec/unit/compliance/fetcher/chef_server_spec.rb +93 -0
- data/spec/unit/compliance/reporter/automate_spec.rb +427 -0
- data/spec/unit/compliance/reporter/chef_server_automate_spec.rb +177 -0
- data/spec/unit/compliance/reporter/compliance_enforcer_spec.rb +48 -0
- data/spec/unit/compliance/runner_spec.rb +140 -0
- data/spec/unit/data_collector_spec.rb +0 -4
- data/spec/unit/guard_interpreter/resource_guard_interpreter_spec.rb +11 -11
- data/spec/unit/http/ssl_policies_spec.rb +11 -0
- data/spec/unit/knife/client_create_spec.rb +2 -2
- data/spec/unit/knife/configure_client_spec.rb +5 -5
- data/spec/unit/knife/configure_spec.rb +3 -3
- data/spec/unit/knife/cookbook_delete_spec.rb +2 -2
- data/spec/unit/knife/cookbook_download_spec.rb +2 -2
- data/spec/unit/knife/cookbook_list_spec.rb +2 -2
- data/spec/unit/knife/cookbook_metadata_spec.rb +3 -3
- data/spec/unit/knife/core/node_editor_spec.rb +1 -1
- data/spec/unit/knife/environment_compare_spec.rb +3 -3
- data/spec/unit/knife/supermarket_download_spec.rb +8 -8
- data/spec/unit/knife/supermarket_list_spec.rb +3 -3
- data/spec/unit/knife/supermarket_search_spec.rb +1 -1
- data/spec/unit/knife/tag_create_spec.rb +1 -1
- data/spec/unit/knife/tag_delete_spec.rb +1 -1
- data/spec/unit/knife/user_create_spec.rb +1 -1
- data/spec/unit/mixin/powershell_exec_spec.rb +41 -4
- data/spec/unit/mixin/powershell_out_spec.rb +14 -0
- data/spec/unit/mixin/which.rb +1 -1
- data/spec/unit/platform/query_helpers_spec.rb +11 -12
- data/spec/unit/provider/dsc_resource_spec.rb +10 -27
- data/spec/unit/provider/dsc_script_spec.rb +1 -1
- data/spec/unit/provider/group/windows_spec.rb +6 -0
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/mount/linux_spec.rb +10 -0
- data/spec/unit/provider/mount/mount_spec.rb +21 -10
- data/spec/unit/provider/mount/solaris_spec.rb +1 -1
- data/spec/unit/provider/mount/windows_spec.rb +1 -0
- data/spec/unit/provider/mount_spec.rb +31 -0
- data/spec/unit/provider/package/chocolatey_spec.rb +1 -2
- data/spec/unit/provider/package/powershell_spec.rb +87 -95
- data/spec/unit/provider/package/zypper_spec.rb +0 -25
- data/spec/unit/provider/package_spec.rb +2 -2
- data/spec/unit/provider/powershell_script_spec.rb +11 -0
- data/spec/unit/provider/subversion_spec.rb +0 -3
- data/spec/unit/provider/systemd_unit_spec.rb +1 -1
- data/spec/unit/provider/user_spec.rb +7 -1
- data/spec/unit/provider/windows_env_spec.rb +18 -34
- data/spec/unit/provider/windows_path_spec.rb +6 -11
- data/spec/unit/provider/windows_task_spec.rb +7 -6
- data/spec/unit/resource/breakpoint_spec.rb +1 -1
- data/spec/unit/resource/build_essential_spec.rb +0 -12
- data/spec/unit/resource/chef_client_config_spec.rb +137 -0
- data/spec/unit/resource/ifconfig_spec.rb +2 -10
- data/spec/unit/resource/mount_spec.rb +18 -5
- data/spec/unit/resource/powershell_package_source_spec.rb +20 -20
- data/spec/unit/resource/powershell_script_spec.rb +4 -74
- data/spec/unit/resource/service_spec.rb +2 -2
- data/spec/unit/resource/solaris_package_spec.rb +8 -10
- data/spec/unit/resource/windows_certificate_spec.rb +12 -0
- data/spec/unit/resource_inspector_spec.rb +3 -3
- data/spec/unit/shell_spec.rb +2 -2
- data/spec/unit/util/dsc/configuration_generator_spec.rb +79 -0
- data/spec/unit/util/dsc/local_configuration_manager_spec.rb +27 -35
- data/tasks/rspec.rb +1 -1
- metadata +47 -24
- data/lib/chef/monkey_patches/net_http.rb +0 -22
- data/lib/chef/provider/windows_env.rb +0 -210
- data/lib/chef/provider/windows_path.rb +0 -61
- data/lib/chef/provider/windows_task.rb +0 -631
- data/lib/chef/util/powershell/cmdlet.rb +0 -175
- data/lib/chef/util/powershell/cmdlet_result.rb +0 -61
- data/spec/functional/util/powershell/cmdlet_spec.rb +0 -111
- data/spec/support/mock/constant.rb +0 -52
- data/spec/unit/monkey_patches/uri_spec.rb +0 -34
- data/spec/unit/provider_resolver_spec.rb +0 -885
- data/spec/unit/resource/data/InstallHistory_with_CLT.plist +0 -92
- data/spec/unit/resource/data/InstallHistory_without_CLT.plist +0 -38
- data/spec/unit/util/powershell/cmdlet_spec.rb +0 -106
data/lib/chef/node_map.rb
CHANGED
@@ -225,13 +225,13 @@ class Chef
|
|
225
225
|
|
226
226
|
if attribute == :platform_family
|
227
227
|
# If any blocklist value matches, we don't match
|
228
|
-
return false if blocklist.any? { |v| v[1
|
228
|
+
return false if blocklist.any? { |v| v[1..] == value || platform_family_query_helper?(node, v[1..]) }
|
229
229
|
|
230
230
|
# If the allowlist is empty, or anything matches, we match.
|
231
231
|
allowlist.empty? || allowlist.any? { |v| v == :all || v == value || platform_family_query_helper?(node, v) }
|
232
232
|
else
|
233
233
|
# If any blocklist value matches, we don't match
|
234
|
-
return false if blocklist.any? { |v| v[1
|
234
|
+
return false if blocklist.any? { |v| v[1..] == value }
|
235
235
|
|
236
236
|
# If the allowlist is empty, or anything matches, we match.
|
237
237
|
allowlist.empty? || allowlist.any? { |v| v == :all || v == value }
|
@@ -58,10 +58,10 @@ class Chef
|
|
58
58
|
end
|
59
59
|
|
60
60
|
def dsc_refresh_mode_disabled?(node)
|
61
|
-
require_relative "../
|
62
|
-
|
63
|
-
|
64
|
-
|
61
|
+
require_relative "../powershell"
|
62
|
+
exec = Chef::PowerShell.new("Get-DscLocalConfigurationManager")
|
63
|
+
exec.error!
|
64
|
+
exec.result["RefreshMode"] == "Disabled"
|
65
65
|
end
|
66
66
|
|
67
67
|
def supported_powershell_version?(node, version_string)
|
data/lib/chef/powershell.rb
CHANGED
@@ -24,6 +24,7 @@ class Chef
|
|
24
24
|
|
25
25
|
attr_reader :result
|
26
26
|
attr_reader :errors
|
27
|
+
attr_reader :verbose
|
27
28
|
|
28
29
|
# Run a command under PowerShell via FFI
|
29
30
|
# This implementation requires the managed dll and native wrapper to be in the library search
|
@@ -34,8 +35,12 @@ class Chef
|
|
34
35
|
# @param script [String] script to run
|
35
36
|
# @return [Object] output
|
36
37
|
def initialize(script)
|
37
|
-
|
38
|
-
|
38
|
+
# This Powershell DLL source lives here: https://github.com/chef/chef-powershell-shim
|
39
|
+
# Every merge into that repo triggers a Habitat build and promotion. Running
|
40
|
+
# the rake :update_chef_exec_dll task in this (chef/chef) repo will pull down
|
41
|
+
# the built packages and copy the binaries to distro/ruby_bin_folder. Bundle install
|
42
|
+
# ensures that the correct architecture binaries are installed into the path.
|
43
|
+
@dll ||= "Chef.PowerShell.Wrapper.dll"
|
39
44
|
exec(script)
|
40
45
|
end
|
41
46
|
|
@@ -59,15 +64,16 @@ class Chef
|
|
59
64
|
raise Chef::PowerShell::CommandFailed, "Unexpected exit in PowerShell command: #{@errors}" if error?
|
60
65
|
end
|
61
66
|
|
62
|
-
|
67
|
+
protected
|
63
68
|
|
64
69
|
def exec(script)
|
65
|
-
FFI.ffi_lib
|
70
|
+
FFI.ffi_lib @dll
|
66
71
|
FFI.attach_function :execute_powershell, :ExecuteScript, [:string], :pointer
|
67
72
|
execution = FFI.execute_powershell(script).read_utf16string
|
68
73
|
hashed_outcome = Chef::JSONCompat.parse(execution)
|
69
74
|
@result = Chef::JSONCompat.parse(hashed_outcome["result"])
|
70
75
|
@errors = hashed_outcome["errors"]
|
76
|
+
@verbose = hashed_outcome["verbose"]
|
71
77
|
end
|
72
78
|
end
|
73
79
|
end
|
data/lib/chef/property.rb
CHANGED
@@ -559,7 +559,7 @@ class Chef
|
|
559
559
|
if modified_options.key?(:name_property) ||
|
560
560
|
modified_options.key?(:name_attribute) ||
|
561
561
|
modified_options.key?(:default)
|
562
|
-
options = options.reject { |k, v|
|
562
|
+
options = options.reject { |k, v| %i{name_attribute name_property default}.include?(k) }
|
563
563
|
end
|
564
564
|
self.class.new(**options.merge(modified_options))
|
565
565
|
end
|
data/lib/chef/provider.rb
CHANGED
@@ -88,7 +88,7 @@ class Chef
|
|
88
88
|
def self.use(partial)
|
89
89
|
dirname = ::File.dirname(partial)
|
90
90
|
basename = ::File.basename(partial, ".rb")
|
91
|
-
basename = basename[1
|
91
|
+
basename = basename[1..] if basename.start_with?("_")
|
92
92
|
class_eval IO.read(::File.expand_path("#{dirname}/_#{basename}.rb", ::File.dirname(caller_locations.first.absolute_path)))
|
93
93
|
end
|
94
94
|
|
data/lib/chef/provider/cron.rb
CHANGED
@@ -112,13 +112,7 @@ class Chef
|
|
112
112
|
when ENV_PATTERN
|
113
113
|
crontab << line unless cron_found
|
114
114
|
next
|
115
|
-
when SPECIAL_PATTERN
|
116
|
-
if cron_found
|
117
|
-
cron_found = false
|
118
|
-
crontab << newcron
|
119
|
-
next
|
120
|
-
end
|
121
|
-
when CRON_PATTERN
|
115
|
+
when SPECIAL_PATTERN, CRON_PATTERN
|
122
116
|
if cron_found
|
123
117
|
cron_found = false
|
124
118
|
crontab << newcron
|
@@ -163,12 +157,7 @@ class Chef
|
|
163
157
|
next
|
164
158
|
when ENV_PATTERN
|
165
159
|
next if cron_found
|
166
|
-
when SPECIAL_PATTERN
|
167
|
-
if cron_found
|
168
|
-
cron_found = false
|
169
|
-
next
|
170
|
-
end
|
171
|
-
when CRON_PATTERN
|
160
|
+
when SPECIAL_PATTERN, CRON_PATTERN
|
172
161
|
if cron_found
|
173
162
|
cron_found = false
|
174
163
|
next
|
@@ -15,7 +15,8 @@
|
|
15
15
|
# See the License for the specific language governing permissions and
|
16
16
|
# limitations under the License.
|
17
17
|
#
|
18
|
-
|
18
|
+
require "timeout" unless defined?(Timeout)
|
19
|
+
require_relative "../mixin/powershell_exec"
|
19
20
|
require_relative "../util/dsc/local_configuration_manager"
|
20
21
|
require_relative "../mixin/powershell_type_coercions"
|
21
22
|
require_relative "../util/dsc/resource_store"
|
@@ -130,27 +131,27 @@ class Chef
|
|
130
131
|
def test_resource
|
131
132
|
result = invoke_resource(:test)
|
132
133
|
add_dsc_verbose_log(result)
|
133
|
-
|
134
|
+
result.result["InDesiredState"]
|
134
135
|
end
|
135
136
|
|
136
137
|
def set_resource
|
137
138
|
result = invoke_resource(:set)
|
138
139
|
add_dsc_verbose_log(result)
|
139
|
-
create_reboot_resource if
|
140
|
-
result
|
140
|
+
create_reboot_resource if result.result["RebootRequired"]
|
141
|
+
result
|
141
142
|
end
|
142
143
|
|
143
144
|
def add_dsc_verbose_log(result)
|
144
145
|
# We really want this information from the verbose stream,
|
145
146
|
# however in some versions of WMF, Invoke-DscResource is not correctly
|
146
147
|
# writing to that stream and instead just dumping to stdout
|
147
|
-
verbose_output = result.
|
148
|
-
verbose_output = result.
|
148
|
+
verbose_output = result.verbose.join("\n")
|
149
|
+
verbose_output = result.result if verbose_output.empty?
|
149
150
|
|
150
151
|
if @converge_description.nil? || @converge_description.empty?
|
151
152
|
@converge_description = verbose_output
|
152
153
|
else
|
153
|
-
@converge_description << "\n"
|
154
|
+
@converge_description << "\n\n"
|
154
155
|
@converge_description << verbose_output
|
155
156
|
end
|
156
157
|
end
|
@@ -159,26 +160,13 @@ class Chef
|
|
159
160
|
@module_version.nil? ? module_name : "@{ModuleName='#{module_name}';ModuleVersion='#{@module_version}'}"
|
160
161
|
end
|
161
162
|
|
162
|
-
def invoke_resource(method
|
163
|
+
def invoke_resource(method)
|
163
164
|
properties = translate_type(new_resource.properties)
|
164
165
|
switches = "-Method #{method} -Name #{new_resource.resource}"\
|
165
166
|
" -Property #{properties} -Module #{module_info_object} -Verbose"
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
output_format
|
170
|
-
)
|
171
|
-
cmdlet.run!({}, { timeout: new_resource.timeout })
|
172
|
-
end
|
173
|
-
|
174
|
-
def return_dsc_resource_result(result, property_name)
|
175
|
-
if result.return_value.is_a?(Array)
|
176
|
-
# WMF Feb 2015 Preview
|
177
|
-
result.return_value[0][property_name]
|
178
|
-
else
|
179
|
-
# WMF April 2015 Preview
|
180
|
-
result.return_value[property_name]
|
181
|
-
end
|
167
|
+
Timeout.timeout(new_resource.timeout) {
|
168
|
+
powershell_exec!("Invoke-DscResource #{switches}")
|
169
|
+
}
|
182
170
|
end
|
183
171
|
|
184
172
|
def create_reboot_resource
|
@@ -16,7 +16,6 @@
|
|
16
16
|
# limitations under the License.
|
17
17
|
#
|
18
18
|
|
19
|
-
require_relative "../util/powershell/cmdlet"
|
20
19
|
require_relative "../util/dsc/configuration_generator"
|
21
20
|
require_relative "../util/dsc/local_configuration_manager"
|
22
21
|
require_relative "../util/path_helper"
|
@@ -32,11 +31,11 @@ class Chef
|
|
32
31
|
@dsc_resource = dsc_resource
|
33
32
|
@resource_converged = false
|
34
33
|
@operations = {
|
35
|
-
set: Proc.new do |config_manager, document
|
36
|
-
config_manager.set_configuration(document
|
34
|
+
set: Proc.new do |config_manager, document|
|
35
|
+
config_manager.set_configuration(document)
|
37
36
|
end,
|
38
|
-
test: Proc.new do |config_manager, document
|
39
|
-
config_manager.test_configuration(document
|
37
|
+
test: Proc.new do |config_manager, document|
|
38
|
+
config_manager.test_configuration(document)
|
40
39
|
end }
|
41
40
|
end
|
42
41
|
|
@@ -85,20 +84,23 @@ class Chef
|
|
85
84
|
|
86
85
|
config_manager = Chef::Util::DSC::LocalConfigurationManager.new(@run_context.node, config_directory)
|
87
86
|
|
88
|
-
|
89
|
-
|
90
|
-
environment: @dsc_resource.environment,
|
91
|
-
timeout: @dsc_resource.timeout,
|
92
|
-
}
|
87
|
+
cwd = @dsc_resource.cwd || Dir.pwd
|
88
|
+
original_env = ENV.to_hash
|
93
89
|
|
94
90
|
begin
|
95
|
-
|
96
|
-
|
91
|
+
ENV.update(@dsc_resource.environment) if @dsc_resource.environment
|
92
|
+
Dir.chdir(cwd) do
|
93
|
+
Timeout.timeout(@dsc_resource.timeout) do
|
94
|
+
configuration_document = generate_configuration_document(config_directory, configuration_flags)
|
95
|
+
@operations[operation].call(config_manager, configuration_document)
|
96
|
+
end
|
97
|
+
end
|
97
98
|
rescue Exception => e
|
98
99
|
logger.error("DSC operation failed: #{e.message}")
|
99
100
|
raise e
|
100
101
|
ensure
|
101
102
|
::FileUtils.rm_rf(config_directory)
|
103
|
+
ENV.replace(original_env)
|
102
104
|
end
|
103
105
|
end
|
104
106
|
|
@@ -112,20 +114,14 @@ class Chef
|
|
112
114
|
end
|
113
115
|
|
114
116
|
def generate_configuration_document(config_directory, configuration_flags)
|
115
|
-
shellout_flags = {
|
116
|
-
cwd: @dsc_resource.cwd,
|
117
|
-
environment: @dsc_resource.environment,
|
118
|
-
timeout: @dsc_resource.timeout,
|
119
|
-
}
|
120
|
-
|
121
117
|
generator = Chef::Util::DSC::ConfigurationGenerator.new(@run_context.node, config_directory)
|
122
118
|
|
123
119
|
if @dsc_resource.command
|
124
|
-
generator.configuration_document_from_script_path(@dsc_resource.command, configuration_name, configuration_flags
|
120
|
+
generator.configuration_document_from_script_path(@dsc_resource.command, configuration_name, configuration_flags)
|
125
121
|
else
|
126
122
|
# If code is also not provided, we mimic what the other script resources do (execute nothing)
|
127
123
|
logger.warn("Neither code or command were provided for dsc_resource[#{@dsc_resource.name}].") unless @dsc_resource.code
|
128
|
-
generator.configuration_document_from_script_code(@dsc_resource.code || "", configuration_flags, @dsc_resource.imports
|
124
|
+
generator.configuration_document_from_script_code(@dsc_resource.code || "", configuration_flags, @dsc_resource.imports)
|
129
125
|
end
|
130
126
|
end
|
131
127
|
|
data/lib/chef/provider/file.rb
CHANGED
@@ -31,7 +31,7 @@ require_relative "../util/backup"
|
|
31
31
|
require_relative "../util/diff"
|
32
32
|
require_relative "../util/selinux"
|
33
33
|
require_relative "../file_content_management/deploy"
|
34
|
-
require "chef-utils" unless defined?(ChefUtils)
|
34
|
+
require "chef-utils" unless defined?(ChefUtils::CANARY)
|
35
35
|
|
36
36
|
# The Tao of File Providers:
|
37
37
|
# - the content provider must always return a tempfile that we can delete/mv
|
data/lib/chef/provider/git.rb
CHANGED
@@ -68,9 +68,9 @@ class Chef
|
|
68
68
|
a.assertion { !(new_resource.revision =~ %r{^origin/}) }
|
69
69
|
a.failure_message Chef::Exceptions::InvalidRemoteGitReference,
|
70
70
|
"Deploying remote branches is not supported. " +
|
71
|
-
|
72
|
-
|
73
|
-
|
71
|
+
"Specify the remote branch as a local branch for " +
|
72
|
+
"the git repository you're deploying from " +
|
73
|
+
"(ie: '#{new_resource.revision.gsub("origin/", "")}' rather than '#{new_resource.revision}')."
|
74
74
|
end
|
75
75
|
|
76
76
|
requirements.assert(:all_actions) do |a|
|
@@ -80,8 +80,8 @@ class Chef
|
|
80
80
|
a.assertion { !target_revision.nil? }
|
81
81
|
a.failure_message Chef::Exceptions::UnresolvableGitReference,
|
82
82
|
"Unable to parse SHA reference for '#{new_resource.revision}' in repository '#{new_resource.repository}'. " +
|
83
|
-
|
84
|
-
|
83
|
+
"Verify your (case-sensitive) repository URL and revision.\n" +
|
84
|
+
"`git ls-remote '#{new_resource.repository}' '#{rev_search_pattern}'` output: #{@resolved_reference}"
|
85
85
|
end
|
86
86
|
end
|
87
87
|
|
data/lib/chef/provider/group.rb
CHANGED
@@ -78,7 +78,7 @@ class Chef
|
|
78
78
|
# <false>:: If a change is not required
|
79
79
|
def compare_group
|
80
80
|
@change_desc = [ ]
|
81
|
-
|
81
|
+
unless group_gid_match?
|
82
82
|
@change_desc << "change gid #{current_resource.gid} to #{new_resource.gid}"
|
83
83
|
end
|
84
84
|
|
@@ -103,13 +103,21 @@ class Chef
|
|
103
103
|
unless members_to_be_removed.empty?
|
104
104
|
@change_desc << "remove existing member(s): #{members_to_be_removed.join(", ")}"
|
105
105
|
end
|
106
|
-
elsif
|
107
|
-
@change_desc << "replace group members with new list of members"
|
106
|
+
elsif !group_members_match?
|
107
|
+
@change_desc << "replace group members with new list of members: #{new_resource.members.join(", ")}"
|
108
108
|
end
|
109
109
|
|
110
110
|
!@change_desc.empty?
|
111
111
|
end
|
112
112
|
|
113
|
+
def group_gid_match?
|
114
|
+
new_resource.gid.to_s == current_resource.gid.to_s
|
115
|
+
end
|
116
|
+
|
117
|
+
def group_members_match?
|
118
|
+
[new_resource.members].flatten.sort == [current_resource.members].flatten.sort
|
119
|
+
end
|
120
|
+
|
113
121
|
def has_current_group_member?(member)
|
114
122
|
current_resource.members.include?(member)
|
115
123
|
end
|
@@ -131,7 +139,7 @@ class Chef
|
|
131
139
|
if compare_group
|
132
140
|
converge_by(["alter group #{new_resource.group_name}"] + change_desc) do
|
133
141
|
manage_group
|
134
|
-
logger.info("#{new_resource} altered")
|
142
|
+
logger.info("#{new_resource} altered: #{change_desc.join(", ")}")
|
135
143
|
end
|
136
144
|
end
|
137
145
|
end
|
@@ -151,7 +159,7 @@ class Chef
|
|
151
159
|
|
152
160
|
converge_by(["manage group #{new_resource.group_name}"] + change_desc) do
|
153
161
|
manage_group
|
154
|
-
logger.info("#{new_resource} managed")
|
162
|
+
logger.info("#{new_resource} managed: #{change_desc.join(", ")}")
|
155
163
|
end
|
156
164
|
end
|
157
165
|
|
@@ -160,7 +168,7 @@ class Chef
|
|
160
168
|
|
161
169
|
converge_by(["modify group #{new_resource.group_name}"] + change_desc) do
|
162
170
|
manage_group
|
163
|
-
logger.info("#{new_resource} modified")
|
171
|
+
logger.info("#{new_resource} modified: #{change_desc.join(", ")}")
|
164
172
|
end
|
165
173
|
end
|
166
174
|
|
@@ -33,6 +33,17 @@ class Chef
|
|
33
33
|
@net_group = Chef::Util::Windows::NetGroup.new(new_resource.group_name)
|
34
34
|
end
|
35
35
|
|
36
|
+
def group_members_match?
|
37
|
+
sorted_members_sids = new_resource.members.map { |x| lookup_account_name(x) }.sort
|
38
|
+
sorted_current_sids = current_resource.members.sort
|
39
|
+
Chef::Log.debug("#{new_resource.name}: current_members: #{sorted_current_sids} vs new_members #{sorted_members_sids}")
|
40
|
+
sorted_members_sids == sorted_current_sids
|
41
|
+
end
|
42
|
+
|
43
|
+
def group_gid_match?
|
44
|
+
true
|
45
|
+
end
|
46
|
+
|
36
47
|
def load_current_resource
|
37
48
|
@current_resource = Chef::Resource::Group.new(new_resource.name)
|
38
49
|
current_resource.group_name(new_resource.group_name)
|
@@ -74,7 +85,7 @@ class Chef
|
|
74
85
|
members_to_be_removed << member if has_current_group_member?(member)
|
75
86
|
end
|
76
87
|
@net_group.local_delete_members(members_to_be_removed) unless members_to_be_removed.empty?
|
77
|
-
|
88
|
+
elsif !group_members_match?
|
78
89
|
@net_group.local_set_members(new_resource.members)
|
79
90
|
end
|
80
91
|
@net_group.local_group_set_info(new_resource.comment) if new_resource.comment
|
@@ -126,18 +126,18 @@ class Chef
|
|
126
126
|
elsif line.match(addr_regex)[3] == ""
|
127
127
|
@int_name = line.match(addr_regex)[1]
|
128
128
|
@interfaces[@int_name] = {}
|
129
|
-
@interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
129
|
+
@interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("mtu") && @interfaces[@int_name]["mtu"].nil?
|
130
130
|
else
|
131
131
|
@int_name = "#{line.match(addr_regex)[1]}:#{line.match(addr_regex)[3]}"
|
132
132
|
@interfaces[@int_name] = {}
|
133
|
-
@interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
133
|
+
@interfaces[@int_name]["mtu"] = (line =~ /mtu (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("mtu") && @interfaces[@int_name]["mtu"].nil?
|
134
134
|
end
|
135
135
|
else
|
136
|
-
@interfaces[@int_name]["inet_addr"] = (line =~ /inet (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
137
|
-
@interfaces[@int_name]["bcast"] = (line =~ /broadcast (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
138
|
-
@interfaces[@int_name]["mask"] = (line =~ /netmask (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
139
|
-
@interfaces[@int_name]["hwaddr"] = (line =~ /ether (\S+)/ ? Regexp.last_match(1) : "nil") if line
|
140
|
-
@interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line
|
136
|
+
@interfaces[@int_name]["inet_addr"] = (line =~ /inet (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("inet") && @interfaces[@int_name]["inet_addr"].nil?
|
137
|
+
@interfaces[@int_name]["bcast"] = (line =~ /broadcast (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("broadcast") && @interfaces[@int_name]["bcast"].nil?
|
138
|
+
@interfaces[@int_name]["mask"] = (line =~ /netmask (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("netmask") && @interfaces[@int_name]["mask"].nil?
|
139
|
+
@interfaces[@int_name]["hwaddr"] = (line =~ /ether (\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("ether") && @interfaces[@int_name]["hwaddr"].nil?
|
140
|
+
@interfaces[@int_name]["metric"] = (line =~ /Metric:(\S+)/ ? Regexp.last_match(1) : "nil") if line.include?("Metric:") && @interfaces[@int_name]["metric"].nil?
|
141
141
|
end
|
142
142
|
|
143
143
|
next unless @interfaces.key?(new_resource.device)
|
@@ -236,7 +236,7 @@ class Chef
|
|
236
236
|
return unless can_generate_config?
|
237
237
|
|
238
238
|
b = binding
|
239
|
-
template = ::ERB.new(@config_template)
|
239
|
+
template = ::ERB.new(@config_template, nil, "-")
|
240
240
|
config = resource_for_config(@config_path)
|
241
241
|
config.content(template.result(b))
|
242
242
|
config.run_action(:create)
|
@@ -23,8 +23,7 @@ class Chef
|
|
23
23
|
class Provider
|
24
24
|
class Ifconfig
|
25
25
|
class Debian < Chef::Provider::Ifconfig
|
26
|
-
provides :ifconfig,
|
27
|
-
provides :ifconfig, platform: %w{debian}, platform_version: ">= 7.0"
|
26
|
+
provides :ifconfig, platform_family: %w{debian}
|
28
27
|
|
29
28
|
INTERFACES_FILE = "/etc/network/interfaces".freeze
|
30
29
|
INTERFACES_DOT_D_DIR = "/etc/network/interfaces.d".freeze
|
@@ -32,25 +31,43 @@ class Chef
|
|
32
31
|
def initialize(new_resource, run_context)
|
33
32
|
super(new_resource, run_context)
|
34
33
|
@config_template = %{
|
35
|
-
<% if new_resource.device
|
36
|
-
<% if new_resource.onboot == "yes"
|
34
|
+
<% if new_resource.device -%>
|
35
|
+
<% if new_resource.onboot == "yes" -%>
|
36
|
+
auto <%= new_resource.device %>
|
37
|
+
<% end -%>
|
37
38
|
<% case new_resource.bootproto
|
38
|
-
when "dhcp"
|
39
|
+
when "dhcp" -%>
|
39
40
|
iface <%= new_resource.device %> <%= new_resource.family %> dhcp
|
40
|
-
<% when "bootp"
|
41
|
+
<% when "bootp" -%>
|
41
42
|
iface <%= new_resource.device %> <%= new_resource.family %> bootp
|
42
|
-
<% else
|
43
|
+
<% else -%>
|
43
44
|
iface <%= new_resource.device %> <%= new_resource.family %> static
|
44
|
-
<% if new_resource.target
|
45
|
-
|
46
|
-
<%
|
47
|
-
<% if new_resource.
|
48
|
-
|
49
|
-
<%
|
50
|
-
<% if new_resource.
|
51
|
-
|
52
|
-
<% end
|
53
|
-
<%
|
45
|
+
<% if new_resource.target -%>
|
46
|
+
address <%= new_resource.target %>
|
47
|
+
<% end -%>
|
48
|
+
<% if new_resource.mask -%>
|
49
|
+
netmask <%= new_resource.mask %>
|
50
|
+
<% end -%>
|
51
|
+
<% if new_resource.network -%>
|
52
|
+
network <%= new_resource.network %>
|
53
|
+
<% end -%>
|
54
|
+
<% if new_resource.bcast -%>
|
55
|
+
broadcast <%= new_resource.bcast %>
|
56
|
+
<% end -%>
|
57
|
+
<% if new_resource.metric -%>
|
58
|
+
metric <%= new_resource.metric %>
|
59
|
+
<% end -%>
|
60
|
+
<% if new_resource.hwaddr -%>
|
61
|
+
hwaddress <%= new_resource.hwaddr %>
|
62
|
+
<% end -%>
|
63
|
+
<% if new_resource.mtu -%>
|
64
|
+
mtu <%= new_resource.mtu %>
|
65
|
+
<% end -%>
|
66
|
+
<% if new_resource.gateway -%>
|
67
|
+
gateway <%= new_resource.gateway %>
|
68
|
+
<% end -%>
|
69
|
+
<% end -%>
|
70
|
+
<% end -%>
|
54
71
|
}
|
55
72
|
@config_path = "#{INTERFACES_DOT_D_DIR}/ifcfg-#{new_resource.device}"
|
56
73
|
end
|
@@ -63,13 +80,12 @@ iface <%= new_resource.device %> <%= new_resource.family %> static
|
|
63
80
|
protected
|
64
81
|
|
65
82
|
def enforce_interfaces_dot_d_sanity
|
66
|
-
# on ubuntu 18.04 there's no interfaces file and it uses interfaces.d by default
|
83
|
+
# on ubuntu 18.04+ there's no interfaces file and it uses interfaces.d by default
|
67
84
|
return if ::File.directory?(INTERFACES_DOT_D_DIR) && !::File.exist?(INTERFACES_FILE)
|
68
85
|
|
69
|
-
# create /etc/network/interfaces.d via dir
|
70
|
-
|
71
|
-
|
72
|
-
new_resource.updated_by_last_action(true) if dir.updated_by_last_action?
|
86
|
+
# create /etc/network/interfaces.d via dir if it's missing
|
87
|
+
directory INTERFACES_DOT_D_DIR
|
88
|
+
|
73
89
|
# roll our own file_edit resource, this will not get reported until we have a file_edit resource
|
74
90
|
interfaces_dot_d_for_regexp = INTERFACES_DOT_D_DIR.gsub(/\./, '\.') # escape dots for the regexp
|
75
91
|
regexp = %r{^\s*source\s+#{interfaces_dot_d_for_regexp}/\*\s*$}
|