chef 17.0.242-universal-mingw32 → 17.4.25-universal-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +4 -14
- data/Rakefile +2 -2
- data/chef.gemspec +10 -20
- data/lib/chef/action_collection.rb +6 -26
- data/lib/chef/application/base.rb +15 -0
- data/lib/chef/application.rb +4 -2
- data/lib/chef/chef_fs/file_pattern.rb +2 -2
- data/lib/chef/client.rb +7 -1
- data/lib/chef/compliance/default_attributes.rb +5 -3
- data/lib/chef/compliance/reporter/automate.rb +1 -1
- data/lib/chef/compliance/runner.rb +17 -3
- data/lib/chef/cookbook/cookbook_version_loader.rb +3 -3
- data/lib/chef/cookbook/gem_installer.rb +5 -1
- data/lib/chef/cookbook_version.rb +26 -4
- data/lib/chef/data_collector/run_end_message.rb +1 -1
- data/lib/chef/data_collector.rb +0 -1
- data/lib/chef/deprecated.rb +14 -4
- data/lib/chef/dsl/declare_resource.rb +5 -10
- data/lib/chef/dsl/render_helpers.rb +44 -0
- data/lib/chef/dsl/secret.rb +64 -0
- data/lib/chef/dsl/toml.rb +116 -0
- data/lib/chef/dsl/universal.rb +5 -0
- data/lib/chef/dsl.rb +1 -0
- data/lib/chef/event_dispatch/base.rb +2 -1
- data/lib/chef/exceptions.rb +23 -0
- data/lib/chef/formatters/doc.rb +2 -1
- data/lib/chef/formatters/error_mapper.rb +2 -2
- data/lib/chef/handler/slow_report.rb +66 -0
- data/lib/chef/handler.rb +46 -8
- data/lib/chef/json_compat.rb +1 -1
- data/lib/chef/node.rb +21 -20
- data/lib/chef/policy_builder/policyfile.rb +88 -45
- data/lib/chef/provider/directory.rb +6 -6
- data/lib/chef/provider/execute.rb +1 -1
- data/lib/chef/provider/file.rb +2 -2
- data/lib/chef/provider/group/dscl.rb +1 -1
- data/lib/chef/provider/launchd.rb +6 -6
- data/lib/chef/provider/link.rb +1 -1
- data/lib/chef/provider/lwrp_base.rb +1 -1
- data/lib/chef/provider/package/dnf/dnf_helper.py +11 -10
- data/lib/chef/provider/package/dnf/python_helper.rb +9 -8
- data/lib/chef/provider/package/habitat.rb +168 -0
- data/lib/chef/provider/package/powershell.rb +5 -0
- data/lib/chef/provider/package/yum/python_helper.rb +15 -10
- data/lib/chef/provider/package/yum/yum_helper.py +46 -62
- data/lib/chef/provider/package/yum.rb +1 -4
- data/lib/chef/provider/registry_key.rb +1 -1
- data/lib/chef/provider/service/systemd.rb +1 -1
- data/lib/chef/provider/subversion.rb +4 -4
- data/lib/chef/provider/support/yum_repo.erb +1 -1
- data/lib/chef/provider/support/zypper_repo.erb +4 -2
- data/lib/chef/provider/systemd_unit.rb +18 -17
- data/lib/chef/provider/template/content.rb +1 -1
- data/lib/chef/provider/user/mac.rb +3 -3
- data/lib/chef/provider/windows_script.rb +1 -1
- data/lib/chef/provider/yum_repository.rb +27 -43
- data/lib/chef/provider/zypper_repository.rb +30 -34
- data/lib/chef/provider.rb +26 -1
- data/lib/chef/provider_resolver.rb +8 -2
- data/lib/chef/providers.rb +1 -0
- data/lib/chef/resource/alternatives.rb +5 -5
- data/lib/chef/resource/apt_preference.rb +2 -2
- data/lib/chef/resource/apt_repository.rb +2 -2
- data/lib/chef/resource/apt_update.rb +4 -4
- data/lib/chef/resource/build_essential.rb +1 -1
- data/lib/chef/resource/chef_client_config.rb +10 -5
- data/lib/chef/resource/chef_client_cron.rb +3 -3
- data/lib/chef/resource/chef_client_launchd.rb +3 -3
- data/lib/chef/resource/chef_client_scheduled_task.rb +15 -15
- data/lib/chef/resource/chef_client_systemd_timer.rb +3 -3
- data/lib/chef/resource/chef_client_trusted_certificate.rb +2 -2
- data/lib/chef/resource/chef_handler.rb +2 -2
- data/lib/chef/resource/chef_sleep.rb +1 -1
- data/lib/chef/resource/chef_vault_secret.rb +2 -2
- data/lib/chef/resource/chocolatey_feature.rb +2 -2
- data/lib/chef/resource/chocolatey_source.rb +1 -1
- data/lib/chef/resource/cron/cron_d.rb +4 -6
- data/lib/chef/resource/cron_access.rb +1 -1
- data/lib/chef/resource/dmg_package.rb +1 -1
- data/lib/chef/resource/dsc_resource.rb +1 -1
- data/lib/chef/resource/execute.rb +5 -5
- data/lib/chef/resource/gem_package.rb +2 -1
- data/lib/chef/resource/group.rb +4 -4
- data/lib/chef/resource/habitat/_habitat_shared.rb +28 -0
- data/lib/chef/resource/habitat/habitat_package.rb +129 -0
- data/lib/chef/resource/habitat/habitat_sup.rb +329 -0
- data/lib/chef/resource/habitat/habitat_sup_systemd.rb +67 -0
- data/lib/chef/resource/habitat/habitat_sup_windows.rb +90 -0
- data/lib/chef/resource/habitat_config.rb +107 -0
- data/lib/chef/resource/habitat_install.rb +247 -0
- data/lib/chef/resource/habitat_service.rb +451 -0
- data/lib/chef/resource/habitat_user_toml.rb +92 -0
- data/lib/chef/resource/homebrew_cask.rb +18 -7
- data/lib/chef/resource/homebrew_package.rb +1 -1
- data/lib/chef/resource/homebrew_tap.rb +4 -3
- data/lib/chef/resource/homebrew_update.rb +2 -2
- data/lib/chef/resource/hostname.rb +49 -7
- data/lib/chef/resource/inspec_waiver_file_entry.rb +156 -0
- data/lib/chef/resource/kernel_module.rb +6 -6
- data/lib/chef/resource/launchd.rb +3 -3
- data/lib/chef/resource/locale.rb +1 -1
- data/lib/chef/resource/lwrp_base.rb +18 -3
- data/lib/chef/resource/macos_userdefaults.rb +2 -2
- data/lib/chef/resource/ohai_hint.rb +2 -6
- data/lib/chef/resource/openbsd_package.rb +17 -0
- data/lib/chef/resource/openssl_dhparam.rb +1 -2
- data/lib/chef/resource/openssl_ec_private_key.rb +1 -3
- data/lib/chef/resource/openssl_ec_public_key.rb +1 -3
- data/lib/chef/resource/openssl_rsa_private_key.rb +1 -3
- data/lib/chef/resource/openssl_rsa_public_key.rb +1 -3
- data/lib/chef/resource/openssl_x509_certificate.rb +1 -4
- data/lib/chef/resource/openssl_x509_crl.rb +1 -3
- data/lib/chef/resource/openssl_x509_request.rb +1 -3
- data/lib/chef/resource/osx_profile.rb +3 -3
- data/lib/chef/resource/plist.rb +1 -1
- data/lib/chef/resource/powershell_package_source.rb +2 -4
- data/lib/chef/resource/reboot.rb +38 -9
- data/lib/chef/resource/remote_directory.rb +2 -2
- data/lib/chef/resource/remote_file.rb +3 -3
- data/lib/chef/resource/rhsm_errata.rb +0 -2
- data/lib/chef/resource/rhsm_errata_level.rb +1 -5
- data/lib/chef/resource/rhsm_repo.rb +15 -0
- data/lib/chef/resource/rhsm_subscription.rb +5 -5
- data/lib/chef/resource/ruby_block.rb +100 -0
- data/lib/chef/resource/scm/subversion.rb +1 -1
- data/lib/chef/resource/ssh_known_hosts_entry.rb +4 -7
- data/lib/chef/resource/sudo.rb +2 -6
- data/lib/chef/resource/support/HabService.dll.config.erb +19 -0
- data/lib/chef/resource/support/client.erb +8 -1
- data/lib/chef/resource/support/sup.toml.erb +179 -0
- data/lib/chef/resource/swap_file.rb +2 -6
- data/lib/chef/resource/sysctl.rb +2 -2
- data/lib/chef/resource/systemd_unit.rb +3 -3
- data/lib/chef/resource/timezone.rb +1 -1
- data/lib/chef/resource/user_ulimit.rb +2 -2
- data/lib/chef/resource/windows_ad_join.rb +2 -2
- data/lib/chef/resource/windows_audit_policy.rb +2 -2
- data/lib/chef/resource/windows_auto_run.rb +2 -2
- data/lib/chef/resource/windows_certificate.rb +1 -1
- data/lib/chef/resource/windows_defender.rb +163 -0
- data/lib/chef/resource/windows_defender_exclusion.rb +125 -0
- data/lib/chef/resource/windows_dfs_folder.rb +2 -2
- data/lib/chef/resource/windows_dfs_namespace.rb +2 -2
- data/lib/chef/resource/windows_dns_record.rb +2 -2
- data/lib/chef/resource/windows_dns_zone.rb +2 -2
- data/lib/chef/resource/windows_env.rb +1 -1
- data/lib/chef/resource/windows_feature.rb +3 -3
- data/lib/chef/resource/windows_feature_dism.rb +3 -5
- data/lib/chef/resource/windows_feature_powershell.rb +3 -3
- data/lib/chef/resource/windows_firewall_profile.rb +2 -2
- data/lib/chef/resource/windows_firewall_rule.rb +20 -6
- data/lib/chef/resource/windows_font.rb +2 -2
- data/lib/chef/resource/windows_pagefile.rb +104 -65
- data/lib/chef/resource/windows_path.rb +4 -4
- data/lib/chef/resource/windows_printer.rb +80 -61
- data/lib/chef/resource/windows_printer_port.rb +48 -65
- data/lib/chef/resource/windows_security_policy.rb +7 -4
- data/lib/chef/resource/windows_share.rb +2 -2
- data/lib/chef/resource/windows_shortcut.rb +1 -1
- data/lib/chef/resource/windows_task.rb +2 -2
- data/lib/chef/resource/windows_uac.rb +3 -5
- data/lib/chef/resource/windows_update_settings.rb +259 -0
- data/lib/chef/resource/windows_user_privilege.rb +2 -2
- data/lib/chef/resource/windows_workgroup.rb +2 -2
- data/lib/chef/resource/yum_package.rb +11 -15
- data/lib/chef/resource/zypper_package.rb +4 -4
- data/lib/chef/resource/zypper_repository.rb +28 -8
- data/lib/chef/resource.rb +20 -25
- data/lib/chef/resource_builder.rb +8 -2
- data/lib/chef/resource_inspector.rb +6 -2
- data/lib/chef/resource_reporter.rb +0 -1
- data/lib/chef/resources.rb +13 -1
- data/lib/chef/run_lock.rb +1 -1
- data/lib/chef/runner.rb +1 -1
- data/lib/chef/secret_fetcher/aws_secrets_manager.rb +65 -0
- data/lib/chef/secret_fetcher/azure_key_vault.rb +78 -0
- data/lib/chef/secret_fetcher/base.rb +76 -0
- data/lib/chef/secret_fetcher/example.rb +46 -0
- data/lib/chef/secret_fetcher.rb +55 -0
- data/lib/chef/shell/ext.rb +3 -3
- data/lib/chef/version.rb +1 -1
- data/lib/chef/win32/api.rb +9 -2
- data/spec/data/knife-home/.chef/plugins/knife/example_home_subcommand.rb +0 -0
- data/spec/data/knife-site-subcommands/plugins/knife/example_subcommand.rb +0 -0
- data/spec/data/knife_subcommand/test_explicit_category.rb +7 -0
- data/spec/data/knife_subcommand/test_name_mapping.rb +4 -0
- data/spec/data/knife_subcommand/test_yourself.rb +21 -0
- data/spec/functional/mixin/from_file_spec.rb +1 -1
- data/spec/functional/resource/dnf_package_spec.rb +857 -537
- data/spec/functional/resource/group_spec.rb +1 -1
- data/spec/functional/resource/link_spec.rb +1 -1
- data/spec/functional/resource/remote_file_spec.rb +1 -1
- data/spec/functional/resource/windows_env_spec.rb +2 -2
- data/spec/functional/resource/windows_hostname_spec.rb +91 -0
- data/spec/functional/resource/windows_pagefile_spec.rb +98 -0
- data/spec/functional/resource/yum_package_spec.rb +495 -428
- data/spec/integration/client/client_spec.rb +0 -20
- data/spec/integration/compliance/compliance_spec.rb +1 -0
- data/spec/integration/recipes/recipe_dsl_spec.rb +1 -1
- data/spec/integration/recipes/resource_action_spec.rb +6 -6
- data/spec/integration/recipes/unified_mode_spec.rb +70 -0
- data/spec/spec_helper.rb +3 -0
- data/spec/support/chef_helpers.rb +1 -1
- data/spec/support/shared/functional/execute_resource.rb +1 -1
- data/spec/support/shared/functional/knife.rb +37 -0
- data/spec/support/shared/integration/knife_support.rb +192 -0
- data/spec/support/shared/unit/knife_shared.rb +39 -0
- data/spec/support/shared/unit/provider/file.rb +3 -9
- data/spec/unit/chef_fs/file_system/repository/directory_spec.rb +1 -1
- data/spec/unit/compliance/runner_spec.rb +46 -2
- data/spec/unit/cookbook_version_spec.rb +52 -0
- data/spec/unit/data_collector_spec.rb +47 -1
- data/spec/unit/dsl/render_helpers_spec.rb +102 -0
- data/spec/unit/dsl/secret_spec.rb +71 -0
- data/spec/unit/handler_spec.rb +8 -2
- data/spec/unit/policy_builder/dynamic_spec.rb +0 -5
- data/spec/unit/policy_builder/policyfile_spec.rb +144 -56
- data/spec/unit/provider/apt_update_spec.rb +3 -1
- data/spec/unit/provider/link_spec.rb +1 -1
- data/spec/unit/provider/mount/aix_spec.rb +1 -1
- data/spec/unit/provider/package/dnf/python_helper_spec.rb +1 -0
- data/spec/unit/provider/package/powershell_spec.rb +74 -12
- data/spec/unit/provider/package/yum/python_helper_spec.rb +1 -0
- data/spec/unit/provider/service/systemd_service_spec.rb +2 -2
- data/spec/unit/provider/systemd_unit_spec.rb +2 -2
- data/spec/unit/provider/zypper_repository_spec.rb +3 -10
- data/spec/unit/provider_spec.rb +23 -0
- data/spec/unit/resource/homebrew_cask_spec.rb +29 -11
- data/spec/unit/resource/inspec_waiver_file_entry_spec.rb +80 -0
- data/spec/unit/resource/rhsm_subscription_spec.rb +50 -3
- data/spec/unit/resource/systemd_unit_spec.rb +1 -1
- data/spec/unit/resource/windows_defender_exclusion_spec.rb +62 -0
- data/spec/unit/resource/windows_defender_spec.rb +71 -0
- data/spec/unit/resource/windows_firewall_rule_spec.rb +12 -7
- data/spec/unit/resource/windows_pagefile_spec.rb +4 -9
- data/spec/unit/resource/windows_update_settings_spec.rb +64 -0
- data/spec/unit/resource/zypper_repository_spec.rb +1 -1
- data/spec/unit/resource_spec.rb +19 -8
- data/spec/unit/secret_fetcher/aws_secrets_manager_spec.rb +70 -0
- data/spec/unit/secret_fetcher/azure_key_vault_spec.rb +70 -0
- data/spec/unit/secret_fetcher_spec.rb +82 -0
- data/tasks/rspec.rb +4 -9
- metadata +65 -161
- data/lib/chef/provider/package/yum/simplejson/LICENSE.txt +0 -79
- data/lib/chef/provider/package/yum/simplejson/__init__.py +0 -318
- data/lib/chef/provider/package/yum/simplejson/__init__.pyc +0 -0
- data/lib/chef/provider/package/yum/simplejson/decoder.py +0 -354
- data/lib/chef/provider/package/yum/simplejson/decoder.pyc +0 -0
- data/lib/chef/provider/package/yum/simplejson/encoder.py +0 -440
- data/lib/chef/provider/package/yum/simplejson/encoder.pyc +0 -0
- data/lib/chef/provider/package/yum/simplejson/scanner.py +0 -65
- data/lib/chef/provider/package/yum/simplejson/scanner.pyc +0 -0
- data/lib/chef/provider/package/yum/simplejson/tool.py +0 -37
@@ -140,7 +140,7 @@ class Chef
|
|
140
140
|
state_cmd
|
141
141
|
end
|
142
142
|
|
143
|
-
action :write, description: "Write the value to the specified domain/key" do
|
143
|
+
action :write, description: "Write the value to the specified domain/key." do
|
144
144
|
converge_if_changed do
|
145
145
|
cmd = defaults_modify_cmd
|
146
146
|
Chef::Log.debug("Updating defaults value by shelling out: #{cmd.join(" ")}")
|
@@ -149,7 +149,7 @@ class Chef
|
|
149
149
|
end
|
150
150
|
end
|
151
151
|
|
152
|
-
action :delete, description: "Delete a key from a domain" do
|
152
|
+
action :delete, description: "Delete a key from a domain." do
|
153
153
|
# if it's not there there's nothing to remove
|
154
154
|
return unless current_resource
|
155
155
|
|
@@ -72,9 +72,7 @@ class Chef
|
|
72
72
|
description: "Determines whether or not the resource is executed during the compile time phase.",
|
73
73
|
default: true, desired_state: false
|
74
74
|
|
75
|
-
action :create do
|
76
|
-
description "Create an Ohai hint file."
|
77
|
-
|
75
|
+
action :create, description: "Create an Ohai hint file." do
|
78
76
|
directory ::Ohai::Config.ohai.hints_path.first do
|
79
77
|
action :create
|
80
78
|
recursive true
|
@@ -86,9 +84,7 @@ class Chef
|
|
86
84
|
end
|
87
85
|
end
|
88
86
|
|
89
|
-
action :delete do
|
90
|
-
description "Delete an Ohai hint file."
|
91
|
-
|
87
|
+
action :delete, description: "Delete an Ohai hint file." do
|
92
88
|
file ohai_hint_file_path(new_resource.hint_name) do
|
93
89
|
action :delete
|
94
90
|
notifies :reload, ohai[reload ohai post hint removal]
|
@@ -31,6 +31,23 @@ class Chef
|
|
31
31
|
|
32
32
|
description "Use the **openbsd_package** resource to manage packages for the OpenBSD platform."
|
33
33
|
introduced "12.1"
|
34
|
+
examples <<~DOC
|
35
|
+
**Install a package**
|
36
|
+
|
37
|
+
```ruby
|
38
|
+
openbsd_package 'name of package' do
|
39
|
+
action :install
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
**Remove a package**
|
44
|
+
|
45
|
+
```ruby
|
46
|
+
openbsd_package 'name of package' do
|
47
|
+
action :remove
|
48
|
+
end
|
49
|
+
```
|
50
|
+
DOC
|
34
51
|
|
35
52
|
property :package_name, String,
|
36
53
|
description: "An optional property to set the package name if it differs from the resource block's name.",
|
@@ -88,8 +88,7 @@ class Chef
|
|
88
88
|
description: "The permission mode applied to all files created by the resource.",
|
89
89
|
default: "0640"
|
90
90
|
|
91
|
-
action :create do
|
92
|
-
description "Create the dhparam file."
|
91
|
+
action :create, description: "Create the `dhparam.pem` file." do
|
93
92
|
dhparam_content = nil
|
94
93
|
unless dhparam_pem_valid?(new_resource.path)
|
95
94
|
dhparam_content = gen_dhparam(new_resource.key_length, new_resource.generator).to_pem
|
@@ -88,9 +88,7 @@ class Chef
|
|
88
88
|
description: "Force creation of the key even if the same key already exists on the node.",
|
89
89
|
default: false, desired_state: false
|
90
90
|
|
91
|
-
action :create do
|
92
|
-
description "Generate the ec private key"
|
93
|
-
|
91
|
+
action :create, description: "Generate the EC private key file." do
|
94
92
|
unless new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
|
95
93
|
converge_by("Create an EC private key #{new_resource.path}") do
|
96
94
|
log "Generating an #{new_resource.key_curve} "\
|
@@ -74,9 +74,7 @@ class Chef
|
|
74
74
|
description: "The permission mode applied to all files created by the resource.",
|
75
75
|
default: "0640"
|
76
76
|
|
77
|
-
action :create do
|
78
|
-
description "Generate the ec public key from a private key"
|
79
|
-
|
77
|
+
action :create, description: "Generate the EC public key file from a private key." do
|
80
78
|
raise ArgumentError, "You cannot specify both 'private_key_path' and 'private_key_content' properties at the same time." if new_resource.private_key_path && new_resource.private_key_content
|
81
79
|
raise ArgumentError, "You must specify the private key with either 'private_key_path' or 'private_key_content' properties." unless new_resource.private_key_path || new_resource.private_key_content
|
82
80
|
raise "#{new_resource.private_key_path} not a valid private EC key or password is invalid" unless priv_key_file_valid?((new_resource.private_key_path || new_resource.private_key_content), new_resource.private_key_pass)
|
@@ -87,9 +87,7 @@ class Chef
|
|
87
87
|
description: "Force creation of the key even if the same key already exists on the node.",
|
88
88
|
default: false, desired_state: false
|
89
89
|
|
90
|
-
action :create do
|
91
|
-
description "Create the RSA private key."
|
92
|
-
|
90
|
+
action :create, description: "Create the RSA private key file." do
|
93
91
|
return if new_resource.force || priv_key_file_valid?(new_resource.path, new_resource.key_pass)
|
94
92
|
|
95
93
|
converge_by("create #{new_resource.key_length} bit RSA key #{new_resource.path}") do
|
@@ -75,9 +75,7 @@ class Chef
|
|
75
75
|
description: "The permission mode applied to all files created by the resource.",
|
76
76
|
default: "0640"
|
77
77
|
|
78
|
-
action :create do
|
79
|
-
description "Create the RSA public key."
|
80
|
-
|
78
|
+
action :create, description: "Create the RSA public key file." do
|
81
79
|
raise ArgumentError, "You cannot specify both 'private_key_path' and 'private_key_content' properties at the same time." if new_resource.private_key_path && new_resource.private_key_content
|
82
80
|
raise ArgumentError, "You must specify the private key with either 'private_key_path' or 'private_key_content' properties." unless new_resource.private_key_path || new_resource.private_key_content
|
83
81
|
raise "#{new_resource.private_key_path} not a valid private RSA key or password is invalid" unless priv_key_file_valid?((new_resource.private_key_path || new_resource.private_key_content), new_resource.private_key_pass)
|
@@ -151,15 +151,12 @@ class Chef
|
|
151
151
|
description: "The number of days before the expiry. The certificate will be automatically renewed when the value is reached.",
|
152
152
|
introduced: "15.7"
|
153
153
|
|
154
|
-
action :create do
|
155
|
-
description "Generate a certificate"
|
156
|
-
|
154
|
+
action :create, description: "Generate a certificate file." do
|
157
155
|
file new_resource.path do
|
158
156
|
action :create_if_missing
|
159
157
|
owner new_resource.owner unless new_resource.owner.nil?
|
160
158
|
group new_resource.group unless new_resource.group.nil?
|
161
159
|
mode new_resource.mode unless new_resource.mode.nil?
|
162
|
-
sensitive true
|
163
160
|
content cert.to_pem
|
164
161
|
end
|
165
162
|
|
@@ -90,9 +90,7 @@ class Chef
|
|
90
90
|
property :mode, [Integer, String],
|
91
91
|
description: "The permission mode of the CRL file."
|
92
92
|
|
93
|
-
action :create do
|
94
|
-
description "Create the CRL file."
|
95
|
-
|
93
|
+
action :create, description: "Create the certificate revocation list (CRL) file." do
|
96
94
|
file new_resource.path do
|
97
95
|
owner new_resource.owner unless new_resource.owner.nil?
|
98
96
|
group new_resource.group unless new_resource.group.nil?
|
@@ -119,9 +119,7 @@ class Chef
|
|
119
119
|
equal_to: %w{secp384r1 secp521r1 prime256v1}, default: "prime256v1",
|
120
120
|
description: "The desired curve of the generated key (if key_type is equal to `ec`). Run `openssl ecparam -list_curves` to see available options."
|
121
121
|
|
122
|
-
action :create do
|
123
|
-
description "Generate a certificate request."
|
124
|
-
|
122
|
+
action :create, description: "Generate a certificate request file." do
|
125
123
|
unless ::File.exist? new_resource.path
|
126
124
|
converge_by("Create CSR #{@new_resource}") do
|
127
125
|
file new_resource.path do
|
@@ -51,7 +51,7 @@ class Chef
|
|
51
51
|
'PayloadOrganization' => 'Chef',
|
52
52
|
'PayloadVersion' => 1,
|
53
53
|
'PayloadDisplayName' => 'Screensaver Settings',
|
54
|
-
'PayloadContent'=> [
|
54
|
+
'PayloadContent' => [
|
55
55
|
{
|
56
56
|
'PayloadType' => 'com.apple.ManagedClient.preferences',
|
57
57
|
'PayloadVersion' => 1,
|
@@ -172,7 +172,7 @@ class Chef
|
|
172
172
|
end
|
173
173
|
end
|
174
174
|
|
175
|
-
action :install do
|
175
|
+
action :install, description: "Install the specified configuration profile." do
|
176
176
|
unless profile_installed?
|
177
177
|
converge_by("install profile #{new_profile_identifier}") do
|
178
178
|
profile_path = write_profile_to_disk
|
@@ -182,7 +182,7 @@ class Chef
|
|
182
182
|
end
|
183
183
|
end
|
184
184
|
|
185
|
-
action :remove do
|
185
|
+
action :remove, description: "Remove the specified configuration profile." do
|
186
186
|
# Clean up profile after removing it
|
187
187
|
if profile_installed?
|
188
188
|
converge_by("remove profile #{new_profile_identifier}") do
|
data/lib/chef/resource/plist.rb
CHANGED
@@ -81,7 +81,7 @@ class Chef
|
|
81
81
|
group file_group_cmd.stdout.chomp
|
82
82
|
end
|
83
83
|
|
84
|
-
action :set do
|
84
|
+
action :set, description: "Set a value in a plist file." do
|
85
85
|
converge_if_changed :path do
|
86
86
|
converge_by "create new plist: '#{new_resource.path}'" do
|
87
87
|
file new_resource.path do
|
@@ -70,8 +70,7 @@ class Chef
|
|
70
70
|
script_publish_location status["script_publish_location"]
|
71
71
|
end
|
72
72
|
|
73
|
-
action :register do
|
74
|
-
description "Registers and updates the powershell package source."
|
73
|
+
action :register, description: "Registers and updates the PowerShell package source." do
|
75
74
|
# TODO: Ensure package provider is installed?
|
76
75
|
if psrepository_cmdlet_appropriate?
|
77
76
|
if package_source_exists?
|
@@ -104,8 +103,7 @@ class Chef
|
|
104
103
|
end
|
105
104
|
end
|
106
105
|
|
107
|
-
action :unregister do
|
108
|
-
description "Unregisters the powershell package source."
|
106
|
+
action :unregister, description: "Unregisters the PowerShell package source." do
|
109
107
|
if package_source_exists?
|
110
108
|
unregister_cmd = "Get-PackageSource -Name '#{new_resource.source_name}' | Unregister-PackageSource"
|
111
109
|
converge_by("unregister source: #{new_resource.source_name}") do
|
data/lib/chef/resource/reboot.rb
CHANGED
@@ -33,6 +33,41 @@ class Chef
|
|
33
33
|
" immediate notifications. Delayed notifications produce unintuitive and"\
|
34
34
|
" probably undesired results."
|
35
35
|
introduced "12.0"
|
36
|
+
examples <<~DOC
|
37
|
+
**Reboot a node immediately**
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
reboot 'now' do
|
41
|
+
action :nothing
|
42
|
+
reason 'Cannot continue Chef run without a reboot.'
|
43
|
+
delay_mins 2
|
44
|
+
end
|
45
|
+
|
46
|
+
execute 'foo' do
|
47
|
+
command '...'
|
48
|
+
notifies :reboot_now, 'reboot[now]', :immediately
|
49
|
+
end
|
50
|
+
```
|
51
|
+
|
52
|
+
**Reboot a node at the end of a Chef Infra Client run**
|
53
|
+
|
54
|
+
```ruby
|
55
|
+
reboot 'app_requires_reboot' do
|
56
|
+
action :request_reboot
|
57
|
+
reason 'Need to reboot when the run completes successfully.'
|
58
|
+
delay_mins 5
|
59
|
+
end
|
60
|
+
```
|
61
|
+
|
62
|
+
**Cancel a reboot**
|
63
|
+
|
64
|
+
```ruby
|
65
|
+
reboot 'cancel_reboot_request' do
|
66
|
+
action :cancel
|
67
|
+
reason 'Cancel a previous end-of-run reboot request.'
|
68
|
+
end
|
69
|
+
```
|
70
|
+
DOC
|
36
71
|
|
37
72
|
property :reason, String,
|
38
73
|
description: "A string that describes the reboot action.",
|
@@ -42,18 +77,14 @@ class Chef
|
|
42
77
|
description: "The amount of time (in minutes) to delay a reboot request.",
|
43
78
|
default: 0
|
44
79
|
|
45
|
-
action :request_reboot do
|
46
|
-
description "Reboot a node at the end of a chef-client run."
|
47
|
-
|
80
|
+
action :request_reboot, description: "Reboot a node at the end of a #{ChefUtils::Dist::Infra::PRODUCT} run." do
|
48
81
|
converge_by("request a system reboot to occur if the run succeeds") do
|
49
82
|
logger.warn "Reboot requested:'#{new_resource.name}'"
|
50
83
|
request_reboot
|
51
84
|
end
|
52
85
|
end
|
53
86
|
|
54
|
-
action :reboot_now do
|
55
|
-
description "Reboot a node so that the chef-client may continue the installation process."
|
56
|
-
|
87
|
+
action :reboot_now, description: "Reboot a node so that the #{ChefUtils::Dist::Infra::PRODUCT} may continue the installation process." do
|
57
88
|
converge_by("rebooting the system immediately") do
|
58
89
|
logger.warn "Rebooting system immediately, requested by '#{new_resource.name}'"
|
59
90
|
request_reboot
|
@@ -61,9 +92,7 @@ class Chef
|
|
61
92
|
end
|
62
93
|
end
|
63
94
|
|
64
|
-
action :cancel do
|
65
|
-
description "Cancel a pending reboot request."
|
66
|
-
|
95
|
+
action :cancel, description: "Cancel a pending reboot request." do
|
67
96
|
converge_by("cancel any existing end-of-run reboot request") do
|
68
97
|
logger.warn "Reboot canceled: '#{new_resource.name}'"
|
69
98
|
node.run_context.cancel_reboot
|
@@ -71,7 +71,7 @@ class Chef
|
|
71
71
|
desired_state: false
|
72
72
|
|
73
73
|
property :files_group, [String, Integer],
|
74
|
-
description: "Configure group permissions for files. A string or ID that identifies the group owner by group name, including fully qualified group names such as domain\\group or group@domain
|
74
|
+
description: "Configure group permissions for files. A string or ID that identifies the group owner by group name, including fully qualified group names such as `domain\\group` or `group@domain`. If this value is not specified, existing groups remain unchanged and new group assignments use the default POSIX group (if available).",
|
75
75
|
regex: Chef::Config[:group_valid_regex]
|
76
76
|
|
77
77
|
property :files_mode, [String, Integer, nil],
|
@@ -80,7 +80,7 @@ class Chef
|
|
80
80
|
regex: /^\d{3,4}$/, default: lazy { 0644 unless Chef::Platform.windows? }
|
81
81
|
|
82
82
|
property :files_owner, [String, Integer],
|
83
|
-
description: "Configure owner permissions for files. A string or ID that identifies the group owner by user name, including fully qualified user names such as domain\\user or user@domain
|
83
|
+
description: "Configure owner permissions for files. A string or ID that identifies the group owner by user name, including fully qualified user names such as `domain\\user` or `user@domain`. If this value is not specified, existing owners remain unchanged and new owner assignments use the current user (when necessary).",
|
84
84
|
regex: Chef::Config[:user_valid_regex]
|
85
85
|
end
|
86
86
|
end
|
@@ -85,7 +85,7 @@ class Chef
|
|
85
85
|
end
|
86
86
|
|
87
87
|
property :use_etag, [ TrueClass, FalseClass ], default: true,
|
88
|
-
description: "Enable ETag headers. Set to false to disable ETag headers. To use this setting, `use_conditional_get` must also be set to true."
|
88
|
+
description: "Enable ETag headers. Set to `false` to disable ETag headers. To use this setting, `use_conditional_get` must also be set to true."
|
89
89
|
|
90
90
|
alias :use_etags :use_etag
|
91
91
|
|
@@ -142,13 +142,13 @@ class Chef
|
|
142
142
|
end
|
143
143
|
|
144
144
|
# if domain is provided in both username and domain
|
145
|
-
if specified_user && ((specified_user.include?
|
145
|
+
if specified_user && ((specified_user.include? "\\") || (specified_user.include? "@")) && specified_domain
|
146
146
|
raise ArgumentError, "The domain is provided twice. Username: `#{specified_user}`, Domain: `#{specified_domain}`. Please specify domain only once."
|
147
147
|
end
|
148
148
|
|
149
149
|
if ! specified_user.nil? && specified_domain.nil?
|
150
150
|
# Splitting username of format: Domain\Username
|
151
|
-
domain_and_user = user.split(
|
151
|
+
domain_and_user = user.split("\\")
|
152
152
|
|
153
153
|
if domain_and_user.length == 2
|
154
154
|
domain = domain_and_user[0]
|
@@ -46,8 +46,6 @@ class Chef
|
|
46
46
|
name_property: true
|
47
47
|
|
48
48
|
action :install, description: "Install a package for a specific errata ID." do
|
49
|
-
description "Installs a package for a specific errata ID."
|
50
|
-
|
51
49
|
execute "Install errata packages for #{new_resource.errata_id}" do
|
52
50
|
command "#{package_manager_command} update --advisory #{new_resource.errata_id} -y"
|
53
51
|
default_env true
|
@@ -42,11 +42,7 @@ class Chef
|
|
42
42
|
name_property: true
|
43
43
|
|
44
44
|
action :install, description: "Install all packages of the specified errata level." do
|
45
|
-
|
46
|
-
|
47
|
-
if rhel6?
|
48
|
-
yum_package "yum-plugin-security"
|
49
|
-
end
|
45
|
+
yum_package "yum-plugin-security" if rhel6?
|
50
46
|
|
51
47
|
execute "Install any #{new_resource.errata_level} errata" do
|
52
48
|
command "#{package_manager_command} update --sec-severity=#{new_resource.errata_level.capitalize} -y"
|
@@ -26,6 +26,21 @@ class Chef
|
|
26
26
|
|
27
27
|
description "Use the **rhsm_repo** resource to enable or disable Red Hat Subscription Manager repositories that are made available via attached subscriptions."
|
28
28
|
introduced "14.0"
|
29
|
+
examples <<~DOC
|
30
|
+
**Enable an RHSM repository**
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
rhsm_repo 'rhel-7-server-extras-rpms'
|
34
|
+
```
|
35
|
+
|
36
|
+
**Disable an RHSM repository**
|
37
|
+
|
38
|
+
```ruby
|
39
|
+
rhsm_repo 'rhel-7-server-extras-rpms' do
|
40
|
+
action :disable
|
41
|
+
end
|
42
|
+
```
|
43
|
+
DOC
|
29
44
|
|
30
45
|
property :repo_name, String,
|
31
46
|
description: "An optional property for specifying the repository name if it differs from the resource block's name.",
|
@@ -32,11 +32,11 @@ class Chef
|
|
32
32
|
name_property: true
|
33
33
|
|
34
34
|
action :attach, description: "Attach the node to a subscription pool." do
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
35
|
+
unless subscription_attached?(new_resource.pool_id)
|
36
|
+
converge_by("attach subscription pool #{new_resource.pool_id}") do
|
37
|
+
shell_out!("subscription-manager attach --pool=#{new_resource.pool_id}")
|
38
|
+
build_resource(:package, "rhsm_subscription-#{new_resource.pool_id}-flush_cache").run_action(:flush_cache)
|
39
|
+
end
|
40
40
|
end
|
41
41
|
end
|
42
42
|
|
@@ -29,6 +29,106 @@ class Chef
|
|
29
29
|
provides :ruby_block, target_mode: true
|
30
30
|
|
31
31
|
description "Use the **ruby_block** resource to execute Ruby code during a #{ChefUtils::Dist::Infra::PRODUCT} run. Ruby code in the `ruby_block` resource is evaluated with other resources during convergence, whereas Ruby code outside of a `ruby_block` resource is evaluated before other resources, as the recipe is compiled."
|
32
|
+
examples <<~'DOC'
|
33
|
+
**Reload Chef Infra Client configuration data**
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
ruby_block 'reload_client_config' do
|
37
|
+
block do
|
38
|
+
Chef::Config.from_file('/etc/chef/client.rb')
|
39
|
+
end
|
40
|
+
action :run
|
41
|
+
end
|
42
|
+
```
|
43
|
+
|
44
|
+
**Run a block on a particular platform**
|
45
|
+
|
46
|
+
The following example shows how an if statement can be used with the `windows?` method in the Chef Infra Language to run code specific to Microsoft Windows. The code is defined using the ruby_block resource:
|
47
|
+
|
48
|
+
```ruby
|
49
|
+
if windows?
|
50
|
+
ruby_block 'copy libmysql.dll into ruby path' do
|
51
|
+
block do
|
52
|
+
require 'fileutils'
|
53
|
+
FileUtils.cp "#{node['mysql']['client']['lib_dir']}\\libmysql.dll",
|
54
|
+
node['mysql']['client']['ruby_dir']
|
55
|
+
end
|
56
|
+
not_if { ::File.exist?("#{node['mysql']['client']['ruby_dir']}\\libmysql.dll") }
|
57
|
+
end
|
58
|
+
end
|
59
|
+
```
|
60
|
+
|
61
|
+
**Stash a file in a data bag**
|
62
|
+
|
63
|
+
The following example shows how to use the ruby_block resource to stash a BitTorrent file in a data bag so that it can be distributed to nodes in the organization.
|
64
|
+
|
65
|
+
```ruby
|
66
|
+
ruby_block 'share the torrent file' do
|
67
|
+
block do
|
68
|
+
f = File.open(node['bittorrent']['torrent'],'rb')
|
69
|
+
#read the .torrent file and base64 encode it
|
70
|
+
enc = Base64.encode64(f.read)
|
71
|
+
data = {
|
72
|
+
'id'=>bittorrent_item_id(node['bittorrent']['file']),
|
73
|
+
'seed'=>node.ipaddress,
|
74
|
+
'torrent'=>enc
|
75
|
+
}
|
76
|
+
item = Chef::DataBagItem.new
|
77
|
+
item.data_bag('bittorrent')
|
78
|
+
item.raw_data = data
|
79
|
+
item.save
|
80
|
+
end
|
81
|
+
action :nothing
|
82
|
+
subscribes :create, "bittorrent_torrent[#{node['bittorrent']['torrent']}]", :immediately
|
83
|
+
end
|
84
|
+
```
|
85
|
+
|
86
|
+
**Update the /etc/hosts file**
|
87
|
+
|
88
|
+
The following example shows how the ruby_block resource can be used to update the /etc/hosts file:
|
89
|
+
|
90
|
+
```ruby
|
91
|
+
ruby_block 'edit etc hosts' do
|
92
|
+
block do
|
93
|
+
rc = Chef::Util::FileEdit.new('/etc/hosts')
|
94
|
+
rc.search_file_replace_line(/^127\.0\.0\.1 localhost$/,
|
95
|
+
'127.0.0.1 #{new_fqdn} #{new_hostname} localhost')
|
96
|
+
rc.write_file
|
97
|
+
end
|
98
|
+
end
|
99
|
+
```
|
100
|
+
|
101
|
+
**Set environment variables**
|
102
|
+
|
103
|
+
The following example shows how to use variables within a Ruby block to set environment variables using rbenv.
|
104
|
+
|
105
|
+
```ruby
|
106
|
+
node.override[:rbenv][:root] = rbenv_root
|
107
|
+
node.override[:ruby_build][:bin_path] = rbenv_binary_path
|
108
|
+
|
109
|
+
ruby_block 'initialize' do
|
110
|
+
block do
|
111
|
+
ENV['RBENV_ROOT'] = node[:rbenv][:root]
|
112
|
+
ENV['PATH'] = "#{node[:rbenv][:root]}/bin:#{node[:ruby_build][:bin_path]}:#{ENV['PATH']}"
|
113
|
+
end
|
114
|
+
end
|
115
|
+
```
|
116
|
+
|
117
|
+
**Call methods in a gem**
|
118
|
+
|
119
|
+
The following example shows how to call methods in gems not shipped in Chef Infra Client
|
120
|
+
|
121
|
+
```ruby
|
122
|
+
chef_gem 'mongodb'
|
123
|
+
|
124
|
+
ruby_block 'config_replicaset' do
|
125
|
+
block do
|
126
|
+
MongoDB.configure_replicaset(node, replicaset_name, rs_nodes)
|
127
|
+
end
|
128
|
+
action :run
|
129
|
+
end
|
130
|
+
```
|
131
|
+
DOC
|
32
132
|
|
33
133
|
default_action :run
|
34
134
|
allowed_actions :create, :run
|