chef 17.0.242-universal-mingw32 → 17.4.25-universal-mingw32

data/lib/chef/resource/scm/subversion.rb

@@ -28,7 +28,7 @@ class Chef
 
       provides :subversion
 
-      description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository."
+      description "Use the **subversion** resource to manage source control resources that exist in a Subversion repository. Warning: The subversion resource has known bugs and may not work as expected. For more information see Chef GitHub issues, particularly [#4050](https://github.com/chef/chef/issues/4050) and [#4257](https://github.com/chef/chef/issues/4257)."
       examples <<~DOC
       **Get the latest version of an application**
 

data/lib/chef/resource/ssh_known_hosts_entry.rb

@@ -75,7 +75,8 @@ class Chef
 
       property :group, [String, Integer],
         description: "The file group for the ssh_known_hosts file.",
-        default: lazy { node["root_group"] }
+        default: lazy { node["root_group"] },
+        default_description: "The root user's group depending on platform."
 
       property :hash_entries, [TrueClass, FalseClass],
         description: "Hash the hostname and addresses in the ssh_known_hosts file for privacy.",
@@ -85,9 +86,7 @@ class Chef
         description: "The location of the ssh known hosts file. Change this to set a known host file for a particular user.",
         default: "/etc/ssh/ssh_known_hosts"
 
-      action :create do
-        description "Create an entry in the ssh_known_hosts file."
-
+      action :create, description: "Create an entry in the ssh_known_hosts file." do
         key =
           if new_resource.key
             hoststr = (new_resource.port != 22) ? "[#{new_resource.host}]:#{new_resource.port}" : new_resource.host
@@ -129,9 +128,7 @@ class Chef
       end
 
       # all this does is send an immediate run_action(:create) to the template resource
-      action :flush do
-        description "Immediately flush the entries to the config file. Without this the actual writing of the file is delayed in the #{ChefUtils::Dist::Infra::PRODUCT} run so all entries can be accumulated before writing the file out."
-
+      action :flush, description: "Immediately flush the entries to the config file. Without this the actual writing of the file is delayed in the #{ChefUtils::Dist::Infra::PRODUCT} run so all entries can be accumulated before writing the file out." do
         with_run_context :root do
           # if you haven't ever called ssh_known_hosts_entry before you're definitely doing it wrong so we blow up hard.
           find_resource!(:template, "update ssh known hosts file #{new_resource.file_location}").run_action(:create)

data/lib/chef/resource/sudo.rb

@@ -170,9 +170,7 @@ class Chef
         end
       end
 
-      action :create do
-        description "Create a single sudoers config in the sudoers.d directory"
-
+      action :create, description: "Create a single sudoers configuration file in the `sudoers.d` directory." do
         validate_properties
 
         if docker? # don't even put this into resource collection unless we're in docker
@@ -230,9 +228,7 @@ class Chef
       end
 
       # Removes a user from the sudoers group
-      action :delete do
-        description "Remove a sudoers config from the sudoers.d directory"
-
+      action :delete, description: "Remove a sudoers configuration file from the `sudoers.d` directory." do
         file "#{new_resource.config_prefix}/sudoers.d/#{new_resource.filename}" do
           action :delete
         end

data/lib/chef/resource/support/HabService.dll.config.erb

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <appSettings>
+    <add key="debug" value="false" />
+    <% if @auth_token %>
+    <add key="ENV_HAB_AUTH_TOKEN" value="<%= @auth_token %>" />
+    <% end %>
+    <% if @gateway_auth_token %>
+    <add key="ENV_HAB_SUP_GATEWAY_AUTH_TOKEN" value="<%= @gateway_auth_token %>" />
+    <% end %>
+    <% if @bldr_url %>
+    <add key="ENV_HAB_BLDR_URL" value="<%= @bldr_url %>" />
+    <% end %>
+    <%if  @exec_start_options %>
+    <add key="launcherArgs" value="--no-color <%= @exec_start_options %>" />
+    <% end %>
+    <add key="launcherPath" value="C:\Hab\pkgs\<%= `hab pkg list core/hab-launcher`.split().last %>\bin\hab-launch.exe"/>
+  </appSettings>
+</configuration>

data/lib/chef/resource/support/client.erb

@@ -18,10 +18,17 @@
       @pid_file
       @policy_group
       @policy_name
-      @ssl_verify_mode).each do |prop| -%>
+      @ssl_verify_mode
+      @policy_persist_run_list).each do |prop| -%>
 <% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
 <%=prop.delete_prefix("@") %> <%= instance_variable_get(prop).inspect %>
 <% end -%>
+<%# ohai_disabled_plugins and ohai_optional_plugins properties don't match the config value perfectly-%>
+<% %w(@ohai_disabled_plugins
+      @ohai_optional_plugins).each do |prop| -%>
+<% next if instance_variable_get(prop).nil? || instance_variable_get(prop).empty? -%>
+<%=prop.gsub("@ohai_", "ohai.") %> <%= instance_variable_get(prop).inspect %>
+<% end -%>
 <%# log_location is special due to STDOUT/STDERR from String -> IO Object -%>
 <% unless @log_location.nil? %>
   <% if @log_location.is_a?(String) && %w(STDOUT STDERR).include?(@log_location) -%>

data/lib/chef/resource/support/sup.toml.erb

@@ -0,0 +1,179 @@
+# sup.toml
+# Used for passing configuration options to the Chef Habitat supervisor
+# This file is controlled by the 'habitat' cookbook and should not be modified by hand -- local modifications may be overwritten.
+
+### The listen address for the Gossip Gateway
+<% if @listen_gossip %>
+listen_gossip = "<%= @listen_gossip %>"
+<% end %>
+
+### Start the supervisor in local mode
+# local_gossip_mode =
+
+### The listen address for the HTTP Gateway
+<% if @listen_http %>
+listen_http = "<%= @listen_http %>"
+<% end %>
+### Disable the HTTP Gateway completely
+# http_disable =
+
+### The listen address for the Control Gateway
+<% if @listen_ctl %>
+listen_ctl = "<%= @listen_ctl %>"
+<% end %>
+### The organization the Supervisor and its services are part of
+<% if @organization %>
+organization = "<%= @organization %>"
+<% end %>
+### The listen address of one or more initial peers (IP[:PORT])
+<% if @peer %>
+peer =  <%= @peer %>
+<% end %>
+### Make this Supervisor a permanent peer
+<% if @permanent_peer %>
+permanent_peer = <%= @permanent_peer %>
+<% end %>
+### Watch this file for connecting to the ring
+# peer_watch_file =
+
+### Cache for creating and searching for encryption keys
+# cache_key_path =
+
+### The name of the ring used by the Supervisor when running with wire encryption
+<% if @ring %>
+ring = "<%= @ring %>"
+<% end %>
+### Use the package config from this path rather than the package itself
+# config_from =
+
+### Enable automatic updates for the Supervisor itself
+<% if @auto_update %>
+auto_update = <%= @auto_update %>
+<% end %>
+### The period of time in seconds between Supervisor update checks
+# auto_update_period =
+
+### The period of time in seconds between service update checks
+# service_update_period =
+
+### The private key for HTTP Gateway TLS encryption
+###
+### Read the private key from KEY_FILE. This should be an RSA private key or PKCS8-encoded private key in PEM format.
+# key_file =
+
+### The server certificates for HTTP Gateway TLS encryption
+###
+### Read server certificates from CERT_FILE. This should contain PEM-format certificates in the right order. The first certificate should certify KEY_FILE. The last should be a root CA.
+# cert_file =
+
+### The CA certificate for HTTP Gateway TLS encryption
+###
+### Read the CA certificate from CA_CERT_FILE. This should contain PEM-format certificate that can be used to validate client requests
+# ca_cert_file =
+
+### Load a Habitat package as part of the Supervisor startup
+###
+### The package can be specified by a package identifier (ex: core/redis) or filepath to a Habitat artifact (ex: /home/core-redis-3.0.7-21120102031201-x86_64-linux.hart).
+# pkg_ident_or_artifact =
+
+### Verbose output showing file and line/column numbers
+# verbose =
+
+### Turn ANSI color off
+# no_color =
+
+### Use structured JSON logging for the Supervisor
+###
+### This option also sets NO_COLOR.
+# json_logging =
+
+### The IPv4 address to use as the `sys.ip` template variable
+###
+### If this argument is not set, the supervisor tries to dynamically determine an IP address. If that fails, the supervisor defaults to using `127.0.0.1`.
+# sys_ip_address =
+
+### The name of the application for event stream purposes
+###
+### This will be attached to all events generated by this Supervisor.
+<% if @event_stream_application %>
+event_stream_application = "<%= @event_stream_application %>"
+<% end %>
+### The name of the environment for event stream purposes
+###
+### This will be attached to all events generated by this Supervisor.
+<% if @event_stream_environment %>
+event_stream_environment = "<%= @event_stream_environment %>"
+<% end %>
+### Event stream connection timeout before exiting the Supervisor
+###
+### Set to '0' to immediately start the Supervisor and continue running regardless of the initial connection status.
+# event_stream_connect_timeout =
+
+### The event stream connection url used to send events to Chef Automate
+###
+### This enables the event stream and requires EVENT_STREAM_APPLICATION, EVENT_STREAM_ENVIRONMENT, and EVENT_STREAM_TOKEN also be set.
+<% if @event_stream_url %>
+event_stream_url = "<%= @event_stream_url %>"
+<% end %>
+### The name of the site where this Supervisor is running for event stream purposes
+<% if @event_stream_site %>
+event_stream_site = "<%= @event_stream_site %>"
+<% end %>
+### The authentication token for connecting the event stream to Chef Automate
+<% if @event_stream_token %>
+event_stream_token = "<%= @event_stream_token %>"
+<% end %>
+### An arbitrary key-value pair to add to each event generated by this Supervisor
+# event_meta = []
+
+### The path to Chef Automate's event stream certificate used to establish a TLS connection
+###
+### The certificate should be in PEM format.
+<% if @event_stream_server_certificate %>
+event_stream_server_certificate = "<%= @event_stream_server_certificate %>"
+<% end %>
+### Automatically cleanup old packages
+###
+### The Supervisor will automatically cleanup old packages only keeping the KEEP_LATEST_PACKAGES latest packages. If this argument is not specified, no automatic package cleanup is performed.
+<% if @keep_latest_packages %>
+keep_latest_packages = "<%= @keep_latest_packages %>"
+<% end %>
+### Receive updates from the specified release channel
+# channel =
+
+### Specify an alternate Builder endpoint. If not specified, the value will be taken from the HAB_BLDR_URL environment variable if defined. (default: https://bldr.habitat.sh)
+<% if @bldr_url %>
+bldr_url = "<%= @bldr_url %>"
+<% end %>
+### The service group with shared config and topology
+# group =
+
+### Service topology
+# topology =
+
+### The update strategy
+# strategy =
+
+### The condition dictating when this service should update
+###
+### latest: Runs the latest package that can be found in the configured channel and local packages.
+###
+### track-channel: Always run what is at the head of a given channel. This enables service rollback where demoting a package from a channel will cause the package to rollback to an older version of the package. A ramification of enabling this condition is packages newer than the package at the head of the channel will be automatically uninstalled during a service rollback.
+<% if @update_condition %>
+update_condition = "<%= @update_condition %>"
+<% end %>
+### One or more service groups to bind to a configuration
+# bind = []
+
+### Governs how the presence or absence of binds affects service startup
+###
+### strict: blocks startup until all binds are present.
+# binding_mode =
+
+### The interval in seconds on which to run health checks
+# health_check_interval =
+
+### The delay in seconds after sending the shutdown signal to wait before killing the service process
+###
+### The default value can be set in the packages plan file.
+# shutdown_timeout =

data/lib/chef/resource/swap_file.rb

@@ -63,9 +63,7 @@ class Chef
       property :swappiness, Integer,
         description: "The swappiness value to set on the system."
 
-      action :create do
-        description "Create a swapfile."
-
+      action :create, description: "Create a swapfile." do
         if swap_enabled?
           Chef::Log.debug("#{new_resource} already created - nothing to do")
         else
@@ -85,9 +83,7 @@ class Chef
         end
       end
 
-      action :remove do
-        description "Remove a swapfile and disable swap."
-
+      action :remove, description: "Remove a swapfile and disable swap." do
         swapoff if swap_enabled?
         remove_swapfile if ::File.exist?(new_resource.path)
       end

data/lib/chef/resource/sysctl.rb

@@ -131,7 +131,7 @@ class Chef
 
       end
 
-      action :apply, description: "Apply a sysctl value" do
+      action :apply, description: "Set the kernel parameter and update the `sysctl` settings." do
         converge_if_changed do
           # set it temporarily
           set_sysctl_param(new_resource.key, new_resource.value)
@@ -150,7 +150,7 @@ class Chef
         end
       end
 
-      action :remove, description: "Remove a sysctl value" do
+      action :remove, description: "Remove the kernel parameter and update the `sysctl` settings." do
         # only converge the resource if the file actually exists to delete
         if ::File.exist?("#{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf")
           converge_by "removing sysctl config at #{new_resource.conf_dir}/99-chef-#{new_resource.key.tr("/", ".")}.conf" do

data/lib/chef/resource/systemd_unit.rb

@@ -34,7 +34,7 @@ class Chef
 
       ```ruby
       systemd_unit 'etcd.service' do
-        content(Unit: {
+        content({ Unit: {
                   Description: 'Etcd',
                   Documentation: ['https://coreos.com/etcd', 'man:etcd(1)'],
                   After: 'network.target',
@@ -46,7 +46,7 @@ class Chef
                 },
                 Install: {
                   WantedBy: 'multi-user.target',
-                })
+                } })
         action [:create, :enable]
       end
       ```
@@ -113,7 +113,7 @@ class Chef
         when Hash
           IniParse.gen do |doc|
             content.each_pair do |sect, opts|
-              doc.section(sect) do |section|
+              doc.section(sect, { option_sep: "=" }) do |section|
                 opts.each_pair do |opt, val|
                   [val].flatten.each do |v|
                     section.option(opt, v)

data/lib/chef/resource/timezone.rb

@@ -119,7 +119,7 @@ class Chef
         end
       end
 
-      action :set, description: "Set the system timezone" do
+      action :set, description: "Set the system timezone." do
         # we have to check windows first since the value isn't case sensitive here
         if windows?
           unless current_windows_tz.casecmp?(new_resource.timezone)

data/lib/chef/resource/user_ulimit.rb

@@ -78,7 +78,7 @@ class Chef
                coerce: proc { |m| m.end_with?(".conf") ? m : m + ".conf" },
                default: lazy { |r| r.username == "*" ? "00_all_limits.conf" : "#{r.username}_limits.conf" }
 
-      action :create, description: "Create a ulimit configuration file" do
+      action :create, description: "Create a ulimit configuration file." do
         template "/etc/security/limits.d/#{new_resource.filename}" do
           source ::File.expand_path("support/ulimit.erb", __dir__)
           local true
@@ -106,7 +106,7 @@ class Chef
         end
       end
 
-      action :delete, description: "Delete an existing ulimit configuration file" do
+      action :delete, description: "Delete an existing ulimit configuration file." do
         file "/etc/security/limits.d/#{new_resource.filename}" do
           action :delete
         end

data/lib/chef/resource/windows_ad_join.rb

@@ -97,7 +97,7 @@ class Chef
       property :sensitive, [TrueClass, FalseClass],
         default: true, desired_state: false
 
-      action :join, description: "Join the Active Directory domain" do
+      action :join, description: "Join the Active Directory domain." do
         unless on_desired_domain?
           cmd = "$pswd = ConvertTo-SecureString \'#{new_resource.domain_password}\' -AsPlainText -Force;"
           cmd << "$credential = New-Object System.Management.Automation.PSCredential (\"#{sanitize_usename}\",$pswd);"
@@ -127,7 +127,7 @@ class Chef
         end
       end
 
-      action :leave, description: "Leave an Active Directory domain and re-join a workgroup" do
+      action :leave, description: "Leave an Active Directory domain and re-join a workgroup." do
         if joined_to_domain?
           cmd = ""
           cmd << "$pswd = ConvertTo-SecureString \'#{new_resource.domain_password}\' -AsPlainText -Force;"

data/lib/chef/resource/windows_audit_policy.rb

@@ -106,7 +106,7 @@ class Chef
 
       ```ruby
       windows_audit_policy "Set Audit Policy for 'Credential Validation' actions to 'Success'" do
-        subcategory  'Credential Validation'
+        subcategory 'Credential Validation'
         success true
         failure false
         action :set
@@ -152,7 +152,7 @@ class Chef
       property :audit_base_directories, [true, false],
                description: "Setting this audit policy option to true will force the system to assign a System Access Control List to named objects to enable auditing of container objects such as directories."
 
-      action :set, description: "Configure an audit policy" do
+      action :set, description: "Configure an audit policy." do
         unless new_resource.subcategory.nil?
           new_resource.subcategory.each do |subcategory|
             next if subcategory_configured?(subcategory, new_resource.success, new_resource.failure)

data/lib/chef/resource/windows_auto_run.rb

@@ -57,7 +57,7 @@ class Chef
 
       alias_method :program, :path
 
-      action :create, description: "Create an item to be run at login" do
+      action :create, description: "Create an item to be run at login." do
 
         data = "\"#{new_resource.path}\""
         data << " #{new_resource.args}" if new_resource.args
@@ -72,7 +72,7 @@ class Chef
         end
       end
 
-      action :remove, description: "Remove an item that was previously configured to run at login" do
+      action :remove, description: "Remove an item that was previously configured to run at login." do
         registry_key registry_path do
           values [{
             name: new_resource.program_name,

data/lib/chef/resource/windows_certificate.rb

@@ -160,7 +160,7 @@ class Chef
         end
       end
 
-      action :verify, description: "Verifies a certificate and logs the result" do
+      action :verify, description: "Verifies a certificate and logs the result." do
         out = verify_cert
         if !!out == out
           out = out ? "Certificate is valid" : "Certificate not valid"