chef 17.0.242-universal-mingw32 → 17.4.25-universal-mingw32

data/lib/chef/data_collector/run_end_message.rb

@@ -51,7 +51,7 @@ class Chef
             "id" => run_status&.run_id,
             "message_version" => "1.1.0",
             "message_type" => "run_converge",
-            "node" => node || {},
+            "node" => node&.data_for_save || {},
             "node_name" => node&.name || data_collector.node_name,
             "organization_name" => organization,
             "resources" => all_action_records(action_collection),

data/lib/chef/data_collector.rb

@@ -104,7 +104,6 @@ class Chef
       #
       def action_collection_registration(action_collection)
         @action_collection = action_collection
-        action_collection.register(self)
       end
 
       # - Creates and writes our NodeUUID back to the node object

data/lib/chef/deprecated.rb

@@ -79,10 +79,12 @@ class Chef
         return true if location =~ /^(.*?):(\d+):in/ && begin
           # Don't buffer the whole file in memory, so read it one line at a time.
           line_no = $2.to_i
-          location_file = ::File.open($1)
-          (line_no - 1).times { location_file.readline } # Read all the lines we don't care about.
-          relevant_line = location_file.readline
-          relevant_line.match?(/#.*chef:silence_deprecation($|[^:]|:#{self.class.deprecation_key})/)
+          if File.exist?($1) # some stacktraces come from `eval` and not a file
+            location_file = ::File.open($1)
+            (line_no - 1).times { location_file.readline } # Read all the lines we don't care about.
+            relevant_line = location_file.readline
+            relevant_line.match?(/#.*chef:silence_deprecation($|[^:]|:#{self.class.deprecation_key})/)
+          end
         end
 
         false
@@ -253,6 +255,14 @@ class Chef
       target 33
     end
 
+    class AttributeWhitelistConfiguration < Base
+      target 34
+    end
+
+    class PolicyfileCompatMode < Base
+      target 35
+    end
+
     class Generic < Base
       def url
         "https://docs.chef.io/chef_deprecations_client/"

data/lib/chef/dsl/declare_resource.rb

@@ -156,15 +156,7 @@ class Chef
       def edit_resource(type, name, created_at: nil, run_context: self.run_context, &resource_attrs_block)
         edit_resource!(type, name, created_at: created_at, run_context: run_context, &resource_attrs_block)
       rescue Chef::Exceptions::ResourceNotFound
-        resource = declare_resource(type, name, created_at: created_at, run_context: run_context)
-        if resource_attrs_block
-          if defined?(new_resource)
-            resource.instance_exec(new_resource, &resource_attrs_block)
-          else
-            resource.instance_exec(&resource_attrs_block)
-          end
-        end
-        resource
+        declare_resource(type, name, created_at: created_at, run_context: run_context, &resource_attrs_block)
       end
 
       # Find existing resources by searching the list of existing resources.  Possible
@@ -306,6 +298,8 @@ class Chef
 
         enclosing_provider ||= self if is_a?(Chef::Provider)
 
+        nr = new_resource if defined?(new_resource)
+
         Chef::ResourceBuilder.new(
           type:                type,
           name:                name,
@@ -314,7 +308,8 @@ class Chef
           run_context:         run_context,
           cookbook_name:       cookbook_name,
           recipe_name:         recipe_name,
-          enclosing_provider:  enclosing_provider
+          enclosing_provider:  enclosing_provider,
+          new_resource:        nr
         ).build(&resource_attrs_block)
       end
 

data/lib/chef/dsl/render_helpers.rb

@@ -0,0 +1,44 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+require_relative "toml"
+require_relative "../json_compat"
+autoload :YAML, "yaml"
+
+class Chef
+  module DSL
+    module RenderHelpers
+
+      # pretty-print a hash as a JSON string
+      def render_json(hash)
+        JSON.pretty_generate(hash) + "\n"
+      end
+
+      # pretty-print a hash as a TOML string
+      def render_toml(hash)
+        Chef::DSL::Toml::Dumper.new(hash).toml_str
+      end
+
+      # pretty-print a hash as a YAML string
+      def render_yaml(hash)
+        yaml_content = hash.transform_keys(&:to_s).to_yaml
+        # above replaces first-level keys with strings, below the rest
+        yaml_content.gsub!(" :", " ")
+      end
+
+      extend self
+    end
+  end
+end

data/lib/chef/dsl/secret.rb

@@ -0,0 +1,64 @@
+#
+# Author:: Marc Paradise (<marc@chef.io>)
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+require_relative "../secret_fetcher"
+
+class Chef
+  module DSL
+    module Secret
+
+      # Helper method which looks up a secret using the given service and configuration,
+      # and returns the retrieved secret value.
+      # This DSL providers a wrapper around [Chef::SecretFetcher]
+      #
+      # Use of the secret helper in the context of a resource block will automatically mark
+      # that resource as 'sensitive', preventing resource data from being logged.  See [Chef::Resource#sensitive].
+      #
+      # @option name [Object] The identifier or name for this secret
+      # @option version [Object] The secret version. If a service supports versions
+      #                          and no version is provided, the latest version will be fetched.
+      # @option service [Symbol] The service identifier for the service that will
+      #                         perform the secret lookup. See
+      #                         [Chef::SecretFetcher::SECRET_FETCHERS]
+      # @option config [Hash] The configuration that the named service expects
+      #
+      # @return result [Object] The response object type is determined by the fetcher but will usually be a string or a hash.
+      # See individual fetcher documentation to know what to expect for a given service.
+      #
+      # @example
+      #
+      # This example uses the built-in :example secret manager service, which
+      # accepts a hash of secrets.
+      #
+      #   value = secret(name: "test1", service: :example, config: { "test1" => "value1" })
+      #   log "My secret is #{value}"
+      #
+      #   value = secret(name: "test1", service: :aws_secrets_manager, version: "v1", config: { region: "us-west-1" })
+      #   log "My secret is #{value}"
+      def secret(name: nil, version: nil, service: nil, config: {})
+        Chef::Log.warn <<~EOM.gsub("\n", " ")
+          The secrets Chef Infra language helper is currently in beta.
+          This helper will most likely change over time in potentially breaking ways.
+          If you have feedback or you'd like to be part of the future design of this
+          helper e-mail us at secrets_management_beta@progress.com"
+        EOM
+        sensitive(true) if is_a?(Chef::Resource)
+        Chef::SecretFetcher.for_service(service, config, run_context).fetch(name, version)
+      end
+    end
+  end
+end

data/lib/chef/dsl/toml.rb

@@ -0,0 +1,116 @@
+require "date"
+
+# imported from https://github.com/chef-cookbooks/habitat
+class Chef
+  module DSL
+    module Toml
+      class Dumper
+        attr_reader :toml_str
+
+        def initialize(hash)
+          @toml_str = ""
+
+          visit(hash, [])
+        end
+
+        private
+
+        def visit(hash, prefix, extra_brackets = false)
+          simple_pairs, nested_pairs, table_array_pairs = sort_pairs hash
+
+          if prefix.any? && (simple_pairs.any? || hash.empty?)
+            print_prefix prefix, extra_brackets
+          end
+
+          dump_pairs simple_pairs, nested_pairs, table_array_pairs, prefix
+        end
+
+        def sort_pairs(hash)
+          nested_pairs = []
+          simple_pairs = []
+          table_array_pairs = []
+
+          hash.keys.sort.each do |key|
+            val = hash[key]
+            element = [key, val]
+
+            if val.is_a? Hash
+              nested_pairs << element
+            elsif val.is_a?(Array) && val.first.is_a?(Hash)
+              table_array_pairs << element
+            else
+              simple_pairs << element
+            end
+          end
+
+          [simple_pairs, nested_pairs, table_array_pairs]
+        end
+
+        def dump_pairs(simple, nested, table_array, prefix = [])
+          # First add simple pairs, under the prefix
+          dump_simple_pairs simple
+          dump_nested_pairs nested, prefix
+          dump_table_array_pairs table_array, prefix
+        end
+
+        def dump_simple_pairs(simple_pairs)
+          simple_pairs.each do |key, val|
+            key = quote_key(key) unless bare_key? key
+            @toml_str << "#{key} = #{to_toml(val)}\n"
+          end
+        end
+
+        def dump_nested_pairs(nested_pairs, prefix)
+          nested_pairs.each do |key, val|
+            key = quote_key(key) unless bare_key? key
+
+            visit val, prefix + [key], false
+          end
+        end
+
+        def dump_table_array_pairs(table_array_pairs, prefix)
+          table_array_pairs.each do |key, val|
+            key = quote_key(key) unless bare_key? key
+            aux_prefix = prefix + [key]
+
+            val.each do |child|
+              print_prefix aux_prefix, true
+              args = sort_pairs(child) << aux_prefix
+
+              dump_pairs(*args)
+            end
+          end
+        end
+
+        def print_prefix(prefix, array = false)
+          new_prefix = prefix.join(".")
+          new_prefix = "[#{new_prefix}]" if array
+
+          @toml_str += "[#{new_prefix}]\n"
+        end
+
+        def to_toml(obj)
+          if obj.is_a?(Time) || obj.is_a?(DateTime)
+            obj.strftime("%Y-%m-%dT%H:%M:%SZ")
+          elsif obj.is_a?(Date)
+            obj.strftime("%Y-%m-%d")
+          elsif obj.is_a? Regexp
+            obj.inspect.inspect
+          elsif obj.is_a? String
+            obj.inspect.gsub(/\\(#[$@{])/, '\1')
+          else
+            obj.inspect
+          end
+        end
+
+        def bare_key?(key)
+          !!key.to_s.match(/^[a-zA-Z0-9_-]*$/)
+        end
+
+        def quote_key(key)
+          '"' + key.gsub('"', '\\"') + '"'
+        end
+      end
+    end
+  end
+end

data/lib/chef/dsl/universal.rb

@@ -22,6 +22,9 @@ require_relative "data_query"
 require_relative "chef_vault"
 require_relative "registry_helper"
 require_relative "powershell"
+require_relative "secret"
+require_relative "render_helpers"
+require_relative "toml"
 require_relative "../mixin/powershell_exec"
 require_relative "../mixin/powershell_out"
 require_relative "../mixin/shell_out"
@@ -47,6 +50,8 @@ class Chef
       include Chef::DSL::ChefVault
       include Chef::DSL::RegistryHelper
       include Chef::DSL::Powershell
+      include Chef::DSL::RenderHelpers
+      include Chef::DSL::Secret
       include Chef::Mixin::PowershellExec
       include Chef::Mixin::PowershellOut
       include Chef::Mixin::ShellOut

data/lib/chef/dsl.rb

@@ -4,3 +4,4 @@ require_relative "dsl/data_query"
 require_relative "dsl/include_recipe"
 require_relative "dsl/include_attribute"
 require_relative "dsl/registry_helper"
+require_relative "dsl/secret"

data/lib/chef/event_dispatch/base.rb

@@ -221,7 +221,8 @@ class Chef
       # Called before convergence starts
       def converge_start(run_context); end
 
-      # Callback hook for handlers to register their interest in the action_collection
+      # Callback hook for handlers to grab a reference to the action_collection
+      # (sent before compiling cookbooks, consumers can also find it off the run_context.action_collection)
       def action_collection_registration(action_collection); end
 
       # Called when the converge phase is finished.

data/lib/chef/exceptions.rb

@@ -174,6 +174,9 @@ class Chef
     class CannotDetermineWindowsInstallerType < Package; end
     class NoWindowsPackageSource < Package; end
 
+    # for example, if both recipes/default.yml, recipes/default.yaml are present
+    class AmbiguousYAMLFile < RuntimeError; end
+
     # Can not create staging file during file deployment
     class FileContentStagingError < RuntimeError
       def initialize(errors)
@@ -287,6 +290,26 @@ class Chef
 
     end
 
+    class Secret
+      class RetrievalError < RuntimeError; end
+      class ConfigurationInvalid < RuntimeError; end
+      class FetchFailed < RuntimeError; end
+      class MissingSecretName < RuntimeError; end
+      class InvalidSecretName < RuntimeError; end
+
+      class InvalidFetcherService < RuntimeError
+        def initialize(given, fetcher_service_names)
+          super("#{given} is not a supported secrets service.  Supported services are: :#{fetcher_service_names.join(" :")}")
+        end
+      end
+
+      class MissingFetcher < RuntimeError
+        def initialize(fetcher_service_names)
+          super("No secret service provided. Supported services are: :#{fetcher_service_names.join(" :")}")
+        end
+      end
+    end
+
     # Exception class for collecting multiple failures. Used when running
     # delayed notifications so that chef can process each delayed
     # notification even if chef client or other notifications fail.

data/lib/chef/formatters/doc.rb

@@ -56,7 +56,8 @@ class Chef
         # Print out deprecations.
         unless deprecations.empty?
           puts_line ""
-          puts_line "Deprecated features used!"
+          puts_line "Deprecation warnings that must be addressed before upgrading to Chef Infra #{Chef::VERSION.to_i + 1}:"
+          puts_line ""
           deprecations.each do |message, details|
             locations = details[:locations]
             if locations.size == 1

data/lib/chef/formatters/error_mapper.rb

@@ -27,7 +27,7 @@ class Chef
       # Failed to register this client with the server.
       def self.registration_failed(node_name, exception, config)
         error_inspector = ErrorInspectors::RegistrationErrorInspector.new(node_name, exception, config)
-        headline = "Chef encountered an error attempting to create the client \"#{node_name}\""
+        headline = "Chef Infra Client encountered an error attempting to create the client \"#{node_name}\""
         description = ErrorDescription.new(headline)
         error_inspector.add_explanation(description)
         description
@@ -35,7 +35,7 @@ class Chef
 
       def self.node_load_failed(node_name, exception, config)
         error_inspector = ErrorInspectors::NodeLoadErrorInspector.new(node_name, exception, config)
-        headline = "Chef encountered an error attempting to load the node data for \"#{node_name}\""
+        headline = "Chef Infra Client encountered an error attempting to load the node data for \"#{node_name}\""
         description = ErrorDescription.new(headline)
         error_inspector.add_explanation(description)
         description

data/lib/chef/handler/slow_report.rb

@@ -0,0 +1,66 @@
+#
+# Copyright:: Copyright (c) Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require_relative "../handler"
+require "tty/table" unless defined?(TTY::Table)
+
+class Chef
+  class Handler
+    class SlowReport < ::Chef::Handler
+      attr_accessor :amount
+
+      def initialize(amount)
+        @amount = Integer(amount) rescue nil
+        @amount ||= 10
+      end
+
+      def report
+        if count == 0
+          puts "\nNo resources to profile\n\n"
+          return
+        end
+
+        top = all_records.sort_by(&:elapsed_time).last(amount).reverse
+        data = top.map { |r| [ r.new_resource.to_s, r.elapsed_time, r.action, r.new_resource.cookbook_name, r.new_resource.recipe_name, stripped_source_line(r.new_resource) ] }
+        puts "\nTop #{count} slowest #{count == 1 ? "resource" : "resources"}:\n\n"
+        table = TTY::Table.new(%w{resource elapsed_time action cookbook recipe source}, data)
+        rendered = table.render do |renderer|
+          renderer.border do
+            mid          "-"
+            mid_mid      " "
+          end
+        end
+        puts rendered
+        puts "\n"
+      end
+
+      def all_records
+        @all_records ||= action_collection&.filtered_collection(unprocessed: false) || []
+      end
+
+      def count
+        num = all_resources.count
+        num > amount ? amount : num
+      end
+
+      def stripped_source_line(resource)
+        # strip the leading path off of the source line
+        resource.source_line&.gsub(%r{.*/cookbooks/}, "")&.gsub(%r{.*/chef-[0-9\.]+/}, "")
+      end
+    end
+  end
+end